Privacy Policy

This Privacy Policy explains how Thalex AI processes personal data on this website (v3.thalex.ai), in line with the EU General Data Protection Regulation (GDPR) and applicable national law.

1. Controller

Alexander Schmidt · Thalex AI
Ottobrunner Straße 35a, 81737 Munich, Germany
Email: hallo@thalex.de

2. Hosting

The site is hosted by IONOS SE, Elgendorfer Straße 57, 56410 Montabaur, Germany, under a data processing agreement (Art. 28 GDPR). Data is processed in a data centre within the EU. Standard server logs (IP address, timestamp, requested resource, user agent, referrer) are recorded for security and stability and stored for 7 days, after which they are deleted automatically. Legal basis: Art. 6(1)(f) GDPR (legitimate interest in operating, securing and stabilising the service).

3. Contact

If you contact us by email or via the contact form, the data you provide (name, email, message) is processed to handle your request. Legal basis: Art. 6(1)(b) GDPR (pre-contractual measures) or Art. 6(1)(f) GDPR (legitimate interest). Requests that do not lead to a contract are deleted no later than 6 months after the matter is closed. For contractually relevant exchanges, statutory retention periods under German commercial and tax law apply (6 years per § 257 HGB, 10 years per § 147 AO).

4. Cookies and local storage

This site uses no cookies within the meaning of § 25 TTDSG. Your language preference is stored locally in your browser (localStorage key thalex_lang) — not transmitted to any server.

5. Fonts

The fonts Geist and Geist Mono (Vercel, SIL Open Font License) are served locally from our own server (/fonts/*.woff2). No connection to Google Fonts or other third-party servers is made.

6. Embedded third-party content

This site embeds no third-party interactive content (no Maps, no YouTube/Vimeo, no social-media plugins, no external analytics). The hero loop video is served from our own server.

7. Analytics / tracking

This site uses no web analytics, tracking, or audience-measurement tools. No profiling, no targeting, no data is shared with advertising networks.

8. International transfers

No personal data is transferred outside the European Economic Area.

9. Your rights

• Access (Art. 15 GDPR)
• Rectification (Art. 16 GDPR)
• Erasure (Art. 17 GDPR)
• Restriction (Art. 18 GDPR)
• Data portability (Art. 20 GDPR)
• Objection (Art. 21 GDPR)
• Withdrawal of consent (Art. 7(3) GDPR), with effect for the future
• Complaint to a supervisory authority (Art. 77 GDPR). Competent for the controller: Bavarian Data Protection Authority (BayLDA), Promenade 18, 91522 Ansbach, Germany, www.lda.bayern.de

To exercise your rights, an informal email to hallo@thalex.de is sufficient.

10. Security

Data is transmitted over TLS (HTTPS). We apply technical and organisational measures pursuant to Art. 32 GDPR.

11. Updates

Last updated: 6 May 2026. Material changes will be published here.