Data Protection & Privacy Policy
How Configurix collects, uses and protects your personal data.
Last updated: January 2026
Configurix (“we”, “us”, “our”) takes the protection of personal data seriously. This Data Protection Policy explains how we collect, process, and protect personal data when you use our website, software platform, and services. We process personal data in accordance with the EU General Data Protection Regulation (GDPR) and applicable national data protection laws.
1. Data Controller
Company: Configurix
Email (General): info@configurix.com
Email (Data Protection): office@configurix.de
2. Scope of This Policy
This policy applies to:
- Visitors of our website
- Users of the Configurix platform
- Customers and their end customers
- Business partners and subcontractors
3. Personal Data We Process
a) Account & Contact Data
- Name
- Email address
- Phone number
- Company name
- Address (if provided)
b) Customer & Project Data
- Quotes and order information
- Configuration data (pergola, veranda, dimensions, options)
- Installation data and documentation
- Uploaded photos and files
c) Technical Data
- IP address
- Browser type and version
- Device information
- Date and time of access
- Log files and error logs
d) Communication Data
- Messages sent via the platform
- Emails and notifications
- Support requests
4. Purposes of Processing
- Providing and operating the Configurix platform
- Creating and managing user accounts
- Generating quotes, PDFs, and documentation
- Managing installations and calendars
- Customer communication and notifications
- Security, fraud prevention, and system monitoring
- Legal compliance and contractual obligations
- Improving our services and user experience
5. Legal Basis for Processing (GDPR Art. 6)
- Contractual necessity (Art. 6(1)(b))
- Legal obligation (Art. 6(1)(c))
- Legitimate interest (Art. 6(1)(f))
- Consent (Art. 6(1)(a)), where applicable
6. Data Storage & Security
Configurix applies technical and organizational security measures to protect personal data, including:
- Encrypted data transmission (TLS/HTTPS)
- Access control and role-based permissions
- Secure hosting environments
- Regular backups
- Monitoring and logging
- Limited internal access to data on a need-to-know basis
7. Data Hosting & Third Parties
Your data is hosted on secure servers located within the European Union or in jurisdictions offering an adequate level of data protection. We may use trusted service providers for hosting, email and notification delivery, and analytics. All providers are contractually bound by data processing agreements (DPAs) in accordance with GDPR Art. 28.
8. Data Sharing
We do not sell personal data. Data is shared only:
- When required to provide the service
- When legally required
- With explicit user consent
End-customer data processed on behalf of our customers remains under the control of the respective customer.
9. Data Retention
- While an account is active
- To fulfill contractual obligations
- To meet legal retention requirements
- For security and auditing purposes
Data may be anonymized instead of deleted where appropriate.
10. Your Rights (GDPR)
- Access your personal data
- Rectify incorrect data
- Erase data (“right to be forgotten”)
- Restrict processing
- Data portability
- Object to processing
- Withdraw consent at any time
To exercise your rights, contact us at office@configurix.de.
11. Cookies & Tracking
Configurix uses cookies and similar technologies only where necessary to:
- Ensure platform functionality
- Improve performance
- Enhance security
Where required, cookie usage is subject to consent.
12. Automated Decision-Making
Configurix does not use fully automated decision-making that produces legal or similarly significant effects on users.
13. Changes to This Policy
We may update this Data Protection Policy to reflect legal or technical changes. The latest version is always available on our website.
14. Supervisory Authority
If you believe your data protection rights have been violated, you have the right to lodge a complaint with the relevant data protection authority in your country of residence.