Privacy policy
Effective Date: July 15, 2025
Owner: This website (www.drmasha.com) is owned and operated by Maria Makeeva, professionally known as Dr. Masha, sole operator based in Madrid, Spain.
Email: info@drmasha.com
1. Purpose of This Policy
This Privacy Policy explains how we collect, use, and protect your personal data when you use this website, register for educational content, or communicate with us. We are committed to protecting your privacy and complying with applicable data protection laws, including the General Data Protection Regulation (EU) 2016/679 (GDPR) and Spain’s Organic Law 3/2018 on Data Protection and Digital Rights (LOPDGDD).
2. What Data We Collect
We may collect the following types of personal data:
2.1. Name and email address
2.2. Contact details such as phone number (if provided)
2.3. Role or professional background (e.g. clinic, personal use)
2.4. Submitted information through forms or registrations
2.5. Usage data (e.g. page visits, session duration via analytics)
3. How We Collect Your Data
We collect your data through:
3.1. Contact and intake forms
3.2. Newsletter subscriptions
3.3. Registrations submitted through the website
3.4. Use of cookies and analytics tools (see Cookie Policy)
4. Purpose of Data Processing
We process your data for the following purposes:
4.1. To respond to inquiries
4.2. To deliver requested information or resources
4.3. To manage participation in programs
4.4. To send educational and service-related communications
4.5. To improve website performance and user experience
4.6. To comply with legal obligations
We do not sell or rent your personal data under any circumstances.
5. Legal Basis for Processing
Data is processed under one or more of the following legal bases:
5.1. Consent (e.g. when you fill out a form)
5.2. Contract (to fulfill requested services)
5.3. Legal obligation
5.4. Legitimate interest (e.g. security or service improvement)
6. Use of Third-Party Services
This website may use external platforms that process data on our behalf, including:
6.1. Mailchimp (for email communications)
6.2. Calendly (for appointment booking)
6.3. Analytics tools (for website traffic measurement)
These providers operate under their own privacy policies and are committed to GDPR compliance.
7. Data Retention
Your data is retained only for as long as necessary to fulfill the purposes for which it was collected, or as required by law. You may request deletion of your data at any time, unless restricted by legal obligations.
8. Your Rights
As a user, you have the right to:
8.1. Access your personal data
8.2. Request correction or deletion
8.3. Withdraw consent at any time
8.4. Object to or restrict processing in certain cases
8.5. File a complaint with the Spanish Data Protection Authority
To exercise any of these rights, contact us at info@drmasha.com.
9. Security Measures
We apply appropriate technical and organizational measures to protect your personal data from unauthorized access, alteration, or disclosure.
10. International Data Transfers
If any service providers process data outside the European Economic Area, they do so in accordance with applicable safeguards under GDPR.
11. Policy Updates
This Privacy Policy may be updated at any time to reflect changes in the website, legal requirements, or data processing practices. The most recent version will always be available on this page.