Privacy policy
In the following, we would like to explain to you, with the help of our privacy policy, how your data is processed by us.
Responsible within the meaning of the GDPR
Odego GmbH
Thomas Gumpinger
Tempowerkring 21a
21079 Hamburg, Germany
[email protected]
If you contact us by e-mail or via a contact form, the data you provide will be stored by us in order to process your request.
The processed data includes:
- Name
- Company
- e-mail address
We will delete the data as soon as storage is no longer necessary or restrict processing if there are statutory retention obligations.
Rights of data subjects
As a data subject, you have the right to information, the right to rectification or erasure, the right to restriction of processing and the right to object to the processing of your data. If you have given us your consent, you can revoke it at any time with effect for the future.
Please send your objection informally to the contact details of the responsible within the meaning of the GDPR.
You also have the right to data portability. You also have the right to complain to a supervisory authority about the processing. You can find a list of the relevant authories at: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.
Cookies
We use cookies. Cookies are small text files that are stored on your end device when you access the site. They cannot transfer viruses or malware to your computer, but they do contain information that enables the user to be identified.
A distinction must be made between transient cookies, which are deleted as soon as your browser is closed, and persistent cookies, which are stored beyond the respective session and recognize you the next time you visit the website.
In terms of function, a distinction must be made between technically necessary and non-essential cookies.
Technically necessary cookies
Here you will find all cookies that are necessary for the operation of our website and its function (technically necessary cookies). These are usually set in response to an action you have taken. These include registration, login or settings such as language or cookie preferences. It is possible to deactivate these cookies in the browser. In this case, we can no longer guarantee that our website will function properly.
| Cookie-Name | Host | Type | Purpose | Third Party Service | Validity Period | Destination Country |
|---|---|---|---|---|---|---|
| PHPSESSID | cquenz.com | Cookie | This cookie is used to track the user during a session. | No | Session | Germany |
| icwp-wpsf-notbot | cquenz.com | Cookie | This cookie is used for bot detection. | No | 10 Minutes | Germany |
| pll_language | cquenz.com | Cookie | This cookie is used to save the display language of Polylang. | No | 1 Year | Germany |
| shield-notbot-nonce | cquenz.com | Cookie | This cookie is used by the Shield Security Plugin to prevent malicious activity. | No | 2 Minutes | Germany |
| __stripe_mid | stripe.com | Cookie | This cookie is necessary to process credit card transactions on the website. The service is provided by Stripe, which enables online transactions. | Yes | 1 Year | United States of America |
| __stripe_sid | stripe.com | Cookie | This cookie is necessary to process credit card transactions on the website. The service is provided by Stripe, which enables online transactions. | Yes | 1 Day | United States of America |
| m | stripe.com | Cookie | Determines the device used to access the website. This allows the website to be formatted accordingly. | Yes | 400 Days | United States of America |
| _ab | stripe.com | Cookie | This cookie is necessary to process credit card transactions on the website. The service is provided by Stripe, which enables online transactions. | Yes | Session | United States of America |
| _mf | stripe.com | Cookie | This cookie is necessary to process credit card transactions on the website. The service is provided by Stripe, which enables online transactions. | Yes | Session | United States of America |
| id | stripe.com | Cookie | This cookie is necessary to process credit card transactions on the website. The service is provided by Stripe, which enables online transactions. | Yes | Session | United States of America |
| 1 | stripe.com | Cookie | This cookie is used in connection with the payment window. The cookie is required for secure transactions on the website. | Yes | Session | United States of America |
| Cognito.LastAuthUser | cquenz.pro | Cookie | This cookie is only set if Cquenz Analytics are used. It is used for authorization. | No | 30 Days | Germany |
| Cognito.${usermail}.accessToken | cquenz.pro | Cookie | This cookie is only set if Cquenz Analytics are used. It is used for authorization. | No | 1 Hour | Germany |
| Cognito.${usermail}.refreshToken | cquenz.pro | Cookie | This cookie is only set if Cquenz Analytics are used. It is used for authorization. | No | 1 Day | Germany |
| Cognito.${usermail}.tokenScopesString | cquenz.pro | Cookie | This cookie is only set if Cquenz Analytics are used. It is used for authorization. | No | 1 Day | Germany |
| anInstanceToken | cquenz.pro | Cookie | This cookie is only set if Cquenz Analytics are used. It us used to assign the user and Analytics instance. | No | 1 Day | Germany |
| cquenz-persistent-store-module-state | cquenz.pro | Local Storage | Saves device-specific user settings. | No | Germany | |
| amplify-redirected-from-hosted-ui | cquenz.pro | Local Storage | Used for the authorization of API requests. | No | Germany | |
| vuepress:redirect:${uriPath} | cquenz.pro | Local Storage | Used for the language of the Cquenz documentation. | No | Germany | |
| CognitoIdentityServiceProvider.786t5c42nckbb6edje16nb0n90.${usermail}.clockDrift | cquenz.pro | Local Storage | Used for the authorization of API requests. | No | Germany | |
| loglevel | cquenz.pro | Local Storage | Sets the log level. | No | Germany | |
| CognitoIdentityServiceProvider.786t5c42nckbb6edje16nb0n90.${usermail}.userData | cquenz.pro | Session Storage | Used for the authorization of API requests. | No | Session | Germany |
| amplify-auth-uses-session-storage | cquenz.pro | Session Storage | Used for the authorization of API requests. | No | Session | Germany |
| CognitoIdentityServiceProvider.786t5c42nckbb6edje16nb0n90.${usermail}.accessToken | cquenz.pro | Session Storage | Used for the authorization of API requests. | No | Session | Germany |
| CognitoIdentityServiceProvider.786t5c42nckbb6edje16nb0n90.lastAuthUser | cquenz.pro | Session Storage | Used for the authorization of API requests. | No | Session | Germany |
| CognitoIdentityServiceProvider.786t5c42nckbb6edje16nb0n90.${usermail}.idToken | cquenz.pro | Session Storage | Used for the authorization of API requests. | No | Session | Germany |
| amplify-signin-with-hostedUI | cquenz.pro | Session Storage | Used for the authorization of API requests. | No | Session | Germany |
| CognitoIdentityServiceProvider.786t5c42nckbb6edje16nb0n90.${usermail}.refreshToken | cquenz.pro | Session Storage | Used for the authorization of API requests. | No | Session | Germany |
You can delete individual or all cookies via your browser settings. You alsohave the option of generally deactivating cookies or restricting them to certain domains via your browser settings.
Cookies that are not technically necessary
Here you will find all cookies that are not absolutely necessary for the operation of our website and its function (technically unnecessary cookies). The use of such cookies constitutes data processing that is only permitted with your active consent (Art. 6 para. 1 sentence 1 lit. a GDPR). This also applies to the transfer of your personal data to third parties.
| Cookie-Name | Host | Type | Purpose | Third Party Service | Validity Period | Destination Country |
|---|---|---|---|---|---|---|
You can delete individual or all cookies via your browser settings. You also have the option of generally deactivating cookies or restricting them to certain domains via your browser settings.
Embedded content from other websites
Posts on this website may contain embedded content (e.g. videos, images, posts, etc.). Embedded content from other websites behaves exactly as if the visitor had visited the other website.
These websites may collect daa about you, use cookies, embed additional third-party tracking services and record your interaction with this embedded content, including your interaction with the embedded content if you have an account and are logged in to this website.
Hosting
If you do not register or log in as a visitor, we collect the following data that your browser transmits in log files:
- IP address
- Date & time of the request
- Time zone difference to Greenwich Mean Time
- Content of the request
- HTTP status code
- Amount of data transferred
- Website from which the request comes
- Information on browser & operating system
This is necessary to display our website and to ensure stability and security. This corresponds to our legitimate interest within the meaning of Art. 6 para. 1 sentence 1 lit. f GDPR.
We use the following hoster for the provision of our website.
ALL-INKL.COM – Neue Medien München (All-Inkl)
Hauptstraße 68
02742 Friedersdorf
Germany
Thsi is the recipient of your personal data and acts as a procesor for us. This corresponds to our legitimate interest within the meaning of Art. 6 para. 1 sentence 1 lit. f GDPR in not having to maintain a server on our premises ourselves. The server location is Germany.
Further information on objection and removal options vis-à-vis All-Inkl can be found at: https://all-inkl.com/info/datenschutzinformationen/.
You have the right to object to the processing. Whether the objection is successful must be determined as part of a balancing of interests.
The data will be deleted after 30 days at the latest. Storage beyond this period is possible in individual cases, e.g. in the event of an attack on our IT systems.
The processing of the data specified in this section is not required by law or contract. The functionality of the website is not guaranteed withour the processing.
Contact form
We provide you with contact forms with which we collect the following personal data:
- Name
- Company
- e-mail address
- Telephone number
Mandatory fields are marked with an *.
We also collect:
- Time of transmission
- IP address
The data is stored exclusively for the purpose of sending requests and responding to them. The mandatory information is used to assign and respond to your request. This corresponds to our legitimate interest (Art. 6 para. 1 lit. f GDPR). If you enquire about a product or service offered, the processing is carried out for the implementation of pre-contractual measures (Art. 6 para. 1 lit. b GDPR).
You have the right to object to the processing. Whether the objection is successful must be determined as part of a balancing of interests. Further information can be found under “Rights of data subjects”.
Your data will be deleted after processing has been completed. In accordance with Section 147 AO / Section 257 HGB, we have a statutory retention period of 6 years for the following documents:
- Commercial and business letters
Content Delivery Network
Cloudflare
We use the Content Delivery Network (CDN) of Cloudflare Germany GmbH, Rosental 7, c/o Mindspace, 80331 Munich Germany (Cloudflare) to increase the security and delivery speed of our website. This corresponds to our legitimate interest (Art. 6 para. 1 lit. f GDPR). A CDN is a network of distributed servers that is able to deliver optimized content to the website user. For this purpose, personal data may be processed in server log files by Cloudflare. Please refer to the explanations under “Hosting”. In addition, log files are stored to ensure the stability and security of our website.
Cloudflare is the recipient of your personal data and acts as a processor for us. This corresponds to our legitimate interest within the meaning of Art. 6 para. 1 sentence 1 lit. f GDPR not to operate a content delivery network ourselves.
You have the right to object to the processing. Whether the objection is successful must be determined as part of a balancing of interests.
The processing of the data specified in this section is not required by law or contract. The functionality of the website is not guaranteed without the processing.
Your personal data will be stored by Cloudflare for as long as is necessary for the purposes described.
Further information on objection and removal options vis-à-vis Cloudflare can be found at: Cloudflare DPA.
Cloudflare has implemented compliance measures for international data transfers. These apply to all global activities where Cloudflare processes personal data of natural persons in the EU. These measures are based on the EU Standard Contractual Clauses (SCCs). Further information can be found at:https://www.cloudflare.com/cloudflare_customer_SCCs-German.pdf.
Amazon CloudFront
We use the Amazon CloudFront content delivery network (CDN) from Amazon Web Services EMEA SARL, 38 avenue John F. Kennedy, L-1855 Luxembourg (AWS) to increase the security and delivery speed of our website. This corresponds to our legitimate interest (Art. 6 para. 1 lit. f GDPR). A CDN is a network of distributed servers that is able to deliver optimized content to the website user. For this purpose, personal data may be processed in server log files by AWS. Please refer to the explanations under “Hosting”. In addition, log files are stored to ensure the stability and security of our website.
AWS is the recipient of your personal data and acts as a processor for us. This corresponds to our legitimate interest within the meaning of Art. 6 para. 1 sentence 1 lit. f GDPR not to operate a content delivery network ourselves.
You have the right to object to the processing. Whether the objection is successful must be determined as part of a balancing of interests.
The processing of the data specified in this section is not required by law or contract. The functionality of the website is not guaranteed without the processing.
Your personal data will be stored by AWS for as long as is necessary for the purposes described.
For more information on objection and removal options vis-à-vis AWS, please visit: https://d1.awsstatic.com/legal/privacypolicy/AWS_Privacy_Notice__German_Translation.pdf.
AWS has implemented compliance measures for international data transfers. These apply to all global activities where AWS processes personal data of natural persons in the EU. These measures are based on the EU Standard Contractual Clauses (SCCs). Further information can be found at: https://d1.awsstatic.com/legal/aws-gdpr/AWS_GDPR_DPA.pdf.
Payment service provider
Stripe
We offer the option of processing the payment transaction via the payment service provider Stripe, ℅ Legal Process, 510 Townsend St., San Francisco, CA 94103 (Stripe). This corresponds to our legitimate interest in offering an efficient and secure payment method (Art. 6 para. 1 lit. f GDPR). In this context, we pass on the following data to Stripe insofar as it is necessary for the fulfillment of the contract (Art. 6 para. 1 lit. b GDPR)
- Name of the cardholder
- e-mail address
- Customer number
- Order number
- Bank details
- Credit card details
- Credit card expiry date
- Credit card verification number (CVC)
- Date and time of the transaction
- Transaction amount
- Name of the provider
- Location
The processing of the data provided in this section is neither legally nor contractually required. Without the transmission of your personal data, we cannot process a payment via Stripe.
Stripe assumes a dual role as controller and processor for data processing activities. As a controller, Stripe uses your transmitted data to fulfill regulatory obligations. This corresponds to Stripe’s legitimate interest (pursuant to Art. 6 para. 1 lit. f GDPR) and serves the execution of the contract (pursuant to Art. 6 para. 1 lit. b GDPR). We have no influence on this process.
Stripe acts as a processor in order to complete transactions within the payment networks. Within the framework of the order processing relationship, Stripe acts exclusively in accordance with our instructions and has been contractually obliged to comply with the data protection regulations within the meaning of Art. 28 GDPR.
Stripe has implemented compliance measures for international data transfers. These apply to all global activities where Stripe processes personal data of natural persons in the EU. These measures are based on the EU Standard Contractual Clauses (SCCs).
You can find further information on objection and removal options vis-à-vis Stripe at: https://stripe.com/privacy-center/legal.
Your data will be stored by us until payment processing is completed. This also includes the period required for the processing of refunds, receivables management and fraud prevention. In accordance with § 147 AO / § 257 HGB, we have a statutory retention period of 10 years for the following documents:
- Invoices
Newsletter
MailPoet
We use MailPoet from WooCommerce Ireland Ltd (MailPoet) to send our newsletter. This enables us to contact subscribers directly. In addition, we analyze your usage behavior in order to optimize our offer.
For this purpose, we pass on the following personal data to MailPoet:
- e-mail address
- Name
- Company name
MailPoet is the recipient of your personal data and acts as a processor for us as far as the sending of our newsletter and the sending of emails via the website itself is concerned. The processing of the data specified in this section is not required by law or contract. Without your consent and the transmission of your personal data, we cannot send you a newsletter or send you notifications and confirmations.
In addition, MailPoet collects the following personal data using cookies and other tracking methods:
- Informationen about your end device
- IP address
- Device information
- Usage data
- Date & time when you opened the email / campaign
- Browser activities (e.g. which emails / websites were opened)
MailPoet requires this data to ensure the security and reliability of the systems, compliance with the terms of use and the prevention of misuse. This is in MailPoet’s legitimate interest (pursuant to Art. 6 para. 1 lit. f GDPR) and serves the performance of the contract (pursuant to Art. 6 para. 1 lit. b GDPR). MailPoet also analyzes performance data, such as email delivery statistics and other communication data. This information is used to compile usage and performance statistics for the services.
MailPoet collects additional information about you from other sources. In an unspecified period and scope, personal data is collected via social media and other third-party data providers. We have no influence on this process.
Further information on objection and removal options vis-à-vis MailPoet can be found at: https://automattic.com/privacy/
The legal basis for this processing is your consent in accordance with Art. 6 para. 1 lit. a GDPR. You can withdraw your consent to the processing of your personal data at any time. There is a corresponding link in all newsletter mailings. You can also withdraw your consent using the contact options provided. The declaration of revocation does not affect the legality of the processing carried out so far.
Your data will be processed as long as we have your consent to do so. Apart from that, it will be deleted after termination of the contract between us and MailPoet, unless legal requirements make further storage necessary.
MailPoet has implemented compliance measures for international data transfers. These apply to all global activities in which MailPoet processes personal data of natural persons in the EU. These measures are based on the EU Standard Contractual Clauses (SCCs).
Other providers
Shield Security
We use the security software Shield Security from Fernleaf Systems Limited, Suite 4, 2 Mount Oriel, Belfast BT8 7HR, Northern Ireland, UK (Shield Security) to prevent data breaches. The software protects our and your data from hacking attempts. Shield Security protects data by monitoring traffic and changes to the file system. To learn more about Shield Security, visit https://getshieldsecurity.com/policies/privacy-policy/.
The Shield Security plugin has an audit trail feature that records the following information:
- Audit trail message, which may contain email addresses
- Logged in username (if applicable)
- Original IP address of the request
This information is stored by the site administrator for security reasons. Thsi data is retained and automatically deleted from the database after a certain period of time (7 days).
Polylang
For multilingualism, we use Polylang from WP SYNTEX, 28, rue Jean Sebastien Bach, 38090 Villefontaine, France. Polylang cookies are used exclusively to recognize and record the language used or selected by the user.
WP Statistics
We use the analysis tool WP Statistics from Veronalabs, Tatari 64, 10134, Tallinn, Estonia (WP Statistics) to statistically evaluate visitor access.
WP Statistics analyzes the use of the website. Among other things, the following information is analyzed:
- IP address
- Referrer
- Browser used
- Origin of the user (limited to the city)
- Search engine used
- Clicks
- Pages viewed
The data collected with WP Statistics is stored exclusively on our own servers.
The use of WP Statistics is based on Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in the anonymized analysis of user behaviour in order to optimize our website. No cookies are used for the statistical analysis, so a corresponding notice is not necessary.
The IP addresses used to access the website are anonymized before the analysis. Further information can be found at: https://wp-statistics.com/resources/what-we-collect/.
You can find our imprint here.
