PRIVACY POLICY

Reqforge.AI

 

1. Introduction 

ReqForge.AI takes the protection of your personal data very seriously. Processing is carried out in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws. This privacy policy describes which data is collected, how it is processed, and what rights you have as a data subject. 

 

2. Controller 

Michael Mark 
Alemannenstraße 11b 
76571 Gaggenau-Hörden 
Germany 

 

3. Data Processing on the Website 

a) Server Log Files 

When visiting our website www.reqforge.ai, the following data is automatically collected: 

  • IP address 
  • Date and time of access 
  • URL of the accessed page 
  • Browser type and version 
  • Operating system 

Purpose: Technical security, error analysis, and protection against misuse 
Legal basis: Art. 6 (1) (f) GDPR (legitimate interest) 

b) Contact 

If you contact us via form or email, we store the data you provide (e.g., name, email address, message). 

  • Purpose: Handling your request 
  • Legal basis: Art. 6 (1) (b) GDPR (pre-contractual measures) 

c) Cookies and Consent 

Our website uses cookies. For non-essential cookies, we obtain your consent via the integrated cookie consent banner from IONOS. 

Legal basis

  • Technically necessary: Art. 6 (1) (f) GDPR 
  • Non-essential: Art. 6 (1) (a) GDPR (consent) 

 

4. Use of the SaaS Solution Reqforge.AI 

a) Processed Data 

When using our SaaS solution, we collect the following data: 

  • Company name 
  • Name and email address of the user 
  • Time of use (session log) 
  • Usage behavior (excluding content analysis) 

Purpose: Contract execution, authentication, traceability of usage 
Legal basis: Art. 6 (1) (b) GDPR (contract performance) 

b) No Persistent Storage of Input 

The content you enter into the application (text inputs) is not permanently stored but is processed only during the session runtime and then automatically deleted. 

c) Logging and Protocols 

Only temporal and technical protocol entries (e.g., app usage) are stored on Microsoft Azure in the EU — pseudonymized and for specific purposes only. 

 

5. Third-Party Providers (Subprocessors) 

a) Microsoft Azure (EU) 

  • Purpose: Hosting, database, logging 
  • Location: EU region 
  • Legal basis: Processing on behalf pursuant to Art. 28 GDPR 

b) OpenAI (USA) 

  • Purpose: Processing user input to generate requirement texts 
  • Data transfer to third countries: Yes, to the USA 
  • Safeguard mechanism: Use of EU Standard Contractual Clauses (SCC) 

Data protection level: The USA does not offer a data protection level equivalent to that of the EU. Access by US authorities cannot be ruled out. 

More information
OpenAI: https://openai.com/enterprise-privacy 

 

6. Data Security (Technical and Organizational Measures) 

To protect your data, we take appropriate technical and organizational measures: 

  • SSL/TLS encryption (HTTPS) 
  • Hosting in ISO-certified Azure data centers (EU) 
  • Role system (admin/user) 
  • Access control at the server level 
  • No storage of input content 

 

7. Your Rights 

  • You have the following rights at any time: 
  • Access (Art. 15 GDPR) 
  • Rectification (Art. 16 GDPR) 
  • Erasure (Art. 17 GDPR) 
  • Restriction of processing (Art. 18 GDPR) 
  • Data portability (Art. 20 GDPR) 
  • Objection (Art. 21 GDPR) 

Contact: info@reqforge.ai 

 

8. Right to Lodge a Complaint 

You have the right to lodge a complaint with a data protection supervisory authority. Generally, the authority of your federal state is responsible, or: 

Data Protection Authority of Baden-Württemberg 
https://www.baden-wuerttemberg.datenschutz.de 

Wir benötigen Ihre Zustimmung zum Laden der Übersetzungen

Wir nutzen einen Drittanbieter-Service, um den Inhalt der Website zu übersetzen, der möglicherweise Daten über Ihre Aktivitäten sammelt. Bitte überprüfen Sie die Details in der Datenschutzerklärung und akzeptieren Sie den Dienst, um die Übersetzungen zu sehen.