Privacy Policy for App User
Contact details of the responsible persons:
CLI TRI Solutions
Anne-Frank-Straße 32
90459 Nuremberg, Germany
Chief Executive:
Selver Halici
Anne-Frank-Straße 32
90459 Nuremberg, Germany
Mail: info@cli-tri.com
Tel.: +49 (0) 173 56 16 477
General information on the purpose and legal basis of processing
We process your personal data in accordance with the provisions of the European General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG), insofar as this is necessary for the establishment, implementation or performance of a contract or for the implementation of pre-contractual measures. Insofar as personal data is required for the initiation or implementation of a contractual relationship or in the context of the implementation of pre-contractual measures, processing is lawful pursuant to Art. 6 (1) lit. b GDPR.
16.01 Google Play Store
Purpose:
Data categories:
Our app is offered in the Google Play Store. When it is downloaded by a Google Play Store customer, the data required for the download is transferred to the store. The username, the e-mail address, the customer number at the Google Play Store, and the individual device ID are recorded. Without the transmission of this data, the download of the app in the Google Play Store is not possible. The data processing is carried out exclusively by the Google Play Store and is not within our sphere of influence. Therefore, no processing of personal data by us takes place in this context.
Deletion period:
Groups of persons:
06.05.2022 1 / 5
Data Origin: | • | Raised from affected parties | |||
Legal basis: | • | 2. contract performance (Art. 6 para. 1 lit. b) GDPR | |||
Recipient categories: | • | APP Store | |||
• | Cloud Provider | ||||
16.02 App Store | |||||
Our app is offered in the App Store. When a customer downloads | |||||
it, the data required for the download is transferred to the store. | |||||
This data includes the user name, the e-mail address, the App | |||||
Purpose: | Store customer number, and the individual device ID. Without the | ||||
transmission of this data, the download of the app in the App Store | |||||
is not possible. The data processing is carried out exclusively by | |||||
the App Store and is not within our sphere of influence. Therefore, | |||||
no processing of personal data by us takes place in this context. | |||||
Data categories: | • | No personal data | |||
Deletion period: | • No further data processing, therefore no deletion | ||||
required | |||||
Groups of persons: | • | APP User | |||
Data origin: | • Raised from affected parties | ||||
Legal basis: | • 2. contract performance (Art. 6 para. 1 lit. b) GDPR | ||||
06.05.2022 2 / 5
Recipient categories:
16.03 User registration
We receive the personal data (name, telephone number and email | ||||
address) of the users in advance from their employer. The users are | ||||
Purpose: | created via Graph CMS. The app users receive the access data for the | |||
app by mail. The users then log in to the app and change their access | ||||
data. | ||||
Data categories: | • | Personal identification data | ||
Deletion period: | • | In accordance with the statutory retention requirements | ||
Groups of persons: | • | APP User | ||
Data origin: | • | Transmission by the employer | ||
Legal basis: | • | 2. contract performance (Art. 6 para. 1 lit. b) GDPR | ||
Recipient categories: | • | APP User | ||
• | Cloud Provider | |||
16.04 Viewing data in the app
App users have the ability to view the names, phone numbers, and email addresses of other individuals who are involved in the study.
Purpose: Users can only view data in their assigned studies. All other data is non-personal. The data is stored at Amazon Web Services and Graph CMS. The servers for both companies are located in Frankfurt, Germany.
06.05.2022 3 / 5
Data categories: | • | Personal identification data | |
Deletion period: | • | In accordance with the statutory retention requirements | |
Groups of persons: | • | APP User | |
Data origin: | • | Raised from affected parties | |
Legal basis: | • | 2. contract performance (Art. 6 para. 1 lit. b) DSGVO | |
Recipient categories: | • | APP User | |
• | Cloud Provider | ||
Transfer to third country
A transfer to a third country is not intended.
Duration of data retention
As far as necessary, we process and store your personal data for the duration of our business relationship or for the fulfillment of contractual purposes. This also includes, among other things, the initiation and execution of a contract.
In addition, we are subject to various storage and documentation obligations, which result, among other things, from the German Commercial Code (HGB) and the German Fiscal Code (AO). The periods prescribed there for storage or documentation are two to ten years.
Finally, the storage period also depends on the statutory periods of limitation, which, for example, according to §§ 195 et seq. of the German Civil Code (BGB), are generally three years, but in certain cases can be up to thirty years.
Your Rights
Every data subject has the right to information under Art. 15 GDPR, the right to rectification under Art. 16 GDPR, the right to erasure under Art. 17 GDPR, the right to restriction of processing under Art. 18 GDPR, the right to notification under Art. 19 GDPR and the right to data portability under Art. 20 GDPR.
06.05.2022 4 / 5
In addition, you have the right to lodge a complaint with a data protection supervisory authority pursuant to Art. 77 GDPR if you believe that the processing of your personal data is not lawful. The right of appeal is without prejudice to any other administrative or judicial remedy.
If the processing of data is based on your consent, you are entitled to revoke your consent to the use of your personal data at any time in accordance with Art. 7 GDPR. Please note that the revocation is only effective for the future. Processing that took place before the revocation is not affected. Please also note that we may have to retain certain data for a certain period of time in order to comply with legal requirements.
To protect your rights, you can contact us using the contact details provided.
Right of objection
Insofar as the processing of your personal data is carried out for the protection of legitimate interests pursuant to Art. 6 (1) lit. f GDPR, you have the right pursuant to Art. 21 GDPR to object to the processing of this data at any time for reasons arising from your particular situation. We will then no longer process this personal data unless we can demonstrate compelling legitimate grounds for the processing. These must override your interests, rights and freedoms, or the processing must serve the assertion, exercise or defense of legal claims..
In individual cases, we process your personal data in order to conduct direct advertising. You have the right to object at any time to processing for the purpose of such advertising. This also applies to profiling, insofar as it is related to this direct advertising. If you object to processing for the purpose of direct advertising, we will no longer process your personal data for these purposes.
Necessity of the provision of personal data
The provision of personal data for the decision on the conclusion of a contract, the fulfillment of a contract or for the implementation of pre-contractual measures is voluntary. However, we can only make a decision in the context of contractual measures if you provide such personal data that is required for the conclusion of the contract, the fulfillment of the contract or pre-contractual measures.
Automated decision making
For the establishment, fulfillment or implementation of the business relationship as well as for pre-contractual measures, we generally do not use fully automated decision-making pursuant to Art. 22 GDPR. Should we use these procedures in individual cases, we will inform you separately or obtain your consent, if this is required by law.
06.05.2022 5 / 5