Logo

Privacy Policy

Controller: Mathis Nitschke, Akademiestr. 3, 80799 Munich, Germany, info@sofilab.art

No data protection officer has been appointed, as this is not legally required.

Your rights: You have the right to access (Art. 15 GDPR), rectification (Art. 16), erasure (Art. 17), restriction of processing (Art. 18), objection (Art. 21), and data portability (Art. 20). You may revoke any consent given at any time with future effect. Complaints can be submitted to a data protection authority (e.g., bfdi.bund.de).

Access data: When visiting our website, technical information such as IP address, browser type, and operating system is collected. Legal basis: Art. 6 (1)(f) GDPR. Data is stored for a maximum of 14 days. IP addresses are anonymized.

Cookies: We use cookies to ensure website functionality and improve performance. Legal basis: Art. 6 (1)(f) GDPR (technically necessary) or Art. 6 (1)(a) GDPR (with consent). You can withdraw your consent at any time via the cookie tool in use.

Newsletter: If you sign up for our newsletter, we store your email address to send it. Registration uses a double opt-in process. Legal basis: Art. 6 (1)(a) GDPR. You can unsubscribe at any time using the link in the email.

Contact: If you contact us via form or email, we process your data to respond. Legal basis: Art. 6 (1)(f) GDPR or (b) if your request is related to a potential contract.

YouTube: When playing embedded YouTube videos (Google LLC, USA), personal data may be transferred. More information: policies.google.com/privacy. Data transfers to the U.S. are based on EU Standard Contractual Clauses.

Google Sign-In (OAuth): CORPUS uses Google Sign-In (provided by Google LLC) to allow you to authenticate with your Google account. The following describes how we handle Google user data in compliance with the Google API Services User Data Policy (policies.google.com/terms/api-services-user-data-policy).

Data Accessed: When you sign in with Google, we receive your Google account email address, display name, and profile photo. We request only the minimum data necessary to create and identify your account on CORPUS.

Data Usage: Your Google account data is used solely to authenticate you and provide access to your CORPUS account. We do not use your Google data for advertising, profiling, or any purpose beyond account management and service delivery.

Data Sharing: Your Google account data is not sold or transferred to third parties for commercial purposes. It is processed by Supabase, Inc. (our backend infrastructure provider) solely to operate the authentication and database service, under a data processing agreement.

Data Storage & Protection: Google account data is stored on secure, access-controlled servers. All data in transit is protected using HTTPS/TLS encryption. We apply industry-standard security practices to guard your data against unauthorized access, loss, or disclosure.

Data Retention & Deletion: Your Google account data is retained for as long as your CORPUS account remains active. To request deletion of your account and all associated Google data, email info@sofilab.art — we will process your request within 30 days. You can also revoke CORPUS access to your Google account at any time via myaccount.google.com/permissions.

Objection: You may object to processing based on Art. 6 (1)(f) GDPR at any time, unless compelling legitimate grounds override your interests.

Changes: We reserve the right to update this policy in case of legal changes or modifications to our services.

Contact: info@sofilab.art

Last updated: 27.3.2026