Privacy Policy
1. Privacy at a Glance
General Information
The following notices provide a simple overview of what happens to your personal data when you visit this website. Personal data is any data that can be used to personally identify you. For detailed information about data protection, please refer to our privacy policy below.
Data Collection on this Website
Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator. You can find their contact details in the section 'Information about the Responsible Party' in this privacy policy.
How do we collect your data?
Some data is collected when you provide it to us. This could be data that you enter in a contact form, for example.
Other data is collected automatically or with your consent when you visit the website by our IT systems. This is primarily technical data (e.g., internet browser, operating system, or time of page access). This data is collected automatically as soon as you enter this website.
What do we use your data for?
Some of the data is collected to ensure error-free provision of the website. Other data may be used to analyze your user behavior. If contracts can be concluded or initiated via the website, the transmitted data is also processed for contract offers, orders, or other order requests.
What rights do you have regarding your data?
You have the right to receive information about the origin, recipient, and purpose of your stored personal data free of charge at any time. You also have the right to request the correction or deletion of this data. If you have given consent to data processing, you can revoke this consent at any time for the future. You also have the right to request restriction of the processing of your personal data under certain circumstances. Furthermore, you have the right to lodge a complaint with the competent supervisory authority. You can contact us at any time regarding this and other questions about data protection.
2. Hosting
External Hosting
This website is hosted externally. The personal data collected on this website is stored on the host's servers. This may include IP addresses, contact requests, meta and communication data, contract data, contact details, names, website accesses, and other data generated via a website.
External hosting is carried out for the purpose of fulfilling contracts with our potential and existing customers (Art. 6(1)(b) GDPR) and in the interest of secure, fast, and efficient provision of our online offer by a professional provider (Art. 6(1)(f) GDPR). If appropriate consent has been obtained, processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25(1) TDDDG.
Provider:
Vercel Inc.
440 N Barranca Avenue #4133
Covina, CA 91723, United States
Data Processing Agreement
We have concluded a Data Processing Agreement (DPA) for the use of the above-mentioned service. This is a contract required by data protection law that ensures that the provider processes the personal data of our website visitors only according to our instructions and in compliance with the GDPR.
3. General Information and Mandatory Disclosures
Data Protection
The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with statutory data protection regulations and this privacy policy.
When you use this website, various personal data is collected. Personal data is data with which you can be personally identified. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this happens. We point out that data transmission over the Internet (e.g., when communicating by e-mail) may have security gaps. Complete protection of data against access by third parties is not possible.
Information about the Responsible Party
The responsible party for data processing on this website is:
RDR MindMedia Ltd
Anemonis 218c
8560 Paphos, Cyprus
Phone: 089/215257200
Email: info@kontiqo.io
The responsible party is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (e.g., names, e-mail addresses, etc.).
Storage Duration
Unless a more specific storage period has been stated within this privacy policy, your personal data will remain with us until the purpose for data processing no longer applies. If you assert a legitimate request for deletion or revoke your consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data; in such cases, deletion will take place after these reasons cease to apply.
General Information on the Legal Basis for Data Processing on this Website
If you have consented to data processing, we process your personal data on the basis of Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR. In the case of explicit consent to the transfer of personal data to third countries, data processing is also based on Art. 49(1)(a) GDPR. If you have consented to the storage of cookies, the data processing is based on § 25(1) TDDDG. If processing is necessary for the performance of a contract or pre-contractual measures, we process your data on the basis of Art. 6(1)(b) GDPR. Furthermore, we process your data to fulfill legal obligations on the basis of Art. 6(1)(c) GDPR. If processing is based on our legitimate interest, the legal basis is Art. 6(1)(f) GDPR.
Recipients of Personal Data & Notice on Data Transfer to Third Countries
In the course of our business activities, we work with various external parties. In some cases, the transfer of personal data to these external parties is required. We transfer personal data to third parties if there is a legal basis for this or you have given us consent. When transferring data to third countries, the data transfer is based on EU Standard Contractual Clauses. Details can be found in the respective services.
Recipients of Personal Data
In the course of our business activities, we work with various external parties. In some cases, the transfer of personal data is required. We only pass on personal data if this is necessary for the performance of the contract, we are legally obligated to do so, or you have given us consent.
Revocation of Your Consent to Data Processing
Many data processing operations are only possible with your express consent. You can revoke consent you have already given at any time. The legality of data processing carried out until the revocation remains unaffected by the revocation.
Right to Object to Data Collection in Special Cases and to Direct Advertising (Art. 21 GDPR)
IF DATA PROCESSING IS BASED ON ART. 6(1)(E) OR (F) GDPR, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA AT ANY TIME FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. THE RESPECTIVE LEGAL BASIS ON WHICH PROCESSING IS BASED CAN BE FOUND IN THIS PRIVACY POLICY. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR AFFECTED PERSONAL DATA UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE YOUR INTERESTS, RIGHTS AND FREEDOMS, OR THE PROCESSING SERVES TO ASSERT, EXERCISE OR DEFEND LEGAL CLAIMS. IF YOUR PERSONAL DATA IS PROCESSED FOR DIRECT ADVERTISING PURPOSES, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR THE PURPOSE OF SUCH ADVERTISING.
Right to Lodge a Complaint with the Competent Supervisory Authority
In the event of violations of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority. The right to lodge a complaint is without prejudice to other administrative or judicial remedies.
Right to Data Portability
You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done to the extent technically feasible.
Information, Rectification and Erasure
Within the framework of the applicable legal provisions, you have the right to free information about your stored personal data, its origin and recipients, and the purpose of data processing and, if applicable, a right to rectification or erasure of this data at any time. For this purpose and for further questions on the subject of personal data, you can contact us at any time.
Right to Restriction of Processing
You have the right to request the restriction of the processing of your personal data. You can contact us at any time for this purpose. The right to restriction of processing exists in the following cases: If you dispute the accuracy of your personal data stored by us, if processing is unlawful, if we no longer need the data but you need it for asserting legal claims, or if you have lodged an objection.
SSL or TLS Encryption
This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line. When SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
Objection to Advertising Emails
The use of contact data published as part of the imprint obligation for sending unsolicited advertising and information materials is hereby objected to. The operators of these pages expressly reserve the right to take legal action in the event of unsolicited sending of advertising information, such as spam emails.
4. Data Collection on this Website
Cookies
Our website uses so-called "cookies". Cookies are small data packets and do not cause any damage to your device. They are stored either temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your device.
Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your device until you delete them yourself or automatic deletion is carried out by your web browser.
Cookies can come from us (first-party cookies) or from third-party companies (third-party cookies). We only use technically necessary cookies. Technically necessary cookies are required for the operation of the website and enable functions such as your login. The legal basis is § 25(2) TDDDG in conjunction with Art. 6(1)(f) GDPR. You can set your browser to inform you about the setting of cookies and allow them only in individual cases.
Contact Form
If you send us inquiries via the contact form, your details from the inquiry form, including the contact data you provided there, will be stored by us for the purpose of processing the inquiry and in case of follow-up questions. We do not pass on this data without your consent. This data is processed on the basis of Art. 6(1)(b) GDPR. The data you enter in the contact form will remain with us until you request deletion, revoke your consent to storage, or the purpose for data storage no longer applies. Mandatory legal provisions remain unaffected.
AI-Based Content and Voice-to-Text
We use AI technology (ChatGPT/OpenAI) for generating text content and transcribing voice messages. When using these functions, your inputs are transmitted to OpenAI.
We have concluded a Data Processing Agreement (DPA) with OpenAI. According to this agreement, your data is NOT used for training AI models and is only stored for a maximum of 30 days for abuse detection.
Processing is based on your consent (Art. 6(1)(a) GDPR). You can disable these functions at any time.
Inquiry by Email or Phone
If you contact us by email or phone, your inquiry including all personal data arising from it (name, inquiry) will be stored and processed by us for the purpose of handling your request. Processing of this data is based on Art. 6(1)(b) GDPR or Art. 6(1)(f) GDPR. The data you send us via contact inquiries will remain with us until you request deletion, revoke your consent to storage, or the purpose ceases to apply.
Telegram Messenger
For communication and capturing voice messages, we use Telegram Messenger (Telegram Messenger LLP). When using it, your Telegram user ID, username, and transmitted messages are processed. Use is based on your consent (Art. 6(1)(a) GDPR). You can disable the Telegram function at any time.
Calendly
We use the appointment booking service Calendly (Calendly, LLC, 3423 Piedmont Rd NE, Atlanta, GA 30305, USA). When booking an appointment, your entered data (name, email, phone number if applicable) is processed. Use is for contract initiation (Art. 6(1)(b) GDPR). Calendly is certified under the EU-US Data Privacy Framework.
Google Calendar
We use Google Calendar (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) for synchronizing appointments. When integration is enabled, calendar data is synchronized with your Google account. Use is based on your consent (Art. 6(1)(a) GDPR).
Registration on this Website
You can register on this website to use additional functions. We use the entered data only for the purpose of using the offer. The mandatory information requested during registration must be provided in full. Otherwise, we will reject the registration. Processing is based on Art. 6(1)(b) GDPR. The data collected during registration is stored by us as long as you are registered on this website. Statutory retention periods remain unaffected.
5. Social Media
Facebook
We maintain online presences in social networks to communicate with customers and interested parties. When accessing our Facebook page, Meta Platforms Ireland Limited (4 Grand Canal Square, Dublin 2, Ireland) is a joint controller. We have concluded a joint controller agreement. Details on data processing can be found in the Facebook privacy policy: https://www.facebook.com/privacy/policy
Instagram
When accessing our Instagram page, Meta Platforms Ireland Limited (4 Grand Canal Square, Dublin 2, Ireland) is a joint controller. We have concluded a joint controller agreement. Details on data processing can be found in the Instagram privacy policy: https://privacycenter.instagram.com/policy
LinkedIn
For connecting and publishing content, we use LinkedIn (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland). Use is for contract fulfillment (Art. 6(1)(b) GDPR) as the LinkedIn posting function is a core component of our service. LinkedIn is certified under the EU-US Data Privacy Framework.
TikTok
When accessing our TikTok page, TikTok Technology Limited (10 Earlsfort Terrace, Dublin, D02 T380, Ireland) is a joint controller. Details on data processing can be found in the TikTok privacy policy: https://www.tiktok.com/legal/privacy-policy-eea
6. Analytics and Advertising
We deliberately avoid invasive tracking tools like Google Analytics. For privacy-friendly usage statistics, we exclusively use Umami Analytics – an open-source solution without cookies, without personal data, and self-hosted on our own servers.
7. Newsletter
Newsletter Data
If you would like to receive the newsletter offered on the website, we require an email address from you as well as information that allows us to verify that you are the owner of the specified email address. First name and last name are optional and are used for personalization. Data processing is based exclusively on your consent (Art. 6(1)(a) GDPR). You can revoke your consent to the storage of data, the email address, and their use for sending the newsletter at any time, for example via the "unsubscribe" link in the newsletter.
Brevo
Newsletter sending is done via Brevo (Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin). The email addresses of our newsletter recipients and their other data are stored on Brevo's servers in the EU. We have concluded a data processing agreement with Brevo.
The newsletters sent with Brevo allow us to analyze the opening behavior and click behavior of recipients. The evaluation serves to optimize the newsletter. The legal basis is your consent (Art. 6(1)(a) GDPR). You can prevent this analysis by not loading images or by unsubscribing from the newsletter.
8. Plugins and Tools
Google Fonts (Local Hosting)
This site uses so-called Google Fonts for uniform display of fonts. The Google Fonts are installed locally. There is no connection to Google servers.
ChatGPT
We use ChatGPT from OpenAI (OpenAI LLC, 3180 18th St, San Francisco, CA 94110, USA) for generating texts and transcriptions. We have concluded a Data Processing Agreement (DPA) with OpenAI. Your data is NOT used for training AI models. OpenAI is certified under the EU-US Data Privacy Framework.
Supabase (Database & Authentication)
We use Supabase (Supabase Inc., 970 Toa Payoh North #07-04, Singapore 318992) for authentication and data storage. Your data is stored in the EU (Frankfurt). We have concluded a Data Processing Agreement (DPA) with Supabase. Supabase is SOC 2 Type II compliant and HIPAA certified. Details: https://supabase.com/privacy
Resend (Email Delivery)
For sending transactional emails (registration confirmation, password reset, invoices) we use Resend (Resend, Inc., 2261 Market Street #4103, San Francisco, CA 94114, USA). Email address and name are processed. We have concluded a Data Processing Agreement (DPA) with Resend. Resend is SOC 2 Type II certified. Details: https://resend.com/legal/privacy-policy
Sentry (Error Monitoring)
For error detection and application improvement we use Sentry (Functional Software, Inc., 132 Hawthorne St, San Francisco, CA 94107, USA). Technical data (browser, operating system, error details) is collected. Personal data is anonymized or pseudonymized. We have concluded a Data Processing Agreement (DPA) with Sentry. Sentry is SOC 2 Type II certified and registered under the EU-US Data Privacy Framework. Details: https://sentry.io/privacy/
9. Online Marketing and Partner Programs
Partner Program / Affiliate Marketing
We operate our own partner program. Cookies are set for tracking referrals and click data (referrer URL, timestamp, partner ID) is processed. Processing is based on Art. 6(1)(b) GDPR (contract fulfillment with our partners) and Art. 6(1)(f) GDPR (legitimate interest in correct commission attribution). Cookie storage duration: 30 days.
10. eCommerce and Payment Providers
Processing of Customer and Contract Data
We collect, process, and use personal customer and contract data for the establishment, content design, and modification of our contractual relationships. Processing is based on Art. 6(1)(b) GDPR. The collected customer data is deleted after completion of the order or termination of the business relationship and expiry of tax retention periods.
Payment Services
We integrate payment services from third-party companies on our website. When you make a purchase from us, your payment data (e.g., name, payment amount, bank details, credit card number) is processed by the payment service provider for payment processing. The respective contract and data protection provisions of the respective providers apply to these transactions.
Stripe
The provider for payment services is Stripe Inc. (510 Townsend Street, San Francisco, CA 94103, USA). Stripe is certified under the EU-US Data Privacy Framework. Details can be found in the Stripe privacy policy: https://stripe.com/privacy
11. Audio and Video Conferences
For communication with our customers, we use online conference tools, among others. The tools used are listed below. Data processing is for contract initiation or fulfillment (Art. 6(1)(b) GDPR).
Tools Used
- Zoom
- Microsoft Teams
- Google Meet
12. Custom Services
Google Drive
We use Google Drive (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) as cloud storage. When integration is enabled, files can be synchronized with your Google account. Use is based on your consent (Art. 6(1)(a) GDPR). Google is certified under the EU-US Data Privacy Framework.
Last updated: 2026-01-09