We, Kibo AI GmbH, are pleased that you are visiting our website at www.kibo-ai.com. We take the protection of your personal data very seriously. This privacy policy informs you about the personal data we collect, how we use it, and your rights regarding your personal data when you visit our website at www.kibo-ai.com. As changes to the law or changes to our internal company processes may make it necessary to adapt this data protection declaration, we would ask you to read this data protection declaration regularly.
Controller and Data Protection Officer
The controller responsible for the data processing described in this privacy policy is
KIBO GmbH
Tannenstraße 29
91227 Leinburg
E-mail address: privacy@kibo-ai.com
Commercial register number: HRB 44617
Website: www.kibo-ai.com
You can contact our data protection officer at the above address with the addition “Data Protection Officer” or via e-mail at privacy@kibo-ai.com.
Processed Personal Data
2.1 Informational Use of the Website
When using the website for informational purposes only, we collect only the personal data that your browser transmits to our server. In this case, we collect the following data, which is technically necessary for us to display our website to you and to ensure stability and security, so that without this data processing it is not possible to display and use the website without errors (legal basis is Art. 6 para. 1 sentence 1 lit. f) GDPR):
- IP address
- Date and time of the request
- Time zone difference to Greenwich Mean Time (GMT)
- Content of the request (specific page)
- Access status/HTTP status code
- Amount of data transferred in each case
- Website from which the request originates
- Browser
- Operating system and its interface
- Language and version of the browser software.
2.2 Contact via Email and Contact Form
We offer a contact form on our website so that you can contact us with questions about our website and other inquiries. You can also contact us via email. When you contact us via the contact form or by email, the data you provide (in particular your email address, your first and last name and the text of your request and any other information you have provided in the contact form or by email) will be stored by us in order to process your request and answer your questions. The data processing is justified in accordance with Art. 6 para. 1 lit. f) GDPR. We have an interest in contacting you via the website in response to your request. Insofar as your request is aimed at the fulfillment of a contractual or pre-contractual measure with you as a natural person, Art. 6 para. 1 lit. b) GDPR is the legal basis for data processing. The data collected in the context of your enquiry/contact will be deleted by us as soon as it is no longer required for the processing of your inquiry. Insofar as statutory retention obligations exist, the data will be stored for the duration of the statutory retention obligation. The use of the contact form is completely voluntary for you and is not a prerequisite for using the website. We do not carry out any profiling. This means that your data will not be used to create a personal user profile or to evaluate your behavior on the website.
2.3 Event Registration
We offer an event registration form on our website for our roundtable event series. When you register for an event, we collect the following data: first and last name, email address, phone number (optional), company name (optional), your role, company type, and your expectations for the event. This data is used solely for the purpose of processing your registration, confirming your spot, and organizing the event. The legal basis is Art. 6 para. 1 lit. b) GDPR (fulfillment of a pre-contractual measure) and Art. 6 para. 1 lit. f) GDPR (legitimate interest in organizing and running the event). The data will be deleted after the respective event has taken place, unless statutory retention obligations require a longer storage period. The use of the registration form is completely voluntary.
2.4 Use of Bunny Fonts
This website uses Bunny Fonts, a service provided by BunnyWay d.o.o., Cesta komandanta Staneta 4A, 1215 Medvode, Slovenia. Bunny Fonts is used to ensure a consistent visual presentation of our website. When you visit our website, your browser loads the required fonts from Bunny Fonts servers located in the EU. No personal data such as IP addresses is stored or passed on to third parties by BunnyWay. No cookies are set. The legal basis is Art. 6 para. 1 lit. f) GDPR (legitimate interest in a uniform presentation of the website). For more information: bunny.net/fonts.
Transmission of Personal Data to Third Parties
Your personal data will not be transferred to third parties without your consent, except in the cases described in this data protection declaration, unless we are legally obliged to disclose this data (information to law enforcement authorities and courts; information to public bodies that receive data on the basis of legal regulations, e.g. social insurance agencies, tax authorities, etc.) or involve third parties to enforce our claims to professional secrecy. If we pass on data to service providers bound by instructions, we do not require a separate legal basis for this. If data is transferred to third parties with your consent, this is done exclusively on the basis of Art. 6 para. 1 lit. a) GDPR. You can withdraw your consent at any time with effect for the future. The lawfulness of the processing carried out on the basis of consent until the revocation is not affected by the revocation. Insofar as there is a legal obligation to disclose the data, Art. 6 para. 1 lit. c) GDPR is the legal basis for the data transfer. If, on the other hand, the disclosure is necessary to fulfill a contractual or pre-contractual measure with you as a natural person, Art. 6 para. 1 lit. b) GDPR is the legal basis for the data transfer.
Linking of Social Networks
We maintain an online presence on the social network LinkedIn in order to communicate with customers and interested parties and to inform them about our products and services. To prevent unwanted transmission of your usage data (e.g. address of the page you are currently visiting) to LinkedIn, we have only connected our LinkedIn online presence to this website via a link. If you click on the link, LinkedIn can collect usage and possibly user data. We have no influence on the data collected and data processing operations, nor are we aware of the full extent of data collection, the purposes of processing or the storage periods. We also have no information on the deletion of the data collected by LinkedIn. We are therefore informing you according to our level of knowledge: Your browser may only establish a direct connection with the LinkedIn servers when you click on the link. As a result, the information that you have visited our website is forwarded indirectly (“referrer”) to these services. If you do not wish such data to be transmitted, we advise you not to click on the link to LinkedIn. The purpose and scope of the data collection by the social services, as well as the further processing and use of your data there, as well as your rights in this regard and setting options for protecting your privacy, can be found in the data protection notices of these services. We would like to point out that the most effective way to address data protection concerns is to contact the provider of the social network, as only they have access to the data and can take direct action.
Transfer to Third Countries
If one of the above-mentioned data transfers is made to a recipient outside the European Economic Area, an appropriate level of data protection for the transfer abroad is guaranteed by appropriate security measures. If data is transferred to such a country and there is no adequacy decision by the European Commission, this is done on the basis of suitable guarantees, such as the use of standard contractual clauses.
Storage Duration
The criterion for the duration of the storage of personal data is generally the respective statutory retention period. Once this period has expired, the corresponding data is routinely deleted. If the purpose of collecting and processing the personal data no longer applies, the data will be deleted unless there is a legal obligation to store the personal data for a longer period.
What Rights Do You Have?
As we process your data, you have the opportunity to find out what we do with it and how we do it, and in some cases to request that we process your data to a lesser extent. You have the following rights:
- Information about your personal data processed by us in accordance with Art. 15 GDPR;
- Rectification of inaccurate or incomplete personal data stored by us in accordance with Art. 16 GDPR;
- Erasure of your personal data stored by us in accordance with Art. 17 GDPR, unless the processing is necessary for compliance with a legal obligation or for the establishment, exercise or defense of legal claims;
- Restriction of the processing of your personal data in accordance with Art. 18 GDPR;
- To receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to transmit it to another controller in accordance with Art. 20 GDPR;
- You can revoke your consent at any time in accordance with Art. 7(3) GDPR. This means that we will no longer continue the data processing based on this consent in the future;
- Submitting a complaint to a supervisory authority in accordance with Art. 77 GDPR. The competent supervisory authority is the Bavarian State Office for Data Protection Supervision, Promenade 18, 91522 Ansbach, phone: 0891 180093-0, fax: 0891 180093-800, e-mail: poststelle@lda.bayern.de.
Changes to This Privacy Policy
We reserve the right to amend this Privacy Policy to ensure that it always complies with current legal requirements or to implement changes to our services in the Privacy Policy, e.g. when introducing new services. The new privacy policy will apply to your next visit.
This privacy policy was last updated on 08.08.2025.