This document can be printed for reference by using the print command in the settings of any browser.
Our contact data
Fallerovo šetalište 22c/I
VAT No. HR 06928107888
Executives / authorized representatives: Denis Kotlar
Data protection officer
To contact our data protection officer please send an email using Contact form.
What data do we collect?
Envox collects the following data:
- Personal identification information (Name, email address, phone number, etc.)
How do we collect your data?
You directly provide Envox with most of the data we collect. We collect data and process data when you:
- Register online or place an order for any of our products or services.
- Voluntarily complete a customer survey or provide feedback on any of our message boards or via email.
- Use or view our website via your browser’s cookies.
How will we use your data?
Envox collects your data so that we can:
- Process your order and manage your account.
- If you agree, email you newsletter to keep you updated about our activities, special offers on products and services we think you might like.
When Envox processes your order, it may send your data to, and also use the resulting information from, credit reference agencies to prevent fraudulent purchases.
How do we store your data?
Envox securely stores your data at hosting data center in Frankfurt, Germany. Data center has extensive physical, environmental, and network capabilities in place that includes:
- Access to the data center floor is restricted to data center employees and authorized visitors.
- Data Centers are staffed 24/7/365 with security guards and technicians.
- All employees and visitors are identified using biometrics and state issued IDs before entering the facility.
- HVAC and power have redundant systems, so if one goes out, the others keep our systems powered and within operating temperature.
- Multiple Internet carriers using independent fiber connections to the data center floor.
- Networks within the data centers have redundant routers, switches, and service providers. Multiple systems can fail without affecting downtime or performance.
Data center have the following certifications: ISO/IEC 27001:2013 and PCI DSS. We are keep our server update with the latest updates and takes appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of the data. The data processing is carried out using computers and/or IT enabled tools, following organizational procedures and modes strictly related to the purposes indicated. In addition to Envox, in some cases, the data may be accessible to certain types of persons in charge, involved with the operation of this website (administration, sales, marketing, legal, system administration) or external parties (such as third-party technical service providers, mail carriers, hosting providers, IT companies, communications agencies) appointed, if necessary, as Data Processors by Envox. The updated list of these parties may be requested from Envox at any time.
Personal data shall be processed and stored for as long as required by the purpose they have been collected for. Therefore:
- Personal data collected for purposes related to the performance of a contract between Envox and you shall be retained until such contract has been fully performed.
- Personal data collected for the purposes of the Envox’s legitimate interests shall be retained as long as needed to fulfill such purposes. Users may find specific information regarding the legitimate interests pursued by Envox within the relevant sections of this document or by contacting Envox.
Envox may be allowed to retain personal data for a longer period whenever you have given consent to such processing, as long as such consent is not withdrawn. Furthermore, Envox may be obliged to retain personal data for a longer period whenever required to do so for the performance of a legal obligation or upon order of an authority.
Once the retention period expires, personal data shall be deleted. Therefore, the right to access, the right to erasure, the right to rectification and the right to data portability cannot be enforced after expiration of the retention period.
Our Company would like to send you information about products and services of ours that we think you might like, as well as those of our partner companies.
- Intergalaktik d.o.o., Zagreb, Croatia
If you have agreed to receive marketing, you may always opt out at a later date.
You have the right at any time to stop Envox from contacting you for marketing purposes. You can unsubscribe from our newsletter by clicking on the unsubscribe link provided at the end of each newsletter.
What are your data protection rights?
Envox would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:
- The right to access – You have the right to request Envox for copies of your personal data. We may charge you a small fee for this service.
- The right to rectification – You have the right to request that Envox correct any information you believe is inaccurate. You also have the right to request Envox to complete the information you believe is incomplete.
- The right to erasure – You have the right to request that Envox erase your personal data, under certain conditions.
- The right to restrict processing – You have the right to request that Envox restrict the processing of your personal data, under certain conditions.
- The right to object to processing – You have the right to object to Envox’s processing of your personal data, under certain conditions.
- The right to data portability – You have the right to request that Envox transfer the data that we have collected to another organization, or directly to you, under certain conditions.
Any requests to exercise User rights can be directed to Envox through the contact details provided in this document. These requests can be exercised free of charge and will be addressed by Envox as early as possible and always within one month.
Privacy policies of other websites
How to contact us
This privacy statement has been prepared based on provisions of multiple legislation, including Art. 13/14 of Regulation (EU) 2016/679 (General Data Protection Regulation).