Privacy Policy

1. Data Controller

Ordernova UG (haftungsbeschränkt) Ober-Olmer-Straße 10 55263 Ingelheim am Rhein Germany Phone: +49 176 432 59 263

2. Data We Collect

When you use the Order Manager app, we may collect the following data: • Account data: username, email address • Restaurant data: restaurant name, logo, address • Order data: order details, customer information, payment status • Usage data: app interactions, session data • Device data: device type, operating system version

3. Purpose of Data Processing

We process your data for the following purposes: • Providing and operating the Order Manager app • Processing and managing restaurant orders in real time • User authentication and account security • Customer support and communication • Improving our services and fixing technical issues

4. Legal Basis

We process your personal data based on the following legal grounds under GDPR: • Art. 6(1)(b) GDPR – Performance of a contract (providing the app service) • Art. 6(1)(c) GDPR – Legal obligation (e.g. accounting, tax records) • Art. 6(1)(f) GDPR – Legitimate interests (improving and securing our services)

5. Data Retention

We retain your personal data only as long as necessary for the purposes described in this policy, or as required by law. Order data is typically retained for 10 years in accordance with German commercial law (§ 257 HGB).

6. Your Rights

Under GDPR, you have the following rights: • Right of access – You can request a copy of your personal data • Right to rectification – You can correct inaccurate data • Right to erasure – You can request deletion of your data • Right to restriction – You can request limited processing • Right to data portability – You can receive your data in a structured format • Right to object – You can object to certain processing activities To exercise your rights, you can use our email contact or the contact form.

7. Third-Party Services

We use the following third-party services: • Expo Application Services (EAS) – for app distribution and updates • Stripe – for secure payment processing (orders paid online) • Our own API servers hosted in the EU All third-party providers are GDPR-compliant and process data only as necessary for the service.

8. Cookies & Analytics

The Order Manager app itself does not use cookies. Our website (ordernova.de) uses Google Tag Manager and optional Meta Pixel tracking only after consent has been granted. You can manage cookie preferences via the cookie banner on our website.

9. Data Security

We use industry-standard security measures to protect your data, including: • Encrypted data transmission (HTTPS/TLS) • Secure JWT-based authentication with token refresh • Access controls and role-based permissions • Regular security reviews

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via the app or by email. The latest version is always available at ordernova.de/privacy-policy.

11. Contact