TOVY

Privacy Protocol

Privacy Policy

Privacy is important to Tovy. It is Tovy's policy to respect your privacy when collecting data via the website. This policy complies with the General Data Protection Regulation (GDPR).

01. Data controller

Tovy is the data controller for personal data collected through this website. For questions, you can contact Tovy via: info@tovy.eu

02. Data collection and use

Tovy only requests personal data when necessary to provide a service. The organization collects data lawfully, with your knowledge and explicit consent. The legal grounds for processing are consent, contractual necessity, and legitimate interest.

Project request form: Tovy collects names, contact details (email, phone), company information, and project details. This data is stored in Google Cloud Firestore and used to assess requests. The basis is the intention to enter into an agreement.
Server logs: The web server, hosted by Firebase Hosting, automatically records requests such as IP addresses, browser types, and visited pages. The basis is the legitimate interest in maintaining a secure website.
Cookies: Tovy uses necessary cookies to manage your consent preferences. The organization does not use tracking cookies without your explicit prior consent via the cookie banner.

03. Data location and transfer

To protect data, the primary database (Cloud Firestore) is configured within the European Union (region 'eur3'). Although the organization prefers EU services, some subcontractors may transfer data internationally. This is done exclusively via legally permitted mechanisms, such as standard contractual clauses.

04. Retention and security

Tovy only retains personal data as long as necessary for service delivery or as legally required. The organization protects data with commercially standard security measures to prevent loss, theft, and unauthorized access.

05. Rights under the GDPR

Under the GDPR, you have the following rights regarding your personal data:

Right to information: Knowing how your data is collected and used
Right of access: Requesting a copy of the stored information
Right to rectification: Having incorrect data corrected
Right to erasure: Requesting to have data deleted
Right to restriction: Having processing temporarily paused
Right to portability: Receiving data in a machine-readable format
Right to object: Objecting to the processing of personal data

To exercise these rights, you can contact us via the email address below.

This policy has been in effect since July 30, 2024.

Back