Skip to main content

Privacy Policy

Your data is held with care.

This privacy policy explains how your personal data is collected, used, and protected by Qi Rising® Studio.

Legal Entity and Responsibility for Data

Qi Rising® Studio, a sole proprietorship registered with the Dutch Chamber of Commerce (KvK no. 96420022), is responsible for processing personal data of all clients.

We act as an independent data controller for the personal data we process.

Contact Information

Your data is processed by:

Qi Rising® Studio
Registered Address: Westblaak 122, 3012 KM Rotterdam, Netherlands
Visiting Address (by appointment): Westblaak 122C, 3012 KM Rotterdam, Netherlands
KvK Registration Number: 96420022
Email: privacy@qirising.studio
Phone: +31 625 418 514
Website: stillreiki.nl

What Personal Data We Collect

Depending on the services you use, we may collect the following information:

  • Full name
  • Date of birth
  • Postal address
  • Email address
  • Phone number
  • Gender identity (optional and only when disclosed)
  • Medical information relevant to your care (with your explicit consent)
  • Other information you provide in communications (e.g. WhatsApp, email, forms)

Lawful Basis for Processing (as per GDPR)

We process your personal data based on one or more of the following legal grounds:

  • Performance of a contract (e.g. to provide you with services)
  • Legal obligation (e.g. tax reporting)
  • Explicit consent (e.g. for processing sensitive health data)
  • Legitimate interests (e.g. improving our services, communication)

You may withdraw your consent at any time where processing is based solely on consent.

Automated Decision-Making

We use AI-powered tools only to record or summarise conversations (e.g. for note-taking). These tools do not make decisions about your treatment, and all clinical decisions are made by a qualified practitioner.

Retention Period

We retain your data for up to 5 years from your last interaction with us unless legal requirements mandate a longer retention period (e.g. tax records). After this period, data is securely deleted.

Who We Share Data With

We do not sell your personal data. We only share it with trusted third parties when:

  • It is necessary to deliver services (e.g. appointment scheduling or payment providers)
  • We are legally obliged to do so
  • You have given explicit consent

All third-party processors are GDPR-compliant and bound by data processing agreements.

Cookies and Tracking

Our website uses only essential cookies for core functionality. We do not use analytical, marketing, or tracking cookies.

International Data Transfers

Where data is transferred outside of the EU (e.g. if using international IT systems), we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) or equivalent legal mechanisms.

Your Rights Under GDPR

You have the following rights under EU GDPR:

  • Right of access – Request a copy of your data
  • Right to rectification – Correct inaccuracies
  • Right to erasure – Request deletion (subject to legal exceptions)
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing based on legitimate interests
  • Right to withdraw consent at any time
  • Right to lodge a complaint with a supervisory authority

You may exercise these rights by contacting privacy@qirising.studio.

Supervisory Authority

If you believe your data protection rights have been violated, you may contact:

Autoriteit Persoonsgegevens (Dutch DPA)
www.autoriteitpersoonsgegevens.nl

Data Security

We implement appropriate technical and organisational measures to safeguard your data from misuse, unauthorised access, disclosure, alteration, or destruction. These may include:

  • Secure encrypted storage
  • Access controls
  • Regular audits and monitoring

If you suspect a data breach or security risk, please contact us immediately at privacy@qirising.studio.