Privacy Policy

Effective Date: July 25, 2025

Privacy Policy

1. Data Controller

The data controller responsible in accordance with the purposes of the General Data Protection Regulation (GDPR) of the European Union and other data protection regulations is:

‍

GreenBitAI GmbH

Waldhornweg 27a

14480 Potsdam, Germany

Email: info@greenbit.ai

Website: https://greenbitai.ai/

‍

Register: Amtsgericht Potsdam
Register Number: HRB 38188 P
VAT Identification Number: DE362413836
D-U-N-S® Number: 344594844
Managing Director: Dr. Haojin Yang

‍

2. General Information on Data Processing

We process personal data of our users generally only to the extent necessary to provide a functional website as well as our content and services. The processing of personal data is regularly carried out only with the user's consent or when processing is permitted by legal provisions. If you download our application (app) through our website, the privacy policy for the app deposited there applies additionally.

‍

3. Data Processing When Visiting Our Website

When accessing our website, information is automatically sent to our servers by the browser used on your device. This information is temporarily stored in a so-called server log file. The following data is collected:

IP address of the requesting computer
Date and time of access
Name and URL of the retrieved file
Website from which access occurred (referrer URL)
Browser used and, if applicable, the operating system of your computer as well as the name of your access provider

The aforementioned data is processed by us for the following purposes:

Ensuring smooth connection establishment of the website
Ensuring comfortable use of our website
Evaluation of system security and stability
For other administrative purposes

The legal basis for data processing is Art. 6(1)(f) GDPR.

‍

Our website is currently operated in a combined hosting structure:

The public part of our website (particularly marketing and information pages) is hosted by the service provider Webflow, Inc., 398 11th Street, 2nd Floor, San Francisco, CA 94103, USA. Webflow is contractually bound as a data processor pursuant to Art. 28 GDPR. Third-country transfer is based on EU Standard Contractual Clauses pursuant to Art. 46(2)(c) GDPR.
Functional areas such as user accounts, subscription management, and license administration are operated via our own web server hosted in a data center by Amazon Web Services (AWS), Frankfurt am Main, Germany. Data processing also takes place here within the framework of a data processing agreement pursuant to Art. 28 GDPR.

‍

4. Use of Cookies

On our website, we use exclusively technically necessary cookies. These are small text files that your browser automatically creates and stores on your device when you visit our website. These cookies contain information related to the device used but do not directly identify you.

‍

The use of these cookies is necessary to ensure the secure and technically error-free operation of the website. They serve in particular for stability, correct display of content, and uniform control of language settings and navigation elements. Data processing is based on Art. 6(1)(f) GDPR in conjunction with Section 25(2)(2) TTDSG and is based on our legitimate interest in providing a functional and user-friendly website. Consent is not legally required for these technically necessary cookies. Tracking, analysis, or marketing cookies are not used.

‍

5. Integration of Demo Videos

Demo videos are integrated on our website that are hosted via the platform Ignite (Ignite.video, provided by 23 Technologies GmbH, Berlin). When playing the videos, technically necessary data (e.g., IP address, device type, browser information) is transmitted to Ignite's servers. Data processing is based on our legitimate interest in an appealing and functional presentation of audiovisual content pursuant to Art. 6(1)(f) GDPR. Ignite acts as a data processor pursuant to Art. 28 GDPR. Further information on data protection at Ignite can be found at: https://ignite.video/en/privacy

‍

6. Storage Duration

We store personal data only as long as necessary to achieve the respective purposes or as long as legal retention obligations exist. If the storage purpose ceases or a legally prescribed retention period expires, the data is routinely deleted in accordance with legal provisions. Unless an explicit storage duration is specified, personal data is stored for the duration of use of our online offering and subsequently only as long as and to the extent that legal retention obligations (e.g., under commercial or tax law) or other legitimate interests in retention exist.

‍

7. Contact

For questions of any kind, we offer you the opportunity to contact us via a form provided on the website. A valid email address is required so that we know from whom the inquiry originates and can respond to it. Additional information may be provided voluntarily.

Data processing for the purpose of contacting us is carried out pursuant to Art. 6(1)(a) GDPR based on your voluntarily given consent.

‍

8. Data Disclosure

Transmission of your personal data to third parties for purposes other than those listed below does not take place. We only disclose your personal data to third parties if:

You have given your express consent pursuant to Art. 6(1)(a) GDPR,
The disclosure is necessary pursuant to Art. 6(1)(f) GDPR for the assertion, exercise, or defense of legal claims and there is no reason to assume that you have an overriding legitimate interest in non-disclosure of your data,
In the event that there is a legal obligation for disclosure pursuant to Art. 6(1)(c) GDPR, as well as
This is legally permissible and necessary pursuant to Art. 6(1)(b) GDPR for the performance of contractual relationships with you.

We use external service providers for the provision and maintenance of this website. The website is currently operated via the hosting service provider Amazon Web Services EMEA SARL (AWS), 38 Avenue John F. Kennedy, L-1855 Luxembourg. AWS processes personal data (e.g., IP address, timestamp, technical information about the device) exclusively on our behalf and is contractually obligated as a data processor pursuant to Art. 28 GDPR. Third-country transfer cannot be completely excluded within the framework of the global AWS infrastructure network. In these cases, transfer occurs exclusively on the basis of appropriate safeguards within the meaning of Arts. 44 et seq. GDPR, particularly through the conclusion of EU Commission Standard Contractual Clauses.

‍

For processing payments in connection with subscriptions via our website, we will use the payment service provider Stripe (Stripe Payments Europe, Ltd., Ireland) in the future. The processing of personal data is carried out by Stripe under its own data protection responsibility. Stripe acts as an independent controller and is subject to Stripe's privacy policy (https://stripe.com/privacy). Data transfer to third countries (e.g., USA) cannot be excluded within the framework of Stripe services but occurs in compliance with the requirements of Arts. 44 et seq. GDPR.

‍

9. Data Subject Rights

You have the following rights:

Pursuant to Art. 15 GDPR to request information about your personal data processed by us;
Pursuant to Art. 16 GDPR to immediately request correction of incorrect or completion of your personal data stored with us;
Pursuant to Art. 17 GDPR to request deletion of your personal data stored with us;
Pursuant to Art. 18 GDPR to request restriction of processing of your personal data;
Pursuant to Art. 20 GDPR to receive your personal data that you have provided to us in a structured, commonly used, and machine-readable format or to request transmission to another controller;
Pursuant to Art. 7(3) GDPR to revoke your once-given consent at any time;
Pursuant to Art. 77 GDPR to lodge a complaint with a supervisory authority.

‍

10. Right to Object

Insofar as your personal data is processed on the basis of legitimate interests pursuant to Art. 6(1)(f) GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR.

‍

11. Data Security

We use the widespread SSL (Secure Socket Layer) procedure in connection with the highest encryption level supported by your browser during website visits.

‍

12. Currency and Amendment of this Privacy Policy

This privacy policy is currently valid and has the status of July 2025.

‍

Due to the further development of our website and offers thereon or due to changed legal or regulatory requirements, it may become necessary to amend this privacy policy.