Privacy policy for the AIVITEX app, the services obtained through it, the AIVITEX customer account and the AIVITEX website.

Information on the processing of personal data and data controller

We are pleased that you are interested in the app. The protection of your privacy and compliance with applicable data protection laws is extremely important to us, the iuhhoo GmbH, Brühlstraße 7, 70563 Stuttgart, Germany (“AIVITEX” or “we” or “our” or “us”). We therefore use your data in compliance with the strict provisions of the relevant data protection law (in particular the General Data Protection Regulation), provided that we collect, use or store ("process") personal data from you within the scope of the services offered. Our Privacy Policy is intended to inform you about which data we record, for which purposes, how it is used as part of the app, the services acquired through the app, the customer account and the website (collectively “service/s”). You should therefore take the time to read our Privacy Policy.

 

The controller for data processing pursuant to Art. 4 para. 7 of the General Data Protection Regulation (GDPR):

iuhhoo GmbH
Brühlstraße 7
70563 Stuttgart, Germany
Managing director: Antonia Zock

 

You can contact our data protection officer at:
Data Protection Officer
iuhhoo GmbH
Brühlstraße 7
70563 Stuttgart, Germany
E: info@aivitex.com

 

If you have any questions, suggestions and/or feedback regarding our services, please contact us:
iuhhoo GmbH,
Brühlstraße 7
70563 Stuttgart, Germany
E: info@aivitex.com

The app may contain links to websites or the services of other providers over which we have no control and are therefore not covered by this Privacy Policy. We assume no liability for the content, the technical security or activities of these external websites or services. We therefore recommend that you read the Privacy Policy carefully.

  • A General Privacy Policy information and Privacy Policy for the AVITEX App and services obtained through it (Last amended on: June 10, 2021)

  • B Privacy Policy for the AIVITEX website (Last amended on: June 10, 2021)

A. General Privacy Policy information and Privacy Policy for the use of the app

§ 1 General information on data processing

We only process personal data of our users if this is necessary to guarantee the functionality of the app. Personal data is information that can be used to identify you individually (for example name, address, postal address, telephone number or your e-mail address). No personal data, however, are details such as the number of users of our services.

When using the app for information purposes, i.e. if you do not register or otherwise provide us with information, we collect the personal data described below, which is technically necessary for us to offer you the functions of our app and to guarantee stability and security:

  • Device-Identification: DeviceID for Android, IDFA for iOS

  • Language and version of the app

  • Operating system

  • Date and time of the request

  • The volume of data transferred in each case

In addition, we analyze usage data of the app (technical usage data, app version, click flows, functions used) in order to identify preferences and further develop the app. The legal grounds for the temporary storage of the aforementioned data and the evaluation is Art. 6 Par. 1 S. 1 lit. f GDPR. The data processing is done to ensure the functionality of the app. In addition, the data and analyses serve us to optimize the app and to ensure the security of our information technology systems, from which our legitimate interest arises.

If you do not wish for information about the use of the app to be saved and analyzed, you can activate and deactivate this function at any time via Settings > data protection.

 

§ 2 Data processing during registration and/or use of a customer account

1. Registration process and use of the app

We offer you the opportunity to register by providing personal information or to create a user account. As part of the registration process, the following categories of personal data that you enter in an input mask are transferred to us and stored:

  • Master data

We also gather the date and time of registration and the technical settings made during registration. The legal grounds of this data processing results from Art. 6 para. 1 S. 1 lit. b GDPR, as this information is necessary for the performance of the contract or to take steps at your request prior to entering a contractual relationship between you and us. However, there is no obligation to provide this information. However, you cannot use our service without this information. On the above mentioned basis we also process your contact and address data in order to inform you about contract-relevant changes in products and services in accordance with the applicable laws and to provide you with other legally binding information.

The data required to process the contract - such as master data - will be kept for a further period of three (3) years after termination of the business relationship. On the other hand, information on mobility services used during the business relationship is only kept for three (3) years. The storage of the data serves to fulfil possible warranty or recourse claims. The period begins at the end of the year in which the data were processed. After expiry of these deadlines, all your personal data will be irretrievably deleted.

2. Recipients of personal data

Your personal data will not be transmitted to third parties unless this is necessary for the purpose of contract processing or due to legal requirements or you have expressly consented.

2.1. Disclosure of personal data to public authorities

Your personal data will only be transmitted to public authorities if the information is requested on the basis of legal requests for information.

2.2. Use of data for customer service

We use your data to ensure the quality of our customer service. For example, we retain requests you make to our customer service (e.g. by telephone, e-mail, letter or social media channels) and the associated responses to you for a period of three (3) years. This allows us to respond better to inquiries or suggestions for changes and allows us to meet possible warranty or recourse claims. The period begins at the end of the year in which the data were processed. After expiry of these periods, all personal data are irretrievably deleted. The legal ground of this data processing results from Art. 6 Para. 1 S. 1 lit. b GDPR, as this data processing is necessary to ensure customer service in the context of the contractual relationship.

2.3. Create service videos

We use our app, among other things, to create videos of assembly, installation and service conditions for our contractual partners regarding your installations and repair requests, etc. ("service video"). When you install the app, you will be asked to enable the app to access the camera of your end device permanently or for the individual use case, depending on your preferences. At the scheduled appointment to create a service video, our service representatives will notify you when the video recording starts, pauses, restarts, and ends. The video is transmitted to our client as part of your order and deleted after the service case has been completed with us.

 

3. Service providers used

In addition to the aforementioned, we use external service providers (e.g. computer centres) to process your data. These have been carefully selected by us and process the personal data exclusively according to our instructions and under our control. These are in detail:

  • Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA - Provision of "Firebase" (especially for authentication, storing and reading data from the Firestore database, storing and reading files in the storage, hosting our web application and capturing crashes in Crashlytics)

On May 25th, 2018, the EU General Data Protection Regulation (GDPR) replaced the 1995 EU Data Protection Directive. This means that data is under the customer's control. Customers are responsible for obligations like fulfilling an individual's rights with respect to their personal data or information. Google is committed to helping our customers succeed under these privacy regulations, whether they are large software companies or independent developers.

  • Firebase

Firebase Data Processing and Security Terms

When customers use Firebase, Google is generally a data processor under GDPR and processes personal data on their behalf. Similarly, when customers use Firebase, Google generally operates as a service provider under the CCPA handling personal information on their behalf. Firebase terms include Data Processing and Security Terms detailing these responsibilities.

Certain Firebase services governed by the Google Cloud Platform (GCP) Terms of Service are already covered by associated data processing terms, the GCP Data Processing and Security Terms. A complete list of Firebase services currently governed by the GCP Terms of Service is available in the Terms of Service for Firebase Services.

Firebase is certified under major privacy and security standards

ISO and SOC compliance

All Firebase services (aside from App Distribution and Crashlytics) have successfully completed the ISO 27001 and SOC 1, SOC 2, and SOC 3 evaluation process.

  • Twilio 375 Beale Street Suite 300 San Francisco, CA 94105 USA

Twilio provides TURN/STUN servers to stabilize subscriber connections. The server location is within the EU. Twilio is certified according to ISO/IEC 27001. Twilio is committed to keeping the Twilio Platform GDPR compliant.

 

4. Information saved on your end device

We store some information on your device. For this purpose, instead of cookies, we use a functionally comparable technology (hereinafter referred to collectively as "cookies") in the app in order to be able to optimally design the app. This facilitates navigation and a high degree of user-friendliness of the app.

Cookies are small files that are saved on your end device. They are used to determine whether any communication has already been made from your end device to AIVITEX. Only the cookie on your end device is identified. 

Personal data can be saved in cookies if you have consented to this or if it is absolutely necessary technically, for example, to enable protected login.

 

5. Withdrawal of consent

If the data processing is based on your consent, this consent can be revoked at any time with effect for the future. Revocations of the given consents can be sent by post to iuhhoo GmbH, data protection, Brühlstraße 7, 70563 Stuttgart or by e-mail to info@aivitex.com You will not have to pay any costs for the revocation, except for the costs incurred for the transmission at the basic rate. Your revocation does not affect the legality of data processing until revocation on the basis of your consent. Further processing of this data on the basis of a different legal basis also remains unaffected.

 

6. Rights of the data subject

As a person affected by the data processing, you have the right to obtain information about the data stored by us (Art. 15 GDPR), to have incorrect data corrected (Art. 16 GDPR), data erasure if there is no legal reason for further storage (Art. 17 GDPR), to demand restrictions on the processing of your data (Art. 18 GDPR) and data transferability with regard to the data that you have provided us (Art. 20 GDPR). To exercise this right, you can send us an e-mail to info@aivitex.com at any time.

 

7. Right to object

You can object at any time, free of charge and with effect for the future, to any data processing that is carried out on the basis of Art. 6 para. 1 e) or f) GDPR or for direct advertising purposes. To exercise your right to object, you can send us an e-mail to info@aivitex.com

 

8. Revision clause

We reserve the right to change the present Privacy Policy from time to time. Updated versions will be released here. Please check whether there is an update available before each booking.

 

B. Privacy Policy for the website

We are pleased about your visit to our website and your interest in our company. We want you to feel comfortable visiting our website. The protection of your privacy and compliance with the applicable data protection laws is extremely important to us. For this reason, we would like to inform you in our data protection policy what data we collect when you visit our website, for what purposes and how it is used. This data protection declaration applies to our website and the various subdomains (hereinafter referred to as "our website") that can be accessed via it. You should therefore take a moment to read our privacy policy and contact us at info@aivitex.com if you have any questions.

Our website may contain links to websites or services of other providers, over which we have no control. This Privacy Policy does not extend to these and we accept no liability for the content, technical security or activities of these external websites or services. We therefore recommend that you read their privacy policies carefully.

 

The controller for data processing pursuant to Art. 4 para. 7 of the General Data Protection Regulation (GDPR):

iuhhoo GmbH
Brühlstraße 7
70563 Stuttgart, Germany
Managing director: Antonia Zock

 

You can contact our data protection officer at:
Data Protection Officer
iuhhoo GmbH
Brühlstraße 7
70563 Stuttgart, Germany
E: info@aivitex.com

 

1. How and for what purposes we process the information

When you visit our website, our web servers store as standard, among other things, details of your browser and operating system, the website from which you visit our website, the pages that you visit on our website, the date of your visit and for security reasons, e.g. to identify attacks on our website, the IP address assigned to you by your Internet service provider, which is stored for seven days. With the exception of the afore-mentioned data and the IP address, we only store personal data if you provide us with this voluntarily, e.g. as part of a registration, a survey, a contest, a contact enquiry or for the execution of a contractual relationship.

You are not legally or contractually obliged to provide your personal data. However, it is possible that certain functions of our websites depend on the provision of personal data. If you do not provide personal data in these cases, this may result in functions not being available or only being available to a limited extent.

We collect personal data when you provide it to us in the context of your order or when contacting us (e.g. via contact form or e-mail). Mandatory fields are marked as such, because in these cases we need the data to process the contract or to process your contact and you can not complete the order or send the contact without their information. Which data is collected can be seen from the respective input forms. We use the data provided by you in accordance with Art. 6 paragraph 1.

We use your personal data for the sole purpose of technical administration of the website, customer administration, product surveys and marketing, only to the extent necessary in each case.

 

2. Social plugins

We use so-called social plugins ('buttons') of social networks such as Facebook, Google+ and Twitter. When you visit our websites these buttons are deactivated by default, i.e. without your intervention they will not send any data to the respective social networks. Before you are able to use these buttons, you must activate them by clicking on them. 

After their activation, a direct link to the server of the respective social network is established. The contents of the button are then transmitted from the social network directly to your browser and incorporated in the website by it.

After activation of a button, the social network can retrieve data, independently of whether you interact with the button or not. If you are logged on to a social network, the network can assign your visit to the website to your user account. A social network cannot assign a visit to other AIVITEX websites unless and until you activate the respective button there as well. If you are a member of a social network and do not wish it to combine data retrieved from your visit to our websites with your membership data, you must log out from the social network concerned before activating the buttons. We have no influence on the scope of data that is collected by the social networks through their buttons. The data use policies of the social networks provide information on the purpose and extent of the data that they collect, how this data is processed and used, the rights available to you and the settings that you can use to protect your privacy.

 

3. Cookies

This website uses cookies. Cookies are text files that are saved on your end device. Cookies can be read, transferred and changed by the website when accessing it. 

It is always possible to object to the setting of cookies by changing the setting in the Internet browser correspondingly. Cookies that are set can be deleted. Please note that by disabling cookies you may not be able to fully exploit all the functions of our website.

For precise functions of the cookies, refer to the more detailed information contained in this privacy policy.

Note: Deleting your cookies will cause the deactivation cookie of that service to be deleted and may need to be reactivated the next time you visit.

 

4. Data Security

We use technical and organizational security measures to protect the data supplied by you against manipulation, loss, destruction, and access by unauthorized parties. Our security measures are continuously improved in accordance with technological development.

 

5. Revision clause

We reserve the right to change the present Privacy Policy from time to time. Updated versions will be released here. Please check whether there is an update available before each booking.

 

6. Legal bases

Insofar as you have given us your consent for the processing of your personal data, that consent is the legal basis for the processing (Art. 6 para. 1 letter a GDPR).

For the processing of personal data for the purposes of initiating or fulfilling a contract with you, Art. 6 para. 1 letter b GDPR is the legal basis.

Insofar as the processing of your personal data is necessary for the fulfilment of our legal obligations (e.g. for the retention of data), we are authorized to do so pursuant to Art. 6 para. 1 letter c GDPR.

In addition, we process personal data for the purposes of safe-guarding our legitimate interests and the legitimate interests of third parties pursuant to Art. 6 para. 1 letter f GDPR. Maintain-ing the functionality of our IT systems, marketing our own and third-party products and services as well as documenting business contacts as required by law are such legitimate interests.

 

7. Withdrawal of consent

If the data processing is based on your consent, this consent can be revoked at any time with effect for the future. Revocations of the given consents can be sent by post to iuhhoo Group GmbH, Datenschutz, Brühlstraße 7, 70563 Stuttgart or by e-mail to info@aivitex.com You will not have to pay any costs for the revocation, except for the costs incurred for the transmission at the basic rate. Your revocation does not affect the legality of data processing until revocation on the basis of your consent. Further processing of this data on the basis of a different legal basis also remains unaffected.

 

8. Rights of the data subject

As a person affected by the data processing, you have the right to obtain information about the data stored by us (Art. 15 GDPR), to have incorrect data corrected (Art. 16 GDPR), data erasure if there is no legal reason for further storage (Art. 17 GDPR), to demand restrictions on the processing of your data (Art. 18 GDPR) and data transferability with regard to the data that you have provided us (Art. 20 GDPR). To exercise this right, you can send us an e-mail to info@aivitex.com at any time.

 

9. Right to object

You can object at any time, free of charge and with effect for the future, to any data processing that is carried out on the basis of Art. 6 para. 1 e) or f) GDPR or for direct advertising purposes. To exercise your right to object, you can send us an e-mail to info@aivitex.com.