1. Introduction
Einsys is a software-as-a-service (SaaS) platform designed to help businesses manage operations and connect with trading partners in a B2B marketplace. This Privacy Policy explains how we collect, use, and protect your personal data in accordance with the General Data Protection Regulation (GDPR) and other applicable privacy laws.
We are committed to protecting your privacy and ensuring transparency about how we handle your information.
2. What Data We Collect
Account Information
- Full name and contact details
- Company name and business information
- Email address and phone number
- Login credentials (encrypted)
Business Data
- Inventory information (SKUs, quantities, descriptions)
- Business listings and marketplace profiles
- Transaction history and communication records
Usage Data
- Pages, features, and actions accessed
- Search queries and filters used
- Time spent on platform sections
- Feature engagement patterns
Technical Data
- IP address and device information
- Browser type, operating system, and version
- Referral source and click patterns
- Cookies and similar tracking technologies
Communication Data
- Messages, inquiries, and support tickets
- Communication with other platform users
3. How We Use Your Data
We use the information we collect for the following purposes:
- Platform Operations: To provide, maintain, and improve the Einsys platform
- Account Management: To create and manage your account, authenticate users, and manage user profiles
- Marketplace Functionality: To display your business information and inventory to other qualified users
- Communication: To send account notifications, security alerts, and support responses
- Security & Fraud Prevention: To detect, prevent, and address fraud, abuse, and security incidents
- Legal Compliance: To comply with applicable laws, regulations, and legal processes
- Analytics & Improvement: To understand usage patterns and improve user experience
4. Legal Basis for Processing (GDPR)
Under the GDPR, we process your personal data based on the following legal grounds:
- Contract Performance (Article 6(1)(b)): Processing necessary to provide platform services under our Terms of Service
- Legitimate Interest (Article 6(1)(f)): Processing for fraud prevention, security, analytics, and platform improvement
- Legal Obligation (Article 6(1)(c)): Processing required by law or regulatory authorities
- Consent (Article 6(1)(a)): Where you have explicitly consented to specific processing activities (e.g., marketing communications)
5. How We Share Your Data
We do not sell, rent, or trade your personal data with third parties for marketing purposes.
We may share data with:
- Service Providers: Hosting providers, payment processors, analytics platforms, and support tools that process data on our behalf under strict confidentiality agreements
- Legal Authorities: Law enforcement, regulatory agencies, or courts when required by law or legal process
- Business Partners: Only with your explicit consent and for stated purposes
- In Case of Merger/Acquisition: Successors may receive data as part of business asset transfer (you will be notified)
Marketplace Note: Certain business information (company name, industry, location, inventory listings) may be visible to other platform users as part of the marketplace functionality. This data visibility is necessary for the platform to function and users to find trading partners.
6. Data Retention
We retain personal data only for as long as necessary to provide services and fulfill the purposes outlined in this policy. Retention periods vary based on data type:
- Account Data: Retained for the duration of your account plus 7 years for legal/tax compliance
- Transaction & Communication Data: Retained for 7 years for legal and dispute resolution purposes
- Usage/Analytics Data: Retained for up to 2 years for performance analysis
- Marketing Communications: Retained until you unsubscribe or withdraw consent
Upon account deletion, we will remove your personal data within 30 days, except where legal obligations require retention.
7. Your Privacy Rights
Under the GDPR, you have the following rights regarding your personal data:
- Right to Access (Article 15): Request a copy of personal data we hold about you
- Right to Rectification (Article 16): Request correction of inaccurate or incomplete data
- Right to Erasure (Article 17): Request deletion of your personal data, subject to legal obligations
- Right to Restrict Processing (Article 18): Request limitation of data processing in specific circumstances
- Right to Data Portability (Article 20): Receive your data in a structured, portable format
- Right to Object (Article 21): Object to processing for legitimate interest or direct marketing
- Right to Lodge a Complaint: File a complaint with your local data protection authority
To exercise any of these rights, please contact us at info@einsys.eu with a clear request. We will respond within 30 days.
8. Data Security
We implement reasonable technical and organizational security measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These include:
- Encryption of data in transit (HTTPS/TLS)
- Encrypted storage of sensitive information
- Regular security audits and vulnerability assessments
- Access controls and credential management
- Staff training on data protection practices
However, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security of your data.
9. Platform Disclaimer — Einsys as a Technology Platform
Einsys acts solely as a technology platform facilitating communication and transaction matching between business users. We are NOT a party to, and assume NO liability for, any transactions, disputes, or business dealings between platform users.
Important Limitations:
- No Verification: We do not verify the accuracy of business data, inventory listings, or seller credentials. Users are responsible for due diligence.
- No Broking/Guarantees: We do not buy, sell, broker, or guarantee any goods or services listed on the platform.
- No Liability for Transactions: Einsys shall not be liable for product quality, delivery, pricing disputes, cancellations, or fraud between users.
- No Liability for Data: We are not liable for errors, omissions, or delays in marketplace data or user communications.
- User Responsibility: All users assume full responsibility for their own business activities, compliance with laws, and interactions with other users.
10. International Data Transfers
Your data may be processed and stored in Germany and potentially other EU countries. If data is transferred outside the EU/EEA, we ensure appropriate safeguards such as Standard Contractual Clauses or your explicit consent.
11. Third-Party Links & Services
The Einsys platform may contain links to third-party websites and services. This Privacy Policy applies only to Einsys. We are not responsible for the privacy practices of third parties. Please review their privacy policies before sharing personal data.
12. Children's Privacy
Einsys is intended for business users and B2B transactions. We do not knowingly collect personal data from children under 18 years old. If we discover that we have collected data from a child, we will delete it immediately. Please contact us if you believe we have collected data from a minor.
13. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date. Your continued use of Einsys constitutes acceptance of the updated policy.
14. Contact & Data Protection Authority
If you have questions about this Privacy Policy, wish to exercise your privacy rights, or have privacy concerns:
If you have concerns about our privacy practices, you may also lodge a complaint with the relevant Data Protection Authority in your country.