Privacy Policy

1. Controller

2. Hosting & Self-Hosted Resources

This website is hosted on our own dedicated server in Germany. All fonts, CSS, JavaScript and other resources are served exclusively from our own server. No IP addresses are transmitted to third-party CDNs (e.g. Google Fonts, Cloudflare) without your explicit consent. This is a deliberate design choice to ensure GDPR compliance by default.

When you visit this website, our server automatically records so-called server log files. These include: browser type and version, operating system, referring URL, hostname of the accessing device, time of the server request, IP address. This data is not merged with other data sources. Legal basis: Art. 6(1)(f) GDPR (legitimate interest in operating a stable website).

3. Contact Form

If you send us inquiries via the contact form, your data (name, email address, phone number, company, position, subject, message, and optional newsletter consent) will be stored for the purpose of processing the inquiry and follow-up questions. We do not forward this data without your consent. The form data is transmitted encrypted via HTTPS and sent via SMTP on our own server. No form data is stored in log files. Legal basis: Art. 6(1)(b) GDPR (pre-contractual measures) and Art. 6(1)(f) GDPR.

Your data will remain with us until you request deletion, withdraw your consent to storage, or the purpose of data storage no longer applies. Mandatory statutory provisions — particularly retention periods — remain unaffected.

4. Cookies and Local Storage

This website does not set any tracking cookies of its own. To store your consent decisions, we use your browser's local storage (localStorage) — this is technically not a cookie but browser-side storage. We store an entry with the key cd-cookie-consent-v1, which contains your consent choices, timestamp, and version. This entry remains for up to 365 days or until you reset it via the cookie settings.

Active tracking: This website does not use any statistics or marketing tracking. The cookie banner allows you to grant corresponding consents — however, these currently have no technical effect as no tracking tool is integrated.

You can adjust your settings at any time via the "Cookie Settings" link in the footer. Legal basis: Art. 6(1)(a) GDPR.

5. YouTube Videos

This website embeds a YouTube video. The thumbnail image is loaded directly from img.youtube.com (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) when the page loads. This establishes a connection to Google servers and transmits your IP address. Legal basis: Art. 6(1)(f) GDPR (legitimate interest in displaying a visual preview without a full embed).

The video itself is only loaded when you actively click the play button (click-to-play consent). By clicking, you consent pursuant to Art. 6(1)(a) GDPR to the video being embedded via youtube-nocookie.com (YouTube's Privacy-Enhanced Mode). YouTube may then set its own cookies and collect usage data — even in Privacy-Enhanced Mode, connection data may be stored when you interact with the video.

For more information on data processing by YouTube/Google, please refer to the Google Privacy Policy.

6. Stock Price Data

The Investor Relations page displays stock price data. This data is retrieved server-side from an external financial API and cached for 15 minutes. Your IP address is not forwarded to any external service — the request is made exclusively from our server.

7. Your Rights

You have the right to: access (Art. 15 GDPR), rectification (Art. 16 GDPR), erasure (Art. 17 GDPR), restriction (Art. 18 GDPR), data portability (Art. 20 GDPR), objection (Art. 21 GDPR), withdrawal of consent (Art. 7(3) GDPR), and complaint to a supervisory authority (Art. 77 GDPR).

To exercise your rights: info@cubedoc.ai

Supervisory authority: You have the right to lodge a complaint with the competent supervisory authority. For CubeDoc SE (registered in Cologne, Germany), the competent authority is the State Commissioner for Data Protection and Freedom of Information of North Rhine-Westphalia (LDI NRW), www.ldi.nrw.de.

8. SSL/TLS Encryption

This site uses SSL/TLS encryption for security reasons and to protect the transmission of confidential content. You can recognise an encrypted connection by the "https://" at the beginning of the address in your browser. When SSL/TLS encryption is active, data you transmit to us cannot be read by third parties.