Privacy Policy for Apps

The following privacy policy applies to the use of our mobile applications and associated digital services (hereinafter referred to as “App”).

We place great importance on protecting your data. The collection and processing of your personal data is carried out in accordance with applicable data protection regulations, in particular the EU General Data Protection Regulation (GDPR). We collect and process your personal data to provide you with our App and its functions. This statement describes how and for what purposes your data is collected and used, and what choices you have regarding personal data.

The legal basis for processing is set out in Article 6(1)(b) GDPR (performance of a contract).

 

1) Controller

The controller responsible for the collection, processing and use of your personal data within the meaning of the GDPR is:

S-TEC Mobility Solutions GmbH
Kampweg 1, 21035 Hamburg

If you wish to object to the collection, processing or use of your data by us in general or for individual measures in accordance with this privacy policy, you can send your objection to the above-mentioned controller.

You can save and print this privacy policy at any time.

 

2) General Use of the App

2.1) App Functionality and Required Data

When using our App, we process personal data to ensure its functionality, stability and security, as well as to continuously optimise the App. This includes, among others:

  • Device identifiers
  • Technical log data
  • App usage data
  • Error logs
  • Communication data transmitted by you

Purpose of processing:

  • Ensuring technical operation and stability
  • Error analysis and correction
  • Improving user experience
  • Ensuring security

Legal bases:

  • Article 6(1)(b) GDPR (performance of a contract, provision of the App and its functions)
  • Article 6(1)(f) GDPR (legitimate interest, in particular stability, security and optimisation of the App)

We only process data that is technically necessary or that you have expressly permitted through consent (e.g., activation of permissions).

2.2) App Permissions and Access Rights

Depending on the functions used, the App may request access to certain device features. These accesses occur exclusively with your explicit consent and only for the stated purposes.

Below is an overview of possible permission categories:

2.2.1) Location Services (GPS, Geolocation)

Our App may request access to your device’s location to enable the following functions:

  • Automatic location detection for geo-based services and navigation
  • Position matching with devices: For certain functions, your position is compared with device positions to allow operation only in close proximity
  • Damage reports: Optionally, your current location can be automatically transmitted when reporting damage
  • Saving vehicle position: In some Apps, the vehicle position can be saved to help other users find the vehicle

Location data is only processed when the respective function is actively used and you have granted permission. (Article 6(1)(b) GDPR – performance of a contract)

2.2.2) Camera Access

Camera access may be required to:

  • Scan documents or QR codes
  • Take photos within the App
  • Enable video functions

Photos or videos are only created when you actively trigger the capture. (Article 6(1)(b) GDPR – performance of a contract)

2.2.3) Media and File Access

The App may request access to your device’s storage, for example to:

  • Upload or select images, documents or files
  • Save data generated by the App locally

We never access files without your permission or direct interaction. (Article 6(1)(b) GDPR – performance of a contract)

2.2.4) Calendar Access

If the App integrates calendar functions, it may request access to:

  • Create appointments
  • Display relevant events
  • Synchronise App data with your calendar

No calendar entries are changed without your explicit confirmation. (Article 6(1)(b) GDPR – performance of a contract)

2.2.5) NFC Services

If your device supports NFC, the App may require access to:

  • Read NFC tags
  • Perform NFC-based interactions (e.g., authentication, scans)

NFC data is only processed when you perform corresponding actions. (Article 6(1)(b) GDPR – performance of a contract)

2.2.6) Bluetooth

Bluetooth may be used for:

  • Connecting to external devices
  • Exchanging data with sensors or peripherals
  • Proximity-based functions

Bluetooth is only used when you actively use corresponding functions. (Article 6(1)(b) GDPR – performance of a contract)

2.2.7) Push Notifications

If you consent, the App can send push notifications, e.g.:

  • Status messages
  • Reminders
  • System notifications
  • Service information

You can disable push notifications at any time in the App or device settings. (Article 6(1)(b) GDPR – performance of a contract)

2.3) Email Contact / Contact Forms

If you contact us (e.g., via in-app support, form or email), we store your details to process your request and for possible follow-up questions. We only store and use further personal data if you consent or if permitted by law.

2.4) Legal Basis and Storage Duration

The legal basis for the data processing described above is Article 6(1)(b) GDPR. Our legitimate interest lies in ensuring the functionality, stability and security of the App and its optimisation.
Unless otherwise stated, we store personal data only for as long as necessary for the respective purpose.

2.5) Processing When Downloading the App

When downloading our App, the operator of the respective App Store (e.g., Apple App Store, Google Play Store) processes personal data such as:

  • Username
  • Email address
  • Customer number of the App Store
  • Payment information
  • Device identifiers
  • Time of download

Note:
We have no influence over this data processing. The respective App Store operator is responsible. For more information, please refer to the privacy policy of the respective App Store.

 

3) Your Rights as a Data Subject

Under applicable law, you have various rights regarding your personal data. To exercise these rights, please send your request with clear identification of your person by email or post to the address mentioned in Section 1.

An overview of your rights is provided below:

3.1) Right to Confirmation and Access

You have the right to know at any time whether personal data concerning you is being processed. If so, you have the right to free information about:

  • Processing purposes
  • Categories of personal data
  • Recipients or categories of recipients
  • Planned storage duration or its criteria
  • Existence of rights to rectification, erasure, restriction or objection
  • Existence of a right to lodge a complaint with a supervisory authority
  • Origin of the data, if not collected from you
  • Existence of automated decision-making including profiling and its effects

If data is transferred to a third country, you also have the right to be informed about appropriate safeguards under Article 46 GDPR.

3.2) Right to Rectification

You have the right to request the immediate correction of inaccurate personal data. Considering the purposes of processing, you may also request the completion of incomplete data.

3.3) Right to Erasure (“Right to be Forgotten”)

You have the right to request the deletion of personal data if:

  • The data is no longer necessary for the purposes of processing
  • You withdraw your consent and no other legal basis exists
  • You object and no overriding reasons exist
  • The data was unlawfully processed
  • Deletion is required to fulfil a legal obligation
  • The data was collected in relation to services offered to children under Article 8 GDPR

If the data was published, we will inform other controllers of your deletion request, where technically possible and reasonable.

3.4) Right to Restrict Processing

You have the right to request restriction of processing if:

  • You contest the accuracy of the data
  • Processing is unlawful and you request restriction instead of deletion
  • We no longer need the data, but you require it for legal claims
  • You have objected and the balancing of interests is pending

3.5) Right to Data Portability

You have the right to receive the data you provided in a structured, commonly used and machine-readable format. You also have the right to transmit this data to another controller, provided that:

  • Processing is based on consent or contract, and
  • Processing is carried out by automated means

On request, we will transfer the data directly to another controller, where technically feasible.

3.6) Right to Object

You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data based on Article 6(1)(e) or (f) GDPR. This also applies to profiling.

We will then no longer process the data unless we can demonstrate compelling legitimate grounds or the processing serves the establishment or defence of legal claims.

3.7) Right to Withdraw Consent

You can withdraw consent at any time. Withdrawal does not affect the lawfulness of processing up to the point of withdrawal.

3.8) Right to Lodge a Complaint with a Supervisory Authority

You have the right to lodge a complaint with a supervisory authority, particularly in your place of residence, workplace or the place of the alleged infringement.

 

4) Data Security

We use technical and organisational measures to protect your data, including:

  • Encryption (TLS/SSL) during data transmission
  • Secure server locations
  • Role-based access control
  • Regular security updates

We strive to protect your data in accordance with applicable data protection laws and technical possibilities. However, complete protection during data transfer over the internet cannot be guaranteed, as transmissions via mobile networks or the internet may involve security risks.

 

5) Automated Decision-Making

No automated decision-making based on processed personal data takes place.

 

6) Disclosure of Data to Third Parties and Transfers to Third Countries

We only disclose personal data if:

  • It is necessary to fulfil contractual obligations (Article 6(1)(b) GDPR)
  • We have legitimate interests (Article 6(1)(f) GDPR)
  • You have consented (Article 6(1)(a) GDPR), or
  • We are legally obliged to do so

Transfers to third countries:
Transfers to countries outside the EU only occur if an adequacy decision by the EU Commission exists or appropriate safeguards under Article 46 GDPR are in place (e.g., EU Standard Contractual Clauses).

 

7) Data Protection Officer

For questions or concerns regarding data protection, please contact our Data Protection Officer:

Julia Kienbaum-Duus
Kampweg 1, 21035 Hamburg
Phone: +49 (40) 241896127
Email: datenschutz@scanmedia.net

 

 

Support

Leistungen

Firma

Anschrift

S-TEC GmbH
Kampweg 1
D-21035 Hamburg

Telefon: +49 40 241896-0 (Zentrale)
Telefax: +49 40 739311-71

Allgemein E-Mail: info@scanmedia.net
Internet: www.scanmedia.net

Öffnungszeiten Ladengeschäft:
Montag bis Freitag: 9:00 bis 18:00 Uhr