BRICKS (Blockchain Realworld Interface & Coordination Kinetic System)

BRICKS – Datenschutzbedingungen

Privacy Policy

Last Updated: February 27, 2025

1. Introduction

Karl BRICKS AI GmbH (“we”, “us”, or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and services (collectively, the “Service”).

We operate as a platform that enables AI application development teams (“Clients”) to send personalized gifts to their users (“Recipients”). This process involves the collection and processing of personal data, which we handle with utmost care and in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR).

Please read this Privacy Policy carefully. If you do not agree with the terms of this Privacy Policy, please do not access the Service.

2. Data Controller Information

The data controller responsible for the processing of your personal data is:

Karl BRICKS AI GmbH
An der Alster 1
20099 Hamburg
Germany

Email: karl@gobricks.io
Phillip Bock
CEO, Karl BRICKS AI GmbH

3. Information We Collect

3.1 Information Collected from Clients

When AI development teams (Clients) register and use our Service, we may collect:

  • Contact information (name, email address, telephone number, postal address)
  • Account credentials
  • Billing and payment information
  • Company information and brand assets (logos, designs, etc.)
  • Communication records between us and the Client

3.2 Information Collected from Recipients

When Recipients (end users who receive gifts) interact with our Service, we may collect:

  • Contact information (name, email address, shipping address, phone number)
  • Gift preferences and selections
  • IP address and basic device information

3.3 Automatically Collected Information

When you access our Service, we may automatically collect certain information about your device and usage patterns, including:

  • IP address
  • Browser type and version
  • Operating system
  • Access times and dates
  • Pages viewed
  • Referring website addresses

4. How We Use Your Information

We store and process data solely as necessary for the execution of orders and share this data with third-party companies exclusively for the purpose of fulfilling these orders.

Specifically, we use the information we collect for the following purposes:

4.1 Fulfillment of Orders

  • Processing and shipping gift orders
  • Customizing products according to Client specifications
  • Communicating with Recipients about their gifts
  • Resolving issues related to orders or shipping

4.2 Business Operations

  • Creating and maintaining Client accounts
  • Processing payments
  • Providing customer support
  • Improving our Service and product offerings

4.3 Legal Compliance

  • Complying with legal obligations
  • Resolving disputes and enforcing our agreements
  • Protecting against fraudulent, unauthorized, or illegal activity

5. Legal Basis for Processing

We process your personal data on the following legal grounds:

  • Contract performance: Processing necessary for the performance of a contract to which you are a party or to take steps at your request before entering into a contract
  • Legitimate interests: Processing necessary for our legitimate interests, such as improving our services, preventing fraud, and direct marketing
  • Legal obligation: Processing necessary for compliance with a legal obligation to which we are subject
  • Consent: Where you have given consent to the processing of your personal data for one or more specific purposes

6. Data Sharing and Transfers

We share your personal data with third parties exclusively for the purpose of fulfilling orders. These third parties include:

  • Shipping and logistics providers: To deliver products to Recipients
  • Manufacturing partners: To produce customized products
  • Payment processors: To process payments from Clients

We ensure that all third-party service providers with whom we share personal data are bound by data processing agreements that comply with GDPR requirements and maintain appropriate security measures to protect your data.

If any data transfer occurs outside the European Economic Area (EEA), we implement appropriate safeguards in accordance with GDPR requirements.

7. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.

Specifically:

  • Client account information: For the duration of the business relationship plus the applicable statutory retention periods (typically 6-10 years for financial records)
  • Recipient information: For the time needed to complete the order and handle any post-delivery issues (typically up to 2 years)
  • Communication records: For the duration necessary to resolve the matter plus a reasonable period thereafter

After the retention period expires, we will securely delete or anonymize your personal data.

8. Your Data Protection Rights

Under the GDPR and other applicable data protection laws, you have the following rights:

  • Right to access: You can request copies of your personal data
  • Right to rectification: You can request that we correct inaccurate or complete incomplete data
  • Right to erasure: You can request that we delete your personal data in certain circumstances
  • Right to restrict processing: You can request that we limit the processing of your data in certain circumstances
  • Right to data portability: You can request that we transfer your data to another organization or directly to you
  • Right to object: You can object to our processing of your personal data in certain circumstances

To exercise any of these rights, please contact us using the details provided in Section 2. We will respond to your request within one month. There is no fee for exercising your rights unless your request is clearly unfounded, repetitive, or excessive.

9. Data Security

We have implemented appropriate technical and organizational measures to protect your personal data against unauthorized or unlawful processing, accidental loss, destruction, or damage. These measures include:

  • Encryption of sensitive data
  • Regular security assessments and tests
  • Access controls and authentication procedures
  • Staff training on data protection and security

Despite our best efforts, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee the absolute security of your data.

10. Cookies and Similar Technologies

Our Service may use cookies and similar tracking technologies to track activity and store certain information. These technologies help us understand how our Service is being used and allow us to remember your preferences.

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.

11. Children’s Privacy

Our Service is not intended for individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have collected personal data from a child without verification of parental consent, we take steps to remove that information from our servers.

12. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the “Last Updated” date at the top of this page.

We encourage you to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

13. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at:

Karl BRICKS AI GmbH
An der Alster 1
20099 Hamburg
Germany

Email: karl@gobricks.io
Amtsgericht Hamburg, HRB 190832
Phillip Bock
CEO, Karl BRICKS AI GmbH

14. Supervisory Authority

Right to Lodge a Complaint with a Supervisory Authority If you believe that the processing of your personal data violates applicable data protection laws (in particular, the GDPR), you have the right to file a complaint with a supervisory authority. In general, the supervisory authority of the federal state where our company is based is responsible. You can find an overview of the relevant supervisory authorities at https://www.bfdi.bund.de.