Data Privacy & Transparency Policy

Version 1.2 | Effective Date: January 22, 2026

 

1. General Information and Scope

The protection of personal data is a fundamental principle of Petanux GmbH, Godesberger Allee 73, 53175 Bonn, Germany (“Petanux,” “we,” or “us”). This policy applies to our entire digital ecosystem, including:

 

Our corporate website (www.petanux.com).

 

Our proprietary AI products (e.g., PetaGPT, Petabot, RytAIlSy).

 

Our custom development and consulting services.

 

Our interaction with entrepreneurs and business partners.

 

2. Infrastructure: Maximum Data Sovereignty

Petanux operates under a “Privacy by Design” framework. Unlike standard AI providers, our infrastructure is built to prevent data leakage:

 

Isolated Hosting: Data processing occurs exclusively on our own servers or in TÜV-certified German data centers.

 

 

Local Processing: We prioritize the use of Open-Source LLMs hosted in isolated, certified instances in Germany.

 

 

No Third-Party Transfer: By default, your data is not transmitted to third-party AI providers (e.g., OpenAI, Azure) unless expressly requested by the customer for specific integrations.

 

Data Isolation: Customer-specific data and results from fine-tuning are strictly separated from other clients and are never used to train general models for third parties.

 

 

3. AI Transparency and Interaction (EU AI Act Compliance)

In accordance with Art. 50 of the EU AI Act, we disclose the following regarding our AI-driven systems:

 

3.1. Interaction with AI (Petabot)

 

When using the Petabot on our website or within our products:

 

Users are interacting with an automated AI system.

 

The system is self-hosted; queries are processed in an isolated environment in Germany.

 

 

Legal Attribution: As our products serve as “Decision Support Systems,” the customer (as the “Deployer”) maintains sole responsibility for human oversight and the final validation of AI-generated outputs.

 

 

3.2. Synthetic Content (AI Images)

 

Certain visual elements on this website have been generated using Artificial Intelligence. We disclose this synthetic media to ensure transparency regarding the nature of the content.

 

4. Website Technology and Data Collection

4.1. WordPress CMS

 

We use the WordPress content management system to operate this website. We host WordPress locally on our German infrastructure to ensure full control over data logs and security.

 

4.2. Google Fonts (Local Deployment)

 

To prevent unauthorized data transfer to the USA, we have locally integrated Google Fonts on our own servers. Your browser does not establish a connection to Google’s servers, and your IP address is not shared with Google for font rendering purposes.

 

4.3. Third-Party Content (Freepik)

 

We utilize imagery from providers like Freepik. These are static assets; no personal data of website visitors is transmitted to these providers when viewing our site.

 

5. Data Processing for Professional Services

When you engage Petanux for AI solutions or project services:

 

 

Purpose: Data is processed solely for contract fulfillment, including specific model adaptation (Fine-Tuning).

 

Legal Basis: Processing is based on Art. 6 para. 1 lit. b GDPR (Contract fulfillment) and Art. 6 para. 1 lit. f GDPR (Legitimate interests).

 

On-Premise Security: For On-Premise deployments, the customer is responsible for the physical and network security of the environment.

 

6. Liability and Probabilistic Nature of AI

Users are advised that AI systems are probabilistic.

 

Accuracy: We do not guarantee the absolute accuracy of AI-generated results; “hallucinations” are a known technical characteristic and do not constitute a data processing error or a product defect.

 

Review Obligation: All AI outputs must be reviewed by qualified personnel before being used for legally or commercially binding decisions.

 

 

7. Rights of the Data Subject

Under the GDPR, you have the right to:

 

Access (Art. 15): Request information about your stored data.

 

Rectification/Erasure (Art. 16, 17): Correct or delete your data.

 

Restriction (Art. 18): Limit the processing of your data.

 

Data Portability (Art. 20): Receive your data in a structured format.

 

Objection (Art. 21): Object to processing based on legitimate interests.

 

8. Data Protection Officer and Contact

For inquiries regarding data protection or to request our Data Processing Agreement (AVV), please contact: Data Protection Office Petanux GmbH Godesberger Allee 73 53175 Bonn, Germany Email: contact@petanux.com