Privacy Policy

The data controller responsible for processing your personal data on this website is:

Armin Kajevic AI Ministry (ai-ministry.eu) Email: [email protected]

If you have any questions about data protection, please contact us at: [email protected]

We collect and process the following categories of personal data:

Contact Form Data: When you submit our contact form, we collect your name, email address, organisation name, industry sector, and the content of your message. This data is processed solely for the purpose of responding to your enquiry.

Usage Data (Analytics): We use privacy-respecting analytics to understand how visitors use our website. This may include anonymised data such as pages visited, time on site, and general geographic region (country level). No personally identifiable information is collected through analytics.

Cookie Data: We use essential cookies required for the website to function. With your consent, we may also use analytics cookies. See our Cookie Policy below for details.

Voluntarily Provided Data: Any information you voluntarily provide through forms, emails, or other interactions with AI Ministry.

We process your personal data on the following legal bases:

Art. 6(1)(a) — Consent: For analytics cookies and non-essential tracking, we rely on your explicit consent, which you can withdraw at any time via our Cookie Preferences.

Art. 6(1)(b) — Contract Performance: When processing data to respond to your enquiries or provide consulting services you have requested.

Art. 6(1)(c) — Legal Obligation: Where processing is necessary to comply with EU or national legal requirements.

Art. 6(1)(f) — Legitimate Interests: For basic website security, fraud prevention, and improving our services, where these interests are not overridden by your rights.

We retain your personal data only as long as necessary for the purposes for which it was collected:

- Contact form enquiries: Retained for 2 years from the date of last contact, then securely deleted. - Analytics data: Anonymised data retained for up to 13 months. - Consulting engagement data: Retained for the duration of the engagement plus 7 years (statutory retention period for business records under EU law). - Cookie consent records: Retained for 1 year from the date of consent.

You may request deletion of your data at any time (see Your Rights below).

We do not sell, rent, or trade your personal data. We may share data with:

Service Providers: Trusted third-party providers who assist in operating our website (e.g., hosting, analytics). All providers are contractually bound to process data only on our instructions and in compliance with GDPR.

Legal Requirements: We may disclose data if required by law, court order, or competent authority.

Business Transfers: In the event of a merger or acquisition, your data may be transferred as part of that transaction, subject to equivalent privacy protections.

We do not transfer personal data outside the European Economic Area (EEA) without appropriate safeguards (e.g., Standard Contractual Clauses).

As a data subject under GDPR (Articles 15–22), you have the following rights:

Right of Access (Art. 15): Request a copy of the personal data we hold about you.

Right to Rectification (Art. 16): Request correction of inaccurate or incomplete data.

Right to Erasure / "Right to be Forgotten" (Art. 17): Request deletion of your personal data, subject to legal retention obligations.

Right to Restriction of Processing (Art. 18): Request that we limit how we use your data in certain circumstances.

Right to Data Portability (Art. 20): Receive your data in a structured, machine-readable format.

Right to Object (Art. 21): Object to processing based on legitimate interests or for direct marketing purposes.

Right to Withdraw Consent (Art. 7(3)): Withdraw consent at any time without affecting the lawfulness of prior processing.

Right to Lodge a Complaint: You have the right to lodge a complaint with your national data protection authority. In Germany: Bundesbeauftragter für den Datenschutz (BfDI). EU DPA directory: https://edpb.europa.eu/about-edpb/about-edpb/members_en

To exercise any of these rights, contact us at: [email protected]

We use the following categories of cookies:

Essential Cookies (always active): Required for the website to function. These cannot be disabled. They include session management and security cookies.

Analytics Cookies (consent required): Used to understand website usage patterns. We use privacy-respecting analytics that anonymise IP addresses and do not track individuals across sites. You can opt out at any time via Cookie Preferences.

No Third-Party Advertising Cookies: We do not use advertising networks, retargeting pixels, or social media tracking cookies.

You can manage your cookie preferences at any time by clicking "Cookie Preferences" in the website footer.

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These include:

- HTTPS encryption for all data transmission - Access controls limiting data access to authorised personnel only - Regular security reviews and updates - Secure deletion procedures for data no longer required

While we take data security seriously, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security but are committed to protecting your data to the highest practical standard.

For all data protection enquiries, requests to exercise your rights, or complaints:

Email: [email protected] Subject line: "Data Protection Request"

We will respond to all requests within 30 days as required by GDPR Art. 12(3).

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of significant changes by posting a notice on our website. The date of the latest revision is shown below.

This policy is governed by EU Regulation 2016/679 (GDPR) and applicable national data protection law.