Terms of Use
Last updated: June 2026
This is an English courtesy translation. The German version is the legally binding version.
§ 1 Contracting parties and scope
1.1 These terms of use govern the use of the mobile application named D.Code (the "App" or "D.Code").
1.2 The provider is
Wienold-IT UG (haftungsbeschränkt)
Managing Director: Michael Wienold, Diplom-Verwaltungswirt (FH)
Ziegelbrennerstraße 29 · 31157 Sarstedt · Germany
E-mail: info@wienold-it.de · Phone: +49 1525 3418541
HRB 209964 · Amtsgericht Hildesheim · VAT ID: DE454282966
(the "Wienold-IT" or "we").
1.3 These terms of use apply to all users (the "User") of the D.Code app (Android and iOS).
1.4 By first using the app, the User agrees to these terms of use in their then-current version.
1.5 Deviating or conflicting terms of the User do not become part of the contract unless Wienold-IT expressly agrees to their application in text form.
§ 2 Description of services
2.1 D.Code is an offline authenticator vault for two-factor codes (TOTP/HOTP) as well as a universal QR and barcode scanner and code generator. The app runs entirely locally on the User's device.
2.2 D.Code works without an account, without a server and without a cloud. There is no server-side storage or synchronisation by Wienold-IT. Details of data processing are set out in the Privacy Policy.
2.3 D.Code is a technical aid. Wienold-IT gives no warranty as to the correctness, completeness, standards-compliance or compatibility of the generated or detected codes with third-party services or devices.
2.4 D.Code does not replace the official recovery mechanisms of the respective services. The User is required to keep the recovery codes (backup codes) provided by their 2FA providers safe, additionally and independently of D.Code.
2.5 The feature set is divided into a free tier (Free) and a paid one-time purchase (D.Code Lifetime). The current scope is described at decode.wienold-it.de. Wienold-IT reserves the right to further develop the feature set (cf. § 9).
§ 3 Local data storage – no servers, no recovery by us
3.1 All of the User's data is stored exclusively locally on their device. There is no server-side service through which Wienold-IT could back up, restore or view data.
3.2 It follows that: in the event of loss, defect, theft, resetting of the device, deletion of the app data or uninstallation of the app, all locally stored data – in particular the 2FA accounts – is irretrievably lost, unless the User has previously created and securely stored an encrypted vault backup themselves. Wienold-IT cannot restore this data.
3.3 Creating and securely storing backups, as well as the passphrases required to decrypt them, is the sole responsibility of the User.
§ 4 Particular sensitivity of the data – User's duties of care
⚠ 2FA secrets are highly sensitive security data. Anyone who gains access to a stored or exported TOTP/HOTP secret can take over the two-factor authentication of the affected accounts and thereby potentially access the User's online accounts (e.g. e-mail, banking, cloud, social networks).
4.1 The User is aware of the special need to protect the data managed in D.Code and handles it responsibly and carefully.
4.2 In particular, the User is responsible for:
- securing their device (device lock, up-to-date operating system, protection against malware),
- choosing a strong app PIN and keeping it secret,
- enabling the protection mechanisms offered (PIN, biometrics, auto-lock),
- securely storing exported files and backups as well as the associated passphrases.
4.3 Export and sharing: D.Code allows codes and accounts to be exported as an image or document file (PNG/SVG/PDF), as an otpauth:// or migration QR, or as an encrypted vault backup, and these files to be shared via channels chosen by the User (operating-system share dialog, messengers, third-party cloud storage, e-mail, etc.). These actions are triggered exclusively by the User.
4.4 Once data leaves the app through export or sharing, it is outside the protected scope of D.Code. The User alone is responsible for each export, its storage, disclosure, sharing and whereabouts. In particular, a 2FA secret exported as an image or in unencrypted form can be read out and misused by third parties.
4.5 Wienold-IT strongly recommends never exporting or sharing 2FA secrets unencrypted, never storing them with third-party services (cloud, chat, photo gallery), and always using a strong, separately stored passphrase for backups.
4.6 Wienold-IT has no access to the User's data and cannot assist with, block or restore data in the event of loss, compromise or accidental disclosure.
§ 5 Limitation of liability – software
5.1 D.Code is provided "as is". Wienold-IT gives no warranty that the app is error-free, continuously available or free of security vulnerabilities.
5.2 Subject to § 5.3, Wienold-IT is not liable for:
- errors, crashes or data loss in the app,
- the loss of locally stored data (in particular the 2FA accounts) due to device defect, device loss, resetting, updates, uninstallation or operating errors,
- incorrectly generated, detected or interpreted codes,
- incompatibilities of the app with certain devices, operating systems or third-party applications,
- damage arising from the User's handling of their data – in particular through export, storage, disclosure or sharing of codes, accounts or backups (cf. § 4),
- damage caused by unauthorised access by third parties to the User's device or to data exported by the User.
5.3 The above limitations of liability do not apply where Wienold-IT is responsible for damage caused by intent or gross negligence, in the case of a breach of essential contractual obligations (cardinal obligations), for damage arising from injury to life, body or health, or within the scope of the German Product Liability Act (Produkthaftungsgesetz). In the case of merely negligent breach of essential contractual obligations, liability is limited to the foreseeable damage typical for the contract.
§ 6 Limitation of liability – security and user behaviour
6.1 Wienold-IT takes security measures that are reasonable according to the state of the art (including local encryption, hardware-backed Keystore/Keychain storage, PIN and biometric protection). However, no software can guarantee absolute security; complete protection against security vulnerabilities, malware on the device, attacks by third parties or weaknesses that only become known in the future is technically impossible.
6.2 To the extent legally permissible, claims against Wienold-IT arising from
- (a) malfunctions, defects or failures of the software,
- (b) security vulnerabilities of the software or their exploitation by third parties, and
- (c) the User's behaviour in handling the software and their data (in particular export, sharing, storage and disclosure)
are excluded.
6.3 The statutory mandatory liability cases referred to in § 5.3 also remain unaffected here.
6.4 The User uses D.Code at their own risk and on their own responsibility.
§ 7 User obligations and prohibited use
7.1 The User is obliged to observe applicable law and the rights of third parties when using D.Code.
7.2 In particular, it is prohibited to use the app for unlawful purposes, to circumvent or manipulate its security mechanisms, or to reverse-engineer the app beyond the legally permitted extent.
§ 8 Prices, in-app purchases and minimum age
8.1 D.Code is available in a free tier (Free) and as a paid one-time in-app purchase (D.Code Lifetime). Current prices are shown at decode.wienold-it.de/#pricing. D.Code contains no subscriptions and no advertising.
8.2 Purchases are processed exclusively via the respective app store operator (Apple App Store, Google Play), whose terms additionally apply. Refunds are governed by the refund policies of the respective app store operator; statutory rights of withdrawal remain unaffected.
8.3 The Lifetime purchase entitles the User to permanent use of the local features included at the time of purchase. It does not give rise to any claim to server-side services (none are offered) and is not transferable to other user accounts.
8.4 In-app purchases by minors require the consent of their legal guardian.
§ 9 Reservation of changes and updates
9.1 Wienold-IT reserves the right to further develop, expand, change or discontinue the feature set of the app or individual features. No particular availability of the app in the app stores and no particular update frequency is promised.
9.2 Wienold-IT reserves the right to amend these terms of use with effect for the future, insofar as this is necessary and does not unreasonably disadvantage the User. The current version is available at this address.
§ 10 Applicable law and place of jurisdiction
10.1 The law of the Federal Republic of Germany applies, excluding the UN Convention on Contracts for the International Sale of Goods (CISG).
10.2 For consumers within the meaning of § 13 of the German Civil Code (BGB), mandatory consumer-protection provisions of their country of residence remain unaffected.
10.3 The place of jurisdiction for disputes with Users who are merchants, legal entities under public law or special funds under public law is Hildesheim.
10.4 The European Commission provides a platform for online dispute resolution at https://ec.europa.eu/consumers/odr. Wienold-IT is not obliged to participate in dispute-resolution proceedings before a consumer arbitration board and does not do so.
§ 11 Miscellaneous
11.1 Should individual provisions of these terms of use be or become wholly or partially invalid, this does not affect the validity of the remaining provisions.
11.2 There are no verbal side agreements. Amendments and additions require text form.
Wienold-IT UG (haftungsbeschränkt) · Sarstedt · Last updated: June 2026
