Privacy Policy

Privacy policy for our homepage www.natif.ai

The protection of your personal data is important to us. In the following, we would therefore like to inform you in detail about which data is collected when you visit our website and use our offers there and how it is processed or used by us in the following and which rights you are entitled to in this respect. We would like to point out that Internet-based data transmissions can have security gaps, so that we cannot guarantee absolute protection. For this reason, every data subject is free to transmit personal data to us by alternative means. Your personal data, such as your name, address, e-mail address or telephone number will only be processed by us on the basis of the statutory data protection law, the EU Data Protection Regulation (DSGVO), the Federal Data Protection Act and the Telemedia Act (TMG). The scope of the data collected and processed by us differs depending on whether you visit our website only to retrieve information or make use of services offered by us.

Name and address of the person responsible for the processing of personal data

The responsible person in the sense of the Basic Data Protection Regulation is:

natif.ai GmbH
Managing director: Johannes Korves
Campus Starterzentrum Gebäude A1 1
66123 Saarbrücken
Germany
E-Mail: contact@natif.ai

How can you reach our data protection officer?

The contact details of our external company data protection officer are: Mauß Datenschutz GmbH, Neuer Wall 10, 20354 Hamburg. You can reach our data protection officer by post (see above) or by telephone: +49 40 999 99 52-0 or by e-mail: datenschutz@datenschutzbeauftragter-hamburg.de.

Type of personal data concerned/ purposes of processing

The personal data to be processed by us include title, surname, first name, a valid e-mail address, address and telephone numbers, as well as all personal data resulting from documents submitted by you – thus all personal information that we need to be able to provide our contractual services to you. This data is collected in order to be able to identify you as our customer, to be able to process your customer order appropriately, for correspondence with you, for invoicing, for the settlement of any existing claims and for the assertion of any claims against you. Failure to provide personal data may result in the inability to execute the order.

The data processing is carried out in response to your request and is necessary according to Art. 6 para. 1 lit. b DSGVO for the stated purposes for the appropriate processing of your request or order and for the mutual fulfillment of obligations arising from the contract.

We do not carry out automated decision-making (in particular profiling).

We may share the data with our partners if we use their services to fulfill our contractual obligations to you, such as hosting service providers, external consultants (accounting/tax consultants) and the like. The data passed on may be used by the third parties exclusively for the purposes stated. The personal data processed by us within the framework of the contractual relationship will be stored until the proper fulfillment of the contract, including the statutory periods for warranty of defects, and then deleted, unless we are required under Article 6 para. 1 sentence 1 lit. c DSGVO, we are obliged to store the data for a longer period of time due to tax and commercial law or other legal obligations to store and document data (e.g. HGB, StGB or AO), or you have consented to further storage in accordance with Art. 6 Para. 1 S. 1 lit. a DSGVO.

Website components used

Server data

If you use our website for purely informational purposes, no personal data will be collected. Only the data that your Internet browser automatically transmits is collected and processed, such as:

• Browser type
• Date and time of the request
• Browser settings
• The operating system used
• Website from which you are visiting us and the website you are visiting
• Your IP address

This information is stored by us in log files for security reasons and automatically deleted after 7 days. The data present in the log files are stored separately from other data from you.

Longer storage only takes place in justified individual cases (e.g. in the event of suspected abuse or fraud or in the event of attacks on our web server). In these cases, the respective log files are stored until the facts of the case have been clarified and the resulting measures have been completed.

In order to provide you with our websites and the services provided via them, we use a service provider (web hoster) who processes your data on our behalf and exclusively in accordance with our instructions.v

ALL-INKL.COM – Neue Medien Münnich
Hauptstraße 68
02742 Friedersdorf[SS1] 

The legal basis for the processing of your data is Art. 6 para. 1 lit. f DSGVO. We have a legitimate interest in processing your data so that we can offer you our websites and the services provided via them in a technically flawless, secure manner and optimized for your needs. In addition, our other legitimate interest is to detect and prevent fraud attempts or attacks on our websites.

Use of an externally hosted tool to obtain and manage consent

We use various tools and technologies on our websites, including cookies, for the operation of which we require your consent.

For obtaining and managing your consents, we use a so-called Consent Manager. Specifically, we use the product Real Cookie Banner: Cookie Consent Management; Service provider: devowl.io GmbH, Tannet 12, 94539 Grafling, Germany; Legal basis: Legitimate interests (Art. 6 para. 1 p. 1 lit. f) DSGVO); Website: https://devowl.io/de/wordpress-real-cookie-banner/; Privacy policy: https://devowl.io/de/datenschutzerklaerung/ [SS2] [SS3] 

The Consent Manager uses technically necessary cookies to store your consents. The storage period of these cookies can be found in the information in the Consent Manager.

You can give us all consent for the tools and technologies we use in the Consent Manager and also revoke it there at any time. The Consent Manager is automatically displayed the first time you visit our website. In addition, you can open it again at any time by clicking on the link at the end of the privacy policy. All necessary details regarding cookies used or tools and technologies requiring consent can be found in the Consent Manager.

The legal basis for the use of the Consent Manager is our legal obligation to be able to prove what kind of consent you have given us (Art. 6 (1) lit c DSGVO). The decision to use an external provider is based on our legitimate interest (Art. 6 para. 1 lit. f DSGVO) to use a modern, secure and at the same time cost-effective solution.

Storage and retrieval of data on your terminal device

In order to provide the functionalities you request, including the provision of the website, we store data in your browser in accordance with § 25 TTDSG and also read them out again. For this purpose, we use so-called cookies as well as the session memory and the local memory of the browser. Without this storage and retrieval of data, our website will not function correctly.

The legal basis for the storage in and retrieval of data from your browser is our legitimate interest pursuant to Art. 6 Para. 1 lit. f DSGVO in conjunction with § 25 TTDSG to implement our websites in an appealing and secure manner and to comply with your wishes regarding the usability and functionalities of the pages.

All further information on this type of data storage and retrieval can be found in the Consent Manager (see previous section), which you can access at the end of the Privacy Policy by clicking on the corresponding link.

Use of social media plugins

We only use privacy-friendly social media plugins on our pages. You can call up all our pages without data being transmitted to social networks (Facebook, Google, Twitter, LinkedIn, Xing, etc.) when they are called up. Only when you as a user actively click on a corresponding icon (“like”, “share”, “tweet”, etc.) will the corresponding page of the respective social network be called up. The social network is solely responsible for all subsequent data transfers to this social network.

Subscription, sending and receiving our newsletter

If you sign up for our email newsletter, the data you provide will be processed for the creation and sending of the newsletter as well as for the proof of subscription to the newsletter until your revocation. The legal basis for the processing is Art. 6 para. 1 lit. a DSGVO. You can revoke your consent at any time by unsubscribing from the newsletter. You will find a corresponding link at the end of each newsletter. This also applies to the revocation of declarations of consent given to us before the DSGVO came into effect, i.e. before May 25, 2018. Please note that the revocation is effective exclusively for the future. Processing that took place before the revocation is not affected.

Regarding further rights as a data subject, we refer you to our explanations below.

To receive the newsletter, you must click on the confirmation link in the verification email that we send you after your registration in order to prove your consent. When you click on the corresponding link, we store the public IP address of the Internet connection from which the link is called, together with the date and time of the click. We process this data in order to be able to prove that you have confirmed receipt of our e-mail newsletter. The legal basis for this storage is Art. 6 para. 1 lit. c DSGVO.

You can cancel the receipt of our newsletter at any time, i.e. revoke your consent or object to further receipt. You will find a [SS4] link to cancel the newsletter either at the end of each newsletter or you can otherwise use one of the above contact options, preferably e-mail, for this purpose.

We delete the data that we require as proof that you had agreed to the sending of the newsletter after the expiry of the limitation period for corresponding obligations to provide proof.

For sending emails and newsletters, we use the following service provider, which processes your data exclusively on our behalf and in accordance with our instructions:

Sendinblue GmbH
Köpenicker Straße 126
10179 Berlin[SS5] 

Contact form

You can contact us via the form on our website. This is done for the purpose of requesting a callback, preparing an offer, application or general contact. By submitting your data, you consent to the processing of this data by us. This is done in order to be able to process your requests, insofar as this is necessary to respond to the contact requests and any requested measures. The data processed in this context are:

Your name, e-mail address and the text of your request. Optionally also your phone number.

The legal basis for processing your data in the context of contacting us is Art. 6 para. 1 lit. a DSGVO, your consent. If you apply to us, the legal basis is § 26 BDSG and serves to establish an employment relationship.

Something else only applies if the content of your contact directly serves to initiate or implement a contractual relationship existing between you and us. In these cases, we base the processing of your data on Art. 6 para. 1 lit. b DSGVO.

Your data will be deleted as soon as it is no longer required and is not subject to any legal retention obligations or you revoke your consent.

Consultation appointment via video conference

We use your personal data to arrange a consultation appointment with you and to demonstrate our demo version. For this purpose, we will send you an invitation by email. For the demonstration, we use the Microsoft Teams service, a service for online meetings and video conferencing. The service provider is the American company Microsoft Coporation One Microsoft Way, Redmond, WA 98052-6399, USA. Microsoft also processes data from you in the USA, among other places. We would like to point out that there is currently no adequate level of data protection there. This may be associated with various risks to the lawfulness and security of data processing. Standard contractual clauses (SCC) have been concluded in the context of data processing. This means that Microsoft undertakes to comply with the European level of data protection when processing data, even if the data is processed and stored in the USA. More information on the standard contractual clauses can be found at the following link: https://learn.microsoft.com/en-us/compliance/regulatory/offering-eu-model-clauses. More information on data processing by Microsoft can be found here: https://privacy.microsoft.com/de-de/privacystatement.

If you prefer a different tool than Teams, you can send us an invitation and we will use your preferred tool for the demonstration.

Registration, login and user account

Users can create a user account. In the course of registration, users are provided with the required mandatory data and processed for the purpose of providing the user account on the basis of contractual obligation fulfillment. The processed data includes in particular the login information (password as well as an e-mail address).

In the context of the use of our registration and login functions as well as the use of the user account, we store the IP address and the time of the respective user action. The storage is based on our legitimate interests as well as those of the users in protection against misuse and other unauthorized use. As a matter of principle, this data is not passed on to third parties unless it is necessary for the prosecution of our claims or there is a legal obligation to do so.

Your personal data is processed for the purpose of using our service. We store your personal data until you revoke your consent, but no longer than until the termination of your user account.

Possibility of uploading documents

On our website we offer you the possibility to upload documents (e.g. invoices). If you use the above upload option, the documents uploaded by you, including any personal data contained therein, will be stored for the purpose of processing your request and for the purpose of training our calculation models. The data will not be passed on to third parties. The legal basis for the processing in this respect is Art. 6 para. 1 b, f. DSGVO.

Application process

For the purpose of searching for applicants, submitting applications and selecting applicants, we use recruiting software or applicant management platforms and thus the services of third-party providers. Applicants can submit their applications to us here using an online form. The data is transmitted to us in encrypted form in accordance with the state of the art. Applicants can also send us their applications by e-mail. Please note, however, that e-mails sent via the Internet are generally not encrypted. As a rule, e-mails are encrypted in transit, but not on the servers from which they are sent and received. We can therefore accept no responsibility for the transmission path of the application between the sender and receipt on our server. Alternatively, applicants can also send us the application by post.
The data transmitted as part of your application is transferred via TLS encryption and stored in a database. This database is operated by Personio GmbH, which offers a personnel administration and applicant management software (https://www.personio.de/impressum/). Personio is our order processor in this context according to Art. 28 DSGVO. The basis for the processing here is an order processing contract between us as the controller and Personio. 

We process your data on the legal basis of Art. 6 (1) p. 1 lit. b DSGVO (application procedure as a pre-contractual or contractual relationship) in conjunction with § 26 BDSG.

The data provided by applicants may be further processed by us for the purposes of the employment relationship in the event of a successful application. Otherwise, if the application for a job offer is not successful, the applicants’ data will be deleted. Applicants’ data will also be deleted if an application is withdrawn, which applicants are entitled to do at any time. Subject to a justified withdrawal by the applicants, the deletion will take place at the latest after the expiry of a period of six months so that we can answer any follow-up questions about the application and meet our obligations to provide evidence under the regulations on equal treatment of applicants.

Inclusion in an applicant pool, if offered, is based on consent. Applicants are informed that their consent to inclusion in the talent pool is voluntary, has no influence on the current application process and that they can revoke their consent at any time for the future.

Instagram fanpage

Responsible for this fanpage together with natif.ai GmbH (the: Facebook Ireland Ltd. (hereinafter referred to as “Facebook”) (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland).

Facebook’s Privacy Officer can be contacted via the following link: https://www.facebook.com/help/contact/540977946302970.

The Instagram-Profile of natif.ai GmbH and the processing of personal data associated with it has the following purposes:

• Presentation of the content published by natif.ai GmbH via the Instagram profile.
• Communication between natif.ai GmbH and Instagram users, e.g. by following the profile or commenting on the content
• Linking to other online content that may be of interest to users of the site

The legal basis for this is Art. 6 para. 1 lit. f DSGVO. The legitimate interest is to provide interested users with insights into the daily work of natif.ai GmbH and to present information via the fan page and communicate via the application.

The Instagram profile of natif.ai GmbH is part of the online platform operated by Facebook. The purposes of the data processing by Instagram associated with this platform, in particular the operation of the platform itself and the placement of advertisements on the platform, the legal bases for this and the legitimate interests pursued in doing so are described in Instagram’s data policy at https://www.instagram.com/legal/privacy/.

In the relationship between natif.ai GmbH and Instagram, the T&Cs of Instagram, including the further terms, policies and pages linked therein, specify which of them fulfills which obligations under the GDPR.

natif.ai GmbH does not process any personal data within the framework of the Instagram profile. In particular, natif.ai GmbH does not operate the Internet servers on which the contents of the Instagram profiles and the associated communication with Instagram users are stored and processed. The internet servers for the Instagram platform are exclusively operated by Instagram. The categories of personal data that Instagram processes in this context are described in Instagram’s privacy policy. 

natif.ai GmbH has no influence whatsoever with regard to data processing and can only see the public information of your profile. You decide what this is specifically in your Instagram settings.

natif.ai GmbH receives personal data when you actively communicate it to us via a personal message on Instagram. We use your data (e.g. first name, last name, user name) to respond to your request.

In addition, natif.ai GmbH receives anonymous statistics from Facebook about visitors to the Instagram profile. These statistics are not personal, as they no longer allow conclusions to be drawn about individual users.

The following information is provided in detail:

• Follower: Number of people natif.ai GmbH – including growth and development over a defined time frame.
• Reach: Number of people who see a specific post. Number of interactions on a post. This can be used, for example, to determine which content is better received by the community than others. 
• Ad performance: How many people were reached and interacted with a post or paid ad?

These statistics are used to constantly improve our online offer on Instagram and to better respond to the interests of our users. We cannot link the statistical data with the profile data of our fans.

We do not process any personal data within the framework of the Instagram profile of natif.ai GmbH. For this reason, no data is transmitted by us to third parties. Messages and their contents via the chat functions are also not forwarded to third parties.

Within the scope of data collection, only messages and their contents are stored. natif.ai GmbH deletes these messages after processing the message or at the latest after expiry of the retention period of 6 years under commercial and tax law.

Insofar as Facebook processes personal data as part of its Instagram platform, the respective storage period by Instagram is described in Instagram’s Data Policy at https://www.instagram.com/legal/privacy/.

Information on your rights as well as further information on data processing on our website can be found in the data protection notices in the course of this data protection declaration.

Your rights

Wenn Sie von einem Ihnen zustehenden Recht Gebrauch machen möchten, wenden Sie sie bitte an uns als Verantwortlichen unter den oben angegebenen Kontaktdaten oder nutzen Sie eine der anderen von uns angebotenen Arten uns diese Mitteilung zukommen zu lassen.

Right to information

According to Art. 15 of the DSGVO, you have the right to request confirmation from us as to whether personal data relating to you is being processed by us. If this is the case, you have a right to information about this personal data and to further information, which are mentioned in Art. 15 DSGVO.

Right of rectification/supplementation

According to Art. 16 DSGVO, you have the right to demand that we correct incorrect personal data concerning you without undue delay. Taking into account the purposes of the processing, you also have the right to request the completion of incomplete personal data – also by means of a supplementary declaration.

Right to deletion

You have the right to demand that we delete personal data relating to you without delay. We are obliged to delete personal data without delay, provided that the relevant requirements of Art. 17 DSGVO are met. For details, please refer to Art. 17 DSGVO.

Right to restriction of processing

In accordance with Art. 18 DSGVO, you have the right under certain conditions to demand that we restrict the processing of your personal data.

Right to data portability

According to Art 20 DSGVO, you have the right to receive the personal data concerning you that you have provided to us in a structured, common and machine-readable format, and you have the right to transfer this data to another controller without hindrance from us, provided that the processing is based on consent pursuant to Article 6(1)(a) DSGVO or Article 9(2)(a) DSGVO of on a contract pursuant to Article 6(1)(b) DSGVO and the processing is carried out with the help of automated processes.

Right to withdraw consent

According to Art. 7 DSGVO, you have the right to revoke your consent at any time and without giving reasons. Please note that a revocation applies exclusively to the future and does not affect the lawfulness of processing carried out in the past.

Right of appeal

Pursuant to Art. 77 DSGVO, you have the right to lodge a complaint with the supervisory authority, without prejudice to any other administrative or judicial remedy. This right exists in particular in the Member State of your residence, workplace or the place of the alleged infringement, if you believe that the processing of personal data concerning you violates the GDPR.

1.1.1. Subject to change

We reserve the right to change the security and data protection measures at any time, especially if this becomes necessary due to technical developments. In these cases, we will also adapt this data protection notice accordingly, if necessary. Please therefore note the current version of this data protection notice.

1.2. Cookie Settings