Privacy Policy

Privacy Policy

1. Data Controller

This Privacy Policy applies to the website www.nevelon.com, operated under the brand Nevelon, a joint platform of the following individual businesses:

Maximilian Ebenkofler & Maxim Prossliner
Sole proprietorships

E-Mail: [email protected]
E-Mail: [email protected]

Both entrepreneurs are joint data controllers within the meaning of Article 26 GDPR.


2. General Information on Data Processing

Protecting your personal data is very important to us.
We process your data confidentially and in accordance with applicable data protection laws, in particular the EU General Data Protection Regulation (GDPR) and the Italian Privacy Code (D. Lgs. 196/2003), as amended.

This policy explains what data we collect, how we use it, and what rights you have regarding your personal information.


3. Hosting and Data Security

Our website is hosted on servers provided by Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany.
We do not use cloud hosting services. Instead, we operate our own virtual servers within Hetzner’s data centers (Private Cloud), using Docker containers, a pfSense router, and our own firewall.

To ensure compliance with data protection requirements, we have concluded a Data Processing Agreement (DPA) pursuant to Article 28 GDPR with Hetzner.
All data is stored exclusively within the European Union.
Hetzner provides the technical infrastructure and processes personal data solely according to our instructions.

We implement appropriate technical and organizational measures to protect your data, including:

  • Access restrictions
  • Regular data backups
  • Encryption
  • SSL/TLS connections (https)


4. Use of Cloudflare (CDN)

We use Cloudflare Inc. (USA) as a Content Delivery Network (CDN) to make our website faster and more secure. Cloudflare may process technical data such as IP addresses and timestamps to prevent attacks (e.g. DDoS) and optimize performance.

Processing is based on Article 6(1)(f) GDPR (legitimate interest in a secure and efficient website).
Cloudflare is certified under the EU–US Data Privacy Framework.
More information: https://www.cloudflare.com/privacypolicy/


5. Collection and Processing of Personal Data

5.1 Contact Form

When you contact us via the contact form, we collect the following personal data:
Name, email address, phone number, company, and message.

These details are used solely to respond to your inquiry.
Legal basis: Article 6(1)(b) GDPR (pre-contractual measures).


5.2 “Digital Analysis” Form

When you use the “Digital Analysis” form, we additionally collect:

  • Planned budget
  • Company size (number of employees)
  • Your business goals

This information helps us better understand your needs and provide suitable recommendations.
Data is stored for six months and then deleted.
Submissions are sent to us by email and also recorded in our internal CRM system.

Legal basis: Article 6(1)(b) GDPR.


6. Newsletter

You may subscribe to our newsletter in the future to receive information on digital topics and offers.
Registration uses a double opt-in process to confirm your consent.

We process your email address and optionally your name.
Processing is based on Article 6(1)(a) GDPR (consent).
You can withdraw your consent at any time by clicking the unsubscribe link in the newsletter.
The specific newsletter service provider will be named once selected.


7. Web Analytics with Matomo (Self-Hosted)

We use Matomo, an open-source analytics tool that runs on our own servers at Hetzner.

Matomo uses cookies to collect anonymized usage data (e.g. pages visited, duration, referrers). IP addresses are anonymized before storage. Data is not shared with third parties.

Legal basis: Article 6(1)(f) GDPR (legitimate interest in analyzing and optimizing our website).
You can opt out of this processing via the cookie banner or the Matomo opt-out feature.


8. Integration of Vimeo

We embed videos from Vimeo Inc. (USA) on our website. When you play a video, a connection is made to Vimeo’s servers, and personal data such as your IP address and usage behavior may be transmitted.

Processing only occurs after you have given consent via the cookie banner, in accordance with Article 6(1)(a) GDPR.
For more information: https://vimeo.com/privacy


9. Cookies

Our website uses cookies to provide core functionality and analyze user behavior.
This includes:

  • Technically necessary cookies (e.g. session IDs)
  • Analytics cookies (Matomo)
  • Multimedia cookies (Vimeo)

When you first visit our website, a cookie banner appears, allowing you to manage your preferences.
Legal basis: Article 6(1)(a) GDPR (consent).


10. SSL/TLS Encryption

This website uses SSL/TLS encryption to ensure the secure transmission of confidential information.
Data you send to us cannot be intercepted or read by third parties.


11. Rights of Data Subjects

Under the GDPR, you have the following rights:

  • Right of access (Art. 15)
  • Right to rectification (Art. 16)
  • Right to erasure (Art. 17)
  • Right to restriction of processing (Art. 18)
  • Right to data portability (Art. 20)
  • Right to object (Art. 21)

You may also withdraw your consent at any time with future effect.

Please send requests to:
📧 [email protected]


12. Right to Lodge a Complaint

If you believe that your personal data is being processed unlawfully, you may contact a supervisory authority.
In Italy, the competent authority is:
Garante per la protezione dei dati personali (GPDP)
Website: https://www.garanteprivacy.it


13. Changes to this Privacy Policy

We reserve the right to modify this Privacy Policy at any time to ensure it complies with current legal requirements or to reflect changes in our processing activities.
The latest version is always available at
www.nevelon.com/privacy


Last updated: October 2025

Say Hello 💜
Let's talk
contact us
Let's talk
contact us
Let's talk
contact us
Let's talk
contact us
Let's talk
contact us
Let's talk
contact us

Legal

CookiesPrivacy PolicyImprintTerms & Conditions