Change cookie settings

Privacy Policy

We manage our websites according to the principles regulated below:

We undertake to comply with the statutory provisions on data protection and endeavor to always take into account the principles of data avoidance and data minimization.

1. Name and address of the controller and the data protection officer

a) Controller

Controller within the meaning of the General Data Protection Regulation and other national data protection laws of the member states of the European Union as well as other data protection regulations is:

ElevateX GmbH
FliederstraĂźe 32
73066 Uhingen

info@elevatex.de
+49 7161 30465 99
www.elevatex.de

b) Data protection officer

You can reach the data protection officer of the data controller as follows:

SiDIT GmbH, Langgasse 20, 97261 GĂĽntersleben, info@sidit.de

2. Explanation of terms

We have designed our privacy policy according to the principles of clarity and transparency. However, if there are any ambiguities regarding the use of various terms, the relevant definitions can be found here.

3. Legal basis for the processing of personal data

We process your personal data such as your name and first name, your e-mail address and IP address, etc. only if there is a legal basis for doing so.  Here, the following regulations, in particular, come into consideration according to the General Data Protection Regulation:

  • 6 para. 1 sentence 1 lit. a GDPR: The data subject has given consent to the processing of his or her personal data for one or more specific purposes.
  • 6 para. 1 sentence 1 lit. b GDPR: The processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
  • 6 para. 1 sentence 1 lit. c GDPR: Processing is necessary for compliance with a legal obligation to which the controller is subject
  • 6 para. 1 sentence 1 lit. d GDPR: Processing is necessary in order to protect the vital interests of the data subject or of another natural person
  • 6 para. 1 sentence 1 lit. e GDPR: Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
  • 6 para. 1 sentence 1 lit. f GDPR: Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.

However, we will always refer you to the legal basis on which your personal data is processed at the respective places in this privacy policy.

4. Transfer of personal data

The transfer of personal data is also processed within the meaning of the previous item 3. However, at this point, we would like to inform you again about the topic of transfer to third parties. The protection of your personal data is very important to us. For this reason, we are particularly careful when it comes to passing on your data to third parties.

Therefore, data is only passed on to third parties if there is a legal basis for the processing. For example, we disclose personal data to persons or companies that act as processors for us pursuant to Art. 28 GDPR. A processor is anyone who processes personal data on our behalf, i.e. instructed and controlled by us.

In accordance with the requirements of the GDPR, we conclude a contract with each of our data processors to bind them to data protection regulations and thus provide your data with comprehensive protection.

5. Storage period and erasure

We will erase your personal data if it is no longer necessary for the purposes for which it was collected or otherwise processed, and the processing is not necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defense of legal claims.

6. SSL encryption

This website uses SSL encryption for security reasons and to protect the transmission of confidential content, such as requests that you send to us as the website operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.

If SSL encryption is activated, the data you transmit to us cannot be read by third parties.

7. Cookies

We use cookies on our website. Cookies are small data packages that your browser automatically creates and that are stored on your terminal device when you visit our website. These cookies are used to store information in connection with the respective terminal device used.

When using cookies, a distinction is made between technically necessary cookies and “other” cookies. Technically necessary cookies are those that are absolutely necessary to provide an informational service that you have expressly requested.

1. Session cookies

In order to make the use of our offer more convenient for you, we use so-called session cookies (e.g. language and font selection, shopping cart, etc.) These session cookies fall under the category of technically necessary cookies and are automatically erased after you leave our site. The legal basis for the cookies is Art. 6 para. 1 sentence 1 lit. f) GDPR, our legitimate interest in the error-free operation of the website, and the interest in providing you with our optimized services.

2. Other Cookies

Other cookies include cookies for statistical, analysis, marketing, and retargeting purposes.

We use these cookies for your benefit either for legitimate interest according to Art. 6 Abs. 1 sentence 1 lit. f GDPR to improve and optimize our offers or based on your consent according to Art. 6 Abs. 1 sentence 1 lit. a) GDPR.

When cookies are used for legitimate interest, you are entitled to object to their further use at any time.

You can withdraw your consent for the use of cookies at any time.

We inform you that the withdrawal of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the withdrawal.

To do this, you can either edit your cookie settings on our website, deactivate the use of cookies in your browser settings (whereby this may also restrict the functionality of the website), or set an opt-out for the relevant service in individual cases.

We inform you about the legal basis on which this data is processed for the respective services within the privacy policy.

Change cookie settings

8. Collection and storage of personal data as well as their type and purpose of use

 

a) When visiting the website

When you visit our website, the browser used on your terminal device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file. The following information is collected without your intervention and stored until automated erasure:

  • IP address of the requesting computer
  • Date and time of access
  • Name and URL of the retrieved file
  • Browser used and, if applicable, the operating system of your computer as well as the name of your access provider

The aforementioned data will be processed by us for the following purposes:

  • Ensuring a smooth connection with the website
  • Evaluation of system security and stability
  • Error analysis
  • for other administrative purposes

Data that allow a conclusion about your identity, such as the IP address, are erased after 7 days at the latest. If we store the data beyond this period, this data will be pseudonymized so that your identification is no longer possible.

The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest is based on the purposes of the data collection listed above. In no case do we use the collected data for the purpose of drawing conclusions about your identity.

 

b) Newsletter

Newsletter content and registration data

We will only send you a newsletter if you subscribed to it and have given your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. The contents of the newsletter are specifically described when you register for the newsletter. To subscribe to the newsletter, it is sufficient to provide your e-mail address. If you provide additional voluntary information, such as your name and/or gender, this information will only be used to personalize the newsletter addressed to you.

Double opt-in and logging

For security reasons, we use the so-called double opt-in procedure to register for our newsletter so that no one can register with other people’s e-mail addresses. Therefore, after you have subscribed to our newsletter, you will first receive an e-mail asking you to confirm your subscription. Only with the confirmation of the registration, this becomes effective.

Furthermore, your subscription to the newsletter is logged. The logging includes the storage of the login and confirmation time, your specified data, and your IP address. If you make changes to your data, these changes are also logged.

Withdrawal

If you no longer wish to receive our newsletter, you can withdraw your consent at any time in or for the future. To do so, you can click here, click on the unsubscribe link at the bottom of each newsletter, or send us an email at: info@elevatex.de

The withdrawal of consent shall not affect the lawfulness of the processing carried out on the basis of the consent until the withdrawal.

 

Use of “HubSpot

The subscription takes place with the help of the newsletter service “HubSpot”, which is offered by HubSpot Inc. (25 First Street, Cambridge, MA 02141 USA).

The e-mail addresses of interested parties and also their further data described in the context of these notes are stored on HubSpot’s servers in the USA. HubSpot uses this information to send and evaluate the participation links on our behalf. Furthermore, according to its own information, HubSpot may use this data to optimize or improve its own services, e.g. to technically optimize the sending and display of the invitation or for economic purposes to determine from which countries recipients come from. However, HubSpot does not use the data of interested parties to write to them itself or to pass it on to third parties.

We have concluded the standard contractual clauses with HubSpot. HubSpot does not obtain the right to share your data.

You can find HubSpot’s privacy policy here.

The use of the HubSpot service is based on our legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR. We are interested in providing a user-friendly and secure ticketing system that serves our business interests and meets the expectations of our users.

 

c) Contact form / e-mail contact

We provide a form on our website so that you have the opportunity to contact us at any time. For the use of the contact form, it is necessary to provide a name for a personal salutation and a valid e-mail address to contact us, so that we know from whom the request comes and can also process it accordingly.

If you send us inquiries via the contact form, your data from the inquiry form, including the contact data you provide there, as well as your IP address, will be processed in accordance with Art. 6 para. 1 sentence 1 lit. b and f GDPR for the purpose of carrying out pre-contractual measures that take place in response to your inquiry or for the exercise of our legitimate interest, namely for the performance of our business activities.

Using the email address provided on our website, you are also welcome to send us an email instead. In this case, we store and process your e-mail address and the information you provide in the e-mail in accordance with Art. 6 para. 1 sentence 1 lit. b and f GDPR to process your message.

The inquiries as well as the accompanying data will be erased, at the latest, 3 months after receipt, unless they are needed for a further contractual relationship.

To ensure the functionality of the contact form, we use a tool linked to our CRM system from HubSpot, HubSpot Inc. (25 First Street, 2nd Floor, Cambridge, MA 02141, USA).

 

d) Callback service / Appointments

We provide a callback form on our website so that you have the option to contact us at any time and request a callback. For the use of the form, it is necessary to provide a name for a personal salutation and a valid phone number to contact us, so that we know from whom the request comes and are able to call you back.

If you contact us via the form, your data from the inquiry form, including the contact data you provide there, as well as your IP address, will be processed in accordance with Art. 6 para. 1 sentence 1 lit. b and f GDPR for the purpose of carrying out pre-contractual measures that take place in response to your inquiry or for the exercise of our legitimate interest, namely for the performance of our business activities.

We use a tool to schedule appointments from HubSpot, HubSpot Inc. (25 First Street, 2nd Floor, Cambridge, MA 02141, USA).

The inquiries as well as the accompanying data will be erased, at the latest, 3 months after receipt, unless they are needed for a further contractual relationship.

 

e) Freelancer application

On our website, we offer freelancers the possibility to apply for the Elevatex Freelancer Community. As part of the community, the freelancer gets the opportunity to receive orders from clients to provide their services.

For admission to the community of ElevateX, personal data such as name, e-mail address, telephone number, the specified LinkedIn/Xing/online profile as well as the other voluntarily provided data are processed. During the interview process, other data provided voluntarily may be processed for the purpose of considering admission to the community.

This data will not be passed on to third parties, but will only be processed for verification and, if necessary, inclusion in the ElevateX Community. For this, the legal basis is Art. 6 para. 1 sentence 1 lit. b) GDPR. If the application is rejected, the data will be erased no later than 6 months after notification of the rejection.

 

f) Chat

We use the chatbot service of HubSpot Inc. (25 First Street, 2nd Floor, Cambridge, MA 02141, USA) on our website in order to process your requests more quickly and efficiently.

During the chat, we process your first and last name, your e-mail address, and the chat history. We assign this data to your customer data in our CRM.

Hubspot’s chat widget uses cookies and IP addresses to provide the service and collect information about you as a user of our website.

Before using the chat, your consent is required according to Art. 6 para. 1 sentence 1 lit. a GDPR. You may withdraw consent at any time. The processing of your data remains lawful until we receive your withdrawal.

All your data provided during the chat will be processed by us, especially the chat history.

We have concluded the standard contractual clauses with HubSpot. HubSpot does not obtain the right to share your data. You can find HubSpot’s privacy policy here.

9. Analysis and tracking tools

We use the analysis and tracking tools listed below on our website. These are used to ensure the ongoing optimization of our website and to design it in line with requirements.

We use these tools on the basis of your consent pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR. You may withdraw your consent at any time by changing the cookie settings. Until you withdraw your consent, the processing remains lawful.

The respective data processing purposes and data categories can be found in the corresponding tools. We point out that we have no influence on whether and to what extent the service providers carry out further data processing.

a) Google Analytics

We use Google Analytics on our website, a web analytics service provided by Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, hereinafter “Google”).

Google Analytics uses cookies in this context (see section 7). The information generated by the cookie about your use of this website, such as

  • Name and version of the browser used
  • Operating system of your computer
  • Website from which the access is made (referrer URL)
  • IP address of the requesting computer
  • Time of the server request

is usually transferred to a Google server in the USA and stored there.

Since IP anonymization is activated on this website, however, your IP address will be truncated beforehand by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there.

On our behalf, Google will use this information for the purpose of evaluating your use of our website, compiling reports on website activity, and providing other services relating to website activity and internet usage to us. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

Please click here for an overview of Google’s privacy policy.

b) Google Ads

We use Google Ads, an online advertising program from Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland), on our website. Conversion tracking is also used in this process. If you access our website via a Google ad, Google Ads will store a cookie on your end device by utilizing this tool.

The cookie is no longer valid after 30 days. The traceability of the identity is not its purpose. If you visit our website as a user and the cookie is still working, it will be recognizable for us together with Google that you clicked on the corresponding ad and were redirected to our site. A different cookie is assigned to each Google Ads customer. Cookies are thus not traceable via Ads customers’ websites.

The data collected by conversion cookies is used to create conversion statistics for Ads customers. As Google Ads customers, we receive the total number of users who responded to our ad and were then redirected to a web page to which a conversion tracking tag was assigned. This enables us to recognize the success of individual advertising measures. We do not receive any information during this process with which we could personally identify you as a user.

When using Google Ads, your browser automatically establishes a direct connection with the Google server and, if you have a Google account and are logged in to it, can assign the visit to your account. If you do not have a Google account, Google will give you your own identifier. We have no influence on what other data Google collects and stores.

You can find out more about Google’s privacy policy at http://www.google.de/policies/privacy/.

c) Use of Google reCaptcha

We use the reCAPTCHA service of Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) on our websites for our contact form in order to be able to distinguish between input by a human being and automated, abusive, machine processing. We have a legitimate interest in protecting our web offerings from abusive automated spying and from SPAM.

When queried by the reCAPTCHA service, both your IP address and any other data required by Google for the reCAPTCHA service are forwarded to Google and processed there.

You must accept Google’s terms of use when using reCAPTCHA. There is a separate field for this purpose. We have activated IP anonymization on this website so that your IP address will be truncated beforehand by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there.

On our behalf, Google will use this information to evaluate your use of this service. The IP address transmitted by your browser as part of reCaptcha will not be merged with other Google data. The deviating data protection provisions of the Google company apply to this data.

For more information about Google’s privacy policy, please visit: https://policies.google.com/privacy.

d) Hubspot

We work with CRM software from Hubspot of HubSpot Inc. (25 First Street, 2nd Floor, Cambridge, MA 02141, USA), through which we can manage our customer data and conduct online marketing. Among other things, landing pages are analyzed and reports are created for this purpose. Here, so-called “web beacons” and cookies are utilized. In this context, the following personal data may be processed:

  • IP address,
  • geographic location,
  • Browser type,
  • Duration of visit,
  • pages viewed.

As a rule, the IP address is processed on European servers by Hubspot and stored only in a truncated version. Only in exceptional cases the IP address will be transmitted to a Google server in the USA and truncated there.

We use the information collected to continuously optimize and improve our website and to make it more user-friendly for you. In addition, we use this information to analyze which of our company’s services are of interest to customers, users, and newsletter subscribers in order to contact them for advertising purposes.

We have concluded the standard contractual clauses with HubSpot. HubSpot does not obtain the right to share your data.

You can find HubSpot’s privacy policy here.

e) Microsoft Clarity

We use Microsoft Clarity on our website, provided by Microsoft Corporation; a company headquartered at One Microsoft Way, Redmond, WA 98052-6399, USA.

Microsoft Clarity uses cookies in this context (see section 7). The information generated by the cookie about your use of this website such as

  • Name and version of the browser used
  • Operating system of your computer
  • Website from which the access is made (referrer URL)
  • IP address of the requesting computer
  • Time of the server request

is usually transferred to a Microsoft server in the USA and stored there.

We partner with Microsoft Clarity and Microsoft Advertising to capture how you use and interact with our website through behavioral metrics, heatmaps, and session replay to improve and market our products/services. Website usage data is captured using first and third-party cookies and other tracking technologies to determine the popularity of products/services and online activity. Additionally, we use this information for site optimization, fraud/security purposes, and advertising. For more information about how Microsoft collects and uses your data, visit the Microsoft Privacy Statement.

For more information about Microsoft’s use of standard contractual clauses, please visit the following website: https://learn.microsoft.com/en-us/compliance/regulatory/offering-eu-model-clauses.

10. Social Media

We offer social media buttons on our website for sharing content. To protect your data, we use the “Shariff” solution, which means that the buttons are only embedded as graphics on our website. Data exchange with the respective platforms only takes place when you actively click on the button and visit them. We offer these buttons for the following services:

11. Video integration

Youtube

We embed videos from YouTube, which is operated by Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland), into our website as part of iFrame. As part of the embedding of the videos, we have activated YouTube’s extended data protection mode.

If you play a YouTube video during your visit, a connection to the YouTube servers is established and the YouTube server is informed which of our pages you have visited. This allows YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your member account before visiting our website. In addition, YouTube sets various cookies when starting the service in order to improve their offered services and prevent misuse, according to their own information. 

For more information on the handling of user data and the cookies set, please refer to YouTube’s privacy policy at: https://www.google.de/intl/de/policies/privacy

The legal basis for this is the consent given by you according to Art. 6 para. 1 sentence 1 lit. a GDPR. You can revoke your consent at any time by changing the cookie setting on our website.

12. Discord

We refer to the communication app Discord of the provider Discord Inc. San Francisco (HQ), CA, United States, 444 De Haro Street.

We use Discord as an optional communication platform with and between community members. The use of Discord is not a prerequisite for using our services. Member profiles can be created anonymously with an alias.

During the usage of the communication platform (also called Discord Server) we process your user name, (your first and last name, your email address,) and the chat history. If necessary, we assign this data to your customer data in our CRM.

We cannot influence nor control the processing of your data at Discord. By using Discord, you agree to the terms of service of the provider. We have no influence on these terms of use.

The lawfulness of the use results from Art. 6 para. 1 p. 1 lit. f) GDPR.

Discord assures to comply with the EU data protection level according to the EU standard contractual clauses.

Discord’s privacy policy provides information on the collection, processing and use of personal data by Discord.

Before actively using the Discord Server – such as writing posts and messages or accessing all channels – your consent is required. You can leave the server at any time and revoke your consent. The processing of your data remains lawful until we receive your withdrawal.

a) Bots

Within the communication app Discord, we occasionally use bots from other providers. These are listed below. By using Discord, you agree to the terms of use of the respective bot providers. We have no influence on these terms of use. 

Specifically, we use the following bots:

  • MEE6 of the provider Anbieters Sidescroll Ventures, 66 Avenue des Champs-ÉlysĂ©es, Paris 75008, France.
    We refer to the terms of use and the privacy policy of the provider.
  • QOTD Bot by Kevin Novak (more information)

13. Data Subject Rights

You have the following rights:

a) Information

In accordance with Art. 15 GDPR, you have the right to access the personal data processed by us. This right to information includes information about

  • the processing purposes
  • the categories of personal data
  • the recipients or categories of recipients to whom your data have been or will be disclosed
  • the envisaged storage period or at least the criteria used to determine that storage period
  • the existence of a right to rectification, erasure, restriction of processing, or objection
  • the existence of a right to lodge a complaint with a supervisory authority;
  • the source of your personal data, if this data was not collected by us
  • the existence of automated decision-making, including profiling, and, if applicable, meaningful information about its details

b) Rectification

In accordance with Art. 16 GDPR, you have the right to rectification any inaccurate or incomplete personal data stored by us.

 

c) Erasure

In accordance with Art. 17 GDPR, you have the right to request the erasure of your personal data without undue delay from us, insofar as further processing is not necessary for one of the following reasons:

  • the personal data are still necessary for the purposes for which they were collected or otherwise processed
  • for exercising the right of freedom of expression and information;
  • for compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
  • for reasons of public interest in the area of public health in accordance with Art. 9 para. 2 lit. h and i and Art. 9 para. 3 GDPR
  • for archiving purposes in the public interest, scientific or historical research purposes, or for statistical purposes pursuant to Art. 89 para. 1 GDPR, insofar as the right referred to in section a) is likely to render impossible or seriously prejudice the achievement of the purposes of such processing
  • for the establishment, exercise, or defense of legal claims.

d) Restriction of processing

In accordance with Art. 18 GDPR, you may request the restriction of the processing of your personal data for one of the following reasons:

  • You contest the accuracy of your personal data.
  • The processing is unlawful and you oppose the erasure of the personal data.
  • We no longer need the personal data for the purposes of the processing, but you need it for the establishment, exercise, or defense of legal claims.

You object to the processing pursuant to Art. 21 para. 1 GDPR.

 

e) Notification

If you have requested the rectification or erasure of your personal data or a restriction of processing in accordance with Art. 16, Art. 17 or Art. 18 GDPR, we will inform all recipients to whom your personal data has been disclosed, unless this proves impossible or involves a disproportionate effort. You may request that we inform you of those recipients.

 

f) Data portability

You have the right to receive from us the personal data concerning you that you have provided to us in a structured, commonly used, machine-readable format

You also have the right to request the transmission of this data to a third party, provided that the processing was carried out with the help of automated procedures and is based on consent pursuant to Art. 6 para. 1 sentence 1 lit. a or Art. 9 para. 2 lit. a or on a contract pursuant to Art. 6 para. 1 sentence 1 lit. b GDPR.

 

g) Withdrawl

In accordance with Art. 7 para. 3 GDPR, you have the right to withdraw your consent at any time. The withdrawal of consent shall not affect the lawfulness of the processing carried out on the basis of the consent until the withdrawal. In the future, we may no longer continue the data processing that was based on your withdrawn consent.

 

h) Complaint

In accordance with Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority if you believe that the processing of your personal data violates the GDPR.

 

i) Objection

If your personal data is processed on the basis of legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR, provided that there are grounds for doing so that arise from your particular situation or the objection is directed against direct marketing. In the latter case, you have a general right to object, which will be implemented by us without specifying the particular situation. If you wish to exercise your right of revocation or objection, simply send an e-mail to info@elevatex.de

 

j) Automated decision-making in individual cases including profiling

You have the right not to be subject to a decision based solely on automated processing – including profiling – which produces legal effects concerning you or similarly affects you in a significant manner. This does not apply if the decision

  1. is necessary for the conclusion or performance of a contract between you and us
  2. is permitted on the basis of legal provisions of the European Union or the Member States to which we are subject and these legal provisions contain appropriate measures to protect your rights and freedoms as well as your legitimate interests
  3. is done with your express consent

However, these decisions must not be based on special categories of personal data as defined in Art. 9 para. 1 GDPR, unless Art. 9 para. 2 lit. a or g GDPR applies and appropriate measures have been taken to protect the rights, freedoms, and legitimate interests.

With regard to the cases referred to in 1) and 3), we shall take reasonable measures to safeguard the rights and freedoms as well as your legitimate interests, including at least the right to obtain the intervention of a person from our side, to express your point of view and to contest the decision.

14. Changes to this privacy policy

If we change the privacy policy, this will be indicated on the website.

As of: 18/02/2024