Privacy Policy

1. Controller

Controller within the meaning of the EU General Data Protection Regulation (GDPR):

Marek Jordan
An der Ölmühle 25
52074 Aachen
Germany
General contact: lets@meet-aila.com
Privacy / data-subject requests: privacy@meet-aila.com (response within 30 days as required by Art. 12(3) GDPR)

2. Hosting & server logs

This website is hosted by Vercel Inc., 340 S Lemon Ave #4133, Walnut, CA 91789, USA. Each request automatically generates technical log data: IP address, date and time, requested URL, referrer URL, user agent, HTTP status, and bytes transferred.

Legal basis: Art. 6 (1)(f) GDPR (legitimate interest in providing and securing the website). Retention: up to 30 days. Transfers to the United States are based on Vercel's certification under the EU-US Data Privacy Framework and on Standard Contractual Clauses.

3. Performance & usage measurement (Vercel Speed Insights & Web Analytics)

We use Vercel Speed Insights to measure load times and Core Web Vitals (LCP, INP, CLS) on an aggregated, anonymous basis in order to improve the technical performance of this website. Speed Insights does not use cookies or any other client-side storage. No personal profiles are created; metrics are evaluated in aggregate form only.

We also use Vercel Web Analytics to understand aggregate website usage (page views, top pages, referrers, country, browser and device category). Web Analytics does not use cookies or any other client-side storage. Visitors are counted via an anonymized hash that is valid for a single day and cannot be used to track visitors across days or websites. No personal profiles are created.

Legal basis: Art. 6 (1)(f) GDPR (legitimate interest in a technically performant website and in aggregate reach measurement). Provider: Vercel Inc., USA — transfers as described under section 2.

4. External links (social media)

This website references external profiles via structured data and visible links (X/Twitter, YouTube, LinkedIn, Instagram). No content from these platforms is embedded directly — that is, no connection to their servers is established until you click an external link. Once you do, the privacy policies of the respective platform apply.

5. Fonts

The fonts used on this site ("Fraunces", "JetBrains Mono") are served from this website's own server (self-hosted via Next.js Font Optimization). No request is made to external font providers; in particular, no connection is established to Google Fonts.

6. Note on AI-generated content

Images, text, and video presented on this site are predominantly AI-generated. AILA is a synthetic avatar. Content is curated before publication; processing of personal data of visitors does not take place as part of this content creation. See our disclosure page for pipeline details under EU AI Act Art. 50.

7. Email signup (newsletter)

You can sign up on this website to receive occasional email from AILA. We use a double opt-in procedure: after submitting your address, you receive a confirmation email; only when you click the confirmation link is your address stored. If you do not confirm, nothing is stored — the confirmation link is self-contained, expires after 7 days, and no record of the signup attempt is kept by us.

Data processed after confirmation: email address, interface language, and the timestamp of your confirmation (as consent evidence). Legal basis: Art. 6 (1)(a) GDPR (consent). You can withdraw your consent at any time — every email contains an unsubscribe link, or you can write to privacy@meet-aila.com. Retention: until you unsubscribe or withdraw consent.

Processors: emails are sent and the subscriber list is managed via Mailjet (Mailjet SAS, 4 rue Jules Lefebvre, 75009 Paris, France — EU processing). Confirmed addresses are additionally synced into our marketing database (Odoo, hosted in the EU by Odoo S.A., Belgium) for managing future mailings. No transfer to other third parties, no profiling.

8. AILA bot engagement tracking (X / Twitter)

The AILA persona operates an account on X (Twitter) which auto-replies to public posts after passing a quality gate. To calibrate this quality gate (and protect against false-positive replies), we collect public engagement signals from the tweets AILA interacts with: X handle (online identifier), tweet IDs, likes, replies, retweets, impressions, and reply-mode decision anchors. No real names, no private messages, no special categories under Art. 9 GDPR.

Legal basis: Art. 6 (1)(f) GDPR (legitimate interest in calibrating the quality gate of an AI reply pipeline; documented Legitimate Interest Assessment available on request). Retention: 30 days rolling window. Data are stored locally on the operator's encrypted device; no transfer to third parties, no profiling, no automated individual decision-making under Art. 22 GDPR.

You have the right to object (Art. 21 GDPR) and to request erasure (Art. 17 GDPR) of your X handle at any time. Email privacy@meet-aila.com with your handle; we respond within 30 days. International transfer: the X platform is operated by X Corp., USA — the underlying tweets are already public on X under that platform's own setup; we do not make an additional transfer.

9. Your rights

You have, at any time, the right to access (Art. 15 GDPR), rectification (Art. 16), erasure (Art. 17), restriction of processing (Art. 18), data portability (Art. 20), and the right to object (Art. 21). Please direct any such request to privacy@meet-aila.com. We respond within 30 days (Art. 12(3) GDPR).

You also have the right to lodge a complaint with a supervisory authority (Art. 77 GDPR), in our case in particular the State Commissioner for Data Protection and Freedom of Information of North Rhine-Westphalia (LDI NRW).