TOVY
Request an Assessment
Back to Home
Compliance & Security

Privacy Statement

Privacy is important to Tovy. It is Tovy's policy to respect user privacy regarding any information collected via the website. This policy complies with the General Data Protection Regulation (GDPR).

01Processing controller

Tovy is the controller for the personal data collected through this website. For questions, you can contact Tovy via: info@tovy.eu.

02Data collection and use

Tovy only asks for personal data when this is necessary to provide a service. The organization collects data in a lawful manner, with the knowledge and explicit consent of the user. The legal grounds for processing are consent, contractual necessity and legitimate interest.

  • Project request form: Tovy collects names, contact details (e-mail, telephone), company information and project details. This data is stored in Google Cloud Firestore and used to assess requests. The basis is the intention to enter into an agreement.
  • Server logs: The web server, hosted by Firebase Hosting, automatically records requests such as IP addresses, browser types and pages visited. The basis is the legitimate interest to maintain a secure website.
  • Cookies: Tovy uses necessary cookies to manage consent preferences. The organization does not use tracking cookies without explicit prior consent via the cookie banner.

03Data location and transfer

To protect data, the primary database (Cloud Firestore) is configured within the European Union (region 'eur3'). Although the organization prefers EU services, some subcontractors may transfer data internationally. This is done exclusively through legally permitted mechanisms, such as standard contractual clauses.

04Retention periods and security

Tovy only retains personal data for as long as is necessary for the provision of services or as legally required. The organization protects data with commercially current security measures to prevent loss, theft and unauthorized access.

05Rights under the GDPR

Under the GDPR you have the following rights with regard to your personal data:

  • Right to information: Knowing how data is collected and used
  • Right of access: Request a copy of the stored information
  • Right to rectification: Have incorrect data corrected
  • Right to erasure: Request to have data erased
  • Right to restriction: Have the processing temporarily paused
  • Right to portability: Receive data in a machine-readable format
  • Right to object: Object to the processing of personal data

To exercise these rights, you can contact us via the e-mail address below.

This policy has been in effect since July 30, 2024.

Contact Data Officer