Legal

Privacy Policy

Last updated: April 27, 2026

This Privacy Policy explains how Tekin Fischer Systems ("TFS," "we," "us," "our") collects, uses, and protects personal information. It applies to visitors of tekinfischersystems.com and to clients and prospects who interact with our services. This policy is designed to comply with the EU General Data Protection Regulation (GDPR), the German Bundesdatenschutzgesetz (BDSG), the California Consumer Privacy Act (CCPA/CPRA), and equivalent US state privacy laws.

1. Data Controller

The data controller responsible for processing your personal information is:

Saladin Jonas Tekin
Tekin Fischer Systems
Heinrich Wal-Bröhl-Weg 51
40489 Düsseldorf, Germany
Email: saladin@tekinfischersystems.com

For all privacy-related inquiries, including data subject rights requests, please contact us at the email address above.

2. Information We Collect

We collect the following categories of personal information:

Information you provide directly

  • Contact details when you complete a form, request a demo, or email us (name, email address, phone number, company name, role)
  • Information shared during sales conversations or onboarding
  • Account and billing information once you become a client

Information collected automatically when you visit our website

  • Server log data, including IP address, browser type, operating system, referring URL, pages visited, and timestamps. These logs are retained for a maximum of 14 days for security and operational purposes.

Information collected through our service (ARIA)

When clients deploy ARIA on their behalf, we process information about end users (real estate leads) on the client's instruction. This may include name, phone number, email address, property interests, and conversation content. Our clients are the data controllers for this information; we act as a data processor on their behalf.

We do not knowingly collect personal information from individuals under 16 years of age.

3. Legal Bases for Processing (GDPR)

We process personal data on the following legal bases under Article 6 GDPR:

  • Contract performance (Art. 6(1)(b)) — to deliver our services to clients and respond to inquiries
  • Legitimate interests (Art. 6(1)(f)) — to operate, secure, and improve our website and services, and to conduct B2B outreach to potential clients
  • Consent (Art. 6(1)(a)) — where you have given clear consent for a specific purpose
  • Legal obligation (Art. 6(1)(c)) — where required by applicable law

4. How We Use Your Information

We use personal information to:

  • Provide, operate, and improve our services
  • Respond to inquiries and communicate with prospects and clients
  • Process and fulfill contracts
  • Send service-related communications
  • Comply with legal obligations
  • Protect our rights, property, and the security of our systems

We do not sell personal information. We do not share personal information with third parties for their own marketing purposes.

5. Sub-processors and Service Providers

To deliver our services, we use the following sub-processors. Each is bound by a data processing agreement and provides appropriate safeguards for international data transfers (EU Standard Contractual Clauses and/or EU-US Data Privacy Framework certification where applicable).

Sub-processor Purpose Location
OpenAI, L.L.C.Large language model APIUnited States
Anthropic, PBCLarge language model APIUnited States
Twilio Inc.SMS messagingUnited States
Calendly LLCAppointment schedulingUnited States
Hostinger International Ltd.Website hostingEuropean Union
Supabase Inc.Database and backend infrastructureUnited States / European Union
n8n GmbH (n8n Cloud)Workflow automationEuropean Union
Google LLC (Google Workspace)Business email and productivityUnited States

This list may be updated as our service evolves. Material changes will be reflected on this page.

6. International Data Transfers

Some of our sub-processors are located in the United States or other countries outside the European Economic Area (EEA). When personal data is transferred outside the EEA, we rely on:

  • EU Standard Contractual Clauses (SCCs) approved by the European Commission, or
  • EU-US Data Privacy Framework certification, where the recipient is certified

These mechanisms are designed to ensure that your data receives a level of protection essentially equivalent to that guaranteed within the EEA.

7. Data Retention

We retain personal information only for as long as necessary for the purposes described in this policy, or as required by law. Specifically:

  • Website server logs: maximum 14 days
  • Inquiry and prospect contact data: until the inquiry is resolved or 24 months of inactivity, whichever comes first
  • Client account and contract data: for the duration of the contract and as required by applicable tax and commercial law (typically 6–10 years under German law)
  • Lead data processed via ARIA on behalf of clients: per the client's instructions and the applicable data processing agreement

8. Your Rights

Under GDPR (for individuals in the European Economic Area, UK, and Switzerland)

You have the right to:

  • Access the personal data we hold about you (Art. 15 GDPR)
  • Request rectification of inaccurate data (Art. 16 GDPR)
  • Request erasure of your data (Art. 17 GDPR)
  • Request restriction of processing (Art. 18 GDPR)
  • Data portability (Art. 20 GDPR)
  • Object to processing based on legitimate interests (Art. 21 GDPR)
  • Withdraw consent at any time, where processing is based on consent
  • Lodge a complaint with a supervisory authority. The competent authority for us is the Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen (LDI NRW)

Under California, Virginia, Colorado, Connecticut, and other US State Privacy Laws

If you are a resident of California or another US state with a comprehensive privacy law, you have the right to:

  • Know what personal information we collect about you and how it is used
  • Request deletion of your personal information
  • Request correction of inaccurate personal information
  • Opt out of the "sale" or "sharing" of personal information (we do not sell or share personal information as defined under these laws)
  • Non-discrimination for exercising your rights
  • Limit the use of sensitive personal information (we do not collect sensitive personal information as defined under CCPA)

To exercise any of these rights, contact us at saladin@tekinfischersystems.com. We will respond within the timeframes required by applicable law (typically 30 days under GDPR, 45 days under CCPA).

9. Security

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction. These measures include encryption in transit, access controls, and regular review of our security practices. No system is perfectly secure, and we cannot guarantee absolute security.

10. Cookies

This website does not use tracking cookies, advertising cookies, or third-party analytics that profile users. The website may set strictly necessary technical cookies required for basic functionality. These do not require consent under EU law.

11. Children's Privacy

Our services are intended for businesses and adult users. We do not knowingly collect personal information from children under 16 (or under 13 for US visitors under COPPA). If you believe we have collected information from a child, please contact us and we will delete it.

12. Automated Decision-Making and AI

ARIA uses artificial intelligence to communicate with end users on behalf of our clients. ARIA always identifies itself as an AI assistant in its initial communication and at any point a user asks. ARIA does not make automated decisions that produce legal or similarly significant effects on individuals; it provides information, schedules appointments, and routes communication to a human agent.

13. Changes to This Policy

We may update this Privacy Policy from time to time. The current version is always available on this page, with the "Last updated" date at the top. Material changes will be communicated through our website or, where appropriate, by direct notice.

14. Contact

For any questions about this Privacy Policy or our data practices, contact:

Saladin Jonas Tekin
Tekin Fischer Systems
Heinrich Wal-Bröhl-Weg 51
40489 Düsseldorf, Germany
saladin@tekinfischersystems.com