App data privacy policy

Privacy policy according to Art. 13 and 21 DSGVO

I. General

1. Responsible

The protection of your personal data is important to COMPO EXPERT. For this reason, we inform you below about the scope, purposes and benefits of the processing.
The responsible party within the meaning of the General Data Protection Regulation (DSGVO), the Federal Data Protection Act (BDSG) and other data protection regulations is the Company

COMPO EXPERT GmbH
Krögerweg 10
48155 Münster, Germany
E-Mail: info@compo-expert.com

hereinafter referred to as the "responsible party" or "we".

The data protection officer was appointed:
DSB Münster GmbH
Andé Korte
Martin-Luther-King-Weg 42-44
48155 Münster, Germany
E-Mail: datenschutz@dsb-ms.de

2. Definitions

2.1 Definitions from the GDPR

This statement uses the terms of the GDPR. You can view the definitions (Art. 4 DSGVO) at https://eur-lex.europa.eu/legalcontent/DE/TXT/?uri=CELEX:32016R0679.

2.2 Definitions for cookies and similar technologies

Cookies are text files that are stored on or read from your end device by a website or other services. They contain combinations of letters and numbers in order, for example, to recognise the user and their settings when they reconnect to the website that set the cookie, to enable them to remain logged in to a customer account or to statistically analyse specific usage behaviour. The WebStorage technique makes it possible to store variables and values locally in the user's browser cache. The technology includes both the so-called "sessionStorage", which remains stored until the browser tab is closed, and the "localStorage", which is stored in the browser cache until the cache is cleared by the user. The localStorage technology makes it possible, among other things, to recognise the user and his or her settings when calling up our services.

2.3 Definition of the data categories

The categories of data processed as indicated in this privacy statement include: Master data (e.g. names, addresses, dates of birth), contact data (e.g. e-mail addresses, telephone numbers, messenger services), content data (e.g. text entries, photographs, videos, contents of documents/files), contract data (e.g. subject matter of contract, terms, customer category), payment data (e.g. bank details, payment history, use of other payment service providers). (e.g. bank details, payment history, use of other payment service providers), usage data (e.g. history on our web services, use of certain content, access times), as well as connection data (e.g. device information, IP addresses, URL referrers), location data (e.g. GPS data, IP geolocation, access points).

3. Information on data processing

We process personal data only to the extent permitted by law. Personal data is only passed on in the cases described below.
Your personal data is protected by appropriate technical and organisational measures. Unless there is a legal obligation to store or disclose data to third parties (in particular law enforcement agencies), the storage and disclosure depends on which functions of our services you use in each individual case.

4. Storage period

The personal data will be deleted as soon as the purpose of the processing no longer applies or a prescribed storage period expires, unless there is a necessity for the continued storage of the personal data for the conclusion or fulfillment of a contract.

5. Automated decisions in individual cases including profiling

Automated decisions including profiling pursuant to Art. 22 (1), (4) DSGVO do not take place.

6. Rights of data subjects

As a data subject, you have the following rights:

  • Right of access pursuant to Art. 15 DSGVO,
  • Right to rectification pursuant to Art. 16 DSGVO,
  • Right to erasure pursuant to Art. 17 DSGVO,
  • Right to restriction of processing pursuant to Art. 18 DSGVO
  • Right to data portability pursuant to Art. 20 DSGVO

The restrictions in §§ 34, 35 BDSG apply to the right to information and the right to deletion. You have the right to complain to a data protection supervisory authority (Art. 77 DSGVO in conjunction with § 19 BDSG). The data protection supervisory authority responsible for us is:
The State Commissioner for Data Protection and Freedom of Information of North Rhine-Westphalia, Kavalleriestr. 2-4, 40213 Düsseldorf.
You are also free to complain to another data protection supervisory authority. A list of the supervisory authorities can be found at: https://www.bfdi.bund.de/ (under Infothek/Addresses and Links).

7. Duty to provide

Unless otherwise explained below in the information on the legal basis, you are not obliged to provide personal data. Insofar as the legal basis for the processing is Art. 6 para. 1 letter b DSGVO, the personal data are necessary for the performance or conclusion of the contract. In order to make use of the services and functions of the app, access rights to the following interfaces, device functions and data of your end device may be required: Memory, camera of your terminal. You are not obliged to grant the permissions. However, use of the services and functions is not possible or only possible to a limited extent without the authorisations.

8. Right of objection and revocation of consent

You have the right to revoke any consent you may have given at any time without giving reasons and with effect for the future, informally by post or e-mail. The lawfulness of the processing carried out on the basis of the consent until revocation shall not be affected by this. Upon your revocation, we will delete the personal data processed on the basis of the consent if there is no other legal basis for its processing. Objection and revocation can be made form-free to the responsible person under the contact data mentioned.

II. Data processing in connection with the use of the app

The processing of personal data is necessary for the use of the app. When using the app, we are the responsible party for the following processing operations within the meaning of the General Data Protection Regulation (DSGVO), the Federal Data Protection Act (BDSG) and other data protection regulations.

App operation

Purpose of the processing: Storage and use of technical logs to ensure and prove the functionality of our services. These are at the same time our legitimate interests according to Art. 6 para. 1 lit. f DSGVO. Legal basis: Art. 6 para. 1 lit. f DSGVO. Data categories: Usage data, connection data registration, ordering, support and

Processing of the app order including transactional emails as well as support:

Capture and collection of your user ID and email address for licence measurement and support purposes and to ensure the security of our information technology systems. Legal basis: Art. 6 para. 1 lit. b, f DSGVO Data categories: Master data, contact data, usage data, connection data, contract data, payment data