Privacy
How the Common Intelligence Foundation website handles your data — last updated 21 May 2026
This privacy notice covers the websites common-intelligence.org and common-intelligence.foundation, which are purely informational. The sites do not have user accounts, do not sell anything, and do not run analytics or advertising scripts.
1. Who is responsible
The controller of personal data within the meaning of Article 4 (7) GDPR is Sebastian Küpers, Hibiskusweg 17b, 13089 Berlin, Germany. Contact details are in the Imprint.
The Common Intelligence Foundation is currently being formally established as a non-profit foundation in Estonia. After registration, the foundation will become the controller and this notice will be updated accordingly.
2. What is collected, and why
Server access logs. The website is served via Cloudflare. Each request is logged for security and operational purposes: source IP address, user-agent string, requested URL, timestamp, and HTTP response code. The logs are not used for analytics or profiling.
Legal basis: Art. 6 (1) (f) GDPR — legitimate interest in security and operability of the website.
Email correspondence. If you contact us via the "Contact" / hello@common-intelligence.org link or any other email address listed on the site, we receive your email address and the content of your message.
Legal basis: Art. 6 (1) (f) GDPR — legitimate interest in responding to enquiries; or Art. 6 (1) (b) for any pre-contractual measures arising from your message.
Cookies and similar technologies. The website sets no cookies. It loads no analytics, advertising, or social-media tracking scripts. Fonts are loaded from Google Fonts (which involves your IP being sent to Google for the purpose of serving the font files); we may self-host fonts in a future revision to remove this dependency.
3. Sharing
- Cloudflare Inc. — website hosting and security. Acts as a data processor.
- Email provider — if you email us, your message is processed by our email service provider (Cloudflare Email Routing for inbound, forwarded to Sebastian's personal Gmail account at Google LLC).
- Google Fonts (Google LLC, USA) — fonts are loaded from Google's CDN. When your browser fetches a font file, Google receives your IP address.
We do not sell or share your data for advertising or any commercial purpose.
4. International transfers
Cloudflare and Google operate globally including in the United States. Transfers to the United States are based on the EU–US Data Privacy Framework (Commission adequacy decision of 10 July 2023) where the recipient is certified, otherwise on the European Commission's Standard Contractual Clauses (SCC).
5. Retention
Cloudflare access logs are retained per Cloudflare's default policy (typically around 7–30 days). Email correspondence is retained for as long as needed to respond to your enquiry, and thereafter for record-keeping purposes in line with applicable retention obligations.
6. Your rights
Under the GDPR, you have the right to access, rectification, erasure, restriction of processing, objection, and data portability concerning data we hold about you. To exercise any of these rights, please email us at the address in the Imprint. You also have the right to lodge a complaint with the Berliner Beauftragte für Datenschutz und Informationsfreiheit, or with the supervisory authority in your country of residence.
7. Changes to this notice
If we change this notice materially, we will update the date at the top.