Ouhud GmbH
Protecting personal data is important to us. Below we explain how Ouhud GmbH processes, stores and protects personal data in accordance with the General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).
1.1 Controller
Ouhud GmbH
Represented by: Hamza Mehmalat
Kaiserswerther Straße 135
40474 Düsseldorf, Germany
info@ouhud.com
1.2 Hosting and Server Location
Our systems are operated by Infomaniak SA (Schweiz). Data is stored exclusively in Swiss data centers. Infomaniak is ISO 27001 certified and meets high data protection and security standards.
1.3 Access Data and Server Logs
When you access our website, technical data is automatically collected (IP address, browser type, date, time, referrer URL). This data is required to ensure the stability and security of the website and is deleted after no later than 14 days.
1.4 Cookies
We use cookies to provide functions such as login and language settings. You can delete or disable cookies at any time in your browser settings. Some website functions may then be restricted. Our website uses a consent management tool to manage your consents.
1.5 Contact Form and Communication
If you contact us by form or email, we store your details (name, email address, message) to process your request. The data is deleted after no later than 6 months unless a statutory retention obligation applies.
1.6 Tools and Services
- Ouhud QR (Dynamic QR Codes): Storage of contact data entered by users (name, phone, social links) for generating and managing dynamic QR codes. Legal basis: Art. 6(1)(b) GDPR.
- Ouhud HealthFusion (Medical Software): Processing of medical data (patient records, diagnoses, prescriptions) only by authorized, verified users with end-to-end encryption. Legal basis: Art. 9(2)(h) GDPR.
- Ouhud CRM (Business Software): Storage of customer and project data exclusively in the context of business contacts. Legal basis: Art. 6(1)(f) GDPR (legitimate interest in business processing).
- For paid services, payment processing is handled via Stripe Inc. (USA). Data is transferred only during an active payment transaction.
1.7 User Accounts and Registration
When registering or using our platforms (e.g. Ouhud QR, CRM or HealthFusion), we store your contact details and login data (email address, password and, where applicable, payment information) to provide access to our services. Passwords are stored only in encrypted (hashed) form and are not visible to us.
1.8 Your Rights under GDPR
- Access to stored data (Art. 15 GDPR)
- Correction of inaccurate data (Art. 16 GDPR)
- Deletion ("right to be forgotten", Art. 17 GDPR)
- Restriction of processing (Art. 18 GDPR)
- Data portability (Art. 20 GDPR)
- Objection to processing (Art. 21 GDPR)
To exercise your rights, please send an email to info@ouhud.com.
1.9 Newsletter and System Emails
If you subscribe to our newsletter or receive system emails (e.g. password reset, confirmations), delivery is handled via our email service provider Infomaniak SA (Schweiz). Data processing is based on your consent pursuant to Art. 6(1)(a) GDPR. You may withdraw your consent at any time with effect for the future.
1.10 Technical and Organizational Security
We protect your data through SSL/TLS encryption, firewalls, access controls and regular security updates. All systems are continuously monitored to prevent misuse, unauthorized access and data loss.
1.11 Recipients, Third-Party Providers and Abroad
We may use service providers for hosting, email delivery, payment processing, IT security, analytics, support and embedded content. Transfers to countries outside Switzerland, the EU or the EEA occur only where an adequate level of data protection exists, appropriate safeguards are used or a legal exception applies. External content is loaded, where required, only after your consent.
1.12 Retention Period
Personal data is stored only as long as required for the respective purposes or as long as statutory retention periods apply. After expiry, it is securely deleted or anonymized.
1.13 Contact Person for Privacy Matters
Please send privacy requests to:
Hamza Mehmalat
Ouhud GmbH, Kaiserswerther Straße 135, 40474 Düsseldorf
Email: privacy@ouhud.com
1.14 Right to Lodge a Complaint
If you believe that the processing of your personal data violates the GDPR, you have the right to lodge a complaint with a data protection supervisory authority, for example with the
State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia
Kavalleriestraße 2-4, 40213 Düsseldorf
www.ldi.nrw.de
© 2026 Ouhud GmbH - GDPR-compliant data processing · Hosting in Switzerland (Infomaniak)