LLMX Privacy Policy

Last updated: February 19, 2026

1. Introduction

Welcome to LLMX ("the Website," "we," "us," or "our"). We are committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our services.

Data Controller:

• Name: Dmytro Chaban
• Address: Dusekestr 8, 13187, Berlin, Germany
• Email: [email protected]

This Privacy Policy applies to all users globally and outlines your rights under the General Data Protection Regulation (GDPR) and other applicable data protection laws.

2. Personal Data We Collect

We collect the following categories of personal data:

1. Contact & Communication Data

   • Email address (when you contact us)
   • Name (if provided)
   • Message content and communication history

2. Website Usage Data

   • Pages visited
   • Time spent on site
   • Links clicked
   • Browser type and device information

3. Technical Communication Data

   • Notes you choose to share about technical topics
   • Technical discussions and knowledge sharing

4. Technical Data

   • Session information
   • Basic analytics data

Note: We do not sell personal data and we do not use advertising trackers.

3. How We Use Your Data

3.1 Communication

• To respond to your inquiries about AI topics
• To provide information about LlamaIndex and AI implementation
• To maintain communication records

3.2 Service Improvement

• To understand how visitors interact with the LLMX website
• To improve content and user experience
• To analyze which AI topics and services are most relevant to visitors

3.3 Technical Collaboration

• To maintain records of technical discussions and shared knowledge
• To collaborate on open-source projects and technical initiatives
• To follow up on ongoing technical conversations

3.4 Website Analytics

• To understand user behavior and optimize site performance
• To improve navigation and content organization
• We use Google Analytics 4 (GA4), loaded only after consent, to measure usage patterns
• We also use Cloudflare Web Analytics for aggregated, cookie-free traffic metrics

We do not share your personal data with third-party advertisers for targeted marketing purposes.

4. Legal Basis for Processing

We process your personal data under the following legal bases:

• Consent: Where you have given clear consent for specific processing (e.g., GA4 analytics, contact forms, newsletter sign-up)
• Performance of Collaboration: To fulfill commitments in technical collaborations and knowledge sharing
• Legitimate Interest: To enhance security, improve our website, and respond to your inquiries

5. Data Retention

1. Communication Data: We retain communication data for up to 3 years to maintain continuity for ongoing technical discussions and collaboration.
2. Contact Form Submissions: Retained for 1 year, after which they are deleted unless ongoing communication continues.
3. Deletion Requests: When you request deletion of your data (via [email protected]), we will process this request within 30 days.

6. Data Sharing and Third Parties

6.1 Third-Party Services We Use

We share or process certain data with the following third-party services, all of which we understand to be GDPR-compliant:

1. Google Analytics 4 (Google LLC) (Usage Analytics)

   • Purpose: Measuring visits, interactions, and content performance
   • Data Shared: Analytics event and device/browser metadata collected after user consent

2. Cloudflare (CDN, Security, and Web Analytics)

   • Purpose: DDoS protection, content delivery, bot mitigation, and privacy-friendly traffic analytics
   • Data Shared: Technical request metadata (such as IP address, user-agent, and requested URL) processed by Cloudflare to provide security and analytics features

3. Brevo (formerly Sendinblue) (Newsletter Service)

   • Data Shared: Email address when you subscribe to our newsletter
   • Purpose: Managing newsletter subscriptions and sending updates

4. Google Cloud Platform (GCP) (Hosting)

   • Data Stored: Our website and databases operate on secure cloud infrastructure

Typography note: We do not use third-party font CDNs. Fonts are rendered using local/system font stacks.

6.2 Data Processing Agreements (DPAs)

We maintain appropriate data processing agreements with third-party services to ensure compliance with GDPR requirements.

7. Your GDPR Rights

Under the GDPR, you have the right to:

1. Access: Request a copy of the personal data we hold about you.
2. Rectification: Ask us to correct any inaccuracies in your data.
3. Erasure ("Right to be Forgotten"): Request the deletion of your data where there is no compelling reason for us to keep it.
4. Restriction of Processing: In certain circumstances, you have the right to restrict the processing of your data.
5. Data Portability: Obtain a copy of your data in a structured, commonly used, and machine-readable format.
6. Object to Processing: Object to certain types of processing (e.g., analytics).

To exercise any of these rights, please email us at [email protected].

8. Data Security

We have implemented appropriate technical and organizational measures to protect your personal data:

• Encryption: Data is encrypted in transit (HTTPS) and at rest where applicable.
• Access Controls: Limited access to personal data on a need-to-know basis.
• Regular Reviews: Periodic review of security measures and privacy practices.

9. Cross-Border Data Transfers

LLMX operates primarily in the European Union. However, if you reside outside the EU, your data may transit or be accessed from your jurisdiction. We strive to ensure an adequate level of protection for your data by:

• Hosting data in EU-based servers to the extent possible.
• Using GDPR-compliant services that utilize Standard Contractual Clauses (SCCs) or equivalent safeguards for any transfers outside the EU/EEA.

10. Cookies and Tracking Technologies

We do not use marketing or advertising cookies.

10.1 Google Analytics (GA4) Cookies

• We use GA4 only after consent via our cookie banner.
• GA4 may set analytics cookies (for example _ga and _ga_*) to distinguish visits and measure site usage.
• You can accept or decline analytics cookies in the banner.

10.2 Cloudflare Web Analytics

• We use Cloudflare Web Analytics for aggregated traffic statistics.
• According to Cloudflare, this analytics product does not use client-side cookies.
• The analytics data helps us understand page performance and content usage trends.

10.3 Strictly Necessary Cloudflare Cookies

Cloudflare may set strictly necessary security cookies where required for bot protection and traffic integrity, including:

• __cf_bm (bot management / abuse prevention)
• _cfuvid (used in some rate-limiting or security scenarios)

These cookies are used only for security and technical operation of the site and are not used for advertising or cross-site tracking.

10.4 Cookie Banner and Consent Storage

We show a cookie banner to collect consent for GA4 analytics cookies. We store your choice in a host-only cookie (llmx_consent) so your preference can be applied on future visits.

10.5 Region Cookie

We use a short-lived cookie (llmx_region) to determine whether you are visiting from the EEA/UK/Switzerland so we can show the cookie banner only where required and gate analytics accordingly.

10.6 Privacy information

Further details:

• Google Privacy Policy
• Google Analytics Privacy Policy
• Cloudflare Privacy Policy
• Cloudflare Cookies
• Cloudflare Web Analytics

11. Minors and Sensitive Data

Our Website is not targeted at individuals under the age of 16, and we do not knowingly collect personal data from minors. We also do not process special categories of personal data (e.g., health, religion, ethnicity) as part of our standard operations. If you believe a minor has provided us with personal data, please contact [email protected] so we can remove it.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal obligations. We will notify users of significant changes via email (if we have your contact information) and post a revised policy on our website with an updated "Last updated" date at the top.

13. Contact Us

If you have any questions about this Privacy Policy, would like to exercise your rights, or have concerns about how we process your personal data, please reach out to:

• Email: [email protected]
• Address: Dusekestr 8, 13187, Berlin, Germany

Thank You

We appreciate your trust in LLMX. By using our services, you acknowledge that you have read and understand this Privacy Policy. Your continued use of the Website indicates your acceptance of our data practices.

If you do not agree with any part of this Privacy Policy, please discontinue using the Website and contact us for any clarifications.