Discover our online shop →
🇬🇧 EN | 🇩🇪 DE

Privacy Policy

1. Privacy at a glance

General information

The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data is any data that can be used to personally identify you.

Data collection on this website

Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator. You can find the operator's contact details in the legal notice of this website.

How do we collect your data?
Your data is collected in part by you providing it to us, for example by entering data in our contact form. Other data is collected automatically or with your consent when you visit the website by our IT systems. This is primarily technical data (e.g., internet browser, operating system, or time of page access).

What do we use your data for?
Some of the data is collected to ensure the error-free provision of the website. Other data may be used to analyze your user behavior. Data collected via the contact form is used exclusively to process your inquiry.

2. Hosting

This website is hosted by the following provider:

ZAP-Hosting GmbH
Hafenweg 8
48155 Münster
Germany

The personal data collected on this website is stored on the hoster's servers. This may include, but is not limited to, IP addresses, contact requests, metadata and communications data, contract data, contact details, names, website access logs, and other data generated through a website.

The use of the hoster is for the purpose of fulfilling contracts with our potential and existing customers (Art. 6 para. 1 lit. b GDPR) and in the interest of a secure, fast, and efficient provision of our online services by a professional provider (Art. 6 para. 1 lit. f GDPR).

For more information, please see the ZAP-Hosting privacy policy: https://zap-hosting.com/en/privacy-policy/.

3. General information and mandatory disclosures

Data protection

The operators of this website take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.

Information on the responsible party

The responsible party for data processing on this website is:

TougeTech - Fölsch & Ernst GbR
Brandenburger Str. 32
21244 Buchholz i.d.N.
Phone: +49 4105 5900331
Email: info@tougetech.de

Revocation of your consent

Many data processing operations are only possible with your express consent. You may revoke any consent you have already given at any time. The legality of the data processing carried out prior to the revocation remains unaffected by the revocation.

Right to data portability

You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to a third party in a common, machine-readable format.

Access, rectification, and erasure

Within the framework of the applicable legal provisions, you have the right at any time to free information about your stored personal data, its origin and recipients, and the purpose of data processing, and, if applicable, a right to rectification or erasure of this data.

Right to restriction of processing

You have the right to request the restriction of the processing of your personal data.

Right to lodge a complaint with a supervisory authority

In the event of violations of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence.

4. Data collection on this website

Server log files

The website provider automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

  • Browser type and version
  • Operating system used
  • Referrer URL
  • Hostname of the accessing computer
  • Time of the server request
  • IP address

This data is not merged with other data sources. The basis for data processing is Art. 6 para. 1 lit. f GDPR.

Contact form

If you send us inquiries via the contact form, your details from the inquiry form, including the contact data you provided there, will be stored by us for the purpose of processing the inquiry and in case of follow-up questions. We do not share this data without your consent.

The processing of this data is based on Art. 6 para. 1 lit. b GDPR, provided your request is related to the fulfillment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective handling of inquiries addressed to us (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR).

The data you enter in the contact form will remain with us until you request its deletion, revoke your consent to its storage, or the purpose for data storage no longer applies. Mandatory statutory provisions, in particular retention periods, remain unaffected.

The following data is collected in the contact form:

  • Company (optional)
  • Last name, first name (required)
  • Phone (optional)
  • Email address (required)
  • Message (required)
  • IP address (automatic)
  • Time of submission (automatic)

5. ALTCHA (Bot Protection)

We use "ALTCHA" on this website to protect our contact form from automated abuse (spam). ALTCHA is an open-source solution (MIT license) that is fully hosted on our own server.

ALTCHA uses cryptographic proof-of-work puzzles solved by the visitor's browser to verify whether a form submission is made by a human or an automated program. In this process:

  • No cookies are set
  • No user tracking is performed
  • No personal data is collected or stored
  • No data is transmitted to third parties – all processing takes place exclusively on our server and in the visitor's browser

Processing is based on Art. 6 para. 1 lit. f GDPR (legitimate interest in preventing spam and abuse). Consent is not required as no cookies are set and no personal data is processed.

More information: altcha.org (source code: GitHub, license: MIT).

6. Web Fonts (self-hosted)

This website uses the open-source fonts "Poppins" and "Inter" (SIL Open Font License 1.1) for uniform font display. The font files are hosted locally on our own server. No connection to external font services (such as Google Fonts or Bunny Fonts) is established, meaning no personal data is transmitted to third parties.

7. Cookies and Local Storage

This website uses only technically necessary cookies (session cookies for CSRF protection). No tracking cookies, analytics cookies, or advertising cookies are used. A cookie consent banner is therefore not required.

Technical cookies/storage in use:

  • CSRF session cookie – Protects the contact form from cross-site request forgery attacks. Automatically deleted when the browser is closed. Legal basis: Art. 6 para. 1 lit. f GDPR.

Via the "Cookie Settings" link in the footer, you can view at any time which technical services are used on this website.

8. SSL/TLS Encryption

This website uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries you send to us as the site operator. You can recognize an encrypted connection by the fact that the address bar of the browser changes from "http://" to "https://" and by the lock icon in your browser bar.

9. Your Rights

You have the right at any time to:

  • Obtain information about your data stored with us
  • Request the rectification of inaccurate data
  • Request the deletion of your data
  • Request the restriction of data processing
  • Object to data processing
  • Receive your data in a portable format

To exercise these rights, please contact: info@tougetech.de

Last updated: March 2026