Privacy Policy for the VIVARES Portal and App
As of May
2022
Preamble
At
LEDVANCE, data privacy is our top priority. The careful handling of your
personal data is important to us. That is why we handle your data confidentially,
in strict compliance with the applicable data protection provisions.
Below, we
would like to explain to you which data we use, at
what point in time, and for what purpose. Our objective is to make you aware of
our App’s functionality and how we ensure the protection of your personal data,
which is of utmost importance to us. We will not use your personal data unless
we have your consent or legal permission.
VIVARES ZB
is a light management system. The Portal and App is used for the planning,
commissioning, and maintenance of the VIVARES ZB system. The App can be used to
control lights, sensors, and push-button couplers using the VIVARES App and the
VIVARES Portal.
Users,
especially installation technicians and owners, will log on to the Portal or
App by entering their usernames and passwords. You can then store rooms, light
sources, and devices in the Portal or App by configuring the relevant scenes
and time settings.
The
following personal data of the logged-on users will be processed upon provision
of the Portal and App:
·
First
name
·
Last
name
·
Email
address
·
Phone
number
·
Company
·
IP
address
·
Date
and time of access
·
Start
and end of session
·
Details
of the devices used
Contents
I. Name and address of the data
controller responsible for data processing
II. Name and address of the data
protection officer
III. Data processing in the
VIVARES Portal and App
a. Scope of the processing of
personal data
b. Purpose of personal data
processing
c. Legal basis for the
processing of personal data
e. Right to withdrawal and
erasure
IV. Telemetry data and
authorisations
a. Description and scope of data
processing
c. Legal basis for data
processing
d. Storage duration/Right to
objection and erasure
e. Right to objection and
erasure
VI. Rights of the data subject
c. Right to erasure or
restriction and objection
g. Right to withdraw data
protection consent
h. Automated individual
decision-making including profiling
i. Right to lodge a complaint
with a supervisory authority
The data
controller responsible for data processing as defined in the General Data
Protection Regulation (GDPR) and other national data protection laws of the
member states, as well as other data protection regulations, is:
LEDVANCE GmbH
Parkring 29-33
85748 Garching
Germany
+49 89 780673-100
Contact details of the data
protection officer:
Mr. Matthias Lindner
bDSB LEDVANCE
c/o intersoft
consulting services AG
Beim Strohhause
17
20097 Hamburg
E-Mail:privacy@ledvance.com
This page will inform you about the
data processing of the VIVARES Portal and App for Android and iOS
("App"). The Portal and App is provided by LEDVANCE GmbH, Parkring
29-33, 85748 Garching, Germany ("LEDVANCE",
"we", or "us").
VIVARES ZB
is a light management system. The Portal and App is used for the planning,
commissioning, and maintenance of the VIVARES ZB system. The Portal and App can
be used to control lights, sensors, and push-button couplers using the VIVARES
App and the VIVARES Portal.
The
following personal data will be processed upon provision of the Portal and App:
·
First
name
·
Last
name
·
Email
address
·
Phone
number
·
Company
·
IP
address
·
Date
and time of access
·
Start
and end of session
·
Details
of the devices used
Users will
log on to the Portal and App by entering their usernames and passwords. You can
then store rooms, light sources, and devices in the Portal and App by
configuring the relevant scenes and time settings.
The purpose
of the processing of personal data is to offer our customers a light management
system.
The legal
basis for the processing of your personal data is Art. 6(1)(1)(a) GDPR.
Personal
data shall be stored for as long as it is necessary to fulfil the purposes
described in this Privacy Policy or as required by law, e.g., for tax and
accounting purposes.
You are
entitled to withdraw your data protection consent at any time. The withdrawal
of the consent shall not affect the legality of the processing carried out on the basis of the consent until the withdrawal.
In order to
do so, please send an email to: contact@ledvance.com.
We collect
telemetry data in our App for error reporting. To do this, we use the Firebase
Analytics tool by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA
94043, USA, and its representative in the European Union, Google Ireland Ltd,
Gordon House, Barrow Street, D04 E5W5, Dublin, Ireland (hereinafter referred to
as: Google), in particular, Crashlytics.
The use of
Firebase Analytics can result in data transmission to US servers. To ensure
adequate safeguards for the protection of the transfer and processing of
personal data outside the EU, data are transferred to and processed by Google on the basis of appropriate safeguards in accordance with
Art. 46 et seq. GDPR, in particular through the conclusion of the so-called
standard data protection clauses set out in Art. 46(2)(c) GDPR. You can find
more information here: https://firebase.google.com/terms/data-processing-terms
To ensure
the Portal’s and App's functionality, the following authorizations are requested or the hardware components of the end device are
used:
·
Camera
·
Local
area network
·
External
memory
The purpose
of the processing is to ensure the Portal and App's functionality and to
generate error reports in the event of errors.
The legal basis for the
processing of your personal data is Art. 6(1)(1)(f) GDPR. We have a legitimate
interest in providing a functional Portal and App and continuous improvement in
the event of malfunctions.
Pursuant to Art. 6 (1)(1)(a)
GDPR, consent shall be obtained for the authorizations.
Personal
data shall be stored for as long as it is necessary to fulfil the purposes
described in this Privacy Policy or as required by law, e.g., for tax and
accounting purposes.
The user is
entitled to object to the processing of data. Whether or not the objection is
successful, shall be determined through the balancing of interests.
In order to
do so, please send an email to: contact@ledvance.com.
The Portal
and App is partly hosted on our own servers and partly on the servers of a
service provider commissioned by us.
Our service provider is Microsoft
Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA, and its
representative in the European Union: Microsoft Ireland Operations, Ltd., One
Microsoft Place, South County Business Park, Leopardstown,
Dublin 18, D18 P52).
The servers
automatically collect and save information in so-called server log files, which
are automatically transferred via the App. The following information is stored:
·
Time
of the server query
·
IP
address
The servers
are located in Europe.
These data
will not be merged with other data sources. They will be processed in
accordance with Art. 6(1)(1)(f) GDPR. We have a legitimate interest in the
storage of the server log files to ensure an optimised
service provided free of technical errors.
We have
concluded a Data Processing Agreement with the respective data processor, which
is binding for the service provider who undertakes to protect the user data and
refrain from passing them on to third parties. Further information on our
provider's privacy statement can be found here: https://privacy.microsoft.com/de-de/privacystatement
Where your
personal data are processed, you are deemed a data subject within the meaning
of the GDPR and you have the following rights vis-à-vis the controller:
If your
personal data are processed, you have the right to receive information from the
controller about the personal data that are stored about you (Art. 15 GDPR).
If
inaccurate personal data are processed, you have the right to rectification
(Art. 16 GDPR).
If the
legal requirements allow, you can request the erasure or restriction of
processing, and object to the processing (Art. 17, 18, and 21 GDPR).
If you have
asserted your right to have the data rectified or erased or its processing restricted
by the controller, the latter shall, in accordance with Art. 19 GDPR, inform
all recipients to whom your personal data were disclosed about such
rectification or erasure of data or restriction of processing, unless this
proves impossible or involves disproportionate effort.
If you have
consented to the data processing or if there is a Data Processing Agreement in
place, and the data processing is performed with the aid of automated
processes, you may have a right to data portability (Art. 20 GDPR).
Pursuant to
Art. 21 GDPR, you have the right to object, on grounds relating to your particular situation, at any time to the processing of your
personal data based on Art. 6(1)(1)(e) or (f) GDPR, including profiling based
on these provisions.
If you have
consented, by means of a corresponding declaration, to the processing by the
controller, you can withdraw this consent at any time with future effect.
Withdrawing your consent will not affect the legality of any data processing
that took place before the withdrawal.
Pursuant to
Art. 22 GDPR, you have the right not to be subject to decision-making or
profiling based exclusively on automated processing that can have a legal
effect against you or significantly impair you in a similar manner.
The data
subject also has the right to lodge a complaint with a supervisory authority
(Art. 77 GDPR).
This Privacy Policy has been created with the
assistance of DataGuard.