1. Preamble
This service (hereinafter "app") is provided by Steinel GmbH, Dieselstr. 80-84, 33442 Herzebrock-Clarholz, Germany info@steinel.de (hereinafter referred to as "we", "us" or "STEINEL") as the responsible party within the meaning of the applicable data protection law.
The LiveLink ONE app is used to set up lighting systems that contain LiveLink components. It covers the applications of device-based control and room-based control and provides a mobile app for commissioning and configuration by an installer ("area of application").
We process your personal data when you use the app. Personal data is to be understood to be any information relating to an identified or identifiable natural person. Because the protection of your privacy when using the app is important to us, we would like to inform you in the following about which personal data we process when you use the app and how we treat this data. Moreover, we want to inform you of the legal basis for the processing of your data and, insofar as the processing is necessary to protect our legitimate interests, also of our legitimate interests.
You can call up this privacy policy at any time under the "Privacy" menu item within the app.
The controller responsible for processing data involved in using this app is:
STEINEL GmbH, Dieselstrasse 80-84, 33442 Herzebrock-Clarholz, Germany, phone: +49 5245 / 4480, fax: +49 5245 / 448197, e-mail: info@steinel.de
The "controller" responsible is the party collecting, processing or using personal data (e.g. names, e-mail addresses etc.).
You can reach our data protection officer at:
Aulinger Datenschutz & Consulting GmbH, c/o Dr. Ralf Heine, Frankenstraße 348, 45133 Essen, Germany, telephone: +49 201 9598662, fax: +49 201 9598663, email: r.heine@aulinger-dc.eu
Period for which personal data is generally stored
Unless this data privacy statement stipulates otherwise or provides information of a more specific nature, the personal data collected will be stored until you request us to erase them, withdraw your consent to store such or the purpose for which they are stored ceases to exist. If a statutory obligation exists to retain data or any other legally acknowledged reason exists to store data (e.g. legitimate interest), the personal data concerned will not be erased until such time as the particular reason for retaining them ceases to exist.
We also store personal data if we are obliged to do so under the law. Relevant documentation and retention obligations follow from the German Commercial Code (Handelsgesetzbuch) and the German Fiscal Code (Abgabenordnung). The periods defined therein for retaining or documenting data are six years in accordance with the requirements pursuant to commercial law under Section 257 of the German Commercial Code (HGB) and up to ten years on the basis of the fiscal requirements under Section 147 of the German Fiscal Code (AO).
Legal basis for the storage of personal data
Personal data may only be processed if an effective legal basis exists for processing such data. If we process your data, this is regularly done on the basis of your consent in accordance with Art. 6 para. 1 lit. a GDPR (e.g. if you voluntarily provide your data in the contact form), for the purpose of contract fulfilment in accordance with Art. 6 para. 1 lit. b GDPR or on the basis of legitimate interests in accordance with Art. 6 para. 1 lit. f GDPR, which are always balanced with your interests (e.g. in the context of marketing measures). Wherever applicable, the relevant legal bases are in each case specified in concrete terms at the appropriate place in this data privacy statement.
Consent to processing personal data
If we want to process or use your personal data for purposes other than for fulfilling a contract, and no statutory permission exists, we shall make such contingent on receiving your prior consent. You can actively grant your consent in good time, i.e. before personal data is collected, processed and used.
You can at any time withdraw a granted consent free of charge from STEINEL GmbH, Dieselstrasse 80-84, 33442 Herzebrock-Clarholz, with effect for the future. To exercise your right to withdraw consent, contact us by regular mail at STEINEL GmbH, Dieselstrasse 80-84, 33442 Herzebrock-Clarholz, or by e-mail at info@steinel.de. Please note that if you withdraw your consent the future use of various functions or services may be restricted or no longer possible.
2. Information on the processing of your data
Certain information we immediately be processed automatically as soon as you use the app. We have listed exactly which personal data is processed in the following:
2.1 Information that is automatically collected during download
When downloading the apps, certain necessary information is transmitted to the app store that you selected (e.g. Google Play or Apple App Store); in particular, your user name, e-mail address, the customer number of your account, the time of download, you payment information and the individual device code may be processed here. This data is processed exclusively by the respective app store and is beyond our control.
2.2 Information that is automatically collected when the app is used
As part of your use of the app, we automatically collect certain data that is necessary for using the apps. This includes:
• The internal device ID
• The version of your operating system
• The time of access
• Mobile phone provider
• Localisation data.
This data is transmitted to us automatically, but not stored, (1) to provide you with the service and related features, (2) to improve the functions and performance features of our apps and (3) to prevent and eliminate misuse and malfunctions.
This data processing is justified by the fact that (1) the processing is necessary for the performance of the contract between you as the data subject and us in accordance with Art. 6 Para. 1 lit. b GDPR for the use of the apps, or (2) we have a legitimate interest in ensuring the functionality and error-free operation of the apps and being able to offer a market and interest-based service that outweighs your rights and interests in the protection of your personal data within the meaning of Art. 6 Para. 1 lit. f GDPR.
2.3 Use of the app
Within the app, you can enter, manage and edit various pieces of information, tasks and activities. This information includes, in particular, data on the project and the lighting system.
The app also requires the following permissions:
• Internet access: This is required to enable firmware updates of the LiveLink system and to save system configurations and import lighting plans.
• WLAN access: This is required so that you can control and manage our system.
• Access to location information: This is required to show which WLAN network the mobile device is connected to.
• Access to the file system for possible storage of system configurations and configuration logs.
3. Further information on our app
3.1 Upgrades, updates
STEINEL may, at its sole discretion, make upgrades, updates, or changes to the mobile application, including remotely, without notice to you. Updates, upgrades and modifications are subject to these Terms of Use, unless such upgrade, update or modification is accompanied by a separate licence, in which case the terms of this licence will apply to such upgrades, updates and modifications. If you do not want such updates, upgrades or modifications, your sole remedy is to stop using the mobile application altogether. Your continued use of the mobile applications is conditional upon your acceptance of these updates and upgrades.
3.2 Support
For questions and support regarding our mobile applications, please contact STEINEL GmbH, Dieselstraße 80-84, 33442 Herzebrock-Clarholz, Germany, phone: +49 5245 / 4480, fax: +49 5245 / 448197, e-mail: info@steinel.de
3.4 Service providers used
3.4.1 Other service providers and open source
When you use the mobile application, you may (as a result of or through your use of the mobile application) use a service or download software or purchase goods provided by another person or organisation. Your use of these other services, software and goods may be subject to separate terms and conditions between you and that company or person. If this is the case, these terms of use have no influence on your legal relationship with these other companies or persons. If the mobile application contains a third-party software component or an open source software component, the use of this software or component is subject to the terms of use of this third-party software or component or this open source software or component. Your licence rights under these Terms of Use do not include any rights or licences to use, distribute or create derivative works of the mobile application in a manner that would subject the mobile application to the Open Source Terms. "Open source terms" are the terms of a license that require, as a condition of using, modifying, and/or distributing a work, the provision of source code or other materials preferred for modification, and/or permission to create derivative works, and/or the reproduction of certain notices or license terms in derivative works or accompanying documentation, and/or the granting of a royalty-free license to any intellectual property to any party.
4. Disclosure and transfer of data
Your personal data will only be disclosed without your express prior consent if it is legally permissible or necessary to do so, or in the cases explicitly mentioned in this privacy policy. This may be the case, among other things, if the processing is necessary to protect the vital interests of the user or another natural person.
4.1
The data that you provide when registering will be disclosed within the STEINEL Group for internal administrative purposes, including joint customer support, to the extent necessary.
Any disclosure of personal data is justified by the fact that we have a legitimate interest in disclosing the data within our group of companies for administrative purposes and that your rights and interests in the protection of your personal data within the meaning of Art. 6 Para. 1 lit. f GDPR do not outweigh this.
4.2
If it is necessary for clarifying illegal or improper use of the app or for legal prosecution, personal data will be disclosed to the law enforcement authorities or other authorities and, if necessary, to injured third parties or legal advisors. However, this will only happen if there are indications of illegal or improper behaviour. Data may also be disclosed if this serves to enforce terms of use or other legal claims. We are also legally obliged to provide information to certain public bodies on request. These include criminal prosecution authorities, authorities that prosecute administrative offenses subject to fines, and the financial authorities.
Any disclosure of personal data is justified by the fact that (1) the processing is necessary to fulfil a legal obligation to which we are subject pursuant to Art. 6 Para. 1 lit. f GDPR in conjunction with national legal requirements for the disclosure of data to law enforcement authorities, or (2) we have a legitimate interest in disclosing the data to the listed third parties if there are indications of improper behaviour or to enforce our terms of use, other conditions or legal claims and to protect your rights and interests in the protection of your personal data within the meaning of Art. 6 Para. 1 lit. f GDPR do not outweigh this.
4.3
To provide our service, we rely on contractually affiliated companies of the STEINEL Group as well as the following third-party companies and external service providers: IT service providers who are called in to support the operation and hosting of the app.
Any disclosure of personal data is justified by the fact that (1) we have a legitimate interest in disclosing the data within our group of companies for administrative purposes and that your rights and interests in the protection of your personal data within the meaning of Art. 6 Para. 1 lit. f) GDPR do not outweigh this, and that (2) we have carefully selected our third-party companies and external service providers as processors within the framework of Art. 28 Para. 1 GDPR, regularly audit them and have contractually obliged them to process all personal data exclusively in accordance with our instructions.
4.4
As part of the further development of our business, the structure of our company may change in that the legal form is changed or that subsidiaries, parts of companies or components are founded, bought or sold. In such transactions, customer information may be passed on together with the part of the company to be transferred. Whenever personal data is disclosed to third parties within the context described above, we ensure that this is done in accordance with this privacy policy and the applicable data protection law.
Any disclosure of personal data is justified by the fact that we have a legitimate interest in adapting our company form to the economic and legal circumstances wherever necessary and that your rights and interests in the protection of your personal data within the meaning of Art. 6 Para. 1 lit. f GDPR do not outweigh this.
5. Disclosure of data in non-EU jurisdictions
Data will not be transferred to countries outside the European Economic Area ("EEA").
4. Changes of purpose
Your personal data will only be processed for purposes other than those described if this is permitted by law or if you have consented to the changed purpose of the data processing. In the event of further processing for purposes other than those for which the data was originally collected, we will inform you of these other purposes prior to further processing and provide you with all other relevant information.
5. Your rights as a data subject
If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis the controller:
5.1 Right to information
You have the right to request information from us at any time about the personal data we have processed that relates to you within the scope of Art. 15 GDPR. To do so, you can send an application by post or by e-mail to the address given in Paragraph 1.
5.2 Right to rectification of incorrect data
You have the right to demand that we correct your personal data immediately if it is incorrect. Please use the contact addresses provided for this purpose.
5.3 Right to delection
You have the right to demand that we delete your personal data under the conditions described in Art. 17 GDPR. In particular, these conditions provide for a right to erasure if the personal data is no longer necessary for the purposes for which it was collected or otherwise processed, as well as in cases of unlawful processing, the existence of an objection or the existence of an obligation to erasure under Union law or the law of the Member State to which we are subject. Refer to Paragraph 1 of this privacy policy for the data retention period. To exercise your right to erasure, please use the contact addresses provided.
5.4 Right to restriction of processing
You have the right to demand that we restrict processing in accordance with Art. 18 GDPR. This right exists in particular if the accuracy of the personal data is disputed between the user and us, for the period required to verify the accuracy, and in the event that the user, with an existing right to erasure, requests restricted processing instead of erasure; also in the event that the data is no longer required for the purposes we are pursuing, but the user needs it to assert, exercise or defend legal claims and if the successful exercise of an objection between us and the user is still disputed. To exercise your right to restriction of processing, please contact us at the addresses provided.
5.5 Right to data portability
You have the right to receive from us the personal data that you have provided to us in a structured, common, machine-readable format in accordance with the stipulations in Art. 20 GDPR. To exercise your right to data portability, please use the contact addresses provided.
5.6 Right to objection
You have the right, for reasons arising from your particular situation, to object at any time in accordance with Art. 21 GDPR to the processing of personal data concerning you which is carried out among other reasons under the premise of Art. 6 Para. 1 lit. e or f GDPR. We will stop processing your personal data unless we can prove the existence of binding reasons for processing that supersede your interests, rights, and freedoms or if the processing serves the purpose of asserting, exercising, or defending against legal claims.
5.7 Right to lodge a complaint
You also have the right to contact the responsible supervisory authority in the event of complaints. The supervisory authority responsible is:
State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia – Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen, Postfach: 20 04 44, 40102 Düsseldorf, Germany, phone: +49 211 / 38424 0, e-mail: poststelle@ldi.nrw.de.
7. Changes to this privacy policy
We always keep this privacy policy up to date. We therefore reserve the right to change it from time to time and to update changes in the collection, processing or use of your data. The latest valid version of the privacy policy is always available for calling up under "Privacy" within the app.