Privacy Policy
This Privacy Policy explains how Nuvibit AG ("we", "us", or "our") processes personal data in connection with this website (esc.nuvibit.eu).
1. Data Controller
Nuvibit AG
Loonstrasse 36
5452 Oberrohrdorf, Switzerland
Email: privacy@nuvibit.com
EU Representative (Art. 27 GDPR):
VGS Datenschutzpartner GmbH
Am Kaiserkai 69, 20457 Hamburg, Germany
Email: info@datenschutzpartner.eu
2. Data We Collect
2.1 Contact Form
When you submit our contact form, we collect:
- Name
- Email address
- Company (optional)
- Message content
2.2 Server Log Files
Our web server automatically collects:
- IP address
- Browser type and version
- Operating system
- Date and time of access
- Accessed pages
IP addresses are stored in full to enable investigation of security incidents, detect attacks, and ensure platform integrity.
3. Legal Basis and Purpose
Contact Form (Art. 6(1)(a) GDPR - Consent)
We process your contact form data based on your consent to respond to your inquiry and communicate about our services.
Server Logs (Art. 6(1)(f) GDPR - Legitimate Interest)
We process server log data based on our legitimate interest in ensuring the security, stability, and functionality of our website.
4. Data Storage and Retention
Location: All data is stored exclusively in the AWS European Sovereign Cloud (ESC) in Brandenburg, Germany (eusc-de-east-1).
Retention:
- Contact form submissions: 90 days (automatically deleted after expiration)
- Server logs: 90 days for security purposes (automatically deleted after expiration)
5. Data Processing
We do not sell or share your personal data with third parties for marketing purposes.
Your data is processed and stored using secure cloud infrastructure services. We have data processing agreements in place with our service providers to ensure GDPR compliance and data protection.
Data access is restricted to authorized Nuvibit employees who need it to respond to your inquiry.
6. Your Rights (GDPR)
You have the following rights regarding your personal data:
Request a copy of your personal data
Correct inaccurate data
Request deletion of your data
Receive your data in a structured format
Object to processing based on legitimate interest
Withdraw consent at any time (does not affect prior processing)
To exercise your rights, contact us at: privacy@nuvibit.com
7. Right to Complain
You have the right to lodge a complaint with a supervisory authority:
Switzerland:
Federal Data Protection and Information Commissioner (FDPIC)
www.edoeb.admin.ch
Germany:
State data protection authorities
www.bfdi.bund.de
8. Security
We implement appropriate technical and organizational measures:
- TLS/HTTPS encryption for all data transmission
- Data stored exclusively in AWS European Sovereign Cloud
- Regular security audits and updates
- Access controls and authentication
- Encryption at rest for stored data
9. Analytics
This website uses Umami Analytics, a privacy-focused analytics solution that:
- Does not use cookies
- Does not collect personal data
- Does not track users across websites
- Anonymizes all visitor data
- Is GDPR compliant by design
Umami collects only anonymized, aggregated data such as:
- Page views
- Referrer sources
- Browser type and version
- Device type (desktop, mobile, tablet)
- Country (based on anonymized IP)
Legal Basis: Legitimate interest (Art. 6(1)(f) GDPR) in understanding website usage to improve user experience. No consent banner is required as no personal data or cookies are used.
10. Changes to This Policy
We may update this Privacy Policy from time to time. The current version is always available at this URL. Material changes will be indicated by updating the date at the top of this policy.
11. Contact
For questions about this Privacy Policy or our data processing:
Email: privacy@nuvibit.com
Web: nuvibit.com