This application collects personal data from its users.
Provider and responsible person
Responsible authority in the sense of the data protection laws, in particular the EU data protection basic regulation (DSGVO), is:
Types of data collected
The owner does not provide a list of the personal data collected.
Personal data may be voluntarily provided by the user or, in the case of usage data, automatically collected when this application is used.
Unless otherwise indicated, the provision of all data requested by this application is mandatory. If the user refuses to provide the data, this may result in the application not being able to provide the user with its services. In cases where this application expressly states that the provision of personal data is voluntary, users may choose not to provide such data without any consequences for the availability or functionality of the service.
Users who are unsure as to which personal data are obligatory may contact the provider.
Users are responsible for all third party personal data obtained, published or disclosed through this application and confirm that they have obtained consent for any third party personal data to be disclosed to this application.
Type and location of data processing
The provider processes the user data in an orderly manner and takes appropriate security measures to prevent unauthorised access and transmission, alteration or destruction of data.
The data processing is carried out by means of computers or IT-based systems according to organisational procedures and procedures which are specifically geared to the stated purposes. In addition to the responsible person, other persons could also operate this application internally (personnel administration, sales, marketing, legal department, system administrators) or externally – and in this case as far as necessary, designated by the responsible person as contract processor (such as providers of technical services, delivery companies, hosting providers, IT companies or communication agencies) – and thus have access to the data. An up-to-date list of these parties can be requested from the provider at any time.
Legal basis for processing
The provider may only process personal data of users if one of the following points applies:
- Users have given their consent for one or more specific purposes. Note: In some jurisdictions, the provider may be permitted to process personal data until the user objects to such processing (“opt-out”) without relying on consent or any other of the following legal bases. However, this does not apply if the processing of personal data is subject to European data protection law;
- the data collection is necessary for the fulfilment of a contract with the user and/or for pre-contractual measures resulting therefrom;
- the processing is necessary for the fulfilment of a legal obligation to which the provider is subject;
- the processing relates to a task carried out in the public interest or in the exercise of public authority conferred on the provider;
- processing is necessary to safeguard the legitimate interests of the provider or of a third party.
In any case, the provider will gladly provide information about the specific legal basis on which the processing is based, in particular whether the disclosure of personal data is a legal or contractual obligation or a prerequisite for the conclusion of a contract.
The data will be processed at the Provider’s premises and at all other locations where the parties involved in the data processing are located.
Depending on the location of the user, data transfers may involve the transfer of the user’s data to a country other than the user’s own. To find out more about the place where the transferred data are processed, users may consult the section containing detailed information on the processing of personal data.
Users also have the right to be informed of the legal basis for the transfer of data to a country outside the European Union or to an international organisation governed by international law or established by two or more countries, such as the UN, and of the security measures taken by the provider to protect their data.
If such a transmission takes place, the user can learn more about it by checking the relevant sections of this document or by contacting the provider via the information provided in the contact section.
Personal data shall be processed and stored for as long as is necessary for the purpose for which they were collected.
Therefore, the rule is
- Personal data collected for the purpose of fulfilling a contract concluded between the provider and the user will be stored until the complete fulfilment of this contract.
- Personal data collected to protect the legitimate interests of the provider will be stored for as long as is necessary to fulfill these purposes. Users can obtain more detailed information about the legitimate interests of the provider in the relevant sections of this document or by contacting the provider.
In addition, the provider is permitted to store personal data for a longer period of time if the user has consented to such processing, as long as the consent is not revoked. In addition, the provider may be obliged to store personal data for a longer period of time if this is necessary to fulfill a legal obligation or by order of an authority.
Personal data will be deleted at the end of the retention period. Therefore, the right to information, the right to deletion, the right to rectification and the right to data transfer cannot be exercised after the expiry of the retention period.
Purposes of processing
Personal data about the user is collected so that the provider can provide the services. In addition, data is collected for the following purposes: Sending of messages.
Users can find more detailed information on these processing purposes and on the personal data used for the purpose in question in the relevant sections of this document.
Detailed information on the processing of personal data
Personal data is collected for the following purposes using the following services:
Firebase Cloud Messaging
Firebase Cloud Messaging is a messaging service provided by Google LLC or Google Ireland Limited, depending on the location from which this application is accessed. Firebase Cloud Messaging allows the owner to send messages and notifications to users via platforms such as Android, iOS and the web. Messages can be sent to individual devices, groups of devices, specific topics, or specific user segments.
The rights of users
Users may exercise certain rights in relation to their data processed by the provider.
In particular, users have the right to do the following:
- Withdraw your consent at any time. If the user has previously consented to the processing of personal data, he can revoke his own consent at any time.
- Objection to the processing of their data. The user has the right to object to the processing of his data if the processing takes place on a legal basis other than consent. Further information can be found below.
- Obtain information regarding your data. The user has the right to know whether the data will be processed by the provider, to obtain information on individual aspects of the processing and to receive a copy of the data.
- Verification and rectification. The user has the right to verify the accuracy of his data and to request that it be updated or rectified.
- Limitation of the processing of their data. Users have the right, under certain circumstances, to limit the processing of their data. In this case, the provider will not process the data for any purpose other than storage.
- Deletion or other removal of the personal data. Users have the right, under certain circumstances, to ask the provider to delete their data.
- Receive your data and transfer it to another responsible person. The user has the right to receive his data in a structured, common and machine-readable format and, if technically possible, to have it transmitted unhindered to another responsible person. This provision applies where the data are processed automatically and the processing is based on the user’s consent, on a contract in which the user is a party, or on pre-contractual obligations.
- Submit a complaint. Users have the right to lodge a complaint with the competent supervisory authority.
Details on the right of objection regarding the processing
If personal data are processed in the public interest, in the exercise of a sovereign authority assigned to the provider or to safeguard the legitimate interests of the provider, the user may object to this processing by stating a justification relating to his particular situation.
Users are informed that they may object to the processing of personal data for direct marketing at any time without giving reasons. Users can find out whether the provider processes personal data for direct marketing purposes from the relevant sections of this document.
How the rights can be exercised
All requests to exercise user rights may be addressed to the Provider using the contact details provided in this document. Applications can be exercised free of charge and will be processed by the provider as early as possible, at the latest within one month.
Further information on the collection and processing of data
The User’s personal data may be processed by the Provider for law enforcement purposes within or in preparation for legal proceedings resulting from the failure to properly use this application or the associated services.
The user declares that he is aware that the provider may be obliged by the authorities to disclose personal data.
Further information about the user’s personal data
System logs and maintenance
For operational and maintenance purposes, this application and third-party services may collect files that record the interaction that occurs through this application (system logs) or use other personal data (e.g., IP address) for this purpose.
Information not contained in this privacy statement
Further information about the collection or processing of personal data can be requested from the provider at any time using the contact details provided.
How “Do Not Track” requests are handled
This application does not support “Do Not Track” requests from web browsers.
For information on whether integrated third party services support the non-tracking protocol, users should refer to the privacy statement of the respective service.
The provider reserves the right to make changes to this data protection declaration at any time by informing its users on this page and possibly about this application and/or – as far as technically and legally possible – by sending a message to the users about one of the contact details available to the provider. Users are therefore advised to call up this page regularly and check the date of the last change indicated at the end of the page.
As far as changes concern a data use based on the consent of the user, the provider will – as far as necessary – obtain a new consent.
Definitions and legal notices
Personal data (or data)
Any information by which, directly or in conjunction with other information, the identity of a natural person is or may be determined.
Information that this application (or third party services that this application uses) automatically collects, such as: the IP addresses or domain names of the computers of users using this application, the URI (Uniform Resource Identifier) addresses, the time of the request, the method used to send the request to the server, the size of the response file received, the numeric code that indicates the status of the server response (successful result, error, etc.), and the number of times that the request was sent.), the country of origin, the functions of the browser and operating system used by the user, the various times per call (e.g. how much time was spent on each page of the application) and information about the path followed within an application, in particular the order of pages visited, and other information about the operating system of the device and/or the IT environment of the user.
The person using this application who, unless otherwise specified, agrees with the data subject.
The natural person to whom the personal data refer.
Order processor (or data processor)
Responsible (or provider, partly owner)
The natural or legal person, public authority, agency or other body which alone or jointly with others decides on the purposes and means of the processing of personal data and the means used for that purpose, including the security measures regarding the operation and use relating to that application. Unless otherwise indicated, the controller shall be the natural or legal person through whom this application is offered.
The hardware or software tool with which the personal data of the user is collected and processed.
European Union (or EU)
Unless otherwise indicated, all references in this document to the European Union refer to all current Member States of the European Union and the European Economic Area (EEA).
Questions to the Data Protection Officer
If you have any questions about data protection, please send us an e-mail or contact the person responsible for data protection in our organisation directly:
This privacy statement has been drafted on the basis of provisions of various legislations, including Art. 13/14 of Regulation (EU) 2016/679 (Basic Data Protection Regulation).
Last update: April 13, 2019