Privacy Policy

1. Controller

The data controller for the processing of personal data under this Privacy Policy is:

GEA Consulting
Germany

(“GEA”, “we”, “us”, “our”)

2. Scope of This Privacy Policy

This Privacy Policy explains how personal data may be processed when you:

  • Visit our website

  • Use GEA Agents (AI-powered tools)

  • Contact us or interact with our services

This Privacy Policy applies globally, with GDPR serving as the baseline standard.

3. Personal Data We May Process

Depending on how you use the services, we may process:

  • Information you voluntarily submit (e.g. prompts, questions, text inputs)

  • Contact details if you contact us directly

  • Technical data (e.g. IP address, device/browser information, usage metadata)

You remain in control of what information you choose to submit.

4. Purpose of Processing

Personal data is processed solely to:

  • Provide and operate the services

  • Generate AI-assisted outputs requested by users

  • Maintain security, performance, and integrity of the services

  • Respond to inquiries or support requests

We do not process personal data for unrelated purposes.

5. AI Systems and Training

GEA Consulting does not use user inputs or outputs to train AI models.

To deliver the services, we rely on third-party AI and infrastructure providers. These providers may process data in accordance with their own terms and safeguards.

6. Data Storage and Retention

We do not intentionally retain user inputs beyond what is necessary to provide and secure the services.

Data may be processed and temporarily stored by GEA Consulting or by trusted third-party service providers for operational, security, and troubleshooting purposes.

Retention periods depend on technical and legal requirements and are kept as limited as reasonably possible.

7. Third-Party Service Providers

We use trusted third-party providers to operate our services, including:

  • AI infrastructure and model providers

  • Hosting and platform providers (e.g. embedded AI tooling)

These providers act as processors or independent controllers depending on the context and are subject to contractual and legal safeguards.

8. International Data Transfers

Personal data may be processed in countries outside the European Union.

Where required, appropriate safeguards are applied, such as standard contractual clauses or equivalent mechanisms, in accordance with applicable data protection laws.

9. User Responsibilities

You agree:

  • Not to submit personal data or confidential information unless you are legally authorised to do so

  • Not to submit sensitive or special-category data unless strictly necessary and appropriate safeguards are in place

GEA Consulting is not responsible for personal data you choose to submit beyond what is required to use the services.

10. Your Rights

Depending on your location and applicable law, you may have rights including:

  • Access to your personal data

  • Rectification of inaccurate data

  • Deletion of personal data

  • Restriction or objection to processing

We will make reasonable efforts to respond to valid requests, subject to technical and legal limitations.

11. Security

We implement reasonable technical and organisational measures to protect personal data against unauthorised access, loss, or misuse.

No system is completely secure, and we cannot guarantee absolute security.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time.

The current version will always be available on our website.

13. Contact

For privacy-related questions or requests, you may contact us via the contact details provided on our website.