In 3 steps & 3 days (back) to full hair
Effective Date: July 23, 2025
Last Updated: July 23, 2025
IST-HAAR (“we”, “our”, or “us”) respects your privacy and is committed to protecting the personal information you share with us. This Privacy Policy outlines how we collect, use, and safeguard your data when you visit our website https://ist-haar.com/
The responsible party for the processing of personal data within the meaning of the General Data Protection Regulation (GDPR) is:
IST-HAAR
Enenkelstraße 24, 1160 Vienna, Austria
+43 664 533 9109
info@ist-haar.com
We process personal data exclusively for the purpose of arranging hair transplants and related services (e.g., hotel bookings, transfers).
Data processing includes in particular:
– Forwarding patient information and photos to the respective clinic for treatment planning,
– Organizing appointments, hotels, and transfers,
– Communication with customers in the context of the arrangement.
In particular, we process the following categories of personal data:
– Contact details (name, address, telephone number, email),
– Travel details (e.g., desired length of stay, flight times),
– Health data (photos, previous medical conditions, allergies, relevant health information).
– Art. 6 (1) (b) GDPR (contract performance),
– Art. 6 (1) (f) GDPR (legitimate interest in efficient processing),
– Art. 9 (2) (a) GDPR (express consent to the processing of special categories of personal data, in particular health data) .
For the purpose of fulfilling the contract, personal data will only be disclosed to the respective service providers involved (e.g., clinic, hotel, transfer services).
As data is transferred to Turkey, we have concluded EU standard contractual clauses with our partners to ensure an adequate level of data protection.
Personal data will only be stored for as long as is necessary to fulfill the agency contract.
After complete contract processing, the data will be blocked and deleted at the latest after the expiry of the statutory retention periods.
Health data will be deleted immediately after completion of treatment, unless there are legal retention obligations or express consent has been given for longer storage.
We take appropriate technical and organizational security measures to protect personal data against loss, manipulation, unauthorized access, or unauthorized disclosure.
Data subjects have the right at any time:
– to obtain information about the personal data we have stored (Art. 15 GDPR),
– to have inaccurate data corrected (Art. 16 GDPR),
– to have their data deleted (Art. 17 GDPR),
– to restrict processing (Art. 18 GDPR),
– to data portability (Art. 20 GDPR),
– to object to processing (Art. 21 GDPR),
– to lodge a complaint with the competent data protection authority (Art. 77 GDPR).
Consent to the processing of health data can be revoked at any time with effect for the future.
If you have any questions about the collection, processing, or use of personal data, or if you wish to exercise your rights, please contact:
IST-HAAR
Enenkelstraße 24, 1160 Vienna, Austria
+43 664 533 9109
info@ist-haar.com