Privacy Policy

1. Data Controller

Phone

+43 1 22 65 562

Email

gr@ki2.at

Web

www.ki-quadrat.at

Address

KI-Quadrat Systemhaus GmbH

Kirchengasse 23

A-3003 Gablitz

2. Purpose and Scope of Data Processing

Our AI-supported advisory platforms help municipalities and their employees answer citizen enquiries, support internal administrative workflows, and draft official documents. As part of our services, personal data is only processed where this is strictly necessary for the current request.

Data processing is carried out in particular for the following purposes:

• Analysis of enquiries and provision of tailored recommendations
• Documentation to ensure traceability of the consultation
• Preparation of digital documents and official decisions

3. Categories of Processed Data

Depending on the advisory request, the following categories of data may be processed:

• Contact data of the responsible contact person within the municipality (e.g. name, email address, telephone number)
• Organisational and administrative data (e.g. municipality name, areas of responsibility)
• Content-related details of the advisory request and specific challenges
• Platform usage log data (e.g. access times, features used)

4. Legal Bases for Processing

Data is processed on the basis of the following legal grounds under the GDPR:

• Art. 6(1)(b) GDPR – performance of a contract or steps prior to entering into a contract
• Art. 6(1)(f) GDPR – legitimate interests (e.g. improvement of advisory processes)
• Art. 6(1)(a) GDPR – consent, where required

5. Storage Period

Personal data is stored only for as long as necessary to fulfil the advisory purposes or as long as statutory retention obligations apply. After these periods expire, the data is deleted.

6. Data Sharing and Data Processing on Our Behalf

Your data is only shared with third parties where this is necessary for the provision of the advisory service or where we are legally obliged to do so. For the operation and maintenance of the platform, we work with processors who are contractually bound to comply with the GDPR.

7. Data Processing in the Context of Artificial Intelligence

The advisory service is provided using an AI-based solution. This involves algorithms and automated decision-making processes based on the data provided. All evaluations are carried out in compliance with the applicable legal requirements, and we ensure that no unlawful decisions are made solely by automated means.

8. Data Security

We implement appropriate technical and organisational measures to protect your data against unauthorised access, loss, or misuse. These measures are regularly reviewed and adapted to the current state of the art.

9. Data Subject Rights

Under the GDPR, you have the following rights:

• Right of access to your stored data (Art. 15 GDPR)
• Right to rectification of inaccurate data (Art. 16 GDPR)
• Right to erasure of your data (Art. 17 GDPR)
• Right to restriction of processing (Art. 18 GDPR)
• Right to data portability (Art. 20 GDPR)
• Right to object to processing (Art. 21 GDPR)

Notice

To exercise your rights, you can contact us using the contact details listed above. If you believe that your data is being processed unlawfully, you have the right to lodge a complaint with the Austrian Data Protection Authority.

10. Contact for Data Protection Questions

If you have any questions about the processing of your personal data or wish to exercise your rights, you can contact us at any time:

Phone

+43 1 22 65 562

Email

gr@ki2.at