Legal · DSGVO / GDPR
Privacy notice
Last updated · 19 May 2026
1 · Controller
The controller within the meaning of Art. 4 (7) GDPR is AIRIA Systems GmbH, Berlin — see the Imprint for the full address and registration details. ParlAIment is a product of AIRIA Systems GmbH; the operator of parlaiment.eu is the same legal entity that operates airia.systems and parlaiment.app.
2 · Data protection officer
For all matters relating to data protection, please write to [email protected]. General enquiries about ParlAIment can also be sent to [email protected]; data-protection requests are handled exclusively by the DPO mailbox.
3 · What we process on this website
Access data
When you visit the website, our hosting provider records access logs containing the request IP, user-agent, requested URL, HTTP referer and timestamp. These are kept for at most 14 days to maintain availability and security; they are not used for analytics or profiling and are never shared with third parties.
Briefing-request form
The briefing-request form at #contact (posting to /api/contact) is the only form on parlaiment.eu. When you submit it, we receive:
- your name;
- your work email address;
- your role (selected from a short list — MP, party staff, party IT, DPO, other);
- your parliament or party affiliation (free text);
- the content of your message;
- a GDPR data-processing consent indicator (required to submit the form);
- an optional marketing-contact consent indicator (currently unused — always
false); - the page language you submitted from, and a country code derived from that language;
- request metadata captured server-side by our application: IP address, user-agent and HTTP referer.
We use this data only to respond to your briefing request. We do not enrich it from third-party sources, and we do not transfer it outside the EU.
Anti-spam
The form includes a hidden honeypot field. When a submission fills it, the request is rejected before any data is stored. No CAPTCHA service, no behavioural scoring and no third-party anti-spam provider is involved.
4 · Purposes & legal basis
| Purpose | Basis | Retention |
|---|---|---|
| Operate the website (security, availability) | Art. 6 (1) (f) GDPR — legitimate interest | ≤ 14 days (access logs) |
| Respond to your briefing request | Art. 6 (1) (b), (f) GDPR — pre-contractual / legitimate interest, supported by your consent indicator | 24 months after last contact |
| Statutory retention (tax / commercial), where applicable | Art. 6 (1) (c) GDPR | up to 10 years |
5 · Retention
We delete personal data when the purpose for which it was collected has been fulfilled, unless statutory retention obligations require longer storage. Briefing-request records are retained for up to 24 months from the last meaningful exchange so that we can pick up a conversation that resumes after a recess or election cycle. You can request earlier deletion at any time (see § 7).
6 · Processors
A current list of the sub-processors involved in operating parlaiment.eu is on the separate Sub-processors page. The hosting and infrastructure stack is identical to airia.systems and parlaiment.app, all within the EU.
7 · Your rights
Under the GDPR you have the right of access (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction (Art. 18), data portability (Art. 20) and to object (Art. 21). To exercise any of these, write to [email protected]. You also have the right to lodge a complaint with a supervisory authority — for AIRIA Systems GmbH this is the Berliner Beauftragte für Datenschutz und Informationsfreiheit.
8 · Cookies & tracking
parlaiment.eu sets no cookies. It uses no analytics provider, no advertising tags, no third-party embeds, no social-media widgets, no chat widget and no fonts hosted by third parties beyond Google Fonts fonts.googleapis.com / fonts.gstatic.com, which are loaded with the standard <link rel="preconnect"> hint and serve fonts only (no cookies, no scripts). If you prefer to block them, your browser's font-block setting will not affect functionality — the page degrades to system fonts.