Data Privacy Policy – Walterscheid Connected Service App
Your personal data (hereinafter referred to as “data”) will be processed in the course of using our app. The data may include, for example, your name, address, email address and other personal details. Processing is basically any way of handling this data.
In the following, you will therefore receive information on the processing of your data in the context of the use of the Walterscheid GmbH app on the basis of the provisions of the General Data Protection Regulation (GDPR) and the applicable (German) federal and state data privacy laws.
Controller
The data controller within the meaning of data privacy law is:
Walterscheid GmbH
Hauptstrasse 150, 53797 Lohmar, Germany
Tel.: +49 22 46 12 – 30
Email: gdpr@walterscheid.com
Purposes and legal bases of our data processing
1. Registration
You can use our app to register with us. The data entered here will then be stored on our servers and used to carry out your interactions. This data will not be passed on to third parties without it being necessary for the performance of the agreement. The legal basis for the processing of the data is Art. 6 para. 1 p. 1 b) GDPR.
2. Usage history
Within the framework of the agreement with you, we also process data in order to show you recent uses that have already taken place and to make corresponding suggestions for further uses, including the services of partners. The legal basis for the processing of this data is also Art. 6 para. 1 p. 1 b) of the GDPR, as the processing is necessary for the performance of the agreement existing between you and us.
3. Email contact
At various points in the app, contact can be made via the email address provided. The personal data transmitted, in particular the email address itself, is stored. This data will not be passed on to third parties. The data will be used exclusively for processing the enquiry. The legal basis for the processing of the data is Art. 6 para. 1 p. 1 f) GDPR. The legitimate interest in processing the data lies in the establishment of contact. The data is deleted after the purpose ceases to apply, or the communication is terminated. If a quotation process is carried out during the course of communication, the processed data will be deleted after expiry of the retention periods provided for this purpose.
4. Device information
As described, we collect information from and about computer(s), phone(s) and other internet-connected device(s) used by you that have some form of integration with our products. We then combine this information across different devices you use. For example, we use information collected about your use of our products on your phone to better personalise content or functions. The information we receive from these devices includes:
- Data from the device settings: Information that you allow us to obtain through the device settings you have enabled, such as access to your GPS location, Bluetooth, push notifications, camera or photos.
The legal basis for the processing of the data is Art. 6 para. 1 p. 1 f) GDPR. The legitimate interest in processing the data lies in the best possible optimisation of our products for the specific user. Deviating from this, the user’s consent to the individual features is the basis for the processing activities. If no consent is given for the above functions, the user cannot use them in the app.
5. Location-based information
We use location-based information – such as your current location, where you live, the places you like to visit and the businesses and people near you – to provide you and others with our products and to improve them. It also allows you to use our app and products even more conveniently. Location-based information may be based on things like exact device location (if you have allowed us to collect this) and IP addresses. The user must consent to the function in advance. The legal basis is your consent pursuant to Art. 6 para. 1 p. 1 a) GDPR.
6. Camera
If you want to retrieve a QR code, access to your camera and/or photo library is required. In addition to scanning the QR code, the user can also take their own pictures, for example of their PTO drive shaft or machines. The images can be used as thumbnails/product or machine images, among others. Access to this must first be granted by you in order for this function to be used. Without consent according to Art. 6 para. 1 p. 1 a) GDPR, the feature cannot be used.
7. Bluetooth
The Bluetooth function in our app can be used, for example, to determine the maintenance cycle of your coupled and digitally stored PTO drive shaft by measuring the operating hours. This function can only take place with your consent pursuant to Art. 6 para. 1 p. 1 a) GDPR. Without consent, the feature cannot be used.
8. IT security
Finally, we also process data in your and our interest to ensure the integrity, confidentiality and availability of the data processing systems, i.e. in particular the security and availability of your data at Walterscheid GmbH. It is not possible to use our app without processing data for this purpose. The legal basis for the processing of this data is Art. 6 para. 1 p. 1 f) GDPR; our legitimate interest is the maintenance and secure provision of our services.
9. Push notifications
You will receive push notifications from us from the app if you have activated this function in the settings. This function can only be carried out with your consent pursuant to Art. 6 para. 1 p. 1 a) GDPR. Without consent, the feature cannot be used.
Data transfer beyond the borders of the EU
In some cases, we transfer personal data to a third country outside the EU/EEA. We have ensured an appropriate level of data privacy in each case.
Data recipient
We will only transfer your data to or receive it from the recipients you have selected via a secure connection based on our agreement with you, or based on your consent.
In order to be able to offer you all the services of Walterscheid GmbH, we also use selected service providers who process data on our behalf and in our name. We only pass on data to service providers carefully selected by us and commissioned in writing within the framework of legally permissible data processing. They only receive the data that is necessary for the fulfilment of the service. We transfer your data to service providers who support us in the operation of our websites (e.g. hosting, web analysis) and the associated processes within the scope of data processing pursuant to Art. 28 GDPR.
Furthermore, companies affiliated with us pursuant to § 15 of the German Stock Corporation Act (Aktiengesetz – AktG), such as, among others
Off-Highway Powertrain Services Germany GmbH
Hauptstrasse 150
53797 Lohmar / Germany
and
Walterscheid Welsberg AG
Industriezone Ost 1
39035 Monguelfo-Tesido BZ
Italy
can access your personal data. They are subject to confidentiality.
Duration of data retention
We store your data for the duration of the existence of your account with Walterscheid GmbH. However, you can cancel or block your account at any time. We will then delete your data unless we are legally obliged to continue storing or retaining it. Insofar as the data is still required for the processing of outstanding transactions, the deletion shall take place at the earliest after the processing of these transactions.
Use of cookies
The app uses cookies. Cookies are small text files that are stored on your end device via the browser and enable recognition on a subsequent visit. This is done by means of a cookie ID, a uniquely identifiable number that many cookies use.
The use of cookies enables a more user-friendly use of our app. However, if you do not agree to the use of cookies or have disabled them in your browser, the functionality of the app may be limited.
Various plug-ins in this app use cookies. How to prevent the individual plug-ins from using cookies can be found in the respective plug-in descriptions in this declaration.
Data processing through implemented plug-ins
1. Google Analytics for Firebase
We use the Google Firebase developer platform and the associated functions and services of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, (“Google”). Google Firebase is a platform for developers of apps for mobile devices and websites. Google Firebase offers a variety of functions, which are presented on the following overview page: https://firebase.google.com/products/.
The functions include, among others, the storage of users’ personal data, such as content created by them or information concerning their interaction on the website. Google Firebase also offers interfaces that allows an interaction between users of the website and other services. The evaluation of the users’ interactions is carried out with the help of the analysis service Firebase Analytics. This service helps us to record the interactions of our users.
The information processed by Google Firebase may be used in conjunction with other Google services, such as Google Analytics and Google Marketing Services. For more information on Google’s use of data for marketing purposes, users can visit the overview page: https://www.google.com/policies/technologies/ads, Google’s privacy policy is available at https://www.google.com/policies/privacy.
Legal basis for the use is Art. 6 para. 1 p. 1 f) GDPR. If users wish to object to interest-based advertising by Google marketing services, users can use the settings and opt-out options provided by Google: http://www.google.com/ads/preferences.
Google Firebase uses servers located in the EU for these services whenever possible. However, it cannot be ruled out that data will also be transferred to the USA. Google has joined the EU-U.S. Privacy Shield, a privacy agreement between the EU and the US. You can find more information about Google Firebase and privacy at https://firebase.google.com/support/privacy/.
Data security
All data stored by us or any data processors is protected against unauthorised access, loss and modification using current security standards. For this purpose, extensive technical and organisational security precautions are applied with a standard that at least meets the legal requirements.
Your rights and ways to complain
You have the following rights in regard to the data relating to you:
- Right of information: You have the right to obtain information from the data controller about your personal data stored for processing. You can assert this right to information at any time and free of charge.
- Right to rectification or erasure: You have the right to obtain from the data controller the rectification or completion of personal data concerning you without undue delay. Furthermore, you may have the right to request the erasure of your personal data from the data controller.
- Right to restriction of processing: You may have the right to request that the data controller restricts the processing of your personal data.
- Right to revoke your consent: You can revoke your consent to the processing of your personal data by the data controller at any time.
- Right to object to processing: You may object to the processing of your personal data at any time on grounds relating to your particular situation. Your data will then no longer be processed.
- Right to data portability: You have the right to receive personal data provided in a structured, common and machine-readable format. Furthermore, you can request the transfer of your personal data to another data controller.
You can exercise any of these rights by contacting us at gdpr@walterscheid.com.
(2) You also have the right to complain to a data privacy supervisory authority about our processing of your personal data.