Last updated
16 June 2026
Privacy
This privacy policy explains how personal data is processed on the Ordinavo website, in the trial funnel, in the Ordinavo app, through Ordinavo Connect, in mobile workflows and in technical operations.
16 June 2026
Website, demo and trial requests, SaaS platform, Ordinavo Connect, mobile PWA, webhooks, operations and support.
The controller for data processing on this website is the entity named in the legal notice.
For privacy questions or to exercise data subject rights, contact us at info@ordinavo.de or through the contact details in the legal notice.
We process personal data only where necessary to operate the website, handle requests, provide Ordinavo, protect systems or fulfil contractual and pre-contractual purposes.
Personal data means information relating to an identified or identifiable natural person, such as name, email address, phone number, location data, user ID or technical identifiers.
When the website is accessed, technical access data is processed. This may include IP address, time, requested page, referrer, browser, operating system, HTTP status code and transferred data volume.
Processing serves technical delivery, stability, troubleshooting and abuse prevention. The legal basis is Art. 6(1)(f) GDPR.
If you contact Ordinavo by form, email or demo request, we process the data you provide, such as name, email address, company, phone number, message and intended use case.
Processing is used to handle your request, prepare a demo and communicate about Ordinavo. The legal basis is Art. 6(1)(b) GDPR and, for organisational follow-up or security, Art. 6(1)(f) GDPR.
When you request a trial, we process the information submitted in the trial form so that a suitable trial process can be prepared and supported.
A preconfigured workspace may be created for a trial. Account data, tenant assignment, trial status, start and end time and technical provisioning data may be processed.
Trial workspaces may contain demo data, such as sample targets, external sample requests, locations, tasks, routes, Smart Routing scenarios, mobile views and status histories.
When the Ordinavo app is used, data required to coordinate operational mobile teams may be processed. Scope and content depend on the tenant, role model and customer process.
Where the Customer Portal is used, customer contacts may access shared operational information such as appointments, submitted requests, published visit reports, selected attachments and reduced timeline entries.
Portal access is controlled by invitations, access grants and tenant configuration. Visit reports and attachments are not published automatically; internal notes, billing data, webhook data and integration metadata are not part of the portal view.
Ordinavo processes operational targets, tasks, appointments, routes, stops and status histories to plan work, provide it to mobile employees and document results.
This may include customer or location data, contacts, addresses, time windows, priorities, estimated work times, assignments, completion status and problem reports.
Location data is not necessarily tracked permanently. Depending on configuration, location data may be processed for defined actions, such as appointment start, appointment completion, problem report or manual location capture.
Comments, photos and attachments may be processed if users upload or capture them to document work. Such content should contain only information required for the relevant process.
The mobile PWA may temporarily store data on the device so that tasks can be handled when connectivity is unstable. This may include planned appointments, status changes, comments, attachments and sync information.
Offline queues are synchronized with Ordinavo later. Local storage is tied to the relevant user and tenant context and should be cleared on logout, expiry or according to technical rules.
If push notifications are enabled, technical push tokens, device information and notification settings may be processed. Push messages may inform users about new tasks, changes or reminders.
Push notifications are used only where technically enabled and intended for the relevant user or process.
Ordinavo Connect allows external systems to transfer operational targets, orders, stops, service requests or appointment requests into Ordinavo. Such systems may include customer portals, terminals, ERP, CRM, ticketing, logistics or partner systems.
Depending on the integration, contact persons, companies, addresses, ExternalIds, service types, time windows, priorities, estimated work times, descriptions, custom fields and technical metadata may be processed.
Inbound imports create technical ImportJobs and ImportItems so transmitted data can be validated, created, updated, cancelled or rejected. ExternalIds and references help assign records to the source system.
ImportJobs and ImportItems support traceability, troubleshooting and status clarification between Ordinavo and connected systems.
Ordinavo may send status events back to connected external systems, for example when a target is imported, a route is published, an appointment is started, completed or reported with a problem.
Webhook processing may include event IDs, delivery IDs, target URLs, delivery attempts, response codes, error messages and technical delivery metadata. Receivers should process events idempotently and verify signatures.
Webhook payloads can include CustomerContext, contact details, visit report context or billing trigger signals depending on configuration. Billing trigger events are operational signals and not invoices.
Ordinavo may evaluate operational targets based on priority, due date, work time, travel time, route fit and optional business value fields to support route suggestions and prioritization.
This evaluation supports planning. It does not replace human review where such review is required by the relevant process.
For security, troubleshooting, traceability and operations, Ordinavo may process audit logs, security logs, system alerts, worker monitoring, API request logs and technical events.
This may include user or integration identifiers, tenant context, timestamp, action, status code, error details, IP address, user agent, correlation ID and technical metadata.
We process email addresses and communication content where necessary to handle requests, trials, demos, support or contractual communication.
General marketing emails are sent only where consent or another legal basis exists.
If you reach Ordinavo through campaigns, ads, partner pages or tagged links, campaign data such as utm_source, utm_medium, utm_campaign, referrer, landing page and timestamp may be processed.
This helps evaluate and improve marketing and sales activities. The legal basis is Art. 6(1)(f) GDPR where consent is not required.
We currently do not use consent-requiring web tracking or non-essential analytics cookies without consent.
Technical and form-related events may be evaluated internally to improve the trial and demo funnel where legally permitted.
Personal data may be transferred to service providers supporting website operation, app operation, hosting, email communication, monitoring, security, provisioning or support processes.
Depending on the project, Ordinavo may be operated as a cloud solution, dedicated operating model or customer-specific environment. Technical operational data may be processed for provisioning, maintenance, security, backups, monitoring and recovery.
Where providers process personal data on our behalf, this is done under a data processing agreement pursuant to Art. 28 GDPR.
Personal data is transferred outside the EU or EEA only where necessary for the stated purposes and where data protection requirements are met.
This may include adequacy decisions, standard contractual clauses or other appropriate safeguards.
We keep personal data only as long as required for the relevant purposes or where legal, contractual or legitimate retention reasons apply. Specific periods may vary depending on tenant configuration, contract and operating model.
Subject to legal requirements, data subjects have rights of access, rectification, erasure, restriction, portability and objection to certain processing.
Where Ordinavo processes data on behalf of a customer, requests are generally addressed first to the relevant controller, meaning the Ordinavo customer.
You have the right to lodge a complaint with a data protection supervisory authority if you believe that personal data is processed in violation of data protection law.
Ordinavo uses technical and organizational measures to protect personal data against loss, misuse, unauthorized access and accidental alteration.
Measures may include roles and permissions, tenant context, access controls, encryption, logging, monitoring, backups and secure integration boundaries. The specific measures depend on the operating model.
We may update this privacy policy if Ordinavo, legal requirements, technical processes or integration models change. The version published on this website applies.