Our Privacy Policy

‍

The data controller for processing data in connection with the website www.elvaston.com is Elvaston Capital Management GmbH, Kurfürstendamm 214, 10719 Berlin, Phone: +49 30 887 142 70, Fax: +49 30 887 1427 27, Email: info@elvaston.com. You can contact our Data Protection Officer at datenschutz@elvaston.com.

‍

1. Automatically Collected Data During Website Visits

We collect data automatically transmitted by your browser to our web server during internet use, such as your IP address, the URLs of the websites from which you arrived, the browser used, browser language, the operating system and interface, the access device used, the date and time of access, the pages accessed on our website, and the time spent on our website. The legal basis for processing this data is Article 6( 1)( f) GDPR, based on our legitimate interests, which include:

• Enabling access to and visits to the website,
• Continuously improving the website and tailoring offers to user needs,
• Conducting internal quality control,
• Detecting, addressing, and preventing errors, disruptions, or misuse,
• Creating statistics on access channels and website usage.

2. Contacting Us

You can contact us via forms on our website, email, or phone. We process your data to communicate with you and handle your inquiry.

‍

On our website's contact form, we request your inquiry details and contact information.
The legal basis for processing this data is Article 6( 1)( b) GDPR if your details are required to respond to your inquiry or initiate/perform a contract, or Article 6( 1)( f) GDPR for our legitimate interest in responding to your inquiry.

‍

Data collected for this purpose is usually deleted after completing your request unless needed for other purposes (e.g., fulfilling a contract). Business correspondence may be retained for legally mandated periods (typically six years) under commercial or tax laws.

‍

3. Cookies, Analysis, and Tracking

We use cookies, web beacons, or similar technologies when you visit our websites or use our offerings.

‍

Cookies are small text files stored on your computer or mobile device by your browser, enabling recognition of your device across websites. Cookies do not contain personal data. Some cookies are deleted after the browser session ends (session cookies). Others remain on your device, allowing us or our service providers to recognize your browser on subsequent visits (persistent cookies).

‍

You can prevent the use of cookies through your browser settings, but certain website areas may not function correctly.

‍

Web beacons are small graphic files embedded in our website, used to capture user behavior. Similar technologies include HTML5 cookies or other local storage methods for recognizing devices during a session or on subsequent visits.

‍

Our service providers may use cookies for web analytics (see below), based on your consent provided via the cookie banner.

‍

3.1 Legal Basis

‍

Tools and cookies necessary for website operation (Section 3.2) are used based on your and our legitimate interests pursuant to Article 6( 1)( f) GDPR and Section 25( 2)( 2) TTDSG.

‍

Other tools, particularly for analytics and marketing purposes (Section 3.3), are used with your consent pursuant to Article 6( 1)(a) GDPR and Section 25( 1) TTDSG, obtained via the cookie banner (see below).

‍

Where different legal bases apply to individual tools or procedures, this is explicitly indicated below.

‍

You may withdraw or adjust your consent at any time via the "Cookies Settings" link.

Further information on the cookies used (e.g., their storage duration) can be found in the Consent Management Tool (Section 3.2.1).

‍

3.2 Necessary Tools and Cookies

‍

‍

3.2.1 Cookie Banner/Consent Management
We use a Consent Management Tool ("CMT") provided by Objectis Ltd. ("CookieScript"), Laisves st. 60 LT-05120 Vilnius, Lithuania, to manage cookie consent and display the cookie banner.

The CMT sets a cookie to save granted consents and control the activation/deactivation of functionalities. Data is stored until you delete the cookie.

‍
The legal basis is Article 6( 1)( c) GDPR for managing and documenting consents.

‍

3.2.2 Google Tag Manager
We use Google Tag Manager by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, to manage website tags without cookies.

‍
The legal basis is our legitimate interest under Article 6( 1)( f) GDPR in simplifying the integration and management of tools on our website.

‍

3.3 Analytics and Marketing Tools

3.3.1 Google Analytics
We use Google Analytics, a web analytics service by Google Ireland Limited, to analyze and improve our website based on user behavior. Google processes data for us to evaluate website usage, compile reports, and provide related services. Data collected includes anonymized IP addresses, referrer URLs, visited pages, session durations, and technical data (e.g., browser versions, device types).

‍

Google may transfer this data to servers in the U.S. based on standard contractual clauses.
We have signed a data processing agreement with Google for this purpose.

For further details, visit Google’s privacy information.

‍

4. Data Recipients

In addition to the recipients mentioned in Section 3, we may engage external service providers, granting them access to personal data for their tasks.

‍

These providers must process the data exclusively on our behalf, ensure confidentiality, and comply with GDPR requirements under data processing agreements (Article 28 GDPR).

‍

Where service providers operate outside the EEA in countries without an adequacy decision by the EU Commission, we ensure appropriate safeguards, including EU Standard Contractual Clauses. Otherwise, data transfers rely on your explicit consent.

‍

Our hosting provider is Webflow Inc., 398 11th Street, Floor 2, San Francisco, CA 94103. Webflow is certified under the EU/US Data Privacy Framework.

‍

5. Data Subject Rights

In addition to the right to withdraw any consent you have provided to us, you are entitled, subject to the applicable legal requirements, to the following rights: the right of access under Article 15 GDPR, the right to rectification under Article 16 GDPR, the right to erasure under Article 17 GDPR, the right to restriction of processing under Article 18 GDPR, the right to object under Article 21 GDPR, and the right to data portability under Article 20 GDPR.

‍

You have the right, at any time, to object to the processing of your personal data, which is based on Article 6( 1)( f) GDPR, for reasons arising from your particular situation (Article 21( 1) GDPR). If we process your personal data for direct marketing purposes under Article 6( 1)( f) GDPR, you have the right to object to this at any time without providing any reasons (Article 21( 2) GDPR). Additionally, you have the right to lodge a complaint with a supervisory authority under Article 77 GDPR.

‍

Last Updated: 11/2024

‍