Privacy Policy

kommunikationstrainer.ai

1. Privacy at a Glance

The protection of your personal data is important to us. In this privacy policy, we inform you about which personal data is processed when using our website and VR application, for what purposes this occurs, and what rights you have.

2. Controller

ImmBlend GmbH

Unterer Geisberg 26

96129 Strullendorf

Germany

Email: stephan.lohss@immblend.de

3. Hosting and Server Log Files

Our website is operated by an external hosting provider. When accessing the website, information is automatically collected and stored in so-called server log files. This data includes in particular:

  • IP address (shortened or anonymized where technically possible)
  • Date and time of access
  • Name and URL of the retrieved file
  • Website from which access was made (referrer URL)
  • Browser and operating system used

Purpose of processing:

  • Ensuring smooth connection establishment
  • System security and stability
  • Technical administration

Legal basis: Art. 6 (1) lit. f GDPR (legitimate interest)

4. Contact

If you contact us by email, the personal data you provide (e.g., name, email address, content of the inquiry) will be stored to process your request.

Legal basis: Art. 6 (1) lit. b GDPR (pre-contractual measures), Art. 6 (1) lit. f GDPR (legitimate interest)

5. Cookies and Similar Technologies

Our website uses only technically necessary cookies that are required for the operation and basic functions of the website.

  • No tracking cookies
  • No marketing or profiling cookies

If consent-required cookies are used in the future, appropriate consent will be obtained in advance.

Legal basis: Art. 6 (1) lit. f GDPR, if applicable Art. 6 (1) lit. a GDPR (consent)

6. Third-Party Services and Content

We use the following external service providers, all of whose servers are located exclusively within the European Union:

Vercel Inc. – Hosting & Delivery

Server location: Frankfurt, Germany (EU)

Vercel Privacy Policy

Microsoft Azure – Backend, Speech Analysis & Text Processing

Server location: Europe (EU region)

Microsoft Privacy Statement

OpenAI – AI-powered Speech Analysis & Feedback

Server location: Europe (EU endpoint)

OpenAI Privacy Policy

Legal basis: Art. 6 (1) lit. f GDPR (legitimate interest) and Art. 28 GDPR (data processing agreement)

7. Data Processing in the Web App (kommunikationstrainer.ai)

The following personal data is processed when using our web app:

Account Data

Name, email address – for authentication and account management

Recording Data (Audio & Video)

Presentation recordings are captured during training sessions and stored on Microsoft Azure (EU). They are retained until account deletion.

Speech Recognition & Transcription

Audio data is converted to text using Microsoft Azure Speech (server location: West Europe). The audio file itself is not transmitted to OpenAI.

Text Analysis (Azure Language Service)

The transcript is additionally analyzed using Microsoft Azure Text Analytics for sentiment, key phrases, and sentence structure. Processing takes place exclusively on Azure servers within the EU.

AI Analysis & Feedback

To generate personalized feedback, the following data is transmitted to OpenAI: transcript text, speech metrics (speaking pace, pauses, pitch, volume), sentiment scores, and detected filler words. Audio data is not transmitted. No permanent storage takes place at OpenAI.

Results & Progress Data

Scores and analysis results are stored on our servers and accessible to the user within the app.

Technical Data

IP address, browser type, timestamps – for technical operation and security only.

Legal basis: Art. 6 (1) lit. b GDPR (performance of contract)

8. VR App "kommunikationstrainer.ai" and In-App Usage

In addition to the website, we offer a VR application ("kommunikationstrainer.ai") in the Meta Quest Store. Within the app, some technical services, content, and backend functions of the website are used.

The processing of personal data within the app takes place exclusively for the following purposes:

  • Provision of training functions
  • Technical operation and stability
  • Didactic optimization of content

No performance or behavior monitoring in the sense of employment law takes place.

9. AI-Powered Functions (Web App & VR App)

Our platform uses AI-powered functions for speech analysis and real-time feedback. We use OpenAI as our AI service provider, with all data processing taking place exclusively via the European EU endpoint. No data is transferred to the USA.

The processing of user inputs (speech, transcript) occurs exclusively at runtime. The following applies:

  • No personal data is used for training, fine-tuning, or further development of OpenAI's models.
  • Audio data is converted to text (transcript) at runtime. The transcript and derived speech metrics (e.g. speaking pace, pauses, sentiment scores) are transmitted to OpenAI for feedback generation. Raw audio data is not transmitted to OpenAI.
  • User inputs are not permanently stored at OpenAI, not shared, and not used for profiling or advertising.
  • All processing steps take place on servers within the EU.

Legal basis: Art. 6 (1) lit. b GDPR (performance of contract), Art. 28 GDPR (data processing agreement)

10. Meta Quest / Meta Platforms, Inc.

The VR app is provided through the Meta Quest platform. Meta Platforms, Inc. processes personal data independently (e.g., account, device, and usage data).

We have no influence on this data processing.

Meta's privacy policy applies: https://www.meta.com/legal/privacy-policy/

11. Data Transfer to Third Countries

Web App (kommunikationstrainer.ai):

All service providers used (Vercel, Microsoft Azure, OpenAI) process data exclusively on servers within the European Union. No transfer of personal data to third countries (e.g., USA) takes place for the web app.

VR App (Meta Quest):

The VR app uses the Meta Platforms, Inc. (USA) platform. Meta processes platform data independently. The transfer is based on EU Standard Contractual Clauses (Art. 46 GDPR).

12. Storage Duration

Session Recordings & Analysis Results

Stored until the user deletes their account. No automatic deletion due to inactivity.

Account Deletion by the User

Users can delete their account and all associated data at any time via the app settings, or by contacting us at info@immblend.de.

After Account Deletion

All personal data is permanently deleted within 30 days of account deletion.

Statutory retention obligations (e.g., tax law requirements) remain unaffected.

13. Rights of Data Subjects

You have the right at any time to:

  • Access (Art. 15 GDPR)
  • Rectification (Art. 16 GDPR)
  • Erasure (Art. 17 GDPR)
  • Restriction of processing (Art. 18 GDPR)
  • Data portability (Art. 20 GDPR)
  • Object to processing (Art. 21 GDPR)
  • Withdrawal of consent (Art. 7 (3) GDPR)
  • Lodge a complaint with a supervisory authority (Art. 77 GDPR)

Contact: stephan.lohss@immblend.de

Competent supervisory authority:

Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)
Promenade 27
91522 Ansbach, Germany
www.lda.bayern.de

14. Updates and Changes

This privacy policy is updated as needed, e.g., for technical developments or legal changes.

The current version on this website always applies.

Last updated: March 2026