Data privacy protection information for the use of the Ceecoach Plus App (App)
The protection of your personal data is important to us and a special concern. Compliance with the statutory provisions on data protection is a matter of course for us. In the following, we would like to inform you about what personal data we collect when you download and use our app, how we process this data and what rights you have in connection with your personal data.
1. Who is responsible for data processing?
Responsible for data processing within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is
Peiker CEE GmbH
GER-61352 Bad Homburg
Phone: +49 6172 1797-500
(hereinafter: “Peiker” and/or “we”)
1. Responsible body and contact details of the data protection officer
Data Protection Officer
2. How is my data processed when I download and use the app?
a.) Data processing when downloading the app and in connection with in-app purchases
In App Purchases are currently not possible with our Ceecoach Plus App.
The app requests the following permissions and uses them for the purposes outlined in the remaining sections:
- Photo library (Photos)
- Location data
The “Bluetooth” and optionally „Location data“ permission are mandatory for the use of the app.
c.) Use of the app
To register, we use your email address, Apple ID, Facebook ID or Google ID.
If you want to use our mobile app, we process the following data, which are technically necessary for us to offer you the functions of our mobile app and to ensure stability and security, so they must be processed by us:
- IP address
- Date and time of the request
- Time zone difference from Greenwich Mean Time (GMT)
- Content of the request (visited page)
- Access status/HTTP status code
- Data volume transferred in each case
- previously visited page
- Operating system
- Language and version of the browser software.
Furthermore, when using the app we process
- Login data with e-mail address
- Software status of the device
- Number of SW updates
- ID of the device
- if applicable, so-called in-app purchases for the subsequent delivery of functions.
We also use the information you provide when using the App to configure CEECOACH Plus and to apply software updates to CEECOACH Plus. The configuration parameters include, among others, language settings, volume settings and the setting of a switch-off timer.
When using the app, you will also receive up-to-date news about new features or SW releases.
Voluntarily provided personal data is used to personalize the app.
d.) Push notifications
Users of the app can be notified of new posts, comments or chat messages via the push function of iOS and Android. The user can set whether push notifications are allowed to be sent. This is done right at the beginning of app use by asking a question (Is this app allowed to send you notifications?) and can be changed at any time by the user in the app settings. The default setting is “enabled”.
For the technical dispatch of the notification, the back-end sends a corresponding interface call for each potential recipient when a new article is published. For the execution of the service, the device ID of the end device with the assignment of the end device with the assignment to the user account is stored for activated notifications.
4. Legal basis for the processing of personal data
Your personal data will be processed in accordance with the General Data Protection Regulation (DS-GVO).
The processing of your personal data takes place in addition to the authentication during the registration of the use of the app for the provision of the services within the app in each case either for the performance of a contract (Art. 6 para. 1 p. 1 lit. b DS-GVO) or for the protection of legitimate interests (Art. 6 para. 1 p. 1 DS-GVO) in the form of our interest in offering the corresponding services.
If consent is given, we process the data on this basis in accordance with Art. 6 Para. 1 lit. a and Art. 7 DS-GVO.
In addition to processing your data to provide the Services, we also process your data – unless your legitimate interests are overridden – on the basis of our legitimate interest or the interest of a third party. This includes the following processing purposes:
- Assertion of legal claims and defence in legal disputes,
- Ensuring the security of the operation of our IT systems and further developing these measures,
- Prevention and detection of crime,
- Business management measures,
- Fraud Prevention,
- Management of our business risks.
5. Who gets my data?
Personal data is transferred to Clever Cloud SAS, 3 rue de l’Allier, 44000 Nantes, France for the provision of IT services (cloud services) on the basis of an order processing contract.
6. Will data be transferred to a third country or to an international organisation?
A data transfer to countries outside the EU/EEA (so-called third countries) only takes place if this is necessary or legally required, if you have given us your consent or within the scope of an order processing. If service providers in third countries are used, they are additionally obligated by the agreement of the EU standard contractual clauses to comply with the level of data protection in Europe.
7. How long will my data be stored?
We process and store your personal data for as long as it is required to fulfil the purpose. If the data is no longer required with regard to the fulfilment of the purpose, your data will be deleted on a regular basis, unless the deletion conflicts with statutory retention obligations.
8. Data security
The App is protected by technical and organizational measures against loss, destruction, access, alteration or distribution of your data by unauthorized persons.
9. What data protection rights do I have?
You have the right to
- Information about the personal data processed by you in accordance with Article 15 DS-GVO,
- Correction of your inaccurate personal data in accordance with Article 16 DS-GVO,
- Deletion of your personal data in accordance with Article 17 DS-GVO,
- Restriction of processing pursuant to Article 18 of the GDPR,
- Data portability according to Article 20 DS-GVO.
- Objection under Article 21 of the GDPR,
The relevant national restrictions apply to the right of access and deletion (for Germany §§ 34, 35 BDSG). In addition, you have a right of appeal to the competent data protection supervisory authority in accordance with Article 77 DS-GVO.
10. To what extent is there automated decision making?
As a matter of principle, we do not make any automated decisions pursuant to Article 22 of the GDPR. Should we use these in individual cases, we will inform you of this separately if this is required by law and, if necessary, obtain your consent.
11. Is “profiling” taking place?
“Profiling” means any automated processing of personal data intended to analyse or predict a natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or change of location. As a general rule, we do not use “profiling”. Should we use this in individual cases, we will inform you of this separately, insofar as this is required by law and, if necessary, obtain your consent.
12. Can I revoke the consent I have given?
If we process your data on the basis of consent given by you, you have the right to revoke your consent at any time. Your data will then no longer be processed for the purposes covered by the consent. Please note that the lawfulness of the data processing granted before the revocation is not affected by the revocation. Please refer to the previous information or the information in the consent for details on how to declare your revocation. Please send your revocation to:
peiker CEE GmbH
61352 Bad Homburg
Phone: +49 6172-1797 500
13. No obligation to provide personal data
The provision of personal data is neither legally nor contractually required. Required for registration is the provision of an email address, Apple ID, Facebook ID, Facebook ID or Google ID. Further data is not required for the conclusion of a contract. You are not obliged to provide personal data. The only consequence of not providing personal data is that you cannot register and use services that require such data.
14. Do I have a right of appeal to a supervisory authority?
If you are of the opinion that the processing of your personal data violates applicable law, you may at any time lodge a complaint with the data protection supervisory authority pursuant to Article 77 of the GDPR. This applies without prejudice to administrative or judicial remedies. You can reach the data protection supervisory authority responsible for Peiker as follows:
Der Hessische Beauftragte für Datenschutz und Informationsfreiheit
Phone: +49 611-1408 0