Privacy Policy

I. Controller

The controller within the meaning of the General Data Protection Regulation (GDPR) and other national data protection laws of the Member States, as well as other data protection provisions, is:

For privacy-related questions, you can also reach us at info@danic.ai.

II. Principles of data processing

1. Collection and use of personal data

We generally process our users' personal data only to the extent necessary to provide our website, services, and content. Further processing usually takes place only with the user's express consent.

2. Legal bases for processing

We process personal data on the basis of the General Data Protection Regulation (GDPR):

Art. 6(1)(a) GDPR

Where you give us consent, that consent is the legal basis for processing.

Art. 6(1)(b) GDPR

Where processing is necessary to perform a contract or take pre-contractual steps, we rely on this legal basis.

Art. 6(1)(c) GDPR

Where we are subject to legal obligations, processing is based on this provision.

Art. 6(1)(d) GDPR

Where vital interests are affected, processing may be justified on this basis.

Art. 6(1)(f) GDPR

Where a legitimate interest on our part or that of a third party exists and your fundamental rights do not override it, processing is based on this provision.

3. Erasure and retention

Your personal data will be erased or restricted once the purpose of storage no longer applies. Longer storage may occur where required by law. After statutory retention periods expire, data will be deleted unless still required for contractual purposes.

III. Website operation, log files, and cookies

1. Server log files

When you visit our website, certain data (e.g. IP address, date and time of access) is collected automatically and stored in server log files. This data is required for the technical operation of the website and is deleted after no more than 48 hours. You cannot object to this processing, as collection is strictly necessary to operate the site. The legal basis for temporary storage is Art. 6(1)(f) GDPR, as we have a legitimate interest in processing data to provide our services.

2. Use of cookies

General

Our website uses cookies to improve usability and enable certain features. Cookies are small text files stored in your browser. Some cookies are technically necessary; others are used to analyse user behaviour.

On your first visit, we inform you about the use of cookies and how to disable them in your browser settings. You can change your cookie settings or prevent cookies from being stored at any time. Please note that if you disable cookies, some website functions may not be available.

Technically necessary cookies simplify your use of the website as a visitor. We process functionally necessary cookies on the basis of legitimate interests under Art. 6(1)(f) GDPR.

Analytics and tracking cookies are used to improve the quality of our website and its content. Analytics and tracking cookies are processed only after properly obtained consent, Art. 6(1)(a) GDPR.

Use of Usercentrics to obtain consent

We use the consent management platform “Usercentrics” by Usercentrics A/S, Havnegade 39, 1058 Copenhagen, Denmark. Usercentrics is used to obtain, document, and manage our website visitors' consent to cookies and similar tracking technologies in a legally compliant manner.

When you visit our website, a cookie banner is displayed where you can choose which cookies and services you accept. Usercentrics regularly scans our website, automatically detects cookies and trackers in use, and blocks them until you give consent. Your selection is stored to prove your consent and honour your preferences on future visits.

The following data is processed when you use Usercentrics:

• Your IP address (in anonymised form)
• Information about the browser and device used
• The website visited and the current URL
• Date and time of your consent or refusal
• Your chosen cookie preferences as proof of consent

This data is stored locally and within the EU only, solely to document your consent in accordance with GDPR requirements. It is not shared with third parties.

Processing of your personal data in connection with Usercentrics is based on Art. 6(1)(c) GDPR (legal obligation to obtain and prove consent) and, where required, on your consent under Art. 6(1)(a) GDPR.

Your consent and related data are stored for 12 months or until you withdraw your consent.

Further information: usercentrics.com/privacy-policy

IV. Contact by email, contact form, and newsletter

1. Contact by email

You can contact us by email. When you contact us by email, the data you provide (e.g. name, email address, message) is used solely to handle your request. It is not shared with third parties.

We process your data either on the basis of your consent (Art. 6(1)(a) GDPR) or, where contact is aimed at concluding a contract, on the basis of Art. 6(1)(b) GDPR.

Your data is deleted once the purpose of storage no longer applies — usually when the conversation is complete. Data collected additionally when sending the message (e.g. IP address, timestamp) is removed within seven days at the latest.

You may withdraw your consent to data processing at any time. If you withdraw consent, all personal data stored in connection with the contact will be deleted.

If you apply by email, your data is used solely for the recruitment process and is accessible only to staff responsible for hiring. If you are hired, your documents are used for your personnel file. Otherwise, we delete your application data within six months after the recruitment process ends, unless you have agreed to longer storage.

V. External links

Our website contains links to external websites whose content is outside our responsibility. Linked content was reviewed at the time of linking; ongoing monitoring is not possible.

VI. Other third-party providers

1. PostHog (web analytics)

We use the analytics tool PostHog by PostHog Inc., 2261 Market Street #4008, San Francisco, CA 94114, USA, to evaluate usage on our website. PostHog collects — only with your prior consent — data on your usage, e.g. which pages and content you view, click and interaction behaviour, device and browser information, and your truncated IP address.

PostHog works with pseudonymised usage profiles for which cookies are stored and read on your device. PostHog does not use third-party cookies or tracking for advertising (no cross-site tracking). Where used, session recording may record individual sessions; input in form fields is not recorded.

Collected user data is processed on PostHog servers; for EU users, hosting may be in Europe or the USA. PostHog Inc. is based in the USA and is certified under the EU-US Data Privacy Framework (DPF).

The legal basis is your consent (Art. 6(1)(a) GDPR). You can withdraw this consent at any time via our consent banner.

Further information: posthog.com/docs/privacy/gdpr-compliance

2. Brevo (email delivery)

We use Brevo by Sendinblue SAS (Brevo), 106 Boulevard Haussmann, 75008 Paris, France, to send emails (in particular newsletters and, where applicable, replies to contact requests). If you subscribe to the newsletter or contact us via a form, the data you provide (e.g. email address, name, and message content) is stored on Brevo servers and used to send emails or reply to you. Brevo acts as our processor.

Brevo operates its servers exclusively in the EU. Data is hosted in data centres in France, Germany, and on secured Google Cloud infrastructure in Belgium. According to Brevo, no transfer to third countries takes place. We have concluded a data processing agreement with Brevo.

Email delivery via Brevo is based on your consent (Art. 6(1)(a) GDPR) for newsletters/marketing emails or on contract performance or answering your enquiry (Art. 6(1)(b) GDPR) for transactional emails. You may withdraw consent to newsletter emails at any time with future effect.

Further information: brevo.com/legal/privacypolicy

VII. Data subject rights

If your personal data is processed, you have the following rights as a data subject under the GDPR vis-à-vis the controller:

Right of access

Under Art. 15 GDPR and Section 34 of the German Federal Data Protection Act (BDSG), you have the right to know whether and which personal data concerning you is being processed.

Right to rectification

If your data is inaccurate or incomplete, you may request rectification or completion under Art. 16 GDPR.

Right to restriction of processing

Under the conditions of Art. 18 GDPR, you have the right to request restriction of processing of your personal data.

Right to erasure

Subject to Art. 17 GDPR, you may request erasure of your personal data (“right to be forgotten”). Where data has been disclosed to third parties, the controller will inform them of your erasure request under Art. 19 GDPR.

Right to notification

If you have exercised your right to rectification, erasure, or restriction of processing, the controller must notify recipients to whom your personal data was disclosed, unless this is impossible or involves disproportionate effort.

Right to data portability

Under Art. 20 GDPR, you may request that your personal data be provided in a structured, commonly used, machine-readable format or — where technically feasible — transmitted directly to another controller.

Right to object

You have the right to object at any time to processing of your personal data on grounds relating to your particular situation (Art. 21 GDPR).

Right to withdraw consent

You may withdraw consent given for data processing at any time with future effect. Processing before withdrawal remains lawful.

Rights related to automated decision-making including profiling

You have the right not to be subject to a decision based solely on automated processing — including profiling — which produces legal effects concerning you or similarly significantly affects you (Art. 22 GDPR).

Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority if you believe that processing of your personal data violates the GDPR. The supervisory authority at the registered office of DANIC Tech GmbH is:

Change history