Legal

Privacy

Last updated: 07.05.2026

General Information

The protection of your personal data is very important to us. This Privacy Policy informs you about what data we process in connection with our website and our SaaS and AI services, for what purposes this is done, and what rights you have.

Personal data refers to any information that can be used to personally identify you.

Data Controller

AC Inorms GmbH / Inorms AI, Nobelstraße 3/5, 41189 Mönchengladbach, Germany, Email: info@inorms.ai, Phone: +49 2161 9909943, Managing Director: Jegor Schatov.

Data Protection Contact

A Data Protection Officer has not been appointed at this time, as the legal requirements are not currently met. If you have any questions regarding data protection or the processing of personal data, you can contact us at any time: privacy@inorms.ai.

Hosting and Server Log Files

When you visit our website, our IT systems automatically collect the following information: IP address, date and time of the request, browser type and version, operating system, referrer URL, and hostname of the accessing computer. This data is processed to ensure technical operation, stability, and security. Legal basis: Art. 6(1)(f) GDPR. 

Cookies and Similar Technologies

Our website currently uses only technically necessary cookies. These are used to ensure the secure and functional operation of the website. We do not use tracking, analytics, or marketing cookies without your consent. Legal basis: Art. 6(1)(f) GDPR, § 25(2) TDDDG.

Web Analytics with Simple Analytics

We use Simple Analytics, a privacy-friendly web analytics service. This service does not use cookies, create user profiles, or process personal data to track individual visitors.

Provider: Simple Analytics B.V., Netherlands. Processing is based on our legitimate interest in improving our services. Legal basis: Art. 6(1)(f) GDPR.

Contact

When you contact us (e.g., via email or form), we process: name, email address, company data, and the content of the inquiry. Purpose: Processing the inquiry. Legal basis: Art. 6(1)(b) or (f) GDPR.

SaaS and AI Services

Type of data processing: Within the scope of our platform, we process: account data, company data, usage data, content data (e.g., documents, texts, prompts). AI-generated outputs, processing of prompts and content. When using our AI functions, inputs (“prompts”) are automatically processed, analyzed, and used to generate results.

Important Note: Users are responsible for not entering any sensitive personal data unless it is necessary and legally permissible. No training on customer data. By default, customer data is not used to train AI models.

Use for training purposes occurs exclusively: with express consent or based on a clear contractual provision. AI transparency: AI results are generated automatically; results may be incomplete or incorrect; human review is recommended.

Automated Decisions: Our systems do not make automated decisions with legal effect within the meaning of Art. 22 GDPR, unless expressly stated otherwise.

Roles in Data Protection

We act as the data controller for the website and communication. For customer data within our platform, we act as the data processor. In this case, processing is carried out exclusively on the basis of a Data Processing Agreement (DPA) in accordance with Article 28 of the GDPR. DPA available at: https://inorms.ai/dpa.

Subprocessors

We use external service providers to deliver our services (e.g., hosting, AI infrastructure, communication). All subprocessors are contractually bound in accordance with the GDPR. 

Transfers to Third Countries

If data is processed outside the EU/EEA (e.g., by cloud or AI providers), this is done exclusively in compliance with appropriate safeguards: EU Standard Contractual Clauses (SCCs) and adequacy decisions.

Retention Period

We store data only for as long as necessary. Contact data: until the request is resolved. Contract data: in accordance with legal retention obligations. Usage and log data: limited to ensuring operations. Customer data: is deleted or anonymized upon contract termination.

Data deletion: Customers may request the deletion of their data at any time, provided there are no legal obligations to the contrary.

Data Security

We implement appropriate technical and organizational measures: TLS/HTTPS encryption, access controls (least privilege), logging and monitoring, and regular security audits.

LinkedIn

Our website contains a link to our LinkedIn profile. Clicking on it will redirect you to LinkedIn. Only then do LinkedIn’s privacy policies apply. No automatic data transfer occurs through our website.

Data Subject Rights

You have the right to: access, rectification, erasure, restriction, data portability, objection, and withdrawal of consent. Consent may be withdrawn at any time. Right to lodge a complaint: You have the right to lodge a complaint with a data protection supervisory authority.