Information on the processing of your personal data under the GDPR
The controller within the meaning of the General Data Protection Regulation (GDPR) and other national data protection laws of the Member States as well as other data protection provisions is:
elvinci.de GmbHWhere we obtain consent for processing personal data, Art. 6(1)(a) GDPR serves as the legal basis. For processing personal data required to perform a contract, Art. 6(1)(b) GDPR serves as the legal basis. This also applies to processing operations required to carry out pre-contractual measures. Where processing of personal data is required to fulfil a legal obligation to which our company is subject, Art. 6(1)(c) GDPR serves as the legal basis. If processing is necessary to safeguard a legitimate interest of our company or of a third party and the interests, fundamental rights and fundamental freedoms of the data subject do not override the first-mentioned interest, Art. 6(1)(f) GDPR serves as the legal basis.
Many data processing operations are only possible with your express consent. You can withdraw any consent you have already given at any time. The lawfulness of data processing carried out up to the withdrawal remains unaffected.
Where your personal data are processed on the basis of legitimate interests in accordance with Art. 6(1)(f) GDPR, you have the right to object to the processing pursuant to Art. 21 GDPR, provided that there are grounds for doing so arising from your particular situation. If personal data are processed for the purpose of direct marketing, you have the right to object to such processing at any time.
In the event of breaches of the GDPR, data subjects have a right to lodge a complaint with a supervisory authority. The supervisory authority responsible for us is:
Bavarian State Office for Data Protection Supervision (BayLDA)For security reasons and to protect the transmission of personal data, this website uses SSL (TLS) encryption. You can recognise an encrypted connection by the fact that the browser's address bar changes from "http://" to "https://" and by the lock icon in your browser bar.
All services and service providers we use process personal data exclusively within the European Union. No transfer of personal data to third countries (states outside the EU/EEA) takes place. Should this change in the future, we will update this privacy policy accordingly and name the appropriate safeguards pursuant to Art. 44 et seq. GDPR.
Within the scope of using our website, the provision of certain personal data is neither legally nor contractually required. However, the use of certain features is tied to providing personal data: Without registration data (including proof of business), we cannot set up B2B access. Without an email address, we cannot answer incoming enquiries. Without payment data, an order cannot be processed.
Automated decision-making or profiling within the meaning of Art. 22 GDPR does not take place.
This website is hosted by an external service provider. The personal data collected on this website is stored on the servers of the host. This may include, in particular, IP addresses, contact requests, meta and communication data, contract data, contact details, names and website accesses.
A data processing agreement (DPA) in accordance with Art. 28 GDPR has been concluded with the host. The host processes data exclusively in accordance with our instructions.
The hosting provider automatically collects and stores information in so-called server log files, which your browser automatically transmits. These include: browser type and version, operating system used, referrer URL, host name of the accessing computer, time of the server request and IP address.
This data is not merged with other data sources. The collection of this data is based on Art. 6(1)(f) GDPR (legitimate interest in a technically error-free presentation and optimisation of the website). The server log files are automatically deleted after 14 days.
This website uses only technically necessary cookies required for the operation of the site (e.g. session cookies for the login area). These cookies are set on the basis of § 25(2)(2) TDDDG and Art. 6(1)(f) GDPR. We have a legitimate interest in storing technically necessary cookies for the technically error-free and optimised provision of our services.
Tracking cookies or cookies for advertising purposes are not used. A separate cookie banner is therefore not required.
If you send us enquiries via the contact form, your details from the enquiry form, including the contact data you provided there, will be stored by us for the purpose of processing the enquiry and in case of follow-up questions.
If you contact us by email or telephone, your enquiry, including all personal data resulting from it (name, enquiry), will be stored and processed by us for the purpose of handling your request. The legal basis is the same as for the contact form.
We offer a live chat on this website through which you can contact us in real time. The live chat is operated via our Odoo platform and hosted on our own servers within the EU. No data is transferred to third parties.
To use our B2B shop, registration as a business customer is required. As part of the registration, we collect the following data:
We process personal data collected as part of orders (order, address and payment data) to fulfil our contractual obligations. This data is passed on only to the extent necessary to perform the contract, in particular to the payment service provider and to shipping or parcel service providers.
We use Stripe for payment processing. For a payment, the required payment data is transmitted to Stripe.
As a payment service provider, Stripe is an independent controller for the processing of payment data. Further information can be found in the Stripe privacy policy.
If you subscribe to the newsletter offered on the website, we process the email address you provide and, if applicable, your name for the purpose of sending the newsletter. Dispatch takes place via our Odoo platform and thus exclusively on our own servers within the EU.
We use Plausible Analytics on this website, a privacy-friendly web analytics tool. Plausible does not collect personal data in the strict sense, does not use cookies and does not store any information on your device.
Further information can be found in the Plausible Analytics privacy policy.
Subject to the respective legal requirements, you have the following rights against us with regard to the personal data concerning you:
To exercise your rights, please contact our data protection officer Daniel Schneider at [email protected].
In addition, you have the right to complain to the competent data protection supervisory authority about the processing of your personal data by us. The supervisory authority responsible for us is the Bavarian State Office for Data Protection Supervision (BayLDA) in Ansbach.
elvinci.de GmbH sells exclusively to business customers (B2B). The personal data processed on this website generally relate to contact persons and employees of business customers and prospective customers.