Privacy Notice — GenXDefinition

1) Controller & contact

Controller: Rafail Konstantinidis (Greece).

Contact: rafailkonstantinidisx@gmail.com

Website: genxdefinition.com

2) Scope

This notice covers data processed via our website and email communications. The site links you directly to the GenXDefinition Custom GPT on chatgpt.com.

Interactions with GenXDefinition inside ChatGPT are processed by OpenAI under their own terms and privacy policy; we do not control that processing and do not receive your chat content unless you choose to email it to us.

3) Data we collect

• Emails you send us: your email address, message content, and standard email metadata.
• Technical logs: basic server logs (e.g., IP address, user-agent, timestamps) necessary for security and troubleshooting.
• Cookies: only strictly necessary cookies that keep the site functioning (set by our host/CDN as applicable).

We do not operate a waitlist or web forms and do not run analytics/marketing cookies.

4) Purposes & legal bases (GDPR)

• Respond to your emails — Art. 6(1)(f) (legitimate interests) and, where applicable, Art. 6(1)(b) (steps prior to a potential agreement).
• Site security and debugging — Art. 6(1)(f) (legitimate interests).
• Compliance/record‑keeping — Art. 6(1)(c) (legal obligation) and Art. 6(1)(f) (legitimate interests).

5) Cookies

Cookies. We do not use analytics, advertising, or other non-essential cookies. We use only strictly necessary storage needed to deliver and secure the site.

Embedded media (YouTube). We use privacy-enhanced embeds and load the YouTube player only after your click. Until you choose to load a video, no requests are sent to YouTube. Once loaded, YouTube may process data under its own policies.

6) Sharing & recipients

We may share limited data with:

• Hosting/email providers to operate the site and handle email.
• Professional advisors (legal/accounting) when necessary.

Recipients must protect data appropriately and process it only on our instructions where applicable.

7) International transfers

If data is transferred outside the EEA/UK (e.g., to email or hosting providers), we rely on appropriate safeguards such as adequacy decisions or EU Standard Contractual Clauses.

8) Retention

• Emails: retained as long as needed to handle your request and for up to 24 months thereafter, unless a longer period is required by law or to establish/defend legal claims.
• Server logs: typically 30–90 days, unless needed longer for security investigations.

9) Your rights (GDPR)

You have the right to access, rectify, erase, restrict, object, and data portability, and to withdraw consent where processing is based on consent (not used here). You may lodge a complaint with your local supervisory authority (in Greece: Hellenic Data Protection Authority).

To exercise rights, contact rafailkonstantinidisx@gmail.com. We may need to verify your identity.

10) Children

The Service and site are intended for users 16+. If we learn we have data from a child without appropriate consent, we will delete it.

11) Security

We use reasonable technical and organizational measures to protect personal data. No method of transmission or storage is 100% secure.

12) OpenAI & third-party platforms

When you use GenXDefinition on chatgpt.com, your interactions are processed by OpenAI under their terms and privacy policy. We do not receive your chat content unless you email it to us.

13) Changes

We may update this Privacy Notice. Material changes will be posted here with a new effective date.

14) Contact