Privacy Policy

1. Purposes, data types, legal bases

We process personal data to operate this website, respond to inquiries, send newsletters, handle pilot program applications, and ensure operational security.

Data types (depending on use):

• Identity data: first and last name
• Contact data: e-mail address, phone number
• Organization data (pilot program): school/institution, type of school, city, state, number of students/teachers
• Usage/meta data: IP address, date/time, request headers, device/browser information
• Consent data: timestamp, categories, log ID (cookie/consent)

Legal bases (Art. 6 GDPR):

• Art. 6(1)(b) GDPR (pre-contractual/contractual measures), e.g., pilot program registration
• Art. 6(1)(a) GDPR (consent), e.g., newsletter, non-essential cookies/external content, Google Places Autocomplete
• Art. 6(1)(f) GDPR (legitimate interests), e.g., IT security, abuse prevention, server logs
• Art. 6(1)(c) GDPR (legal obligations), e.g., commercial/tax retention

2. Hosting, delivery, server logs

Our website is operated with a European hosting/CDN provider. When you access the site, the following technically necessary data are processed:

• Processed data: IP address, date/time, time zone, referrer URL, requested resources, HTTP status, user agent
• Purposes: content delivery, stability/security, abuse/error analysis
• Legal basis: Art. 6(1)(f) GDPR
• Storage period: server logs are regularly deleted once no longer required for these purposes.

3. Contact, pilot program, newsletter

Contact form / e-mail

• Purpose: handling inquiries
• Legal basis: Art. 6(1)(b) GDPR (initiation), where applicable Art. 6(1)(f) GDPR (interest in efficient communication)
• Storage period: inquiries up to 12 months after completion; longer only if legally required.

Pilot program registration

• Purpose: assessment/contact for participation
• Data: see “Organization data” above
• Legal basis: Art. 6(1)(b) GDPR (pre-contractual measures)
• Storage period: for the duration of initiation/participation, then as required by law (e.g., 6–10 years for business records).

Newsletter (double opt-in)

• Purpose: sending updates/information
• Process: double opt-in (sign-up, confirmation e-mail, logging of consent)
• Legal basis: Art. 6(1)(a) GDPR
• Withdrawal: at any time with future effect (unsubscribe link in every e-mail)
• Logging: timestamp, IP/hash, opt-in status (proof of consent)

4. Cookies, consent, external content

We use essential cookies/storage (e.g., session, security, consent storage) and—only with consent—other categories (statistics, marketing, external content). Details and choices are provided in the cookie pop-up and in our Cookie Policy.

• Legal bases: Sec. 25(2) No. 2 TTDSG (essential), Sec. 25(1) TTDSG in conjunction with Art. 6(1)(a) GDPR (non-essential)
• Withdrawal: at any time via “Cookie Settings” in the footer (consent is reconfirmed at least every 12 months)

5. Google Places Autocomplete (city/state/postal code)

To reduce input errors, our forms offer place autocompletion. When typing in the city field, requests are sent to the maps provider; after selection, postal code and state are filled automatically.

• Processed data: typed text, IP address, browser data; provider cookies/storage where applicable
• Purpose: user-friendly and accurate address capture
• Legal basis: Art. 6(1)(a) GDPR (your consent via the cookie/consent banner under “External content/Functional”)
• Recipients/third countries: depending on the provider, data may be transferred to third countries (e.g., USA); appropriate safeguards (e.g., EU Standard Contractual Clauses) are used.
• Requirement to provide data: voluntary; without consent, autocompletion may be disabled and entries must be made manually.

Note: You can link the specific provider (e.g., Google Ireland Ltd.) and its privacy notice in your Cookie Policy/technical docs.

6. Recipients of data

• IT/hosting providers, CDN, e-mail/newsletter services (processors)
• Consulting/support/development (where necessary, processors)
• Authorities/tax advisors where legally required

Processor agreements are concluded pursuant to Art. 28 GDPR.

7. International transfers

If service providers outside the EU/EEA are used or data are processed there for technical reasons, we ensure an adequate level of protection (e.g., EU Standard Contractual Clauses, additional measures). Details follow from the Cookie Policy or are available on request.

8. Storage periods

We store personal data only as long as necessary for the respective purposes or where legal obligations apply. Afterwards, data are deleted or anonymized. Typical periods:

• Contact/pilot inquiries: up to 12 months after completion
• Contract/business records: 6 or 10 years (HGB/AO)
• Newsletter data: until withdrawal of consent
• Consent logs: generally 12–24 months

9. Your rights

Subject to statutory conditions, you have the rights to access (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction (Art. 18), data portability (Art. 20), and objection (Art. 21 GDPR).

You may withdraw consent at any time with future effect (Art. 7(3) GDPR).

To exercise your rights, please use the contact details above.

Right to lodge a complaint:

You may lodge a complaint with a supervisory authority, e.g., the authority responsible for your place of residence or for the controller.

10. Obligation to provide data / consequences

There is no statutory obligation to provide personal data. However, certain information is required for specific functions (e.g., pilot program, newsletter); without such data, processing may not be possible.

11. Security

We implement technical and organizational measures to protect personal data against loss, misuse, and unauthorized access, and continuously adapt these measures to the state of the art (Art. 32 GDPR).

12. Minors

Our offering is aimed at institutions, teachers, and guardians. We process data of minors only where necessary for the purposes and legally permissible.

13. Changes to this notice

We update this Privacy Policy when legal or technical changes make this necessary. The current version is available on this page.