guestnex.

Privacy policy

and information on the collection of personal data and legal notice pursuant to Sec. 5 of the German Digital Services Act (DDG) and Sec. 18 of the German Interstate Media Treaty (MStV)

Scope: www.guestnex.com (marketing website)
Last updated: 28 May 2026

Introduction

We are pleased about your visit to our website. The protection of your personal data is important to us. Below we inform you about which data is processed when you use this online offering and what rights you have.

This privacy policy applies exclusively to the marketing website www.guestnex.com. It does not apply to the application at app.guestnex.com; a separate privacy policy applies to its use.

Controller

The controller within the meaning of the GDPR is:

DO.si
Inh. Oliver Nord
Südstraße 111a
33647 Bielefeld, Germany

Data protection officer

Karin Nord
Südstraße 111a
33647 Bielefeld, Germany
on@on-consultant.de

Provider identification pursuant to Sec. 5 DDG and Sec. 18 (2) MStV

The service provider within the meaning of Sec. 5 DDG is the controller named above.
Responsible for content pursuant to Sec. 18 (2) MStV: Oliver Nord, address as above.

General information

Personal data is all data that relates to you personally, e.g. name, e-mail address or your usage behaviour.

Accessing the website (server connection data)

This website is served statically; we do not operate our own log server. When you access the website, our hosting provider Cloudflare (see the "Hosting" section) processes technically necessary connection data, in particular:

Processing serves the functionality, stability and security of the website.

Legal basis: Art. 6 (1) (f) GDPR (legitimate interest in secure, stable provision)
Storage period: processed for a maximum of 24 hours within the Cloudflare network

Hosting (Cloudflare Pages)

We use Cloudflare Pages to provide this website (Cloudflare, Inc., 101 Townsend St, San Francisco, CA 94107, USA). The aforementioned connection data is processed in the course of this.

Legal basis: Art. 6 (1) (f) GDPR
Third country: USA – Cloudflare is certified under the EU-US Data Privacy Framework (see the "Transfers to third countries" section).

Web fonts

We use the typefaces Fraunces, Manrope and IBM Plex Mono self-hosted (via @fontsource). No connection is made to Google Fonts or other third-party providers; no personal data is transmitted to third parties for this purpose.

Analytics (Cloudflare Web Analytics)

We use Cloudflare Web Analytics for anonymised reach measurement. No cookies are set, no information is stored on or read from your device, no personal data is collected and no device fingerprints are created. Only aggregated metrics (page views, referrer, country at country level) are recorded.

As no access to your device takes place, no consent under Sec. 25 TDDDG is required for this.

Legal basis: Art. 6 (1) (f) GDPR (legitimate interest in statistical evaluation)

Demo requests (contact form)

When you submit the demo form, we process the data you provide together with technical accompanying data in order to handle your request and to prevent abuse:

Transmission is encrypted and goes to a serverless function of our processor Supabase, which validates and stores the request and triggers a notification e-mail to us. For sending e-mail we use Resend; in doing so, name, e-mail address, campsite name and any message are transmitted to Resend.

Legal bases:

Storage period: until the request has been handled or until you revoke consent, but at most 6 months for contract initiation, unless statutory retention obligations apply

Recipients / processors

We use carefully selected service providers as processors (Art. 28 GDPR):

No further disclosure of your data to third parties takes place unless we are legally obliged to do so.

Cookies

This website sets no cookies and stores no information on your device that would require consent under Sec. 25 TDDDG. Neither analytics nor marketing/tracking cookies are used; a consent banner is therefore not required.

Transfers to third countries

When using Cloudflare and Resend, personal data may be processed in the USA. The transfer is safeguarded by:

No automated decision-making

No automated decision-making, including profiling, within the meaning of Art. 22 GDPR takes place.

Your rights

You have the following rights:

Objection and withdrawal

Insofar as we process data on the basis of legitimate interests (Art. 6 (1) (f) GDPR), you may object at any time on grounds relating to your particular situation (Art. 21 GDPR). You may withdraw consent given at any time with effect for the future; the lawfulness of processing carried out before withdrawal remains unaffected.

Status

This privacy policy is dated 28 May 2026 and will be amended if changes to data processing or to the legal situation require it.