halion - Datenschutzerklärung nach Art. 13 und 21 DSGVO

Privacy policy according to Art. 13 and 21 GDPR

1 General Information

1.1 The protection of your personal data is important to us, rocon software development GmbH. That is why we want to offer you comprehensive transparency regarding the processing of your data. Because only if the processing is comprehensible to you as the data subject are you sufficiently informed about the scope, purposes and benefits of the processing.

1.2 The controller within the meaning of the General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG) and other data protection regulations is
rocon software development GmbH
Neumühler Weg 14
66130 Saarbrücken
Email: saarbruecken@rocongruppe.de
Web: www.rocongruppe.de
Phone: +49 681 93513-0
Hereinafter referred to as the controller or we.

1.3 Note: Please note that links in our application (hereinafter also referred to as “app”) may take you to other apps or websites that are not operated by us, but by third parties. Such links are either clearly marked by us or are recognizable by a change in the address line of your browser or a change to another app pre-installed by you in this case. We are not responsible for compliance with data protection regulations and the secure handling of your personal data on these websites operated by third parties.

2 Definitions

2.1 Cookies are text files that are stored or read by an application on your end device. They contain combinations of letters and numbers, e.g. to recognize the user and their settings when they reconnect to the cookie-setting website, to enable them to remain logged in to a user account or to statistically analyse specific user behaviour.

2.2 WebStorage technology makes it possible to store variables and values locally in the user’s browser cache. The technology includes both the so-called “sessionStorage”, which remains stored until the browser tab is closed, and the “localStorage”, which is stored in the browser cache until the cache is emptied by the user. The localStorage technology makes it possible, among other things, to recognize the user when they access our services.

2.3 When we specify the categories of data processed in this privacy policy, this refers in particular to the following data: master data (e.g. names, addresses, dates of birth), contact data (e.g. e-mail addresses, telephone numbers, messenger services), content data (e.g. text entries, photographs, videos, contents of documents/files), contract data (e.g. subject matter of the contract, terms, customer category), payment data (e.g. bank details, payment history, use of other payment service providers), usage data (e.g. history on our web services, use of our web services, use of our online services). subject matter of the contract, terms, customer category), payment data (e.g. bank details, payment history, use of other payment service providers), usage data (e.g. history on our web services, use of certain content, access times), as well as connection data (e.g. device information, IP addresses, URL referrers), location data (e.g. GPS data, IP geolocation, access points).

3 General information on data processing

3.1 We only process personal data insofar as this is necessary and legally permissible. Personal data is only passed on in the cases described below. Personal data is protected by appropriate technical and organizational measures (e.g. pseudonymization, encryption).

3.2 Unless we are legally obliged to store or disclose it to third parties (in particular law enforcement authorities), the decision as to which personal data we process and for how long and to what extent we disclose it depends on which functions of the services you use in each individual case.

3.3 The personal data will be deleted as soon as the purpose of the processing no longer applies or a prescribed storage period expires, unless there is a need for further storage of the personal data for the conclusion or fulfillment of a contract.

4 Automated decisions in individual cases including profiling

4.1 Automated decisions in individual cases, including profiling to bring about such a decision in accordance with Art. 22 para. 1, 4 GDPR, are not made. If this is different in individual cases for a rocon software development GmbH product or an app, we will expressly point this out separately in each case.

5 Data processing in connection with the use of the app

5.1 The use of the applications of rocon software development GmbH with their respective range of functions requires the processing of certain personal data.

5.2 When you start using the application, your master or user data is collected. This data collection concerns your user ID and your e-mail address. The data is automatically transmitted to us via the d.velop Cloud Center. This personal data is processed for the purpose of usability and functionality of the application, as well as to ensure the security of our information technology systems. It is not possible to use the app without logging in. The processing of your personal data for the aforementioned purposes is therefore carried out to enable us to fulfill the contract with you. The processing is therefore permitted under Art. 6 para. 1 lit. b GDPR and is carried out on a legal basis.

5.3 Data will only be passed on to third parties in necessary cases. A transfer to third countries or to international organizations is not intended or planned. It does not take place subject to further provisions of this privacy policy.

5.4 When you use the contact form in our application or contact us by email, the personal data you provide is initially processed and made available to us for further processing. The data is stored in our information technology systems after transmission. The data is processed for the purpose of responding to your inquiry. The date and time of the contact request and your IP address are also stored for the purpose of allocation. This is done for the purposes of preventing misuse and ensuring the security of our IT systems. These purposes are legitimate interests within the meaning of Art. 6 para. 1 lit. f GDPR.

5.5 Your personal data will be stored until the conclusion of the procedure on which your request was based. Your data will not be passed on to third parties. A transfer to a third country or an international organization is not intended. The use of the contact form and the input of your data are voluntary. Please note, however, that it is not possible to use the form or process your request without providing your data.

6 Rights of affected persons

6.1 As a data subject, you have the right of access pursuant to Art. 15 GDPR, the right to rectification pursuant to Art. 16 GDPR, the right to erasure pursuant to Art. 17 GDPR, the right to restriction of processing pursuant to Art. 18 GDPR and the right to data portability pursuant to Art. 20 GDPR. The restrictions under Sections 34 and 35 BDSG apply to the right to information and the right to erasure. You have the right to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR in conjunction with Section 19 BDSG).6.2 The data protection supervisory authority responsible for us is: Unabhängiges Datenschutzzentrum Saarland, Fritz-Dobisch-Straße 12, 66111 Saarbrücken. However, you are free to lodge a complaint with another data protection supervisory authority. You can find a list of the supervisory authorities at: https://www.bfdi.bund.de/ (under Infothek/Anschriften und Links).

7 Notification obligations of the controller

7.1 We will notify all recipients to whom your personal data has been disclosed of any rectification or erasure of your personal data or restriction of processing in accordance with Art. 16, Art. 17 (1) and Art. 18 GDPR, unless this notification is impossible or involves a disproportionate effort. We will inform you about the recipients if you request this.

8 Obligation to provide

8.1 Unless otherwise explained below in the information on the legal bases, you are not obliged to provide personal data. In the cases of Art. 6 (1) (b) GDPR, however, the personal data is required for the performance of a contract or the conclusion of a contract. If you do not provide the personal data concerned, it will not be possible to fulfill the contract or conclude the contract. If you do not provide the data in the cases of Art. 6 para. 1 letter f GDPR, the use of the products of rocon software development GmbH is not possible or only possible to a limited extent.

8.2 In order to make use of the services and functions described here, access rights to the following interfaces, device functions and data of your end device may be required: memory, camera of your end device. You are not obliged to grant these authorizations. However, use of the services and functions is not possible or only possible to a limited extent without the authorizations.

9 Right of objection and withdrawal of consent

9.1 You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (f) of Article 6(1) GDPR. Where personal data are processed for direct marketing purposes, you have the right to object at any time to processing of personal data concerning you for such marketing

9.2 In accordance with Art. 7 para. 3 sentence 1 GDPR, you have the right to withdraw your consent informally by post or email at any time with effect for the future. This does not affect the lawfulness of the processing carried out on the basis of the consent until revocation. Upon your revocation, we will delete the personal data processed on the basis of your consent if there is no other legal basis for their processing.

9.3 Objection and revocation can be made informally and should be addressed to:
rocon software development GmbH
Neumühler Weg 14
66130 Saarbrücken
+49 681 93513-0
saarbruecken@rocongruppe.de