Privacy Policy

I. General

The protection of your personal data is paramount to us and we handle it confidentially and in accordance with the statutory data protection regulations and this data protection policy. This data protection policy applies to our mobile iPhone and Android apps (hereinafter referred to as “APP”). It explains the type, purpose and scope of data collection when using the APP. Please note that data transmission via the Internet may involve security loopholes. It is not possible to fully protect data against access by a third party.

Data controller

The data controller for this APP is:
Hörmann KG Antriebstechnik
Michaelisstraße 1
33803 Steinhagen
Germany

“Data controller” is the instance which collects, processes or uses the personal data (e.g. names, e-mail addresses etc.).

Data protection officer

You can contact our data protection officer at:
Jens Paul
Hörmann KG Antriebstechnik
Michaelisstraße 1
33803 Steinhagen
Germany
E-mail: datenschutz@hoermann.de

Location data and background location data

Hörmann BlueSecur App needs access to your location (precise location) and background location data in order to function correctly (i. e. interact with Bluetooth device), so you need to provide us with permission to use your location data from your mobile Android device. The location is NOT shared with us or any third parties and is ony processed locally on your mobile device.
Location Data is used while your app is in foreground to determine via Bluetooth Low Energy whether a BlueSecur compatible device is within Bluetooth range or not, so you need us to provide precise location data. If your BlueSecur device is in range you can interact with this device.
Background Location Data is required to interact with your Bluetooth-enabled devices even when your app is closed. This app uses background location permissions only when you want to use widgets. Background location data enables the feature that determines whether or not a Bluetooth Low Energy-enabled device is in range and allows you to interact with that device even when the app is closed or in the background.

Contactlist and Contact data

The Hörmann BlueSecur app requires optional access to your contact list or your contact data. Your contact data is only used to facilitate the transfer of your opening authorization by e-mail or SMS, in which you have the option of selecting the appropriate authorization recipient from your contacts. The contact data will not be shared with us or third parties and will only be processed locally on your mobile device.

General storage period for your personal data

Subject to deviating or more detailed information specified within this data protection policy, the personal data collected by the APP is stored until you request its deletion, withdraw your consent to store it or the purpose for its storage ceases to exist. In the event of the data being subject to legal retention periods or other acknowledged legal reasons for its storage (e.g. legitimate interest), the affected personal data is only deleted once the reason for its storage ceases to exist.

Legal bases for storing your personal data

The processing of personal data is only permitted if there is an effective legal basis for the processing of such data. Any of your data we may process is usually processed on the basis of your consent in accordance with Art. 6 (1) lit. a of the General Data Protection Regulation (GDPR) (e.g. when you voluntarily enter your data in the registration mask, in the context of making contact or consenting to tracking), for the purpose of contractual fulfilment in accordance with Art. 6 (1) lit. b GDPR (e.g. when using in-APP purchases or the use of other payable APP functions) or on the basis of legitimate interests in accordance with Art. 6 (1) lit. f GDPR which are always weighed up against your interests (e.g. as part of advertising measures). Some of the relevant legal bases are specified in greater detail in separate parts of this data protection policy.

Encryption

This APP uses encryption due to security reasons and to protect the transmission of confidential contents, such as requests which you send to us as the APP operator or communications between the APP users. This encryption prevents the data you transmit to us from being read by unauthorised third parties.

Modifications to this data protection policy

We reserve the right to amend this data protection policy at any time in compliance with the legal requirements.


II. Your rights

The GDPR grants certain rights to data subjects whose personal data are processed by us. At this point we would like to inform about these rights:

Withdrawal of consent for data processing

Many data processing transactions are only possible with your consent. We will seek such explicit consent from you prior to commencing with the processing of your data. This consent can be revoked at any time. An informal message to us via e-mail shall suffice for this. The legitimacy of data processing transactions undertaken up until withdrawal remains unaffected by the withdrawal.

RIGHT TO OBJECT TO THE COLLECTION OF DATA IN SPECIAL CIRCUMSTANCES AND TO DIRECT ADVERTISING (ART. 21 GDPR)

IF THE DATA IS PROCESSED ON THE BASIS OF ART. 6 (1) LIT. E OR F GDPR, YOU MAY OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA AT ANY TIME FOR REASONS ARISING FROM YOUR SPECIFIC PERSONAL SITUATION. THIS ALSO APPLIES TO ANY PROFILING BASED ON THESE PROVISIONS. THE RESPECTIVE LEGAL BASE FOR THE PROCESSING OF DATA ARE STATED IN THIS DATA PROTECTION POLICY. IF YOU RAISE AN OBJECTION, WE WILL CEASE TO PROCESS THE AFFECTED PERSONAL DATA, UNLESS WE HAVE PROOF OF COMPELLING LEGITIMATE REASONS FOR THE PROCESSING WHICH OUTWEIGH YOUR INTERESTS, RIGHTS AND FREEDOMS OR WHICH SERVE TO ASSERT, EXECUTE OR DEFEND LEGAL CLAIMS.

IF YOUR PERSONAL DATA IS PROCESSED FOR ENGAGING IN DIRECT ADVERTISING ACTIVITIES, YOU MAY OBJECT TO ITS PROCESSING FOR THE PURPOSE OF SUCH ADVERTISING AT ANY TIME. THIS ALSO APPLIES TO ANY PROFILING DIRECTLY RELATED TO SUCH DIRECT ADVERTISING. IF YOU RAISE AN OBJECTION, YOUR PERSONAL DATA IS THEN NO LONGER USED FOR DIRECT ADVERTISING PURPOSES.

Right to lodge a complaint with a supervisory authority

In case of breaches against the GDPR, the data subjects have the right to lodge a complaint with a supervisory authority. This right to lodge a complaint is unaffected by other legal remedies under administrative law or before the courts.

Information, deletion and correction

You have the right to free of charge information at any time about your stored personal data, its origin, recipients, and the purpose of data processing, and also have the right to amend or delete this data. Should you have any questions on the subject of personal data, you are welcome to contact us at any time at the address provided in the imprint.

Right to restriction of processing

You have the right to request the restriction of the processing of your personal data. Should you have any questions on the topic, you are welcome to contact us at any time at the address provided in the imprint. You have the right to request the restriction of the processing in the following cases:
  • We usually require time to check any disputes you may raise regarding the accuracy of your personal data stored by us. For the duration of the review, you have the right to request the restriction of the processing of your personal data.
  • If your personal data has been/is being processed illegitimately, you can request the restriction of data processing instead of the deletion.
  • If we no longer require your personal data, but you require it for the exercise, defence or assertion of legal claims, you have the right to demand the restriction of the processing of your personal data instead of the deletion.
  • If you have raised an objection in accordance with Art. 21 (1) GDPR, your interests must be weighed up against ours. You have the right to request the restriction of the processing of your personal data as long as the outweighing interests have not yet been determined.

If you have restricted the processing of your personal data, it may only be used – apart form being stored – any further with your consent or to assert, exercise or defend legal claims, or to protect the rights of another natural person or legal entity, or for reasons of an important public interest of the European Union or one of its member states.

Right to data portability

You have the right to receive the data we have automatically processed based on your consent or in fulfilment of a contract, in a structured, commonly used and machine-readable format or request that a third party receives it. If you request direct transmission of the data to another responsible party, this shall only take place if technically feasible.


III. Sensitive User Data Usage and privacy information

In order to provide our services via the APP, we require access to the following functions of your mobile phone:

  • Location data:
    • Data access (Access): Access to location data is necessary to determine Bluetooth-enabled devices in the vicinity via Bluetooth Low Energy.
    • Usage: The location authorisations are used to determine via Bluetooth Low Energy whether a device is within Bluetooth range. With a granted location authorisation, you can operate your devices.
    • Data collection (Collect): No location permissions or location data are stored.
    • Data sharing (Share): No location permissions or location data are shared with third parties.
  • Background location data:
    • Access: Background location data is necessary to detect Bluetooth-enabled devices in the vicinity via Bluetooth Low Energy even if the app is closed or in the background.
    • Usage: The background location access is needed to interact with your Bluetooth-enabled devices even when your app is closed. The app uses background location access only when you want to use widgets. These permissions enable the feature that determines whether or not a Bluetooth Low Energy enabled device is in range and allows you to interact with that device even when the app is closed or in the background.
    • Data collection (Collect): No background location permissions or location data are stored.
    • Data Sharing (Share): No background location permissions or location data are shared with third parties.
  • Camera:
    • Data Access: Access to the camera to scan a supplied QR code. This scanning process enrols compatible devices in the app.
    • Data Usage (Usage): Scan the QR code.
    • Data Collection (Collect): No camera recordings are stored.
    • Data Sharing (Share): No camera recordings are shared with third parties.
  • Contact list:
    • Data Access (Access): The "Contacts" application of the terminal is accessed, provided that they pass on opening authorisations to further persons.
    • Data usage (Usage): Passing on opening authorisations.
    • Data collection (Collect): No contact data is collected.
    • Data sharing (Share): No contact data is shared with third parties.


IV. Collection of personal data when using the APP

General

We collect the following personal data when you use our APP:
  • E-mail address
  • Usage data
  • IP address
  • Device ID
  • Virtual keys & taught-in keys
  • Linked devices

The processing of this personal data is required to guarantee the functionalities of the APP. The legal basis for these data processing is our legitimate interest within the meaning of Art. 6 (1) lit. f GDPR, your consent within the meaning of Art. 6 (1) lit. a GDPR, or the fulfilment of our contractual obligations within the meaning of Art. 6 (1) lit. b GDPR.

The storage period for the data thus collected is regulated as follows:
The data will be kept until you stop using the app and request us to delete your personal data.

Request within the APP by e-mail, phone or fax

When you contact us (e.g. via contact form within the app, by e-mail, phone or fax), your request or your improvement suggestions, including all of the personal data arising thereof (e.g. name and request), is stored and processed for the purpose of processing your query. This data is processed on the basis of Art. 6 (1) lit. B GDPR if your query is related to the fulfilment of a contract or required for implementing pre-contractual measures. In all other cases, the processing is based on your consent (Art. 6 (1) lit. a GDPR) and/or our legitimate interests (Art. 6 (1) lit. f GDPR) as we have a legitimate interest in the effective processing of the query sent to us. The data you have sent to us via the contact form remains with us until you request deletion, withdraw your consent to storage, or until the purpose of data storage no longer exists (e.g. after the processing of your query is completed). Compulsory legal regulations – especially legal retention periods – remain unaffected. We do not pass on your data without your consent.


Status: 08.07.2021