1. Your personal data within the scope of Art. 4 No. 1 DSGVO (e.g. IP address, name, e-mail address, payment information) will only be processed by us in accordance with the provisions of German data protection law and taking into account the European General Data Protection Regulation (DSGVO). The following regulations inform you about the type, scope and purpose of the collection, processing and use of personal data.
2. The processing within the scope of Art. 4 No. 2 DSGVO of personal data is lawful pursuant to Art. 6 DSGVO if one of the following conditions is met:
a) the data subject has given consent to the processing of personal data concerning him or her for one or more specific purposes;
b) processing is necessary for the performance of a contract to which the data subject is party or in order to carry out pre-contractual measures at the data subject’s request;
c) processing is necessary for compliance with a legal obligation to which the controller is subject;
d) processing is necessary in order to protect the vital interests of the data subject or another natural person;
e) processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
f) processing is necessary for the purposes of protecting the legitimate interests of the controller or of a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data,
override, in particular where the data subject is a child.
3. The processing of special personal data (e.g. health data) within the scope of Article 9 (1) of the GDPR is lawful in particular pursuant to Article 9 (2) of the GDPR if one of the following conditions is met:
– there is an explicit consent of the person;
– processing is necessary for the establishment, exercise or defense of legal claims or in case of actions of the courts in the course of their judicial activities.
4. Automatic decision-making or profiling with regard to personal data within the scope of Art. 22 DSGVO does not take place.
5. The operator ensures the security of the data in accordance with Art. 32 DSGVO, taking into account the principle of proportionality through appropriate technical measures.
6. If, contrary to expectations, a breach of data protection should occur, the competent supervisory authority will be notified in accordance with Art. 33 of the GDPR, as well as the data subject in accordance with Art. 34 of the GDPR.
Area of application
Data Storage Duration
The duration of the storage of the data transferred by them is based on the legal storage obligations. Registration data is stored for the duration of the membership.
Disclosure of Data to Third Parties
A transfer of data transmitted within the framework of the contractual relationship to third parties (Art. 4 No. 10 DSGVO), takes place only if you have expressly declared your consent (Art. 4 No. 11 DSGVO) or the transfer is necessary for the performance of the contract. The consent can be revoked informally at any time. Data collected through your visit to the website will only be collected by third parties who are explicitly named below.
Responsible Person in the Sense of the DSGVO
The responsible person within the scope of the General Data Protection Regulation (DSGVO), as well as other data protection laws applicable in the European Union and other provisions of a data protection nature is:
OrdersTracker UG (haftungsbeschränkt)
Telephone: +49 (0) 201 759 34694
In addition, we also use temporary cookies to optimize user-friendliness, which are stored on your terminal device for a certain fixed period of time. If you visit our site again to use our services, it is automatically recognized that you have already been with us and which entries and settings you have made so that you do not have to enter them again.
These cookies enable us to automatically recognize that you have already been with us when you visit our site again. These cookies are automatically deleted after a defined period of time. The data processed by cookies is necessary for the aforementioned purposes to protect our legitimate interests and those of third parties in accordance with Art. 6 (1) p. 1 lit. f DSGVO. Most browsers accept cookies automatically. However, you can configure your browser in such a way that no cookies are stored on your computer or that a notice always appears before a new cookie is created. However, the complete deactivation of cookies may mean that you cannot use all the functions of our website.
Location Permission (App Only)
OrdersTracker application requests location permission under special circumstances. This location information is used only to place it on the map and will not be saved or shared with any other third party tools. The purpose of requesting location is clearly stated and the user has always the option to reject it. The user is able to update his or her settings any time he or she wants just by updating the permission settings of the application.
Location will be requested only under following conditions:
- By using a bluetooth printer for printing invoices
- When a user with role “Courier” logs in.
Storage of Access Data in Log Files
You can visit our websites without providing any personal information.
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
- Browser type/Browser version
- Operating system used
- Referrer URL
- Host name of the accessing computer
- Time of the server request
This data cannot be assigned to specific persons. This data is not merged with other data sources. We reserve the right to check this data retrospectively if we become aware of specific indications of unlawful use.
The purpose of the processing results from our legitimate interest within the context of Art. 6 para. 1 p. 1 lit. f) DSGVO.
Registration is not required to use the services we offer, but the range of functions may be limited. In the process, the data you enter in the input mask is collected and stored. Data will not be passed on to third parties, unless this is necessary for the implementation of the contractual relationship. The data can be changed or deleted by you at any time. After deletion of the data, the service can no longer be offered to you unless you register again.
In addition to the data entered by you, the IP address as well as the date and time of registration are also stored. The storage of IP data serves to prevent misuse and to investigate criminal offences.
Use of the App Store
To download the app from one of the app stores, you must create an account with the respective app store operator and provide your personal data (e.g., e-mail address). We have no influence on the processing of this data.
Payment Processing via Stripe
If you choose a payment method of the payment service provider Stripe, the payment processing is carried out via the payment service provider Stripe Payments Europe Ltd, Block 4, Harcourt Centre, Harcourt Road, Dublin 2, Ireland, to whom we pass on your information provided during the ordering process together with the information about your order (name, address, account number, bank code, possibly credit card number, invoice amount, currency and transaction number) in accordance with Art. 6 para. 1 lit. b DSGVO.
The transfer of your data takes place exclusively for the purpose of payment processing with the payment service provider Stripe Payments Europe Ltd. and only insofar as it is necessary for this purpose.
Payment by Credit Card
On our website we offer, among other things, payment by “credit card”. If you select payment via credit card, the payment data you enter will be transmitted to the credit card company.
With this payment method, you have the option to pay for your order by VISA or Mastercard credit card. After the transaction is completed, your account will be conveniently and securely debited with the invoice amount.
The transmission of your data is based on Art. 6 para. 1 lit. a DSGVO (consent) and Art. 6 para. 1 lit. b DSGVO (processing for the performance of a contract).
You have the option to revoke your consent to data processing at any time. A revocation does not affect the validity of past data processing operations.
Functions of the Crisp service are integrated on our website. These functions are provided by Crisp IM SARL., 2 Boulevard de Launay, 44100 Nantes, France and is therefore fully subject to European data protection law.
We use the provider to integrate a live chat system. Via the chat, you can communicate directly with our employees.
This website uses technology from Lucky Orange LLC, 8680 W 96th St, Overland Park, KS 66212, USA, (www.luckyorange.com) to store anonymized data for web analytics purposes. In the process, your mouse movements and clicks on our website can be recorded. From this anonymized data, usage profiles can be created under a pseudonym. Cookies can be used for this purpose. Cookies are small text files that are stored locally in the cache of the site visitor’s Internet browser. The cookies enable the recognition of the Internet browser. The data collected using Lucky Orange technologies will not be used to personally identify the visitor to this website without the separately granted consent of the person concerned and will not be merged with personal data about the bearer of the pseudonym. Insofar as the information collected in this way has a personal reference, the processing is carried out in accordance with Art. 6 (1) lit. f DSGVO on the basis of our legitimate interest in effective customer service and the statistical analysis of user behavior for optimization purposes.
To avoid the storage of Lucky Orange cookies, you can set your internet browser to prevent cookies from being placed on your computer in the future or to delete cookies that have already been placed. However, switching off all cookies may mean that some functions on our Internet pages can no longer be carried out. You can object to the collection and storage of data for the purpose of creating a pseudonymized user profile at any time with effect for the future by sending us your objection informally by e-mail to the e-mail address given in the imprint.
Alternatively, you can object to the data collection by Lucky Orange for the future by having an opt-out cookie set, which you can obtain at the website below: http://www.luckyorange.com/privacy.php
Please do not delete this opt-out cookie as long as you wish to maintain your objection.
Standard contractual clauses have been concluded with Lucky Orange to ensure that European data protection requirements are met.
UXCam (Only in the app)
In our applications, data are collected and stored for optimization purposes using technologies from UXCam Ltd (www.uxcam.com). From this data, usage profiles can be created under a pseudonym. The data collected with the UXCam technologies will not be used to personally identify the user of the application and will not be merged with personal data about the bearer of the pseudonym without the separately granted consent of the person concerned. The data collection and storage can be objected to at any time with effect for the future.
We base the use of the aforementioned analysis tool on Art. 6 (1) (f) DSGVO: the processing is carried out to analyze user behavior and is therefore necessary to protect our legitimate interests.
When using the contact form offered on these pages, the information you enter is transmitted and stored for the purpose of responding to your request. The data will not be passed on to third parties. The legality of the use of the form results from Art. 6 para. 1 sentence 1 lit. f) DSGVO.
Request by E-mail, Phone
If you contact us by e-mail or telephone, your inquiry including all resulting personal data (name, inquiry) will be stored and processed by us for the purpose of processing your request. We do not pass on this data without your consent.
The processing of this data is based on Art. 6 (1) lit. b DSGVO, if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on your consent (Art. 6 (1) (a) DSGVO) and / or on our legitimate interests (Art. 6 (1) (f) DSGVO), as we have a legitimate interest in the effective processing of requests sent to us.
The data you send to us via contact requests will remain with us until you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies (e.g. after we have completed processing your request). Mandatory legal provisions – in particular legal retention periods – remain unaffected.
Security of your Data / SSL Encryption
In accordance with the legal regulation according to § 13 para. 7 TMG, this site uses SSL encryption, recognizable by a lock symbol in the address bar of your browser. Transmitted data cannot be read by third parties when SSL encryption is activated.
As a rule, this is a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is encrypted by the closed key or lock symbol in the lower status bar of your browser.
We also use appropriate technical and organizational security measures (TOM) to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.
Rights of the User
You can request information about the personal data stored about you at any time and free of charge. Your rights also include confirmation, correction, restriction, blocking and deletion of such data and the provision of a copy of the data, in a form suitable for transmission, as well as the revocation of consent given and the objection. Legal storage obligations remain unaffected by this.
Your rights arise in detail in particular from the following standards of the GDPR:
- Article 7(3) – Right to withdraw consent under data protection law.
- Article 12 – Transparent information, communication and modalities for the exercise of the rights of the data subject
- Article 13 – Information obligation when personal data are collected from the data subject
- Article 14 – Information obligation when personal data have not been collected from the data subject
- Article 15 – Data subject’s right of access, confirmation and supply of a copy of personal data
- Article 16 – Right to rectification
- Article 17 – Right to erasure (“right to be forgotten”)
- Article 18 – Right to restriction of processing
- Article 19 – Obligation to give notice in connection with rectification or erasure of personal data or restriction of processing
- Article 20 – Right to data portability
- Article 21 – Right to object
- Article 22 – right not to be subject to a decision based solely on automated processing, including profiling
- Article 77 – Right to lodge a complaint with a supervisory authority
To exercise your rights (with the exception of Art. 77 DSGVO), please contact the office mentioned under the point “Responsible person in the sense of the DSGVO” (e.g. by e-mail).
Responsible Supervisory Authority:
The state data protection commissioners of the federal state in which the controller (see above) has its registered office (NRW) are responsible. You can find the current contact details here: