ChemInteractive

Privacy Policy

Last updated: July 24, 2025

This Privacy Policy informs you in accordance with Art. 13 et seq. of the General Data Protection Regulation (GDPR) and § 25 of the Telecommunications Digital Services Data Protection Act (TDDDG) about the nature, scope, and purpose of the processing of personal data when using the website cheminteractive.com.

1. Controller

Mediahouse Schefer – Sole Proprietorship Owner: Alexander Schefer Schloßbergring 63, 76646 Bruchsal, Germany Email: alexander.schefer@mediahouse-schefer.de

(Art. 13(1)(a) GDPR) (eur-lex.europa.eu)

Data Protection Officer: Data Protection Officer: There is no legal obligation to appoint a data protection officer (fewer than 20 people regularly engaged in automated data processing). For questions, please contact the controller directly.

2. General Information on Data Processing

We process personal data only to the extent necessary to provide a functional website and our content and services. The legal bases are in particular Art. 6(1)(a) (consent), (b) (contract), (c) (legal obligation), and (f) (legitimate interest) GDPR.

3. Hosting & Content Delivery

The website is hosted via Vercel Inc., 440 N Barranca Ave #4133, Covina, CA 91723, USA ('Vercel'). Content is delivered worldwide via the Vercel Edge Network (119 PoPs in 51 countries).(vercel.com)

  • Data processed: IP address, User-Agent, timestamp, accessed resources.
  • Purpose & interest: fast and secure provision of the website (Art. 6(1)(f) GDPR).
  • Storage periods: Server log files are stored for 30 days and then anonymized or deleted.
  • Third-country transfer: USA. Protection via Standard Contractual Clauses (SCC 2021/914) and additional technical measures.

4. Access Data / Server Log Files

When you visit the website, data is automatically collected by our hosting provider (browser type, operating system, referrer URL, IP address (shortened), date/time).

Legal basis: Art. 6(1)(f) GDPR (operational security).
Storage period: 7 days; then deleted or anonymized.

5. Cookies & Consent Management

We use a consent management tool (Cookie Banner) that sets technically necessary cookies immediately and activates all other cookies (statistics, marketing) only after your explicit consent (opt-in). We store your consent status for 3 years on servers in the EU.

Legal bases: § 25(1) TDDDG (setting/reading non-technical cookies), Art. 6(1)(a) GDPR (processing).

6. Cloudflare Turnstile (Bot Protection)

We use Cloudflare Turnstile, a Captcha replacement from Cloudflare Inc., to block automated requests (bots). Turnstile collects client-side signals, including IP address, TLS fingerprint, and User-Agent. Cloudflare cannot directly identify individuals from this data.(cloudflare.com)

  • Legal basis: Art. 6(1)(f) GDPR (legitimate interest in preventing abuse).
  • Third-country transfer: USA; protection via SCC.
  • Storage period: Signals are deleted or anonymized after a maximum of 30 days.

7. Web Analytics with Google Analytics 4

If you consent, we use Google Analytics 4 (Google Ireland Ltd., Gordon House, Dublin). Google stores event data by default for 14 Monate; you can select longer storage periods including 26/38/50 months.(support.google.com)

  • Data processed: shortened IP address, User ID, device information, event data.
  • Legal basis: Art. 6(1)(a) GDPR; § 25(1) TDDDG.
  • Third-country transfer: USA, secured by SCC 2021/914.
  • Opt-out: You can revoke your consent at any time in the cookie banner or install the browser add-on: https://tools.google.com/dlpage/gaoptout.

8. Firebase & Google GenAI API (AI Functions)

We use AI models from Google Vertex AI / Firebase GenAI for two strictly separate purposes:

1. Technical Reaction Calculations (without personal data)

  • Type of data: Only chemical formulas, substance parameters, and reaction conditions are processed; no personal data such as IP address, name, or contact details are transmitted.
  • Legal basis: Art. 6(1)(b) GDPR (fulfillment of contract-like obligations, as the calculation function is a central part of our service).
  • Prompt logs & model responses: To prevent abuse, Google stores the content for up to 30 days and then deletes it automatically.

2. Creative Idea Generation for Affiliate Links

  • Activation: This function is loaded only after your explicit consent in the cookie banner (marketing category).
  • Legal basis: Art. 6(1)(a) GDPR and § 25(1) TDDDG.
  • Type of data: Prompts contain only topic-related keywords (e.g., product categories) and no personal information.
  • Revocation: You can revoke your consent at any time in the cookie settings.

Third-country transfer & protection: Processing is carried out by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Data transfer is protected by Standard Contractual Clauses (SCC 2021/914) and additional technical measures (TLS encryption).

9. Affiliate Program (Amazon PartnerNet)

We participate in the Amazon EU Partnerprogramm When you click on an affiliate link, Amazon sets a cookie to track the origin of the purchase. This cookie has a duration of 24 hours.(partnernet.amazon.de)

  • Legal basis: Your consent according to § 25(1) TDDDG & Art. 6(1)(a) GDPR.
  • Recipient/Third-country transfer: Amazon EU S.à r.l., Luxembourg / Amazon.com Inc., USA (SCC).
  • Revocation: Via cookie banner or browser settings.

10. Contact via Email / Form

When you contact us, the information you provide (name, email, content) is processed to handle your request.

  • Legal basis: Art. 6(1)(b) GDPR (pre-contractual measures) or Art. 6(1)(f) GDPR (business communication).
  • Storage period: Inquiries are deleted after the process is completed and a three-year limitation period.

11. Your Rights (Art. 15–22 GDPR)

  • Information über gespeicherte Daten
  • Rectification unrichtiger Daten
  • Erasure („Recht auf Vergessenwerden“)
  • Restriction of processing der Verarbeitung
  • Data portability
  • Objection gegen Datenverarbeitung auf Grundlage berechtigter Interessen
  • Revocation of consent erteilter Einwilligungen mit Wirkung für die Zukunft

You also have the right to lodge a complaint with a supervisory authority. The competent authority is, for example, the State Commissioner for Data Protection and Freedom of Information of Baden-Württemberg, Lautenschlagerstraße 20, 70173 Stuttgart, Email: poststelle@lfdi.bwl.de. (baden-wuerttemberg.datenschutz.de)

12. Deletion of Data

We delete or anonymize personal data as soon as the purpose of storage no longer applies and no legal retention obligations conflict. Relevant criteria are, for example, tax and commercial law obligations (§§ 147 AO, 257 HGB).

13. Data Transfers to Third Countries

If we transfer data to third countries (e.g., USA), this only occurs if

  1. an adequacy decision by the EU Commission exists (e.g., 'EU-US Data Privacy Framework') or
  2. Standard Contractual Clauses (SCC 2021/914) with additional guarantees have been concluded or
  3. you have expressly consented.

14. Data Security

We use technical and organizational security measures (TLS encryption, firewalls, access control) to protect your data against accidental or intentional manipulation, loss, destruction, or unauthorized access. The procedures are continuously improved in line with technological developments.

15. Changes to this Privacy Policy

We reserve the right to adapt this privacy policy so that it always complies with the current legal requirements or to reflect changes in our services. The current version (indicated under 'Last updated') applies to your return visit.