1. General information
Jam Technologies GmbH, Jennerstraße 7a, 80999 München (hereinafter “ JAM”, “we” or “us”) takes the protection of personal
data very seriously.
We treat personal data confidentially and always in accordance with the applicable data protection laws, in particular
Regulation (EU) 2016/679 (hereinafter “General Data Protection Regulation” or “ GDPR”), the German Federal Data Protection
Act (hereinafter “BDSG”), and in accordance with the provisions of this privacy policy.
The aim of this privacy policy is to inform you (hereinafter “ data subject” or “you”) in accordance with Art. 12 et seq. GDPR
about how we process your personal data and for what purposes we process your personal data when using our website
www.wejam.ai (hereinafter “Website” and together “Websites”) or contacting us.
Unless otherwise stated in this privacy policy, the terms used here have the meaning as defined in the GDPR.
2. Data Controller
JAM acts as a controller within the meaning of the GDPR in relation to your personal data processed in connection with the
use of our Websites or a contact made to or by JAM.
If you have any questions about this privacy policy or the processing of your personal data, you can contact us at the following
contact details:
Jam Technologies GmbH
Jennerstraße 7a
80999 München
Deutschland
E-mail: data@wejam.ai
3. Categories, purposes and legal bases of the personal data processed
We process different categories of your personal data for different purposes. Below you can see which data we process in
which contexts, for which purposes and on which legal basis we base the respective processing.
3.1. Visiting our Website
When visiting our Websites for informational purposes, i.e., mere viewing and without you providing us with any other
information, certain personal data is automatically collected each time the Websites are called up and stored in so-called
server log files. These are:
- Browser type and version. The specific type and model of Internet browser you are using, such as Google Chrome,
Mozilla Firefox, or Microsoft Edge, along with the specific version of the browser.
- Operating system used. Your operating system for your digital activity, such as Windows, macOS, Linux, iOS, or
Android.
- Host name of the accessing computer. The unique name that your device has on the Internet or on a local network.
- The date and time of access. The exact time of access to the Website.
- IP address of the requesting computer. The unique numeric identifier assigned to a device when it connects to the
Internet.
Legal basis:
The legal basis for the temporary storage and processing of such personal data is Art. 6 para. 1 sent. 1 lit. f GDPR. Our
legitimate interest here is to be able to provide you with technically functional, attractive and user-friendly Websites as well
as to ensure the security of our systems.
Duration of the storage:
Such personal data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. For
personal data stored in log files, this is the case after 7 days at the latest.
However, in some cases, e.g., due to legal retention obligations we might be under the legal obligation to continue the storage
of your personal data.
3.2. Contact
It is possible to contact us by e-mail. When you contact us, we collect and process certain information in connection with your
specific request, such as, e.g., your name, e-mail address, and other data requested by us or data you voluntarily provide to
us (hereinafter “Contact Data”).
Legal basis:
If you contact us as part of an existing contractual relationship or contact us in advance for information about our range of
services, the Contact Data will be processed for the performance of a contract or in order to take steps prior to entering into
a contract and to respond to your contact request in accordance with Art. 6 para. 1 sent. 1 lit. b GDPR.
Otherwise, the legal basis for the processing of Contact Data is Art. 6 para. 1 sent. 1 lit. f GDPR. The Contact Data is
processed to pursue our legitimate interests in responding appropriately to customer/contact inquiries.
Duration of storage:
We will delete Contact Data as soon as the purpose for data storage and processing no longer applies ( e.g., after your request
has been processed).
However, in some cases, e.g., due to legal retention periods we might be under the legal obligation to continue the storage
of your personal data.
3.3. Information for end-user; account provided by your organization
If your organization, such as your employer or customer, has provided you with an account to the Jam training platform, your
organization is the sole data controller, and, thus, solely responsible for all personal data processing activities related to your
use of the Jam training platform. Jam only serves as a data processor which has been commissioned by your organization
with the processing of personal data on behalf of your organization in this regard.
If your organization provides you with access to the Jam training platform, your use of the Jam training platform is subject
to your organization’s internal policies, if any.
Therefore, please direct all inquiries about your data privacy rights to your organization contact.
4. Data Receiver
We might transfer your personal data to certain data receivers if such transfer is necessary to fulfill our contractual and legal
obligations.
In individual cases, we transfer personal data to our consultants in legal or tax matters, whereby these recipients act
independently in their own data protection responsibilities and are also obliged to comply with the requirements of the GDPR
and other applicable data protection regulations. In addition, they are bound by special confidentiality and secrecy obligations
due to their professional position.
In the event of corporate transactions ( e.g., sale of our business or a part of it), we may transfer personal data to involved
advisors or to potential buyers.
Additionally, we also use services provided by various specialized companies, e.g., IT service providers, that process data on
our behalf (hereinafter “Data Processors”). We have concluded a data processing agreement according to Art. 28 GDPR or
EU standard contractual clauses of the EU Commission pursuant to Art. 46 para. 2 lit. c GDPR with each service provider and
they only process data in accordance with our instructions and not for their own purposes. Our current data processors are:
- Webflow: A web hosting and content management platform that enables us to design, publish, and maintain our website. Webflow processes data for the purpose of providing the technical infrastructure, ensuring website functionality, and optimizing performance and user experience.
- Finsweet: A service provider that supports the technical enhancement and customization of our Webflow-based website. Finsweet processes data to ensure smooth website functionality, performance optimization, and the integration of certain interactive features.
- Google Analytics: A web analytics service provided by Google. Google Analytics helps us understand and analyze website traffic and user interactions to improve our content and user experience. For more information on the privacy practices of Google, please visit the Google Privacy & Terms webpage.
5. Data transfers to third countries
Your personal data is generally processed in Germany and other countries within the European Economic Area (EEA).
However, it may also be necessary for personal data to be transferred recipients located outside the EEA, i.e., to third
countries, such as the USA. If possible, we conclude the currently applicable EU standard contractual clauses of the
EU Commission pursuant to Art. 46 para. 2 lit. c GDPR with all processors located outside the EEA. Otherwise, we ensure that
a transfer only takes place if an adequacy decision exists with the respective third country and the recipient is certified under
this, if necessary. We will provide you with respective documentation on request.
6. Your rights
The following rights are available to you as a data subject in accordance with the provisions of the GDPR:
6.1. Right of revocation
You may revoke your consent to the processing of your personal data at any time pursuant to Art. 7 para. 3 GDPR. Please
note, that the revocation is only effective for the future. Processing that took place before the revocation remains unaffected.
6.2. Right of access
Under the conditions of Art. 15 GDPR you have the right to request confirmation from us at any time as to whether we are
processing personal data relating to you. If this is the case, you also have the right within the scope of Art. 15 GDPR to receive
access to the personal data as well as certain other information about the personal data and a copy of your personal data.
The restrictions of § 34 BDSG apply.
6.3. Right to rectification
Under the conditions of Art. 16 GDPR you have the right to request us to correct the personal data stored about you if it is
inaccurate or incomplete.
6.4. Right to erasure
You have the right, under the conditions of Art. 17 GDPR, to demand that we delete the personal data concerning you without
delay.
6.5. Right to restrict processing
You have the right to request that we restrict the processing of your personal data under the conditions of Art. 18 GDPR.
6.6. Right to data portability
You have the right, under the conditions of Art. 20 GDPR, to request that we hand over, in a structured, common and machine-
readable format, the personal data concerning you that you have provided to us. Please note that this right only applies to
data generated using automated processes, the use of which you have originally consented to, or if we have used the data
to perform an agreement with you.
6.7. Right to object
You have the right to object to the processing of your personal data under the conditions of Art. 21 GDPR.
6.8. Right to complain to a supervisory authority
Subject to the requirements of Art. 77 GDPR, you have the right to file a complaint with a competent supervisory authority.
As a rule, the data subject may contact the supervisory authority of his or her habitual residence or place of work or place of
the alleged infringement or the registered office of JAM. The supervisory authority responsible for JAM is the Bavarian State
Commissioner for Data Protection. A list of all German supervisory authorities and their contact details can be found here.
7. Obligation to provide data
When you visit our Websites, you may be required to provide us with certain personal data as described in this privacy policy.
Beyond that, you are under no obligation to provide us with personal data. However, if you do not provide us with your
personal data as required, you may not be able to contact us and/or we may not be able to contact you to respond to your
inquiries or questions.
8. Automated decisions/profiling
The processing of your personal data carried out by us does not contain any automated decisions in individual cases within
the meaning of Art. 22 para. 1 GDPR.
9. Changes to this privacy policy
We review this privacy policy regularly and may update it at any time. If we make changes to this privacy policy, we will
change the date of the last update above. Please review this privacy policy regularly to be aware of any updates. The current
version of the privacy notice can be accessed at any time at www.wejam.ai.