Last updated: December 2025
The protection of your personal data is important to us. Below we provide comprehensive information about the processing of your data in connection with the use of our website.
Data controller pursuant to Art. 4(7) of the EU General Data Protection Regulation (hereinafter: "GDPR") and other national data protection laws of the member states as well as other data protection provisions: workstatt GmbH Rita-Maiburg-Str. 40 70794 Filderstadt Germany Phone: +49 151 65150089 Email: info@archmax.ai (see Imprint).
(1) We collect and use your personal data only insofar as this is necessary to provide a functional website and our content and services. The collection and use of your personal data is regularly carried out only with your consent. An exception applies in cases where prior consent cannot be obtained for practical reasons and the processing of the data is permitted by law. (2) Insofar as we obtain your consent for the processing of personal data, Art. 6(1)(a) GDPR serves as the legal basis. For the processing of personal data necessary for the performance of a contract to which you are a party, Art. 6(1)(b) GDPR serves as the legal basis. This also applies to processing operations necessary for the implementation of pre-contractual measures. Insofar as the processing of your personal data is necessary to fulfil a legal obligation to which our company is subject, Art. 6(1)(c) GDPR serves as the legal basis. If the processing is necessary to protect a legitimate interest of our company or a third party and your interests, fundamental rights, and freedoms do not override the former interest, Art. 6(1)(f) GDPR serves as the legal basis for the processing. (3) We partly use external service providers to process your data. These have been carefully selected and commissioned by us, are bound by our instructions, and are regularly monitored. (4) Your personal data will be deleted or blocked as soon as the purpose of storage ceases to apply. Storage may also take place if this has been provided for by the European or national legislator in EU regulations, laws, or other provisions to which the data controller is subject. The data will also be blocked or deleted when a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or fulfilment of a contract.
(1) Each time our website is accessed, our system automatically collects data and information from the computer system of the accessing device. The following data is collected: – Website from which the request originates – IP address – Date and time of the request – Content of the request (specific page) – Access status / HTTP status code – Amount of data transferred – Browser – Operating system and its interface The data is also stored in log files of our system. This data is not stored together with other personal data. (2) The legal basis for the temporary storage of data and log files is Art. 6(1)(f) GDPR. (3) The temporary storage of the IP address by the system is necessary to enable delivery of the website to your device. For this purpose, your IP address must be stored for the duration of the session. Storage in log files takes place to ensure the functionality of the website. In addition, the data serves to optimise the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context. These purposes also constitute our legitimate interest in data processing pursuant to Art. 6(1)(f) GDPR. (4) The data is deleted as soon as it is no longer necessary for the purpose of its collection. In the case of data collection for the provision of the website, this is the case when the respective session has ended. In the case of storage of data in log files, this is the case after seven days at the latest. Storage beyond this period is possible. In this case, your IP address is deleted or anonymised so that assignment to the accessing client is no longer possible. (5) The collection of data for the provision of the website and the storage of data in log files is essential for the operation of the website. Consequently, there is no possibility of objection on the part of the user.
(1) You can contact us via the provided email address and the contact form on our website. In this case, your transmitted personal data will be stored. No data will be passed on to third parties in this context. The data is used exclusively for the conversation with you. (2) The legal basis for the processing of data transmitted in the course of contacting us by email or contact form is Art. 6(1)(f) GDPR. If the contact aims at the conclusion of a contract, the additional legal basis for the processing is Art. 6(1)(b) GDPR. (3) In the case of contact, this also constitutes the necessary legitimate interest in the processing of the data. (4) The transmitted data will be deleted as soon as it is no longer necessary for the purpose of its collection. If statutory retention obligations exist, we restrict the processing accordingly. (5) If you contact us by email or contact form, you may object to the storage of your personal data at any time. In such a case, the conversation cannot be continued. All personal data stored in the course of contacting us will be deleted in this case.
(1) If personal data concerning you is processed, you are a data subject within the meaning of the GDPR and have the following rights with regard to the personal data concerning you: – Right of access (Art. 15 GDPR) – Right to rectification or erasure (Art. 16, 17 GDPR) – Right to restriction of processing (Art. 18 GDPR) – Right to data portability (Art. 20 GDPR) – Right to object to processing (Art. 21 GDPR) (2) You have the right to withdraw your data protection consent at any time. The withdrawal of consent does not affect the lawfulness of processing carried out on the basis of consent prior to the withdrawal. (3) To exercise the aforementioned rights and for questions regarding data protection, you may contact the data controller as specified in § 1 above or send an email to info@archmax.ai. (4) Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the member state of your habitual residence, your place of work, or the place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the GDPR. As a complainant, you will be informed by the supervisory authority with which the complaint was lodged of the status and outcome of the complaint, including the possibility of a judicial remedy pursuant to Art. 78 GDPR.
(1) This website is hosted by Railway (Railway Corporation, San Francisco, USA). The servers we use are located in the European Union. When you access our website, personal data (e.g. IP address, time of access) is processed by the hosting provider. (2) This processing is based on Art. 6(1)(f) GDPR (legitimate interest in a reliable and secure provision of the website). (3) For more information, see Railway's privacy policy at https://railway.com/legal/privacy.
We employ appropriate technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction, or unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.
This privacy policy is currently valid as of December 2025. Due to the further development of our website and offers, or due to changed legal or regulatory requirements, it may become necessary to amend this privacy policy. The current privacy policy can be accessed and printed at any time on our website.