Skip to content

Privacy Policy

1. Privacy at a glance

The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data is any data that can be used to personally identify you. Detailed information on the subject of data protection can be found in our privacy policy listed below.

2. Responsible party

The party responsible for data processing on this website is:

JOKKEN GbR c/o Norbert Rosenwinkel Heinrich-Böll-Weg 21 30629 Hannover Germany

Email: info@jokken.ai Phone: +49 157 5829 7969

Authorized partners: Frank Haasper, Norbert Heinz Rosenwinkel

The responsible party is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data.

3. Storage duration

Unless a more specific storage period has been specified within this privacy policy, your personal data will remain with us until the purpose for data processing no longer applies. If you assert a legitimate request for deletion or revoke your consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g., tax or commercial law retention periods); in the latter case, the data will be deleted after these reasons no longer apply.

4. General information on legal bases

If you have consented to data processing, we process your personal data on the basis of Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR, if special categories of data are processed. In the case of explicit consent to the transfer of personal data to third countries, data processing is also carried out on the basis of Art. 49 para. 1 lit. a GDPR. If processing is necessary for the performance of a contract or pre-contractual measures, we process your data on the basis of Art. 6 para. 1 lit. b GDPR. Furthermore, we process your data if it is necessary for the fulfillment of a legal obligation on the basis of Art. 6 para. 1 lit. c GDPR. Data processing may also be carried out on the basis of our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR.

5. Recipients of data

In the course of our business activities, we work with various external parties. In some cases, the transmission of personal data to these external parties is necessary. We only pass on personal data to external parties if this is required as part of contract fulfillment, if we are legally obligated to do so, or if we have a legitimate interest in passing on the data. Where we use data processors, we only pass on personal data of our customers on the basis of a valid data processing agreement.

6. Your rights as a data subject

You have the following rights with regard to your personal data:

Right of access (Art. 15 GDPR): You have the right to obtain information about your personal data processed by us.

Right to rectification (Art. 16 GDPR): You have the right to request the correction of inaccurate or completion of your personal data stored by us.

Right to erasure (Art. 17 GDPR): You have the right to request the deletion of your personal data stored by us, unless processing is necessary for exercising the right of freedom of expression, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise, or defense of legal claims.

Right to restriction of processing (Art. 18 GDPR): You have the right to request the restriction of processing of your personal data.

Right to data portability (Art. 20 GDPR): You have the right to receive your personal data in a structured, commonly used, and machine-readable format or to request its transfer to another controller.

Right to object (Art. 21 GDPR): You have the right to object at any time to the processing of your personal data on grounds relating to your particular situation, where processing is based on Art. 6 para. 1 lit. e or f GDPR.

Right to withdraw consent (Art. 7 para. 3 GDPR): You have the right to withdraw consent given to us at any time. The lawfulness of processing carried out on the basis of consent before its withdrawal is not affected.

7. Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority if you believe that the processing of your personal data infringes the GDPR.

The competent supervisory authority for us is:

Die Landesbeauftragte für den Datenschutz Niedersachsen Prinzenstraße 5 30159 Hannover Phone: +49 511 120-4500 Email: poststelle@lfd.niedersachsen.de

8. SSL/TLS encryption

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as inquiries you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from 'http://' to 'https://' and by the lock symbol in your browser line.

9. Server log files

The hosting provider of these pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

- Browser type and browser version - Operating system used - Referrer URL - Hostname of the accessing computer - Time of the server request - IP address

This data is not merged with other data sources. The collection of this data is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of their website. Server log files are deleted after no more than 7 days.

10. Contact form

If you send us inquiries via the contact form, your details from the inquiry form, including the contact details you provide there, will be stored by us for the purpose of processing your inquiry and in case of follow-up questions. We do not pass on this data without your consent.

Processing of this data is based on Art. 6 para. 1 lit. b GDPR if your inquiry is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of inquiries addressed to us (Art. 6 para. 1 lit. f GDPR).

The data you enter in the contact form will remain with us until you request its deletion, revoke your consent to storage, or the purpose for data storage no longer applies. Mandatory statutory provisions, in particular retention periods, remain unaffected.

11. Inquiries by email or phone

If you contact us by email or phone, your inquiry including all resulting personal data (name, inquiry) will be stored and processed by us for the purpose of processing your request.

Processing of this data is based on Art. 6 para. 1 lit. b GDPR if your inquiry is related to the performance of a contract. In all other cases, the processing is based on our legitimate interest (Art. 6 para. 1 lit. f GDPR). The data will be deleted once your inquiry has been conclusively processed and no statutory retention obligations exist.

12. Cookies and consent technology

Our website uses technically necessary cookies that are required for the operation of the site. These cookies are stored on the basis of Art. 6 para. 1 lit. f GDPR and § 25 para. 2 TDDDG. The website operator has a legitimate interest in storing technically necessary cookies for the technically error-free and optimized provision of its services.

Insofar as cookies are additionally used for analysis or marketing purposes, your consent is obtained in accordance with Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG. Consent can be revoked at any time.

13. Hosting

We host the content of our website with an external service provider (hoster). The personal data collected on this website is stored on the hoster's servers. This may include, but is not limited to, IP addresses, contact requests, meta and communication data, contract data, contact details, names, website access, and other data generated via a website.

The use of the hoster is in the interest of a secure, fast, and efficient provision of our online offer by a professional provider (Art. 6 para. 1 lit. f GDPR). Where appropriate consent has been obtained, processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR. We have concluded a data processing agreement with our hoster.

14. Use of the SaaS platform

When using our AI assistant platform (SaaS), we process the following personal data:

- Registration data: Name, email address, company data - Usage data: Interactions with the AI assistant, uploaded documents and knowledge base content - Technical data: IP address, browser type, device information

Processing is carried out for contract fulfillment pursuant to Art. 6 para. 1 lit. b GDPR. Data transmitted by end users to the AI assistant is processed in accordance with the contractual agreements with the customer. Your data is not used for training AI models. Data will be deleted after the end of the contract and expiration of statutory retention periods.

15. Data processing by AI services

To operate our AI assistants, we use services from third-party providers (e.g., OpenAI). User inputs and conversation data may be transmitted to the servers of these providers, which may be located outside the EU.

The transfer is based on standard contractual clauses (Art. 46 para. 2 lit. c GDPR) as well as a data processing agreement with the respective provider. No personal data is used for training AI models by third-party providers. We have taken appropriate technical and organizational measures to ensure the protection of your data.

16. Currency and changes to this privacy policy

This privacy policy is currently valid and was last updated in February 2026. Due to the further development of our website and offers or due to changed legal or official requirements, it may become necessary to amend this privacy policy.