Privacy Policy

Last Updated: January 2, 2025

1. Data Controller

Name: Dominik Gábor
Email: doominik.gabor@gmail.com
Location: Berlin, Germany / Netherlands

I am the data controller responsible for processing your personal data collected through this website and my services.

2. What Data We Collect

I collect the following types of personal data when you interact with this website or use my services:

2.1 Information You Provide Directly

• Contact Forms: Name, email address, company name, role, budget range, project description, preferred contact method
• Free Resource Downloads: Name, email address, company name (optional), role (optional), newsletter opt-in preference
• Service Inquiries: Business details, workflow information, automation goals, meeting notes
• Email Communications: Email content, attachments, and correspondence history

2.2 Automatically Collected Data

• Website Analytics: IP address, browser type, device information, pages visited, time spent on site, referring URLs (if you consent to analytics cookies)
• Technical Data: Server logs, error reports, performance data

2.3 AI Services Data

• Workflow Information: Business processes, operational data, automation requirements
• Custom AI Training Data: Documents, transcripts, or other materials you provide for custom AI solutions
• Usage Data: How you interact with AI tools I develop for you

3. How We Use Your Data

I process your personal data for the following purposes:

3.1 Service Delivery

• Responding to your inquiries and booking requests
• Providing AI consulting services, audits, and training
• Developing custom AI solutions tailored to your needs
• Delivering free resources (prompt libraries, guides)
• Managing client relationships and project communication

3.2 Communication

• Sending service-related updates and project status reports
• Responding to support requests
• Sending newsletters and AI automation tips (only if you opted in)
• Notifying you about new services or content

3.3 Website Improvement

• Analyzing website traffic and user behavior (with your consent)
• Improving website functionality and user experience
• Detecting and preventing technical issues

3.4 Legal Compliance

• Complying with legal obligations (e.g., tax, accounting)
• Establishing, exercising, or defending legal claims
• Protecting against fraud or security threats

4. Legal Basis for Processing (GDPR)

Under GDPR, I process your personal data based on the following legal grounds:

• Consent: When you provide explicit consent (e.g., newsletter sign-ups, analytics cookies)
• Contract Performance: When processing is necessary to fulfill our service agreement
• Legitimate Interest: When I have a legitimate business interest (e.g., improving services, fraud prevention)
• Legal Obligation: When required by law (e.g., tax records, business documentation)

5. Data Storage and Security

5.1 Where We Store Your Data

Your data is stored securely using the following services:

• Supabase (PostgreSQL): Contact submissions, downloads, and user data (EU servers)
• n8n Automation Platform: Workflow automation and email notifications (EU servers where possible)
• Email Service Providers: ConvertKit, Mailchimp, or similar (depending on your newsletter opt-in)
• Project Management Tools: Notion, Google Workspace (for client project files)

5.2 Data Security Measures

I implement industry-standard security measures to protect your data:

• Encrypted data transmission (HTTPS/TLS)
• Secure database access with authentication and authorization
• Regular security updates and patches
• Limited access to personal data (only authorized personnel)
• Regular backups with encryption

5.3 Data Retention

• Contact Inquiries: 3 years after last contact (unless you become a client)
• Client Data: Duration of service + 7 years (for legal/tax purposes)
• Newsletter Subscribers: Until you unsubscribe
• Website Analytics: 26 months (Google Analytics standard)

6. Third-Party Services and Data Sharing

I use the following third-party services that may process your data:

6.1 Analytics and Tracking

• Google Analytics: Website traffic analysis (anonymized IP addresses, opt-out available)
• Google Tag Manager: Managing tracking tags

6.2 Communication Tools

• Email Providers: ConvertKit, Mailchimp (for newsletters and automation)
• Video Conferencing: Zoom, Google Meet (for client calls)

6.3 AI and Automation Platforms

• OpenAI (ChatGPT), Anthropic (Claude), Google (Gemini): For AI service delivery (data is NOT used to train their models unless explicitly agreed)
• n8n: Workflow automation (self-hosted or cloud EU region)
• Supabase: Database and backend services (EU region)

6.4 When I Share Your Data

I will only share your personal data in the following circumstances:

• With your explicit consent
• To service providers who assist in delivering my services (under strict data processing agreements)
• For legal compliance (e.g., court orders, regulatory requests)
• In business transfers (e.g., if my business is sold, your data may be transferred to the new owner)

I will NEVER sell your personal data to third parties.

7. Your Rights Under GDPR

As a data subject in the EU, you have the following rights:

7.1 Right of Access

You can request a copy of all personal data I hold about you.

7.2 Right to Rectification

You can ask me to correct inaccurate or incomplete data.

7.3 Right to Erasure ("Right to be Forgotten")

You can request deletion of your personal data, subject to legal obligations (e.g., tax records).

7.4 Right to Restriction

You can request that I limit processing of your data in certain circumstances.

7.5 Right to Data Portability

You can request your data in a structured, machine-readable format to transfer to another service.

7.6 Right to Object

You can object to processing based on legitimate interests or for direct marketing purposes.

7.7 Right to Withdraw Consent

If processing is based on consent, you can withdraw it at any time (e.g., unsubscribe from newsletters).

7.8 How to Exercise Your Rights

To exercise any of these rights, contact me at: doominik.gabor@gmail.com

I will respond within 30 days as required by GDPR.

8. Cookies and Tracking Technologies

8.1 What Are Cookies?

Cookies are small text files stored on your device when you visit this website. They help improve your browsing experience and provide analytics data.

8.2 Types of Cookies We Use

• Essential Cookies: Required for website functionality (no consent needed)
• Analytics Cookies: Google Analytics for traffic analysis (requires consent)
• Marketing Cookies: Tracking conversions from ads (requires consent)

8.3 Managing Cookies

You can control cookie settings in your browser or use our cookie consent banner to opt out of non-essential cookies.

9. AI-Specific Data Usage

9.1 Custom AI Solutions

If you engage me to develop custom AI solutions (e.g., custom GPT systems), I may process:

• Business documents and workflows you provide
• Training data for AI models
• Usage logs from AI systems

9.2 Data Processing with AI Platforms

When using AI platforms like OpenAI, Anthropic, or Google Gemini:

• Your data is NOT used to train their public models (per their Enterprise/API agreements)
• Data is processed only to provide services to you
• I use Business/Enterprise plans that comply with GDPR

9.3 Data Anonymization

Where possible, I anonymize or pseudonymize data before using it for AI training or testing.

10. Children's Privacy

This website and my services are not intended for individuals under 18 years of age. I do not knowingly collect personal data from children. If I become aware of such data, I will delete it promptly.

11. International Data Transfers

While I primarily operate within the EU (Germany, Netherlands), some third-party services may transfer data outside the EU. In such cases:

• Transfers comply with GDPR requirements (e.g., Standard Contractual Clauses)
• I ensure adequate data protection measures are in place
• You will be informed if your data is transferred outside the EU

12. Changes to This Privacy Policy

I may update this Privacy Policy from time to time to reflect changes in my practices or legal requirements. Changes will be posted on this page with an updated "Last Updated" date.

For significant changes, I will notify you via email (if you're a client or newsletter subscriber).

13. Contact and Complaints

13.1 Contact Me

If you have questions about this Privacy Policy or how your data is handled:

Email: doominik.gabor@gmail.com
Subject Line: "Privacy Inquiry"

13.2 File a Complaint

If you believe your data protection rights have been violated, you have the right to lodge a complaint with your local data protection authority:

• Germany: Federal Commissioner for Data Protection and Freedom of Information (BfDI)
• Netherlands: Dutch Data Protection Authority (Autoriteit Persoonsgegevens)

14. Acceptance of This Policy

By using this website or engaging my services, you acknowledge that you have read and understood this Privacy Policy and agree to its terms.