Privacy Policy

Last updated: 06.06.2026
This privacy policy informs you about the nature, scope and purpose of the processing of personal data on our website.

1. Data Controller

The data controller responsible for processing on this website is:

Benedict Noah Mehlmann
Auerbachweg 1/1
77933 Lahr
Germany

Email: benedict.mehlmann@kodo-leads.com
Phone: 01782683297

2. Collection of General Information

When you visit our website, general information is automatically collected. This information (server log files) includes, for example, the type of web browser, the operating system used, the domain name of your internet service provider, and similar data.

This data is not personal in any way and is only used to:

  • deliver the content of our website correctly
  • ensure the functionality of our IT systems
  • inform law enforcement authorities in the event of cyberattacks

3. Registration and User Account

When you register for our service, we collect the following personal data:

  • Name and email address
  • Password (stored encrypted)
  • Time of registration
  • IP address at the time of registration

Legal basis: Art. 6 (1) (b) GDPR (performance of a contract)

4. Lead Generation Service

Our service enables you to find and analyse B2B contact data. In doing so, we process:

  • Your search queries and search criteria
  • Stored and exported company data
  • Usage statistics and history
  • API usage data

Purpose: Provision of the Lead Generation Service
Legal basis: Art. 6 (1) (b) GDPR (performance of a contract)

5. External Services

5.1 Hunter.io API

For email verification and contact data lookup we use the Hunter.io service. Domain names are transmitted to Hunter.io for this purpose. Privacy Policy: https://hunter.io/privacy-policy

5.2 OpenAI Services

For AI-based analysis and tagging of company data we use OpenAI services. Anonymised company data is transmitted for analysis. Privacy Policy: https://openai.com/privacy/

6. Cookies & Einwilligung

Our website uses cookies in three categories. On your first visit, you decide via our cookie banner which categories you allow. Your choice is stored in localStorage. Statistics and marketing cookies are only set AFTER you have given your explicit consent (TTDSG §25, GDPR Art. 6 (1) (a)).

  • Required (always active): session, security cookies (CSRF protection), cookie preference storage. Legal basis: Art. 6 (1) (f) GDPR (legitimate interest in operating the website).
  • Statistics (opt-in): Google Tag Manager / Google Analytics for anonymous usage statistics (page views, click paths, duration). See section 6b.
  • Marketing (opt-in): conversion tracking and remarketing pixels (e.g. Google Ads, optionally LinkedIn Insight Tag). Only become active when the corresponding tags are configured in Google Tag Manager and you have consented.

Change your choice: . You can withdraw your consent at any time.

6b. Google Tag Manager & Google Analytics

We use Google Tag Manager (provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) to centrally manage tracking tags. Tag Manager itself does not set tracking cookies, but loads other services — in particular Google Analytics. We implement Google Consent Mode v2: until you give your consent, all tracking-relevant storage categories are set to denied, so no analytics or marketing cookies are written.

Google Analytics processes your IP address (anonymised), device information and interactions with our website when statistics consent is active. The legal basis is your consent (Art. 6 (1) (a) GDPR, §25 TTDSG). Data may be transferred to the USA (Standard Contractual Clauses under Art. 46 GDPR).

More information: Google Privacy Policy. Opt-out for Google Analytics (browser add-on): tools.google.com/dlpage/gaoptout.

7. Your Rights

You have the following rights regarding your personal data:

  • Right of access (Art. 15 GDPR)
  • Right to rectification (Art. 16 GDPR)
  • Right to erasure (Art. 17 GDPR)
  • Right to restriction (Art. 18 GDPR)
  • Right to data portability (Art. 20 GDPR)
  • Right to object (Art. 21 GDPR)

To exercise your rights, please contact: Benedict Mehlmann

8. Data Storage and Deletion

We store your data only for as long as is necessary to fulfil the purposes or as required by statutory retention periods. User data is deleted within 30 days of account deletion, unless statutory retention obligations require otherwise.

9. Data Security

We use appropriate technical and organisational measures to protect your data against loss, manipulation and unauthorised access. These include SSL encryption, secure servers and regular security updates.

10. Changes to this Privacy Policy

We reserve the right to update this privacy policy in order to adapt it to changes in the law or to changes to the service. You will always find the current version on this page.