CODECRASH

Privacy Policy

Last updated: January 2026

This is an informative translation. The legally binding version is the German original.

1. Data Controller

The data controller responsible for data processing on this website is:

OH-SO Digital GmbH

Kaiser-Wilhelm-Straße 83

20355 Hamburg, Germany

Email: hi@oh-so.com

2. Data Collection and Processing

Technical Data

When you visit our website, the following technical data is automatically collected and transmitted by your browser:

  • IP address (anonymized)
  • Date and time of access
  • Pages visited
  • Browser type and version
  • Operating system
  • Referrer URL
  • Amount of data transferred

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in the technical operation of the website).

Authentication

We use LinkedIn OAuth for login. During this process, your first name, last name, email address, and profile picture are transmitted from LinkedIn and stored in our database. An httpOnly session cookie (cc_session) containing a signed JWT token is set.

Legal basis: Art. 6(1)(b) GDPR (performance of a contract).

Newsletter

When you subscribe to our newsletter, we collect your email address using a double opt-in process. Emails are sent via Resend. You may unsubscribe at any time.

Legal basis: Art. 6(1)(a) GDPR (consent).

AI-Powered Chat

The CODE CRASH Chat uses the Anthropic API to process messages. Your chat messages are transmitted to Anthropic and processed in accordance with their privacy policy. We store chat histories in our database to provide the service.

Legal basis: Art. 6(1)(b) GDPR (performance of a contract) and Art. 6(1)(f) GDPR (legitimate interest in providing the service).

3. Cookies and Local Storage

This website exclusively uses technically necessary cookies and local storage entries. We do not use tracking, analytics, or marketing cookies.

The following cookies and local storage entries are used:

  • cc_session (Cookie, httpOnly) — Session cookie for authentication after login via LinkedIn OAuth. Contains a signed JWT token. Deleted when the browser session ends.
  • cc_cookie_consent (Local Storage) — Stores your cookie preference (accepted/declined) and the time of your choice. This data remains on your device and is not transmitted to our servers.

Since we exclusively use technically necessary cookies, consent under Art. 5(3) of the ePrivacy Directive / § 25 TTDSG is not legally required. Nevertheless, we inform you transparently and offer you the option to manage your settings via the panel above at any time.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in providing a functional website).

4. Your Rights

You have the following rights regarding your personal data:

  • Right of access (Art. 15 GDPR)
  • Right to rectification (Art. 16 GDPR)
  • Right to erasure (Art. 17 GDPR)
  • Right to restriction of processing (Art. 18 GDPR)
  • Right to data portability (Art. 20 GDPR)
  • Right to object (Art. 21 GDPR)
  • Right to withdraw consent (Art. 7(3) GDPR)

To exercise your rights, please contact: hi@oh-so.com

You also have the right to lodge a complaint with a data protection supervisory authority about our processing of your personal data.

5. Hosting

This website is hosted by Vercel Inc., 440 N Barranca Ave #4133, Covina, CA 91723, USA. Data transfers to the USA are based on EU Standard Contractual Clauses.

6. Data Protection Officer

Our Data Protection Officer is Hannes Oenning, WPP Deutschland Holding GmbH & Co. KG, Darmstädter Landstraße 112, 60598 Frankfurt am Main, Germany. Email: dsb@wpp.com.

7. Changes

We reserve the right to update this privacy policy to ensure it always complies with current legal requirements. The most current version can always be found on this page.