Clean-Core.io

Privacy Policy (Datenschutzerklärung)

1. Privacy at a Glance

Protecting your personal data is our top priority. Below, we inform you about what data we collect, process, and store during your visit and use of our Pilot program.

Controller: Felix Frenzel, Hellerstraße 9, 96047 Bamberg, Germany, E-Mail: info@clean-core.io.

2. Data Collection & Processing Purposes

We process personal data of our users only as far as necessary to provide a functional pilot platform as well as our contents and services.

  • Google Authentication (Firebase Auth): To sign in, we use Google Sign-In. This securely reads your name, email address, and profile picture from your Google account to authenticate your user session and establish access privileges.
  • Firestore User Profiles: We store metadata about your platform usage (e.g., number of performed code transformations, system limits, as well as your first and last name) in our secure database.
  • Bring Your Own Key (BYOK): If you configure your own Google Gemini API key in the settings, this key is encrypted and stored in our secure Firestore instance. It is used exclusively to forward your transformation requests directly via a secure backend proxy to the Gemini API, never exposing your key to the browser.

3. Processing of Source Code & Project Assets

The ABAP source files you upload and the generated modernization artifacts (such as solution designs, TypeScript code, and test cases) are stored in our secure Google Firebase cloud environment in Europe.

Important Security Notice: We do not sell, rent, or use your uploaded source code for commercial purposes. For AI-driven modernization, source code is transmitted via secure, authenticated channels to the Google Gemini API. Our integration utilizes stateless API requests, meaning that your uploaded codes and projects are never stored or used to train Google's foundational AI models.

4. Cloud Node Hosting & Third-Party Services

To provide this service, we rely on the following trusted cloud services:

  • Google Cloud Platform & Firebase: Hosted on secure European servers in the Belgium (europe-west1) region for low-latency, fully GDPR-compliant authentication and database operations.
  • Google Gemini API: Generative AI models used exclusively for code transformation, utilizing secure stateless proxy layers.

5. Your Rights Under GDPR (including Art. 17 Deletion)

Since our platform is hosted in compliance with EU regulations, you have all rights under the General Data Protection Regulation (GDPR):

  • Right of Access (Art. 15 GDPR)
  • Right to Rectification (Art. 16 GDPR)
  • Right to Erasure / "Right to be Forgotten" (Art. 17 GDPR)
  • Right to Restriction of Processing (Art. 18 GDPR)
  • Right to Data Portability (Art. 20 GDPR)
  • Right to Withdraw Consent (Art. 7 Abs. 3 GDPR)

To exercise these rights, particularly to cascadingly erase all your data immediately, you can trigger account deletion directly in your Profile Settings under the Danger Zone, which will permanently and instantly wipe all database and authentication entries. Alternatively, contact us at info@clean-core.io.

Clean-Core.io v1.7.4 (2026-06-17)