Privacy Policy
Last updated: 16 June 2025
This privacy notice explains the nature, scope and purpose of the processing of personal data (hereinafter "data") within our online offering and the related websites, functions and content (hereinafter collectively referred to as the "website").
1. Controller
CronAI UG (haftungsbeschränkt)
Vogelweidestr. 3
81677, München
Germany
E-mail: support @ cronai . de
Managing Director: Tobias Krug
2. Data Protection Officer
If you have any questions regarding data protection, you can contact our Data Protection Officer at any time:
Tobias Krug
Vogelweidestr. 3
E-mail: support @ cronai . de
3. Terminology
This privacy notice uses the terms defined in Art. 4 of the EU General Data Protection Regulation (GDPR), such as "personal data", "processing" or "data subject".
4. Overview of Processing Operations
4.1 Access Data / Server Log Files
Every time you access our website, we (or our hosting provider) process so-called server log files that your browser transmits. These include:
- IP address of the requesting device
- Date and time of access
- Name of the retrieved file / page
- Referrer URL
- HTTP status code
- Amount of data transferred
- Browser type and version
- Operating system
Legal basis: Art. 6 (1) f GDPR (legitimate interest in the technical provision and security of the website).
4.2 Contacting Us (e.g. contact form, e-mail)
If you contact us, we process your details (name, e-mail address, message and any other voluntary information) for the purpose of handling the enquiry.
Legal basis: Art. 6 (1) b GDPR (contract initiation) or Art. 6 (1) f GDPR (legitimate interest in efficient communication).
4.3 Contract Fulfilment / Orders
For the performance of a contract or pre-contractual measures we process the necessary data in accordance with Art. 6 (1) b GDPR.
4.4 Cookies & Local Storage
We use cookies and similar technologies on our website. Cookies are small text files stored on your device. Non-essential cookies are only set after you have given your consent (Sec. 25 (1) TTDSG, Art. 6 (1) a GDPR).
Name | Provider | Purpose | Retention | Type |
---|---|---|---|---|
NEXT_LOCALE | cronai.de | Stores the language selected by the user | 1 year | Functional / essential |
You can adjust your cookie preferences at any time via the "Cookie settings" link in the footer.
4.5 Web Analytics
N/A
4.6 Embedded Content / Third-Party Services
When embedding external services (e.g. Google Fonts, YouTube), data may be transferred to third countries. Details can be found in section 7.
5. Legal Bases for Processing
We process your data solely on the basis of one of the following legal grounds:
- Art. 6 (1) a GDPR – your consent
- Art. 6 (1) b GDPR – performance of a contract or steps prior to entering into a contract
- Art. 6 (1) c GDPR – legal obligation
- Art. 6 (1) f GDPR – legitimate interests
Our legitimate interests include in particular the secure and economically efficient provision of our online offering.
6. Recipients & Processors
Data is only disclosed if permitted by law or if you have consented. Possible categories of recipients are:
- IT service providers / hosting providers
- Payment service providers
- Public authorities and courts where a legal obligation exists
Processing agreements pursuant to Art. 28 GDPR are in place with all processors.
7. Data Transfers to Third Countries
If we transfer data to recipients outside the EU/EEA, this is only done if an adequacy decision of the EU Commission exists, we use standard contractual clauses, or you have expressly consented.
8. Retention Period
Unless a specific retention period is stated in this notice, we delete personal data once the purpose for processing has been fulfilled and no statutory retention obligations oppose deletion. Log files are stored for security reasons for a maximum of 365 days and then anonymised.
9. Security of Processing
We take appropriate technical and organisational measures pursuant to Art. 32 GDPR to protect your data against loss, destruction and unauthorised access. These include HTTPS encryption, access restrictions and regular security updates.
10. Rights of Data Subjects
You have the following rights with respect to your personal data:
- Right of access (Art. 15 GDPR)
- Right to rectification (Art. 16 GDPR)
- Right to erasure (Art. 17 GDPR)
- Right to restriction of processing (Art. 18 GDPR)
- Right to data portability (Art. 20 GDPR)
- Right to object (Art. 21 GDPR)
- Right to withdraw consent at any time (Art. 7 (3) GDPR)
- Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)
11. Withdrawal of Consent & Objection to Processing
You may withdraw consent at any time with future effect. You may also object to processing based on legitimate interests on grounds relating to your particular situation.
12. Obligation to Provide Data
There is generally no statutory or contractual obligation to provide data. However, without certain data (e.g. IP address) the use of the website is technically impossible.
13. Automated Decision-Making / Profiling
Automated decision-making within the meaning of Art. 22 GDPR does not take place.
14. Changes to this Privacy Policy
We reserve the right to amend this privacy notice in order to adapt it to changed legal situations or to changes in the service or data processing. The current version can always be found on this page.