Information according to § 5 TMG

futureprojects GmbH
Fetscherstraße 33
01307 Dresden

District Court Dresden: HRB 41185

Represented by:
Norbert Rost

Contact

Phone: +49 (0) 351 4466069
Email: kontakt@futureprojects.de

Consumer dispute resolution/universal arbitration board

We are not willing or obliged to participate in dispute resolution proceedings before a consumer arbitration board.

Liability for content

As a service provider, we are responsible for our own content on these pages in accordance with § 7 para.1 TMG under general laws. According to §§ 8 to 10 TMG, however, we are not obliged as a service provider to monitor transmitted or stored third-party information or to investigate circumstances that indicate illegal activity.

Obligations to remove or block the use of information under general laws remain unaffected. However, liability in this regard is only possible from the time of knowledge of a specific infringement. Upon becoming aware of corresponding infringements, we will remove this content immediately.

Liability for links

Our offer contains links to external websites of third parties, on whose contents we have no influence. Therefore, we cannot assume any liability for these external contents. The respective provider or operator of the pages is always responsible for the contents of the linked pages. The linked pages were checked for possible legal violations at the time of linking. Illegal contents were not recognizable at the time of linking.

However, a permanent control of the contents of the linked pages is not reasonable without concrete evidence of an infringement. Upon becoming aware of legal violations, we will remove such links immediately.

Copyright

The content and works on these pages created by the site operators are subject to German copyright law. Duplication, processing, distribution and any kind of exploitation outside the limits of copyright require the written consent of the respective author or creator. Downloads and copies of this site are only permitted for private, non-commercial use.

Insofar as the content on this site was not created by the operator, the copyrights of third parties are respected. In particular, third-party content is marked as such. Should you nevertheless become aware of a copyright infringement, please inform us accordingly. Upon becoming aware of legal violations, we will remove such content immediately.

Source: https://www.e-recht24.de/impressum-generator.html

In the following we would like to inform you in accordance with the General Data Protection Regulation (GDPR) and other data protection regulations. In particular, we hereby inform you about which personal data we collect for which purposes when using our website and electronic communication with us, how we use it, to whom we disclose it and what rights you have with regard to your personal data.

Data Processing in Detail

Below you will find the legal information about data categories, purposes, legal bases, deletion periods, recipients, third country transfer, profiling as well as revocation and objection rights per processing activity.

Visiting the Website

Data Categories: When visiting the platform, we process personal data or device data that is automatically transmitted from your device to our servers: browser type / browser version, operating system used, language and version of browser software, IP address, date and time of server request, access status/HTTP status code, referrer URL (previously visited website).

Purposes: The processing of this data is necessary to establish a connection to our servers, to correctly deliver the content of the website, to ensure the functionality and security of the website, and to detect and prevent misuse (e.g. attacks on IT security).

Storage Period: The data is only processed briefly and stored in server log files. Personal data is not stored permanently. Log data is regularly deleted or anonymized.

Recipients: Your data is processed on our behalf by futureprojects GmbH. Futureprojects uses the following service providers: Scalingo (hosting).

Legal Basis: The processing of the data is based on Art. 6 para. 1 lit. f GDPR (legitimate interest in the secure and functional provision of the website) and § 25 para. 2 TTDSG.

Registration on the Platform and Receipt of Notifications

Data Categories: The following personal data is required for registration on the platform: email, username, password, consent to the terms of use (date, time). The following data can be provided voluntarily: first name, last name. Furthermore, a cookie for your authentication (name: authData) and for the selected language (name: i18nextLng) is stored on your device.

Purposes: This data is required to confirm your registration, create a user account, authenticate you on future logins and keep you logged in, send you notifications about relevant activities on the platform and provide other functions of the platform for registered users.

Storage Period: This data will be deleted if a user account is not confirmed within the specified period after registration, or an account is deleted at the user's request via their profile, or a user is deleted by an administrator, and generally when the purpose for which the data was collected ceases to exist and processing for other legitimate purposes is not required.

Recipients: Your data is processed on our behalf by futureprojects GmbH. This uses the following service providers for data processing: Scalingo (hosting) and Brevo (email delivery).

Legal Basis: The processing of the data is based on Art. 6 para. 1 lit. b GDPR (contract performance) and Art. 6 para. 1 lit. f GDPR (legitimate interest) in conjunction with § 25 para. 2 TTDSG for the fulfillment of the above-mentioned purposes.

Using the Platform: Organizations, Email Assistants and Knowledge Base

Data Categories: The following data is required to create an organization: organization name, industry, email address, optionally phone, contact person, address and additional information. The following data is required to configure an email assistant: assistant name, description, email connection data (IMAP/SMTP credentials or OAuth credentials for Gmail/Microsoft). The following data is required to use the knowledge base: FAQ entries (questions and answers), instructions for the assistant.

Purposes: This data is required to provide you with the functions of the platform, in particular to manage organizations, configure and operate email assistants, create automatic reply drafts, provide knowledge for the assistant, and send notifications to you.

Storage Period: This data will be deleted when the organization or assistant is deleted, and generally when the purpose for which the data was collected ceases to exist and processing for other legitimate purposes is not required.

Recipients: Your data is processed on our behalf by futureprojects GmbH. This uses the following service providers for data processing: Scalingo (hosting) and Brevo (email delivery). Your email connection data (passwords, access tokens) is stored exclusively with AES-256 encryption. Organization members may have access to organization and assistant data depending on their role.

Legal Basis: The processing of data on the platform is based on Art. 6 para. 1 lit. b GDPR (contract performance) for the fulfillment of the above-mentioned purposes.

AI-Powered Email Processing

Data Categories: The following data is processed to create automatic reply drafts: complete email content (sender, subject, message text), assistant instructions and FAQ entries configured by you. Additionally, technical usage statistics are processed (e.g. AI model used, token consumption, processing duration, success status).

Purposes: The processing is used to create non-binding reply drafts for incoming emails. The drafts are saved in the drafts folder of the respective email mailbox. No automatic sending or automated decision with legal effect takes place. The usage statistics are used for billing, quality assurance and technical optimization of the service.

Storage Period: Email content is only processed in memory during active processing and is not stored permanently. Usage statistics without email content are retained for billing and analysis purposes. Error logs may be stored temporarily if required for technical diagnostics.

Recipients:

For AI processing, data is transmitted to the following service provider:

Microsoft Corporation (Azure AI Foundry), One Microsoft Way, Redmond, WA 98052, USA (Privacy Policy).

Processing takes place primarily in data centers within the European Union. Access from third countries cannot be completely excluded due to legal obligations of the provider (e.g. US Cloud Act). Appropriate safeguards exist pursuant to Art. 46 GDPR.

Legal Basis: The processing is based on Art. 6 para. 1 lit. b GDPR (contract performance - provision of the email assistant service).

Contact

Data Categories: We process your email address and, if applicable, your name, your phone number (if provided), subject, the content of the message and the time of the request.

Purposes: We need this data to process your request and communicate with you.

Storage Period: We delete your data as soon as the request has been finally clarified. However, further processing may be necessary to comply with legal retention obligations and in the case of legal disputes. The storage period for these purposes is 3 to 10 years.

Recipients:

Your data is processed on our behalf by futureprojects GmbH. This also uses the following service providers for data processing: Scalingo (hosting) and Hetzner (email hosting).

Legal Basis: The processing of the data is based on Art. 6 para. 1 lit. f GDPR (legitimate interest in communication with prospects and customers) for the fulfillment of the above-mentioned purposes.

Logging Platform Activities

Data Categories: The following data is stored: username of the executing or requested user if available, IP address of website visitor, identifier of the executed action, timestamp, user action (e.g. login successful/failed, password reset requested, confirmation of a request failed (email change, password reset, account confirmation), organization created, assistant created/configured).

Purposes: This data is required to ensure security on the platform, such as detecting problems, blocking usernames or IP addresses after too many failed attempts (brute force attack), blocking IP addresses after too many actions (spam protection), as well as for statistics.

Storage Period: This data is anonymized once a day: removal of all IP addresses from entries older than 24 hours (resulting in a maximum age of IP addresses of 48 hours). Removal of all usernames from entries older than 7 days. Further use may occur in the case of asserting or defending legal claims or for the purpose of blocking certain users or IP addresses.

Recipients: Your data is processed on our behalf by futureprojects GmbH. This uses the following service providers for data processing: Scalingo (hosting).

Legal Basis: The processing of the data is based on Art. 6 para. 1 lit. f GDPR (legitimate interest in the security and functionality of the platform) for the fulfillment of the above-mentioned purposes.

Error Analysis

Data Categories: The following data is collected: browser type/browser version, operating system/version used, device type, IP address, date and time of server request, error message including stack trace.

Purposes: This data is required to detect, analyze and fix errors as well as to ensure the stability and functionality of the platform.

Storage Period: The IP address is anonymized or removed before storage through appropriate configuration at Sentry. The data may contain personal data, particularly if it is part of error messages or stack traces. The data is deleted at regular intervals.

Recipients:

Your data is processed on our behalf by futureprojects GmbH. This uses the following service providers for data processing: Functional Software, Inc., 132 Hawthorne St. San Francisco, USA, https://www.sentry.io.

Third country transfer and legal basis
Sentry's servers are located in the USA, so the above-mentioned data is processed there. The USA is classified by the European Court of Justice as a country with an inadequate level of data protection according to EU standards. In particular, there is a risk that your data may be processed by US authorities for control and surveillance purposes, possibly without legal remedies. The appropriate level of data protection for transfers to the USA is generally guaranteed by the conclusion of so-called standard data protection clauses in accordance with Art. 46 para. 2 lit. c GDPR and the additional measures taken by Sentry to protect the data. The standard data protection clauses are available here.

Legal Basis: The processing of the data is based on Art. 6 para. 1 lit. f GDPR (legitimate interest in the stability and functionality of the platform) and § 25 para. 2 TTDSG for the fulfillment of the above-mentioned purposes.

Embedded Videos

Data Categories: Videos from the provider Videolyser (videolyser.de) are embedded on our website. When loading the page, a connection to Videolyser's servers is established. The following data is transmitted: IP address, browser type / browser version, operating system used, referrer URL, date and time of access.

Purposes: The embedding serves to provide a clear presentation of our platform and its features for prospects and users.

Storage Period: The data is processed by Videolyser in accordance with their privacy policy. We do not store any personal data in connection with the video embedding.

Recipients: When loading the video, your data is transmitted to Videolyser (videolyser.de). Videolyser is a German provider, data processing takes place within the EU.

Legal Basis: The processing of the data is based on Art. 6 para. 1 lit. f GDPR (legitimate interest in an appealing presentation of our platform).

Sending Information and Notifications

Data Categories: We process your email address and, if applicable, your name.

Purposes: The processing is carried out to send system-relevant notifications as part of using the platform (e.g. security-related notices, account or organization information). Optional newsletters and informational emails serve to inform about new features or offers.

Storage Period: The data will be deleted when your user account is deleted or when you have unsubscribed from optional newsletters.

Recipients: Your data is processed on our behalf by futureprojects GmbH. Service providers used are Scalingo (hosting), Hetzner (email hosting) and Brevo (email delivery).

Legal Basis: System-relevant notifications are based on Art. 6 para. 1 lit. b GDPR (contract performance). The sending of optional newsletters is based on Art. 6 para. 1 lit. f GDPR (legitimate interest in informing users) or - if required - on the basis of consent. You can object to the sending of optional newsletters at any time.

Your Rights

If personal data is processed from you, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis the controller. You can inform us about exercising your rights using the contact details contained in the legal notice.

Right of Access

You can request confirmation from the controller as to whether personal data concerning you is being processed by us.

If such processing is taking place, you can request information from the controller about the following information:

1. the purposes for which the personal data are processed;
2. the categories of personal data being processed;
3. the recipients or categories of recipients to whom the personal data concerning you have been or will be disclosed;
4. the planned duration of storage of the personal data concerning you or, if specific information is not possible, criteria for determining the storage period;
5. the existence of a right to rectification or erasure of personal data concerning you, a right to restriction of processing by the controller or a right to object to such processing;
6. the existence of a right to lodge a complaint with a supervisory authority;
all available information about the origin of the data if the personal data are not collected from the data subject;
7. the existence of automated decision-making including profiling pursuant to Art. 22 para. 1 and 4 GDPR and - at least in these cases - meaningful information about the logic involved as well as the scope and intended effects of such processing for the data subject.

You have the right to request information about whether the personal data concerning you are transferred to a third country or to an international organization. In this context, you can request to be informed about the appropriate safeguards pursuant to Art. 46 GDPR in connection with the transfer.

Right to Rectification

You have a right to rectification and/or completion vis-à-vis the controller if the processed personal data concerning you are inaccurate or incomplete. The controller must carry out the rectification without delay.

Right to Restriction of Processing

Under the following conditions, you may request the restriction of the processing of personal data concerning you:

1. if you contest the accuracy of the personal data concerning you for a period enabling the controller to verify the accuracy of the personal data;
2. the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead;
3. the controller no longer needs the personal data for the purposes of the processing, but you require them for the establishment, exercise or defense of legal claims, or
4. if you have objected to processing pursuant to Art. 21 para. 1 GDPR and it is not yet clear whether the legitimate grounds of the controller override your grounds.

Where the processing of personal data concerning you has been restricted, such data may, with the exception of storage, only be processed with your consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.

If the restriction of processing has been restricted according to the above conditions, you will be informed by the controller before the restriction is lifted.

Right to Erasure

a) Obligation to erase
You may request the controller to erase personal data concerning you without delay and the controller is obliged to erase such data without delay where one of the following grounds applies:

1. The personal data concerning you are no longer necessary in relation to the purposes for which they were collected or otherwise processed.
2. You withdraw consent on which the processing is based according to Art. 6 para. 1 lit. a or Art. 9 para. 2 lit. a GDPR, and where there is no other legal ground for the processing.
3. You object to the processing pursuant to Art. 21 para. 1 GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Art. 21 para. 2 GDPR.
4. The personal data concerning you have been unlawfully processed.
5. The erasure of the personal data concerning you is necessary for compliance with a legal obligation in Union or Member State law to which the controller is subject.
6. The personal data concerning you have been collected in relation to the offer of information society services referred to in Art. 8 para. 1 GDPR.

b) Information to third parties
Where the controller has made the personal data concerning you public and is obliged pursuant to Art. 17 para. 1 GDPR to erase the personal data, the controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers which are processing the personal data that you as data subject have requested the erasure by such controllers of any links to, or copy or replication of, those personal data.

c) Exceptions
The right to erasure does not apply to the extent that processing is necessary

1. for exercising the right of freedom of expression and information;
2. for compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
3. for reasons of public interest in the area of public health in accordance with Art. 9 para. 2 lit. h and i as well as Art. 9 para. 3 GDPR;
4. for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Art. 89 para. 1 GDPR in so far as the right referred to in section a) is likely to render impossible or seriously impair the achievement of the objectives of that processing, or
5. for the establishment, exercise or defense of legal claims.

Right to Notification

If you have asserted the right to rectification, erasure or restriction of processing vis-à-vis the controller, the controller is obliged to communicate this rectification or erasure of the data or restriction of processing to all recipients to whom the personal data concerning you have been disclosed, unless this proves impossible or involves disproportionate effort. You have the right vis-à-vis the controller to be informed about these recipients.

Right to Data Portability

You have the right to receive the personal data concerning you, which you have provided to the controller, in a structured, commonly used and machine-readable format. In addition, you have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, where

1. the processing is based on consent pursuant to Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR or on a contract pursuant to Art. 6 para. 1 lit. b GDPR and
2. the processing is carried out by automated means.

In exercising this right, you also have the right to have the personal data concerning you transmitted directly from one controller to another controller, where technically feasible. Freedoms and rights of other persons must not be adversely affected thereby. The right to data portability does not apply to processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

Right to Object

You have the right to object at any time, on grounds relating to your particular situation, to processing of personal data concerning you which is based on Art. 6 para. 1 lit. e or f GDPR; this also applies to profiling based on those provisions. The controller shall no longer process the personal data concerning you unless the controller demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims.

Right to Lodge a Complaint with a Supervisory Authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a European data protection supervisory authority. An overview of all German supervisory authorities for data protection can be found here.