APICLOUD Dataprotection / Privacy Policy
PREAMBLE
API-Applications for Paper Industry GmbH & Co KG provides APICLOUD to display the operating status and measured values of our dosing systems to our customers (the “Users” or “You”) and to optimize the operation and (remote) maintenance of the systems.
We would like to thank you for your interest in the products and services offered by API and assure you that the protection of your privacy is a matter of first importance.
To the extent that relevant EU legislation in the field of data protection is applicable, mainly Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of personal data (referred to as “GDPR”), this Privacy Policy describes how and to what extent APICLOUD (referred to as the “Service”, „we,“ „us,“ or „our“) collects, uses, and shares your personal information (referred to as “personal data” or “personally identifiable information”) when you use our app available on iOS and Google Play. BY USING THE APP FOR YOUR API DOSING SYSTEM, YOU ACCEPT THE FOLLOWING PRINCIPLES WITH REGARD TO THE PROTECTION AND PROCESSING OF PERSONAL AND NON-PERSONAL DATA.
This Privacy Policy does not apply to any third-party including online/mobile store from which you install the Service, which may also collect and use data about you. Please carefully review the privacy statements applicable to such third parties.
WHO IS THE DATA-CONTROLLER
API-Applications for Paper Industry GmbH & Co KG
Gewerbepark Brand 16, D-52078 Aachen, Germany, +49 241 47596816, api@api-paperchem.at
WHAT DATA DO WE COLLECT?
While using our Service and in order to guarantee the function of the Service, we may require you to provide us with certain personally identifiable information described hereunder.
Depending on the data concerned, you may provide us with information directly, we may collect information about you when you use the Service, we may collect additional information about you in accordance with applicable law.
We collect information directly from you when you choose to register for the Service:
- Identification data: Username and/or E-Mail address
We may collect information about your device and your online activity when you use the Service:
- Device or other IDs: IDs that relate to individual devices, browsers or apps, e.g. browser type, operating system, an IMEI number, MAC address, IP address and/or device ID, User IDs, approximate or exact device location.
- App activities: Information about how you interact with the app, e.g. how often you access the Service, log data, app interactions, search history, installed apps …
APICLOUD may furthermore collect information about your device and your online activity when you use the Service which does not qualify as personally identifiable information:
- App information and performance: crash data of the app, e.g. how often the app has crashed on the device, or other information that is directly related to a crash Information on the performance of the app on the device, e.g. battery life, charging times, latency, frame rate or technical diagnostic data as well as other app performance or diagnostic data.
- Non personal data related to the technical functioning of our dosage systems, e.g. system and building status values such as event settings, parameters and operating time, energy consumption, personalised time programming, event recording, selected user profiles and actions, system information.
We may finally receive information about you from publicly and commercially available sources in accordance with applicable law. In addition, we may collect other information you allow a third party to provide to us. All the information we collect about you may be combined to help us enhance and improve our products and services and tailor our communications to you.
PURPOSE AND LEGAL BASIS FOR PROCESSING FOR PERSONAL DATA?
Purposes based on the performance of a contract:
We collect some personal data for purposes that fall within the scope of Article 6(1)(b) of the GDPR. According to this, processing is lawful, inter alia, if it is necessary for the performance of a contract to which the data subject is party. These purposes are as follows:
- Enabling you to access and use the Service via the App;
- Transmitting the data of the dosage system to our employees, affiliate companies or external maintenance partners with whom you have agreed (remote) maintenance and/or remote set up, control, monitoring and/or usage and fault diagnosis;
- Enabling us to provide the (remote) maintenance, set up, control, monitoring or diagnostics services for your dosage system;
- Data-transfer of online measurements and alarm messages from the system and dosage equipment.
Purposes based on our legitimate interest:
We collect some of your personal data for purposes that fall within the scope of Article 6.1 (f) of the GDPR, according to which processing is lawful if it is necessary for the purposes of the legitimate interests pursued by the controller. These purposes are as follows:
- User authentication and ensuring the security of the Service;
- Managing and monitoring the customer relationship;
- Emailing you regarding your account;
- Requesting feedback and contact you about your use of the Service;
- Checking the accuracy of the data;
- Increasing the efficiency and operation of the Service;
- Improving the app and connected dosage systems, including error analysis and troubleshooting;
- Research and Development;
TO WHOM MAY WE TRANSFER YOUR DATA?
We may share information we have collected about you in certain situations. We will only share your personal data with authorised and specified recipients in order to fulfil the aforementioned purposes.
Possible recipients of your personal data may include:
- API-Applications for Paper Industry GmbH & Co KG subsidiaries, affiliates, parent or sister companies, which are responsible for the technical provision and support of the app. Affiliates include any subsidiaries, joint venture partners or other companies that we control or that are under common control with us;
- Our employees who need to access the personal data in order to perform the Service (“need to know principle”);
- the internal departments for sales and marketing, research and development, production, the service areas responsible for customer relations as well as the logistics and IT service areas of API;
- API service providers involved in the technical provision of our Service, to facilitate our Service, to provide the Service on our behalf, to perform Service-related services, or to assist us in analysing how our Service is used. However, they are obligated not to disclose or use the information for any other purpose according to the applicable data processing agreement.
- subject to applicable legal provisions, the competent supervisory authorities;
- subject to applicable legal provisions, government authorities;
- subject to applicable legal provisions, our legal advisors as well as courts and tribunals.
RETENTION PERIODS
We retain the personal data you provide as long as your account remains active and as necessary to provide you with the services of the app. This includes data necessary for the optimal functionality of the app, handling user support queries, and enabling ongoing user-specific features.
Upon your request to terminate your account, we will deactivate or delete your account and information from our active databases within 30 days, except where retention is necessary for compliance with our legal obligations, resolution of disputes, or enforcement of our agreement ( prevent fraud, troubleshoot problems, assist with any investigations, enforce our Terms of Use, comply with legal requirements, defend our rights in case of disputes, …). Such retained data will be handled as per statutory requirements, after which it will be securely deleted or anonymized.
You may at any time review or change the information in your account or terminate your account by:
- Logging into your account settings and updating your account;
- Contacting us using the contact information provided below.
SECURITY MEASURES
We value your trust in providing us your personal data, thus we are striving to use commercially acceptable administrative, technical and physical security measures to protect it. Especially, all personal data provided by you when registering or using the Service is transmitted to us in encrypted form. Your data is password-protected on all systems in which it is stored. The persons who have access to it are prohibited from passing on your data to third parties due to strict security requirements.
While we employ robust measures to protect the personal information you share with us, it is important to understand that no security system is infallible or immune to breaches. Similarly, no data transmission over the Internet or other networks can be guaranteed to be 100% secure from interception or misuse. Consequently, while we strive to protect your personal information, we cannot assure or warrant the absolute security of any information you transmit to us. Please be mindful that any information sent via the Internet is potentially at risk and could be accessed by unauthorized parties.
LIABILITY DISCLAIMER FOR RESPONSIBLE USE OF PASSWORD AND ACCOUNT INFORMATION
By using APICLOUD, you acknowledge and agree that the security of your password and account information is your sole responsibility. You are solely responsible for maintaining the confidentiality of your password and account details, as well as all activities that occur under your account.
You agree not to share, transfer, or allow others to use your account or password. The provision of your password to any other person or entity constitutes a breach of the terms of use and may lead to immediate account termination. You must notify us immediately if you suspect any unauthorized use of your account or any other breach of security.
LIMITATION OF LIABILITY
Under no circumstances shall API-Applications for Paper Industry GmbH & Co KG or its affiliates, partners, officers, directors, employees, or agents be held liable for any direct, indirect, incidental, special, consequential, or exemplary damages, including but not limited to, damages for loss of profits, goodwill, use, data or other intangible losses, resulting from or arising out of (i) your use or inability to use the application; (ii) your failure to keep your password or account details secure and confidential; (iii) access to your account by someone else, with or without your knowledge or consent; or (iv) any other matter relating to the application or the use of the application.
You hereby acknowledge that this disclaimer of liability reflects a fair and reasonable allocation of risk and is a fundamental element of the basis of the bargain between you and APICLOUD. The application would not be provided without such limitations on liability and your agreement to maintain the security of your account information.
CHILDREN’S PRIVACY
The Service do not address anyone under the age of 13. We do not knowingly collect personally identifiable information from children under 13. In the case we discover that a child under 13 has provided us with personal information, we immediately delete this from our servers. If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact us so that we will be able to do necessary actions.
TRANSFER OF YOUR DATA TO THIRD COUNTRIES (OUTSIDE EEA)
In principle, we will not share, transfer, or otherwise distribute personal data to third countries (outside the European Economic Area), unless required by the purpose of the Service, required by law or you expressly consent to such transfer.
Data processing on our behalf may be carried out by a processor outside the EU or the EEA. If, in such a case, there is no adequacy decision by the Commission in relation to the recipient country, we agree appropriate guarantees for the protection of personal data with a corresponding service provider, in particular by concluding the applicable EU standard contractual clauses.
YOUR RIGHTS
You have a number of rights regarding the protection of your personal data. Indeed, subject to the scope and extent of the relevant legal provisions, mainly the GDPR, you have the right:
- To obtain a list of the personal data we hold about you (right of access).
- Request that we update the personal data we hold about you or that we correct personal data that you consider incorrect or incomplete (right of rectification).
- Subject to the conditions contained in Article 17 of the GDPR, to request the deletion, as soon as possible, of personal data concerning you (right to be forgotten).
- To request, subject to compliance with the legal provisions to which we are subject, that we delete the personal data we hold about you, or that we limit the way in which we use this personal data (right of limitation).
- To receive a copy of your personal data, which you have provided to us, in a structured, commonly used and machine-readable format and to transmit them to a third party, insofar as the processing is based on your consent or on a contract (right to portability).
- To oppose the processing of your personal data (right of opposition).
- Except in certain specific cases, the right not to be the subject of a decision based exclusively on automated processing, including profiling, producing legal effects concerning you or significantly affecting you in a similar manner (automated individual decision, including profiling).
- If you are not satisfied with the way we handle your personal data, you have the right to file a complaint with the supervisory authority of your jurisdiction. If you wish to be referred to the appropriate supervisory authority, please contact us as indicated below (right to file a complaint with the competent supervisory authority):
- In Germany, the competent supervisory authority is BfDI – Bundesbeauftragte für den Datenschutz und die Informationsfreiheit
CHANGES TO THIS PRIVACY POLICY
This Policy is effective as off 01/05/2024.
We may update our Privacy Policy from time to time. Thus, you are advised to review this page periodically for any changes. We will notify you of any changes by posting the new Privacy Policy on this page as well las on our website. These changes are effective immediately after they are posted on this page. This Privacy Policy, its interpretation and execution shall be governed exclusively by German law. The courts of Germany shall have exclusive jurisdiction over all disputes arising from the interpretation and execution of this Policy.
CONTACT US
If you have any questions or suggestions about our Privacy Policy, do not hesitate to contact us per E- Mail api@api-paperchem.at or by phone +43 6219-20340-0 or +49 241 47596816.