~

DATA PROTECTION

ASK, v. 1.12.2025

 

IMPORTANT: The following privacy policy applies exclusively to the use of AboutSomethingK website and the ASK Feedback Form (Section 2.4)

 

For the use of the ASK – Bots the data protection regulations of our partners (the institution, library, archive, etc.) are generally sufficient. Since the ASK Bot does not use any personal data (IP address, cookies, registration, etc.), its use is generally unproblematic from a data protection perspective. You can find a more detailed data protection assessment including our statement on the EU AI act for the use of the ASK bot here HERE . ´

 

ASK Privacy Policy – Website and ASK Feedback Form

By using this website and the ASK-Bot feedback function, you agree to the collection, use and transfer of your data in accordance with this privacy policy.

 

1. RESPONSIBLE BODY
The responsible body for the collection, processing and use of your personal data within the meaning of the GDPR is

AboutSomethinK UG (limited liability)

Leipziger Str. 49

10117 Berlin 

Germany

Phone: +49 (0) 173 5467885

Data Protection Officer: Tilman Scheel
Email: info@aboutsomethink.org

Handelsregister Charlottenburg / Berlin

HRB 277295 B

If you wish to object to the collection, processing or use of your data by us in accordance with these data protection provisions, either in whole or in part, you can address your objection to the above-mentioned responsible body.

You can save and print this privacy policy at any time.

 

2.GENERAL USE OF WEBSITE

 

2.1 Access data
Our provider collects information about you when you use this website. We automatically gather information about your usage patterns and interactions with us, and we record data about your computer or mobile device. We collect, store, and use data about every access to our online services (so-called server log files).

 

The access data includes

  • Name and URL of the retrieved file,
  • Date and time of retrieval,
  • transferred data volume
  • Message indicating successful retrieval (HTTP response code),
  • Browser type and browser version,
  • operating system,
  • Referrer URL (i.e., the previously visited page),
  • IP Address
  • and the requesting provider.

We use this log data without being linked to your person or any other profiling

  • for statistical analysis for the purpose of operating, securing and optimizing our online services,
  • for anonymously recording the number of visitors to our website
  • as well as the scope and nature of the use of our website and services,

Based on this information, we can find and fix errors and improve our services.

We reserve the right to review log data retrospectively if there is a legitimate suspicion of unlawful use based on concrete evidence. We store IP addresses in log files for a limited period if this is necessary for security purposes or for providing our services. We delete the IP address when it is no longer required for security purposes. We also store IP addresses if we have a concrete suspicion of a crime related to the use of our services.
 

2.2 Email Contact
When you contact us (e.g., by email), we store your information to process your request and in case of follow-up questions. We only store and use further personal data if you consent to this or if it is legally permissible without special consent.


2.3 Google Analytics
We use Google Analytics, a web analytics service provided by Google Inc. (“Google”). Google Analytics uses “cookies,” which are text files placed on your computer or mobile device, to help the website analyze how users use the site. The information generated by the cookie about your use of the website will generally be transmitted to and stored by Google on servers in the United States.

If IP anonymization is activated on this website, your IP address will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. IP anonymization is active on this service. On our behalf, Google will use this information to evaluate your use of the service, to compile reports on website activity, and to provide us with other services relating to website activity and internet usage.

The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. You can prevent the storage of cookies by adjusting your browser settings; however, please note that in this case you may not be able to fully utilize all the functions of these services.

If you do not want your website activity to be available to Google Analytics, and the data generated by the cookie and related to your use of the services (including your IP address) to be collected and processed by Google Analytics, you can install the browser add-on to deactivate Google Analytics. This prevents activity data from being shared with Google Analytics via the JavaScript (gtag.js, ga.js, analytics.js and dc.js) executed on websites.
http://tools.google.com/dlpage/gaoptout?hl=de.

Further information on Google Analytics’ data privacy policy and data usage by Google can be found here:
https://www.google.com/intl/de/policies/privacy/partners/

To collect IP addresses anonymously (so-called IP masking), Google Analytics within our service was extended with the code “gat._anonymizeIp”.

 

2.4. Feedback Formular

 

2.4.1. How the feedback form works

When using ASK Bots, you can leave feedback on your experience with the bot. This feature must be activated by our clients – that is, the institutions that offer the ASK Bot on their website.

You provide feedback by clicking either a thumbs up or a thumbs down in the ASK Bot. A text input window will then open, allowing you to explain your click or provide any other type of feedback. 

By using this feature, you allow us to save both your feedback and the content of your chat with the ASK Bot, and to analyze the content of the conversation.

The feedback does not allow any conclusions to be drawn about your identity. Individualization is not possible for us, as we do not know your login, IP address, or any other data that would permit us to find out who you are. Furthermore, your feedback will not be used to train an AI model or for any other purpose by third parties.

We use your feedback to improve the bot, for example by enhancing or adding functionalities or by improving the bot’s prompt responses. Our goal is to ensure the best possible user experience.

Furthermore, the following rules regarding data protection apply to feedback.

 

2.5 Legal basis and storage period

The legal basis for data processing according to the preceding paragraphs is Article 6(1)(f) GDPR. Our interests in data processing include, in particular, ensuring the operation and security of the website, analyzing how visitors use the website, and simplifying website use. Unless specifically stated otherwise, we only store personal data for as long as is necessary to fulfill the purposes for which it was collected.


3.YOUR RIGHTS AS A DATA SUBJECT

 
If you wish to exercise these rights, please send your request by email or post to the address specified in section 1, clearly identifying yourself. Below you will find an overview of your rights.

3.1 Right to confirmation and information
You have the right to obtain confirmation from us at any time as to whether or not personal data concerning you is being processed. If this is the case, you have the right to obtain from us, free of charge, information about the personal data stored about you, along with a copy of this data. Furthermore, you have the right to the following information:

  1. the purposes of processing;
  2. the categories of personal data that are processed;
  3. the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations;
  4. If possible, the planned duration for which the personal data will be stored, or, if this is not possible, the criteria used to determine that duration;
  5. the existence of a right to rectification or erasure of personal data concerning you or to restriction of processing by the controller or a right to object to such processing;
  6. the existence of a right to lodge a complaint with a supervisory authority;
  7. If the personal data is not collected from you, all available information about the source of the data;
  8. the existence of automated decision-making including profiling pursuant to Article 22 paragraphs 1 and 4 GDPR and – at least in these cases – meaningful information about the logic involved as well as the scope and intended effects of such processing for you.

3.2 Right to rectification
You have the right to request that we immediately correct any inaccurate personal data concerning you. Taking into account the purposes of the processing, you have the right to have incomplete personal data completed, including by means of providing a supplementary statement.

3.3 Right to erasure („Right to be forgotten“)
You have the right to request that we delete personal data concerning you without undue delay, and we are obliged to delete personal data without undue delay where one of the following grounds applies:

  1. The personal data are no longer necessary for the purposes for which they were collected or otherwise processed.
  2. You withdraw your consent on which the processing was based pursuant to Article 6(1)(a) GDPR or Article 9(2)(a) GDPR, and there is no other legal basis for the processing.
  3. You object to the processing pursuant to Article 21(1) GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Article 21(2) GDPR.
  4. The personal data was processed unlawfully.
  5. The erasure of personal data is necessary for compliance with a legal obligation under Union or Member State law to which we are subject.
  6. The personal data were collected in relation to information society services offered, in accordance with Article 8(1) of the GDPR.

If we have made the personal data public and are obliged to erase it pursuant to Article 17 GDPR, we shall take reasonable steps, including technical measures, taking into account available technology and the cost of implementation, to inform controllers who are processing the personal data that you have requested the erasure by them of all links to, or copies or replications of, that personal data.

3.4 Right to restriction of processing
You have the right to request that we restrict the processing of your data if one of the following conditions applies:

  1. You contest the accuracy of the personal data, for a period that allows us to verify the accuracy of the personal data.
  2. the processing is unlawful and you have objected to the erasure of the personal data and instead requested the restriction of the use of the personal data;
  3. we no longer need the personal data for the purposes of processing, but you require the data for the establishment, exercise or defense of legal claims, or
  4. You have objected to the processing pursuant to Article 21 paragraph 1 GDPR, pending verification of whether our company’s legitimate grounds override yours.

3.5 Right to data portability
You have the right to receive the personal data concerning you that you have provided to us in a structured, commonly used and machine-readable format, and you have the right to transmit this data to another controller without hindrance from us, provided that

  1. the processing is based on consent pursuant to Article 6(1)(a) GDPR or Article 9(2)(a) GDPR or on a contract pursuant to Article 6(1)(b) GDPR and
  2. The processing is carried out using automated procedures.

When exercising your right to data portability pursuant to paragraph 1, you have the right to have the personal data transmitted directly from us to another controller, where technically feasible.

3.6 Right to object
You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you which is based on point (e) or (f) of Article 6(1) of the GDPR. We will no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the purpose of establishing, exercising or defending legal claims.
If we process your personal data for direct marketing purposes, you have the right to object at any time to the processing of your personal data for such marketing; this also applies to profiling insofar as it is related to such direct marketing.

3.7 Automated decisions including profiling
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.

3.8 Right to withdraw consent under data protection law
You have the right to withdraw your consent to the processing of personal data at any time.


3.9 Right to lodge a complaint with a supervisory authority
You have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, your place of work or the place of the alleged infringement, if you believe that the processing of personal data relating to you is unlawful.


4.DATA SECURITY

 
We are committed to ensuring the security of your data to the greatest extent possible within the framework of applicable data protection laws and technical capabilities. Your personal data is transmitted to us in encrypted form. We use the SSL (Secure Socket Layer) encryption system; however, we would like to point out that data transmission on the internet (e.g., communication via email) can have security vulnerabilities. Complete protection of data against access by third parties is not possible.

 

5.AUTOMATED DECISION-MAKING

 

No automated decision-making takes place based on the collected personal data.

 

6. No sharing of data with third parties, no data transfer to non-EU countries

 
As a general rule, we only use your personal data within our company. If and to the extent that we involve third parties in the performance of contracts (such as logistics service providers), these third parties only receive personal data to the extent that the transfer is necessary for the respective service.

In the event that we outsource certain parts of data processing (“contract processing”), we contractually oblige processors to use personal data only in accordance with the requirements of data protection laws and to guarantee the protection of the rights of the data subject.