This Privacy Policy explains how AppFabrik AI handles personal data in relation to this website and the AI Contract Manager mobile app.
Controller and contact
Responsible: Wasiliy Strecker, AppFabrik AI, Ludwigstrasse 23, 86152 Augsburg, Germany.
Privacy and legal contact: contact@appfabrik-ai.de. User support: support@appfabrik-ai.de.
Data we process
- Website server logs such as IP address, time, URL, browser information and HTTP status.
- Support requests, including email address and message content.
- App data stored locally by the user, such as contract fields, reminders, notes and document references.
- For AI analysis: recognized contract OCR text, OCR confidence/text block metadata and document/schema identifiers.
- Recognized contract fields and AI results shown in the app for user review.
- Purchase or subscription data handled by Apple App Store or Google Play if paid features are used.
Purposes
We process data to provide the website, answer support requests, operate AI contract analysis, show deadline/cost/contract overviews, support PDF and reminder workflows inside the app, improve app security and comply with legal obligations.
Legal bases
Where the GDPR applies, the legal basis can depend on the feature and user context. App functions requested by the user may be processed to provide the requested service under Art. 6(1)(b) GDPR. Optional AI analysis started by the user may rely on the user's active request and, where legally required, consent under Art. 6(1)(a) GDPR. Website, gateway security and abuse prevention may rely on legitimate interests under Art. 6(1)(f) GDPR. Legal retention and compliance duties may rely on Art. 6(1)(c) GDPR. This summary is not legal advice and should be reviewed for the final launch setup.
AI analysis and third-party provider
When a user starts AI analysis, recognized OCR text and metadata are sent to api.appfabrik-ai.de. The gateway forwards the request to OpenAI API for contract extraction. Original PDF or image files are not sent to AI by default. See AI Data Processing for details.
According to OpenAI's API data controls, API data is not used for training by default unless the account explicitly opts in. OpenAI may retain abuse monitoring logs and, for some API features such as Responses API, application state according to its data controls; default periods can be up to about 30 days.
Subprocessors
Relevant providers may include hosting and email providers for this website and support, OpenAI API for AI analysis, and Apple App Store / Google Play for app distribution, purchases and subscriptions. Crash or analytics providers are not listed here unless they are actually used.
International transfers
Depending on the provider setup, personal data may be processed outside the EU/EEA, including by AI, hosting, email or store providers. Where required, we rely on appropriate safeguards such as standard contractual clauses or other applicable transfer mechanisms.
Retention
Local app data remains on the user's device or in backups controlled by the user. We do not permanently store contract documents on our servers unless a future feature explicitly states otherwise. The gateway is designed to log status and usage metadata only; OCR text and contract content are intentionally not logged by the gateway. Support emails are kept only as long as needed for support, legal or operational reasons.
Deletion
Users can delete local app data on their device. For support, account or server-side data requests, use Data deletion or contact contact@appfabrik-ai.de. Store purchase records may be controlled in part by Apple or Google.
Your rights
Depending on applicable law, especially the GDPR, you may have rights to access, correction, deletion, restriction, objection, data portability and complaint with a supervisory authority.
No legal advice
AI Contract Manager helps organize contract information. It does not provide legal advice. Please verify deadlines, cancellation, withdrawal and contract interpretation before acting.