2 General notes and mandatory information
Note on the responsible entity
The responsible party for data processing on this website is:
cubos Internet GmbH
Managing Director: Hanno Heeskens
Register court: Local court Aachen
Registration number: HRB 17734
The responsible party is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data (e.g. names, e-mail addresses or similar).
Revocation of your consent to data processing.
Many data processing operations are only possible with your express consent. You can revoke consent you have already given at any time. For this purpose, an informal communication by e-mail to us is sufficient. The legality of the data processing carried out until the revocation remains unaffected by the revocation.
Right of complaint to the competent supervisory authority
In the event of violations of data protection law, the data subject has a right of appeal to the competent supervisory authority. The competent supervisory authority in matters of data protection law is the state data protection commissioner of the federal state in which our company is based. A list of data protection officers and their contact details can be found in the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.
Right to data portability
You have the right to have data that we process automatically on the basis of your consent or in performance of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done to the extent that it is technically feasible.
SSL or TLS encryption
For security reasons and to protect the transmission of confidential content, GroupAlarm.com uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line. With SSL or TLS encryption activated, the data you transmit to us cannot be read by third parties.
Information, blocking, deletion
Within the framework of the applicable legal provisions, you have the right at any time to free information about your stored personal data, its origin and recipient and the purpose of data processing and, if applicable, a right to correction, blocking or deletion of this data. For this purpose, as well as for further questions on the subject of personal data, you can contact us at any time at the address given in the imprint.
3. data protection officer
Data protection officer required by law
We have appointed a data protection officer for our company.
Am Haarberg 27
Phone: +49-(0)241-4120 2406
E-mail: [email protected]
4. data collection on our website
The internet pages partly use so-called cookies. Cookies do not cause any damage to your computer and do not contain viruses. Cookies serve to make our offer more user-friendly, more effective and safer. Cookies are small text files that are stored on your computer and saved by your browser. Most of the cookies we use are so-called “session cookies”. They are automatically deleted after the end of your visit. Other cookies remain stored on your terminal device until you delete them. These cookies allow us to recognize your browser on your next visit. You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be limited. Cookies that are required to carry out the electronic communication process or to provide certain functions that you have requested (e.g. shopping cart function) are stored on the basis of Art. 6 (1) lit. f DSGVO. The website operator has a legitimate interest in storing cookies for the technically error-free and optimized provision of its services. Insofar as other cookies (e.g. cookies for analyzing your surfing behavior) are stored, these are treated separately in this data protection declaration.
Server log files
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
- browser type and browser version .
- Operating system used
- referrer URL
- Host name of the accessing computer .
- Time of the server request
- IP address
A combination of this data with other data sources is not made. The basis for the data processing is Art. 6 (1) lit. f DSGVO, which permits the processing of data for the performance of a contract.
We use the Content Delivery Network (CDN) of Cloudflare Germany GmbH, Rosental 7, c/o Mindspace, 80331 Munich Germany (Cloudflare) to increase the security and delivery speed of our website. This corresponds to our legitimate interest (Art. 6 para. 1 lit. f DSGVO). A CDN is a network of globally distributed servers that is able to deliver optimized content to the website user. For this purpose, personal data may be processed in server log files by Cloudflare.
Cloudflare is a recipient of your personal data and acts as a processor for us. This corresponds to our legitimate interest within the meaning of Art. 6 (1) p. 1 lit. f DSGVO not to operate a content delivery network ourselves.
You have the right to object to the processing. Whether the objection is successful is to be determined as part of a balancing of interests.
The processing of the data provided under this section is not required by law or contract. The functionality of the website is not guaranteed without the processing.
Your personal data will be stored by Cloudflare for as long as necessary for the purposes described.
For more information on objection and removal options vis-à-vis Cloudflare, please see: Cloudflare DPA.
Cloudflare has implemented compliance measures for international data transfers. These apply to all global activities where Cloudflare processes personal data of individuals in the EU. These measures are based on the EU Standard Contractual Clauses (SCCs). For more information, please visit: https://www.cloudflare.com/cloudflare_customer_SCCs-German.pdf
5. analytics tools, communications and advertising.
Google Analytics Remarketing
On our website there is the possibility to contact us via the live chat function. For this purpose, we use the services of Crisp. In this context, no data is passed on to third parties. The data is used exclusively for processing the conversation. The legal basis for the processing of the data is Art. 6 para. 1 lit. a DSGVO if the user has given his consent. The legal basis for the processing of data transmitted in the course of sending an e-mail is Art. 6 (1) lit. f DSGVO. If the e-mail contact aims at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b DSGVO.
The use of the service provider Crisp is based on our legitimate interest according to Art. 6 para. 1 lit. f DSGVO. For the purpose of customer management and to ensure the fastest possible support for the best possible user experience, we use the service Crisp of the company CRISP IM SARLS 2 Boulevard de Launay, 44100 Nantes (France) for sending messages by e-mail and for live chats. In these purposes also lies our legitimate interest in data processing according to Art. 6 para. 1 lit. f DSGVO. Further information: Crisp Privacy Statement and GDPR Status.
6. Data collection in our apps.
GroupAlarm.com provides apps for iOS and Anroid for enrolled participants. The apps can be obtained from their respective app stores:
The apps process personal data in the same way as the web app at app.groupalarm.com. The contract for order processing is available there for customers.
Data processing when using GroupAlarm.com
Creation of a user account
For the duration of the contractual relationship, we store at least your e-mail address and the password you set in encrypted form. The legal basis for this is Art. 6 para. 1 lit. b) DSGVO (“processing for contract performance”). In addition, you can provide further data within GroupAlarm, this is done on the legal basis of consent (Art. 6 para. 1 lit. a).
The data will be stored until the contractual relationship is terminated. The data can be viewed by you at any time and can be changed / deleted.
Access to device services
In order to ensure a smooth alarming process, GroupAlarm needs access to device functions, depending on the scope of functions. This is required at least for
- Device memory (e.g. ringtones, messages, app memory).
- network access, data transfer (encrypted), mobile data
- Location data of the device (also in the background, backgroud location).
You can enable or disable individual functions during installation, proper function may then no longer be given.
Geolocation of devices / background location data / background location.
The app uses the user’s own device location for some functions when enabled by the user, e.g. for automatic calculation of the approach route or localization within specified geofences.
A so-called geofence is defined by a position and a circle of a defined size around this position. Geofences are stored in the system on mobile devices and crossing the boundaries triggers different actions depending on the direction (e.g. enter geofence or leave geofence). In order for the end devices to perform localization for the geofences, the exact location is required. However, the exact location is not transmitted to GroupAlarm, only the entry/exit from the geofence. An exact localization of the user is therefore not possible. The user has the possibility to deactivate all geofences at any time. The core functionality of the alerting is not restricted by this.
Geofences for alerting
For alerting, different geofences are created within the org and distributed to the end devices. Each user decides for which organization he wants to use the functionality. The administrator and authorized participants can see who is in which geofence. However, it is not possible to infer the exact location.
Geofences for availability
Participants can create their own geofences in their apps to control availability in their organizations. GroupAlarm has no knowledge of these geofences, but only reacts to the messages resulting from the entries/exits and sets the user to “Available” or “Not available”.
To display the addresses / geo-coordinates, our apps use the services of Google and Apple, respectively. When displayed, IP address and your location are passed on to the operator of the map services. For more information on the processing of this data, please contact your manufacturer.
For communication with our systems, e.g. for the delivery of alerts, invitation to appointments or delivery of messenger messages, we use the push notifications of the manufacturers Apple and Google. The so-called device IDs / device IDs are processed in order to deliver the notifications to the devices. The transmission is completely encrypted. The device ID does not allow any conclusions to be drawn about the user.