Data protection information - ENiQ App

The following information provides you with an overview of the processing of your personal data by us and your rights arising from the data protection laws, particularly with regard to the General Data Protection Regulation (GDPR). The details of what data is processed and in what way it is used when the ENiQ App is used, can be found below:

I. Who is responsible and how can I reach the Data Protection Officer?

The responsible office as defined in the GDPR is

Petra Eul-Löh

HEC Harald Eul Consulting e.K.

Auf der Höhe 34

D-50321 Brühl

Tel. +49 (0)2232 200917

E-Mail: datenschutz(at)dom-group.de

DOM Sicherheitstechnik GmbH & Co. KG („DOM“)

Wesselinger Str. 10-16

D-50321 Brühl

Telefon: +49 (0)2232 - 704-217

Telefax: +49 (0)2232 - 704-375

E-Mail: datenschutz(at)dom-group.de

If you have questions related to the processing of your personal data by us, please contact the data protection officer who you can reach via the address cited in the legal notice or via the following email address: datenschutz@dom-goup.eu(DOM Sicherheitstechnik GmbH & Co. KG, Datenschutzbeauftragter, Wesselinger Straße 10 – 16, D-50321 Brühl)

II. Your rights as data subject

Each data subject has the following rights:

• Right to information (Art. 15 GDPR)

• Right to rectification of incorrect data (Art. 16 GDPR)

• Right to erasure or a right “to be forgotten” (Art. 17 GDPR)

• Right to restriction of the processing of personal data (Art. 18 GDPR)

• Right to data portability (Art. 20 GDPR).

You can object to the processing of personal data for advertising purposes including an analysis of customer data for advertising purposes at any time without giving any reasons.

In addition, the data subject is also entitled to a general right of objection (cf. Art. 21 section 1 GDPR). In this case, the reason for objecting to data processing has to be given. Where data processing takes place on the basis of consent, you can withdraw your consent at any time with effect for the future.

To exercise the rights in question, the simplest way is to contact dom@dom-group.eu. In addition, you have the right to complain to the data protection supervisory authority responsible for you.

III. Regarding the processing of personal data by DOM Sicherheitstechnik

When the ENiQ App is used, the following personal data is processed:

1. Download and purchase of the App

When purchasing the ENiQ App via Google Playstore, Google Payments collects and processes your data for invoicing purposes. This assumes a corresponding registration with Google Payments. DOM receives corresponding invoice data from Google Payments, which cannot be directly linked to a person by us. This data is saved by us internally for documentation and verification of the purchase of the software. As an accounting document, it is subject to the statutory retention obligations in accordance with the fiscal code and the commercial code and so this data will be stored for up to ten years due to the provisions of the fiscal code and the commercial code. The data processing takes place on the basis of article 6, section 1b of the GDPR as well as on the basis of article 6, section 1c of the GDPR in conjunction with §§ 146 ff. of the fiscal code or § 257 of the commercial code.

Upon download of the App, access data is generated and is collected and processed by Google LLC (previously Google Inc.) in order to be able to provide this service and to create corresponding statistical evaluations about its use. The legal basis for the data processing is article 6, section 1 b, f of the GDPR. The data pertaining to the download of the App will only be provided to DOM in anonymised form. Details for the data processing by Google at the Google Playstore can be found under: https://policies.google.com/privacy?hl=de&gl=de

2. Use of the ENiQ App

The ENiQ App is an offline application where all of the rights created in the App remain and can be programmed in the DOM devices by NFC stations. There is no data transfer to DOM-Sicherheitstechnik as a matter of principle.

3. Processing of anonymous data for product improvement

DOM-Sicherheitstechnik uses the following Google-Firebase as services to assess anonymised fault messages for purposes of product improvement:

• Google Analytics for Firebase

• Firebase Authentication

• Firebase Realtime Data Base

• Firebase App Indexing and

• Crashlytics

The data collected in Firebase is anonymised. The fault messages from the ENiQ App cannot be attributed to a specific user. Also, incidents will not be saved to a specific device ID. In addition, only individual events (such as fault messages, for example) will be analysed by DOM in order to ascertain how our products can be improved.

Personal data will arise for the transfer of incoming data to the provider. This data will be immediately anonymised by the service provider. You can object to the transfer of data for purposes of product improvement.

Please note that the data transfer can also be to service providers based outside the EU/EEA. In this case, Privacy Shield will be used so that an appropriate level of data protection is assured.

4. Beta testers

Insofar as you are testing a new version of the ENiQ App as a pilot customer, there is a distinction of the data transferred for analysis through the temporary use of the Google ID. The Google ID enables the separation of the transferred data for incidents arising during the use of the new software from those associated with the standard software. The incidents arising from the use of the software update can be assessed separately from the other messages arising with the standard software. The assessment is likewise carried out anonymously.

Statement version: 25/05/2018