CINDR.LA

Privacy Policy — AIQ AI Readiness Check

Privacy Policy

AIQ — AI Readiness Assessment | CINDR.LA

Version 1.2
Effective: 09.04.2026

1. Data Controller

Momenture Consulting e.U. (Brand: CINDR.LA)
Bernhard Reiterer
Kampgasse 1
3492 Grafenegg
Austria
Company register number: FN 433154 t
E-mail: aiq@cindr.la

2. Data Processed

The following data is processed in connection with the use of AIQ:

  • E-mail address
  • Questionnaire responses
  • Optional personalisation data (name, role, company)
  • Payment data (via Stripe)
  • Technical connection data (IP address, logs)

Data is processed for the following purposes:

  • Creation and delivery of the report (Art. 6(1)(b) GDPR)
  • Payment processing (Art. 6(1)(b) GDPR)
  • System operation and security (Art. 6(1)(f) GDPR)
  • Follow-up communication for a similar product (Art. 6(1)(f) GDPR in conjunction with § 174 TKG 2021)

Users may object to receiving such e-mails at any time.

4. AI Processing

The following providers process data to generate the report:

  • Mistral AI (EU, primary provider)
  • Anthropic, PBC (USA, fallback)

Any transfer of personal data to third countries (in particular the USA) is carried out on the basis of standard contractual clauses pursuant to Art. 46 GDPR or an adequacy decision.

5. Data Processors

The following service providers are used:

  • Fly.io (hosting)
  • Google Workspace (e-mail)
  • Stripe (payment processing)
  • Mistral AI (AI processing)
  • Anthropic (fallback AI)
  • Netlify (hosting)

Data processing agreements pursuant to Art. 28 GDPR are in place with all processors.

6. Retention Periods

  • Reports and usage data: up to 24 months
    (for contract fulfilment, re-delivery, and support purposes)
  • Accounting data: 7 years
    (statutory retention obligations under Austrian tax law)
  • Server logs: 30 days
  • E-mail addresses (marketing): until unsubscription

7. Rights of Data Subjects

Data subjects have the following rights:

  • Access (Art. 15 GDPR)
  • Rectification (Art. 16 GDPR)
  • Erasure (Art. 17 GDPR)
  • Restriction of processing (Art. 18 GDPR)
  • Data portability (Art. 20 GDPR)
  • Objection (Art. 21 GDPR)

Complaints may be directed to:

Austrian Data Protection Authority
https://www.dsb.gv.at

8. E-mail Communication

Follow-up e-mails related to AIQ may be sent.

These are:

  • limited to similar products only
  • sent in limited volume
  • include an unsubscribe option at any time

9. Cookies

No tracking cookies are used.

Technically necessary cookies may be used.

The legitimate interest lies in the secure and stable operation of the platform.

10. Automated Decisions

No automated decision-making with legal effect takes place.

11. Changes

This privacy policy may be updated.

Current version at:
cindr.la/aiq/datenschutz

CINDR.LA — aiq@cindr.la