Privacy Notice

Protecting the confidentiality, integrity, and availability of personal data is our highest priority. The following information explains the nature, scope, and purposes of processing personal data when visiting our website and in connection with the use of our platform (collectively, the “Services”)—insofar as we act as the controller—as well as the rights to which you, as a data subject, are entitled.

Controller, Contact, Data Protection Officer

Qontext GmbH

Bergstraße 16/17, c/o Lorenz Hieber, 10115 Berlin

Email: lorenz@qontext.ai

Data Protection Officer: Nikita Kowalski

Email: nikita@qontext.ai

Further information can be found in the imprint on our website.

Data Collection When Visiting the Website / Using the Platform

To provide our Services in a stable and secure manner, our systems automatically process log data (“server log files”) when our Services are accessed, including:

  • IP address of the device used to access our website,

  • Referrer URL,

  • Date and time of access,

  • Requested resources/pages and HTTP status,

  • Transferred data volume,

  • Device, operating system, browser, language/version.

These data are stored in encrypted form, used solely to ensure technical operation (including IT security), and deleted at regular intervals. The legal basis is Art. 6(1)(f) GDPR (legitimate interest in providing secure Services).

When using the platform, additional session-related technical information (e.g., session IDs, user identifier, IP/MAC address, technical session details) may be logged—for example, in the event of error messages—to analyze disruptions and improve stability. The legal basis is Art. 6(1)(f) GDPR.

Tenant Separation & Encryption: Customer data are stored strictly segregated on a logical/technical basis and are encrypted both in transit (TLS) and at rest (at least AES-256).

Contact by Email / Customer Support

When you contact us by email, we process the personal data you provide (e.g., name, email address, content of the message) to handle your request. The legal bases are Art. 6(1)(f) GDPR (legitimate interest in communication) and Art. 6(1)(b) GDPR (pre-contractual/contractual communications). Data are deleted once processing is complete unless statutory retention obligations apply. In commercially/tax-relevant cases, data are generally retained for up to 10 years (§ 147(3) AO).

For validation purposes, we may process email addresses (possibly with names) to ensure their validity (Art. 6(1)(f) GDPR).

Direct Marketing to Existing Customers

If you provide your email address in the course of a paid contract, we may use it to send direct marketing regarding our own, similar products/services (Art. 6(1)(f) GDPR in conjunction with § 7(3) UWG). You can object at any time; each email contains an unsubscribe link, or you can contact nikita@qontext.ai.

Registration of a Customer Account

You may create a customer account for trials or subscriptions. We process, among other things:

  • IP address, date/time of registration,

  • Name, email address, phone number,

  • Company and address data.

The legal basis is Art. 6(1)(b) GDPR. Data are deleted once the purpose ceases (e.g., account deletion), unless statutory obligations require otherwise.

Paid Subscriptions / Payments

When you purchase paid Services, we process, among other things:

  • IP address, date/time of the order,

  • Contact details (email),

  • Payment data (via payment service provider),

  • Selected subscription and any additional order data.

For payment processing, we transmit the necessary data to the payment service provider used (e.g., use of a subscription ID). The legal basis is Art. 6(1)(b) GDPR. Statutory retention obligations (in particular tax law) remain unaffected (generally up to 10 years).

Use of Processors

We use carefully selected service providers as processors (Art. 28 GDPR) for hosting, provision of technical infrastructure, support/communications, payment processing, analytics/validation, and internal administrative processes. These providers are contractually obligated to process personal data only in accordance with our instructions and to implement appropriate technical and organizational measures. Where possible, processing takes place within the EU/EEA.

Data Transfers to Third Countries

Processing generally takes place within the EU/EEA. If, in exceptional cases, data are transferred to a third country, such transfer occurs only under the conditions of Arts. 44 et seq. GDPR (e.g., adequacy decision, EU Standard Contractual Clauses, certification under the EU–US Data Privacy Framework, or applicable derogations under Art. 49 GDPR). For questions or to obtain copies of appropriate safeguards (e.g., SCCs), please contact nikita@qontext.ai.

Storage Period

Unless a shorter period is stated in this notice, we store personal data only for as long as necessary (i) to provide the Services to you and/or (ii) for the performance of the contractual relationship; thereafter, data are retained only to the extent required by statutory retention obligations. Once the purposes cease and/or retention periods expire, data are deleted.

Cookies and Similar Technologies

We use cookies and comparable technologies (e.g., pixels). Necessary cookies are required for operating our Services (§ 25(2) no. 2 TDDDG; subsequent processing: Art. 6(1)(f) GDPR). Analytics/convenience technologies are used only with your consent (§ 25(1) TDDDG; Art. 6(1)(a) GDPR). You may withdraw your consent at any time via the cookie banner (footer link “Cookies”). Disabling cookies may limit functionality. Browser-specific guidance for cookie control is available for Edge, Firefox, Chrome, Safari, and Opera.

Your Rights

Subject to the statutory requirements, data subjects have the following rights:

  • Access (Art. 15 GDPR),

  • Rectification (Art. 16 GDPR),

  • Erasure (Art. 17 GDPR),

  • Restriction of processing (Art. 18 GDPR),

  • Data portability (Art. 20 GDPR),

  • Objection to processing based on legitimate interests (Art. 21 GDPR).

Where processing is based on consent, you may withdraw your consent at any time with future effect (Art. 7(3) GDPR). To exercise your rights, please contact nikita@qontext.ai. You also have the right to lodge a complaint with a supervisory authority (Art. 77 GDPR).

Right to object to direct marketing: If you object to processing for direct marketing purposes, your data will no longer be used for such purposes. You may submit your objection at any time to nikita@qontext.ai.

Updates to This Notice

We update this privacy notice when required due to changes in the factual or legal situation, or to account for technical or economic developments. We will inform you of material changes in an appropriate manner. If you continue to use our Services after such notice, we will assume that you have taken note of the updated version.