KI
KIneAngst

Privacy Policy

This is a convenience translation. The legally binding version of this privacy policy is the German original.

Version 1.1 — effective from April 2026

1. Controller

Thorsten Ahrens Zillestr. 75 51067 Cologne, Germany Email: contact@kineangst.de

2. Data Collection on This Website

a) Contact Requests via Email

When you contact us by email, the data you provide (your email address, possibly your name and your message) will be stored to process your inquiry. Legal basis: Art. 6(1)(b) GDPR (pre-contractual measures) and Art. 6(1)(f) GDPR (legitimate interest in responding to inquiries).

b) User Account

Upon registration, your name and email address are stored. Authentication is handled via Supabase (password or magic link). Legal basis: Art. 6(1)(b) GDPR (performance of a contract).

c) Experience Points (XP System)

For logged-in users, interactions (articles read, tests completed, content shared) are recorded in a points system. Purpose: gamification and progress tracking. Data stored: user_id, action, reference, timestamp. Legal basis: Art. 6(1)(b) GDPR (performance of a contract).

d) Anonymous Test Statistics

Upon completion of the AI Anxiety Test, dimension scores are saved without any user reference and without IP address. Purpose: anonymous community comparison (only displayed once at least 10 participants). This data cannot be traced back to individual persons. Legal basis: Art. 6(1)(f) GDPR (legitimate interest).

3. Legal Basis

Data processing is carried out on the basis of:

  • Art. 6(1)(a) GDPR (consent) — for newsletter subscription.
  • Art. 6(1)(b) GDPR (performance of a contract) — for user accounts, XP system, contact requests.
  • Art. 6(1)(c) GDPR (legal obligation) — for disclosure to law enforcement authorities.
  • Art. 6(1)(f) GDPR (legitimate interest) — for anonymous test statistics, hosting logs, and web analytics.

4. Data Retention

  • Contact requests: Deleted as soon as they are no longer necessary for the purpose for which they were collected and no statutory retention obligations apply.
  • Account data (name, email): Until deletion of the user account.
  • XP data: Until deletion of the user account.
  • Anonymous test statistics: Indefinitely, as they are not personal data.
  • Newsletter consent: Until revocation.

5. Hosting

This website is hosted by Vercel Inc. (USA). When you visit, technical data (IP address, browser type, operating system, referrer URL, access time) is automatically recorded in server logs. Processing is carried out on the basis of Art. 6(1)(f) GDPR (legitimate interest in the secure provision of the website).

A data processing agreement pursuant to Art. 28 GDPR has been concluded with Vercel Inc. Data transfer to the USA is based on EU Standard Contractual Clauses (Art. 46(2)(c) GDPR) and the EU-US Data Privacy Framework (Art. 45 GDPR).

6. Database

Supabase (Supabase Inc., USA) is used to store user accounts, course progress, and XP data. A data processing agreement pursuant to Art. 28 GDPR has been concluded with Supabase Inc. Data transfer to the USA is based on EU Standard Contractual Clauses (Art. 46(2)(c) GDPR).

7. Email Service

Resend (Resend Inc., USA) is used for authentication emails (magic links, password reset) and in the future for newsletters. A data processing agreement pursuant to Art. 28 GDPR has been concluded with Resend Inc. Data transfer to the USA is based on the EU-US Data Privacy Framework (Art. 45 GDPR).

8. Cookies and Tracking

This website does not use tracking cookies or advertising trackers.

Technically Necessary Cookies

Supabase Auth session cookie: Set for logged-in users to maintain the session. Legal basis: Art. 6(1)(b) GDPR (performance of a contract). No cookie banner is required for this.

Web Analytics

Vercel Analytics: Cookie-free web analytics. No personal data is collected. Legal basis: Art. 6(1)(f) GDPR (legitimate interest).

9. Newsletter

During registration, you may opt in to receive newsletters. Data stored: user_id, consent timestamp, and source. Legal basis: Art. 6(1)(a) GDPR (consent). You may revoke your consent at any time by unsubscribing via the link in the email or by emailing contact@kineangst.de.

10. Social Sharing

The website offers sharing buttons for X, LinkedIn, Facebook, WhatsApp, Telegram, Reddit, and Threads. No data is transmitted to these platforms unless you actively click a button. Clicking opens a new browser window to the respective platform. The privacy policies of the respective platform then apply.

11. Disclosure to Law Enforcement

We may be legally obligated to disclose stored data to law enforcement authorities on the basis of a European Production Order or Preservation Order pursuant to Regulation (EU) 2023/1543. Such disclosure is made exclusively on the basis of a lawful order and to the extent required by law. Legal basis: Art. 6(1)(c) GDPR (legal obligation).

12. Your Rights

Under the GDPR, you have the following rights:

  • Right of access to your stored data (Art. 15 GDPR)
  • Right to rectification of inaccurate data (Art. 16 GDPR)
  • Right to erasure of your data (Art. 17 GDPR)
  • Right to restriction of processing (Art. 18 GDPR)
  • Right to data portability (Art. 20 GDPR)
  • Right to object to processing (Art. 21 GDPR)
  • Right to withdraw consent (Art. 7(3) GDPR) — for the newsletter at any time with effect for the future

13. Account Deletion

Users may request deletion of their account and all associated data (profile, XP, test data, newsletter consent) at any time by emailing contact@kineangst.de.

14. Right to Lodge a Complaint

You have the right to lodge a complaint with a data protection supervisory authority. The competent authority is the State Commissioner for Data Protection and Freedom of Information of North Rhine-Westphalia (LDI NRW).

15. Changes

This privacy policy may be updated as needed. The current version with date can always be found on this page.