Last updated June 2023
Data protection has a particularly high priority for iLert GmbH (hereinafter: "We", "Us"). We consider it our primary responsibility to maintain the confidentiality of the personal data you provide to us and to protect it from unauthorised access. Therefore, we apply the utmost care and state-of-the-art security standards to ensure maximum protection of your personal data.
The following information provides you with an overview of the processing of your personal data in the course of using our ilert software after downloading via an app store or as a web app accessible via https://app.ilert.com or https://<your-customer-id>.ilert.com (hereinafter "App").
We also want to inform you about your rights under data protection laws. The processing of your personal data by us is always in accordance with the General Data Protection Regulation (hereinafter "GDPR"), the Telecommunications and Telemedia Data Protection Act (hereinafter "TTDSG") and all applicable country-specific data protection regulations.
Controller in the sense of the GDPR is
You can reach our data protection officer as follows:
Phone: +49 40 228 599 520
You can contact our data protection officer directly at any time with all questions and suggestions regarding data protection and to exercise your rights granted under GDPR.
This data protection policy is based on the terminology of the GDPR. For your convenience, we would like to explain some important terms in this context in more detail:
We may obtain personal data in the following ways:
You have the option of entering information (e.g. contact details) about yourself in the app.
Data is automatically collected and generated by using our app.
Furthermore, data may be collected by third parties, for example when the app is downloaded by the app store operator.
In the following, we provide you with an overview of the personal data we process. We will explain to what extent, for what purposes and on what legal basis we process personal data.
We will not disclose your personal data to third parties without your consent, unless this is permitted by law (e.g. because it is necessary for the performance of the contract).
The processing of your personal data may be based on the following legal bases:
Among other things, we use the services of companies based in third countries (e.g. in the USA). If these services are active, it is possible that data will be transferred to a third country and processed there. We would like to point out that no level of data protection comparable to that in the EU can be guaranteed in these countries.
US companies, for example, are obliged to hand over data to authorities or similar institutions, without you as a data subject being able to take effective legal action against this according to our legal understanding. We have no influence on such data disclosure.
Insofar as no specific storage period is specified within this data protection notice, the data processed by us will be deleted in accordance with the legal requirements as soon as their consents permitted for processing are revoked or other permissions cease to apply (e.g. if the purpose of processing this data has ceased to apply or it is not required for the purpose). If the data are not deleted because they are required for other and legally permissible purposes, their processing is limited to these purposes, i.e. the data is blocked and not processed for other purposes. This applies, for example, to data that must be retained for reasons of commercial or tax law or whose storage is necessary for the assertion, exercise or defence of legal claims or for the protection of the rights of another natural or legal person. Our data protection notices may also contain further information on the retention and deletion of data, which shall apply with priority to the respective processing operations.
We take appropriate technical and organisational measures to ensure a level of protection appropriate to the risk in accordance with the legal requirements, taking into account the state of the art, the implementation costs and the nature, scope, circumstances and purposes of the processing as well as the different probabilities of occurrence and the extent of the threat to the rights and freedoms of natural persons.
The measures include, in particular, ensuring the confidentiality, integrity and availability of data by controlling physical and electronic access to the data, as well as access to, entry into, disclosure of, assurance of availability of and segregation of the data. We also have procedures in place to ensure the exercise of data subjects' rights, the deletion of data and responses to data compromise. Furthermore, we already take the protection of personal data into account in the development or selection of hardware, software and procedures in accordance with the principle of data protection, through technology design and through data protection-friendly default settings.
In the course of our processing of personal data, the data may be transferred to or disclosed to other bodies, companies, legally independent organisational units or persons. The recipients of this data may include, for example, service providers commissioned with IT tasks or providers of services and content that are integrated into a website. In such cases, we comply with the legal requirements and, in particular, conclude corresponding contracts or agreements that serve to protect your data with the recipients of your data.
When you download the app, certain personal data required for this purpose is transmitted to the corresponding app store (e.g. Apple App Store or Google Play Store).
The following personal data may be processed by the App Store:
Google Play Store: https://policies.google.com/privacy
Apple App Store: https://www.apple.com/legal/privacy/de-ww/
In order to register with our app, an account must be created. For this purpose, we process the following personal data:
The purposes we pursue include in particular:
The legal basis for the data processing is the fulfilment of the contract concluded with you within the meaning of Art. 6 (1) lit. b GDPR.
We delete your personal data that we collect in connection with registration as soon as it is no longer required to achieve the purpose for which it was collected. This is the case at the latest when you delete your account. Your data may continue to be stored in our backup systems. This ensures that data can be restored in the event of data loss or system failure. After 30 days at the latest, your data will also be deleted from the backup systems.
We use the following service providers for registration/account opening: https://www.ilert.com/legal/subcontractors
Data is being collected while the app is being used, as the data is necessary for the operation of the app or provides you with the benefits of our application. This may include the following personal data:
The purposes we pursue include in particular:
The legal basis for data processing is our legitimate interest within the meaning of Art. 6 (1) lit. f GDPR. We have an overriding legitimate interest in being able to offer our service in a technically flawless manner.
We delete your personal data that we collect in connection with use as soon as it is no longer required to achieve the purpose for which it was collected. This is the case at the latest when you delete your account. Your data may continue to be stored in our backup systems. This ensures that in the event of data loss or system failure, it is possible to restore the data. After 30 days at the latest, your data will also be deleted from the backup systems.
To enable the use of the app, we use the following service providers: https://www.ilert.com/legal/subcontractors
The provision and use of functions of our app requires access to certain data or functions of the device you are using. Our app requires the following permissions:
This gives us access to the personal data covered by the permissions that are on your terminal device.
We only need access to the address book to create an "iLert contact" in the user's address book and to keep it up to date. The telephone numbers of iLert are stored in this iLert contact. There is no access to the contacts by iLert or other third-party services.
We need these permissions to provide the functionalities of the app.
The legal basis for the data processing is your consent pursuant to Art. 6 (1) lit. a GDPR.
We delete your personal data that we process on the basis of the authorisations granted as soon as they are no longer required to achieve the purpose for which they were collected. This is the case at the latest when you delete your account. Your data may continue to be stored in our backup systems. This ensures that in the event of data loss or system failure, it is possible to restore the data. After 30 days at the latest, your data will also be deleted from the backup systems.
You can change the settings on your device and revoke the permissions at any time. Please note that you will not necessarily be able to use all the functions of the app if you do not grant the permissions or withdraw them at a later date.
No data will be passed on to third parties.
Our application enables you to contact us by email, phone or chatbot. In the course of contacting you and responding to your enquiry, we process the following personal data from you:
We process your data to respond to your enquiry and other matters arising from it.
If your request is based on pre-contractual measures or an existing contract with us, the legal basis is the fulfilment of the contract and the implementation of pre-contractual measures pursuant to Art. 6 (1) lit. b) GDPR. If your request is made independently of pre-contractual measures or contracts existing with us, our overriding legitimate interests pursuant to Art. 6 (1) lit. f) GDPR constitute the legal basis. We have an overriding legitimate interest in providing users of our application with a means by which they can contact us.
We delete your personal data as soon as they are no longer required to achieve the purpose for which they were collected. In the context of contact enquiries, this is generally the case when the circumstances indicate that the specific matter has been conclusively processed.
For the use of the chatbot we use: Hubspot Inc; 25 First Street, Cambridge, MA 02141 USA
In this section, we inform you about the rights you have regarding the processing of your data. The exact scope of the right mentioned in each case can be found in the corresponding article of the GDPR. If you wish to exercise any of your rights, please contact us via email (firstname.lastname@example.org).
You have the right to request confirmation from us as to whether personal data relating to you is being processed by us.
You have the right to receive information from us at any time and free of charge about the personal data stored about you, as well as a copy of this data in accordance with the statutory provisions.
You have the right to request the rectification of inaccurate personal data concerning you. You also have the right to request that incomplete personal data be completed, taking into account the purposes of the processing.
You have the right to demand that personal data concerning you be deleted immediately if one of the reasons provided for by law applies and insofar as the processing or storage is not necessary.
You have the right to demand that we restrict processing if one of the legal requirements is met.
You have the right to receive the personal data concerning you that you have provided to us in a structured, common and machine-readable format. Furthermore, you have the right to transfer this data to another controller without restriction from us, to whom the personal data was provided, given that the processing is based on consent pursuant to Art. 6 (1) lit. a) GDPR or Art. 9 (2) lit. a) GDPR or on a contract pursuant to Art. 6 (1) lit. b) GDPR and the processing is carried out with the aid of automated procedures, unless the processing is necessary for the performance of a task which is in the public interest or in the exercise of official authority vested in us. In addition, when exercising your right to data portability pursuant to Art. 20 (1) GDPR, you have the right to have the personal data transferred directly from one controller to another controller, insofar as this is technically feasible and provided that this does not adversely affect the rights and freedoms of other individuals.
You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of data processing in the public interest pursuant to Art. 6 (1) lit. e) GDPR or on the basis of our legitimate interest pursuant to Art. 6 (1) lit. f) GDPR. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is for the establishment, exercise or defence of legal claims.
You have the right to revoke your consent to the processing of personal data at any time with effect for the future.
You have the right to complain about our processing of personal data to a supervisory authority responsible for data protection.
This privacy notice is currently valid and has the following status: Mai 2023. If we further develop our website and our offers or if legal or regulatory requirements change, it may be necessary to amend this data protection notice.