modelAIz logo

Privacy Policy

Last updated: January 22, 2025

1. Introduction

This Privacy Policy explains how modelAIz ("we", "our", or "us") collects, uses, and protects your personal data when you use our AI-powered business model platform. We are committed to protecting your privacy and ensuring compliance with the General Data Protection Regulation (GDPR) and applicable German data protection laws.

2. Data Controller

Responsible for data processing:
Jens Arne Lück
Fassbinderweg 8
22419 Hamburg, Germany
Email: privacy@modelaiz.com
VAT: DE123456789

3. Personal Data We Collect

3.1 Authentication Data

  • Email address
  • Name (optional)
  • Profile information from Auth0
  • Authentication tokens and session data

3.2 User Profile Data

  • Timezone preferences
  • Language preferences
  • Notification settings
  • Privacy preferences
  • Profile picture (optional)
  • Bio and company information (optional)
  • Phone number (optional)
  • Location (optional)

3.3 Business Data

  • Project information and descriptions
  • Business model canvas data
  • One-pager content and versions
  • Market research data
  • User journey information
  • Story maps and user stories

3.4 AI Interaction Data

  • Conversation history with AI services
  • AI-generated content and responses
  • Token usage statistics
  • Model preferences and settings

3.5 Technical Data

  • IP address
  • Browser type and version
  • Device information
  • Usage patterns and analytics
  • Error logs and performance data

4. Legal Basis for Processing

We process your personal data based on the following legal grounds:

  • Contract Performance: To provide our services and fulfill our contractual obligations
  • Legitimate Interest: To improve our services, ensure security, and prevent fraud
  • Consent: For marketing communications and optional features (where applicable)
  • Legal Obligation: To comply with applicable laws and regulations

5. How We Use Your Data

  • To provide and maintain our AI-powered business model platform
  • To process your requests and generate AI-assisted content
  • To manage your account and subscription
  • To track usage and improve our services
  • To provide customer support
  • To ensure platform security and prevent abuse
  • To comply with legal obligations

6. Data Sharing and Third Parties

6.1 Service Providers

We share data with the following third-party services:

  • Auth0: For user authentication and identity management
  • OpenAI: For AI content generation and processing
  • Perplexity AI: For market research and data analysis
  • Database Hosting: For secure data storage

6.2 Legal Requirements

We may disclose your data if required by law or to protect our rights and safety.

7. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including:

  • Encryption of data in transit and at rest
  • Regular security assessments and updates
  • Access controls and authentication
  • Secure data centers and infrastructure
  • Employee training on data protection

8. Data Retention

We retain your personal data for as long as necessary to provide our services and comply with legal obligations:

  • Account data: Until account deletion or 3 years after last activity
  • Project data: Until account deletion or 5 years after last activity
  • AI conversation data: Until account deletion or 2 years after last activity
  • Technical logs: 12 months
  • Marketing data: Until consent withdrawal or 2 years after last contact

9. Your Rights

Under GDPR, you have the following rights:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Request deletion of your personal data
  • Portability: Receive your data in a structured format
  • Restriction: Limit how we process your data
  • Objection: Object to certain types of processing
  • Withdraw Consent: Withdraw consent for consent-based processing

To exercise these rights, contact us at privacy@modelaiz.com.

10. Cookies and Tracking

We use essential cookies for authentication and session management. We do not use tracking cookies or analytics without your explicit consent.

10.1 Essential Cookies

  • Authentication session cookies
  • Security and CSRF protection cookies
  • User preference cookies

11. International Data Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA). We ensure appropriate safeguards are in place through:

  • Adequacy decisions by the European Commission
  • Standard contractual clauses
  • Certification schemes
  • Binding corporate rules

12. Children's Privacy

Our services are not intended for children under 16 years of age. We do not knowingly collect personal data from children under 16.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by email or through our platform.

14. Contact Information

For questions about this Privacy Policy or to exercise your rights, contact us:

Email: privacy@modelaiz.com
Address: Jens Arne Lück, Fassbinderweg 8, 22419 Hamburg, Germany
Data Protection Officer: privacy@modelaiz.com

15. Complaints

You have the right to lodge a complaint with a supervisory authority. In Germany, you can contact:

Hamburg Commissioner for Data Protection and Freedom of Information
Ludwig-Erhard-Str. 22, 7th floor
20459 Hamburg, Germany
Email: mailbox@datenschutz.hamburg.de
Phone: +49 40 428 54 4040