Privacy Policy

Version: 1.0.0
Effective Date: 15 June 2026
Last Updated: 15 June 2026

Table of Contents

1. Who We Are
2. Website and Application
3. What Data We Collect
4. Account and Platform Data
5. Technical Information
6. How We Use Your Data
7. Legal Basis for Processing
8. Cookies and Browser Storage
9. Authentication and Login
10. Contact Forms and Demo Requests
11. Third-Party Services
12. Employee Data Processing
13. Data Sharing
14. Data Retention
15. Security Measures
16. International Data Transfers
17. Your Rights
18. Changes to This Privacy Policy
19. Contact Us

1. Who We Are

Entovist is a workforce scheduling and employee management platform operated by Mahdi Ghorban Pour - Digitexia (“Digitexia”).

The controller responsible for the processing of personal data within the meaning of the General Data Protection Regulation (GDPR) is:

Mahdi Ghorban Pour - Digitexia
Hauptstrasse 109
79364 Malterdingen
Germany

Website: https://entovist.com
Email: contact@entovist.com

2. Website and Application

This Privacy Policy applies to both the public marketing website available at entovist.com and the Entovist application platform.

Certain processing activities may differ depending on whether you are visiting the public website, requesting information about our services, or using the authenticated Entovist application.

3. What Data We Collect

Depending on how you interact with our website and services, we may collect:

• Name
• Email address
• Company name
• Phone number (if provided)
• Contact form submissions
• Demo requests
• Support requests and communications

4. Account and Platform Data

When customers use Entovist, we may process information required to provide the service, including:

• User account information
• Employee names and work-related information
• Shift schedules and assignments
• Availability preferences
• Vacation and absence records
• Location and team assignments
• Audit logs and activity records
• System configuration data

5. Technical Information

We automatically collect certain technical information to ensure the security and performance of our services, including:

• IP address
• Browser type and version
• Device information
• Operating system
• Website usage statistics
• Log files and security events

6. How We Use Your Data

We process personal data for the following purposes:

• Providing and operating the Entovist platform
• Managing user accounts and authentication
• Responding to inquiries and support requests
• Providing product demonstrations
• Maintaining and improving platform security, reliability, and performance as necessary to provide our services and prevent unauthorized access
• Complying with legal and regulatory obligations
• Communicating important service updates

We do not sell personal data to third parties.

Where Digitexia processes personal data on behalf of a customer organization, it processes that data only to provide, secure, maintain, and support Entovist in accordance with the customer’s documented instructions and the Data Processing Agreement. Digitexia may use aggregated and anonymized information that does not identify a customer organization or any individual to analyze and improve Entovist.

7. Legal Basis for Processing

Where applicable, we process personal data under one or more of the following legal bases:

• Performance of a contract
• Compliance with legal obligations
• Legitimate business interests
• User consent where required by law

8. Cookies and Browser Storage

We use technically necessary cookies and browser storage technologies such as localStorage and sessionStorage to provide, secure, and improve our services.

These technologies may be used for:

• User authentication and session management
• Security and fraud prevention
• Protection against unauthorized access
• Remembering user preferences such as language, theme, and interface settings
• Maintaining application functionality during active sessions

Where legally required, consent is obtained before storing or accessing information that is not strictly necessary.

9. Authentication and Login

Cookies or similar technologies may be used to:

• Maintain secure login sessions
• Remember user preferences
• Protect against unauthorized access
• Improve platform security

10. Contact Forms and Demo Requests

If you contact us or request a demonstration of Entovist, we collect the information you voluntarily provide to respond to your request and communicate with you about our services.

11. Third-Party Services

IONOS

We use IONOS as our hosting and infrastructure provider.

IONOS may process:

• Server and application logs
• IP addresses
• Database storage
• Backup data
• Security and monitoring information

Further information is available in the IONOS Privacy Policy.

Cloudflare

We use Cloudflare for content delivery, traffic routing, performance optimization, and protection against malicious traffic and abuse.

Cloudflare may process:

• IP addresses
• Request and response metadata
• Browser and device information
• Security and performance data

Further information is available in the Cloudflare Privacy Policy.

Stripe

We use Stripe Payments Europe, Ltd. and affiliated companies for:

• Subscription management
• Billing
• Invoice processing
• Payment processing

Entovist does not store complete payment card information.

Further information is available in the Stripe Privacy Policy.

Google Analytics

Google Analytics is used exclusively on the public website and not within the authenticated application.

Google Analytics may collect:

• Pages visited
• Device and browser information
• Approximate geographic location
• Usage and interaction data

Analytics tracking is only enabled where legally permitted.

Further information is available in the Google Privacy Policy.

Geoapify

We use Geoapify GmbH to provide city and postal code lookup functionality.

Geoapify may process:

• City names
• Postal codes
• Technical request metadata, such as IP addresses

Entovist does not use Geoapify for house or street address lookup.

Further information is available in the Geoapify Privacy Policy.

TrustSig Anti-Bot Protection

TrustSig is used to protect registration, login, password reset, and contact forms from spam and abuse.

Data processed may include:

• IP address
• Request timestamp
• Browser information
• Device information
• Verification tokens

Legal basis: Article 6(1)(f) GDPR (legitimate interest). Further information is available in the TrustSig Privacy Policy.

Mailjet

We use Mailjet SAS as our transactional email service provider for the delivery of service-related emails, including account invitations, password reset emails, account notifications, and other operational communications. When sending emails, personal data such as email addresses and message metadata may be processed by Mailjet solely for the purpose of delivering communications. Mailjet acts as a service provider and processes data in accordance with applicable data protection laws and contractual obligations.

Further information is available in the Mailjet Privacy Policy.

12. Employee Data Processing

Entovist enables customer organizations to manage:

• Employee names
• Work-related contact information
• Schedules and assignments
• Availability preferences
• Vacation records
• Sick leave and absence records
• Workload information
• Historical scheduling data

For such data:

• The customer organization acts as the Data Controller
• Digitexia acts as the Data Processor

Processing of personal data by Digitexia on behalf of the customer organization is governed by the Entovist Data Processing Agreement (DPA/AVV).

13. Data Sharing

We only share personal data when necessary to:

• Provide services
• Process payments
• Deliver support
• Maintain infrastructure and security
• Comply with legal obligations

14. Data Retention

We retain personal data only for as long as necessary to:

• Provide services
• Fulfill contractual obligations
• Meet legal requirements
• Resolve disputes
• Maintain security records

When no longer required, data is securely deleted or anonymized.

15. Security Measures

We implement appropriate technical and organizational measures, including:

• HTTPS/TLS encryption
• Role-based access controls
• Authentication and authorization mechanisms
• Audit logging
• Regular software updates
• Security monitoring
• Incident response procedures

16. International Data Transfers

Where personal data is transferred outside the European Economic Area (EEA), appropriate safeguards are implemented in accordance with applicable data protection laws.

17. Your Rights

Subject to applicable laws, you may have the right to:

• Access your personal data
• Correct inaccurate information
• Request deletion
• Restrict processing
• Object to processing
• Request data portability
• Withdraw consent
• Lodge a complaint with a supervisory authority

18. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in services, legal requirements, or operational practices.

The latest version will always be available on the Entovist website.

19. Contact Us

Mahdi Ghorban Pour - Digitexia
Hauptstrasse 109
79364 Malterdingen
Germany

Email: contact@entovist.com
Website: https://entovist.com