Our sales / service apps, mobile field service solutions to increase sales and service success, are today a powerful basis for manufacturers and retailers to accelerate sales and service processes and to control them more cost-effectively and precisely. In order to be able to make this range of services available to our users or to be able to adapt our services to your individual needs, we need different information / personal data.
When collecting and processing this data, blue-zone GmbH of course complies with the legal requirements and principles of the European General Data Protection Regulation (GDPR for short). In the following we inform you about the processing of your personal data when using our software. Personal data are all data that can be related to you personally, e.g. B. Name, address, e-mail addresses and user behavior.
2. Contact details of the data protection officer
You can contact our data protection officer using the following contact details:
Data protection doctor Rechtsanwaltsgesellschaft mbH
3. Contact by email / phone / contact form / post
(1) When you contact us, the data you provide, such as the general contact information of your company and the contact details of your employee, will be stored and used by us in order to be able to answer your request.
(2) We delete the data arising in this context after it is no longer necessary to store it, or – in the case of statutory retention requirements – we limit the processing of this data until it is finally deleted.
The legal basis for this data processing is – depending on the reason for your establishment of contact – the permissibility of the processing within the framework of the initiation / processing or fulfillment of a contract in accordance with. Art. 6 Paragraph 1 S. 1 b) or our legitimate interest in providing a communication channel for general inquiries in accordance with Art. Art. 6 Paragraph 1 S. 1 f) GDPR.
(3) We point out that an email is not necessarily sufficiently secure. Therefore, please do not send us any confidential information / data by e-mail, but rather choose the post or use the contact form on the homepage. Please understand that we accept no liability for unsolicited data / emails.
4. Processing of personal data when downloading our software
(1) When downloading our software via an app store, the information required for the download, in particular the user name, email address and customer number of your account, the time of the download and the individual device code, are transferred to the respective app store and processed by it. We have no influence on this data processing and therefore cannot accept any responsibility for the extent and duration of data usage. For more information, please contact the operator of the relevant app store. In this case, we only save and use the data collected to the extent that it is technically necessary for downloading the software to your device.
(2) When downloading the software via a cloud platform, the information required for this, such as your IP address or the time of the download, is transmitted to the respective cloud platform and processed by it. We have no influence on this data processing and therefore cannot accept any responsibility for the extent and duration of data usage. For further information, please contact the operator of the cloud platform.
5. Processing of personal data when using the software
(1) When using our software, our software collects and processes personal data in order to be able to create a personal account with the help of your entries. In particular, the user’s first name, surname, street, zip code, city, telephone, email address and date of birth, which are requested by the software when registering and creating your user profile, are saved and processed. This data is processed by us or the hosting provider to enable you to conveniently use all functions and contents of the software.
The legal basis for this data processing is the permissibility of processing within the framework of the initiation / processing or fulfillment of a contract in accordance with. Art. 6 Abs. 1 S. 1 b) GDPR, your consent according to. Art. 6 Para. 1 S. 1 a) GDPR and / or our or the legitimate interest of the hosting provider acc. Art. 6 para. 1 sentence 1 f) GDPR to enable you to conveniently use all functions and contents of the software.
(2) When using our software, our software collects and processes the personal data that you store in your personal account. In particular, the user’s first name, surname, street, zip code, city, telephone, email address and date of birth are stored and processed. This information can be expanded on a project-related basis and can / must then also be entered by the user. This data is processed by us or the hosting provider to enable you to conveniently use all functions and contents of the software.
You can always view your personal data stored in the software in your own user account and adjust it if necessary.
The legal basis for this data processing is the permissibility of processing within the framework of the initiation / processing or fulfillment of a contract in accordance with. Art. 6 Abs. 1 S. 1 b) GDPR, your consent according to. Art. 6 para. 1 sentence 1 a) GDPR and / or the legitimate interest of the hosting provider acc. Art. 6 para. 1 sentence 1 f) GDPR to provide you with the functions of the software.
(3) Our software only collects personal data that is necessary for the software to function properly. As a result, it may unfortunately not be possible to delete individual personal data in your account. However, you are of course free at any time to completely delete your existing account and all personal data stored for this purpose, unless we or the hosting provider are obliged to store them for other legal reasons or are authorized for a limited period.
(4) The collection of the following data is technically necessary in order to be able to offer you the functions of our software or to guarantee comprehensive stability and security.
- IP address
- Date and time of the request and the logins
- Time zone difference to Greenwich Mean Time (GMT)
- Content of the request
- Access status / HTTP status code
- Operating system and its interface
- Language and version of the browser software
The legal basis for this data processing is the permissibility of processing within the framework of the initiation / processing or fulfillment of a contract in accordance with. Art. 6 Abs. 1 S. 1 b) GDPR, your consent according to. Art. 6 para. 1 sentence 1 a) GDPR and / or our or the legitimate interest of the hosting provider acc. Art. 6 para. 1 sentence 1 f) GDPR to ensure the security and stability of our software for the individual user.
(5) For the purpose of operating the software, for the purpose of providing support services and thus other services such as infrastructure and platform services, computing capacities, storage space and database services, security services and technical maintenance services, it is necessary that hosting services used by third party providers. We or the hosting provider process in particular inventory data, contact data, content data, contract data, usage data and meta and communication data from users of this app.
The legal basis for this data processing is the permissibility of processing within the framework of the initiation / processing or fulfillment of a contract in accordance with. Art. 6 Abs. 1 S. 1 b) GDPR, your consent according to. Art. 6 para. 1 sentence 1 a) GDPR or the admissibility of processing within the scope of our or the legitimate interest of the hosting provider acc. Art. 6 para. 1 sentence 1 f) GDPR to be able to guarantee efficient and secure operation of the software.
(6) With access to the hosting provider’s server on which our services are located, so-called server log files are recorded by the hosting provider. The access data consists, among other things, of the date and time of the call, the amount of data transferred, the notification of the successful call, the operating system type and version, the operating system of the user and the IP address. We or the hosting provider use this data to display and deliver the content and for statistical purposes.
The legal basis for this data processing is the admissibility within the scope of our or the legitimate interest of the hosting provider in accordance with. Art. 6 para. 1 f) GDPR to be able to use the data to track access to the server and to be able to continuously improve the offer.
(7) We use TrueDepth API technologies (https://support.apple.com/en-us/HT208108) to provide AR functionality within the App. The only use of this information is to enhance the user experience. None of the information collected by the TrueDepth API leaves the device. Neither do we store, process or share this TrueDepth information with third parties.
6. Your rights
(1) You have the following rights towards us with regard to your personal data:
- Right to correction and deletion
- Right to data portability
- Right to restriction of processing
- Right to information
- Right to object to processing
(2) Whether and to what extent these rights exist and / or can be enforced in individual cases and which specific conditions apply, results from the law, in particular from the GDPR and the BDSG-new.
(3) For data processing that takes place on the basis of your consent, you have the right at any time to revoke your consent in accordance with. To revoke Art. 7 Paragraph 3 GDPR with effect for the future. Withdrawing your consent does not affect the legality of the processing carried out on the basis of your consent up to the point of withdrawal. Your revocation can be made to the above-mentioned responsible body.
(4) Insofar as we base the processing of your personal data on the balancing of interests, Art. 6 Para. 1 f) GDPR is the legal basis for the processing. In this case you can object to the processing. When exercising such an objection, we ask you to explain the exact reasons why we should not process your personal data as we have done. In the event of your objection, we will examine the situation and either stop or adapt the data processing or show you our compelling reasons worthy of protection on the basis of which we will continue processing. Your objection can be made to the responsible body mentioned above.
(5) You also have the right to complain to the responsible data protection supervisory authority about the processing of your personal data in our company.
7. Transfers to third countries
Your data will not be passed on to third countries outside the European Union or the European Economic Area.
8. Deletion of data
(1) In accordance with Articles 17 and 18 GDPR, the data processed by us will be deleted or their processing restricted. Unless otherwise expressly stated in this data protection declaration, the data stored by us will be deleted immediately as soon as they are no longer required for their intended purpose and the deletion does not conflict with any statutory retention requirements. In principle, the following minimum storage periods apply to the respective data categories:
- 3 years to the end of the year: contract-relevant data and technical data
- 10 years: Tax and payment relevant data
If the data cannot be deleted because it is required for other legally permissible purposes, its processing will be restricted. If the processing of the data is restricted, it will be blocked and cannot be processed for other purposes. This applies e.g. for data that must be kept for commercial or tax reasons.
(2) Data, the further storage of which is necessary for evidence purposes, are excluded from deletion until the respective incident has been finally clarified.
9. Transmission of data to third parties / categories of recipients
(1) If we disclose data to other persons and companies (contract processors or third parties) during processing, transfer data to them or otherwise grant them access to the data, this is only done on the basis of a legal basis, your consent, insofar as we legally are obliged to do so or on the basis of our legitimate interests. We only pass on your data to government agencies within the framework of legal obligations or on the basis of an official order or court decision and only insofar as this is permissible under data protection law.
(2) If we commission third parties to process data on the basis of a so-called “order processing contract”, this is done on the basis of Art. 28 GDPR.
(3) The following recipients / categories of recipients are fundamentally involved in the processing of the data:
- Banks for the purpose of settling and collecting payment claims
- Tax consultancy for the purpose of tax and / or accounting processing
- Law firm for the purpose of safeguarding legitimate interests and legal advice
- IT service provider in the context of maintenance of our IT system
- Companies for billing purposes
- Hosting provider
- Possibly. Third parties for the purpose of establishing contact (e.g. Microsoft)
10. Data security
(1) In order to protect your personal data against unintentional and unlawful destruction, loss, alteration, unauthorized disclosure, unauthorized access and other unlawful or unauthorized forms of processing under applicable law, we have, in accordance with Art. 32 GDPR, taking into account the status of the Technique, the implementation costs and the type, scope, circumstances and purposes of processing as well as the different probability of occurrence and severity of the risk for the rights and freedoms of natural persons, appropriate technical and organizational security measures have been taken.
(2) Our measures include, in particular, securing the confidentiality, integrity and availability of data by controlling physical access to the data, as well as the access, input, forwarding, ensuring availability and their separation. We have also implemented procedures that ensure the exercise of data subject rights, deletion of data and reaction to data threats. We also consider the protection of your personal data during the development or selection of our hardware, software and processes, in accordance with the principle of data protection through technology design and data protection-friendly default settings (Art. 25 GDPR).
(3) All data is collected directly from the end user when using the app, transmitted to our server via an encrypted HTTPS connection and stored in a correspondingly secured database.
11. Change of the data protection declaration
New legal requirements, business decisions or technical developments may require changes to our data protection declaration. The data protection declaration will then be adapted accordingly. You can always find the latest version in your personal user account, in the app stores or on our homepage.
Last updated: January 2022