• Deutsch
  • English

Data Protection

EOS Spa Control App

This service (hereinafter "app") is provided by

EOS Saunatechnik GmbH
Schneiderstriesch 1
35759 Driedorf, Germany

Telephone: +49 2775 82 0
E-Mail: datenschutz@eos-sauna.de

(hereinafter referred to as "we" or "us") as the person responsible within the meaning of the applicable data protection law.

If you have any questions regarding data protection, you can contact our data protection officer at the address or email address above.

As part of the app, we enable you to control your sauna. When you use the app, we process personal data from you. Personal data is meant as all information that relates to an identified or identifiable natural person. As the protection of your privacy when using the app is important to us, we would like to provide you with the following information about which personal data we process when you use the app and how we handle this data. In addition, we will inform you about the legal basis for the processing of your data and, insofar as the processing is necessary to safeguard our legitimate interests, also about our legitimate interests.

You can access this data protection notice on our website at any time under the menu item "Data Protection" within the app.

 

1. Information on the processing of your data

Certain information is processed automatically as soon as you use the app. We have listed exactly which personal data is processed for you below:

 

1.1 Information that is collected during the download

When you download the app, certain required information is transmitted to the app store you have selected (e.g. Google Play or Apple App Store), in particular the user name, email address, customer number of your account, the time of the download, payment information as well as the individual device code can be processed. This data is processed exclusively by the app store you have selected and is beyond our sphere of influence.

 

1.2 Information that is collected automatically

As part of your usage of the app, we automatically collect certain data that is required for the use of the app. This includes: internal device ID, version of your operating system, time of access.

This data is automatically transmitted to us, but not saved,

  • (1) to provide you with the service and the associated functions;
  • (2) improve the functions and features of the app and
  • (3) preventing and eliminating misuse and malfunctions.

This data processing is justified by the fact that in the case of (1) the processing is necessary for the fulfillment of the contract between you as the person concerned and us in accordance with Art. 6 Para. 1 lit. b) GDPR to use the app, or in the case of ( 2) and (3) we have a legitimate interest in guaranteeing the functionality and error-free operation of the app and in being able to offer a service that is in line with the market and interests, which, if necessary, may impair your rights and interests in the protection of your personal data of Art. 6 Para. 1 lit. f) GDPR prevails.

 

1.3 Creation of a user account (registration) and login

If you create a user account or log in, we will use your access data to grant you access to your user account and to manage it (“mandatory information”). Mandatory information as part of the registration is marked with an asterisk and is required for the conclusion of the user contract. We process and use the data you enter when registering or logging in to enable the selected sauna to be controlled. This data processing is justified by the fact that (1) the processing is necessary for the fulfillment of the contract between you as the person concerned and us in accordance with Art. 6 Para. 1 lit. b) GDPR to use the app, or (2) we have a legitimate interest have to ensure the functionality and error-free operation of the app, which outweighs your rights and interests in the protection of your personal data within the meaning of Art. 6 Para. 1 lit. f) GDPR.

 

1.4 Use of the app

In the app you can enter the identification of the selected sauna to be controlled. The app also requires the following authorizations: - Internet access: This is required in order to transfer the recorded data to our servers via an encrypted connection (TLS without certificate pinning). An identification feature is used here that can only be assigned to the respective user on the server side. This data processing is justified by the fact that the processing is necessary for the fulfillment of the contract between you as the person concerned and us in accordance with Art. 6 Para. 1 lit. b) GDPR for the use of the app.

 

2. Changes of purpose processing

Your personal data will only be processed for purposes other than those described if a legal provision allows this or you have consented to the changed purpose of the data processing. In the event of further processing for purposes other than those for which the data was originally collected, we will inform you about these other purposes before further processing and provide you with all other relevant information.

 

3. Period of data storage

We delete or anonymize your personal data as soon as they are no longer required for the purposes for which we collected or used them in accordance with the preceding paragraphs. As a rule, we store your personal data for the duration of the usage or contractual relationship via the app plus a period of [10] days in order to be able to carry out an error analysis in the event of an error, unless this data is for criminal prosecution or are needed longer to secure, assert or enforce legal claims.

 

4. Your rights as person concerned

4.1 Right to information

You have the right to request information from us at any time about the personal data relating to you, processed by us within the scope of Art. 15 GDPR. To do so, you can submit an application by post or email to the address given above.

 

4.2 Right to correct incorrect data

According to Art. 16 GDPR, you have the right to demand that we immediately correct your personal data if it is incorrect. To do so, please use the contact addresses given above.

 

4.3 Right of deletion

According to the conditions described in Art. 17 GDPR, you have the right to request that we delete your personal data. These prerequisites provide for a right of deletion in particular if the personal data is no longer necessary for the purposes for which they were collected or otherwise processed, as well as in cases of unlawful processing, the existence of an objection or the existence of an obligation to delete under Union law or the law of the member state to which we are subject. For the period of data storage see also section 3 of this data protection notice. To exercise your right to deletion, please contact the contact addresses given above.

 

4.4 Right to restriction of processing

You have the right to demand that we restrict processing in accordance with Art. 18 GDPR. This right exists in particular if the accuracy of the personal data is disputed between the user and us, for the period that requires checking the accuracy, as well as in the event that the user requests restricted processing instead of deletion with an existing right to deletion ; also in the event that the data is no longer required for the purposes we are pursuing, but the user needs it to assert, exercise or defend legal claims and if the successful exercise of an objection between us and the user is still controversial. To exercise your right to restriction of processing, please contact the contact addresses given above.

 

4.5 Right to data portability

You have the right to receive your concerned personal data that you have provided to us in a structured, common, machine-readable format in accordance with Art. 20 GDPR. In order to assert your right to data portability, please use the contact addresses given above.

 

5. Right to object

You have the right, for reasons that arise from your particular situation, to object at any time to the processing of your concerned personal data, which is based on Art. 6 Para. 1 lit. e) or f) GDPR, according to Art. 21 To insert GDPR. We will stop processing your personal data unless we can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or if the processing serves to assert, exercise or defend legal claims.

 

6. Right to appeal

You also have the right to contact the responsible supervisory authority in the event of complaints. The competent supervisory authority is:

Der Hessische Beauftragte für Datenschutz und Informationsfreiheit
Postfach 3163
65021 Wiesbaden

Telefon: +49 611 1408 - 0
E-Telefax: +49 611 1408 - 900 / 901

 

7. Changes to this data protection notice

We always keep this data protection notice up to date. We therefore reserve the right to change it from time to time and to update changes in the collection, processing or use of your data. The current version of the data protection notice is always available under "Data Protection" on our website within the app.

As of 08.04.2021