DATA POLICY
USING OUR MOBILE APP:
1 Information about the collection of personal data
1.1 In addition to our online offer, we also offer a mobile app that you can download to your smartphone. We tell you below how we collect personal data when you use our mobile app. Personal data are all data that relate to you personally, e.g. your name, address, email addresses and user behaviour.
1.2 The controller pursuant to Art. 4 (7) of the EU General Data Protection Regulation (GDPR) is
Gartner und Staudt GmbH
Lindenstraße 9-11
67433 Neustadt
Commercial register: Ludwigshafen am Rhein local court, HRB 67311
Telephone: +49 (0)6321 / 9540707
email: info@heat-mvmnt.de
See Legal Notice
1.3 When you make contact with us by email or using a contact form, we will store your email address and, if you have given them, your name and your telephone number, so that we can answer your questions. We will erase the data obtained in connection with this when we no longer need to store them, or – if we have a statutory duty to keep them – will restrict the processing of such data.
1.4 If we engage service providers to perform particular functions of our website or wish to use your data for advertising purposes, we will inform you in detail below of the relevant processes. We also set out the defined criteria for the storage period.
2. Your rights
2.1 You have the following rights in respect of our treatment of the personal data concerning you:
– right of access
– right to rectification or erasure
– right to restriction of processing
– right to object to processing
– right to data portability
2.2 You also have the right to lodge a complaint with a data protection supervisory authority about how your personal data are processed in our company.
3. Collection of personal data when you use our mobile app
3.1 When you download the mobile app, the information required will be sent to the App Store. This includes in particular your user name, email address and customer account number, the time of the download, payment information and the individual device code. We do not have any influence on and are not responsible for this data collection. We only process the data to the extent necessary for you to download the mobile app to your device.
3.2 When you use the mobile app, we collect the personal data described below in order to make the functions easier to use. If you wish to use our mobile app, we will collect the following data because we need them for technical reasons in order to offer the functions of our mobile app and ensure its stability and security (the legal basis is point (f) of Art. 6(1) GDPR):
– your IP address
– the date and time of your request
– the time zone difference from Greenwich Mean Time (GMT)
– the content of the request (specific page)
– the access status/HTTP status code
– the data quantity transmitted
– the website from which the request came
– your browser
– your operating system and its interface
– the language and version of the browser software
3.3 We also need your device code, the unique number of your device (IMEI = International Mobile Equipment Identity), your unique network subscriber number (IMSI = International Mobile Subscriber Identity), your mobile number (MSISDN), the MAC address for WLAN use, the name of your mobile device and your email address.
3.4 The mobile app does not install any cookies.
Instead of cookies, we use technology that has comparable functionality.
The mobile app will be loaded on your mobile device and can be used even without access to the internet. No personal data will be collected when you use it.
3.5 For advertising purposes we use what is known as the Advertising Identifier (IDFA). This is a unique but non-personalised and non-permanent identification number for a particular device and is provided by iOS. The data collected via the IDFA will not be associated with other device-related information. We use the IDFA to provide advertising that is tailored to you and to analyse your use. If you enable the “No Ad Tracking” option in the iOS settings under “Privacy” – “Advertising”, we will only be able to do the following: measure your interaction with banners by counting the number of times a banner is displayed without being clicked on (“frequency capping”), evaluate the click-through rate, detect “unique users”, take security measures, prevent fraud and perform troubleshooting. You can delete the IDFA in the device settings at any time (“Reset Advertising Identifier”). This creates a new IDFA which will not be associated with the data collected previously. Please note that restricting the use of the IDFA may result in you being unable to use all the functions of our app.
4. Use of measurement methods of OneSignal Inc.
To enable use to analyse the use of our app and keep improving it, we use the measurement method of OneSignal Inc. (https://onesignal.com) on the legal basis of point (f) of Art. 6(1) GDPR. The purpose of reach measurement is to statistically determine the intensity of use, the number of users of an application and their user behaviour – based on a uniform standard method – and thereby to obtain figures that can be compared across different markets.
4.1 Data processing
OneSignal Inc. collects and processes data in accordance with German data protection legislation. Technical and organisational measures are taken to ensure that individual users cannot be identified at any time. Data that may allow association with a particular identifiable person are anonymised at the earliest possible stage.
4.1.1 Anonymisation of the IP address
On the internet every device needs a unique address, known as the IP address, in order to transfer data. Because of how the internet works, it is technically essential for the IP address to be stored at least momentarily. The IP addresses are shortened before any processing and only continue to be processed in anonymised form. The unshortened IP addresses are not stored or processed.
4.1.2 Geolocation to federal state/regional level
Geolocation, that is the assignment of a usage event to the place it is executed, is performed solely on the basis of the anonymised IP address and only down to the geographical level of the federal state or region. The geographical information obtained in that way cannot under any circumstances be used to determine a user’s actual place of residence.
4.1.3 Identification number of the device
To recognise devices, reach measurement uses unique identifiers of the device which are only ever transmitted in anonymised form or an anonymous signature which is created from various automatically transmitted pieces of information about your device.
4.1.4 Login identifier
To measure distributed use (use of a service by different devices), the user ID can be transmitted to OneSignal Inc. on login, if any, as an anonymised checksum.
4.2 Erasure
The stored usage events will be erased after no more than seven months. Further information about data protection in the measurement method can be found on the website of OneSignal Inc. (https://onesignal.com/privacy_policy), which operates the measurement method.
If you do not want to take part in the measurement, you can object here
(2) We use the Scalable Central Measuring (SCM) system in order to analyse the use of our mobile app and keep improving it. The statistics obtained enable us to improve what we offer and make it more interesting for users. The legal basis for the use of the SCM system is point (f) of Art. 6(1) GDPR.