This Privacy Notice describes the type of information/personal data that we collect through the RemoteXpert Tool (the “App”) and how we collect, process and use it.
As defined in the EU General Data Protection Regulation (GDPR) as well as other national data protection laws of the member states, and other data protection provisions, the controller is:
KURZ DIGITAL SOLUTIONS GmbH & Co. KG
Schwabacher Strasse 106
90763 Fürth, Germany
info@kurzdigital.com
You can contact the controller’s data protection officer at the following address:
MKM Datenschutz GmbH
data protection officer
Äußere Sulzbacher Str. 124a
90491 Nuremberg, Germany
Tel: +49/911/669577-0
dsb(at)kurz.de
As a general rule we do not process our users’ personal data unless it is necessary to enable us to present a functioning App. As a matter of course, our users’ personal data is not processed without the user’s consent. One exception would be cases in which it is not possible to obtain the consent beforehand for practical reasons, and/or if processing of the data is permitted by legal provisions.
In particular, if you are a RemoteXpert User your data is processed for the following purposes:
Calculating App usage levels
Helping diagnose server and performance problems
If we obtain consent from the data subject to carry out processing operations on personal data, our activities are governed by Art. 6 Para. 1 letter a GDPR as the legal basis therefor.
If it is necessary to process personal data in order to fulfil a contract to which the data subject is a contracting party, our activities are governed by Art. 6 Para. 1 letter b GDPR as the legal basis. This also applies for processing activities essential for pre-contractual arrangements, in response to enquiries about our products or services, for example.
If we need to process personal data to comply with a legal obligation to which our company is subject, (e.g., tax obligations), the legal basis for this is Art. 6 Para. 1 letter c GDPR.
If it is essential to process personal data to protect the vital interests of the data subject or another natural person, the legal basis therefor is Art. 6 Para. 1 letter d GDPR.
If such processing is essential in order to safeguard the legitimate interests of our company or of a third party and these interests are not outweighed by the interests, basic rights and basic freedoms of the data subject, Art. 6 Para. 1 letter f GDPR serves as the legal basis therefor. This applies e.g. to collections and analyses for statistical purposes, which we carry out to optimise our web offerings.
We only process and store your personal data for the period necessary to fulfil the purpose for which it is stored. When its purpose has been fulfilled or ceases to exist, your personal data is erased or blocked. It can be stored for longer than this if such provisions appear in the European or national legislatures in legally binding ordinances, laws or other regulations of the European Union to which the controller is subject. The data is also blocked or erased when a retention period stipulated in the aforementioned norms expires, unless there is a pressing need for continued retention of the data to enable the conclusion or fulfilment of a contract.
In the context of using the App, the following data may be captured:
Your First Name
Your Last Name
Your Email Adress
Your Phone Number
Your Company Name
In rare cases, this (technical) data in the logfiles may be personal data. The temporary storage of the IP address by the system is necessary to enable the App to be delivered to the user’s device. To allow this, the user’s IP address has to remain stored for the duration of the session. As a rule, however, we only use this data if it is absolutely necessary for technical reasons to ensure operation and protect our Apps from attacks and misuse; in pseudonymised or anonymised form it is also used for purposes of advertising, market research and to help us design our services to meet current needs. This is why users’ IP addresses are stored as a technical precaution for a period not exceeding 7 days. They may be stored for longer. In this case, the users’ IP addresses are erased or masked so that it is no longer possible to make a connection to the accessing client. This data is not stored together with any of the user's personal data.
The legalbasis for temporary storage of the abov mentioned data is Art. 6 Para. 1 letter f GDPR.
The capture of the data in order to deliver the App and storage of the data in logfiles are both essential for enabling operation of the App. Consequently, the user has no right of objection in this case.
The “Operating system”, the “Mobile Device Type” and the “Browser Version” (when scanning with laptop or PC) are automatically collected when using the scan function of your App. However such information is not assigned to and cannot be linked to a specific person. We use this information to determine the attractiveness of our App and improve its performance or content. We do not collect your mobile device user name, the International Mobile Equipment Identity number or other mobile device identification (e.g. UDID), the Serial number or the Model number of your mobile device.
For the purposes described in Section 3.1, your data is also transmitted to the responsible offices of KURZ and to affiliates of KURZ if this is necessary in order to fulfil the stated purposes and thus conforms to the legal permission regulations or if you have given your consent for the transmission.
We use external service providers in some cases to process your personal data. These providers have been selected by us with extreme care and engaged in writing. They are bound by our instructions and are reviewed by us regularly. The service providers will not communicate this personal data to third parties.
Furthermore, we ensure that your personal data is not communicated to third parties unless we are obliged to do so by law or unless you have explicitly stated that we may do so.
If personal data about you is processed, you are a data subject within the meaning of the GDPR, and you have the following rights in respect of the controller. Regarding this matter, please contact our data protection officer using the contact information provided in Section 2.2
You have the right require that we provide you with information about the personal data we have stored relating to you.
You have the right to require that personal data relating to you be corrected and/or completed immediately.
You have the right to require that the processing of your personal data be restricted if you are contesting the accuracy of the data, if the processing is unlawful but you reject the option to have it erased and we do not need the data any more but you need it to enforce, exercise or defend your legal rights or you have submitted an objection to the processing in accordance with Art. 21 Para. 1 GDPR. If the processing of the personal data relating to you has been restricted, apart from saving it, this data can only be processed with your consent or in order to enforce, exercise or defend legal rights or to protect the rights of another natural or legal person or for reasons of substantive public interest of the union or of a member state. If the restriction of processing has been restrained pursuant to the above conditions, you will be informed by us before the restriction is cancelled.
You have the right to request the erasure of personal data relating to you that is stored with us, unless it is essential for the exercise of the right to the free exchange of opinion and information, processing to fulfil a legal obligation for reasons of public interest or for enforcing, exercising or defending legal rights.
If you have exercised your right to rectify, erase or restrict processing (15.2-15-4), we will notify all recipients to whom we have disclosed personal data relating to you of this rectification or erasure of the data or of the restriction of processing thereof unless this proves impossible or is associated with unreasonable additional effort.
You have the right to have personal data that you provided to us delivered to you or a third party in a structured, standard, machine-readable format. If you require that the data be transmitted directly to another controller, this will only be done if it is technically possible.
If your personal data is processed on the basis of legitimate interests as stipulated in
Art. 6 Para. 1 letter f GDPR, you have the right to file an objection to the processing pursuant to Art. 21 GDPR. The controller will discontinue processing personal data relating to you unless it can prove the existence of compelling reasons worthy of protection for continuing to process it which outweigh your interests, rights and freedoms or if processing serves the cause of enforcing, exercising or defending legal rights.
You have the right to withdraw your consent under data protection law at any time with effect for the future. The data that is collected before such withdrawal becomes legally enforceable is unaffected thereby.
Without prejudice to any other administrative or judicial remedy, you shall have the right to lodge a complaint with a supervisory authority, in particular within the Member State of your habitual residence, place of work or place of the alleged infringement, if the data subject considers that the processing of personal data relating to you infringes the GDPR.
The supervisory authority with which the complaint has been lodged shall inform the complainant on the progress and the outcome of the complaint including the possibility of a judicial remedy pursuant to Art. 78 GDPR.
It may be necessary (e.g., in the light of changes to the law) to update our Privacy Notice. We therefore reserve the right to amend or supplement this Privacy Notice whenever necessary. In case we decide to change this Privacy Notice, you may be prompted to accept changes to this Privacy Notice during subsequent updates to the App. No update to this Privacy Notice shall apply to you without your prior consent.