CRM Logo Ouhud CRM

🔐 Data Protection & GDPR

Transparency, security, and data protection are central components of Ouhud CRM. This statement provides information about the nature, scope, and purpose of the processing of personal data within the framework of our cloud-based SaaS offering.

🏢 Person in charge

Ouhud Ltd.
Sundernholz 112
45134 Essen
Germany

Email: datenschutz@ouhud.com

📊 Processed data

  • 👤 Master data (name, email, phone number)
  • 🔐 Authentication & Access Credentials
  • 🧾 Contract & Billing Data
  • 💬 Communication data (support, tickets, emails)
  • 📈 Usage, Analytics & Activity Data
  • 🖥️ Technical data (IP address, logs, device information)

🎯 Purposes of processing

  • Operation, maintenance, and further development of Ouhud CRM
  • Customer, project and contract management
  • Billing, licensing, and SaaS operations
  • Support, communication, and error analysis
  • IT Security, Abuse Prevention, and System Stability
  • Compliance with statutory retention obligations

⚖️ Legal basis

Art. 6(1)(b) GDPR – Performance of a contract
Art. 6(1)(c) GDPR – legal obligation
Art. 6(1)(f) GDPR – legitimate interest

🖥️ Hosting & Data Processors

Ouhud CRM is operated on professional server infrastructure. The processing of personal data is carried out exclusively on the basis of data processing agreements in accordance with Art. 28 GDPR.

  • Hosting and infrastructure provider
  • Email and communication services
  • Payment and billing service provider
  • Security and monitoring systems

🌍 Data transfer to third countries

If personal data is processed in countries outside the EU (e.g., the United States of America), this is done exclusively in compliance with Art. 44 et seq. GDPR, in particular through:

  • EU Standard Contractual Clauses (SCC)
  • EU-US Data Privacy Framework (where applicable)
  • Additional technical and organizational protective measures

🍪 Cookies & Sessions

Ouhud CRM uses only technically necessary cookies and sessions that are required for authentication, security, and system functions.

🗄️ Retention period & deletion

  • Invoice data: 10 years (§ 147 AO)
  • Contract data: contract term + statutory deadlines
  • Protocol and security data: time-limited

🤖 AI & automated decisions

Ouhud CRM uses AI-powered features for analysis, automation, and support of internal business processes. These systems unfold no legal effect within the meaning of Art. 22 GDPR without human decision-making.

📌 Your rights

  • Access (Art. 15 GDPR)
  • Rectification (Art. 16 GDPR)
  • Erasure (Art. 17 GDPR)
  • Restriction of processing (Art. 18 GDPR)
  • Data portability (Art. 20 GDPR)
  • Objection (Art. 21 GDPR)

🏛️ Supervisory authority

State Commissioner for Data Protection and Freedom of Information of North Rhine-Westphalia
https://www.ldi.nrw.de

Status: 2026