Privacy Policy & GDPR Compliance:
Welcome to Elegon (www.elegon.eu). We value your privacy and are committed to protecting your personal data. This privacy policy explains how we collect, use, and share your personal data when you visit our website or use our services, in compliance with the General Data Protection Regulation (GDPR – EU 2016/679), the German Federal Data Protection Act (BDSG), and other international privacy laws. By using our website, you consent to the collection and processing of your personal data as described in this policy.
Data Controller:
The data controller responsible for processing your personal data is:
Elegon, Hubertusweg 12, Garmisch Partnekirech, 82467, Email: support@elegon.eu
If you have any questions about this policy or your data rights, you may contact us using the details above.
What Personal Data We Collect:
We collect the following categories of personal data:
Personal Identification Data: Name, email, phone number, billing/shipping address.
Payment Information: Credit/debit card details (processed securely via third-party payment providers).
Account Information: Login credentials, purchase history, preferences.
Communication Data: Messages, emails, support requests.
Technical Data: IP address, browser type, operating system, device details, cookies, tracking technologies.
Marketing Preferences: Newsletter subscriptions, promotional offers.
Purpose of Data Processing:
We process your data for the following purposes:
To provide and improve our services – Processing orders, handling support, and delivering products.
To process payments securely – Ensuring smooth and safe transactions via payment processors.
To send marketing and promotional content – If you have given consent.
To comply with legal obligations – Tax, fraud prevention, and regulatory compliance.
To analyze website traffic and improve user experience – Using cookies and analytics tools.
Legal Basis for Processing Personal Data (GDPR Compliance):
We process personal data based on the following legal grounds
Consent (Art. 6 (1) (a) GDPR) – When you voluntarily provide information (e.g., subscribing to a newsletter).
Contract Performance (Art. 6 (1) (b) GDPR) – When processing orders and fulfilling transactions.
Legal Obligation (Art. 6 (1) (c) GDPR) – To comply with tax, fraud prevention, and regulatory requirements.
Legitimate Interest (Art. 6 (1) (f) GDPR) – For security, analytics, and improving our services.
Data Retention:
We store personal data only as long as necessary for its intended purpose. We retain:
Order-related data for 10 years (legal retention requirements in Germany).
Marketing data until you unsubscribe.
Account data until you delete your account.
Data Sharing & Third-Party Services:
We do not sell your personal data. However, we may share your data with:
Payment providers (e.g., PayPal, Stripe) for secure payment processing.
Shipping & logistics providers (e.g., DHL, UPS) for product delivery.
IT service providers website hosting, email services).
Government authorities if legally required.
All third parties comply with GDPR and international data protection standards.
International Data Transfers:
If you are outside the EU, we may transfer data to countries with adequate GDPR-compliant protections (e.g., the U.S., UK, India). We use Standard Contractual Clauses (SCCs) and encryption to safeguard data transfers.
Cookies & Tracking Technologies:
We use cookies and tracking technologies (Google Analytics, Facebook Pixel) to improve user experience.
Essential Cookies – Required for website functionality.
Analytics Cookies – Help us analyze website traffic.
Marketing Cookies – Used for personalized ads.
Your Rights Under GDPR & International Laws:
As a data subject, you have the following rights
Right to Access (Art. 15 GDPR) – Request a copy of your personal data.
Right to Rectification (Art. 16 GDPR) – Correct inaccurate or incomplete data.
Right to Erasure (“Right to be Forgotten”) (Art. 17 GDPR) – Request data deletion.
Right to Restrict Processing (Art. 18 GDPR) – Limit how we process your data.
Right to Data Portability (Art. 20 GDPR) – Receive your data in a structured format.
Right to Object (Art. 21 GDPR) – Object to data processing for marketing.
Right to Withdraw Consent – You can withdraw consent for data processing at any time.
How to Exercise Your Rights:
To exercise your rights, contact us at: support@elegon.eu. We will respond within 30 days.
If you believe your data is being misused, you can file a complaint with the German Data Protection Authority (BfDI) or the regulatory body in your country.
Data Security Measures:
We implement the following security measures
SSL Encryption – Protects website communications.
PCI-DSS Compliance – Ensures secure payment transactions.
Access Controls – Limits data access to authorized personnel only.
Changes to This Privacy Policy :
We may update this Privacy Policy to comply with legal changes or improve transparency.
For any privacy-related inquiries, contact us at: support@elegon.eu
