Back

Privacy Policy

Preamble

With the following privacy policy, we would like to inform you about the types of your personal data (hereinafter also referred to as "data") that we process, for what purposes and to what extent. The privacy policy applies to all processing of personal data carried out by us, both in the context of providing our services and in particular on our websites, in mobile applications and within external online presences, such as our social media profiles (hereinafter collectively referred to as "online offering").

The terms used are not gender-specific.

Last updated: January 1, 2026

Table of Contents

Controller

Steffen Konerow
Biedermannplatz 31
22083 Hamburg, Germany

E-Mail: support@getqota.app

Overview of Processing

The following overview summarizes the types of data processed and the purposes of their processing and refers to the data subjects.

Types of Data Processed

  • Inventory data.
  • Payment data.
  • Contact data.
  • Content data.
  • Contract data.
  • Usage data.
  • Meta, communication and process data.
  • Log data.

Categories of Data Subjects

  • Service recipients and clients.
  • Prospects.
  • Communication partners.
  • Users.
  • Business and contractual partners.

Purposes of Processing

  • Provision of contractual services and fulfillment of contractual obligations.
  • Communication.
  • Security measures.
  • Reach measurement.
  • Office and organizational procedures.
  • Organizational and administrative procedures.
  • Feedback.
  • Profiles with user-related information.
  • Provision of our online offering and user-friendliness.
  • Information technology infrastructure.
  • Business processes and business management procedures.

Legal Bases

Relevant legal bases under the GDPR: Below you will find an overview of the legal bases of the GDPR on the basis of which we process personal data.

  • Consent (Art. 6 para. 1 p. 1 lit. a) GDPR) - The data subject has given consent to the processing of personal data concerning him or her for a specific purpose or several specific purposes.
  • Contract performance and pre-contractual inquiries (Art. 6 para. 1 p. 1 lit. b) GDPR) - Processing is necessary for the performance of a contract to which the data subject is party or for the implementation of pre-contractual measures.
  • Legal obligation (Art. 6 para. 1 p. 1 lit. c) GDPR) - Processing is necessary for compliance with a legal obligation to which the controller is subject.
  • Legitimate interests (Art. 6 para. 1 p. 1 lit. f) GDPR) - Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party.

Security Measures

In accordance with legal requirements, taking into account the state of the art, we take appropriate technical and organizational measures to ensure a level of protection appropriate to the risk. The measures include, in particular, ensuring the confidentiality, integrity and availability of data by controlling physical and electronic access to the data.

Securing online connections through TLS/SSL encryption technology (HTTPS): To protect user data transmitted through our online services from unauthorized access, we use TLS/SSL encryption technology.

Transfer of Personal Data

In the course of our processing of personal data, it may happen that data is transferred to other bodies, companies, legally independent organizational units or persons. In such cases, we observe the legal requirements and conclude appropriate contracts for the protection of your data.

International Data Transfers

Data processing in third countries: If we transfer data to a third country, this is always done in accordance with legal requirements. For data transfers to the USA, we primarily rely on the Data Privacy Framework (DPF).

General Information on Data Storage and Deletion

We delete personal data that we process in accordance with legal provisions as soon as the underlying consent is revoked or there are no further legal grounds for processing.

Rights of Data Subjects

As a data subject, you have various rights under the GDPR:

  • Right to object
  • Right to withdraw consent
  • Right of access
  • Right to rectification
  • Right to erasure
  • Right to data portability
  • Right to lodge a complaint with a supervisory authority

Business Services

We process data of our contractual and business partners within the framework of contractual and comparable legal relationships and related measures.

Provision of Online Offering and Web Hosting

We process user data to provide them with our online services. For this purpose, we process the user's IP address.

Use of Cookies

We use cookies in accordance with legal requirements. We obtain the prior consent of users where required.

Contact and Inquiry Management

When contacting us, the information of the inquiring persons is processed to the extent necessary to answer the contact requests.

Web Analysis, Monitoring and Optimization

Web analysis is used to evaluate the visitor flows of our online offering. We use Matomo, whereby the collected data is only processed by us and not shared with third parties.

PostHog

We use PostHog as a web analytics service. PostHog is operated on servers in the EU (Frankfurt, Germany). Processing is based on our legitimate interests in the analysis and optimization of our online offering pursuant to Art. 6 para. 1 lit. f GDPR.

Processed data: Page views, click behavior, session duration, device and browser information, anonymized IP address. PostHog respects the browser's Do Not Track signal.

  • Service provider: PostHog Inc., 2261 Market Street #4008, San Francisco, CA 94114, USA
  • Processing location: EU (Frankfurt, Germany)
  • Legal basis: Legitimate interests (Art. 6 para. 1 p. 1 lit. f) GDPR)
  • Website: https://posthog.com
  • Privacy policy: https://posthog.com/privacy

Plugins and Embedded Functions and Content

We integrate functional and content elements into our online offering that are obtained from the servers of their respective providers, e.g. Google Fonts.

Changes and Updates

We ask you to regularly inform yourself about the content of our privacy policy. We adapt the privacy policy as soon as changes in the data processing carried out by us make this necessary.

Definitions

In this section you will find an overview of the terms used in this privacy policy.

Created with free Datenschutz-Generator.de by Dr. Thomas Schwenke