Privacy Policy

1. Controller

System Craft
Victor Umanskiy, sole proprietor
Radolfzeller Str. 7, 81243 Munich, Germany
[email protected]

2. General Information on Data Processing

This privacy policy applies to our website and related demo subdomains.

We process personal data only to the extent necessary to provide our website and demo subdomains, our services as an integrator of chatbots for businesses, and to communicate with prospects and customers.

The legal bases for processing include in particular:

  • Art. 6(1)(b) GDPR (pre-contractual/contractual communication and service provision),
  • Art. 6(1)(f) GDPR (legitimate interest in the secure and efficient operation of our services),
  • Art. 6(1)(a) GDPR (consent, e.g. for non-essential cookies/technologies).

3. Hosting, Delivery, and Technical Logs

Our website is provided via Cloudflare Pages. In this context, technically necessary data is processed (e.g. IP address, time of access, requested content, user agent, referrer) in order to deliver the website, ensure security, and analyze errors.

The processing is based on Art. 6(1)(f) GDPR.

4. Contact

If you contact us by email, contact form, or other communication channels, we process the data you provide (e.g. name, email address, message, and, if applicable, telephone number) to handle your request.

Legal basis:

  • Art. 6(1)(b) GDPR for pre-contractual or contractual matters,
  • Art. 6(1)(f) GDPR for other inquiries.

5. Live Chat on This Website

We use a live chat on our website provided by SendPulse Inc., 220 E 23rd St #401, New York, NY 10010, USA.

When you use the live chat, the messages you enter and the technical data required to provide the chat are processed by us and by our service provider SendPulse. This may include, in particular, chat messages, name, email address, telephone number, IP address, device/browser information, time of use, and pages visited.

The processing is carried out to answer your inquiry and to provide the chat function. The legal bases are Art. 6(1)(b) GDPR where your inquiry relates to pre-contractual or contractual communication, and Art. 6(1)(f) GDPR for other inquiries and the secure operation of the chat.

SendPulse may also process data outside the EU/EEA. Where required, we use appropriate safeguards for this purpose, in particular data processing agreements and EU Standard Contractual Clauses.

6. Chatbot Integrations for Customers (SendPulse / WhatsApp)

We support businesses with the integration of chatbots, in particular via SendPulse and WhatsApp. In the context of such customer projects, personal data may be processed (e.g. chat content, contact details, technical metadata).

Depending on the specific setup, we act towards our business customers as a processor or, in some areas, as an independent controller. The specific allocation of roles is governed by contract.

7. Technical Service Providers and Sub-processors

We use, among others, the following service providers:

  • Amazon Web Services (Frankfurt region) for technical infrastructure, in particular to run our chatbot logic and to store chat histories and related user data where this is necessary for context, response quality, security, and traceability,
  • SendPulse for providing the live chat, connecting messengers, and managing chat histories and contact details,
  • OpenAI and Google Gemini for AI-supported response generation; for this purpose, chat messages and the context required for the response may be transmitted,
  • Meta/WhatsApp for communication via WhatsApp where this channel is used,
  • Cloudflare for hosting and delivery functions of our website.

With these providers, where required, we use data processing agreements and/or appropriate contractual data protection safeguards.

8. AI Processing (OpenAI, Google Gemini, Own Logic)

For certain chatbot functions, inputs may be transmitted to AI models. We process only the data required for the respective request and function.

9. Recipients and International Data Transfers

Processing may also take place outside the EU/EEA, in particular when using international providers (e.g. OpenAI, Google/Gemini, Meta/WhatsApp, and, depending on configuration, Cloudflare/SendPulse). In such cases, we ensure appropriate safeguards, e.g. EU Standard Contractual Clauses (SCCs) and supplementary protective measures.

10. Cookies and Similar Technologies

We use technically necessary technologies for the operation of the website. The live chat may also use cookies or similar technologies where these are required to provide the chat function. Non-essential cookies/technologies (e.g. for analytics/marketing) are set only after your consent.

Legal bases:

  • Section 25 TDDDG (consent for access to terminal devices where required),
  • Art. 6(1)(a) GDPR (consent),
  • Art. 6(1)(f) GDPR for technically necessary operations.

11. Storage Period and Deletion

We store personal data only for as long as necessary for the respective purposes or as required by statutory retention obligations.

Regular guidelines:

  • chat/communication data: up to 180 days,
  • technical security/server logs: up to 90 days,
  • longer storage only where required by statutory obligations or legitimate evidence-retention interests.

Regardless of this, we delete or anonymize data upon request, unless statutory retention obligations prevent this.

12. Your Rights

Under the GDPR, you have in particular the following rights:

  • access (Art. 15 GDPR),
  • rectification (Art. 16 GDPR),
  • erasure (Art. 17 GDPR),
  • restriction of processing (Art. 18 GDPR),
  • data portability (Art. 20 GDPR),
  • objection (Art. 21 GDPR),
  • withdrawal of consent with effect for the future (Art. 7(3) GDPR).

You also have the right to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR).

13. Deletion Requests

For deletion requests, you can contact us at any time. The contact details can be found in section 1.

We review each request and implement it in accordance with legal requirements. Where data is processed by service providers, we also initiate the necessary steps with them.

14. Current Version and Changes

This privacy policy is current as of: May 14, 2026.
We reserve the right to update it if legal, technical, or organizational circumstances change.