Legal

Privacy Policy

This Privacy Policy explains how Eka Labs collects, uses, stores, and protects personal data across its websites, services, and communications.

1. Introduction

At Eka Labs GmbH (“Eka Labs”, “we”, “our”, or “us”), protecting your privacy is a core principle of how we design and operate our technology.

This Privacy Policy explains how we collect, use, store, and protect personal data when individuals interact with our websites, services, and communications.

For the purposes of this Policy, “personal data” means any information that relates to an identified or identifiable individual, either directly or indirectly.

We are committed to handling personal data responsibly and in accordance with applicable data protection laws, including the General Data Protection Regulation.

2. Scope

This Privacy Policy applies to all digital services provided by Eka Labs, including:

Websites and domains operated by Eka Labs
Applications, APIs, and software services
Communications such as email or other direct interactions

This Policy does not apply to third-party services, platforms, or websites that may be linked from our services. These are operated independently and are subject to their own privacy policies. We are not responsible for their content or data handling practices.

3. When This Policy Applies

This Privacy Policy applies when you:

Visit our website
Use our applications or services
Communicate with us via email or other channels
Interact with us in a business or professional context

4. Categories of Personal Data

We follow a data minimization approach and only process personal data where necessary.

4.1 Information You Provide

You may provide personal data when you:

Contact us (e.g. via email)
Request information about our services
Engage in a business relationship

This may include:

Name
Email address
Any information included in your communication

4.2 Technical and Usage Data

When you access our website or services, certain technical data may be processed automatically:

IP address
Date and time of access
Browser type and version
Device and operating system information
Referrer URL

This information is required to ensure the functionality, stability, and security of our services.

4.3 Service Usage Data

If you use our products or services, we may process limited operational data necessary to provide functionality, such as:

Authentication-related information
System interaction logs
Error and performance data

We do not use this data for profiling or advertising.

5. How We Collect Data

We collect personal data through:

Direct interactions (e.g. when you contact us)
Automated systems (e.g. server logs)
Technical infrastructure required to operate our services

We do not purchase personal data from data brokers.

6. Purpose and Legal Basis

We process personal data only where there is a valid legal basis.

Purposes include:

Operating and maintaining our services
Responding to inquiries and communications
Ensuring system security and preventing misuse
Complying with legal obligations

Legal bases include:

Art. 6(1)(b) GDPR – performance of a contract or pre-contractual measures
Art. 6(1)(f) GDPR – legitimate interests (e.g. security, system integrity)

We do not rely on personal data for advertising or profiling purposes.

7. Data Sharing and Disclosure

We do not sell or trade personal data.

We may share data only in limited circumstances:

With infrastructure and hosting providers necessary to operate our services
Where required by law or legal process
To protect our rights, users, or systems

All third-party processing is limited to what is necessary and subject to appropriate safeguards.

8. International Data Transfers

Where possible, data is processed within the European Union.

If data is transferred outside the EU/EEA, we ensure appropriate safeguards are in place, such as:

Standard Contractual Clauses (SCCs)
Equivalent legal mechanisms under applicable law

9. Data Retention

We retain personal data only for as long as necessary:

To fulfill the purposes outlined in this Policy
To comply with legal obligations
To resolve disputes and enforce agreements

When data is no longer required, it is deleted or anonymized.

10. Security Measures

We implement appropriate technical and organizational safeguards to protect personal data, including:

Encrypted communication (e.g. HTTPS)
Access controls and system monitoring
Secure infrastructure and data handling practices

In the event of a data breach, we will act in accordance with applicable legal requirements.

11. Children’s Privacy

Our services are not intended for individuals under the age of 16.

We do not knowingly collect personal data from children. If we become aware that such data has been collected, we will take appropriate steps to delete it.

12. Your Rights

Under applicable data protection laws, you have the following rights:

Right of access
Right to rectification
Right to erasure
Right to restriction of processing
Right to data portability
Right to object to processing

You also have the right to lodge a complaint with a supervisory authority.

13. Withdrawal of Consent

Where processing is based on your consent, you may withdraw that consent at any time.

Withdrawal does not affect the lawfulness of processing carried out before withdrawal.

14. Third-Party Services and Links

Our services may contain links to third-party websites or integrations.

These services operate independently and have their own privacy policies. We recommend reviewing them before providing any personal data.

15. Changes to This Policy

We may update this Privacy Policy from time to time.

Updates will be published on this page, and where appropriate, we may notify users through our services.

16. Contact

If you have questions about this Privacy Policy or wish to exercise your rights, you can contact us at:

Eka Labs GmbH

Mozartstraße 8

40479 Düsseldorf

Germany

Email: contact@ekalabs.ai