Privacy Policy

The Eleganza Collection

Privacy Policy 2025

1. Introduction

This website is operated by: The Eleganza Collection Ltd.
It is very important to us to handle the data of our website visitors with confidence and to protect them in the best possible way. For this reason, we make every effort to comply with the requirements of the GDPR.
Below we explain how we process your data on our website. We use language that is as clear and transparent as possible so that you really understand what happens to your data.

2. General information

2.1 Processing of personal data and other terms
Data protection applies to the processing of personal data. Personal data means all data with which you can be personally identified. This is, for example, the IP address of the device (PC, laptop, smartphone, etc.) in front of which you are currently sitting. Such data is processed when 'something happens to it'. Here, for example, the IP is transmitted from the browser to our provider and stored there automatically. This is then a processing (according to Art. 4 No. 2 GDPR) of personal data (according to Art. 4 No. 1 GDPR).
These and other legal definitions can be found in Art. 4 GDPR.

2.2 Applicable regulations/laws – GDPR, BDSG and TDDDG
The scope of data protection is regulated by laws. In this case, these are the GDPR (General Data Protection Regulation) as a European regulation and the BDSG (Federal Data Protection Act) as a national law.
In addition, the TDDDG supplements the provisions of the GDPR as far as the use of cookies is concerned.

2.3 The person in charge
The person responsible for data processing on this website is the controller within the meaning of the GDPR. This is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.
You can reach the responsible person under:
The Eleganza Collection Ltd
3rd Floor, 86-90, Paul Street, London, England, EC2A 4NE
info@theeleganzacollection.com

2.4 This is how data is basically processed on this website
As we have already established, there is data (e.g. IP address) that is collected automatically. This data is mainly required for the technical provision of the website. If we also use personal data or collect other data, we will inform you of this or ask for your consent.
Other personal data you share with us consciously.
You will find more detailed information below.

2.5 Your Rights
The GDPR provides you with comprehensive rights. These include, for example, free information about the origin, recipient and purpose of your stored personal data. You can also request the rectification, blocking or erasure of this data or lodge a complaint with the competent data protection supervisory authority. You can revoke your consent at any time.
You can find out in detail what these rights are and how to exercise them in the last section of this Privacy Policy.

2.6 Data protection – Our view
Data protection is more than just a chore for us! Personal data is of great value and careful handling of this data should be a matter of course in our digitalized world. In addition, you as a website visitor should be able to decide for yourself what "happens" to your data, when and by whom. Therefore, we commit ourselves to comply with all legal requirements, collect only the data necessary for us and treat them confidentially.

2.7 Disclosure and deletion
The transfer and deletion of data are also important and sensitive topics. Therefore, we would like to briefly inform you in advance about our general approach to this.

A transfer of data only takes place on the basis of a legal basis and only if this is unavoidable. This may be the case in particular if it is a so-called Data Processor and a Data Processing Agreement has been concluded in accordance with Art. 28 GDPR.
We delete your data when the purpose and the legal basis for processing cease to exist and the deletion is not contrary to any other legal obligations. A ‘good’ overview of this is also provided by Art. 17 GDPR.

For further information, please refer to this Privacy Policy and contact the responsible person if you have any specific questions.

2.8 Hosting
This website is hosted externally. The personal data collected on this website is stored on the host’s servers. This includes the automatically collected and stored log files (see below for more details), as well as all other data provided by website visitors.
External hosting is used for the purpose of secure, fast and reliable provision of our website and in this context serves to fulfill the contract with our potential and existing customers.

The legal basis for the processing is Art. 6 para. 1 lit. a, b and f GDPR, as well as § 25 para. 1 TDDDG, insofar as consent includes the storage of cookies or access to information in the terminal device of the website visitor or user within the meaning of the TDDDG.

Our hoster only processes data that is necessary for the fulfillment of its service obligation and acts as our Data Processor, which means that it is subject to our instructions. We have concluded a corresponding Data Processing Agreement with our hoster.

We use the following hoster:
Wix
Wix.com Ltd, 40 Nemal St., 6350671 Tel Aviv, Israel.
support@wix.com
https://de.wix.com/about/privacy

2.9 Legal basis
The processing of personal data always requires a legal basis. The GDPR provides for the following possibilities in Art. 6 (1) Sentence 1:

a) The data subject has given his/her consent to the processing of personal data concerning him/her for one or more specific purposes;
b) The processing is necessary for the performance of a contract to which the data subject is party or for the implementation of pre-contractual measures taken at the data subject’s request;
c) Processing is necessary for compliance with a legal obligation to which the person responsible is subject;
d) The processing is necessary in order to protect the vital interests of the data subject or another natural person;
e) The processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the person in charge;
f) The processing is necessary for the purposes of safeguarding the legitimate interests of the responsible person(s) or of a third party, unless the interests or fundamental rights and freedoms of the data subject—which require the protection of personal data—override this, in particular where the data subject is a child.

In the following sections, we will provide you with the specific legal basis for the respective processing.

3. What happens on our website

By visiting our website, we process personal data about you.

To protect this data as best as possible against unauthorized access by third parties, we use SSL or TLS encryption. You can recognize this encrypted connection by the fact that a https:// or a lock symbol is displayed in the address bar of your browser.

In the following, you will learn which data is collected when you visit our website, for what purpose this is done, and on what legal basis.

3.1 Data collection when calling up the website

By calling up the website, information is automatically stored in so-called server log files. This includes the following information:

Browser type and version
Operating system used
Referrer URL
Host name of the accessing computer
Time of the server request
IP address

This data is temporarily required in order to be able to display our website to you permanently and without problems. In particular, this data serves the following purposes:

System security of the website
System stability of the website
Website troubleshooting
Connecting to the website
Website presentation

The data processing is carried out in accordance with Art. 6 para. 1 lit. f GDPR and is based on our legitimate interest in the processing of this data, in particular the interest in the functionality of the website as well as its security.
If possible, this data is stored pseudonymously and deleted after the respective purpose has been achieved.
Insofar as the server log files allow the identification of the person concerned, the data is stored for a maximum period of 14 days. An exception exists if a security-relevant event occurs. In this case, the server log files are stored until the elimination and final clarification of the security-relevant event.

For the rest, a consolidation with other data does not take place.

3.2 Cookies

3.2.1 General

This website uses so-called cookies. This is a data record—information that is stored in the browser of your terminal device and is related to our website.
By setting cookies, the navigation of the website in particular can be made easier for the visitor.
In our Cookie Consent Tool, you will find all information about the cookies we have in use on our website (if applicable after your consent).

3.2.2 Reject cookies

You can manage all cookies that are not technically necessary directly via our cookie consent tool.
The setting of cookies can also be prevented by adjusting the settings of your browser. Here you can find the corresponding links to frequently used browsers:

Alternatively, you can use your Cookie settings also under:

However, we must inform you that a comprehensive blocking or deletion of cookies can lead to impairments in the use of the website.

3.2.3 Technically necessary cookies

We use technically necessary cookies on this website to ensure that our website functions without errors and in accordance with applicable laws. They help to make the website user-friendly. Some functions of our website cannot be displayed without the use of cookies.

The legal basis for this is, depending on the individual case, Art. 6 para. 1 lit. b, c and/or f GDPR.

3.2.4 Technically unnecessary cookies

We also use cookies on our website that are not technically necessary. These cookies are used, among other things, to analyze the surfing behavior of the website visitor or to offer functions of the website that are not technically necessary.
The legal basis for this is your consent pursuant to Art. 6 para. 1 lit. a GDPR.
Technically unnecessary cookies are only set with your consent, which you can revoke at any time in the cookie consent tool.

3.3 Data processing through user input

3.3.1 Own data collection

We offer the following (service) on our website: Booking a call.
For this purpose, we collect the following data:

Name
E-mail address

The legal basis for this data processing is Art. 6 para. 1 lit. b GDPR.
The data will be deleted as soon as the respective purpose ceases to apply and it is possible in accordance with the legal requirements.

3.3.2 Contact

a) E-mail
When you contact us by email, we process your email address and any other data contained in the email. This data is stored on the mail server and in some cases on the respective end devices. Depending on the request, the legal basis for this is regularly Art. 6 para. 1 lit. f GDPR or Art. 6 para. 1 lit. b GDPR. The data will be deleted as soon as the respective purpose no longer applies and it is possible in accordance with the legal requirements.

b) Appointment tool

3.4 Cookie Consent Tool

3.4.1 Wix

To ensure that only those cookies are set on our website for which there is a legal basis, we use the consent management tool from Wix. This service is provided by Wix.com Ltd, 40 Nemal St., 6350671 Tel Aviv, Israel.
This service is used to obtain the consent of the website visitor to the storage of certain cookies in his/her browser or the use of certain technologies and to document this in accordance with data protection law.
When this website is called up, the consent given by the website visitor(s) or the revocation of consent is stored as a Wix cookie in the browser of the website visitor(s). For this purpose, a connection is established to the servers of Wix.
The legal basis is Art. 6 para. 1 lit. c GDPR. Wix is used to obtain the legally required consent for the use of cookies.
Until the website visitor requests deletion or Wix deletes the data itself or the purpose for storing the data no longer applies, the collected data will be stored. This does not affect the mandatory statutory retention periods.

3.5 Website Builder System

3.5.1 Wix

To create our website we use the service Wix. This is a service of Wix.com Ltd, Namal 40, 6350671 Tel Aviv, Israel.
Wix is a website builder system that lets you create HTML5 websites and mobile websites. It is an online platform based on the cloud principle. This makes it very easy to add the features to your own website. With this service, we can design our website according to our needs and meet our goal of user-friendliness.

Wix uses cookies. These cookies are only set with the consent of the website visitor and can be revoked at any time. The legal basis for the processing is Art. 6 para. 1 lit. a GDPR.

Furthermore, the use of the service is technically necessary for us to display our website. The legal basis for the processing is Art. 6 para. 1 lit. f GDPR.

The data will be deleted as soon as they are no longer necessary for the processing purposes.
More information: https://de.wix.com/about/privacy

3.6 Newsletter

3.6.1 In-house development

We have developed the provision of our newsletter independently.
This allows us to organize and analyze our newsletter. The data entered to receive the newsletter is stored on our servers.
The legal basis for the processing is Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG. Consent can be revoked at any time by unsubscribing from the newsletter. The legality of the processing that has already taken place remains unaffected by any revocation.

The stored data can be made available at any time by e-mail or a request can be made to delete the data.

3.7 Social media plugins

3.7.1 Instagram

Elements of the social network Instagram are integrated on this website. This service is offered by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

If the social media element is activated, a direct connection is established between the website visitor and the servers of Instagram and his/her IP address is transmitted to Instagram. If the website visitor has a user account, the visit to this website can be assigned to the corresponding user account. We as the website operator do not gain any knowledge about the content of the transmitted data.

The legal basis for the processing is Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG. Consent can be revoked at any time.

If personal data is collected on this website with the help of Facebook or Instagram and forwarded to Meta, the website operator and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for the data processing pursuant to Article 26 of the GDPR. This joint responsibility is limited exclusively to the collection and transfer of data to Facebook and Instagram. There is an agreement on joint processing for this purpose:
https://www.facebook.com/legal/controller_addendum

3.8 Social media profiles

In addition to our website, our company is also present on social networks. Here we want to present our company and create the opportunity to get in touch with us. We also use the opportunity to place advertisements and job advertisements on social media.

In the following, we provide information about what data we and the respective social network process when you visit and interact with our profile.

3.8.1 LinkedIn

We operate a LinkedIn profile on https://www.linkedin.com/. This social network is operated by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA.

a) Interaction with our company profile
When you visit our LinkedIn profile and interact with us via it, we process personal data. On the one hand, this includes the data made publicly available on the profile. On the other hand, we also process the personal data contained in posts, comments, or direct messages to us. Through interactions such as liking or sharing, we can see the user profile with the public information.
The legal basis for this processing is Art. 6 para. 1 lit. f GDPR. It is in our legitimate interest to provide relevant and interesting content and to enable the use and functionality of our LinkedIn profile.
Insofar as an inquiry is related to the fulfillment of a contract or is necessary to carry out pre-contractual measures, our processing is based on Art. 6 para. 1 lit. b GDPR.

b) Page Insights
LinkedIn provides us with aggregated statistics and insights (called Page Insights) that tell us how people interact with our Company Page. This includes information about the number of profiles that view, comment on, or otherwise interact with our posts, as well as aggregated demographic and other information that helps us learn about the interaction with our page or LinkedIn profile.
Page Insights provided to us by LinkedIn consist of aggregated data, and LinkedIn does not provide us with any personally identifiable information about members in relation to Page Insights. We also have no way of linking Page Insights to individual members.

When placing ads, LinkedIn provides us with information about the types of people who see our ads and about the success of our ads. Personal data is only passed on to us if this person has consented to such processing. We also receive information from LinkedIn that allows us…

3.8.2 When processing personal data in the course of Page Insights

The processing is carried out in joint responsibility with LinkedIn in accordance with Art. 26 para. 1 GDPR.
To this end, we have entered into a corresponding agreement with LinkedIn, which can be viewed here:
https://legal.linkedin.com/pages-joint-controller-addendum

Contact details of LinkedIn:
LinkedIn Ireland Unlimited Company
Wilton Place, Dublin 2, Ireland
Data Protection Officer: https://www.linkedin.com/help/linkedin/ask/TSO-DPO

3.8.3 Processing by LinkedIn

In connection with your visit to our company profile, LinkedIn may also process additional personal data. In this case, the processing is carried out under the sole responsibility of LinkedIn and without our knowledge.
Further information can be found at: https://de.linkedin.com/legal/privacy-policy

3.9 LinkedIn Ads

We also integrate the functions of LinkedIn Ads on our website.
With the help of LinkedIn Ads, we can easily create effective ads that can be seen by a large audience on LinkedIn.
LinkedIn collects personal data for this purpose using cookies. This is used to evaluate the behavior of the users in order to analyze the effectiveness of the advertising measures and to adapt them for future campaigns in a more user-oriented manner.

These cookies are only set with consent, which can be revoked at any time. The legal basis is Art. 6 para. 1 lit. a GDPR.
Otherwise, the legal basis for processing by LinkedIn Ads is Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in expanding and optimizing our advertising presence on the LinkedIn platform.

3.10 Instagram

We operate an Instagram profile. This social media platform is offered by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

3.9.1 Interaction with our company profile (Instagram)

When you visit our Instagram profile and interact with us, we process personal data. This includes data made publicly available on the profile, as well as data from posts, comments, or direct messages to us. Interactions like likes or shares allow us to see the user profile with public information.

The legal basis is Art. 6 para. 1 lit. f GDPR. For inquiries related to contracts, Art. 6 para. 1 lit. b GDPR applies.

3.9.2 Insights (Instagram)

Meta collects analytics (Insights) and provides us with anonymized reports. These include:

How many people interact with our posts, videos, pages, etc.
How users interact with content across platforms
Audience groupings and demographics

This data helps us improve content and marketing strategies. It is anonymized.
Joint processing responsibility with Meta under Art. 26 para. 1 GDPR.
Meta privacy policy: Instagram Policy
Further details:

3.11 TikTok

TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland

3.11.1 Interactions

When users like, comment, or message us on TikTok, we process usernames and profile pictures to optimize content and connect with users.

Legal basis: Art. 6 para. 1 lit. f GDPR

3.11.2 TikTok Analysis

Aggregated statistics include:

Follower growth, video views, profile views
Likes, shares, playback time
Viewer demographics and time activity

Data is anonymized. Full details:
https://www.tiktok.com/creators/creator-portal/en-us/tiktok-content-strategy/understanding-your-analytics/
Joint controller with TikTok under Art. 26 para. 1 GDPR
TikTok contact:

Privacy Request
Legal contact

3.11.3 Data by TikTok

TikTok may process IPs, location, device type, audio settings, usage logs, and link to user accounts if logged in.
More info: TikTok Privacy Policy

3.12 Audio and video conferencing

3.12.1 Zoom

Zoom Communications Inc., USA.
Zoom processes user input, metadata, shared files. Cookies require consent.
Legal basis: Art. 6 para. 1 lit. a or b or f GDPR
Zoom privacy: https://zoom.us/de-de/privacy.html

3.12.2 Microsoft Teams

Microsoft Ireland Operations Limited, Dublin
Processes include user input, technical info, shared files. Cookies require consent.
Legal basis: Art. 6 para. 1 lit. a or b or f GDPR
Privacy policy: https://privacy.microsoft.com/de-de/privacystatement

4. Your Rights

4.1 Your Rights in Detail

4.1.1 Right to information – Art. 15 GDPR

You can request details on whether your data is processed, and how.

4.1.2 Right to rectification – Art. 16 GDPR

Correction of inaccurate or incomplete personal data.

4.1.3 Right to deletion – Art. 17 GDPR

‘Right to be forgotten’: You can demand deletion under certain conditions.

4.1.4 Right to restrict processing – Art. 18 GDPR

Under certain conditions outlined in Art. 18(1)(a) to (d).

4.1.5 Right to data portability – Art. 20 GDPR

Transfer of your data to another controller, where technically feasible.

4.1.6 Right to object – Art. 21 GDPR

You may object if your interest outweighs ours, especially for direct marketing.

4.1.7 Right to individual decision-making – Art. 22 GDPR

Protection from fully automated decisions that significantly affect you.

4.1.8 Other rights

You may withdraw consent under Art. 7(3) GDPR at any time. Also includes rights under §§ 32 ff. BDSG.

4.1.9 Right of appeal – Art. 77 GDPR

You can complain to a supervisory authority if you believe your data rights are violated.

5. Date of Privacy Policy

The current version of this Privacy Policy is 19.04.2025. We reserve the right to change it to reflect legal or operational updates.
We recommend reviewing the Privacy Policy regularly.