1. General Information
2. Name and Address of the Controller
We, Elongate, are controller within the meaning of the EU General Data Protection Regulation (GDPR) and other national data protection laws and regulations that determine the purposes and means of processing personal data. If you have questions regarding data protection or privacy, do not hesitate to contact us at [email protected] This is also the address of our data protection officer in accordance with Art. 37 General Data Protection Regulation (GDPR).
3. Legal Basis of Data Processing
If the legal basis is not specified in the privacy statement, the following applies: The legal basis for the collection and processing of data with your consent is Art. 6(1)(a) and Art. 7 GDPR. The legal basis for processing data for the fulfilment of our services and the performance of pre- or contractual measures, as well as replying to enquiries, is Art. 6(1)(b) GDPR. The legal basis for processing data for the fulfilment of our legal obligations is Art. 6(1)(c) GDPR. If processing the data is necessary to protect a legitimate interest of our company or a third party, Art. 6(1)(f) GDPR serves as the legal basis for the processing. If we commission third parties to conduct the processing of data based on a “data processing contract”, this is done on the basis of Art. 28 GDPR.
4. The erasure and storage of personal data
Your personal data will be erased or blocked as soon as it is no longer necessary in relation to the purpose of storage. Furthermore, personal data may be stored if this is required by regulations, laws or other provisions to which we are subject to. The personal data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires unless there is a need for further storage of the data for the conclusion or performance of a contract. If we have personal data which is only stored and not deleted due to legal requirements, we will not use it for other purposes.
You can contact us regarding your privacy rights at any time and free of charge. We grant you all rights to the extent of GDPR. Hereby we explain the most important rights to you. We do not explain rights which are not applicable to our data processing model. If you want to have a full overview of your possible rights, please refer to Art. 12 – 23 GDPR. Your rights contain, besides other:
• Right of access.You can ask for a confirmation if Elongate processes personal data about you and further information about processing.
• Right to rectification.If your personal data is inaccurate or outdated, you have the right to have it rectified.
• Right to erasure.If you want your personal data to be deleted, let us know.
• Right of restriction of processing.You have the right to obtain from processing if you contest the accuracy of your personal data (until the data is accurate again) or the processing is unlawful, and you prefer such a restriction instead of deletion. See Art. 18 GDPR for further information.
• Right to data portability.You have the right to receive your personal data structured, commonly used and machine-readable format.
• Right to object.You can object to the processing of your personal data if we use it based on public interest or legitimate interest of Elongate. You have the right to object from marketing newsletters via e-mail at any time.
• Withdraw consent.You have the right to withdraw your consent in at any time. A withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.We will notify all recipients (if any) of your personal data regarding a request mentioned in this chapter to the extent which is foreseen under GDPR. You always have the right to lodge a complaint with a supervisory authority in your EU-member-state.
6. Data Transfer
7. Data Security Measures
Elongate is committed to handling your personal data securely and has undertaken suitable technical and organizational security measures. We protect your data against negative influences (e.g. loss, destruction, modification, publication, etc.). Elongate constantly reviews existing security policies and controls to ensure best practices are being followed. Our employees receive regular training and are provided with tools and resources to maintain data vigilance and compliance.
8. How your Personal Data is used
We only process your personal data if this is necessary to provide a functional website as well as our contents and services. The processing of your personal data is normally only carried out with your prior consent, except those cases where prior consent cannot be obtained for factual reasons and the processing of your personal data is permitted by law. In the following you can find some specific cases where we process personal data and to which extent:
a. Website.When you visit our website we do not collect or store any personal data. Our service provider uses log files and stores access data without personalized information (e.g., IP address (shortened), version of web browser and operating system, the page viewed or time of access). This data is collected and processed for the purpose of enabling the use of our website (establishing a connection) and ensuring system security and stability, as well as technical administration of the network infrastructure. This data does not allow us to identify you. This data is never transferred to third parties unless it is necessary for the improvement or maintenance of our service (e.g., hosting provider). The storage of every access of our server (server log files) is based on Art. 6(1)(f) GDPR, as well as our legitimate interests, such as optimizing our services or protection from abuse through unauthorized use. Log file information is stored for a maximum of 7 days for security reasons (e.g. investigation of acts of abuse or fraud) and then automatically deleted.
The collection of data for the delivery of the website and storage of the data in log files is essential for the operation of the website. There is consequently no possibility for the user to object.
b. Webshop.On our website, you may purchase items through our webshop. We process personal data in order to provide you with our products or when you contact us. We also use personal information to process purchases and the associated ordering procedures (incl. warranty and services, returns, notification of delivery status and payment processing). To fulfil our contractual obligations and perform our services, we process stored data (contact information such as name, address, email, telephone number and birth date) and contract data (e.g., services purchased, names of contact persons, payment information, order information). If you shop as a guest without setting up a customer account, Elongate only collects and processes the personal data necessary for the purchase (a purchase history is not created). If contact is established with us (e.g. via email, telephone or social media), the user’s information is processed to handle the contact enquiry and its resolution. The legal basis for the processing of personal data is art. 6 (1) (b) GDPR (performance of a contract). The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. Consequently, the personal data collected during the shopping / check-out process are erased as soon as it is no longer required for the execution of the contract. Even after conclusion of the contract, it may still be necessary to store personal data of the contractual partner in order to meet contractual or legal obligations. You have the possibility to cancel the registration and to change the data stored about you at any time. If the personal data is necessary to perform a contract or to carry out pre-contractual measures, an early erasure of the data is only possible if neither contractual nor legal obligations prevent a deletion.
c. NFT Launch PadFor participation in the competition, we collect your e-mail-address. We collect, process, use and store the participant data only for the purpose of conducting the competition. The data collected is required for the conduct of the competition, for the notification of the winner and for the processing of the release of the Prize (which is the Organizer’s legitimate interest). The legal basis for the processing is art. 6 (1) (f) GDPR. Personal data provided by the participant will be deleted once the respective personal data is no longer needed for the above-mentioned purpose. Legal data storage obligations remain reserved. You have the possibility to cancel the participation in the competition and to change the data stored about you at any time.
10. Use of Plug-ins
We reserve the right to update and change this Privacy Notice from time to time in order to reflect any changes to the way in which we process your personal information or changing legal requirements. Any changes we may make to our Privacy Notice in the future will be posted on this website and if necessary, you will be notified via email about them. Please check back frequently to see any updates or changes to our Privacy Notice.