Privacy Policy

August 2025

1. Controller

D7 Ventures UG
Ohmstraße 53
Germany
Email: dennis.pfaff@kambrium.ai
Managing Director: Dennis Pfaff

2. Hosting

Our website is hosted by Amazon Web Services (AWS) on servers located in Frankfurt, Germany. All data is processed within the European Union.

3. Access Data

When you visit our website, we automatically process the following data for technical and security reasons (server log files):

  • IP address
  • Date and time of request
  • Browser type and version
  • Operating system
  • Referrer URL (if applicable)

The processing of this data is based on our legitimate interest under Art. 6(1)(f) GDPR in ensuring the stability and security of the website.

4. Analytics

We use Google Analytics to analyze website usage. Google Analytics may use cookies and transmit data to Google servers in the United States. We have activated IP anonymization and entered into Standard Contractual Clauses (SCCs) with Google to safeguard data transfers.

Legal basis: Consent under Art. 6(1)(a) GDPR (via cookie banner).

You can revoke your consent at any time via our cookie settings.

5. Authentication

We use Clerk for authentication services, including third-party login (e.g. Google). This may involve transferring data to countries outside the EU, including the United States. Clerk is contractually bound by appropriate safeguards under Art. 46 GDPR.

Data processed: name, email address, login credentials.

Legal basis: Performance of contract under Art. 6(1)(b) GDPR.

6. Contact and Demo Requests

You can submit your email address and company name to request a demo call. We process this data to contact you and arrange a meeting.

Legal basis: Consent under Art. 6(1)(a) GDPR or steps prior to entering into a contract under Art. 6(1)(b) GDPR.

7. Data Processing for SaaS Services

When entering into a contract or using our services, we process the following data:

  • Company name
  • User name
  • Email address

Legal basis: Contract performance under Art. 6(1)(b) GDPR.

8. International Data Transfers

We integrate third-party AI/LLM providers that may process personal data outside the EU. Transfers are secured by Standard Contractual Clauses (SCCs) or other appropriate safeguards in accordance with Art. 46 GDPR.

9. Your Rights

You have the following rights under the GDPR:

  • Right of access (Art. 15)
  • Right to rectification (Art. 16)
  • Right to erasure (Art. 17)
  • Right to restriction of processing (Art. 18)
  • Right to data portability (Art. 20)
  • Right to object (Art. 21)
  • Right to lodge a complaint with a supervisory authority (Art. 77)

To exercise your rights, please contact us at: dennis.pfaff@kambrium.ai

10. Data Protection Officer

We are not currently required to appoint a Data Protection Officer under Art. 37 GDPR.

11. Updates

We may update this Privacy Policy to reflect changes in legal requirements or data processing practices. Please review this page regularly.