CognitEaseCognitEase

Privacy Policy

1) Introduction and Contact Details of the Controller

1.1 We are pleased that you are visiting our website and thank you for your interest. Below we inform you about the handling of your personal data when using our website. Personal data means all data by which you can be personally identified.

1.2 The controller for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is Andrey Gershengoren, Andrey Gershengoren Software-Entwicklung, Nibelungenplatz 8, 90461 Nürnberg, Germany, Tel.: 01705003980, E-Mail: info@cognitease.com. The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.

2) Data Collection When Visiting Our Website

2.1 When you use our website for purely informational purposes, i.e. if you do not register or otherwise provide us with information, we only collect data that your browser transmits to our server (so-called "server log files"). When you access our website, we collect the following data that is technically necessary for us to display the website to you:

  • Our visited website
  • Date and time of access
  • Amount of data sent in bytes
  • Source/referral from which you reached the page
  • Browser used
  • Operating system used
  • IP address used (where applicable: in anonymised form)

Processing is carried out pursuant to Art. 6(1)(f) GDPR on the basis of our legitimate interest in improving the stability and functionality of our website. The data is not passed on or used for any other purpose. However, we reserve the right to subsequently check the server log files if there are concrete indications of unlawful use.

2.2 For security reasons and to protect the transmission of personal data and other confidential content (e.g. orders or enquiries to the controller), this website uses SSL or TLS encryption. You can recognise an encrypted connection by the string "https://" and the padlock symbol in your browser bar.

3) Hosting & Content Delivery Network

3.1 DigitalOcean

For hosting our website and presenting the page content, we use the system of the following provider: DigitalOcean LLC, 101 Avenue of the Americas 10th Floor New York, NY 10013, USA. All data collected on our website is processed on the provider's servers. We have concluded a data processing agreement with the provider, which ensures the protection of our website visitors' data and prohibits unauthorised disclosure to third parties. For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which, on the basis of an adequacy decision by the European Commission, ensures compliance with the European level of data protection.

3.2 Vercel

For hosting our website and presenting the page content, we use the system of the following provider: Vercel Inc., 340 S Lemon Ave #4133, Walnut, CA 91789, USA. All data collected on our website is processed on the provider's servers. We have concluded a data processing agreement with the provider, which ensures the protection of our website visitors' data and prohibits unauthorised disclosure to third parties. For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which, on the basis of an adequacy decision by the European Commission, ensures compliance with the European level of data protection.

3.3 Digital Ocean (CDN)

We use a content delivery network from the following provider: DigitalOcean, LLC, 105 Edgeview Drive St 425, Broomfield, CO 80021, USA. This service allows us to deliver large media files such as graphics, page content or scripts more quickly via a network of regionally distributed servers. Processing is carried out to safeguard our legitimate interest in improving the stability and functionality of our website pursuant to Art. 6(1)(f) GDPR. We have concluded a data processing agreement with the provider, which ensures the protection of our website visitors' data and prohibits unauthorised disclosure to third parties. For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which, on the basis of an adequacy decision by the European Commission, ensures compliance with the European level of data protection.

3.4 Vercel (CDN)

We use a content delivery network from the following provider: Vercel Inc., 440 N Barranca Avenue #4133, Covina, CA 91723, USA. This service allows us to deliver large media files such as graphics, page content or scripts more quickly via a network of regionally distributed servers. Processing is carried out to safeguard our legitimate interest in improving the stability and functionality of our website pursuant to Art. 6(1)(f) GDPR. We have concluded a data processing agreement with the provider, which ensures the protection of our website visitors' data and prohibits unauthorised disclosure to third parties. For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which, on the basis of an adequacy decision by the European Commission, ensures compliance with the European level of data protection.

4) Cookies

To make visiting our website attractive and to enable the use of certain functions, we use cookies — small text files that are stored on your device. Some of these cookies are automatically deleted when you close your browser (so-called "session cookies"); others remain on your device for a longer period and allow page settings to be saved (so-called "persistent cookies"). In the latter case, you can find the storage duration in the cookie settings overview of your web browser. Where personal data are also processed by individual cookies we use, processing is carried out pursuant to Art. 6(1)(b) GDPR for the performance of a contract, pursuant to Art. 6(1)(a) GDPR in the case of consent given, or pursuant to Art. 6(1)(f) GDPR to safeguard our legitimate interests in the best possible functionality of the website and a customer-friendly and effective design of the page visit. You can configure your browser to be informed about the setting of cookies and to decide individually on their acceptance or to exclude the acceptance of cookies for certain cases or in general. Please note that if you do not accept cookies, the functionality of our website may be restricted.

5) Contact

In the context of contacting us (e.g. via contact form or e-mail), personal data is processed — exclusively for the purpose of processing and responding to your enquiry and only to the extent necessary for this purpose. The legal basis for processing this data is our legitimate interest in responding to your enquiry pursuant to Art. 6(1)(f) GDPR. If your contact is aimed at concluding a contract, the additional legal basis for processing is Art. 6(1)(b) GDPR. Your data will be deleted when it can be inferred from the circumstances that the matter in question has been conclusively resolved, provided there are no statutory retention obligations to the contrary.

6) Data Processing for Contract Performance

6.1 For the performance of contracts, we cooperate with the service provider(s) listed below, who support us in whole or in part in the execution of concluded contracts. Certain personal data is transferred to these service providers in accordance with the following information.

6.2 Use of Payment Service Providers

Stripe

One or more online payment methods from the following provider are available on this website: Stripe Payments Europe Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland. If you select a payment method where you pay in advance (e.g. credit card payment), your payment data communicated during the ordering process (including name, address, bank and payment card details, currency and transaction number) as well as information about the content of your order will be passed on to this provider pursuant to Art. 6(1)(b) GDPR. Your data is passed on in this case exclusively for the purpose of payment processing with the provider and only to the extent necessary for this purpose. If you select a payment method where the provider advances payment (e.g. purchase on account, instalment purchase or direct debit), you will also be asked during the order process to provide certain personal data (first and last name, street, house number, postcode, town, date of birth, e-mail address, telephone number, possibly data on an alternative means of payment). To safeguard our legitimate interest in determining the creditworthiness of our customers, this data is forwarded by us to the provider pursuant to Art. 6(1)(f) GDPR for the purpose of a credit check. The provider checks, on the basis of the personal data you have provided and further data (such as shopping basket, invoice amount, order history, payment experiences), whether the payment option you have selected can be granted with regard to payment and/or default risks. The credit information may contain probability values (so-called score values). Where score values are incorporated into the result of the credit information, they are based on a scientifically recognised mathematical-statistical method. Address data are included in the calculation of score values, among other things but not exclusively. You can object to this processing of your data at any time by notifying us or the provider. However, the provider may still be entitled to process your personal data if this is necessary for contractual payment processing.

6.3 OpenAI

To provide our services, we use artificial intelligence software from the following provider: OpenAI Ireland Limited, 1st Floor, The Liffey Trust Centre, 117-126 Sheriff Street Upper, Dublin 1, D01 YC43, Ireland. Information provided by you in the context of a contractual relationship may be fed into the provider's software in order to organise, analyse, aggregate, modify, evaluate or process it for the purpose of providing our services. Information may also be transferred to: OpenAI OpCo, LLC, USA. The collection and further processing of this information is strictly purpose-bound for the purpose of contract performance. Processing for the purpose of training and further development of the provider's AI language models is expressly prohibited. Where personal data are also subject to processing, this is carried out on the basis of our legitimate interest in the efficient design of our services and the optimal use of available resources and technologies pursuant to Art. 6(1)(f) GDPR. If the personal data includes data of third parties whose processing you have entrusted to us, this processing is secured on our behalf by the conclusion of a data processing agreement with us, which specifies the measures taken to protect this data and your control and access rights. We have concluded a data processing agreement with the provider on our part, which ensures the protection of personal data processed via the provider and prohibits unauthorised disclosure to third parties. For data transfers to the USA, the provider relies on standard contractual clauses of the European Commission, which are intended to ensure compliance with the European level of data protection.

6.4 Electronic Cancellation Option for Subscription Contracts with Consumers

Consumers who have entered into paid subscription contracts on this website have the option of cancelling these via an electronic button in accordance with the applicable notice periods. Activating the button leads to a confirmation page on which the consumer can provide further details about the cancellation, identify themselves unambiguously and then submit their cancellation electronically. The collection of personal data and its transmission to us is carried out pursuant to Art. 6(1)(b) GDPR and only to the extent necessary for the proper processing of the cancellation. Also on the basis of Art. 6(1)(b) GDPR, the personal data provided is used to confirm receipt of the cancellation notice and the time of cancellation electronically in text form. The additional legal basis for processing is Art. 6(1)(c) GDPR. We are legally obliged to provide an electronic cancellation option for consumer contracts for paid subscription services concluded by way of electronic commerce.

6.5 Electronic Withdrawal Function for Distance Contracts

Consumers who conclude contracts on this website for which a statutory right of withdrawal exists have the option of declaring withdrawal via an electronic withdrawal function in accordance with the applicable withdrawal provisions. When using the withdrawal function, in addition to details identifying the contract to be withdrawn, further personal information such as the consumer's first and last name and e-mail address must be provided or confirmed. The collection of this information and its transmission to us is carried out pursuant to Art. 6(1)(b) GDPR and only to the extent necessary for the proper processing of the withdrawal. Also on the basis of Art. 6(1)(b) GDPR, the personal data provided is used to confirm receipt of the withdrawal declaration by e-mail. The additional legal basis for processing is Art. 6(1)(c) GDPR. We are legally obliged to provide an electronic withdrawal function for paid consumer distance contracts.

7) Web Analytics Services

Google Analytics 4

This website uses Google Analytics 4, a web analytics service provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"), which enables an analysis of your use of our website. By default, Google Analytics 4 sets cookies when you visit the website — small text files stored on your device that collect certain information. This information also includes your IP address, which is, however, truncated by Google by the last digits to rule out direct personal identifiability. The information is transmitted to Google's servers and processed there. Transfers to Google LLC, based in the USA, are also possible. Google uses the information collected on our behalf to evaluate your use of the website, to compile reports on website activity for us and to provide further services connected with the use of the website and the internet. The IP address transmitted by your browser as part of Google Analytics and truncated is not merged with other data from Google. Data collected in the course of using Google Analytics 4 is stored for a period of two months and then deleted. All of the processing operations described above, in particular the setting of cookies on the device used, are only carried out if you have given us your express consent pursuant to Art. 6(1)(a) GDPR. Without your consent, Google Analytics 4 will not be used during your visit to the site. You may withdraw your consent at any time with effect for the future. To exercise your right of withdrawal, please deactivate this service via the "cookie consent tool" provided on the website. We have concluded a data processing agreement with Google that ensures the protection of the data of our website visitors and prohibits unauthorised disclosure to third parties. Further legal information on Google Analytics 4 can be found at business.safety.google/intl/en/privacy, policies.google.com/privacy?hl=en and policies.google.com/technologies/partner-sites

Demographic Characteristics

Google Analytics 4 uses the special "demographic characteristics" function and can use it to compile statistics that provide information about the age, gender and interests of website visitors. This is done through the analysis of advertising and information from third-party providers. This makes it possible to identify target groups for marketing activities. However, the collected data cannot be attributed to a specific person and is deleted after a storage period of two months.

Google Signals

As an extension of Google Analytics 4, Google Signals may be used on this website to generate cross-device reports. If you have activated personalised advertising and linked your devices to your Google account, Google may, subject to your consent to the use of Google Analytics pursuant to Art. 6(1)(a) GDPR, analyse your usage behaviour across devices and create database models, including for cross-device conversions. We do not receive any personal data from Google, only statistics. If you wish to stop cross-device analysis, you can deactivate the "Personalised advertising" feature in your Google account settings. To do so, follow the instructions on this page: support.google.com/My-Ad-Center-Help/answer/12155764?hl=en Further information on Google Signals can be found at the following link: support.google.com/analytics/answer/7532985?hl=en

UserIDs

As an extension of Google Analytics 4, the "UserIDs" function may be used on this website. If you have consented to the use of Google Analytics 4 pursuant to Art. 6(1)(a) GDPR, have set up an account on this website and log in with this account on various devices, your activities, including conversions, may be analysed across devices.

Collection of User-Provided Data

To improve analytics results for users whose contact details we have obtained in the context of business or business-like relationships, we use the "collection of user-provided data" function. Subject to your express consent pursuant to Art. 6(1)(a) GDPR, we transmit one or more files with customer data aggregated to your person (in particular email address and phone number) to Google electronically as part of this function. Google does not gain access to this data in plain text; rather, the information in the customer files is automatically encrypted during the transmission process using a special algorithm. The encrypted information can then only be used by Google to match it to existing Google accounts set up by the data subjects. The processing serves to refine measurement data, improves cross-device user traceability and enables the integration of analytics results into Google Ads' advertising personalisation and conversion tracking functions. You may withdraw your consent to us at any time with effect for the future. Further information on Google's data protection measures regarding the transfer of customer data can be found here: support.google.com/google-ads/answer/6334160?hl=en&ref_topic=10550182

For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which, on the basis of an adequacy decision by the European Commission, ensures compliance with the European level of data protection.

8) Tools and Miscellaneous

Sentry

This website uses an automatic error reporting service from the following provider: Functional Software Inc., 45 Fremont Street, 8th Floor, San Francisco, CA 94105, USA. In the event of technical complications or functional impairments in connection with the operation of the website, the service automatically sends error reports to the provider containing information about the respective error source and its origin. Both server information and usage parameters such as the IP address, the browser used, timestamps and the URL accessed are transmitted. Error reports may, depending on the origin of the error, also contain further personal customer data that we have collected and stored in the course of concluding contracts (in particular first and last name, address, e-mail address). This is conceivable whenever the error occurs in connection with software-based processing of customer data. Where personal data are also involved in the information transmitted in this way, processing is carried out pursuant to Art. 6(1)(f) GDPR on the basis of our legitimate interest in efficient root-cause analysis of errors to improve the reliability and functionality of our website. For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which, on the basis of an adequacy decision by the European Commission, ensures compliance with the European level of data protection.

9) Rights of the Data Subject

9.1 The applicable data protection law grants you the following data subject rights (rights of access and intervention) vis-à-vis the controller with regard to the processing of your personal data, whereby reference is made to the cited legal basis for the respective conditions of exercise:

  • Right of access pursuant to Art. 15 GDPR;
  • Right to rectification pursuant to Art. 16 GDPR;
  • Right to erasure pursuant to Art. 17 GDPR;
  • Right to restriction of processing pursuant to Art. 18 GDPR;
  • Right to notification pursuant to Art. 19 GDPR;
  • Right to data portability pursuant to Art. 20 GDPR;
  • Right to withdraw consent pursuant to Art. 7(3) GDPR;
  • Right to lodge a complaint pursuant to Art. 77 GDPR.

9.2 RIGHT TO OBJECT

WHERE WE PROCESS YOUR PERSONAL DATA ON THE BASIS OF OUR OVERRIDING LEGITIMATE INTEREST FOLLOWING A BALANCING OF INTERESTS, YOU HAVE THE RIGHT AT ANY TIME TO OBJECT TO THIS PROCESSING WITH FUTURE EFFECT ON GROUNDS ARISING FROM YOUR PARTICULAR SITUATION. IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL CEASE PROCESSING THE DATA CONCERNED. HOWEVER, CONTINUED PROCESSING REMAINS RESERVED IF WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING THAT OVERRIDE YOUR INTERESTS, RIGHTS AND FREEDOMS, OR IF THE PROCESSING SERVES THE ESTABLISHMENT, EXERCISE OR DEFENCE OF LEGAL CLAIMS. WHERE YOUR PERSONAL DATA IS PROCESSED BY US FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA FOR THE PURPOSE OF SUCH MARKETING. YOU MAY EXERCISE THE OBJECTION AS DESCRIBED ABOVE. IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL CEASE PROCESSING THE DATA CONCERNED FOR DIRECT MARKETING PURPOSES.

10) Duration of Storage of Personal Data

The duration of storage of personal data is determined by the respective legal basis, the processing purpose and — where relevant — additionally by the respective statutory retention period (e.g. commercial and tax law retention periods). When processing personal data on the basis of express consent pursuant to Art. 6(1)(a) GDPR, the data concerned is stored until you withdraw your consent. Where statutory retention periods exist for data processed in the context of contractual or quasi-contractual obligations on the basis of Art. 6(1)(b) GDPR, this data is routinely deleted after expiry of the retention periods, provided it is no longer required for the performance or initiation of a contract and/or we no longer have a legitimate interest in continued storage. When processing personal data on the basis of Art. 6(1)(f) GDPR, this data is stored until you exercise your right to object pursuant to Art. 21(1) GDPR, unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or the processing serves the establishment, exercise or defence of legal claims. When processing personal data for direct marketing purposes on the basis of Art. 6(1)(f) GDPR, this data is stored until you exercise your right to object pursuant to Art. 21(2) GDPR. Unless otherwise indicated by the other information in this declaration on specific processing situations, stored personal data will otherwise be deleted when it is no longer necessary for the purposes for which it was collected or otherwise processed.

Copyright notice: This privacy policy was created by the specialist lawyers of IT-Recht Kanzlei and is protected by copyright (www.it-recht-kanzlei.de)

As of: 08.07.2026, 12:00:00