Skip to content
Skip to content

Privacy Policy

We take the protection of your personal data very seriously. This privacy policy informs you about how we collect, process, and use your personal data when you visit our website and use our services, in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

1. Data Controller

The data controller responsible for data processing on this website is: TMT Labs GmbH, Fraunhoferstr. 30, 10587 Berlin, Germany. Email: impressum@tmt-labs.de. The controller decides alone or jointly with others on the purposes and means of processing personal data (e.g. names, contact details, etc.).

2. Subject of Data Protection

The subject of data protection is personal data. This is all information relating to an identified or identifiable natural person (so-called data subject). This includes, for example, information such as name, postal address, email address, or telephone number, but also other information that may arise when using our website, such as the time of a website visit.

3. Automated Data Collection (Server Logs)

When you visit our website, our web server automatically collects and stores information in server log files that your browser transmits to us. This includes: your IP address, browser type and version, operating system, referrer URL, pages visited, date and time of access, and the amount of data transferred. This data is processed on the basis of Art. 6 (1) (f) GDPR, as it serves our legitimate interest in ensuring the stability, security, and optimization of our website. Log data is deleted after 90 days unless required longer for security incident investigation.

4. Cookies

Our website uses only technically necessary cookies to ensure the functionality of the website. These include: a language preference cookie (to remember your chosen interface language), and a theme preference cookie (to remember your light/dark mode choice). These cookies are stored in your browser's local storage and do not transmit data to external servers. We do not use tracking cookies, third-party analytics, or advertising cookies. The legal basis is Art. 6 (1) (f) GDPR (legitimate interest in providing a functional website).

5. Contact Forms

When you use our contact form, we collect the data you provide: name, email address, company name (optional), phone number (optional), and your message. This data is used solely to respond to your inquiry. The legal basis for processing is Art. 6 (1) (b) GDPR (pre-contractual measures) or Art. 6 (1) (f) GDPR (our legitimate interest in responding to inquiries). Contact form data is retained for 24 months for the purpose of follow-up communication, after which it is deleted unless a contractual relationship has been established.

6. Demo Calls

When you request a demo call via our website, we collect your phone number and language preference. Your phone number is transmitted to our telephony provider to initiate the call. The call is handled by our AI voice assistant and a transcript may be generated for quality assurance purposes. The legal basis is Art. 6 (1) (a) GDPR (your consent given by requesting the call). Phone numbers used for demo calls are not stored for marketing purposes and are deleted within 30 days.

7. AI Transparency

Our voice assistants are AI systems that interact directly with callers by phone. In accordance with Art. 50 (1) of Regulation (EU) 2024/1689 (EU AI Act), every caller is informed at the beginning of the conversation that they are speaking with an AI assistant. This disclosure is made by the AI system itself in its opening message. We do not use AI-generated content designed to deceive or impersonate natural persons.

8. Web Hosting

This website is hosted on servers within the European Union. Our hosting infrastructure is located in EU data centers and is subject to the provisions of the GDPR.

9. Data Sharing with Third Parties

We share personal data with third parties only when necessary to provide our services. Categories of recipients include: (a) AI processing providers, for voice interaction processing and analysis, based on data processing agreements pursuant to Art. 28 GDPR; (b) telephony providers, for call routing and delivery; (c) email delivery providers, for transactional emails; (d) error monitoring providers, with personally identifiable information collection disabled. Where providers are located outside the EU/EEA, data transfers are safeguarded by Standard Contractual Clauses pursuant to Art. 46 GDPR. We may also share data when required by law (Art. 6 (1) (c) GDPR) or to protect our legitimate interests. A current list of sub-processors is available upon request at impressum@tmt-labs.de. We do not sell personal data to third parties.

10. Data Security

We implement appropriate technical and organizational security measures to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. These include: TLS encryption for all data in transit, encryption at rest for stored data, regular security assessments, and access controls limiting data access to authorized personnel only.

11. Data Retention

We retain personal data only for as long as necessary for the purposes for which it was collected, or as required by law. Server logs are deleted after 90 days. Contact form submissions are retained for up to 24 months. Call recordings are automatically deleted after the configured retention period. Other call data is retained for service improvement and analytics until you request its deletion pursuant to Art. 17 GDPR. When data is no longer required, it is securely deleted or anonymized.

12. Your Rights

Under the GDPR, you have the following rights: right of access (Art. 15 GDPR) — you can request information about your stored personal data; right to rectification (Art. 16 GDPR) — you can request correction of inaccurate data; right to erasure (Art. 17 GDPR) — you can request deletion of your data; right to restriction (Art. 18 GDPR) — you can request restriction of data processing; right to data portability (Art. 20 GDPR) — you can request your data in a machine-readable format; right to object (Art. 21 GDPR) — you can object to processing based on legitimate interests. To exercise any of these rights, please contact us at impressum@tmt-labs.de. You also have the right to lodge a complaint with a supervisory authority, in particular in the EU member state of your habitual residence, place of work, or place of the alleged infringement.

13. Changes to This Privacy Policy

We reserve the right to update this privacy policy from time to time to reflect changes in our data processing practices or legal requirements. The current version is always available on our website. We recommend reviewing this page periodically.

Last updated: February 2026