Privacy Policy

1. Controller

The controller responsible for the processing of personal data on this website is:

Company

kAIzen Innovations

Address

[Please add company address]

Email

info@kaizen-innovations.com

Authorized representative

[Please add authorized representative]

2. General information on data processing

We process personal data only to the extent necessary to provide this website, handle inquiries, communicate with prospective customers or comply with legal obligations.

Processing is based in particular on Art. 6(1)(b) GDPR where your inquiry relates to pre-contractual communication, a demo or a pilot project. Where processing is required to ensure website operation, document inquiries or organize business communication internally, it may be based on Art. 6(1)(f) GDPR.

3. Contact form

When you use our contact form, we process the information you provide in order to respond to your inquiry, prepare an initial consultation, coordinate a demo or discuss a potential pilot project.

The fields marked as required in the form are needed to process your inquiry in a meaningful way. Optional information such as phone number, role, industry, ERP system or message helps us better understand your request but is not mandatory.

The contact form asks for your consent to process the form information for handling your inquiry. The legal basis for this is Art. 6(1)(a) GDPR. Where the inquiry relates to pre-contractual communication, Art. 6(1)(b) GDPR may also apply. In addition, Art. 6(1)(f) GDPR may apply where we have a legitimate interest in processing, documenting and internally organizing business inquiries.

We store your information only for as long as necessary to handle your inquiry and any follow-up communication. If no contract, demo or pilot project relationship is established, the data is generally deleted after communication has been completed unless statutory retention obligations or legitimate interests require longer retention.

Based on the current website implementation, information submitted via the contact form is not used to train AI models. No automated decision is made based on your inquiry on this website. Internal practice must be confirmed before launch.

Specific deletion periods must be defined internally and added here: [Please verify retention period].

4. Contact by email

If you contact us by email, we process the personal data you provide, in particular your email address, your name, the content of your message and any further information you voluntarily submit.

Processing is carried out to handle and respond to your inquiry.

The legal basis is Art. 6(1)(b) GDPR where your inquiry relates to pre-contractual communication. In other cases, processing may be based on Art. 6(1)(f) GDPR.

STRATO GmbH is used for email/SMTP communication.

5. Server log files

When you access our website, technically necessary access data is processed in order to provide the website securely and reliably.

The legal basis is Art. 6(1)(f) GDPR. Our legitimate interest is the secure and functional provision of the website.

The retention period for server log files depends on the technical configuration of the hosting provider and must be added once confirmed.

Form contents and sensitive free-text messages should not be fully written to technical logs.

6. Hosting

Our website is operated on a vServer provided by STRATO GmbH. Personal data generated when visiting the website may be processed in this context, especially technical access data.

Where the hosting provider acts as a processor, processing is carried out on the basis of an appropriate data processing agreement.

Hosting provider

STRATO GmbH, vServer

7. Cookies, local storage and technically necessary functions

Our website uses only technically necessary storage mechanisms to the extent required for website operation, security, form processing or language routing.

This may include security mechanisms such as anti-forgery tokens, technically necessary status information after form submissions or settings related to the selected language.

We currently do not use tracking or marketing cookies and do not use external analytics tools unless explicitly named in this Privacy Policy.

8. Recipients and service providers

Within kAIzen Innovations, only those functions that need the data to handle the inquiry or operate the website receive access to personal data.

The currently implemented local ContactSubmissionService is a stub and does not describe an active SMTP, CRM or API transfer. If email sending, CRM integration or an external API is added later, this Privacy Policy must be updated accordingly.

Further concrete service providers must be added once they have been confirmed.

9. Third-country transfers

A transfer of personal data to countries outside the European Union or the European Economic Area only takes place where an appropriate legal basis and suitable safeguards are in place.

Current assessment

[Please review and add third-country transfer assessment]

No blanket statement is made that third-country transfers do not occur until hosting, email, CRM and other service providers have been finally reviewed.

10. Retention period

We store personal data only for as long as necessary for the respective purposes or as required by statutory retention obligations.

Data from contact form inquiries is stored for the duration of processing and follow-up communication. If a contract, demo or pilot project relationship is established, the data may continue to be processed within the business relationship and retained in accordance with legal obligations.

Specific deletion periods must be defined internally and added here.

11. Security of processing

We take technical and organizational measures to protect personal data against loss, misuse, unauthorized access and unauthorized disclosure.

Further technical and organizational measures must be reviewed before launch based on the actual operating environment.

12. Your rights

Subject to the statutory requirements, you have various rights regarding your personal data.

To exercise your rights, you can contact us at info@kaizen-innovations.com.

13. Right to lodge a complaint with a supervisory authority

You have the right to lodge a complaint with a data protection supervisory authority if you believe that the processing of your personal data violates data protection law.

The supervisory authority responsible for kAIzen Innovations must be added once the company seat has been finalized.

14. Automated decision-making

Based on the current website implementation, no automated decision-making, including profiling, takes place when visiting this website or using the contact form that produces legal effects concerning you or similarly significantly affects you.

This statement must be checked against actual internal practice before launch.

15. Pilot projects and production data

This Privacy Policy covers the use of this website and contact via form or email. The processing of company, production, ERP, calculation or order data as part of a pilot project will be assessed and contractually agreed separately.

As part of a pilot project, it will be jointly determined which data is required, for which purposes it is processed, which technical architecture is used and which safeguards are necessary.

Website inquiries and later pilot projects involving production or ERP data are intentionally assessed separately.

16. Changes to this Privacy Policy

We may update this Privacy Policy if the website, data processing activities or legal requirements change. The current version is available on this page.