Privacy Policy

This privacy policy explains how personal data is collected, processed, and used when you visit bitbi.ai (the "Website"). It applies to all pages of this website and covers obligations under the EU General Data Protection Regulation (GDPR) and the German Telecommunications-Telemedia Data Protection Act (TTDSG).

Personal data is any information that can directly or indirectly identify you (e.g., name, IP address, email address). This website does not require you to provide personal data to browse its content; data is only collected as described in the sections below.

Stefan van Ark
Schwarzwaldstraße 20
78647 Trossingen
Germany

E-Mail: bit@bitbi.ai

A data protection officer is not required under Art. 37 GDPR for this website.

GitHub Pages

This website is hosted on GitHub Pages, a service of GitHub, Inc. (a subsidiary of Microsoft Corporation, USA). When you access any page, GitHub automatically receives and stores technical connection data, including your IP address, browser type and version, operating system, referrer URL, and the date/time of the request.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in the secure and reliable provision of the website).

More info: GitHub Privacy Statement

Cloudflare (CDN, DNS, Security)

This website uses Cloudflare, Inc. (USA) as a content delivery network (CDN), DNS resolver, and for DDoS protection. All traffic to this website passes through Cloudflare's network. Cloudflare processes IP addresses, HTTP request headers, user agent strings, timestamps, and referrer data. Cloudflare may set a technically necessary cookie (__cf_bm) for bot detection.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in website security and performance); §25(2) Nr. 2 TTDSG (the cookie is strictly necessary for the service explicitly requested by the user).

More info: Cloudflare Privacy Policy

Both GitHub Pages and Cloudflare automatically collect and store information in server log files that your browser transmits when accessing the website:

• IP address (anonymized or full, depending on the provider)
• Browser type and version
• Operating system
• Referrer URL
• Requested page/resource
• Date and time of the request
• Amount of data transferred

This data is not merged with other data sources. It is used solely for technical operation and security of the website.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in the technically error-free and secure operation of the website).

Retention: Cloudflare retains logs for up to 72 hours; GitHub Pages retains logs for up to 30 days.

When you use the contact form, the following data is collected and processed:

• Required fields: Name, email address, message
• Optional field: Subject

The data you enter is transmitted via a Cloudflare Worker (Cloudflare, Inc., USA) to the email delivery service Resend, Inc. (USA), which sends the message to our mailbox. No data is stored permanently on the Worker; it acts only as a transit relay.

Legal basis: Art. 6(1)(b) GDPR (processing necessary for pre-contractual measures at your request).

Provision of the required fields is necessary to process your inquiry. If you do not provide this data, we cannot respond to your request (Art. 13(2)(e) GDPR).

Retention: Contact form submissions are retained for 6 months after final response, then deleted unless a legal obligation requires longer retention.

More info: Resend Privacy Policy

This website uses a custom cookie consent banner to manage your preferences for cookies and similar technologies (including localStorage access).

The banner is displayed to visitors in the European Economic Area (EEA) upon first visit. You can change or revoke your consent at any time via the "Cookie Settings" link in the footer.

Categories:

• Necessary (always active) — consent storage, game score storage
• Analytics — performance measurement (Cloudflare RUM)
• Marketing — embedded content (YouTube videos)

Your consent choice is stored in your browser's localStorage under the key bitbi_cookie_consent. No consent data is transmitted to third parties.

Legal basis for storing the consent preference: §25(2) Nr. 2 TTDSG (strictly necessary to provide the service explicitly requested by the user).

This website uses Cloudflare Real User Measurements (RUM) to measure and improve real-world performance (e.g., load times, Core Web Vitals, error rates).

Provider: Cloudflare, Inc. (USA). When activated, a JavaScript snippet collects performance and technical usage data (page URL, referrer, timestamp, device/browser information, performance metrics). Cloudflare may also process network data (including IP address) for providing the service and for security purposes.

This service is only activated after you give consent in the "Analytics" category of the cookie banner.

Legal basis: Art. 6(1)(a) GDPR (consent); §25(1) TTDSG (consent required for access to device information not strictly necessary).

You can withdraw your consent at any time with future effect via the "Cookie Settings" link in the footer (Art. 7(3) GDPR).

More info: Cloudflare Privacy Policy

Fonts (Self-Hosted)

All typefaces used on this website (Inter, Playfair Display, JetBrains Mono, and page-specific fonts) are self-hosted on our own servers. No connections to Google Fonts or other external font services are made. No personal data is transmitted to third parties for font loading.

Three.js / A-Frame / Other Libraries

Certain pages load JavaScript libraries from external CDNs:

• A-Frame (aframe.io) — WebVR/XR framework
• Three.js via cdnjs.cloudflare.com — 3D rendering
• Other libraries via cdn.jsdelivr.net — utility scripts

When these resources are loaded, your IP address and technical request data are transmitted to the respective CDN operators.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in the functional delivery of website features using established CDN infrastructure).

The homepage automatically loads cryptocurrency market data from the CoinGecko API (Gecko Labs Pte. Ltd., Singapore) at regular intervals (approximately every 60 seconds).

When this data is fetched, your IP address and user agent are transmitted to CoinGecko's servers.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in displaying up-to-date market information to visitors).

More info: CoinGecko Privacy Policy

YouTube videos are embedded using the privacy-enhanced mode (youtube-nocookie.com). Videos are only loaded after you give consent in the "Marketing" category of the cookie banner.

When loaded, a connection to YouTube/Google (Google Ireland Limited / Alphabet Inc., USA) is established and personal data (IP address, browser data) is transmitted. Cookies or similar identifiers may also be stored on your device.

Legal basis: Art. 6(1)(a) GDPR (consent); §25(1) TTDSG (consent required for non-essential device access).

You can withdraw your consent at any time with future effect via the "Cookie Settings" link in the footer (Art. 7(3) GDPR).

More info: Google Privacy Policy

This website uses SSL/TLS encryption (HTTPS) for all connections, provided by Cloudflare. This protects the confidentiality of data transmitted between your browser and the website.

Some of the processors listed in this policy are based in the United States. The following safeguards ensure an adequate level of data protection for transfers to the USA:

• Cloudflare, Inc. — certified under the EU-U.S. Data Privacy Framework (DPF); additionally, Standard Contractual Clauses (SCCs) are in place.
• GitHub, Inc. / Microsoft Corp. — certified under the EU-U.S. Data Privacy Framework (DPF); SCCs apply.
• Google Ireland Limited / Alphabet Inc. — certified under the EU-U.S. Data Privacy Framework (DPF); SCCs apply for transfers to Alphabet Inc.
• Resend, Inc. — Standard Contractual Clauses (SCCs) pursuant to Art. 46(2)(c) GDPR.

More info on the DPF: dataprivacyframework.gov

We delete or anonymize personal data as soon as the purpose for its collection no longer applies, unless a legal retention obligation prevents deletion. Specific retention periods:

• Cloudflare server logs: up to 72 hours
• GitHub Pages server logs: up to 30 days
• Contact form submissions: 6 months after final response
• Consent preferences (localStorage): until you clear your browser data or revoke consent
• Game scores (localStorage): until you clear your browser data
• Cloudflare RUM data: retained by Cloudflare per their data retention policies

You have the following rights regarding your personal data. To exercise any of these rights, contact us at bit@bitbi.ai.

• Right of access (Art. 15 GDPR) — obtain confirmation and a copy of your stored data
• Right to rectification (Art. 16 GDPR) — correct inaccurate data
• Right to erasure (Art. 17 GDPR) — request deletion of your data
• Right to restriction (Art. 18 GDPR) — restrict processing under certain conditions
• Right to data portability (Art. 20 GDPR) — receive your data in a structured, machine-readable format
• Right to withdraw consent (Art. 7(3) GDPR) — withdraw consent at any time without affecting the lawfulness of processing carried out before the withdrawal

Right to object (Art. 21 GDPR): Where we process your personal data based on legitimate interests (Art. 6(1)(f) GDPR), you have the right to object at any time on grounds relating to your particular situation. We will then no longer process your data unless we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms. To object, send an email to bit@bitbi.ai.

Right to lodge a complaint (Art. 77 GDPR): You have the right to lodge a complaint with a supervisory authority. The competent authority for our location is:

Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit Baden-Württemberg (LfDI BW)
Lautenschlagerstraße 20
70173 Stuttgart
Germany
Phone: +49 711 6155 41-0
Website: baden-wuerttemberg.datenschutz.de

No automated decision-making or profiling within the meaning of Art. 22 GDPR takes place on this website.

We may update this privacy policy to reflect changes in our data processing practices or legal requirements. The current version is always available on this page. We encourage you to review this policy periodically.

Last updated: 6 March 2026