Privacy policy
1. Data Protection Statement
We take the protection of your personal data very seriously and treat it confidentially and in accordance with the statutory data protection regulations and this Data Protection Statement. This Data Protection Statement applies to our cellular iPhone and Android app Minutecharts (hereinafter "APP"). It explains the nature, purpose and scope of data collection during APP use. We point out that data transmission over the Internet be exposed to security gaps. A complete protection of the data from access by third parties is not possible.
Controller (responsible entity)
The controller (responsible entity) for data processing within the framework of this APP is:
Appcerto UG (haftungsbeschränkt)
Fuchsweg 4
53125 Bonn
Phone: 01705700819
Email: info@appcerto.de
Website: www.appcerto.de
General storage duration of personal data
Unless otherwise specified or specifically specified in this Data Protection Statement, personal data collected by this APP shall be stored until you request us to delete it, revoke your consent to storage or the purpose for the data storage is no longer applicable. Insofar as there is a statutory obligation to store or any other legally recognized reason for storing the data (e.g. legitimate interest), the personal data concerned shall not be deleted before the respective retention reason ceases to apply.
Legal basis for the storage of personal data
The processing of personal data is only permitted insofar as there is an effective legal basis for the processing of such data. Insofar as we process your data, this is done regularly on the basis of your consent pursuant to Art. 6 (1) lit. a GDPR (for example, insofar as your data is provided voluntarily in the registration form or within the framework of the contact form), for the purpose of fulfilling the contract in accordance with Article 6 (1) lit. b GDPR (e.g. when using in-app purchases or the use of other fee-based APP functions) or due to legitimate interests pursuant to Art. 6 (1) lit. f GDPR, which are always weighed taking your interests into consideration (for example in the context of advertising campaigns). The Relevant legal bases may be specified in a separate provision within the framework of this Data Protection Statement.
Encryption
This APP uses AES 256 bit standard encryption from Cloud Firestore on the server side for security reasons and to protect all content stored in the server database. To protect your data during transmission over the Internet, we use Transport Layer Security (HTTPS) for read and write operations. This encryption prevents the data you transmit from being read by unauthorized third parties.
Change of this Data Protection Statement
We reserve the right to change these Data Protection Provisions at any time in accordance with statutory requirements.
2. Your rights
Revocation of your consent to the processing of data
Many data processing operations are only possible with your consent. These shall be requested from you before the start of data processing. You can revoke this consent at any time. An informal message by e-mail to us is sufficient. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation.
RIGHT OF OBJECTION AGAINST DATA COLLECTION IN PARTICULAR CASES AND AGAINST DIRECT ADVERTISING (ART. 21 GDPR)
INSOFAR AS DATA PROCESSING IS BASED ON ART. 6 (1) LIT. E OR F GDPR, YOU AS A DATA SUBJECT RESERVE THE RIGHT, AT ANY TIME, TO FILE AN OBJECTION, FOR REASONS ARISING OUT OF ITS SPECIAL SITUATION, AGANST THE PROCESSING OF YOUR PERSONAL DATA CONCERNED; THIS APPLIES ALSO TO A PROFILING BASED ON THESE PROVISIONS. PLEASE REFER TO THIS DATA PROTECTION STATEMENT FOR THE RELEVANT LEGAL BASIS PURSUNT TO WHICH A PROCESSING IS PERMITTED. INSOFAR AS YOU FILE AN OBJECTION, WE SHALL NO LONGER PROCESS THE AFFECTED PERSONAL DATA UNLESS WE CAN PROVIDE LEGITIMATE INTERESTS FOR PROCESSING, WHICH TAKE PRECEDENCE OVER YOUR INTERESTS, RIGHTS AND FREEDOMS OR INSOFAR AS THE PROCESSING SERVES THE ASSERTION, EXERCISE OR DEFENSE OF LEGAL CLAIMS.
INSOFAR AS YOUR PERSONAL DATA IS PROCESSED FOR THEPUPOSES OF THE EXERCISE OF DIRECT ADVERTISING, YOU RESERVE THE RIGHT TO FILE AN OBJECTION AGAINST THE PROCESSING OF YOUR PERSONAL DATA FOR THE PURPOSE OF SUCH ADVERTISING; THIS ALSO APPLIES TO PROFILING, INSOFAR AS IT IS RELATED TO SUCH DIRECT ADVERTISING. INSOFAR AS YOU FILE AN OBJECTION, YOUR PERSONAL DATA SHALL THEN NO LONGER BE USED FOR THE PURPOSES OF DIRECT ADVERTISING.
Right of appeal to a supervisory authority
In the case of violations of the GDPR, the data subject is entitled to a right of appeal to a supervisory authority. The right of appeal is without prejudice to any other administrative or judicial remedies.
Information, deletion and rectification
As a data subject, you at any given time reserve the right to free information about your stored personal data, its origin and recipients and the purpose of the data processing, as well as a right to rectification or deletion of this data. For further information on personal data, please contact us at any time under the address provided in the imprint.
Right to restriction of processing
As a data subject, you at any given time reserve the right to request the restriction of the processing of your personal data. You can contact us at any time under the address provided in the imprint. The right to restrict processing exists in the following cases:
- Insofar as you challenge the accuracy of your personal information stored with us, whereby we usually need time to verify this. For the duration of the audit, you as a data subject reserve the right to request the restriction of the processing of your personal data.
- Insofar as the processing of your personal data is unlawful, you as a data subject reserve the right to request the restriction of data processing instead of the deletion.
- Insofar as we no longer require your personal information, but you need it to exercise, defend or assert a claim, you as a data subject reserve the right to request that your personal information be restricted instead of deleting it.
- Insofar as you have filed an objection pursuant to Art. 21 (1) GDPR, a weighing-up of your and our interests must be carried out. As long as it is not clear whose interests prevail, you as a data subject reserve the right to demand the restriction of the processing of your personal data.
Right to data portability
You as a data subject reserve the right to have data that we automatically process on the basis of your consent or in fulfilment of a contract, to be transmitted to you personally or to a third party in a standard, machine-readable format. Insofar as you require the direct transmission of the data to another controller (responsible entity), this shall only be done to the extent technically feasible.
3. Access rights of the APP
To provide our services through the APP, we require the access rights listed below, which allow us to access specific functions of your device.
- Photo Gallery (Access to the Photo Gallery is only used to save the generated diagrams. Otherwise the APP will not access your photos.)
- File folders (e.g. my documents, downloads)
- Mobile data / WLAN
Access to the device functions is required to ensure the functionality of the APP. The legal basis for this data processing is our legitimate interest within the meaning of Art. 6 (1) lit. f GDPR, your consent within the meaning of Art. 6 (1) lit. a GDPR or – insofar as a contract has been concluded – the fulfilment of our contractual obligations (Article 6 (1) (b) GDPR).
4. Collection of personal data within the framework of APP use
When you use our APP, we collect the following personal information from you:
- e-mail address
- The IP address
The processing of this personal data is necessary to ensure the functionality of the APP. The legal basis for this data processing is our legitimate interest within the meaning of Art. 6 (1) lit. f GDPR, your consent within the meaning of Art. 6 (1) lit. a GDPR or – insofar as a contract has been concluded – the fulfilment of our contractual obligations (Article 6 (1) (b) GDPR).
The APP uses as database the product Cloud Firestore of Google LLC (previously known as Google Inc., hereinafter "Google") located in
1600 Amphithreate Parkway
Mountain View, CA 94043
USA
The transmission is carried out analogously to the provisions of Art. 46 DSGVO. Google stores or processes the data and prepares them in a web interface. Google stores the data in the USA or Europe and is subject to the EU-DSGVO (EU 2016/679) via DPA: https://firebase.google.com/terms/data-processing-terms.
You agree to the collection of data by APP and its transfer to Google. If you do not want the third party provider to store the data provided, you must refrain from using the app.
To have your own data deleted from the APP or Google database, you can always send an e-mail to info@appcerto.de (with note "Delete my data in Google database"). If this is not done, the data will be deleted at the latest after the legally required retention periods. This data will also be deleted if you delete your account in the app settings. Please refer to the General Terms and Conditions and Privacy Policy of Google Firebase:
General Terms and Conditions: https://firebase.google.com/terms.
Privacy Policy: https://firebase.google.com/support/privacy.
Within the scope of the applicable statutory provisions, you have the right to at any time demand information about your archived personal data, their source and recipients as well as the purpose of the processing of your data. You may also have a right to have your data rectified or eradicated. If you have questions about this subject matter or any other questions about personal data, please do not hesitate to contact us at any time at the address provided in section “Information Required by Law.”
5. Collection of further data in the context of APP use
When you use our APP, we collect the following additional information from you:
- User ID (for identification)
- Status of membership (Free/Pro)
- Language settings
- CSV settings
- Default export settings
- Chart favorites
- Formatting, export and additional settings for each chart (only saved locally on the device)
- Entered datasets (only stored locally on the device)
The processing of this personal data is necessary to ensure the functionality of the APP. The legal basis for this data processing is our legitimate interest within the meaning of Art. 6 (1) lit. f GDPR, your consent within the meaning of Art. 6 (1) lit. a GDPR or – insofar as a contract has been concluded – the fulfilment of our contractual obligations (Article 6 (1) (b) GDPR).
The APP uses as database the product Cloud Firestore of Google LLC (previously known as Google Inc., hereinafter "Google") located in
1600 Amphithreate Parkway
Mountain View, CA 94043
USA
The transmission is carried out analogously to the provisions of Art. 46 DSGVO. Google stores or processes the data and prepares them in a web interface. Google stores the data in the USA or Europe and is subject to the EU-DSGVO (EU 2016/679) via DPA: https://firebase.google.com/terms/data-processing-terms.
You agree to the collection of data by APP and its transfer to Google. If you do not want the third party provider to store the data provided, you must refrain from using the app.
To have your own data deleted from the APP or Google database, you can always send an e-mail to info@appcerto.de (with note "Delete my data in Google database"). If this is not done, the data will be deleted at the latest after the legally required retention periods. This data will also be deleted if you delete your account in the app settings. Please refer to the General Terms and Conditions and Privacy Policy of Google Firebase:
General Terms and Conditions: https://firebase.google.com/terms.
Privacy Policy: https://firebase.google.com/support/privacy.
All datasets entered into the APP as well as the formatting, export and additional settings for each chart are stored exclusively locally on the smartphone. At no time will the entered data be transferred to us or to third parties. Deleting the dataset in the APP also deletes the dataset in the local memory of the end device. When uninstalling the APP, all datasets and associated settings are also deleted from the local memory.
6. Collection of personal and other data as part of in-app purchases
The APP uses the RevenueCat product from Revenue Cat, Inc. for the management and analysis of in-app purchases (hereinafter "RevenueCat") with headquarters in
633 Tarava St. Suite 101
San Francisco, CA 94116
USA
The transmission is carried out analogously to the provisions of Art. 46 DSGVO. RevenueCat stores or processes the data and prepares them in a web interface. RevenueCat stores the data in the USA or Europe and is subject to the EU-DSGVO (EU 2016/679) via DPA: https://www.revenuecat.com/dpa.
You agree to the collection of data by APP and its transfer to RevenueCat. If you do not want the third party provider to store the data provided, you must refrain from using the app.
To have your own data deleted from the APP or RevenueCat database, you can always send an e-mail to info@appcerto.de (with note "Deletion of my data at RevenueCat"). If this is not done, the data will be deleted at the latest after the legally required retention periods. Reference is made to RevenueCat's general terms and conditions and data protection regulations:
General Terms and Conditions: https://www.revenuecat.com/terms.
Privacy Policy: https://www.revenuecat.com/privacy.
The data, which is stored by RevenueCat and prepared for analysis, can be viewed under the following link: https://www.revenuecat.com/dpa.
7. Inquiry within the APP, by e-mail, telephone or fax
Insofar as you contact us (e.g. via contact form within the app, by e-mail, telephone or fax), your request including all resulting personal data (e.g. name, request) shall be stored and processed by us for the purpose of processing your request. The processing of this data is based on Art. 6 (1) lit. b GDPR, insofar as your request relates to the fulfilment of a contract or is required for the implementation of pre-contractual measures. In all other cases the processing is based on your consent (Art. 6 (1) lit. a GDPR) and / or on our legitimate interests (Art. 6 (1) lit. f GDPR), since sent by you to us by way of contact request, remain with us until you request us to delete it, revoke your consent to storage or the purpose for data storage ceases to apply (e.g. after completion of your request). Mandatory statutory provisions – in particular statutory retention periods – remain unaffected. We shall not share your information without your consent.