Privacy Policy Inevvo Apps

As of January 2024

Preamble

Data protection is a top priority for inevvo solutions. The careful handling of your personal information is important to us. For this reason, your data will be treated confidentially by us in strict compliance with the applicable data protection regulations.
In the following, we explain to you which data we use at what time and for what purpose when you use our apps. Our aim is to help you understand how our Apps work and what means we use to ensure the protection of your personal data, which is important to us. We only use your personal data if we have your consent or legal permission.
In our Apps, we process the data that we need for the functioning of the software, such as the IP address. In addition, we optionally collect data for the diagnosis of our software. We also use your data when you communicate with us for the purpose of contacting us.
If you have any questions about data protection, please feel free to contact us at any time, for example by e-mail at "> or by telephone on +49 7940 123-266396

Inhaltsverzeichnis

I. Identity and contact details of the data controller
II. Contact details of the protection officer
III. CONEXO App, CONEXO Lite App
IV. Contact via email
V. Cloud hosting
VI. Identification Link Generator
VII. Rights of the data subject
VIII. Amendment of the Privavy Policy

I. Identity and contact details of the data controller

The data controller responsible in accordance with the purposes of the General Data Protection Regulation (GDPR) of the European Union and other data protection regulations is:
inevvo solutions GmbH & Co. KG (short: inevvo solutions)
Fritz-Müller-Platz 1
74676 Niedernhall
Germany

II. Contact details of the data protection officer

The designated data protection officer of the data controller can be reached at .

III. CONEXO App, CONEXO Lite App

A. Use of our apps
When using our CONEXO Apps (CONEXO App, CONEXO Lite App), the following personal data is collected:

IP address,
Username (if available),
Date and time of access

If you scan QR codes of products with our CONEXO Lite App or carry out a cloud synchronisation with our CONEXO App, the App connects to our cloud or our servers and downloads the corresponding product data. Log files are created on our servers that contain the following data records:

Date and time of access
Relevant communication data (e.g. username)

The legal basis for this is Article 6 para. (1) sen. (1) lit. (b) GDPR, i.e. the initiation or implementation of contractual relationships (in this case our user agreement).

B. Installation of the apps
The CONEXO Apps are installed via the technical operators iTunes or the Google Play Store under their conditions. Insofar as the App installation takes place via iTunes, for example, this is Apple Inc., 1 Infinite Loop, Cupertino, California, USA 95014. The loading of the App is carried out by each user through the Apple ID they have created themselves. For this, each user has already had to agree to Apple’s terms and conditions. Details of the “Apple Privacy Policy” can be found at https://www.apple.com/de/privacy/. Google Play, on the other hand, makes its notices and privacy policy available at https://www.google.de/policies/privacy/.

C. App optimisation
The CONEXO Apps optionally collect and transmit data to ensure the quality of the App and to optimise the user experience. In the process, data on the device and its use (stack traces in the event of problems in the App) are collected by the CONEXO Apps and transferred to a server of one of our IT service providers. These servers are generally located in an ISO 27001 certified data centre in Germany.
Data processing for App optimisation is only activated during installation if you give your consent. We then process the following data:

Timestamp
Version of the operating system used
AppVersion (build)
PortalUrl (customer)
Device name
Screen resolution
Screen orientation
Username
Type of log file (INFO, ERROR, EXCEPTION)
Title and content of the log file
Language

The legal basis for the reading and transmission of your usage behaviour is Article 6 para. (1) sen. (1) lit. (a) GDPR, i.e. your consent. This consent can be revoked at any time in the future. If you do not wish to contribute to improving the App, you can deactivate the services in the App settings at any time.

D. Duration of storage
We store the log files on our servers for 15 days and then automatically delete them from our systems.
The App optimisation data is stored for 90 days and then automatically deleted.

V. Contact via email

A. Description and scope of data processing
You can contact us via the email address provided. In this case the personal data of the user transmitted with the email will be stored.
The data will be used exclusively for the processing of the conversation.

B. Purpose of data processing
If you contact us via email, this also constitutes the necessary legitimate interest in the processing of the data.

C. Legal basis for data processing
If the user has given consent, the legal basis for processing the data is Art. 6 para. (1) sen. (1) lit. (a) GDPR.
The legal basis for the processing of data transmitted while sending an email is Art. 6 para. (1) sen. (1) lit. (f) GDPR. If the purpose of the email contact is to conclude a contract, the additional legal basis for the processing is Art. 6 para. (1) sen. (1) lit. (b) GDPR.

D. Duration of storage
The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. For personal data sent by email, this is the case when the respective conversation with the user has ended. The conversation ends when it can be concluded from the circumstances that the matter in question has been conclusively resolved.

E. Objection and removal
The user has the possibility to withdraw consent to the processing of their personal data at any time. If the user contacts us by email, he can object to the storage of his personal data at any time. In such a case, the conversation cannot be continued.
The withdrawal of consent and the objection to storage are made possible by e-mail, telephone or contact form on our homepage.
In this case, all personal data stored while establishing contact will be deleted.

V. Cloud hosting

The data of the CONEXO system are hosted on servers of a service provider commissioned by us. In the case of customer-specific installations, it is alternatively possible for this data to be hosted on the systems of the customer or a service provider of the customer.
The servers automatically collect and store information in so-called server log files, which the App requires during operation. The information stored is:

Date and time of the server request
Relevant usage data

This data will not be merged with other data sources. The data is collected on the basis of Art. 6 para. (1) sen. (1) lit. (f) GDPR. The App user has a legitimate interest in the technically error-free functioning of the App – and server log-files are therefore recorded.
The servers of the CONEXO system are geographically located in Germany.

VI. Identification Link Generator

A. Description and scope of data processing
In order to use the Identification Link Generator, registration is required to create a user account. This is created by the user himself and then stored in the inevvo Identity Provider. No data is passed on to third parties.
The following data is collected as part of the registration process:

First name/last name
Username
Email address
Cryptographic hash of the password
User authorisations (roles)

As soon as the registration process is completed, a technically necessary cookie is set, which is discarded when the user logs out. If the user does not log out, the cookie is deleted after 12 hours at the latest.

B. Purpose of data processing
Registration of the user is required for the fulfilment of a contract.

C. Legal basis for data processing
Registration serves to fulfil a contract to which the user is a party, which is why the legal basis for processing the data is Art. 6 para. (1) sen. (1) lit. (b) GDPR.
The legal basis for the use of technically necessary cookies is Section 25 para. (2) no. (2) TTDSG (Federal Act on Regulation of Data Protection and Protection of Privacy in Telecommunications and Telemedia) in conjunction with. Art. 6 para. (1) sen. (1) lit. (f) GDPR.

D. Duration of storage
The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected.
This is the case for data collected during the registration process for the fulfilment of a contract when the data is no longer required for the performance of the contract. Even after the conclusion of the contract, there may be a need to store personal data of the contractual partner in order to comply with contractual or legal obligations.

E. Objection and removal
As a user, you have the option of cancelling your registration at any time. You can have the data stored about you changed at any time. You can find contact information for this under point “I. Identity and contact details of the data controller“.

VII. Rights of the data subject

You have the following rights:

If your personal data is processed, you have the right to obtain information from the controller about the data stored about you (Art. 15 GDPR).
If inaccurate personal data is processed, you have the right to rectification (Art. 16 GDPR).
If the legal requirements are met, you may request the erasure or restriction of processing as well as object to processing (Art. 17, 18 and 21 GDPR).
If the data processing is based on consent, you can withdraw your consent at any time.
If you have consented to the data processing or if there is a contract for data processing and the data processing is carried out with the help of automated procedures, you may have a right to data portability (Art. 20 GDPR).
Furthermore, there is a right of appeal to a supervisory authority (Art. 77 GDPR).

VIII. Amendment of the Privacy Policy

We reserve the right to amend the Privacy Policy in order to adapt it to any changes in the legal situation or in the event of changes to the service and data processing.