susumenu

Privacy Policy

Stand: August 01, 2025

At susu GmbH, we take the protection of your personal data very seriously. This Privacy Policy explains in detail how we collect, process, use, and protect your data in accordance with the General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG). It applies to the use of our website, platform, and related services.

1. Controller and Data Protection Officer

  • Controller: susu GmbH, Irenenstr 66, 40468 Düsseldorf, Germany
  • Data Protection Officer: Contact: info@susumenu.com, Phone: +49 15906467215
  • You can contact us directly with any questions or concerns.

2. Collection and Processing of Personal Data

  • We collect and process personal data only to the extent necessary for the provision of our services or if you have given your consent. This includes:
  • Categories of Data: Email address, name, address, telephone number (optional), business name, and payment data (for premium use).
  • Legal Basis: Article 6(1)(b) GDPR (performance of a contract), Article 6(1)(a) GDPR (consent), or Article 6(1)(f) GDPR (legitimate interest, e.g., fraud prevention).
  • Purpose of Processing: Creation and management of user accounts, processing of orders, communication (e.g., support, updates), and improvement of our services through pseudonymized analysis.

3. Data Transfer

  • Your data will not be passed on to third parties unless:
  • This is necessary for the performance of the contract (e.g., payment service providers like Stripe).
  • You have expressly consented (Article 6(1)(a) GDPR).
  • There is a legal obligation to do so (Article 6(1)(c) GDPR).
  • Payment service providers and hosting partners (e.g., Firebase) are bound by data processing agreements (DPA) in accordance with the GDPR.

4. Data Security

  • Measures: We use technical (e.g., TLS encryption) and organizational measures (e.g., access restrictions) to protect your data from unauthorized access, loss, or misuse.
  • Storage Duration: Data is stored only as long as necessary for the purpose (e.g., 10 years for tax purposes) or until you request its deletion, provided there are no statutory retention obligations.

5. Your Rights

  • According to the GDPR and BDSG, you have the following rights:
  • Right of Access (Art. 15 GDPR): You can request information about your stored data.
  • Right to Rectification (Art. 16 GDPR): You can have incorrect data corrected.
  • Right to Erasure (Art. 17 GDPR): You can request the deletion of your data, provided there is no retention obligation.
  • Right to Restriction of Processing (Art. 18 GDPR): You can have the processing of your data restricted.
  • Right to Data Portability (Art. 20 GDPR): You can receive your data in a structured, machine-readable format.
  • Right to Object (Art. 21 GDPR): You can object to the processing of your data for reasons arising from your particular situation.
  • Complaint: In case of violations, you can contact the responsible supervisory authority (e.g., the State Commissioner for Data Protection in North Rhine-Westphalia).

6. Cookies and Tracking

  • We use cookies to improve the user experience (e.g., session cookies). You can refuse cookies in your browser settings. Analytics tools (e.g., Firebase Analytics) process pseudonymized data; consent is obtained before activation (Art. 6(1)(a) GDPR).

7. Contact and Information Request

  • For questions, deletions, or to exercise your rights, please contact us:
  • Email: info@susumenu.com
  • Phone: +49 15906467215
  • Address: susu GmbH, Irenenstr 66, 40468 Düsseldorf, Germany
  • Please note that we must verify your identity before providing information.

8. Changes to this Privacy Policy

  • We reserve the right to adapt this privacy policy in the event of changes to legal requirements or our services. The current version can be found at https://www.susumenu.com/privacy. Changes will be announced at least 30 days before they take effect.