Privacy Policy


Effective Date: March 1, 2025


ChangeCrack ("we", "our" or "the Company") respects your privacy and is committed to protecting your personal data. This Privacy Policy outlines our practices regarding the collection, use, disclosure and protection of data when you access our website at www.changecrack.com ("Website"), our platform (www.mychangecrack.com) or otherwise provide us with personal data.



1. Supervisory Authority (GDPR Compliance)


In accordance with the General Data Protection Regulation (GDPR), the responsible supervisory authority is:

The State Commissioner for Data Protection and Freedom of Information Baden-Württemberg, Germany



2. User Rights (Your GDPR Rights)


As a user, you have the following rights under GDPR:

  1. Access – Request confirmation of whether and how your personal data is processed and access the data stored about you.
  2. Data Portability – Request a copy of the personal data you provided to us in a structured, commonly used, and machine-readable format.
  3. Correction – Request rectification of inaccurate or outdated personal data.
  4. Deletion ("Right to be Forgotten") – Request the deletion of your personal data under certain conditions.
  5. Objection – Object to the processing of your personal data if it is based on legitimate interests.
  6. Restriction of Processing – Request limitation of processing under specific legal circumstances.
  7. Complaint – File a complaint with a supervisory authority if you believe your data protection rights have been violated.



3. Exercising Your Rights


To exercise any of these rights, contact our Data Protection Officer at legal@changecrack.com or use the form provided on our website.



4. Data Retention & Storage


We retain your personal data only as long as necessary to provide services, comply with legal obligations, resolve disputes, and enforce our policies.

  • Retention periods are determined based on the type of data collected and the purpose for which it was collected.
  • Outdated or unnecessary information will be deleted as soon as possible in accordance with our retention policies.



5. Legal Basis for Data Processing


We process personal data under the following legal grounds:

  • Contractual Necessity – To fulfill our contractual obligations and provide requested services.
  • Legitimate Interests – To improve user experience, enhance security, and optimize services.
  • Legal Obligations – To comply with regulatory requirements.
  • User Consent – Where required by law (e.g., marketing emails, cookies).

By using this website, you consent to the collection, processing, storage, and disclosure of your data as described in this Privacy Policy.



6. What Data We Collect


We collect two types of data:

A. Non-Personal Data (Aggregated Data & Analytics)

  • Technical details (browser type, operating system, language settings, access time, etc.).
  • Anonymous website usage data for performance improvement.

B. Personal Data (Identifiable Information)

  • Device Data: IP address, geolocation, MAC address, UUID, and other metadata.
  • Registration Data: Name, email address, phone number, company name (if applicable).
  • Interaction Data: Data collected when contacting us, subscribing to services, or using ChangeCrack features.
  • AI-Generated Interactions: When using AI-powered features within ChangeCrack, user inputs may be processed via OpenAI’s ChatGPT API in real-time.

ChangeCrack does not automatically permanently store user inputs or AI-generated responses and OpenAI’s servers do not retain past user interactions after the session ends.



7. How We Collect Data


We obtain personal data from various sources:

  1. Directly from Users – When you register, contact us or enter data.
  2. Automatically – When you use our services (e.g., cookies, analytics tools).
  3. Third Parties – From external providers, integrations or public registers.



8. How We Use and Share Your Data


We use collected data for the following purposes:

  • Communication – Responding to inquiries, providing customer support.
  • Service Improvement – Enhancing ChangeCrack’s performance and user experience.
  • Marketing (if consent is given) – Informing users about updates and new services.
  • Legal Compliance – Responding to lawful requests from authorities.

We only disclose personal data under the following conditions:

  • Internal Use – To subsidiaries and affiliated companies for service provision.
  • Third-Party Service Providers – Hosting, analytics, and marketing tools (only with contractual safeguards).
  • Legal Requirements – When mandated by law or necessary to protect rights and security.



9. AI Usage & Third-Party Data Processing


ChangeCrack integrates AI-driven insights, including OpenAI’s ChatGPT technology.

  • AI-generated responses are processed in real time and not stored by OpenAI.
  • ChangeCrack does not save any messages generated by users or AI beyond the duration of the session without explicit consent (“save as crack”, “save as project”).
  • ⚠️ Users must avoid entering confidential, business-sensitive or personally identifiable data in AI interactions.
  • OpenAI’s Terms and OpenAI's Privacy Policy apply to AI-driven interactions



10. Security Measures & Data Protection


We implement strict security policies to protect personal data against unauthorized access, misuse and loss.

  • Encrypted storage of sensitive data.
  • Strict access controls and authentication measures.
  • Regular security reviews and updates.

Additionally, ChangeCrack does not store user or AI-generated messages beyond active sessions.



11. Data Transfers Outside the European Economic Area (EEA)


Some service providers may be located outside the EEA. In such cases, we ensure adequate data protection measures in line with EU Commission guidelines (e.g., Standard Contractual Clauses).



12. Corporate Transactions


If ChangeCrack undergoes a merger, acquisition or sale, user data may be transferred to the acquiring entity, which will assume the rights and obligations outlined in this Privacy Policy.



13. Protection of Minors


Our services are not intended for children under 16. If we become aware of unauthorized data collection from minors, we will delete the data immediately.



14. Cookies & Third-Party Services


We and our partners use cookies to enhance website functionality.

  • Session Cookies: Automatically deleted when the browser is closed.
  • Persistent Cookies: Remain stored for a defined period.
  • Third-Party Cookies: Used for analytics and marketing.

Users can manage cookie preferences in browser settings.



15. Updates to this Privacy Policy


We reserve the right to modify this Privacy Policy at any time.

  • Users will be notified of significant changes.
  • Continued use of ChangeCrack constitutes acceptance of the revised policy.



Last modified on: March 1, 2025



How to Contact Us


For general questions about the website, the data we collect about you, or how we use this data, please contact us at:


ChangeCrack - Michael Wohlstein

Nibelungenstrasse 4

89518 Heidenheim an der Brenz

Germany

Email:   legal@changecrack.com