1. Controller

The controller within the meaning of the General Data Protection Regulation (GDPR) and other national data protection laws as well as other data protection regulations is:

collective mind GmbH
Römerstraße 75
71229 Leonberg
Germany

Management: Armin Bär, Artur Hefner & Joshua Raabe
Commercial Register: HRB 735720 (Stuttgart District Court)
VAT ID No.: DE274111749

E-Mail: kontakt@comi.de
Telefon: +49 7152 / 906 599 - 0
Telefax: +49 7152 / 906 599 - 9
Website: www.comi.de

2. Data Protection Officer

IITR Datenschutz GmbH
Marienplatz 2
80331 Munich
Germany

Tel.: +49 89 1891 7360
E-Mail: email@iitr.de

3. General Information on Data Processing

As a matter of principle, we only process our users' personal data to the extent necessary to provide a functional website, as well as our content and services. Processing regularly occurs only after consent has been obtained, unless legal regulations permit it even without prior consent.

4. Legal Basis

• Consent: Art. 6 para. 1 lit. a GDPR
• Performance of a contract or pre-contractual measures: Art. 6 para. 1 lit. b GDPR
• Legal obligation: Art. 6 para. 1 lit. c GDPR
• Vital interests: Art. 6 para. 1 lit. d GDPR
• Legitimate interest: Art. 6 para. 1 lit. f GDPR

5. Data Erasure and Storage Period

Personal data will be deleted or blocked as soon as the purpose of storage no longer applies. Storage may also take place if this is required by law.

6. Provision of the Website and Log Files

The following data is automatically recorded when you access our website:

• Browser type and version
• Operating system
• IP address
• Date and time
• Referrer URL
• Internet service provider

This data is used to deliver the website and ensure system security (Legal basis: Art. 6 para. 1 lit. f GDPR).

7. Rights of the Data Subject

• Right to information
• Right to rectification
• Right to restriction of processing
• Right to erasure
• Right to notification
• Right to data portability
• Right to object
• Right to withdraw consent
• Right to lodge a complaint with a supervisory authority

8. Use of HubSpot

We use HubSpot as our CRM and marketing platform. Personal data is processed by HubSpot on our behalf. Data transmission to the USA is based on EU standard contractual clauses (Art. 46 GDPR).

You can find more information here: HubSpot Privacy Policy.

9. Data Privacy Statement for the COMI Chatbot

9.1 General Information

As part of our website offering, we provide a chat service bot through which you can communicate with an automated system.

9.2 Purpose of Processing

• Automated answering of inquiries
• Improvement of customer service
• Internal analysis and system optimization

9.3 Scope of Data Processing

• Content of the user inquiry (text input)
• Chatbot responses
• Browser type and version
• Operating system
• IP address
• Date and time
• Referrer URL
• Internet service provider

Please do not enter any sensitive personal data in the chat.

9.4 Legal Basis

The processing is based on Art. 6 para. 1 lit. f GDPR (legitimate interest) or on the basis of your consent (Art. 6 para. 1 lit. a GDPR) if you voluntarily enter personal data.

9.5 Data Transfer

The chat logs are only made available to the website operator. They will not be passed on to third parties.

9.6 Storage Period

The storage period depends on the purpose of the processing. Data will be deleted as soon as it is no longer required.

10. Right to Object

You can object to the processing of your personal data at any time, especially in the case of direct advertising or if reasons arise from your particular situation (Art. 21 GDPR).

11. Automated Decisions / Profiling

Automated decision-making does not take place unless this is necessary for a contract or required by law or with your express consent (Art. 22 GDPR).