Privacy Policy

1. Controller

Enrico Mischorr
„SeedBook”
Rossäckerstraße 41/1
74189 Weinsberg
Germany

2. Hosting

Our websites (www.seedbook.eu and app.seedbook.eu) are hosted by:

Hetzner Online GmbH
Industriestr. 25
91710 Gunzenhausen
Deutschland

When you visit our websites, the hosting provider automatically collects information in server log files that your browser transmits. This includes: IP address, date and time of the request, time zone difference from Greenwich Mean Time (GMT), content of the request (specific page), access status / HTTP status code, amount of data transferred, referrer URL, browser type and version, operating system.

This data is technically necessary to deliver the website. The legal basis is Art. 6(1)(f) GDPR (legitimate interest in securely and efficiently providing our website). Server log files are automatically deleted after [e.g. 14] days.

We have concluded a data processing agreement (DPA) with the hosting provider pursuant to Art. 28 GDPR.

3. SSL/TLS Encryption

For security reasons, this website uses SSL or TLS encryption. You can recognise an encrypted connection by the browser address bar changing from “http://” to “https://” and by the lock icon in your browser bar.

4. User Account / Registration

To use the SeedBook app (app.seedbook.eu), you can create a user account. In doing so, we collect the following data:

– Email address – Password (stored exclusively as a cryptographic hash) – [any additional fields, e.g. display name, profile picture — adjust!]

This data is required to set up and manage your user account and to provide the contractual services. The legal basis is Art. 6(1)(b) GDPR (performance of a contract).

Your account data is stored for as long as your user account exists. Upon deletion of your account, your personal data will be deleted without undue delay, unless statutory retention obligations apply.

5. Technically Necessary Cookies and Local Storage (app.seedbook.eu)

When you log in to the SeedBook app, a session cookie is set that is required to maintain your authenticated session. Without this cookie, using the app is not possible. The cookie is automatically deleted when you log out or when the session expires.

In addition, we store your display preferences (e.g. light/dark theme) in your browser’s local storage. This data remains exclusively on your device and is not transmitted to our servers.

The legal basis for both is Section 25(2) No. 2 TDDDG in conjunction with Art. 6(1)(b) GDPR (performance of a contract). Consent is not required, as this storage is strictly necessary for the provision of the service you explicitly requested.

6. Web Analytics with Umami Analytics

We use the open-source web analytics tool “Umami” (https://umami.is) on our websites (www.seedbook.eu and app.seedbook.eu). We operate Umami ourselves on our own servers in Germany. No data is shared with third parties.

Purpose of Processing

We use Umami to statistically evaluate the use of our online offering, to improve our content and features, and to detect technical errors.

Data Collected

Umami records the following information with each page view: – URL visited and page title – referring URL (referrer) – date and time of the visit – browser type and version – operating system and device type – screen resolution and browser language – country, region and city (derived from the IP address using the MaxMind GeoLite database; the IP address itself is not stored)

Umami does NOT set any cookies and does not access local storage or any other client-side storage. A pseudonymous session ID is generated server-side from a daily rotating salt, the IP address and the user agent as a SHA-256 hash. This hash changes at least every 24 hours; cross-device or cross-day re-identification does not occur.

Legal Basis

The legal basis is Art. 6(1)(f) GDPR (legitimate interest). Our legitimate interest lies in the needs-based design and statistical evaluation of our website. Since we self-host Umami, do not use cookies, do not create cross-device profiles, and do not transmit data to third parties, our legitimate interests outweigh the interests, fundamental rights and freedoms of data subjects.

Retention Period

Aggregated statistical data is stored for 24 months and then automatically deleted.

You may object to the processing at any time. To do so, send an informal email to [YOUR EMAIL ADDRESS]. Alternatively, you can disable Umami tracking by setting the key “umami.disabled” to “1” in your browser’s local storage, or by using a common tracking blocker.

Further information: https://umami.is/docs https://github.com/umami-software/umami

7. Location-Based Weather Data

You may optionally provide a place name in order to retrieve location-based weather data for your plants. The location is processed with an accuracy of approximately 11 km; no precise address determination takes place.

To retrieve weather data, we use the API of the provider Open-Meteo (OpenMeteo GmbH, Bürglen, Switzerland; https://open-meteo.com). The query is made exclusively via our server — your browser does not communicate directly with Open-Meteo. Only the geographical coordinates of your chosen location are transmitted to Open-Meteo, not your name, email address or any other personal data. Switzerland has an adequacy decision from the European Commission (Art. 45 GDPR), ensuring an adequate level of data protection. Open-Meteo’s privacy policy can be found at https://open-meteo.com/en/terms.

The location is stored in your user account. The legal basis is Art. 6(1)(b) GDPR (performance of a contract). You can delete the location at any time in your account settings.

8. Your Rights as a Data Subject

You have the following rights regarding your personal data:

– Right of access (Art. 15 GDPR): You may request information about what personal data we have stored about you. – Right to rectification (Art. 16 GDPR): You may request the correction of inaccurate data. – Right to erasure (Art. 17 GDPR): You may request the deletion of your data, provided no statutory retention obligations apply. – Right to restriction of processing (Art. 18 GDPR): You may request the restriction of the processing of your data. – Right to data portability (Art. 20 GDPR): You may request to receive your data in a structured, commonly used and machine-readable format. – Right to object (Art. 21 GDPR): You may object to the processing of your data at any time where the processing is based on Art. 6(1)(f) GDPR.

To exercise your rights, an informal email to [YOUR EMAIL ADDRESS] is sufficient.

9. Right to Lodge a Complaint with a Supervisory Authority

If you believe that the processing of your personal data violates the GDPR, you have the right to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR).

The supervisory authority responsible for us is:

Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit Baden-Württemberg Lautenschlagerstraße 20 70173 Stuttgart https://www.baden-wuerttemberg.datenschutz.de

Last updated: May 2026