Privacy Policy

Last updated: 01.01.2026.

These Privacy Rules explain how Maximum Integrative Medicine collects, uses, and protects your personal data when you use this website and when you contact us via the contact form.

1) Who is the data controller

Data controller: Maximum Integrative Medicine
Contact email: info@maxintegrative.com

If you have any questions regarding privacy, please contact us at the email address above.

2) What data we collect

Depending on how you use the website, we may collect the following:

A) Data you provide to us directly (contact form)

  • basic identification and contact details: first name, last name, email address, phone number, city, and country
  • information related to the selected service and the reason for contacting us
  • health-related data and lifestyle information you choose to enter in the form (for example: age, gender, height, weight, waist circumference, blood pressure, laboratory values, smoking, diabetes, and similar)
  • documents you upload (medical reports, photographs, and other attachments)

Important: Health data falls under special categories of personal data under the GDPR. Please provide only the information necessary for us to understand your inquiry.

B) Technical data and website usage data

  • IP address, device and browser type, language, and approximate visit data (depending on cookie and analytics settings)
  • cookies and similar technologies (described in detail in the “Cookie Policy”)

3) Why we process data and on what legal basis

We process your data for the following purposes:

  1. Responding to your inquiry and arranging appointments
    • legal basis: taking steps at your request prior to entering into a potential contract, and our legitimate interest in responding to your inquiry
  2. Processing health data submitted via the contact form and attachments
    • legal basis: your explicit consent (by giving consent in the form and submitting the data)
    • without this data, we are often unable to adequately assess whether and how we can help you
  3. Improving the website and ensuring system security
    • legal basis: legitimate interest (security and prevention of misuse)
    • for analytics and marketing cookies: consent (if used)

4) Who has access to the data and whether we share it with third parties

We do not sell your data.

We may share data only when necessary:

  • with hosting, maintenance, and IT support providers (acting as data processors)
  • with email service providers and abuse prevention services (for example, anti-spam services)
  • with providers of embedded third-party content (for example, YouTube), only if you activate them or provide consent through cookie settings

With all such partners, we contractually ensure appropriate safeguards and GDPR-compliant processing.

5) Transfers of data outside the EU/EEA

If we use service providers that process data outside the EU/EEA, such transfers are carried out with appropriate safeguards in place (for example, standard contractual clauses). Where relevant for a specific tool, this information will be available in the cookie settings or upon request.

6) How long we retain data

We retain data only for as long as necessary for the purpose of processing:

  • contact form inquiries: generally up to [e.g. 12 months] after the last communication, unless cooperation continues or another legitimate need exists
  • security and technical logs: generally for a shorter period (for example, up to [30–90 days])
  • data that becomes part of medical documentation or professional records: in accordance with applicable regulations and professional obligations (if it becomes part of a healthcare process)

7) How we protect data

We apply technical and organizational security measures, including access control, limitation of authorizations, backups, and secure communications. However, data transmission over the internet can never be completely risk-free, so we recommend that you do not send sensitive information that is not necessary.

8. Your rights

You have the right to:

  • access your data
  • rectification of inaccurate data
  • erasure (where conditions are met)
  • restriction of processing
  • object to processing (where processing is based on legitimate interest)
  • data portability (where applicable)
  • withdraw consent at any time (this does not affect the lawfulness of processing before withdrawal)

To exercise your rights, please contact info@maxintegrative.com
We respond within the time limits prescribed by the GDPR.

9) Complaint to the supervisory authority

If you believe that your rights have been violated, you may lodge a complaint with the Croatian Personal Data Protection Agency (AZOP).

10) Changes to the Privacy Rules

We may update these Privacy Rules from time to time. The current version is always published on this page.