Privacy.
§ Data protection

Privacy policy

How we handle your personal data — under the GDPR.

01 / Overview grovez GmbH

1. Controller

The controller responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is:

grovez GmbH
Weißer Weg 7b
32657 Lemgo
Germany
Email: info@grovez.io

A data protection officer is not required by law and has not been appointed.

2. General information on data processing

We process personal data only to the extent necessary to provide a functional website and our content and services, where we are legally permitted or obliged to do so, or where you have consented. The legal bases are, in particular, Art. 6 (1) (a) (consent), (b) (contract and pre-contractual measures) and (f) GDPR (legitimate interest).

3. Hosting (Amazon Web Services)

This website is hosted by Amazon Web Services (AWS). The provider is Amazon Web Services EMEA SARL, 38 Avenue John F. Kennedy, L-1855 Luxembourg. Hosting takes place in the AWS Europe (Frankfurt, eu-central-1) region; the data is therefore processed on servers within the European Union. When the website is accessed, AWS processes the technically required data on our behalf (see section 4). A data processing agreement pursuant to Art. 28 GDPR is in place with AWS. The legal basis is our legitimate interest in providing the website securely and efficiently (Art. 6 (1) (f) GDPR). Should personal data nevertheless be transferred to a third country (in particular the USA) in an individual case, this takes place on the basis of appropriate safeguards pursuant to Art. 46 GDPR (in particular EU Standard Contractual Clauses).

4. Server log files

Each time the website is accessed, information transmitted by your browser is automatically collected, which is technically necessary to display the website to you and to ensure its stability and security. This generally includes: IP address, date and time of access, the file requested, the volume of data transferred, the referrer URL, and your browser type and operating system. The legal basis is Art. 6 (1) (f) GDPR; our legitimate interest lies in the secure and trouble-free operation of the website. This data is not merged with other data sources and is deleted after a short period, unless it is required to investigate security incidents.

5. Cookies and local storage

We do not use any tracking or analytics cookies. To save your language selection (DE/EN), we use your browser's local storage (localStorage). This information remains on your device, is not transmitted to us, and is technically necessary for the function you have requested (Art. 6 (1) (f) GDPR and § 25 (2) TTDSG). No consent is required for this.

6. Contacting us

If you contact us by email, we process the details you provide (e.g. name, email address, content of your message) to handle your enquiry. For this purpose, the contact form on this website opens your local email program and does not send any data to our servers; your entries are only transmitted once you send the email yourself. The legal basis is Art. 6 (1) (b) GDPR (pre-contractual measures) or (f) GDPR (legitimate interest in responding to enquiries). We store this data until your enquiry has been fully dealt with, provided no statutory retention obligations apply.

7. Processing of data in our CRM system

We use a customer relationship management (CRM) system to manage customer and prospect data and to organise our sales and communication processes.

In particular, the following personal data is processed:

  • name
  • business contact details (e.g. email address, telephone number)
  • company affiliation and position
  • communication content and history within the scope of the business interaction
  • further information provided in the course of the business relationship

This data is processed for the purpose of initiating, conducting and managing business relationships and to optimise our customer communication.

The legal basis for the processing is Art. 6 (1) (b) GDPR (contract and pre-contractual measures) and Art. 6 (1) (f) GDPR (legitimate interest in efficient customer and prospect management).

For this purpose, we use a CRM system provided by an external service provider. A data processing agreement pursuant to Art. 28 GDPR is in place with this provider.

A transfer of personal data to third countries cannot be ruled out in connection with the use of the CRM system. In such cases, the transfer takes place on the basis of appropriate safeguards pursuant to Art. 46 GDPR (e.g. EU Standard Contractual Clauses).

Data subjects have the right at any time to access, rectification, erasure, restriction of processing and objection to the processing of their personal data in accordance with the statutory provisions.

8. Your rights

Within the scope of the statutory provisions, you have the right of access (Art. 15 GDPR), rectification (Art. 16), erasure (Art. 17), restriction of processing (Art. 18), data portability (Art. 20), and a right to object (Art. 21 GDPR). You may withdraw any consent you have given at any time with effect for the future. To exercise your rights, a message to info@grovez.io is sufficient.

You also have the right to lodge a complaint with a data protection supervisory authority. The authority responsible for us is:

Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen (LDI NRW)
Kavalleriestraße 2–4
40213 Düsseldorf
Germany

9. The app.grovez.io platform

This privacy policy applies exclusively to this website. A separate privacy policy, available there, applies to the use of our platform at app.grovez.io.

As of: June 2026 · grovez.io