Privacy Policy

Effective Date June 1, 2023

This privacy policy is formulated to help you understand which data we collect about you, how we use that data and who we share it with. This is to help you make informed decisions about your Personal Data when using our website and services. With the term "Personal Data" we follow the terminology and meaning of "personal data", governed by the European data protection legislation (i.e. GDPR).

By using or accessing our website and services in any manner you acknowledge that you have read and understand the practices and policies outlined in this privacy policy, including our collection, use and sharing of your Personal Data in the ways that are outlined in the following.

If you do not agree with this privacy policy, please do not access and use our services.

Your use of querifai’s Services is subject to the Terms of Service and this Privacy Policy. If you have any questions, feel free to contact us at

Who We Are

querifai GmbH, registered in Germany, offers discovery of AI/ML services that are available via API (application programming interface), i.e. are typically pre-trained and can be used without deep AI/ML engineering know how. We help organizations to find the right vendor for their specific data at hand. Our services cover visual, audio, language and tabular data. If no sufficient solution is available on the market, we also offer to build custom solutions, incl. hosting of models for easy integration via REST-API.

querifai was founded in November 2022 and is headquartered in Munich, Germany

What This Privacy Policy Covers

This Privacy Policy describes how we collect, use and share your personal data...

... when you visit, use or interact with our websites or social media pages, or other publications, or when you receive marketing communications from us,

... when you access or use our website/ services as an authorized user (registered/ logged in user), for example as an individual customer or as an employee of a customer that has provided you with access,

... when your personal data is included in the content that we process in connection with the Services.

GDPR Article 4 gives the following definition for “personal data”:

‘Personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific [...] of that natural person.

This Privacy Policy does not cover the practices of companies we don’t own or control. This applies in particular to the suppliers that provide the AI/ML services that we make accessible on our platform.

Similar, this Privacy Policy may not apply to the Personal Data that we process as data processor or service provider on behalf of a customer. We are not responsible for the privacy practices of our customers or other third parties, which may differ from those described in this privacy policy.

Sources of personal data

We collect personal data about you from..., when you provide this information directly to us:

... other Service users, when they provide personal data about you when they use our services, regardless if this happens with or without your knowledge and/or consent:

... Service providers: when we use analytics service providers to analyze how our users engage with our website.

Furthermore, we utilize datasets from third party data providers and publicly available sources to provide and improve our Services, some of which may contain personal data, e.g. images of individuals.

Finally also we may produce personal data about you, when we add annotations to the content that users send to us.

Categories of personal data that we collect

Category of Personal Data Examples of collected data Source Third Parties with whom we share data for business purposes
Contact Data/Identifiers
  • First and last name
  • Email
  • Company name
  • Password
  • You
  • Third parties
  • Service providers
  • Parties authorized and/or authenticated by you or a user that is sharing your personal data with us
Social Network and other Connected Platform Data
  • URLs of publicly available accounts on social networks such as LinkedIn
  • Online Identifiers
  • Social media profile IDs
  • You
  • Third parties
  • Service providers
  • Parties authorized and/or authenticated by you or a user that is sharing your personal data with us
Device/IP Information
  • IP address
  • Browser
  • You
  • Third parties
  • Service providers
Web Analytics
  • Browsing history
  • Search history
  • Geographic information
  • Length of visit
  • Pageviews
  • Referral source
  • adIDs
  • Forms submitted
  • Content downloaded
  • You
  • Third parties
  • Service providers
Biometric Data
  • Images and videos and information relating to images or videos, such as patterns associated with images or videos for facial recognition purposes
  • You
  • Third parties
  • Service providers
  • Parties authorized and/or authenticated by you or a user that is sharing your personal data with us
Other Visual Information
  • Data may include other types of information which may constitute Personal Data (e.g. an image of a car showing also the license plate).
  • You
  • Third parties
  • Service providers
  • Parties authorized and/or authenticated by you or a user that is sharing your personal data with us
Geolocation and other metadata
  • Geolocation and other metadata which may constitute Personal Data.
  • You
  • Third parties
  • Service providers
  • Parties authorized and/or authenticated by you or a user that is sharing your personal data with us
Predictions and Tags
  • You or an authenticated user may use our models and algorithms to make predictions about data that you or a user send to us, or to add tags to such data.
  • These predictions and tags may contain Personal Data, including age, gender or other demographic data, identifiers, biometric data or geolocation data.
  • You
  • Third parties
  • Service providers
  • Parties authorized and/or authenticated by you or a user that is sharing your personal data with us
Inferences, predictions and tags generated by us
  • We may infer new personal data from the data that we collect from you or other users, e.g. to generate information about your characteristics (such as using our models and algorithms to make predictions about age, gender and other demographics biometric data or geolocation data).
  • We may also add tags that contain personal data about you to describe data we collect.
  • Generated by us
  • Service providers

How we use your personal data

We use the personal data to provide and improve our services for our customers. Our business or commercial purposes for collecting this Personal Data include:

To perform our contract with you or where we don't have a contract with you, in reliance on our legitimate interests, to operate and provide our service,

to provide you with the content, products or services you access and request, and to register, administer and maintain your account.

To secure the services in reliance on our legitimate interests, for example:

to track use of our websites to maintain data security, including to verify accounts and activity, and investigate suspicious activity. Also to enforce our terms of use, and to protect our rights and the rights of others.

To improve and develop our services in reliance on our legitimate interests, for example:

to analyze trends to identify opportunities to improve our Services, to develop new features, capabilities or products, to train and improve machine learning models and algorithms, and to improve our internal operations and systems and for staff training purposes.

For our marketing purposes, for example:

to conduct marketing research to improve the effectiveness of our marketing campaigns, to send you marketing communications in accordance with your preferences, including product recommendations, and to display advertising and relevant offers to you on our website and third-party websites, based on your activities.

To communicate and stay in touch with you, for example:

to respond to inquiries about our offering, e.g. when you email us or fill out a web form or request support, to send you information related to our Services such as notifications, expiration and renewal notices, technical notices and service updates, security alerts and administrative messages, to provide customer support, troubleshoot and diagnose product problems, and manage events for which you have registered.

For other legitimate business purposes, for example:

to update and analyze our personal data records, to protect, investigate, and deter against fraudulent, unauthorized, or illegal activity.

To comply with our legal obligations, for example:

to cooperate with public and government authorities, courts or regulators in accordance with our legal obligations under applicable laws, to the extent this requires the processing or disclosure of your Personal Data, and to defend your or our interests in actual or threatened legal proceedings, or regulatory, administrative, or legislative inquiries or investigations.

How we share your personal data

This section describes how we share and transfer the personal data that we collect.

Our service, as an aggregator and comparison vehicle for commercial machine learning APIs, relies at its core on the sharing of data with ML API service companies that you choose to upload and process. In case you choose to upload and process data that contains Personal data, such data may be shared with ML API service companies. As such, you are ultimately responsible for uploading only data in an GDPR compliant way.

We transfer data to these services (e.g AWS, Google cloud, Microsoft Azure) for machine learning purposes, if you select them. However, we also use their cloud offerings to provide our services. This entails, e.g. the following:

Service Provider Privacy notice
File storage Google Cloud
Database AWS
Messaging (to facilitate distributed computing) Google Cloud

We may use additional providers that facilitate the above listed services.

We use your Personal Data for a variety of purposes, where permitted by applicable law:

In certain circumstances, we may disclose your Personal Data to the following categories of service providers and other parties:

Categories of third parties with whom we share personal data Our business purpose for data sharing
Payment Processors Our payment processing partner (Stripe) collects your voluntarily provided payment card information necessary to process your payment. Please see Stripe’s terms of service and privacy policy ( for information on its use and storage of Personal Data
Hosting, Technology and Communications Providers; Fulfillment Providers; Data Storage Providers; Analytics Providers
  • Performing operational services (such as hosting, billing, fulfillment, data storage, security, web service analytics) and/or make certain services, features or functionality available to our users. We have listed a number of these providers above
  • Debugging to identify and repair errors that impair existing intended functionality,
  • Maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing analytic services
  • Undertaking internal research for technological development and demonstration
  • Undertaking activities to verify or maintain the quality or safety of our services
Social Media Services We will share your Personal Data if you intentionally interact with any social media service through our websites or social channels.
In business transfers

All Personal Data may be transferred to a third party if we undergo a merger, acquisition, bankruptcy or other transaction in which that third party assumes control of our business (in whole or in part). We will make reasonable efforts to notify you before your information becomes subject to different privacy and security policies and practices.

In government requests or in legal processes

If we are required to hand over information to government authorities or as part of a legal process (like a lawsuit or arbitration) and we are permitted to do so, we will notify you of the requirement to disclose your Personal Data.

International transfers

querifai is headquartered in Germany and has service providers in other countries. Where possible, we will indicate if services are hosted within the European Union or not. If you choose to provide personal data to a service that is not hosted inside the European Union, your personal information may be transferred for storage and processing to other locations outside the European Union, e.g. the United States, or other governmental jurisdiction where the data protection laws may not be as protective as those in your jurisdiction. By providing your personal information through the Services, you consent to such transfer, storage and processing.

Automatic collection of personal data

Our website use cookies and similar technologies to enable our servers to recognize your web browser and tell us how and when you visit and use our Services, to analyze trends, learn about our user base, and operate and improve our Services.

This helps us to tailor our services by tracking navigation habits, measuring performance, and to customize user experiences.

Cookies are small pieces of data placed on your computer, tablet, phone, or similar device when you visit our website.

Do Not Track

Your browser may offer you a “Do Not Track” option, which allows you to signal to website operators that you do not wish them to track your online activities over time and across different websites. Not all browsers offer a Do Not Track option and there is currently no industry consensus as to what constitutes a Do Not Track signal. For these reasons, our Services, like many web service site operators, do not support Do Not Track requests.

To make your choice of cookies easier, we distinguish three different types of cookies:

Essential Cookies

We place only one essential cookie on your computer that remembers your choice of cookies, so that we do not need to ask you on every page request again.

Functional Cookies

Essential or functional Cookies are used to record your choices and settings, maintain your preferences over time and recognize you when you return to our Services. These are also necessary to provide you with core features of our service, including log in to your account. Disabling these Cookies will make certain features and services unavailable.

Performance/Analytical Cookies

Performance/Analytical Cookies allow us to understand how visitors use our Services such as by collecting information about the number of visitors to the Services, what pages visitors view on our Services, how long visitors are viewing pages on the Services, mouse clicks, mouse movements, scrolling activity, and text typed into the Services. Performance/Analytical Cookies also help us measure the performance of our advertising campaigns in order to help us improve our campaigns and the Services’ content for those who engage with our advertising. For example, Google uses cookies in connection with its Google Analytics services. Google’s ability to use and share information collected by Google Analytics about your visits to the Services is subject to the Google Analytics Terms of Use and the Google Privacy Policy. You have the option to opt-out of Google’s use of cookies by visiting the Google advertising opt-out page at or the Google Analytics Opt-out Browser Add-on at

Please refer to our Cookie Policy for more details

You can decide whether or not to accept Cookies through your internet browser’s settings. Most browsers have an option for turning off the Cookie feature, which will prevent your browser from accepting new Cookies. You may also be able to reject mobile device identifiers by activating the appropriate setting on your mobile device. You can also delete all Cookies that are already on your device. Although you are not required to accept querifai’s Cookies, if you block, reject, or delete them, you may have to manually adjust some preferences every time you visit our website and some of the Services and functionalities may not work.

Log Files

Like most websites, we also gather information automatically to analyze trends in the aggregate. This information may include your Internet Protocol (IP) address (or the proxy server you use to access the World Wide Web), your browser type, the pages and files you viewed, your operating system, your actions in connection with our website, and date/time stamps associated with your usage.

Personal Data of Children; Age Requirement

The Services are not directed to or intended for use by children under 18, and children under 16 are prohibited from using the Services. We do not knowingly collect or solicit personal data from children under 18; If you are a child under 18, please do not attempt to register for or otherwise use the Services or send us any Personal Data.

Your Privacy Rights

Right to access, edit and remove your information

Following GDPR, you have a right to access personal data that we hold about you. Whenever you use our services, we try to ensure that the Personal information is correct. However, if you find that any information is wrong, we provide you with a mean to update or delete it, unless we have to keep selected information for legitimate or legal purposes, this may include e.g an email address as long as you have an active account with us.

When updating your personal data, we may ask you to verify your identity before making any changes. We may reject requests that are unreasonably repetitive, require disproportionate technical effort (e.g., developing a new system or changing an existing practice), or would be very impractical (e.g., requests concerning information residing on backup systems). Where we can provide information access and correction, we will do so for free, except where it would require a disproportionate effort. Because we protect information from accidental or malicious destruction, even after information is deleted from the Services, it may not be immediately deleted from our servers. However, we will strive to delete the data in a timely manner. Data you entered or uploaded to querifai typically can be deleted by yourself, unless needed for legal or procedural reasons, e.g. outstanding payments. To request removal of data you cannot delete yourself, please contact us at In cases, we may not be able to remove your data we will let you know if we are unable to do so and why.

More general, your rights concerning access, edit and removal of your data follow the rules set out in the european general data protection regulation (GDPR). Specifically, your rights to access are described in Art. 15 GDPR, your right to be forgotten (right to erasure) is set out in Art. 17 GDPR, furthermore, you have rights to

Security measures

The security of your personal data is important to us. We maintain a variety of suitable technical and organizational security measures to protect your personal data. However, no method of transmission over the Internet, any method of electronic storage or any other method of security is 100% secure. Therefore, while we strive to make reasonable efforts to protect your personal information, we cannot guarantee its absolute security.

You are also responsible for helping to protect the security of your personal information. For example, never share your password and protect your username, password and personal login information when using the Services so that others do not have access to your personal information. In addition, you are responsible for maintaining the security of any personal computing device on which you use the Services.

Data processor vs. data controller

querifai is the controller of your personal data for the purpose of European data protection legislation. You can contact the data protection officer at

Note that we may process your Personal Data on behalf of a customer, in which case we are the data processor of your Personal Data. If we are the data processor of your Personal Data (i.e., not the data controller), please contact the relevant querifai Customer (as the data controller) to address your rights with respect to such data.

Grounds for personal data processing

We will only process your Personal Data if we have a lawful basis for doing so. Lawful bases for processing include consent, contractual necessity and our “legitimate interests” or the "legitimate interest" of others.

Contractual necessities include for instance keeping your email address on our records to keep your account open, your payment preferences to manage billing, etc.

Third party interests include for instance your IP information, browsing data, to help us understand our customer base where we use a service to measure website performance.

Other Processing Grounds include the need to process Personal Data to comply with a legal obligation.

Changes to this privacy policy

We’re constantly trying to improve our Services, so we may need to change this Privacy Policy from time to time as well. However, we will alert you to any material changes by placing a notice on our website, by sending you an email, and/or by some other means. If you use our Services after any changes to the Privacy Policy have been posted, then your use of the Services is subject to the Privacy Policy in effect at the time.

Contact Information

If you have any questions/comments about this Privacy Policy, the ways in which we collect and use your Personal Data, or your choices and rights regarding such use, please do not hesitate to contact us at: Email: