cockpit4me
DE
Legal

Privacy

Summary for orientation. The legally binding privacy policy is the German version at /datenschutz/. Where this English summary diverges from the German text, the German version applies.

Controller

Controller within the meaning of the GDPR is cockpit4me e.K., owner Marcus Kaliga, Kassenberg 34a, 45479 Mülheim an der Ruhr, Germany. Contact: info@cockpit4me.de.

What we process

  • Contact data (name, email, organisation, where provided).
  • Content data — text and inputs you provide in CLARA and LISA, attachments where applicable.
  • Usage data — pages visited, interaction sequences, timestamps.
  • Technical data — IP address, browser type, operating system, referrer URL, timestamps.

Hosting

Website and systems are hosted by Hetzner Online GmbH in data centres within Germany. A data-processing agreement under Art. 28 GDPR is in place. Applications run in Docker containers with TLS-encrypted delivery.

AI systems

cockpit4me operates AI-supported systems (CLARA, LISA) for decision support. They do not replace expert, legal, medical, tax or strategic review. There is no fully automated decision-making within the meaning of Art. 22 GDPR. Decisions are always made by humans.

External AI providers: OpenRouter (US) as routing service, OpenAI (US) as model provider. Prompts and context are transferred for the purpose of answering them. Training on submitted content is excluded where configurable. Data transfers to the US are based on EU Standard Contractual Clauses (Art. 46 (2)(c) GDPR) and, where applicable, the EU–US Data Privacy Framework (Art. 45 GDPR).

NORA — internal system

NORA is an internal cockpit4me system. It is not publicly accessible and not available to external users. It supports internal research, sales and content processes only.

Logs and security

Server logs (IP, browser, OS, referrer, accessed resource, timestamp, HTTP status, transferred volume) are processed for system stability, attack defence and error analysis on the basis of Art. 6 (1)(f) GDPR. Logs are deleted or anonymised after 14 days as a rule.

No tracking

No Google Analytics, no advertising pixels, no other tracking tools. No advertising profiles, no cross-device tracking. Only technically necessary cookies or equivalent storage methods are used.

LinkedIn

cockpit4me operates a LinkedIn company presence. LinkedIn processes user data under its own responsibility. For reach statistics (Page Insights), cockpit4me and LinkedIn are joint controllers under Art. 26 GDPR. Use of the official LinkedIn API for managing the cockpit4me presence is on the basis of Art. 6 (1)(f) GDPR and, where applicable, Art. 6 (1)(a) GDPR. Access tokens are stored encrypted on Hetzner infrastructure in Germany.

Retention

Personal data is kept only as long as required for the respective purpose or by statutory obligations (HGB/AO retention periods, regularly 6–10 years).

Your rights

Right of access (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction (Art. 18), data portability (Art. 20), objection (Art. 21), withdrawal of consent (Art. 7 (3)), complaint to a supervisory authority (Art. 77). The supervisory authority responsible for cockpit4me is the State Commissioner for Data Protection and Freedom of Information of North Rhine-Westphalia (LDI NRW). Requests: info@cockpit4me.de.

Status

Current version: May 2026. The binding German version is available at /datenschutz/.