Privacy Notice — GenXDefinition

Effective date: 16 August 2025 • Version: 1.1

TL;DR (summary — not a substitute for the full Privacy Notice)

No waitlist or forms. We do not collect sign-ups on the site.
Email-only contact. If you email us, we process your email address and the message to reply.
No analytics cookies. Only strictly necessary cookies/logs for basic site security/operation.
Chat happens on chatgpt.com. Your GenXDefinition interactions are processed by OpenAI under their terms; we do not see your chats unless you send them to us.

Continue reading for the complete notice.

1) Controller & contact

Controller: Rafail Konstantinidis (Greece).

Contact: rafailkonstantinidisx@gmail.com

Website: genxdefinition.com

2) Scope

This notice covers data processed via our website and email communications. The site links you directly to the GenXDefinition Custom GPT on chatgpt.com.

Interactions with GenXDefinition inside ChatGPT are processed by OpenAI under their own terms and privacy policy; we do not control that processing and do not receive your chat content unless you choose to email it to us.

3) Data we collect

Emails you send us: your email address, message content, and standard email metadata.
Technical logs: basic server logs (e.g., IP address, user-agent, timestamps) necessary for security and troubleshooting.
Cookies: only strictly necessary cookies that keep the site functioning (set by our host/CDN as applicable).

We do not operate a waitlist or web forms and do not run analytics/marketing cookies.

4) Purposes & legal bases (GDPR)

Respond to your emails — Art. 6(1)(f) (legitimate interests) and, where applicable, Art. 6(1)(b) (steps prior to a potential agreement).
Site security and debugging — Art. 6(1)(f) (legitimate interests).
Compliance/record‑keeping — Art. 6(1)(c) (legal obligation) and Art. 6(1)(f) (legitimate interests).

5) Cookies

Cookies. We do not use analytics, advertising, or other non-essential cookies. We use only strictly necessary storage needed to deliver and secure the site.

Embedded media (YouTube). We use privacy-enhanced embeds and load the YouTube player only after your click. Until you choose to load a video, no requests are sent to YouTube. Once loaded, YouTube may process data under its own policies.

6A) Third-party recipients (API Actions)

When you toggle GenXScript features that fetch external data, requests may be sent to:

Open-Meteo (weather/climate): request includes coordinates, requested variables/time ranges, and your IP/User-Agent (standard HTTP metadata).

NASA POWER (solar/meteorology): request includes coordinates/temporal window/variables and standard HTTP metadata.

NASA requests acknowledgement of POWER as the source in published work. power.larc.nasa.gov

Wikidata / Wikidata Query Service (WDQS) (entity facts/IDs): request includes your query (e.g., SPARQL) and

standard HTTP metadata; Wikimedia asks clients to send a descriptive User-Agent and to throttle/back-off appropriately.

7) International transfers

If data is transferred outside the EEA/UK (e.g., to email or hosting providers), we rely on appropriate safeguards such as adequacy decisions or EU Standard Contractual Clauses.

8) Retention

Emails: retained as long as needed to handle your request and for up to 24 months thereafter, unless a longer period is required by law or to establish/defend legal claims.
Server logs: typically 30–90 days, unless needed longer for security investigations.

9) Your rights (GDPR)

You have the right to access, rectify, erase, restrict, object, and data portability, and to withdraw consent where processing is based on consent (not used here). You may lodge a complaint with your local supervisory authority (in Greece: Hellenic Data Protection Authority).

To exercise rights, contact rafailkonstantinidisx@gmail.com. We may need to verify your identity.

10) Children

The Service and site are intended for users 16+. If we learn we have data from a child without appropriate consent, we will delete it.

11) Security

We use reasonable technical and organizational measures to protect personal data. No method of transmission or storage is 100% secure.

12) OpenAI & third-party platforms

When you use GenXDefinition on chatgpt.com, your interactions are processed by OpenAI under their terms and privacy policy. We do not receive your chat content unless you email it to us.

12A) API actions & data flows (legal bases, retention, transfers)

Categories of data sent: coordinates or place names you provide; time ranges; query text (e.g., SPARQL); and technical metadata (IP address, timestamps, User-Agent).

Purpose: to return weather/climate/context data you asked GenXScript to use in a parametric workflow.

Legal bases (GDPR): Art. 6(1)(b) performance of a requested feature and Art. 6(1)(f) legitimate interests (operate the service, respect provider policies).

Retention: we do not store third-party responses server-side on genxdefinition.com; API providers may retain logs under their own policies.

International transfers: calls may be routed to servers outside the EEA (e.g., NASA in the U.S.; Wikimedia infra; Open-Meteo hosting).

We rely on Art. 49(1)(b) (necessary for the requested service) and maintain minimality (only data needed to fulfil the request).

Attribution in outputs: where required (e.g., POWER citation; Open-Meteo Climate/CMIP6),

GenXScript may add an attribution string in the output. You should keep attributions if you publish or redistribute.

13) Changes

We may update this Privacy Notice. Material changes will be posted here with a new effective date.

14) Contact

Rafail Konstantinidis
Athens 10433, Greece
Email: rafailkonstantinidisx@gmail.com
Site: genxdefinition.com

© 2025 Rafail Konstantinidis. Docs & site content: CC BY-NC-SA 4.0. Rhino and Grasshopper are trademarks of Robert McNeel & Associates; no affiliation implied.