Website Privacy Policy

This Website Privacy Policy explains how Quivena collects, uses, and shares personal data when you visit the public website and landing pages. It applies to browser-based interactions only and is separate from the in-app privacy notice for the Quivena mobile application.

The website is operated by Christoph Labestin. If you have questions about this Policy or your personal data, contact mail@quivena.app or write to Christoph Labestin, Oedwieser Weg 7, 84082 Laberweinting, Germany.

This website is intended for users aged 18 and over. We do not knowingly collect personal data from children through the website.

This Policy applies to pages served at quivena.app and related landing pages, waitlist forms, contact forms, invite registration pages, and public share pages made available through the website.

Personal data means any information that can identify you directly or indirectly, such as name, email address, IP address, device identifiers, or account-linked metadata.

Processing means any operation performed on personal data, including collection, storage, use, disclosure, or deletion.

We collect only the information needed to operate the website, respond to requests, measure optional traffic analytics, and maintain security.

Data you provide directly may include:

• name
• email address
• message contents submitted through contact forms
• waitlist or update signup information
• invite or registration data you voluntarily submit
• optional feedback or survey responses

Information collected automatically may include:

• IP address
• request timestamps
• requested URLs
• response status codes
• device type
• browser and operating system information
• approximate location derived from IP address
• consent status
• website interaction data, but only where analytics consent has been given

When you open a public share page, we also process the standard request and delivery data needed to show that page and may display content that another Quivena user intentionally shared through a valid link or code.

We use technically necessary browser storage to remember your consent choices and to provide basic site functionality.

The landing page stores your consent status locally under quivena_cookie_consent so your choice can be respected across visits.

If you allow functional storage, the site may store your language preference under quivena_locale.

If you allow analytics, the site may additionally store attribution information under quivena_attribution and may load configured analytics tools such as Google Analytics 4 and Microsoft Clarity.

Non-essential cookies or comparable trackers are not activated until you provide consent through the cookie banner or settings modal.

You can change your choice at any time through Cookie settings in the footer.

We process website data to:

• provide and secure the website
• respond to inquiries and operational requests
• manage waitlist, invite, or update signups
• deliver public share pages requested through valid links
• understand website performance and usage trends, but only where analytics consent exists
• prevent abuse, fraud, and technical attacks
• comply with legal obligations and protect legal claims

Where GDPR applies, we rely on one or more of the following legal bases:

• consent, for optional analytics cookies and optional communications
• legitimate interests, for security, stability, abuse prevention, and core website administration
• contract or pre-contractual steps, where you request information, registration, or communications from us
• legal obligation, where retention or disclosure is required by law

We do not sell personal data.

We may share data with:

• hosting and infrastructure providers
• analytics providers, only after consent where required
• email or communication providers where necessary to deliver requested messages
• service providers helping us operate the website
• authorities or other recipients where disclosure is required by law or necessary to defend legal rights
• a successor entity in the context of a merger, acquisition, restructuring, or asset sale, subject to applicable law

Depending on the providers used, website data may be processed outside your country of residence.

Where legally required, we rely on appropriate transfer safeguards such as Standard Contractual Clauses or equivalent lawful mechanisms.

We keep personal data only as long as necessary for the purposes described in this Policy, including legal, accounting, security, and documentation requirements.

Typical retention logic includes:

• contact requests: for the duration needed to answer and follow up appropriately
• waitlist and invite data: until the request is fulfilled, withdrawn, deleted on request, or no longer needed
• logs and security events: for limited operational and security periods
• analytics and provider-side data: according to configured retention periods of the relevant tool, where consent has been given

Depending on your jurisdiction, you may have rights to:

• request access to your personal data
• request correction of inaccurate data
• request deletion
• request restriction of processing
• object to certain processing
• withdraw consent for future processing
• request portability of certain data
• lodge a complaint with a competent supervisory authority

To exercise rights or make a privacy request, contact mail@quivena.app.

We use reasonable technical and organisational measures to protect personal data, including encrypted transport, access controls, and operational security measures. No internet-based system can be guaranteed completely secure.

We may update this Website Privacy Policy from time to time. The version published on this page is the current version. Material changes may also be highlighted through the website where appropriate.

For privacy questions or requests, contact:

Christoph Labestin Oedwieser Weg 7 84082 Laberweinting Germany mail@quivena.app