1. Name and Contact Details of the Person responsible for data processing

Data protection and data security have a very high priority for our company. The protection of your personal data is therefore particularly important to us. You can reach us as follows:

BlueLotus.AI GmbH
Gelber Weg 22
61476 Kronberg
Telephone: +49 (0) 69
E-Mail: info@bluelotus.ai

2. Purposes of Data processing, Legal Basis, Storage Period

We process personal data only in compliance with the applicable data protection regulations and to the extent necessary. Personal data within the meaning of Art. 4 section 1 GDPR are all information that can be personally related to you as the so-called data subject, e.g. Name, address, email addresses, user behavior.
‍
a) Website Visit
When you visit our website, the web server automatically process the following information:

• IP address of the requesting computer
• Date and time of access
• Name and URL of the data accessed
• Message as to whether the retrieval was successful
• Method and parameters of HTTP access
• Browser and operating system used
• Website from which access is made (referrer URL)

This data is processed for the following purposes

• Operation of the website
• Administration of the network infrastructure
• Appropriate technical and organizational measures for IT system and information security, taking into account the state of the art
• Guarantee of user-friendliness
• Optimization of the offer

The legal basis for this data collection is Article 6 Paragraph 1 Sentence 1 lit b GDPR (to fulfill the contract for the use of the homepage) and Article 6 Paragraph 1 Sentence 1 lit. c GDPR (for the security of data processing). We also have a legitimate interest within the meaning of Article 6 Paragraph 1 Clause 1 lit.f GDPR to always improve and optimize the offer on our homepage in the interests of the user.
The data that is collected through server log files and stored are deleted after 7 days, or - in the case of IP addresses - by shortening anonymous.
‍
b) Using our online contact form and inquiries by e-mail

You can contact us via our online contact form. Your details will then be saved in our customer relationship management system and processed internally. The personal data that you provide to us as part of this contact request will only be used to answer your request or to establish contact and for the associated technical administration. The legal basis for data processing here is Article 6 Paragraph 1 Clause 1 lit a GDPR (consent) or Article 6 Paragraph 1S. 1 lit b GDPR (implementation of pre-contractual measures) The inquiries will be deleted after two years at the latest. Legal retention periods are observed accordingly.

c) No further processing  

Personal data will not be processed beyond the aforementioned cases unless you expressly consent to further processing in advance.

3. Transfer to Third Parties, Processors, Recipient Categories

A transfer of your personal data to third parties, i.e. other natural or legal persons apart from the data subject, the person responsible, the processor and the persons who are authorized to process the personal data under the direct responsibility of the person responsible or the processor, only takes place for the purposes listed below:

• You have given your express and voluntary consent to this in accordance with Article 6 Paragraph 1 Letter a GDPR.
• According to Article 6 Paragraph 1 Clause 1 Letter b GDPR, the transfer is necessary for the processing of contractual relationships with you, e.g. to suppliers or recipients of goods or services named by you.
• There is a legal obligation to pass it on in accordance with Article 6 Paragraph 1 Sentence 1 Letter c GDPR, e.g. to financial or law enforcement authorities.
• The transfer is necessary according to Article 6 Paragraph 1 Clause 1 Letter f GDPR to assert, exercise or defend legal claims and there is no reason to assume that you have an overriding legitimate interest in not disclosing your data; Such a transfer can take place, for example, in the event of attacks on our IT systems to government institutions and law enforcement authorities.
• Our websites are hosted by Amazon Web Services, Inc. in Germany on behalf of Article 28 GDPR. The privacy policy of Amazon Web Services, Inc. can be viewed at https://aws.amazon.com/de/privacy/?nc1=f_pr .  

4. Cookies

We use cookies on our website. Cookies are small text files that are automatically saved locally in the cache of your web browser on your device when you visit our site. Information is stored in the cookie that results in connection with the specific terminal device used, e.g. saved language settings or screen resolutions. However, this does not mean that we are immediately aware of your identity. Cookies are used, among other things, for the purpose of enabling certain functions of the website and for technical session control.

Once you agree to allow our website to use cookies, you also agree to use the data it collectsregarding your online behavior (analyze web traffic, web pages you spend the most time on,and websites you visit).The data we collect by using cookies is used to customize our website to your needs. After weuse the data for statistical analysis, the data is completely removed from our systems.Please note that cookies don't allow us to gain control of your computer in any way. They arestrictly used to monitor which pages you find useful and which you do not so that we canprovide a better experience for you.If you want to disable cookies, you can do it by accessing the settings of your internet browser.https://support.google.com/analytics/answer/6004245?hl=de

We also use so-called session cookies to recognize that you have already visited individual web pages on our website within a session and to enable session control, e.g. to save form entries or shopping carts during the session. Session cookies are deleted at the latest when you close your web browser. In addition, we use temporary cookies to optimize and guarantee user-friendliness, which are stored in the web browser of your device for a defined period of time. If you visit our site again, it is automatically recognized that you have already visited our website and which settings you have made so that you do not have to do them again.

The cookies required for the website to function, the session control cookies and the session cookies are processed in accordance with Article 6 Paragraph 1 Clause 1 Letter b GDPR (contract fulfillment). Data processing using cookies to optimize the website and to ensure user friendliness is carried out in accordance with Article 6 Paragraph 1 Sentence 1 Letter f GDPR (legitimate interest) and for advertising purposes and web analysis in the case of tracking cookies in accordance with Article 6 Paragraph 1 Sentence 1 Letter a GDPR (consent). You can also view our website without cookies. However, most web browsers automatically accept cookies. You can specify in your web browser settings that the storage of cookies is prevented or that a message always appears before a new cookie is created. You can also delete cookies via your web browser. However, deleting or deactivating cookies may mean that you cannot use all functions of our website equally.

5. Rights of Data Subjects

You have the right: to request information about your personal data processed by us in accordance with Article 15 GDPR. In particular, you can obtain information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, if possible, the right to rectification, deletion, restriction of processing or objection If you have the right to lodge a complaint, the origin of your data, if it has not been collected from you, as well as the existence of automated decision-making including profiling and, if applicable, meaningful information on their details, in accordance with Article 16 GDPR, you can immediately request the correction of incorrect data or the completion of your stored data to request personal data, to request the deletion of your personal data stored by us in accordance with Article 17 GDPR if:

• these are no longer necessary for the purposes for which they were collected or otherwise processed,
• You revoke your consent on which the processing was based in accordance with Article 6 paragraph 1 sentence 1 letter a or Article 9 paragraph 2 letter a and there is no other legal basis for processing,
• You object to the processing in accordance with Article 21 paragraph 1 and there are no overriding legitimate reasons for the processing, or you object in accordance with Article 21 paragraph 2 to processing for the purpose of direct mail including associated profiling,
• the personal data was processed unlawfully,
• the deletion of personal data is necessary to fulfill a legal obligation under Union law or the law of the member states to which the person responsible is subject,
• the personal data has been collected in relation to information society services offered in accordance with Article 8 (1) GDPR (consent of a child).

The right to deletion does not exist if processing is necessary

• to exercise the right to freedom of expression and information,
• to fulfill a legal obligation, for reasons of public interest in the field of public health or archiving purposes in the public interest or
• for the establishment, exercise or defense of legal claims.

to request the restriction of the processing of your personal data in accordance with Article 18 GDPR, insofar as

• you dispute the correctness of the data,
• the processing is unlawful, but you refuse to delete it,
• we no longer need the data, but you need them to assert, exercise or defend legal claims or
• You have lodged an objection to the processing in accordance with Article 21 GDPR.

in accordance with Article 20 GDPR, to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request the transfer to another person responsible, in accordance with Article 7 Paragraph 3 GDPR to revoke your consent at any time. As a result, we are no longer allowed to continue the data processing based on this consent in the future if there is no other legal basis for this and to complain to a supervisory authority in accordance with Article 77 GDPR. As a rule, you can contact the supervisory authority of your usual place of residence or work or our headquarters.

6. Right to Object

If your personal data are processed on the basis of legitimate interests in accordance with Article 6 Paragraph 1 Clause 1 Letter f GDPR, you have the right to object to the processing of your personal data in accordance with Article 21 GDPR, provided there are reasons for this that arise from your particular situation arise or the objection is directed against direct mail. In the latter case, you have a general right of objection, which we will implement without specifying a particular situation. If you would like to make use of your right of revocation or objection, you can contact us using the contact details above and send us an email, for example.

7. Data security

We use the widespread SSL (Secure Socket Layer) procedure in conjunction with the highest level of encryption supported by your browser when you visit our website. Usually this is a 256 bit encryption. You can tell whether an individual page of our website is transmitted in encrypted form by the closed key or lock symbol in the status bar of your web browser. We also use suitable technical and organizational measures to secure data processing at an appropriate risk, in particular to counteract your data Protect against manipulation or unauthorized access. We take into account the state of the art. Our security measures are adapted in line with technological developments.