Privacy Policy

Last updated: 23 Aug 2025

1. Controller

Thinkpulse AI – Norman Kamradt

Lilo-Herrmann-Straße 26, 16303 Schwedt (Oder), Germany

Email: norman.kamradt@thinkpulseai.de


2. General information on data processing

  • We process personal data only to the extent necessary to provide a functional website, to respond to inquiries, or to pursue legitimate interests (Art. 6(1)(a–f) GDPR).

  • Data is only disclosed to third parties where permitted by law (e.g., processing under contract) or based on consent.

  • Minors: Our services are aimed at business customers (B2B).


3. Hosting & technical provision

Hosting/server & email: ALL-INKL.COM (Neue Medien Münnich), Germany.

We have concluded a Data Processing Agreement (DPA) with the host.

Server log files: On each access the following are processed automatically: IP address, date/time, time zone, request line, status code, transferred data volume, referrer, user agent, target URL.

Purposes: technical delivery, security/error analysis (Art. 6(1)(f) GDPR).

Retention: generally 7–14 days, then deletion/anonymization.


4. Contact (Elementor form)

You can send us inquiries via the form on /contact.

Data types: first name, last name, company, phone, email, role/function, industry, topic, message; optional file upload (PDF/DOCX/PNG/JPG).

Purposes/legal bases: responding and initiating/performing a business relationship (Art. 6(1)(b) GDPR) and our legitimate interest in efficient communication (Art. 6(1)(f) GDPR).

Recipients/processing:

  • Web server/WordPress: form submissions are stored in the WordPress database if “Collect Submissions” is enabled.

  • Email dispatch: via Post SMTP using our host’s mail server (ALL-INKL). The email contains the form details and any attachments.

Retention:

  • Form submissions: max. 12 months (proof/communication history), then deletion.

  • Email logs (Post SMTP): max. 90 days.

  • File uploads: on the server max. 90 days, then deletion.

Note: Please do not send special-category/sensitive real data (health data, personnel files, trade secrets) via the form.


5. Spam & abuse protection

5.1 Google reCAPTCHA v3

We use Google reCAPTCHA v3 on form pages to detect bots.

Provider: Google Ireland Limited (Ireland) – transfers to the USA may occur.

Data: IP address, referrer URL, timestamp, mouse/scroll/keyboard events, browser/device information are transmitted to Google.

Legal basis: consent (Art. 6(1)(a) GDPR). Scripts are only loaded after consent in the cookie banner.

Withdrawal: possible at any time via cookie settings (footer link).

Third-country transfer: USA – under Art. 46 GDPR (Standard Contractual Clauses) and/or the EU–US Data Privacy Framework (where applicable).


5.2 Antispam Bee

The Antispam Bee plugin can be used to filter spam comments.

Currently, blog comments are disabled by default; if comments are enabled, Antispam Bee processes, e.g., IP address (optionally anonymized), timestamp, content server-side only; no matching against external blacklists unless explicitly activated.

Legal basis: Art. 6(1)(f) GDPR (prevention of abuse).


6. Cookies & consent management

We use Complianz as our consent tool. On first visit you see a cookie notice where you can give voluntary consent. Your choices are stored in a consent cookie.

Categories:

  • Essential (e.g., storing consent, security, load balancing) – no consent required.

  • Functional/Security (e.g., reCAPTCHA) – requires consent.

An up-to-date, automatically maintained list of cookies is available in the banner under “Details” or via the footer link “Cookie settings”.

Legal bases: Art. 6(1)(c) GDPR in conjunction with Section 25 TTDSG (technically necessary) and Art. 6(1)(a) GDPR (non-essential).


7. SEO / analytics / social

  • Rank Math SEO: does not set tracking cookies for visitors in standard mode. It generates structured data/meta tags in the source code. Legal basis: Art. 6(1)(f) GDPR (findability/optimization).

  • Social links in the footer/pages are plain links (no embedded social plugins). No data is transferred to the networks until you click.


8. Backups

For availability we create backups (UpdraftPlus plugin). Backups may contain personal data (e.g., form contents).

Storage location: web server (Germany) and/or storage integrated by the host.

Retention: rolling, generally up to 90 days.

Legal basis: Art. 6(1)(f) GDPR (security & restoration).


9. Processing under contract

We have DPAs pursuant to Art. 28 GDPR with the following processors:

  • Hosting/email: ALL-INKL.COM (Germany)

  • Consent tool: Complianz B.V. (EU)

Further processors are only engaged if they comply with GDPR requirements.


10. Transfers to third countries

Data is transferred to third countries only if:

  • you have consented (e.g., reCAPTCHA), or

  • Standard Contractual Clauses/adequacy exist, or

  • it is required by law.

    Details are set out in Section 5.1 (Google reCAPTCHA).


11. Retention & deletion

We process personal data only as long as necessary for the respective purpose or where statutory retention duties apply. Afterwards, data is deleted or anonymized.


12. Obligation to provide data

You are not legally required to provide personal data. For use of the contact form, at least the fields marked as mandatory are necessary; without them we cannot process inquiries.


13. Rights of data subjects

You have the following rights against us:

  • Access (Art. 15 GDPR)

  • Rectification (Art. 16 GDPR)

  • Erasure (Art. 17 GDPR)

  • Restriction (Art. 18 GDPR)

  • Data portability (Art. 20 GDPR)

  • Objection to processing based on Art. 6(1)(e)/(f) GDPR (Art. 21 GDPR)

  • Withdrawal of consent (Art. 7(3) GDPR) with effect for the future.

Right to lodge a complaint

You can lodge a complaint with a data protection supervisory authority, e.g., the authority responsible for Brandenburg. A list of German supervisory authorities is available at bfdi.bund.de.


14. Security

We use TLS/SSL encryption, role/permission concepts, current software versions and server-side security measures. Emails can have security gaps; for confidential content, please use encrypted transmission methods where possible.


15. Changes to this notice

We update this Privacy Policy when services, legal requirements or technical bases change. The current version is always available at thinkpulseai.de/privacy-policy.

Scroll to Top