Data protection information

I Scope

With this document, the Data Controller wishes to satisfy their information obligations towards data subjects pursuant to Art. 13 General Data Protection Regulation (GDPR). This Data protection information is published under https://www.flexoptix.net/de/flexoptix-app/privacy-policy and has been in effect since March 2023. We may find it necessary to amend this data protection information as a result of enhancements to our app, or owing to amended legal or official requirements. You will be notified of the amended version here.

II Who is responsible for data processing?

Pursuant to Art. 4 (7) GDPR, the Data Controller responsible for data processing is:

Flexoptix GmbH, Mühltalstr. 153, 64297 Darmstadt, Germany. Email: info@flexoptix.net. The full Legal Notice is available under: https://www.flexoptix.net/de/info/impressum/

III Has a data protection officer been appointed?

The Data Controller responsible for data processing has appointed the following company data protection officer: Marc Oliver Giel, datamog, Lagerstraße 11a, 64807 Dieburg, Germany, Email: datenschutz@flexoptix.net

IV What do you use my data for?

IV.1 Download/installation of the app

When downloading the app and installing it on your personal device, the information required for this is transferred to the respective app store, i.e. in particular your user name, email address and customer number for your account, download time, payment information and the individual device code. However, we have no influence over the collection of this data and we are not responsible for its collection. We only process the data you provide if it is required for downloading the app to your smartphone. The data is not stored any further beyond this.

Apple

The following applies if you download our app from the Apple App Store and install it on your personal device:

Service provider: Apple Inc. One Apple Park Way, Cupertino, California, USA, 95014, https://www.apple.com/uk/
Apple Privacy Policy: https://www.apple.com/legal/privacy/en-ww/
Privacy Policy for the App Store: https://www.apple.com/legal/privacy/data/en/apple-store-app/
Transfer to third countries: see the Apple Privacy Policy: https://www.apple.com/legal/privacy/en-ww/

Google Play

The following applies if you download our app from the Google Play App Store and install it on your personal device:

Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, https://play.google.com/store/games?hl=de&gl=GB
Google Privacy Policy: https://policies.google.com/privacy
Transfer to third countries: see the Google Privacy Policy

IV.2 Use of the app

IV.2.a General

When you use our app, we only store data that we need for ensuring the smooth operation of our app and for related support cases. This concerns the following data:

Date and time of access
Volume of data sent in bytes
App used
Operating system used
IP address used (always in anonymous form)
FLEXBOX serial number
Transceiver serial numbers
Customer or company name
Read/written transceiver configuration
Purpose of processing: Provision of the configuration functions

Legal basis and legitimate interests: Collection and storage takes place pursuant to Art. Art. 6 (1) (f) GDPR based on our legitimate interest in improving the stability and functionality of our app. However, we reserve the right to review the server log files retrospectively if concrete indications of unlawful use are identified.

Storage period: Non-anonymized server log files (error log) are automatically deleted again no later than after 14 days.

Recipient of the data: Our app is stored with a hosting service provider that provides us with infrastructure and platform services, computing capacity, storage space, database services, security services and technical maintenance services. We have concluded a data processing agreement pursuant to Art. 28 GDPR with this service provider.

IV.2.b FLEXBOX customer account

If you purchase a FLEXBOX, you automatically open a company-related FLEXBOX customer account at the same time. To this end, it is mandatory for us to collect and process only the company name for legitimation purposes. We cannot give you access to our app without this mandatory information. All other information, such as a personal user name or an email address, is voluntary.

Purpose of processing: Legitimation

Legal basis: Data processing takes place to execute the user license agreement with you pursuant to Art. 6 (1) (b) GDPR. The legal basis for the information you voluntarily provide is formed by Art. 6 (1) (a) GDPR.

Storage period: Your data remains stored for as long as you have a FLEXBOX customer account contract with us. You can delete your FLEXBOX customer account at any time.

IV.3 Cookies

IV.3.a General

(aa) Definitions

In the following, you can find extensive information on "cookies". This is information that is often stored in databases on your personal device. Any type of "cookie" can contain personally identifiable information. In many cases, however, the data is rendered pseudonymous. The following terms are used below where applicable:

First-party cookie: This cookie is stored or modified by the website you are browsing
Third-party cookie: This cookie is stored or modified by a third party that the website operator is connected to (e.g. an advertising network, a social media platform, etc.)
Session cookie: This cookie is deleted from your personal device when you close the browser. In many cases, a session cookie only stores one session ID in order to assign multiple requests from a user on a page to their session
Persistent cookie: This cookie is stored on your personal device until its validity expires or you delete it manually or automatically in your browser.
Essential cookie: The service you have requested cannot be provided without this cookie and web storage.
Optional cookie: This cookie and web storage allows us to use more advanced features and will only be used if you give your consent.

(bb) Legal Grounds

Essential cookies: The storage of and access to information is based on the legal grounds provided by Sec. 25 (2) No. 2 German Teleservices Data Protection Act (TTDSG).
Optional cookies: The storage of and access to information is based on the legal grounds provided by your individual personal and voluntary consent pursuant to Section 25 (1) TTDSG in conjunction with Art. 6 (1) (a) GDPR. You can withdraw your consent again at any time with effect for the future. The data processing that takes place until you withdraw your consent remains lawful. Please note that if you choose to not accept optional cookies, it may limit your ability to use individual functions of our Internet presence.

(cc) Data recipient/accessibility

First-party cookies: As the data controller and site operator, only we have access to these.
Third-party cookies: Only the third-party that sets these cookies themselves has access to this. For example, only Google has access to a cookie set by Google and can read or change it.

(dd) Storage period

Session cookies: These only remain stored in your browser temporarily until the end of the browser session or can be deleted by you beforehand.
Persistent cookies: These remain stored on your end device for as long as specified for the specific cookie or can be deleted by you beforehand.
The exact storage period is detailed under "Cookies Used".

(ee) Deletion options/withdrawal

You can simply withdraw your consent by going back to the cookie settings in the app and disabling the settings.

IV.3.b Cookies used

In the overview below, we list the essential, first-party cookies used in our app and the purpose of data processing:

sawMatomoNotification (Essential Cookie)
Purpose: Is set to detect whether the screen for getting permission to use Matomo Analytics has been shown
Storage Period: Unlimited

matomoOptedIn (Essential Cookie)
Purpose: Is set to detect whether data collection via Matomo Analytics has been allowed
Storage Period: Unlimited

termsAndConditionsKey (Essential Cookie)
Purpose: Is set to detect whether the terms and conditions of service have been accepted
Storage Period: Unlimited

lastWarningTriggeredAt (Essential Cookie)
Purpose: Is set to control the period between low battery warnings
Storage Period: Unlimited

IV.4 Web analysis

Matomo (formerly PIWIK)

Our app uses Matomo, a web analytics service provided by https://matomo.org/. The software uses "cookies", which are small text files that are stored on the user's computer that facilitate the analysis of how you use our app.

Matomo’s data is stored with a hosting service provider that provides us with infrastructure and platform services, computing capacity, storage space, database services, security services and technical maintenance services. We have concluded a data processing agreement pursuant to Art. 28 GDPR with this service provider.

On agreement, the following data will be collected:

User ID
IP address
Mobile device used (manufacturer, model, operating system, browser)
Time when the app is used
Way the app is used

Our app uses Matomo with IP masking exclusively, which guarantees anonymization of the IP address by shortening it and excludes any possibility of direct personal reference. This function means that your IP address is not stored or processed in full, but shortened and thereby rendered anonymous.

Purpose of processing: Analyzing visitor actions, measuring reach (e.g. access statistics, recognition of returning visitors), improving the user interface, detecting and preventing misuse.
Legal grounds: So that we can use Matomo, you can grant us your consent pursuant to Art. 6 (1) (1) (a) GDPR, which you can withdraw at any time with effect for the future by disabling "Statistics" or "Matomo" in the cookie settings on our website.
Storage period: We store the anonymized data collected in this way for a maximum period of 14 months. Afterwards the data is deleted automatically.
Data recipient: Web host, see above

IV.5 Electronic establishment of contact

Support request

Purpose of processing: If you submit a request for support, your personal data will be collected. Your name and e-mail address are mandatory so that we can address you individually and advise you personally. This data is stored and used exclusively for the purpose of your support request or for executing the support agreement concluded with you and the technical administration associated with this. This agreement is concluded when you submit a support request. We cannot process your support request without this mandatory information. All additional information is provided voluntarily.

Legal basis: Support agreement pursuant to Art. 6 (1) (b) GDPR.

Storage period: Your data is stored for as long as we have a support agreement with you. If the support agreement is terminated, your data will be deleted, provided that no legal obligations to retain data exist to the contrary.

Recipient of the data: We have commissioned a service provider to carry out our email communication that provides us with infrastructure and platform services, computing capacity, storage space, database services, security services and technical maintenance services. We have concluded a data processing agreement pursuant to Art. 28 GDPR with this service provider.

Feedback as part of the FLEXBOX Feedback Campaign

Purpose of processing: If you provide us with feedback after receiving and testing your FLEXBOX as part of the FLEXBOX Feedback Campaign, the feedback you provide, including your name and the name of your business, may be published on our website under https://www.flexoptix.net/en/testimonials/.

Legal basis: Campaign conditions pursuant to Art. 6 (1) (b) GDPR.

V What data protection rights do I have?

1. As a data subject, you have the following rights:

Confirmation of data processing: You have the right to demand information from the Data Controller about whether we process your personal data. The requirements for this can be found in Art. 15 GDPR;

Information: You are entitled to request information about the personal data that we process about you. The requirements for this can be found in Art. 15 GDPR;

Correction: You have the right to demand that we immediately correct incorrect personal data concerning your person. The requirements for this can be found in Art. 16 GDPR;

Deletion: You have the right to demand the immediate deletion of personal data concerning your person. The requirements for this can be found in Art. 17 GDPR;

Restriction on processing: You have the right to demand that the processing of your personal data is restricted. The requirements for this can be found in Art. 18 GDPR;

Data portability: You have the right to receive personal data that concerns your person that you provide to us in a structured, standard and machine-readable format. You also have the right to have us transfer this data to another data controller. The requirements for this can be found in Art. 20 GDPR;

Withdrawal of consent: You have the right to withdraw your consent at any time if the processing is based on Art. 6 (1) (a) or Art. 9 (2) (a) GDPR. Data processing that takes place until you withdraw your consent remains lawful. Withdrawal only applies to the future. The requirements for this can be found in Art. 7 (3) GDPR;

Appeal: Without prejudice to any other administrative or judicial remedy, you have the right to submit an appeal to a supervisory authority if you think that the processing of personal data that relates to your person violates the GDPR. The requirements for this can be found in Art. 77 GDPR. You can contact the supervisory authority that has responsibility over the Data Controller or the supervisory authority in your country or federal state. You can find a list of all supervisory authorities here: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html (in German only)
2. Right to object

For reasons arising from your particular situation, you have the right to object at any time and with future effect to personal data relating to you being processed which we process on the basis of our overriding legitimate interest (Art. 6 (1) lit. e or f GDPR); this also applies to profiling based on this provision within the meaning of Art. 4 (4) GDPR: If you object, we will no longer process your personal data unless we can establish compelling legitimate grounds for its processing that outweigh your interests, rights and freedoms, or its processing serves purposes of asserting, exercising or defending against legal claims.

VI For how long is my data saved?

Unless otherwise regulated above, the following criteria apply to determine the storage period:

With consent granted pursuant to Art. 6 (1) (a) GDPR, the data is stored until the data subject withdraws their consent.
For preliminary and contractual purposes pursuant to Art. 6 (1) (b) GDPR, storage takes place beyond the end of the contract until the relevant limitation periods (e.g. 3 years pursuant to Sec. 195 GCC (BGB)) arising from the contract concluded have expired.
In the event of our overriding legitimate interest pursuant to Art. 6 (1) lit. f GDPR, the data will be stored until the data subject exercises their right to object pursuant to Art. 21 (1) GDPR, unless we can establish compelling legitimate grounds for its processing that outweigh the interests, rights and freedoms of the data subject, or its processing serves purposes of asserting, exercising or defending against legal claims.
In the case of direct marketing pursuant to Art. 6 (1) lit. f GDPR, the data will be stored until the data subject exercises their right to object pursuant to Art. 21 (2) & (3) GDPR.
In the case of retention obligations incumbent upon us, the documents concerned are retained until the relevant statutory provisions expire (e.g. 10 or 6 years in accordance with Sec. 147 German Tax Code (AO) and Sec. 257 German Commercial Code (HGB)).
Otherwise, personal data is only stored for as long as there is a legal reason for its storage.

VII Source of personal data

We process personal data that we have received from you, the recipients of personal data or the respective app store operator.

VIII Obligation to provide data

In the context of performing our contractual or legally assumed obligations, you as the data subject may be legally obliged to provide our company with information and personal data that is required for establishing, implementing and terminating the contractual relationship and fulfilling the associated contractual obligations or that we are legally obliged to collect. Without this data, we will usually have to reject the conclusion of the contract, or will no longer be able to implement an existing contract and may have to terminate it.

My Cart

FLEXBOX required

Please Check Currency

FLEXSOX and FLEXBOX required