AICTPO AI Coding Agents Knowledge Module
AICTPO AI Coding Agents Privacy Policy — Knowledge Module
AICTPO AI Coding Agents knowledge module — UI selectors, data model, and page states documenting Privacy Policy.
sidebutton install aictpo Privacy Policy
GDPR-compliant privacy policy at /privacy. Static content; no interactive state beyond rendering. The page is required to be reachable from every other page on the site (typically via a footer link).
Required sections (per GDPR)
| Section | Purpose |
|---|---|
| Controller | Identity and contact of the data controller |
| Data Protection Officer | DPO contact (if appointed) |
| Categories of data collected | What personal data is processed |
| Purposes of processing | Why each category is collected |
| Legal basis | Art. 6(1) GDPR basis: consent, contract, legal obligation, vital interests, public task, legitimate interests |
| Recipients | Third parties or categories of recipients |
| International transfers | Countries outside the EU/EEA + safeguards |
| Retention | How long each category is kept |
| User rights | Access, rectification, erasure, restriction, portability, objection, withdraw consent, complain to a supervisory authority |
| Automated decision-making | Existence and logic of any automated decisions, including profiling |
| Source of data | If data not collected from the data subject |
| Cookies | Categories used, purpose, opt-out mechanism |
Layout
Single column of headings + paragraphs inside the global page chrome. Long-form text; no carousels, accordions, or other interactive components by default.
Common tasks
Verify required sections present: snapshot the main content, check each required heading is present.
Verify last-updated date: locate the "Last updated" / "Letzte Aktualisierung" line, parse the date, assert it is plausibly recent.
Verify cookie disclosure aligns with deployed cookies: cross-check the cookie list against what the site actually sets in the browser at first visit.
Verify supervisory authority contact: assert the DPA contact (typically the relevant German Landesdatenschutzbeauftragte) is named and reachable.
Gotchas
- Privacy policy text is the controlling document for compliance — accuracy matters more than SEO. Do not rewrite copy for keyword optimization.
- The page may exist in two languages (English and German) at parallel URLs. Both must stay in sync.
- Cookie disclosure must match the actual cookie banner behavior — drift between the policy text and the cookie consent UI is itself a GDPR violation.
- "Last updated" should be re-stamped any time the policy changes; QA can flag stale dates as a soft signal that copy may have drifted from current practice.