Please note that the transmission of data via the Internet (e.g. communication by e-mail) may be compromised. It is not possible to completely secure data against third-party access.

Note on the controller responsible for processing

The controller responsible for data processing within these apps is: ENAiKOON GmbH The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data (e.g. names, e-mail addresses or similar information).

Withdrawing your consent to data processing

Many data processing operations are only possible with your explicit consent. You can withdraw consent you have already given at any time. All you need to do is send us an informal message by e-mail. The legality of the data processing carried out until the withdrawal remains unaffected by the withdrawal.

Right to object to the collection of data in specific cases and to direct marketing (Article 21 GDPR)

If data processing is carried out on the basis of Article 6 (1) (e) or (f) GDPR, you have the right to object to the processing of your personal data at any time for reasons arising from your particular situation; this also applies to profiling based on these provisions. The respective legal basis on which processing is based can be found in this privacy policy. If you object, we will no longer process personal data concerning you unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the purpose of asserting, exercising or defending legal claims (objection under Article 21 [1] GDPR). If your personal data is processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to profiling insofar as it relates to such direct marketing. If you object, your personal data will subsequently no longer be used for the purpose of direct marketing (objection pursuant to Article 21 [2] GDPR).

Right to lodge a complaint with a competent supervisory authority

If the GDPR is breached, data subjects have a right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, place of work or the place of the alleged breach. The right to lodge a complaint is without prejudice to any other administrative or legal remedy.

Right to data portability

You have the right to have data that we process automatically on the basis of your consent or in performance of a contract made available to you or to a third party in a commonly used, machine-readable format. If you have requested that the data is directly transferred to another controller, this will only be done if it is technically feasible. It is possible to make your data available for transfer to yourself or a third party for a maximum of 30 days after expiry of the notice period.

SSL or TLS encryption

This app uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as coordinates or enquiries that you send to us as the app operator. If SSL or TLS encryption is enabled, the data you transmit to us cannot be read by third parties.

Right of access, right to suppression, erasure and rectification

Within the scope of applicable legal provisions, you have the right at any time to request information free of charge about your stored personal data, its origin and recipient(s) and the purpose of the data processing and, if applicable, a right to rectification, suppression or erasure of this data. You can contact us at any time at the address given for this purpose and regarding any other questions on the subject of personal data.

Right to restriction of processing

You have the right to request the restriction of the processing of your personal data. To do so, you can contact us at any time at the address given. The right to restriction of processing exists in the following cases:

• If you dispute the accuracy of the personal data we store concerning you, we will usually need time to verify this. For the duration of the review, you have the right to request the restriction of the processing of your personal data.
• If the processing of your personal data has happened/is happening unlawfully, you can request the restriction of data processing instead of erasure.
• If we no longer need your personal data, but you need it to exercise, defend or enforce legal claims, you have the right to request the restriction of the processing of your personal data instead of erasure.
• If you have lodged an objection pursuant to Article 21 (1) GDPR, your interests and our interests must be balanced. You have the right to demand the restriction of the processing of your personal data for as long as it is not yet determined whose interests prevail.

If you have restricted the processing of your personal data, such data may ? apart from being stored ? only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or a Member State.

3. Data collection through our apps

Application data

The app automatically transmits data while communicating with our server, which is automatically stored by the server in ?log files?. Such data includes:

• type of mobile device;
• operating system used;
• language used;
• technical information about the end device used;
• date and time of the request;
• IP address;
• mobile phone number and device number;
• current geo-coordinates for the mobile device; and
• employee user names, as well as first and last names, telephone numbers and e-mail addresses.

This is carried out on the basis of Article 6 (1) (b) GDPR, which permits the processing of data to fulfil a contract or to take steps prior to entering into a contract.

Address data on your end device

If you want to send information from the app to recipients, our apps access the address book. The data selected from the address book is only used for addressing and sending the selected information and is not stored beyond this. This includes:

• full name;
• mobile phone number; and
• e-mail address.

This is carried out on the basis of Article 6 (1) (b) GDPR, which permits the processing of data to fulfil a contract or to take steps prior to entering into a contract.

Processing data (customer and contract data)

We only collect, process and use personal data insofar as it is necessary to establish, design the content of, or amend the legal relationship (inventory data). This is carried out on the basis of Article 6 (1) (b) GDPR, which permits the processing of data to fulfil a contract or to take steps prior to entering into a contract. We only collect, process and use personal data relating to the use of our apps (usage data) insofar as this is necessary to enable the user to use the service or to bill them. The customer data collected will be erased after the order has been completed or the business relationship terminated. Statutory retention periods remain unaffected.