Privacy Notice

Joseph Scheicher, Polgarstraße 22/3, Tür 10, 1220 Vienna, Austria. Please send privacy requests to hi@midl.art.

• Server and security data such as IP address, time of access, pages visited, user agent, and technical errors.
• Shop and order data such as name, contact details, delivery address, cart contents, product data, and checkout information.
• Payment data, to the extent it is processed by Stripe, PayPal, or a crypto payment provider offered at checkout.
• Newsletter data such as email address, time of sign-up, sign-up source, and double-opt-in status.
• Chat data from Midl, including your messages, optional product or room context, an anonymous visitor ID, and stored preferences when long-term memory is active.
• Lead data for leasing, artist inquiries, or contact handoffs, such as name, email, phone number, website, requested works, term length, and business context.
• Local data in your browser, such as cart ID, chat history, anonymous visitor ID, and the NFC access cookie for unlocked content.

• Operating, securing, and debugging the website, based on legitimate interests under Art. 6(1)(f) GDPR.
• Shop, checkout, payment, delivery, leasing initiation, and customer communication, for the performance of a contract or pre-contractual steps under Art. 6(1)(b) GDPR.
• Accounting, tax, and retention obligations under Art. 6(1)(c) GDPR.
• Newsletter delivery based on consent under Art. 6(1)(a) GDPR. Consent can be withdrawn at any time.
• Personalised Midl interaction and recognition via an anonymous visitor ID, based on legitimate interests or, where legally required, on your consent.

Midl is an AI-assisted gallerist. Your messages may be transmitted to the Midl agent and to AI and infrastructure providers such as Anthropic, OpenAI, LangGraph/LangSmith, or Mem0, to the extent these services are active for response generation, quality assurance, or long-term memory.

Long-term memory is keyed to an anonymous visitor ID stored in your browser. The trash icon in the chat clears the visible history, starts a new chat session, and requests deletion of the associated long-term memories. You can also request deletion at any time by email to hi@midl.art.

Depending on how you use the site, data may be shared with hosting and infrastructure providers, Shopify, Stripe, PayPal, crypto payment providers, Beehiiv, Sentry, Sanity, AI providers, shipping and logistics partners, and tax, legal, or accounting service providers. Data processing agreements are concluded with processors where required.

Some service providers may process personal data outside the EU/EEA, in particular in the United States. Where required, this is based on an adequacy decision, the EU-US Data Privacy Framework, standard contractual clauses, or other appropriate safeguards under the GDPR.

Data is stored only as long as necessary for the respective purpose. Order, invoice, and business records are kept for the statutory retention periods. Newsletter data is kept until you withdraw consent. Chat history in your browser stays local until you delete it. Server and error logs are generally kept short term, unless a longer retention is required for security or legal defence.

The website uses necessary cookies and similar local storage, for example for the cart, chat history, anonymous visitor ID, and NFC access. The application code currently includes no advertising tracking or analytics pixels. Should marketing or analytics cookies be introduced in the future, they will only be activated with prior consent.

Under the GDPR you have the rights to access, rectification, erasure, restriction, data portability, objection, and withdrawal of consent. You also have the right to lodge a complaint with the Austrian Data Protection Authority: Barichgasse 40-42, 1030 Vienna, dsb.gv.at.