AI Agency Logo

Privacy Policy

Last updated: 14-08-2025

This Privacy Policy describes how Mind13 collects, uses, and protects your personal data when you use our website.

At Mind13, the protection of your personal data is a fundamental priority. You can use our website without providing any personal data. However, if you wish to use certain services offered on our website, such as submitting a contact form, requesting an evaluation, or subscribing to our newsletter, the processing of personal data may become necessary. All processing of personal data is carried out in accordance with the General Data Protection Regulation (GDPR) and applicable national data protection laws. We implement technical and organisational measures to protect personal data against unauthorised access, loss, misuse, or unlawful disclosure. While we continuously work to maintain a high level of security, it is important to note that internet-based data transmission may have inherent vulnerabilities. Absolute protection of data against all risks cannot be guaranteed. For this reason, you are free to communicate certain information to us using alternative channels such as telephone or postal mail.

Who We Are

The controller responsible for the processing of personal data on this website within the meaning of the GDPR and other applicable data protection laws is:

Mind13

Lorenz-Wenk-Weg 20

79713 Bad Säckingen

Germany

VAT ID: [VAT Number]

Email: hello@mind13.com

Website: www.mind13.com

If you have any questions or concerns about data protection at Mind13, you can contact us at the email address above.

What Data We Collect

You can browse our website without providing any personal data. If you choose to use certain features such as submitting a contact form, using our chatbot, or subscribing to our newsletter, we will need to process the personal data you provide so we can respond or deliver the service.

Note: Please do not provide special category data (e.g., health details, political opinions, or religious beliefs). We do not intentionally collect or process such information.

Data You Provide:

(Required for the chosen service unless marked as optional)

Data TypeRequired / OptionalPurposeLegal Basis
NameRequired for contact forms, evaluations, or newslettersResponding to your inquiry or providing requested serviceArt. 6(1)(b) GDPR
Email addressRequired for contact, evaluations, or newslettersCommunication and delivery of requested serviceArt. 6(1)(b) GDPR
Company nameRequired for business-related inquiries and evaluationsTailoring responses to your business needsArt. 6(1)(b) GDPR
Phone numberOptionalFaster response to your requestArt. 6(1)(b) GDPR
Any information you include in formsOptionalResponding to your inquiryArt. 6(1)(b) GDPR

Automatically Collected Data:

(Collected when you browse our website; used for functionality, security, and analytics)

  • IP address (anonymized where possible)
  • Browser type and version
  • Device information (such as operating system)
  • Pages visited, date, and time of access
  • Approximate location (derived from IP address)

Collected via:

  • Google Analytics (analytics, performance measurement)
  • Server logs (OVHCloud, Vercel, Google Cloud for security and technical operation)

Legal basis: Art. 6(1)(f) GDPR – our legitimate interest in maintaining website security and improving user experience.

Retention: Typically 14 to 26 months for Google Analytics. Server log data is retained for security monitoring and deleted within industry-standard timeframes.

Data Processed via AI Tools

(Only if you submit data through forms or chatbot)

If you use our chatbot or submit a form, we may use Large Language Models provided by:

  • OpenAI API
  • Anthropic
  • Google AI

Purpose: Automated replies, lead qualification, and content generation.

Legal basis: Art. 6(1)(b) GDPR or Art. 6(1)(f) GDPR.

Retention: Data is stored only as long as needed to fulfil the request, then deleted or anonymised.

Data Used for Direct Business Communication

If you contact us or show interest in our services, we may process your contact data to provide relevant offers, service information, or follow-up communication.

Legal basis: Art. 6(1)(f) GDPR – our legitimate interest in developing a business relationship. You can object to this use at any time.

Data Combination Policy

We do not combine automatically collected analytics data with identifiable form data unless required for:

  • Security monitoring
  • Fraud prevention
  • Compliance with legal obligations

Purpose and Legal Basis

We process personal data only where there is a valid legal basis under the GDPR. The purposes for which we process personal data, and the corresponding legal bases, are as follows:

Purpose of processingDescriptionLegal Basis
Responding to contact requests and inquiriesCommunicating with you when you contact us through our website, email, or telephoneArt. 6(1)(b) GDPR
Sending newsletters (if subscribed)Sending you updates, news, and marketing contentArt. 6(1)(a) GDPR
Website analyticsAnalysing visitor behaviour to improve website functionality and performanceArt. 6(1)(a) GDPR; Art. 6(1)(f) GDPR
Operating AI-based featuresUsing AI tools to respond to inquiries, qualify leads, and generate requested contentArt. 6(1)(b) GDPR; Art. 6(1)(f) GDPR
Ensuring website security and performanceMonitoring and maintaining the security of our website and systemsArt. 6(1)(f) GDPR
Contacting users with relevant offersFollowing up if you have shown interest in our servicesArt. 6(1)(f) GDPR
Compliance with legal obligationsFulfilling obligations under applicable lawsArt. 6(1)(c) GDPR
Protection of vital interestsProcessing data in emergenciesArt. 6(1)(d) GDPR

You may withdraw consent at any time where processing is based on Article 6(1)(a) GDPR. If processing is based on legitimate interests under Article 6(1)(f) GDPR, you have the right to object at any time on grounds relating to your particular situation. To exercise these rights, please contact us at support@mind13.com.

Provision of Personal Data – Legal or Contractual Requirement

In certain cases, providing personal data is a legal or contractual requirement, or necessary to enter into a contract with us. For example, we may need your contact and business details to prepare an offer or perform a service agreement. If you do not provide the required personal data, we may not be able to enter into or fulfil the contract.

Before providing any personal data, you may contact us for clarification on whether it is legally or contractually required, whether you are obliged to provide it, and what the possible consequences of not providing it might be.

Automated Decision-Making and Profiling

We do not use automated decision-making, including profiling, that produces legal effects or similarly significant consequences for you as defined in Article 22 GDPR.

How Long We Store Your Data

We retain personal data only as long as necessary to fulfil the purposes for which it was collected:

  • Contact inquiries: Up to 12 months
  • Newsletter data: Until you unsubscribe
  • Evaluation data: Until the project ends or a decision is made
  • Analytics data: Typically 14 to 26 months

Where no specific retention period is stated, we determine the appropriate period based on service delivery needs, legal requirements, or legitimate interests. Once expired, personal data is securely deleted or anonymised.

Third-Country Transfers and Safeguards

Examples of services and providers that may involve transfer outside the EEA include:

  • Google LLC (United States)
  • OpenAI, L.L.C. (United States)
  • Anthropic PBC (United States)
  • Mailchimp (United States)
  • Meta Platforms, Inc. (United States)

Where no adequacy decision exists, we use Standard Contractual Clauses (SCCs) and additional measures to ensure EU-equivalent protection. You may request a copy of the safeguards by contacting hello@mind13.com.

Your Rights Under the GDPR

As a data subject, you have the right to:

  • Access your data
  • Rectify inaccurate data
  • Request erasure
  • Restrict processing
  • Data portability
  • Object to processing
  • Withdraw consent at any time

To exercise your rights, contact hello@mind13.com.

If you believe our processing violates the law, you can lodge a complaint with: Landesbeauftragte für den Datenschutz und Informationsfreiheit Baden-Württemberg (LfDI BW) Lautenschlagerstraße 20, 70173 Stuttgart Email: poststelle@lfdi.bwl.de Website: https://www.baden-wuerttemberg.datenschutz.de

Data Security

We take appropriate measures to protect your personal data, including:

  • Secure data transmission (HTTPS/TLS)
  • Access controls and authentication
  • Regular review of security measures
  • Limiting access to authorised personnel
  • Staff security training
  • Backup and recovery procedures

While we strive to protect your personal data, no method of transmission or storage is completely secure.

Use of Cookies and Similar Technologies

Our website uses cookies and similar technologies to ensure the proper functioning of the site, personalise content, analyse performance, and improve the user experience. Cookies are small text files stored on your device when you visit our website.

Types of Cookies

  • Necessary cookies: Required to provide the basic functionality of the website (for example, to store your cookie settings, enable login, or ensure website security). These cookies are set without your consent.
  • Functional cookies: Enable enhanced features and personalisation.
  • Analytics and performance cookies: Collect anonymous or pseudonymous information about how visitors use our website to improve its performance.
  • Marketing cookies: Used to display relevant advertising and measure the effectiveness of advertising campaigns.

Legal Basis

For necessary cookies: Article 6(1)(f) GDPR (legitimate interest in providing a functional website). For all other cookies and similar technologies: Your explicit consent under Article 6(1)(a) GDPR in conjunction with Section 25 TTDSG (German Telecommunications-Telemedia Data Protection Act).

Managing Your Cookie Preferences

You can withdraw or adjust your consent at any time via our cookie banner. In addition, you can manage or block cookies through the following options:

  • Browser settings: Configure your browser to block or delete cookies.
  • Google Analytics Opt-out Browser Add-on: https://tools.google.com/dlpage/gaoptout
  • Opt-out cookie: Use the opt-out function in our cookie banner to set a cookie that disables Google Analytics tracking on this website.

Some cookies are set by third-party providers whose services we integrate into our website, such as: Google LLC (Google Analytics, Google Tag Manager), Meta Platforms, Inc. (Facebook Pixel), LinkedIn Corporation (LinkedIn Insight Tag). For more information about these providers and the cookies used, please see the Third-Party Services section of this Privacy Policy.

Google Analytics

We use Google Analytics, a web analytics service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google Analytics uses cookies that enable the analysis of your use of our website. The information generated by these cookies about your use of the website (including your IP address) is generally transmitted to a Google server in the United States and stored there.

Purpose of Processing: Google Analytics is used to analyse visitor behaviour in order to improve our website's content, structure, and performance.

Legal Basis

The use of Google Analytics is based on your consent under Article 6(1)(a) GDPR in conjunction with Section 25 TTDSG. You can withdraw your consent at any time (see below).

Data collected:

  • IP address (shortened/anonymised where possible)
  • Device and browser information
  • Pages visited, date, and time of access
  • Referring URL

Data Transfers to the United States

Data may be transferred to the United States. Safeguards: Standard Contractual Clauses (SCCs) approved by the European Commission.

Retention: Data is retained in Google Analytics for 14 to 26 months, according to our configuration.

Opt-Out Options

You can prevent Google Analytics from collecting your data as follows:

  • Browser settings: Configure your browser to block or delete cookies.
  • Google Analytics Opt-out Browser Add-on: Install the add-on provided by Google at https://tools.google.com/dlpage/gaoptout.
  • Opt-out cookie: Use the opt-out function in our cookie banner to set a cookie that disables Google Analytics tracking on this website.

For more information on Google's data protection practices, please visit: https://policies.google.com/privacy

Third-Party Services and Data Recipients

We use trusted third-party services to support our operations, improve website performance, and deliver our services. Where these providers process personal data on our behalf, they act as data processors under Article 28 GDPR. Data may also be transferred outside the EU/EEA, subject to appropriate safeguards such as Standard Contractual Clauses (SCCs).

Below is an overview of the categories of third-party services we use, their purposes, and examples of tools or providers:

CategoryPurposeExamples
Website hosting & infrastructureHosting the website, processing form submissions, backend infrastructureOVHCloud, Vercel, Google Cloud, internal infrastructure
Analytics providersWebsite traffic analysis and visitor behaviorGoogle Analytics
Communication & productivity toolsEmail communication, contact form delivery, internal handling of requestsGoogle Workspace, Notion
AI service providersGenerating automated responses (chatbot, email)OpenAI API, Antrophic, Google
Marketing and newsletter toolsEmail campaigns, newsletter managementMailchimp
Advertising and tracking toolsRetargeting, measuring ad performanceFacebook Pixel

Notes

  • We only share personal data with third parties to the extent necessary for the specific processing purpose.
  • All third-party providers are contractually bound to GDPR-compliant data processing agreements.
  • Data transfers outside the EEA are safeguarded using Standard Contractual Clauses, adequacy decisions, or other lawful mechanisms.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or other circumstances. The updated version will be published on this page and will be effective as of the date indicated at the top of the policy.

If we make material changes that significantly affect your rights or the way we process your personal data, we will inform you in advance by appropriate means, such as a prominent notice on our website or by direct communication (e.g., email, if we have your contact details).

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your personal data.

Contact

If you have questions about this policy or wish to exercise your rights, contact us at: support@mind13.com