Privacy Policy

creative-it Software Consulting e.U., Georg Wieser, Am Gassl 25, A-3482 Gösing am Wagram, Austria. Email: info@creative-it.com, Phone: +43 660 4943737.

This privacy policy informs you about the nature, scope, and purpose of the processing of personal data on our website creative-it.com in accordance with the General Data Protection Regulation (GDPR) and the Austrian Data Protection Act (DSG).

We process personal data on the following legal bases: Consent (Art. 6(1)(a) GDPR) — e.g. when using the contact form or AI-powered services. Contract performance or pre-contractual measures (Art. 6(1)(b) GDPR). Legitimate interest (Art. 6(1)(f) GDPR) — e.g. secure operation of the website, rate limiting, and abuse prevention.

This website is hosted by Vercel Inc. (440 N Barranca Ave #4133, Covina, CA 91723, USA). When you visit our website, information is automatically stored in server log files, including: IP address, date and time of access, page visited, browser type and operating system, and referrer URL.

This data is processed for the purpose of secure and reliable operation of the website (Art. 6(1)(f) GDPR). Vercel is certified under the EU-US Data Privacy Framework.

When you send us a message via the contact form, your name, email address, and message are transmitted to us via Amazon Web Services (AWS) Simple Email Service (SES). The processing is carried out to handle your inquiry (Art. 6(1)(a) or (b) GDPR).

Your data is used solely to respond to your inquiry and is not stored beyond that unless a business relationship is established. AWS processes data in the EU region (Frankfurt, eu-central-1).

Our website offers several AI-powered features (including AI Playground, Tech Advisor, Knowledge Bot, Website Remix, Live Translation, Agent Visualizer, and Commit Story). When you use these services, your text inputs are transmitted to Amazon Bedrock (AWS) for processing by AI models.

Processing takes place in the AWS EU region (Frankfurt, eu-central-1). No text inputs are permanently stored or used for training purposes. Usage is based on your consent (Art. 6(1)(a) GDPR), which you grant by actively using the services.

To protect our services from abuse, we use IP-based rate limiting. A hashed version of your IP address is temporarily stored in Amazon DynamoDB to limit the number of requests. This data is automatically deleted after 24 hours.

The legal basis is our legitimate interest in secure operation (Art. 6(1)(f) GDPR).

This website uses Google Fonts by Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) for consistent font display. When loading the page, fonts are retrieved from Google servers (fonts.googleapis.com, fonts.gstatic.com), during which your IP address is transmitted to Google.

The legal basis is our legitimate interest in an appealing presentation (Art. 6(1)(f) GDPR). Google is certified under the EU-US Data Privacy Framework.

This website does not use tracking cookies or analytics tools. Only technically necessary cookies are used if required for the operation of the website.

Some of our service providers are based in the USA: Vercel Inc. (hosting) and Google LLC (Google Fonts). Data transfers are based on the EU-US Data Privacy Framework (Art. 45 GDPR) or Standard Contractual Clauses (Art. 46(2)(c) GDPR).

AWS services (Bedrock, DynamoDB, SES) are operated in the EU region (Frankfurt).

Server logs (Vercel): according to Vercel's policies (typically 30 days). Contact form data: only for the duration of processing the inquiry. Rate limiting data: automatically deleted after 24 hours. AI inputs: not permanently stored.

Under the GDPR, you have the following rights: Right of access (Art. 15), Right to rectification (Art. 16), Right to erasure (Art. 17), Right to restriction of processing (Art. 18), Right to data portability (Art. 20), Right to object (Art. 21), and Right to withdraw consent (Art. 7(3)).

To exercise your rights, contact us at info@creative-it.com.

You have the right to lodge a complaint with the competent supervisory authority: Austrian Data Protection Authority (Österreichische Datenschutzbehörde), Barichgasse 40-42, 1030 Vienna, Austria. Phone: +43 1 52 152-0, Email: dsb@dsb.gv.at, Website: www.dsb.gv.at.

We reserve the right to update this privacy policy as needed, for example due to changes to our website or legal requirements. The current version is always available on this page.