Contact Us

If you still have questions or prefer to get help directly from an agent, please submit a request.
We’ll get back to you as soon as possible.

Please fill out the contact form below and we will reply as soon as possible.

  • Knowledge Base MINI
  • Contact us
English (US)
US English (US)
DE German
  • Home
  • Working with orderbird PRO
  • Working
  • Invoices to your guests

How does GDPR affect orderbird PRO customers?

Written by Jens B.

Updated at July 17th, 2025

Contact Us

If you still have questions or prefer to get help directly from an agent, please submit a request.
We’ll get back to you as soon as possible.

Please fill out the contact form below and we will reply as soon as possible.

  • First Steps
    Hello new Bird! About your Apple devices Step 1: How to set up your network Step 2: MY orderbird Step 3: How to install and set up the app Step 4 - How to serve your first guest Step 5 - Card payment with orderbird PRO
  • Working with orderbird PRO
    Working Settings Fiscalization in Austria (RKSV) "Kassensicherungsverordnung" in Germany orderbird PRO - Versions and Updates
  • Card payment
    Your start with card payment with orderbird PRO and Worldline Your start with card payment with orderbird PRO and Nexi Germany Your start with American Express Working with orderbird card payment Pay Terminal Plus (WiFi card reader) Pay Terminal One (Bluetooth card reader) Card payment on the smartphone
  • Analyze your sales
    Reports on orderbird PRO The DATEV export Reports on MY orderbird
  • Printer & Network
    Printer Network
  • Expand your orderbird PRO
    orderbird PRO Cashbook orderbird Gift Cards Bestellmanagement
  • MY orderbird - Your orderbird business account
    Your account settings on MY orderbird
+ More

Table of Contents

The Data Processing Addendum (DPA) What do I have to do? What happens if I do not sign the data processing addendum or do not sign it in time? My business is located in Switzerland. Am I affected by the GDPR? What exactly does the GDPR say? What data does orderbird store? The EU-US Privacy Shield What does this mean for your business relationship with orderbird?

From 25 May 2018 on, a new regulation to protect the personal data of European citizens will apply: the general data protection regulation (GDPR). Under GDPR, you are obligated to ensure that the personal data of your EU-employees and your EU-guests (e.g. name, address, telephone numbers) that you process is protected in accordance with GDPR.

The Data Processing Addendum (DPA)

When using the orderbird app and my.orderbird.com, orderbird stores and processes personal data about you and, to a degree, your employees and guests. For this reason, the law provides that you, as a business owner, sign a data processing addendum (DPA) with orderbird.

What do I have to do?

Please download the data processing addendum (DPA), fill it in, sign it and mail it back to us:

Download DPA (AVV)

The DPA regulates in detail which data we collect for the delivery of our services (orderbird App and my.orderbird.com), how we process the data and how we protect your data against unauthorized access.

You can fill out and sign the DPA directly on your computer.

  1. Download the DPA.
  2. Open the file with Adobe Acrobat Reader. You can download the program online free of charge.
  3. Enter your data into the document and sign it digitally. Here you can find instructions: "Fill and sign PDF forms".
  4. Save the completed contract on your computer and send your saved version by e-mail to help@orderbird.com.

-OR-

Alternatively, you can print out the DPA, fill it out, scan it and send it to us by email.

What happens if I do not sign the data processing addendum or do not sign it in time?

You can still use the orderbird app and my.orderbird.com without any restrictions. Since you are a business owner yourself, however, you are obligated to sign a DPA with us, since we also process a certain amount of data of your guests and your employees. You are the responsible party for signing the DPA in time. The penalties for non-compliance are high: In the event of non-compliance, entrepreneurs pay up to 4% of their total turnover or €20 million.

My business is located in Switzerland. Am I affected by the GDPR?

Yes, you are! Because you never know when an EU citizen might visit your business.

What exactly does the GDPR say?

In short: This Regulation ensures that certain rules are respected in the processing of personal data of EU citizens. For example, the processing of personal data must be transparent and bound to a purpose.

You can find the full text of the GDPR here. 

What data does orderbird store?

  • Your sales data will be stored for 10 years, according to the legal retention period.
  • Your personal data as well as personal data of your employees and, if applicable, data of your customers (for example name, company name, customer number, address) as well as communication data (for example e-mail address, telephone number) and contract billing and payment data are processed.
  • All actions in your cash register that are logged according to GoBD requirements are saved. This includes, for example, information about who opened or closed a shift and when they did it, who booked or cancelled which items, etc.
  • Your data is protected against unauthorized access.
  • Only companies with whom we cooperate have contractually regulated access to your data within the scope of the cooperation. They handle your data as confidentially as we do!

The EU-US Privacy Shield

On 16 July 2020, the European Court of Justice (ECJ) declared the EU-US Privacy Shield ineffective.

What does this mean for your business relationship with orderbird?

Basically we do not use any providers or subcontractors from non-EU countries for our services: All orderbird servers used for orderbird services are located in Germany.

Internally, we currently use software in our daily work that is offered by providers from so-called third countries and that are subject to the EU-US Privacy Shield Agreement. We are currently investigating whether, after the Privacy Shield Agreement has expired, cooperation with these providers will be subject to other guarantees according to Art. 44 ff. GDPR after the abolition of the Privacy Shield Agreement. This examination will take some time since it will not only concern the providers themselves but also any subcontractors they may use.

Should the examination reveal that another guarantee for the security of data processing as standardized in Art. 44 ff. GDPR cannot be used or implemented, we will terminate our cooperation with these providers.

orderbird gdpr

Was this article helpful?

Yes
No
Give feedback about this article

Related Articles

  • How long does a voucher have to be valid?
  • How can I provide individual pages of my cash book to my tax advisor or for a financial audit?
  • Step 2: Obtain all access data for FinanzOnline.at
  • What information must be included on a handwritten invoice to be RKSV-konform?
  • How to prepare for the KassenSichV 2020 now
030 208 983 098

About orderbird

With over 17,000 customers — restaurants, cafés, bars, clubs, and beer gardens — orderbird is one of the leading Point of Sales systems for the hospitality industry in Europe. With the mobile POS system orderbird MINI, orderbird also offers a smart cash register solution for service providers, retailers, mobile hospitality, and the crafts.

orderbird was founded in 2011 and today employs more than 120 people.

Address

orderbird GmbH
Ritterstraße 12
D-10969 Berlin
Phone: 030 208 983 098

Opening hours

Monday: 09:00 - 18:00
Tuesday: 09:00 - 18:00
Wednesday: 09:00 - 18:00
Thursday: 09:00 - 18:00
Friday: 09:00 - 18:00
Saturday: Closed (except emergency support)
Sunday: Closed (except for emergency support)

© 2026 orderbird GmbH
  • Imprint
  • Privacy Policy
  • Legal Notice
Expand