coreX
corex@aiqia.de
+++ ACHTUNG: coreX - Content Without Limits befindet sich noch in der Entwicklungsphase +++ Aktuelle Version von coreX: 0.10.0 +++ +++ ACHTUNG: coreX - Content Without Limits befindet sich noch in der Entwicklungsphase +++ Aktuelle Version von coreX: 0.10.0 +++ +++ ACHTUNG: coreX - Content Without Limits befindet sich noch in der Entwicklungsphase +++ Aktuelle Version von coreX: 0.10.0 +++ +++ ACHTUNG: coreX - Content Without Limits befindet sich noch in der Entwicklungsphase +++ Aktuelle Version von coreX: 0.10.0 +++ +++ ACHTUNG: coreX - Content Without Limits befindet sich noch in der Entwicklungsphase +++ Aktuelle Version von coreX: 0.10.0 +++ +++ ACHTUNG: coreX - Content Without Limits befindet sich noch in der Entwicklungsphase +++ Aktuelle Version von coreX: 0.10.0 +++
+++ ACHTUNG: coreX - Content Without Limits befindet sich noch in der Entwicklungsphase +++ Aktuelle Version von coreX: 0.10.0 +++

Privacy Policy

Information pursuant to Art. 13 and 14 GDPR

Controller

The controller responsible for processing personal data on this website within the meaning of the General Data Protection Regulation (GDPR) is:

Sascha Buscher
Obermeidericher Strasse 27A
46049 Oberhausen
DE
Email: info@aiqia.de
https://corex.aiqia.de

2. Server Log Files and Local Statistics (Analytics)

When you access this website, technical information is automatically processed. Unlike conventional websites that use third-party tracking services, we process this data entirely locally (self-hosted) on our own web server infrastructure.

The following information is collected and analyzed:

  • IP address (strictly anonymized, hashed, or masked; we do not store full IP addresses in visitor logs)
  • Date and time of the request
  • Requested page / file size and name
  • Browser type and version
  • Operating system and device category
  • Referrer domain (to protect your privacy, full URL paths and query parameters are stripped at the boundary; only the main domain is stored)
  • Optional technical performance metrics (Core Web Vitals and loading speed metrics) to optimize site responsiveness.

This data is processed solely for the technical provision, security diagnostic assessments of the website, and privacy-friendly visitor analytics. Under no circumstances is statistics or tracking data transmitted to external analytics providers, ad networks, or third-party tracking pixels (e.g., no Google Analytics or Facebook Pixel is used).

3. Automated Data Retention and Housekeeping

To ensure strict data minimization in accordance with coreX privacy policies, we enforce automated technical retention bounds (housekeeping):

  • Raw Web Analytics & Performance Data: Detailed raw request records (visitors, bot detection logs, performance tracking metrics, and Web Vitals) are held only for short, customizable retention periods.
  • Aggregation: After the retention period expires, the raw details are permanently and automatically deleted. The records are condensed into fully anonymous, aggregated long-term daily statistics for trend analysis.
  • Default System Purging: Expired login attempts, temporary security blocklists, and inactive browser sessions are pruned automatically in the background without requiring manual administrator intervention.

4. Cookies and Secure Session Management (excluding "Remember Me")

This website uses technically necessary cookies to provide core functions.

  • Session Cookies: Standard, temporary session identifiers are utilized to recognize your status (e.g., preserving your preferred language, holding session state).
  • Remember-Me Cookie (cx_remember): If you actively check the optional "Remember Me" / "Keep me logged in" option during login, a long-term cookie is set:
  • This cookie incorporates high-security selector/validator hashing separation (instead of raw database identifiers or unhashed secrets).
  • It is configured with secure-by-default attributes (SameSite=Lax, HttpOnly, and Secure over active HTTPS channels).
  • The verification token automatically rotates on every single auto-login, rendering potential intercepted cookie copies instantly useless.
  • You can audit and control all currently active sessions (showing device, browser, and login time) directly inside your secure profile dashboard. Clicking "Sign out other devices" or completing a standard logout immediately and permanently invalidates all active auxiliary tokens.

5. Use of coreX

This website is operated using coreX — a custom-developed content management system built with native "Privacy by Design" principles. All database actions, user management, and administrative logs are kept local. Update package diagnostics, modular reviews, and manifest integrity checks run in localized environments to prevent unauthorized data pathways.

6. Use of coreY (AI Functionality)

If specialized AI functions (coreY) are utilized on this website, processing is handled locally (self-hosted) on our own secure infrastructure or inside non-disclosing pipelines.

  • No automated transmitting of personal parameters, input strings, or query histories to public generative AI models or outside networks takes place without explicit, documented configuration.

7. Contact Form and Inbox Management

If you submit an inquiry to us via the contact form, the data you enter (name, email address, message) is stored in our database.

  • These messages are retrieved inside a secure, mailbox-styled Admin Inbox.
  • This mailbox manages custom read-states, direct administrator routing, and anti-spam protection (local captcha and sanitization).
  • This data is stored strictly to process your request and is deleted as soon as processing completes or upon request.

8. Connected Accounts and Third-Party Logins (OAuth)

This website may support opt-in, passwordless authentication using verified third-party providers (such as Google or Facebook OAuth 2.0).

  • Binding your account to a third party is completely voluntary and requires active, secure confirmation from your logged-in profile.
  • We utilize normalized provider profiles to pull only minimal required profile data (name, email, avatar).
  • No tracking codes, ad logs, or administrative secrets are exchanged with the provider.
  • You can dynamically manage and disconnect all external logins at any time in your profile account settings.

9. Forum (if active)

If you participate in the community forum, any content you provide (such as posts, comments, usernames, and likes) will be permanently stored and shown to other visitors.

  • We may record hashed index validations to prevent forum spam and automated bot abuse.
  • Administrative moderating checks and housekeeping systems automatically review spam entries and archive outdated validation hashes.

10. SSL/TLS Encryption

To protect confidential transmissions (such as form submission contents, profile settings, and session metadata from interception), this website strictly enforces state-of-the-art SSL/TLS encryption. You can confirm active, secure transport via the padlock symbol and https:// prefix in your browser's address bar.

11. Your Rights

In accordance with global and local data protection regulations, you hold the following rights:

  • Right of Access (to obtain copies of your stored personal details)
  • Right to Rectification (to correct inaccurate or incomplete data)
  • Right to Erasure (the "right to be forgotten" / deletion of your records)
  • Right to Restriction of Processing
  • Right to Data Portability
  • Right to Object to processing actions

If you believe that our processing of your personal data violates data protection standards, you have the right to lodge a formal complaint with a competent supervisory authority.

12. Changes to this Privacy Policy

We reserve the right to adapt and revise this privacy policy to maintain alignment with changing legal frameworks or to accurately document new, updated technical capabilities of the coreX environment.