Privacy policy

In the following, we would like to explain to you, with the help of our privacy policy, how your data is processed by us.

Responsible within the meaning of the GDPR

Odego GmbH
Thomas Gumpinger
Tempowerkring 21a
21079 Hamburg, Germany
[email protected]

If you contact us by e-mail or via a contact form, the data you provide will be stored by us in order to process your request.

The processed data includes:

  • Name
  • Company
  • e-mail address

We will delete the data as soon as storage is no longer necessary or restrict processing if there are statutory retention obligations.

Rights of data subjects

As a data subject, you have the right to information, the right to rectification or erasure, the right to restriction of processing and the right to object to the processing of your data. If you have given us your consent, you can revoke it at any time with effect for the future.

Please send your objection informally to the contact details of the responsible within the meaning of the GDPR.

You also have the right to data portability. You also have the right to complain to a supervisory authority about the processing. You can find a list of the relevant authories at: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

Cookies

We use cookies. Cookies are small text files that are stored on your end device when you access the site. They cannot transfer viruses or malware to your computer, but they do contain information that enables the user to be identified.

A distinction must be made between transient cookies, which are deleted as soon as your browser is closed, and persistent cookies, which are stored beyond the respective session and recognize you the next time you visit the website.

In terms of function, a distinction must be made between technically necessary and non-essential cookies.

Technically necessary cookies

Here you will find all cookies that are necessary for the operation of our website and its function (technically necessary cookies). These are usually set in response to an action you have taken. These include registration, login or settings such as language or cookie preferences. It is possible to deactivate these cookies in the browser. In this case, we can no longer guarantee that our website will function properly.

Cookie-NameHostTypePurposeThird Party ServiceValidity PeriodDestination Country
PHPSESSIDcquenz.comCookieThis cookie is used to track the user during a session.NoSessionGermany
icwp-wpsf-notbotcquenz.comCookieThis cookie is used for bot detection.No10 MinutesGermany
pll_languagecquenz.comCookieThis cookie is used to save the display language of Polylang.No1 YearGermany
shield-notbot-noncecquenz.comCookieThis cookie is used by the Shield Security Plugin to prevent malicious activity.No2 MinutesGermany
__stripe_midstripe.comCookieThis cookie is necessary to process credit card transactions on the website. The service is provided by Stripe, which enables online transactions.Yes1 YearUnited States of America
__stripe_sidstripe.comCookieThis cookie is necessary to process credit card transactions on the website. The service is provided by Stripe, which enables online transactions.Yes1 DayUnited States of America
mstripe.comCookieDetermines the device used to access the website. This allows the website to be formatted accordingly.Yes400 DaysUnited States of America
_abstripe.comCookieThis cookie is necessary to process credit card transactions on the website. The service is provided by Stripe, which enables online transactions.YesSessionUnited States of America
_mfstripe.comCookieThis cookie is necessary to process credit card transactions on the website. The service is provided by Stripe, which enables online transactions.YesSessionUnited States of America
idstripe.comCookieThis cookie is necessary to process credit card transactions on the website. The service is provided by Stripe, which enables online transactions.YesSessionUnited States of America
1stripe.comCookieThis cookie is used in connection with the payment window. The cookie is required for secure transactions on the website.YesSessionUnited States of America
Cognito.LastAuthUsercquenz.proCookieThis cookie is only set if Cquenz Analytics are used. It is used for authorization.No30 DaysGermany
Cognito.${usermail}.accessTokencquenz.proCookieThis cookie is only set if Cquenz Analytics are used. It is used for authorization.No1 HourGermany
Cognito.${usermail}.refreshTokencquenz.proCookieThis cookie is only set if Cquenz Analytics are used. It is used for authorization.No1 DayGermany
Cognito.${usermail}.tokenScopesStringcquenz.proCookieThis cookie is only set if Cquenz Analytics are used. It is used for authorization.No1 DayGermany
anInstanceTokencquenz.proCookieThis cookie is only set if Cquenz Analytics are used. It us used to assign the user and Analytics instance.No1 DayGermany
cquenz-persistent-store-module-statecquenz.proLocal StorageSaves device-specific user settings.NoGermany
amplify-redirected-from-hosted-uicquenz.proLocal StorageUsed for the authorization of API requests.NoGermany
vuepress:redirect:${uriPath}cquenz.proLocal StorageUsed for the language of the Cquenz documentation.NoGermany
CognitoIdentityServiceProvider.786t5c42nckbb6edje16nb0n90.${usermail}.clockDriftcquenz.proLocal StorageUsed for the authorization of API requests.NoGermany
loglevelcquenz.proLocal StorageSets the log level.NoGermany
CognitoIdentityServiceProvider.786t5c42nckbb6edje16nb0n90.${usermail}.userDatacquenz.proSession StorageUsed for the authorization of API requests.NoSessionGermany
amplify-auth-uses-session-storagecquenz.proSession StorageUsed for the authorization of API requests.NoSessionGermany
CognitoIdentityServiceProvider.786t5c42nckbb6edje16nb0n90.${usermail}.accessTokencquenz.proSession StorageUsed for the authorization of API requests.NoSessionGermany
CognitoIdentityServiceProvider.786t5c42nckbb6edje16nb0n90.lastAuthUsercquenz.proSession StorageUsed for the authorization of API requests.NoSessionGermany
CognitoIdentityServiceProvider.786t5c42nckbb6edje16nb0n90.${usermail}.idTokencquenz.proSession StorageUsed for the authorization of API requests.NoSessionGermany
amplify-signin-with-hostedUIcquenz.proSession StorageUsed for the authorization of API requests.NoSessionGermany
CognitoIdentityServiceProvider.786t5c42nckbb6edje16nb0n90.${usermail}.refreshTokencquenz.proSession StorageUsed for the authorization of API requests.NoSessionGermany
List of all technically necessary cookies

You can delete individual or all cookies via your browser settings. You alsohave the option of generally deactivating cookies or restricting them to certain domains via your browser settings.

Cookies that are not technically necessary

Here you will find all cookies that are not absolutely necessary for the operation of our website and its function (technically unnecessary cookies). The use of such cookies constitutes data processing that is only permitted with your active consent (Art. 6 para. 1 sentence 1 lit. a GDPR). This also applies to the transfer of your personal data to third parties.

Cookie-NameHostTypePurposeThird Party ServiceValidity PeriodDestination Country
List of all technically unnecessary cookies

You can delete individual or all cookies via your browser settings. You also have the option of generally deactivating cookies or restricting them to certain domains via your browser settings.

Embedded content from other websites

Posts on this website may contain embedded content (e.g. videos, images, posts, etc.). Embedded content from other websites behaves exactly as if the visitor had visited the other website.

These websites may collect daa about you, use cookies, embed additional third-party tracking services and record your interaction with this embedded content, including your interaction with the embedded content if you have an account and are logged in to this website.

Hosting

If you do not register or log in as a visitor, we collect the following data that your browser transmits in log files:

  • IP address
  • Date & time of the request
  • Time zone difference to Greenwich Mean Time
  • Content of the request
  • HTTP status code
  • Amount of data transferred
  • Website from which the request comes
  • Information on browser & operating system

This is necessary to display our website and to ensure stability and security. This corresponds to our legitimate interest within the meaning of Art. 6 para. 1 sentence 1 lit. f GDPR.

We use the following hoster for the provision of our website.

ALL-INKL.COM – Neue Medien München (All-Inkl)
Hauptstraße 68
02742 Friedersdorf
Germany

Thsi is the recipient of your personal data and acts as a procesor for us. This corresponds to our legitimate interest within the meaning of Art. 6 para. 1 sentence 1 lit. f GDPR in not having to maintain a server on our premises ourselves. The server location is Germany.

Further information on objection and removal options vis-à-vis All-Inkl can be found at: https://all-inkl.com/info/datenschutzinformationen/.

You have the right to object to the processing. Whether the objection is successful must be determined as part of a balancing of interests.

The data will be deleted after 30 days at the latest. Storage beyond this period is possible in individual cases, e.g. in the event of an attack on our IT systems.

The processing of the data specified in this section is not required by law or contract. The functionality of the website is not guaranteed withour the processing.

Contact form

We provide you with contact forms with which we collect the following personal data:

  • Name
  • Company
  • e-mail address
  • Telephone number

Mandatory fields are marked with an *.

We also collect:

  • Time of transmission
  • IP address

The data is stored exclusively for the purpose of sending requests and responding to them. The mandatory information is used to assign and respond to your request. This corresponds to our legitimate interest (Art. 6 para. 1 lit. f GDPR). If you enquire about a product or service offered, the processing is carried out for the implementation of pre-contractual measures (Art. 6 para. 1 lit. b GDPR).

You have the right to object to the processing. Whether the objection is successful must be determined as part of a balancing of interests. Further information can be found under “Rights of data subjects”.

Your data will be deleted after processing has been completed. In accordance with Section 147 AO / Section 257 HGB, we have a statutory retention period of 6 years for the following documents:

  • Commercial and business letters

Content Delivery Network

Cloudflare

We use the Content Delivery Network (CDN) of Cloudflare Germany GmbH, Rosental 7, c/o Mindspace, 80331 Munich Germany (Cloudflare) to increase the security and delivery speed of our website. This corresponds to our legitimate interest (Art. 6 para. 1 lit. f GDPR). A CDN is a network of distributed servers that is able to deliver optimized content to the website user. For this purpose, personal data may be processed in server log files by Cloudflare. Please refer to the explanations under “Hosting”. In addition, log files are stored to ensure the stability and security of our website.

Cloudflare is the recipient of your personal data and acts as a processor for us. This corresponds to our legitimate interest within the meaning of Art. 6 para. 1 sentence 1 lit. f GDPR not to operate a content delivery network ourselves.

You have the right to object to the processing. Whether the objection is successful must be determined as part of a balancing of interests.

The processing of the data specified in this section is not required by law or contract. The functionality of the website is not guaranteed without the processing.

Your personal data will be stored by Cloudflare for as long as is necessary for the purposes described.

Further information on objection and removal options vis-à-vis Cloudflare can be found at: Cloudflare DPA.

Cloudflare has implemented compliance measures for international data transfers. These apply to all global activities where Cloudflare processes personal data of natural persons in the EU. These measures are based on the EU Standard Contractual Clauses (SCCs). Further information can be found at:https://www.cloudflare.com/cloudflare_customer_SCCs-German.pdf.

Amazon CloudFront

We use the Amazon CloudFront content delivery network (CDN) from Amazon Web Services EMEA SARL, 38 avenue John F. Kennedy, L-1855 Luxembourg (AWS) to increase the security and delivery speed of our website. This corresponds to our legitimate interest (Art. 6 para. 1 lit. f GDPR). A CDN is a network of distributed servers that is able to deliver optimized content to the website user. For this purpose, personal data may be processed in server log files by AWS. Please refer to the explanations under “Hosting”. In addition, log files are stored to ensure the stability and security of our website.

AWS is the recipient of your personal data and acts as a processor for us. This corresponds to our legitimate interest within the meaning of Art. 6 para. 1 sentence 1 lit. f GDPR not to operate a content delivery network ourselves.

You have the right to object to the processing. Whether the objection is successful must be determined as part of a balancing of interests.

The processing of the data specified in this section is not required by law or contract. The functionality of the website is not guaranteed without the processing.

Your personal data will be stored by AWS for as long as is necessary for the purposes described.

For more information on objection and removal options vis-à-vis AWS, please visit: https://d1.awsstatic.com/legal/privacypolicy/AWS_Privacy_Notice__German_Translation.pdf.

AWS has implemented compliance measures for international data transfers. These apply to all global activities where AWS processes personal data of natural persons in the EU. These measures are based on the EU Standard Contractual Clauses (SCCs). Further information can be found at: https://d1.awsstatic.com/legal/aws-gdpr/AWS_GDPR_DPA.pdf.

Payment service provider

Stripe

We offer the option of processing the payment transaction via the payment service provider Stripe, ℅ Legal Process, 510 Townsend St., San Francisco, CA 94103 (Stripe). This corresponds to our legitimate interest in offering an efficient and secure payment method (Art. 6 para. 1 lit. f GDPR). In this context, we pass on the following data to Stripe insofar as it is necessary for the fulfillment of the contract (Art. 6 para. 1 lit. b GDPR)

  • Name of the cardholder
  • e-mail address
  • Customer number
  • Order number
  • Bank details
  • Credit card details
  • Credit card expiry date
  • Credit card verification number (CVC)
  • Date and time of the transaction
  • Transaction amount
  • Name of the provider
  • Location

The processing of the data provided in this section is neither legally nor contractually required. Without the transmission of your personal data, we cannot process a payment via Stripe.

Stripe assumes a dual role as controller and processor for data processing activities. As a controller, Stripe uses your transmitted data to fulfill regulatory obligations. This corresponds to Stripe’s legitimate interest (pursuant to Art. 6 para. 1 lit. f GDPR) and serves the execution of the contract (pursuant to Art. 6 para. 1 lit. b GDPR). We have no influence on this process.

Stripe acts as a processor in order to complete transactions within the payment networks. Within the framework of the order processing relationship, Stripe acts exclusively in accordance with our instructions and has been contractually obliged to comply with the data protection regulations within the meaning of Art. 28 GDPR.

Stripe has implemented compliance measures for international data transfers. These apply to all global activities where Stripe processes personal data of natural persons in the EU. These measures are based on the EU Standard Contractual Clauses (SCCs).

You can find further information on objection and removal options vis-à-vis Stripe at: https://stripe.com/privacy-center/legal.

Your data will be stored by us until payment processing is completed. This also includes the period required for the processing of refunds, receivables management and fraud prevention. In accordance with § 147 AO / § 257 HGB, we have a statutory retention period of 10 years for the following documents:

  • Invoices

Newsletter

MailPoet

We use MailPoet from WooCommerce Ireland Ltd (MailPoet) to send our newsletter. This enables us to contact subscribers directly. In addition, we analyze your usage behavior in order to optimize our offer.

For this purpose, we pass on the following personal data to MailPoet:

  • e-mail address
  • Name
  • Company name

MailPoet is the recipient of your personal data and acts as a processor for us as far as the sending of our newsletter and the sending of emails via the website itself is concerned. The processing of the data specified in this section is not required by law or contract. Without your consent and the transmission of your personal data, we cannot send you a newsletter or send you notifications and confirmations.

In addition, MailPoet collects the following personal data using cookies and other tracking methods:

  • Informationen about your end device
    • IP address
    • Device information
  • Usage data
    • Date & time when you opened the email / campaign
    • Browser activities (e.g. which emails / websites were opened)

MailPoet requires this data to ensure the security and reliability of the systems, compliance with the terms of use and the prevention of misuse. This is in MailPoet’s legitimate interest (pursuant to Art. 6 para. 1 lit. f GDPR) and serves the performance of the contract (pursuant to Art. 6 para. 1 lit. b GDPR). MailPoet also analyzes performance data, such as email delivery statistics and other communication data. This information is used to compile usage and performance statistics for the services.

MailPoet collects additional information about you from other sources. In an unspecified period and scope, personal data is collected via social media and other third-party data providers. We have no influence on this process.

Further information on objection and removal options vis-à-vis MailPoet can be found at: https://automattic.com/privacy/

The legal basis for this processing is your consent in accordance with Art. 6 para. 1 lit. a GDPR. You can withdraw your consent to the processing of your personal data at any time. There is a corresponding link in all newsletter mailings. You can also withdraw your consent using the contact options provided. The declaration of revocation does not affect the legality of the processing carried out so far.

Your data will be processed as long as we have your consent to do so. Apart from that, it will be deleted after termination of the contract between us and MailPoet, unless legal requirements make further storage necessary.

MailPoet has implemented compliance measures for international data transfers. These apply to all global activities in which MailPoet processes personal data of natural persons in the EU. These measures are based on the EU Standard Contractual Clauses (SCCs).

Other providers

Shield Security

We use the security software Shield Security from Fernleaf Systems Limited, Suite 4, 2 Mount Oriel, Belfast BT8 7HR, Northern Ireland, UK (Shield Security) to prevent data breaches. The software protects our and your data from hacking attempts. Shield Security protects data by monitoring traffic and changes to the file system. To learn more about Shield Security, visit https://getshieldsecurity.com/policies/privacy-policy/.

The Shield Security plugin has an audit trail feature that records the following information:

  • Audit trail message, which may contain email addresses
  • Logged in username (if applicable)
  • Original IP address of the request

This information is stored by the site administrator for security reasons. Thsi data is retained and automatically deleted from the database after a certain period of time (7 days).

Polylang

For multilingualism, we use Polylang from WP SYNTEX, 28, rue Jean Sebastien Bach, 38090 Villefontaine, France. Polylang cookies are used exclusively to recognize and record the language used or selected by the user.

WP Statistics

We use the analysis tool WP Statistics from Veronalabs, Tatari 64, 10134, Tallinn, Estonia (WP Statistics) to statistically evaluate visitor access.

WP Statistics analyzes the use of the website. Among other things, the following information is analyzed:

  • IP address
  • Referrer
  • Browser used
  • Origin of the user (limited to the city)
  • Search engine used
  • Clicks
  • Pages viewed

The data collected with WP Statistics is stored exclusively on our own servers.

The use of WP Statistics is based on Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in the anonymized analysis of user behaviour in order to optimize our website. No cookies are used for the statistical analysis, so a corresponding notice is not necessary.

The IP addresses used to access the website are anonymized before the analysis. Further information can be found at: https://wp-statistics.com/resources/what-we-collect/.


You can find our imprint here.