GDPR Compliant

Privacy Policy

Transparency and data protection have the highest priority for us. Learn how we protect and process your personal data.

Last Updated

December 8, 2025

1Data Controller

Tavo-IT Inh. Michael Schwarz
Vorderdorfstraße 13
37130 Gleichen
Germany

Phone

+49 175 4255616

E-Mail

info@tavo-it.com

2Data Protection Responsibility

As the owner of Tavo-IT, I am personally responsible for data protection and your direct contact for all data protection questions.

Direct Data Protection Contact

Michael Schwarz - Owner & Data Protection Officer

info@tavo-it.com

Personal response within 24 hours

3General Information on Data Processing

The protection of your personal data is particularly important to us. We process your personal data confidentially and in accordance with legal data protection regulations as well as this privacy policy.

What is personal data?

Personal data is any data that can be used to personally identify you. This includes, for example, name, address, email addresses, user behavior.

4Data Processing on Our Website

Your data is collected on the one hand by you providing it to us (e.g. by filling out contact forms). Other data is automatically recorded when you visit the website by our IT systems.

Voluntary Information

  • • Contact form
  • • Email contact
  • • Appointment booking (Calendly)

Automatic Data

  • • IP address
  • • Browser information
  • • Visit time
  • • Referrer URL

5Hosting & Server

This website is hosted by Vercel Inc. Personal data collected on this website is stored on Vercel's servers.

Hosting Provider

Provider: Vercel Inc.

Address: 340 S Lemon Ave #4133, Walnut, CA 91789, USA

Website: vercel.com

✓ Edge Network (worldwide)✓ SSL encryption✓ DPA concluded

Third Country Transfer (USA)

Vercel is based in the USA. Data transfer is based on EU Standard Contractual Clauses (SCCs) pursuant to Art. 46 Para. 2 lit. c GDPR.

More information: Vercel Privacy Policy

6SSL/TLS Encryption

For security reasons and to protect the transmission of confidential content, this site uses SSL or TLS encryption.

Secure Connection

You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.

🔒 All data transmissions are encrypted

7Server Log Files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us:

Collected Data

  • • Browser type and version
  • • Operating system used
  • • Referrer URL
  • • Hostname of the accessing computer
  • • Time of server request
  • • IP address (anonymized)

Purpose of Use

  • • Technical security
  • • Error analysis
  • • Performance optimization
  • • Spam/bot detection

This data is not combined with other data sources.

8Contact Form / Email Contact

If you send us inquiries via contact form or email, your information will be stored with us for processing the inquiry and for follow-up questions.

Processed Data

  • • Name and email address
  • • Phone number (optional)
  • • Message content
  • • Time of inquiry

Legal Basis

Art. 6 Para. 1 lit. b GDPR (contract initiation)

Storage Duration

24 months after completion of correspondence

9Email Communication (Zoho Mail)

For our business email communication, we use the Zoho Mail service. When you contact us by email, your messages are processed and stored on Zoho's servers.

Email Provider

Provider: Zoho Corporation B.V.

Address: Beneluxlaan 4B, 3527 HT Utrecht, Netherlands (EU)

Website: zoho.com/mail

✓ EU Data Centers✓ GDPR compliant✓ End-to-end encrypted

Processed Data

  • • Sender email address
  • • Email content & attachments
  • • Time of sending
  • • Technical metadata

Legal Basis

  • • Art. 6 Para. 1 lit. b GDPR (contract initiation)
  • • Art. 6 Para. 1 lit. f GDPR (legitimate interests)

Privacy at Zoho

Zoho is known for its strong focus on privacy and stores European customer data in EU data centers. The company is GDPR compliant and certified according to various security standards.

More information: Zoho Privacy Policy |Zoho GDPR Compliance

10Cookies & Tracking

Our website uses cookies to make our service more user-friendly. Cookies are small text files that are stored on your computer.

Necessary Cookies

For the basic function of the website

No consent required

Functional Cookies

For extended functions

With your consent

Analytics Cookies

For website optimization

With your consent

Cookie Consent Management

For managing your cookie settings, we use consentmanager - a GDPR-compliant Consent Management Platform (CMP). This allows you to precisely control which cookies and tracking technologies may be used on our website.

consentmanager Features
  • • GDPR/CCPA-compliant cookie banner
  • • Granular setting options
  • • Revocable consent at any time
  • • Proof of consent declaration
  • • Automatic legal compliance

You can change your cookie settings at any time:

The cookie banner appears automatically on your first visit and can be accessed again at any time via this button.

11Web Analytics (Matomo)

We use Matomo, a privacy-friendly web analytics tool, to understand and improve the use of our website.

Privacy Features

  • • IP anonymization
  • • No sharing with third parties
  • • Servers in Germany
  • • Opt-out possible at any time

Collected Data

Page views, time spent, referrer, browser information (anonymized)

12Additional analytics services

Through our Consent Manager, the following additional analytics services can be activated:

Google Analytics 4

Web analytics service by Google LLC. Only with your explicit consent.

  • • Provider: Google LLC, USA
  • • Purpose: Website analysis, user behavior
  • • Legal basis: Consent (Art. 6 Para. 1 lit. a GDPR)
  • • Revocation: at any time via cookie settings

Microsoft Clarity

User behavior analysis by Microsoft Corporation. Only with your consent.

  • • Provider: Microsoft Corporation, USA
  • • Purpose: User interaction analysis, heatmaps
  • • Legal basis: Consent (Art. 6 Para. 1 lit. a GDPR)
  • • Revocation: at any time via cookie settings

13External Content & Services

We use services from external providers to enhance our offering.

Google Fonts

Fonts

✓ Locally hosted

Calendly

Appointment booking

When actively used

Google Maps

Location link

External link

Calendly (Appointment Booking)

Provider: Calendly LLC, 3423 Piedmont Road NE, Atlanta, GA 30305, USA

Purpose: Online appointment scheduling for consultation sessions

When you book an appointment through Calendly, your entered data (name, email, selected time) is transmitted to and processed by Calendly.

  • • Legal basis: Art. 6 Para. 1 lit. b GDPR (contract initiation)
  • • Third country transfer: USA (EU Standard Contractual Clauses)
  • • Privacy: calendly.com/privacy

Google Maps (External Link)

On our contact page, we link to Google Maps to help you find directions. This is an external link - clicking on it will redirect you to Google's website.

Important: No data is automatically transferred to Google unless you actively click the link. Only when visiting Google Maps do Google's privacy policies apply.

Google Privacy: policies.google.com/privacy

14Storage Duration

We only store personal data for as long as is necessary to achieve the respective purposes or as required by legal retention periods.

General Inquiries

  • • Contact form: 24 months
  • • Email correspondence: 24 months
  • • Appointment bookings: 12 months

Business Contacts

  • • Contracts: 10 years (HGB)
  • • Invoices: 10 years (AO)
  • • Quotes: 3 years

15Your Rights under GDPR

You have comprehensive rights regarding your personal data:

Right of Access (Art. 15)

What data we store about you

Right of Rectification (Art. 16)

Correction of incorrect data

Right of Deletion (Art. 17)

Right to be forgotten

Right of Restriction (Art. 18)

Restrict processing

Data Portability (Art. 20)

Data in machine-readable format

Right to Object (Art. 21)

Object to processing

Withdrawal (Art. 7 Para. 3)

Withdraw consent

Complaint (Art. 77)

With the supervisory authority

Exercise Rights

To exercise your rights, contact me directly at:

info@tavo-it.com

16Cookie Consent Management (consentmanager)

For the legally compliant management of cookie consents, we use the services of consentmanager AB, a leading provider of Consent Management Platforms (CMP) in Europe.

Provider Information

Company: consentmanager AB

Address: Håltgelvsgatan 1B, 72270 Västerås, Sweden

Website:www.consentmanager.de

GDPR Compliance

  • • IAB TCF 2.2 certified
  • • Servers in Germany
  • • GDPR/ePrivacy compliant
  • • ISO 27001 certified

Processed Data

Technical Data:
  • • IP address (anonymized)
  • • Browser information
  • • Timestamp of consent
  • • Consent status
Legal Basis:
  • • Art. 6 Para. 1 lit. c GDPR (legal obligation)
  • • Art. 6 Para. 1 lit. f GDPR (legitimate interests)
  • • Proof of consent declaration

Your Rights

You have the right to change your cookie settings or withdraw your consent at any time. You can do this via the cookie banner or directly in your browser settings.

Withdrawal only affects the future. Already stored data may continue to be processed lawfully.

17Supervisory Authority

In case of data protection violations, you can contact the competent supervisory authority:

State Commissioner for Data Protection of Lower Saxony

Address:
Prinzenstraße 5
30159 Hannover

Contact:
Tel: 0511 120-4500
poststelle@lfd.niedersachsen.de

18Changes to the Privacy Policy

We reserve the right to adjust this privacy policy so that it always complies with current legal requirements.

Information about Changes

In case of significant changes, we will inform you by email or via a clear notice on our website.

Last updated: December 8, 2025

Privacy Inquiries

Personal Contact

Michael Schwarz - Owner

info@tavo-it.com

Information Request

Exercise GDPR rights

Submit Request
Back to Home