Privacy Policy

1. Controller

The controller responsible for data processing on this website is:

Nikolai Chigrin

Auf dem Felde 18

58455, Witten

Germany

Email: contact@aiki-agent.com

Phone: +491788270579

2. Overview of Processing Operations

2.1 Types of Data Processed

Inventory data (e.g., names, addresses)

Contact data (e.g., email addresses, phone numbers)

Content data (e.g., text entries in forms)

Usage data (e.g., visited web pages, interest in content, access times)

Meta/communication data (e.g., device information, IP addresses)

2.2 Categories of Data Subjects

Website visitors, newsletter subscribers, users of our services

2.3 Purposes of Processing

Provision of the website and its functionalities

Security measures

Analytics/Marketing

Newsletter distribution

Spam protection through CAPTCHA services

2.4 Legal Bases

Art. 6 para. 1 lit. a GDPR - Consent

Art. 6 para. 1 lit. b GDPR - Contract performance

Art. 6 para. 1 lit. f GDPR - Legitimate interests

Art. 6 para. 1 lit. c GDPR - Legal obligation

3. Applicable Legal Framework

This privacy policy is based on:

EU General Data Protection Regulation (GDPR)

German Federal Data Protection Act (BDSG)

German Telecommunications and Digital Services Data Protection Act (TDDDG)

4. Security Measures

In accordance with Art. 32 GDPR, taking into account the state of the art, implementation costs, and the nature, scope, circumstances, and purposes of processing, as well as the different likelihood and severity of risks to the rights and freedoms of natural persons, we implement appropriate technical and organizational measures.

These measures include securing the confidentiality, integrity, and availability of data through control of physical access to data, as well as access, input, transmission, availability assurance, and data separation controls.

5. Collection of Access Data and Log Files

5.1 Purpose and Legal Basis

Information is automatically captured in server log files with each access to our website. This serves the technical provision of the website and ensuring IT security.

Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interests)

5.2 Processed Data

IP address of the accessing device

Date and time of the request

Name and URL of the retrieved file

Website from which access occurred (referrer URL)

Browser and operating system used

HTTP status code

5.3 Storage Duration

Data is automatically deleted after 7 days, unless legal retention obligations exist or the data is needed for investigating and defending against attacks on our IT infrastructure.

6. Cookies and Cookie Consent

6.1 General Information about Cookies

We use cookies on our website. Cookies are small text files stored on your device. Some of the cookies we use are deleted after the browser session ends (session cookies), while others remain on your device longer and enable recognition of your browser on your next visit (persistent cookies).

6.2 Cookie Categories

6.2.1 Technically Necessary Cookies

These cookies are required for the basic functionality of the website.

Legal basis: Art. 6 para. 1 lit. f GDPR and § 25 para. 2 TDDDG

Processed Cookies:

Cookie consent preferences (Storage duration: 1 year)

6.2.2 Analytics Cookies (only with consent)

These cookies are only set if you have given your consent via our cookie banner.

Legal basis: Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG

6.3 Cookie Management

You can change your cookie settings at any time through the cookie settings at the bottom of our website. Your preferences are stored in a cookie on your device.

7. Google Analytics

7.1 Scope of Processing

We use Google Analytics only after your explicit consent. Google Analytics is a web analytics service by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

7.2 Legal Basis

Art. 6 para. 1 lit. a GDPR - Consent via cookie banner

7.3 Processed Data

IP address (anonymized)

Browser information

Operating system

Referrer URL

Visited pages and dwell time

Online identifiers (Google Analytics Client ID)

Device information

7.4 Purpose of Processing

Analysis of user behavior

Website optimization

Audience measurement

7.5 Data Transfer to Third Countries

Google Analytics transfers data to the USA. Google LLC is certified under the EU-US Data Privacy Framework, ensuring an adequate level of data protection.

7.6 Storage Duration

Google Analytics stores data according to our configured settings for a maximum of 14 months.

7.7 Right to Object

You can withdraw your consent at any time through cookie settings. Additionally, you can install the Google Analytics Opt-out Browser Add-on: https://tools.google.com/dlpage/gaoptout

8. Google Tag Manager

8.1 Scope of Processing

We use Google Tag Manager only after your consent for managing website tags and marketing codes.

8.2 Legal Basis

Art. 6 para. 1 lit. a GDPR - Consent via cookie banner

8.3 Functionality

Google Tag Manager itself does not set cookies and does not collect personal data. It loads other tools (tags) only after your consent.

8.4 Processed Data

Only technical information for tag execution

No personal data by the Tag Manager itself

8.5 Provider

Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland

9. Newsletter Service with Resend

9.1 Newsletter Registration

You can subscribe to our newsletter only after explicit consent. We use the double opt-in procedure.

9.2 Legal Basis

Art. 6 para. 1 lit. a GDPR - Consent

9.3 Processed Data

Email address

Time of registration

IP address at time of registration (as proof of consent)

Double opt-in confirmation status

9.4 Service Provider

We use Resend (Resend, Inc.) for sending our newsletters. Resend is GDPR-compliant and has implemented appropriate data protection measures.

Provider: Resend, Inc., USA

Website: https://resend.com

Privacy Policy: https://resend.com/legal/privacy

9.5 Data Transfer

Your email address is transferred to Resend in the USA. Resend provides standard contractual clauses for data protection-compliant transfer.

9.6 Unsubscription

You can unsubscribe from the newsletter at any time:

Via the unsubscribe link in each newsletter email

By email to [INSERT EMAIL]

Through newsletter settings on our website

10. CAPTCHA Services

10.1 Purpose

We use CAPTCHA services to protect against automated requests (spam, bots) in our forms.

10.2 Legal Basis

Art. 6 para. 1 lit. f GDPR - Legitimate interests (protection against abuse)

10.3 Processed Data

IP address

Browser information

Device information

Interaction data with the CAPTCHA

Temporary session data

10.4 Service Provider

Cap Captcha hosted on a server in germany.

10.5 Storage Duration

Data is processed only for the duration of the CAPTCHA verification and then automatically deleted.

11. Redis Cache Storage

11.1 Purpose

We use Redis as a cache system to improve website performance and user experience.

11.2 Legal Basis

Art. 6 para. 1 lit. f GDPR - Legitimate interests (technical optimization)

11.3 Processed Data

Session data

Temporary website content

Performance data

IP addresses (anonymized)

11.4 Storage Duration

Data in the Redis cache is automatically deleted after configurable time intervals (TTL - Time To Live), typically between a few minutes and maximum 24 hours.

11.5 Storage Location

The Redis instance is operated on servers within the EU.

12. Data Subject Rights

You have the following rights regarding your personal data:

12.1 Right to Information (Art. 15 GDPR)

You can request information about the personal data we process.

12.2 Right to Rectification (Art. 16 GDPR)

You have the right to request correction of incorrect or incomplete data.

12.3 Right to Erasure (Art. 17 GDPR)

You can request deletion of your personal data, provided no legal retention obligations exist.

12.4 Right to Restriction of Processing (Art. 18 GDPR)

You can request restriction of processing of your data.

12.5 Right to Data Portability (Art. 20 GDPR)

You have the right to receive your data in a structured format.

12.6 Right to Object (Art. 21 GDPR)

You can object to the processing of your data based on legitimate interests.

12.7 Right to Withdraw Consent (Art. 7 para. 3 GDPR)

You can withdraw given consents at any time. The withdrawal is effective for the future.

12.8 Right to Lodge a Complaint (Art. 77 GDPR)

You have the right to lodge a complaint with a data protection supervisory authority.

13. Data Security

13.1 Encryption

Our website uses SSL/TLS encryption for secure data transmission.

13.2 Access Control

Access to personal data is only possible for authorized persons and is logged.

13.3 Backup and Recovery

Regular backups are created and securely stored. Backup data is subject to the same data protection provisions.

14. Data Deletion

14.1 Principle

Personal data is deleted as soon as it is no longer necessary for the purposes for which it was collected.

14.2 Retention Periods

Server log files: 7 days

Cookie preferences: 1 year or until withdrawal

Newsletter registrations: Until unsubscription

Google Analytics data: 14 months (configurable setting)

Redis cache: Automatic deletion after TTL (maximum 24 hours)

CAPTCHA data: Immediately after processing

14.3 Legal Retention Obligations

Where legal retention obligations exist, deletion occurs after expiration of these periods.

15. Data Transfer to Third Parties

15.1 Principle

Transfer of your personal data to third parties only occurs:

With your explicit consent

For contract fulfillment

Based on legitimate interests

Due to legal obligation

15.2 Data Processors

We work with the following data processors:

Google (Analytics, Tag Manager): Web analytics and marketing tags

Resend: Newsletter service

Cap Captcha: Spam protection

Hetzner Cloud: Website hosting

Appropriate data processing agreements according to Art. 28 GDPR exist with all data processors.

16. Automated Decision-Making

We do not use automated decision-making processes according to Art. 22 GDPR that have legal effect or similarly significantly affect you.

17. Protection of Minors

Our website is not directed at persons under 16 years of age. We do not knowingly collect personal data from children under 16 years of age.

18. Changes to the Privacy Policy

18.1 Updates

This privacy policy is regularly reviewed and updated as necessary.

18.2 Notification

We inform you of significant changes via the website or email (if your email address is known to us).

18.3 Current Version

The current version can be found at: [WEBSITE-URL]/privacy

19. Contact for Privacy Questions

For privacy questions, you can contact us at any time:

Email: contact@aiki-agent.com

Phone: +491788270579

Last updated: 06.10.2025