Informativa sulla privacy – Walterscheid Connected Service App

Your personal data (hereinafter referred to as “data”) will be processed in the course of using our app. The data may include, for example, your name, address, email address and other personal details. Processing is basically any way of handling this data.

In the following, you will therefore receive information on the processing of your data in the context of the use of the Walterscheid GmbH app on the basis of the provisions of the General Data Protection Regulation (GDPR) and the applicable (German) federal and state data privacy laws.

Controller

The data controller within the meaning of data privacy law is:

Walterscheid GmbH
Hauptstrasse 150, 53797 Lohmar, Germany
Tel.: +49 22 46 12 – 30
Email: gdpr@walterscheid.com

Purposes and legal bases of our data processing

1. Registration

You can use our app to register with us. The data entered here will then be stored on our servers and used to carry out your interactions. This data will not be passed on to third parties without it being necessary for the performance of the agreement. The legal basis for the processing of the data is Art. 6 para. 1 p. 1 b) GDPR.

2. Usage history

Within the framework of the agreement with you, we also process data in order to show you recent uses that have already taken place and to make corresponding suggestions for further uses, including the services of partners. The legal basis for the processing of this data is also Art. 6 para. 1 p. 1 b) of the GDPR, as the processing is necessary for the performance of the agreement existing between you and us.

3. Email contact

At various points in the app, contact can be made via the email address provided. The personal data transmitted, in particular the email address itself, is stored. This data will not be passed on to third parties. The data will be used exclusively for processing the enquiry. The legal basis for the processing of the data is Art. 6 para. 1 p. 1 f) GDPR. The legitimate interest in processing the data lies in the establishment of contact. The data is deleted after the purpose ceases to apply, or the communication is terminated. If a quotation process is carried out during the course of communication, the processed data will be deleted after expiry of the retention periods provided for this purpose.

4. Device information

As described, we collect information from and about computer(s), phone(s) and other internet-connected device(s) used by you that have some form of integration with our products. We then combine this information across different devices you use. For example, we use information collected about your use of our products on your phone to better personalise content or functions. The information we receive from these devices includes:
  • Data from the device settings: Information that you allow us to obtain through the device settings you have enabled, such as access to your GPS location, Bluetooth, push notifications, camera or photos.

The legal basis for the processing of the data is Art. 6 para. 1 p. 1 f) GDPR. The legitimate interest in processing the data lies in the best possible optimisation of our products for the specific user. Deviating from this, the user’s consent to the individual features is the basis for the processing activities. If no consent is given for the above functions, the user cannot use them in the app.

5. Location-based information

We use location-based information – such as your current location, where you live, the places you like to visit and the businesses and people near you – to provide you and others with our products and to improve them. It also allows you to use our app and products even more conveniently. Location-based information may be based on things like exact device location (if you have allowed us to collect this) and IP addresses. The user must consent to the function in advance. The legal basis is your consent pursuant to Art. 6 para. 1 p. 1 a) GDPR.

6. Camera

If you want to retrieve a QR code, access to your camera and/or photo library is required. In addition to scanning the QR code, the user can also take their own pictures, for example of their PTO drive shaft or machines. The images can be used as thumbnails/product or machine images, among others. Access to this must first be granted by you in order for this function to be used. Without consent according to Art. 6 para. 1 p. 1 a) GDPR, the feature cannot be used.

7. Bluetooth

The Bluetooth function in our app can be used, for example, to determine the maintenance cycle of your coupled and digitally stored PTO drive shaft by measuring the operating hours. This function can only take place with your consent pursuant to Art. 6 para. 1 p. 1 a) GDPR. Without consent, the feature cannot be used.

8. IT security

Finally, we also process data in your and our interest to ensure the integrity, confidentiality and availability of the data processing systems, i.e. in particular the security and availability of your data at Walterscheid GmbH. It is not possible to use our app without processing data for this purpose. The legal basis for the processing of this data is Art. 6 para. 1 p. 1 f) GDPR; our legitimate interest is the maintenance and secure provision of our services.

9. Push notifications

You will receive push notifications from us from the app if you have activated this function in the settings. This function can only be carried out with your consent pursuant to Art. 6 para. 1 p. 1 a) GDPR. Without consent, the feature cannot be used.

 

Data transfer beyond the borders of the EU

In some cases, we transfer personal data to a third country outside the EU/EEA. We have ensured an appropriate level of data privacy in each case.

Data recipient

We will only transfer your data to or receive it from the recipients you have selected via a secure connection based on our agreement with you, or based on your consent.

In order to be able to offer you all the services of Walterscheid GmbH, we also use selected service providers who process data on our behalf and in our name. We only pass on data to service providers carefully selected by us and commissioned in writing within the framework of legally permissible data processing. They only receive the data that is necessary for the fulfilment of the service. We transfer your data to service providers who support us in the operation of our websites (e.g. hosting, web analysis) and the associated processes within the scope of data processing pursuant to Art. 28 GDPR.

Furthermore, companies affiliated with us pursuant to § 15 of the German Stock Corporation Act (Aktiengesetz – AktG), such as, among others

Off-Highway Powertrain Services Germany GmbH
Hauptstrasse 150
53797 Lohmar / Germany

and

Walterscheid Welsberg AG
Industriezone Ost 1
39035 Monguelfo-Tesido BZ
Italy

can access your personal data. They are subject to confidentiality.

Duration of data retention

We store your data for the duration of the existence of your account with Walterscheid GmbH. However, you can cancel or block your account at any time. We will then delete your data unless we are legally obliged to continue storing or retaining it. Insofar as the data is still required for the processing of outstanding transactions, the deletion shall take place at the earliest after the processing of these transactions.

Use of cookies

The app uses cookies. Cookies are small text files that are stored on your end device via the browser and enable recognition on a subsequent visit. This is done by means of a cookie ID, a uniquely identifiable number that many cookies use.

The use of cookies enables a more user-friendly use of our app. However, if you do not agree to the use of cookies or have disabled them in your browser, the functionality of the app may be limited.

Various plug-ins in this app use cookies. How to prevent the individual plug-ins from using cookies can be found in the respective plug-in descriptions in this declaration.

Data processing through implemented plug-ins

1. Google Analytics for Firebase

We use the Google Firebase developer platform and the associated functions and services of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, (“Google”). Google Firebase is a platform for developers of apps for mobile devices and websites. Google Firebase offers a variety of functions, which are presented on the following overview page: https://firebase.google.com/products/.
The functions include, among others, the storage of users’ personal data, such as content created by them or information concerning their interaction on the website. Google Firebase also offers interfaces that allows an interaction between users of the website and other services. The evaluation of the users’ interactions is carried out with the help of the analysis service Firebase Analytics. This service helps us to record the interactions of our users.

The information processed by Google Firebase may be used in conjunction with other Google services, such as Google Analytics and Google Marketing Services. For more information on Google’s use of data for marketing purposes, users can visit the overview page: https://www.google.com/policies/technologies/ads, Google’s privacy policy is available at https://www.google.com/policies/privacy.

Legal basis for the use is Art. 6 para. 1 p. 1 f) GDPR. If users wish to object to interest-based advertising by Google marketing services, users can use the settings and opt-out options provided by Google: http://www.google.com/ads/preferences.

Google Firebase uses servers located in the EU for these services whenever possible. However, it cannot be ruled out that data will also be transferred to the USA. Google has joined the EU-U.S. Privacy Shield, a privacy agreement between the EU and the US. You can find more information about Google Firebase and privacy at https://firebase.google.com/support/privacy/.

YouTube

As soon as you click on the preview image, you will leave our site and be redirected to www.youtube-nocookie.com. Despite data protection-friendly integration, YouTube may use cookies. Please refer to the privacy policy of YouTube or Google.

Facebook SDK

In our app, we use the Facebook Software Development Kit (DSK) operated by Meta Platforms, Inc. (“Meta”), 1 Meta Way, Menlo Park, California 94025-1453, USA; Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Har-bour, Dublin 2, Ireland Inc.

Processed data

Automatically logged events: Certain events are automatically logged and recorded in your app for Facebook Analytics.

Event Details
App-Installation App installation When you activate the app for the first time or when you start the app for the first time on a specific device.
App-Launch When you start your app, the Facebook SDK is initialized and the event is recorded. However, if another event occurs a second time within 60 seconds of the first start, this second start event is not recorded.
App-internal purchase If you have completed a purchase that was processed through the Apple App Store or Google Play.
Crash report for the Facebook SDK

(For Facebook use only.)

If your app has crashed due to the Facebook SDK, a crash report is automatically created and sent to Facebook when the app is restarted. This report does not contain any personal user data and helps Facebook to ensure the quality and stability of the SDK.

The Facebook SDK helps us to maximize the success of our advertising campaigns for mobile apps via Facebook. One example of this is the targeted avoidance of ads for an app on devices on which it is already installed. In addition, the Facebook SDK enables detailed analysis of the installation of our app and the success of our web campaigns.

By using the Facebook SDK, we can also examine the individual activities of a user within the app in more detail. This enables us to define the target group for advertising campaigns more precisely and understand them better.

 Only pseudonymized data is transmitted to Facebook. The pseudonym used here is the advertising ID provided by the operating system of the end device (the name may vary depending on the operating system). The app ID can be recreated by the user when the app is reinstalled.

The purpose of collecting and using this data is to analyze our target group and to optimize the advertising campaigns and product information. The legal basis is our legitimate interest (Art. 6 para. 1 lit. f GDPR).

Further information on data collection can be found here: https://www.facebook.com/about/privacy/

Meta is a participant in the EU-U.S. Data Privacy Framework (DPF). Data transfers to the parent company in the USA are based on the DPF. Details can be found here: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt0000000GnywAAC&status=Active

Use of “Service Partner

When using the “Service Partner” function, please note the data protection declarations of the service partner. The processing is based on the contractual relationship with the service partner. There you can also inform yourself about your rights, the purpose and the legality of the data processing.

Data security

All data stored by us or any data processors is protected against unauthorised access, loss and modification using current security standards. For this purpose, extensive technical and organisational security precautions are applied with a standard that at least meets the legal requirements.

Your rights and ways to complain

You have the following rights in regard to the data relating to you:

  • Right of information: You have the right to obtain information from the data controller about your personal data stored for processing. You can assert this right to information at any time and free of charge.

  • Right to rectification or erasure: You have the right to obtain from the data controller the rectification or completion of personal data concerning you without undue delay. Furthermore, you may have the right to request the erasure of your personal data from the data controller.

  • Right to restriction of processing: You may have the right to request that the data controller restricts the processing of your personal data.

  • Right to revoke your consent: You can revoke your consent to the processing of your personal data by the data controller at any time

    Right to object to processing: You may object to the processing of your personal data at any time on grounds relating to your particular situation. Your data will then no longer be processed.

  • Right to data portability: You have the right to receive personal data provided in a structured, common and machine-readable format. Furthermore, you can request the transfer of your personal data to another data controller.

You can exercise any of these rights by contacting us at gdpr@walterscheid.com.

(2) You also have the right to complain to a data privacy supervisory authority about our processing of your personal data.