Privacy notice

This page describes how we handle personal data when you sign up for the AI BCM Newsletter. We process data in line with the EU General Data Protection Regulation (GDPR / DSGVO).

Controller

Konstantin Gerner
Hollergasse 30/11
1150 Vienna, Austria
Email: newsletter@aibcm.org

What we collect

• Email address (required) — so we can send you the weekly newsletter and the double-opt-in confirmation.
• Name (optional) — only used to personalise the greeting, if provided.
• Timestamps of subscription and confirmation, for audit purposes.

We do not store the IP address of your subscription request (Listmonk setting privacy.record_optin_ip = false). We do not use third-party analytics, advertising trackers, or cookies on this site.

How we use it

We use your email solely to deliver the AI BCM Newsletter and operational messages directly related to your subscription (e.g. opt-in confirmation, unsubscribe acknowledgement). We do not sell, rent, or share your address with any third party.

Legal basis

Processing is based on your explicit consent (Art. 6(1)(a) GDPR), confirmed via double opt-in. You can withdraw consent at any time by clicking the unsubscribe link in any newsletter, with no effect on the lawfulness of processing before withdrawal.

Where the data lives

• Subscriber list: our self-hosted Listmonk instance on a Hetzner Cloud VPS in Germany. No managed mailing-list provider is involved.
• Outbound mail delivery: SMTP via ALL-INKL (KASSERVER), Germany, as the sending mail server. They process your email address only to transmit the message; their privacy policy applies to that transmission.
• Web server logs: nginx access/error logs are kept on the same VPS for operational debugging (typically 30 days). Logs include the request line and HTTP status; we do not associate them with subscribers.

Retention

We retain your subscriber record until you unsubscribe. After unsubscribe, the record is marked unsubscribed and retained only as long as needed to honour that request and demonstrate the opt-out (typically <1 year), then deleted.

Your rights

Under the GDPR you have the right to access, correct, delete, restrict, or port your data, and to object to processing. You may also lodge a complaint with the Austrian Data Protection Authority (Datenschutzbehörde, dsb.gv.at) or your local supervisory authority. To exercise any of these rights, email newsletter@aibcm.org.

Changes

If we change how we process subscriber data, we will update this page and, where the change is material, notify subscribers in a newsletter issue.