Legal Documents Description
Last Updated: 10/28/2025
I have read the privacy policy and hereby agree to it!
Below, we inform you about the processing of personal data when using:
Personal data refers to all information that can be related to an identified or identifiable natural person, such as their name or IP address.
The data controller in accordance with Art. 4(7) of the EU General Data Protection Regulation (GDPR) is:
Involatus Carrier Consulting GmbH
Düsselstraße 18A, 41564 Kaarst, Germany
Email: service@involatus.com
We are legally represented by Erkan Türkoral.
Our Data Protection Officer can be reached through:
heyData GmbH
Schützenstraße 5, 10117 Berlin, Germany
Website: www.heydata.eu
Email: datenschutz@heydata.eu
The scope, purposes, and legal bases of data processing are detailed below. The legal bases for data processing generally include the following:
If we transfer data to service providers or third parties outside the European Economic Area (EEA), the security of such transfers is ensured—where available—by adequacy decisions of the EU Commission under Art. 45(3) GDPR, e.g., for the UK, Canada, and Israel.
For data transfers to service providers in the USA, the legal basis is an adequacy decision if the provider is certified under the EU-U.S. Data Privacy Framework.
In other cases (e.g., if no adequacy decision exists), the legal basis for data transfers is usually Standard Contractual Clauses (SCCs) under Art. 46(2)(b) GDPR, unless stated otherwise. These clauses are adopted by the EU Commission and form part of the contract with the relevant third party. Many providers also offer additional contractual guarantees, such as:
Unless explicitly stated otherwise in this privacy policy, we delete stored data once it is no longer needed for its intended purpose and if no legal retention obligations prevent deletion.
If data is not deleted because it is needed for other legally permissible purposes, processing will be restricted—i.e., the data will be blocked and not used for other purposes. This applies, for example, to data we must retain for commercial or tax reasons.
Data subjects have the following rights regarding their personal data:
You also have the right to lodge a complaint with a data protection supervisory authority regarding our processing of your personal data. A list of supervisory authorities and their contact details is available at: https://www.bfdi.bund.de/DE/Service/Anschriften/Laender/Laender-node.html
Customers, prospective customers, or third parties are only required to provide us with the personal data necessary to establish, carry out, and terminate a business relationship or other relationship, or data that we are legally obligated to collect. Without this data, we will generally be unable to conclude a contract or provide a service, or we may be unable to continue an existing contract or relationship. Mandatory fields are marked accordingly.
We generally do not use fully automated decision-making pursuant to Article 22 GDPR to establish or carry out a business or other relationship. Should we use such procedures in individual cases, we will inform you separately if required by law.
When you contact us—for example, via email or telephone—we store the data you provide (e.g., names and email addresses) in order to respond to your inquiry. The legal basis for this processing is our legitimate interest (Art. 6(1)(f) GDPR) in answering inquiries addressed to us. The data collected in this context will be deleted once it is no longer necessary or restricted if legal retention obligations exist.
From time to time, we conduct customer surveys to better understand our customers and their preferences. We collect the data requested in the survey. Our legitimate interest is to better understand our customers and their preferences, which makes the legal basis for this data processing Art. 6(1)(f) GDPR. We delete the data once the survey results have been evaluated.
Contact Description