Privacy policy

Tovy acts as the data controller for the personal information collected through this website. For any questions, contact can be established via info@tovy.eu.

Tovy only asks for personal information when it is truly required to provide a service. The organization collects data by fair and lawful means, with the user's knowledge and explicit consent. The legal bases for processing are primarily consent, contractual necessity, and legitimate interest.

• Project Intake Form: Tovy collects names, contact details (email, phone), company information, and project details. This data is stored in Google Cloud Firestore and is used to evaluate and respond to project requests. The legal basis is the intention to enter into a contract.
• Server Logs: The web server, hosted by Firebase Hosting, automatically logs requests, which may include IP addresses, browser types, and visited pages. This data is used for security monitoring and diagnostics. The legal basis is the legitimate interest of Tovy in maintaining a secure and functional website.
• Cookies: Tovy uses essential cookies to manage consent preferences regarding tracking. The company does not use non-essential or tracking cookies (such as those for Google Analytics) without explicit prior consent via the cookie banner.

To protect data, Tovy has configured the primary database (Cloud Firestore) to be located within the European Union (regio 'eur3'). While the organization prioritizes EU-based services, some subprocessors (such as Google) may transfer data internationally. All such transfers are conducted under legally compliant mechanisms, such as Standard Contractual Clauses.

Tovy retains collected information only for as long as necessary to provide services or as required by law. The company protects stored data within commercially acceptable means to prevent loss, theft, and unauthorized access.

Under the GDPR, users have the following rights regarding personal data:

• Right to be informed: The right to know how data is collected and used.
• Right of access: The right to request a copy of the information held by Tovy.
• Right to rectification: The right to have inaccurate personal data corrected.
• Right to erasure ("Right to be Forgotten"): The right to request the deletion of personal data.
• Right to restrict processing: The right to limit how data is used.
• Right to data portability: The right to receive data in a machine-readable format.
• Right to object: The right to object to the processing of personal data.

To exercise any of these rights, please contact the data protection contact email below.

For questions regarding privacy or to exercise GDPR rights, the Data Protection Officer at Tovy can be contacted at: info@tovy.eu.