Privacy policy

Welcome to our offer. In the following, we would like to explain to you which personal data we process, how we process this personal data and what rights you have with regard to this processing.

1. person responsible for data processing

The controller responsible for data processing is

RM Rudolf Müller Events GmbH

Madeleine-Ruoff-Str. 26a

82211 Herrsching am Ammersee

E-Mail: info@building-green.de

Website: www.building-green.de

We have not appointed a data protection officer for our company and are not obliged to do so. If you have any questions about how we implement data protection or would like to exercise your rights, please contact us at the following e-mail address:

E-Mail: datenschutz@bim-world.de

2. your rights in relation to data processing carried out by us

We are happy to provide you with information about whether and which of your personal data we process and for what purposes (Art. 15 GDPR). In addition, you have the right to rectification (Art. 16 GDPR), the right to restriction of processing (Art. 18 GDPR), the right to erasure (Art. 17 GDPR) and the right to data portability (Art. 20 GDPR) under the respective legal requirements. You have the right to object to the processing under the legal requirements (Art. 21 GDPR). To exercise your aforementioned rights, please contact our data protection officer.

If our data processing is based on your consent within the meaning of Art. 6 para. 1 (a) GDPR, you can revoke this consent at any time freely and without giving reasons (Art. 7 (3) GDPR).

The use of your rights described above is free of charge for you.

Without prejudice to these rights and the possibility of asserting any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority at any time. The supervisory authority responsible for us is

Bavarian State Office for Data Protection Supervision

Promenade 18

91522 Ansbach

Germany

Phone: +49 (0) 981 180093-0

Telefax: +49 (0) 981 180093-800

E-Mail: poststelle@lda.bayern.de

3. data security

We have taken extensive technical and organizational measures to protect your personal data from manipulation, loss, destruction or access by unauthorized third parties.

For security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the site operator, our website uses an SSL-encrypted connection. TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line. If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

If we ask you to send us your payment details (e.g. account number for direct debit authorization) after you have concluded a chargeable contract, this data is required for payment processing. Payment transactions via the usual means of payment (Visa/MasterCard, direct debit) are made exclusively via an encrypted SSL or TLS connection.

4. automated decision-making (including profiling)

We do not process your personal data as part of an automated decision-making process (including profiling) and do not intend to do so.

5. recipients of data

We transfer your data to third parties in the following cases:

  • To the extent that we use processors to fulfill the purposes specified by us, we transmit personal data to these processors. The legal basis in this case is Art. 28 GDPR.
  • Insofar as this is necessary for the fulfillment of our contractual obligations, e.g. in particular to the commissioned credit institution for invoicing. The legal basis in this case is Art. 6 para. 1 (b) GDPR.
  • Insofar as this is necessary to fulfill a legal obligation to which we are subject, e.g. in particular to authorized law enforcement and tax authorities. The legal basis in this case is Art. 6 para. 1 (c) GDPR.
  • Insofar as this is necessary to safeguard legitimate interests. Unsere berechtigten Interessen umfassen insbesondere die Abwehr und Geltendmachung unserer rechtlichen Ansprüche. The legal basis in this case is Art. 6 para. 1 (f) GDPR.

In particular, we transmit data as part of the provision of your “digital business card”. We describe this process in detail in sections 6.3 and 12.4 below.

6. processing of data that you actively communicate to us
6.1. Purchase of tickets

When you purchase tickets for our events in our webshop on our website, we need to ask you to provide some information. In particular, this includes your title, name, position and job title, the company and sector in which you work, as well as your postal address and e-mail address. We summarize this data collected when tickets are purchased in a specific data set. We use this data record to issue you with a personalized ticket by storing the data in encrypted form in a QR code on your ticket. This allows us to personalize your ticket when you enter the event and provide you with a “digital business card”. The encrypted QR code can only be read if the encryption is known. We will delete the data record after your visit to the event or within 12 weeks of the end of the booked event.

The legal basis for data processing is Art. 6 para. 1 (b) GDPR, we use your data to fulfill the contract concluded with you. In addition, the creation of the data record and its encrypted storage in the QR code on your ticket serves our legitimate interest in proper and efficient access control to our events; in this respect, the legal basis for data processing is Art. 6 para. 1 (b) GDPR.

After completion of the event you have booked, we will retain a small amount of the information you provided at the time of purchase, namely your name, e-mail address and position. We store this data to protect our legitimate interests, as we explain in section 6.6 below.

Your data will be deleted as soon as the above-mentioned purposes cease to apply, if and insofar as you have not expressly consented to longer storage in accordance with Art. 6 para. 1 (a) GDPR have given their consent. Statutory retention periods remain unaffected.

6.2. Use of the payment service provider Stripe

We use the external payment service provider “Stripe” to process payments for your purchases. Anbieter ist die Stripe Payments Europe Ltd, Block 4, Harcourt Centre, Harcourt Road, Dublin 2, Irland. If you choose Stripe as your payment method, we will transmit your data required for the payment process to Stripe. The legal basis for this transfer is your consent in accordance with Art. 6 para. 1 (a) GDPR, which you provide by selecting the payment service provider. You can revoke your consent at any time by canceling the payment process with this service provider.

Please note that after we have transmitted the data, the payment process is carried out by Stripe on its own responsibility, in particular also on the basis of the independent contractual relationship existing between you and Stripe. You can find out which of your data Stripe processes for which purposes on its own responsibility, to whom Stripe passes on your data in this context and how Stripe ensures the protection of your personal data in Stripe’s privacy policy, which you can access at https://stripe.com/privacy.

6.3. Your “digital business card”

We have stored the data you provide when booking tickets on our website in a specific data record. We offer visitors to our events the opportunity to use this data record as a “digital business card” and to share it with third parties, in particular other participants in the event (e.g. exhibitors, potential customers, potential suppliers, other visitors to the event) during or as part of the event. You or third parties can use our “BIMWorldScan” app for this purpose.

You can check at any time whether and with whom you share your “digital business card”. The use of the app and the use and handover of your “digital business card” is completely voluntary.

In order to share your “digital business card”, you must allow the third party who is to receive the “digital business card” to read the QR code stored on your admission ticket using our “BIMWorldScan” app installed on the third party’s device. If you allow the third party to access your “digital business card” in this way, the information stored in the data record (see section 6.1 above) will be transferred to the app stored on the third party’s device. The information on your “digital business card” is then openly visible to the third party. The third party can also export them from the app and transfer them to their own systems.

Please note that this third party and no longer RM Rudolf Müller Events GmbH is responsible for this data processing within the meaning of the data protection laws. The transfer of your “digital business card” constitutes a transfer of your data to the third party to whom you allow access to your “digital business card”. The legal basis for this transfer is your consent in accordance with Art. 6 para. 1 (a) GDPR, which you provide by actively and voluntarily allowing the QR code to be read from your admission ticket. If you do not wish to hand over your “digital business card”, please do not allow third parties to read your QR code.

6.4. Newsletter

To stay in touch with you, we offer you the opportunity to subscribe to our newsletter. In order to be able to send you the newsletter, we must ask you to provide a selection of personal data, i.e. your first name, surname and e-mail address. This is the only way we can send you the newsletter correctly. You can order the newsletter as part of a ticket purchase.

We use the Mailchimp service to send the newsletter. Mailchimp is a service of The Rocket Science Group, LLC, 675 Ponce de Leon Ave NE Suite 5000, Atlanta, GA 30308 USA. We have concluded an order processing contract with Mailchimp as our service provider in accordance with Art. 28 GDPR. Mailchimp will transfer this data to the USA. The Rocket Science Group LLC participates in the EU/US Data Privacy Framework, the transfer of data to the USA associated with the use of the Mailchimp service is lawful in accordance with the adequacy decision of the European Union pursuant to Art. 45 GDPR. You can find Mailchimp’s privacy policy here.

The legal basis for the processing of this data and for the international transfer of data is your express consent in accordance with Art. 6 para. 1 (a) GDPR. You always provide this information voluntarily when you subscribe to the newsletter. We will store this data until you withdraw your consent. You can revoke your consent free of charge at any time without giving reasons; there is a corresponding link in all newsletter messages.

In addition to the aforementioned processing of the information you actively provide when subscribing to the newsletter, Mailchimp collects the following personal data using cookies and other tracking methods: Information about your end device (IP address, device information, operating system, browser ID, information about the application you use to read your emails and other information about hardware and internet connection. In addition to the aforementioned processing of the information you actively provide when subscribing to the newsletter, Mailchimp collects the following personal data using cookies and other tracking methods: Information about your end device (IP address, device information, operating system, browser ID, information about the application you use to read your emails and other information about hardware and internet connection. Mailchimp also analyzes performance data, such as email delivery statistics and other communication data. This information is used to compile usage and performance statistics for the services.

The legal basis for this processing and for the international transfer of data is your express consent in accordance with Art. 6 para. 1 (a) GDPR. You always provide this information voluntarily when you subscribe to the newsletter. We will store this data until you withdraw your consent. You can revoke your consent free of charge at any time without giving reasons; there is a corresponding link in all newsletter messages. Further information on objection and deletion options vis-à-vis Mailchimp can be found here.

6.5. Your contact with us; use of our contact form

If you contact us with an inquiry, we will process the personal data you provide in the inquiry in order to process, manage and respond to your inquiry. You can use the contact form provided by us to contact us in this way. In this form, we ask you to provide a selection of personal data, such as your name and e-mail address, so that we can process, manage and respond to your request appropriately.

The legal basis for this processing of your data is Art. 6 para. 1 (b) GDPR, insofar as it concerns the initiation of a contract or customer support within the framework of an existing contractual relationship. If you give us your express consent, for example in the contact form, the legal basis is Art. 6 para. 1 (a) GDPR. You can withdraw your consent free of charge at any time without giving reasons. If neither of the two aforementioned cases applies, the legal basis is Art. 6 para. 1 (f) GDPR, namely our legitimate interest in communicating with our customers as requested.

We store the data you provide when you contact us until you revoke your consent to its storage or until the purpose for which the data was stored no longer applies (e.g. after your request has been processed). Statutory retention periods remain unaffected.

6.6. Protection of legitimate interests and fulfillment of legal obligations

We may use the personal data you provide – your name, position and e-mail address – to advertise our goods and services, unless the explicit consent of the addressee is required by law.

If you give your consent, for example for e-mail advertising, your consent – which can be revoked at any time – is the legal basis pursuant to Art. 6 para. 1 (a) GDPR. In accordance with § 7 para. 3 UWG, we may exceptionally send you advertising by e-mail without your consent if you have provided your e-mail address in connection with an order and we advertise our own similar goods or services. Übersetzter Text The legal basis for this data processing is Art. 6 para. 1 (f) GDPR. The legitimate interest pursued by us is direct advertising You can object to this form of e-mail advertising at any time; we will inform you of this right of objection when you enter your e-mail address and in every advertising e-mail.

We will erase this data if you raise an effective objection within the meaning of Art. 21 GDPR or if you withdraw your consent within the meaning of Art. 7 para. 3 GDPR revoked. Mandatory statutory provisions – in particular retention periods – remain unaffected.

7. processing of data from your end devices: “cookies” and similar identifiers
7.1. Our “Consent Manager”

We use technical aids on our website for various services and functions that are stored on your end device. These are cookies in particular, but also similar so-called identifiers, such as tracking pixels or web beacons (all such technical aids are collectively referred to as “cookies” in the document). We explain which services and functions use cookies in this privacy policy. Most of the cookies we use are so-called “session cookies”. They are automatically deleted at the end of your visit. Other cookies remain stored on your end device until you delete them. These cookies enable us to recognize your browser the next time you visit our website.

When you call up our offer, our “Consent Manager” is displayed immediately. When you call up our offer, our “Consent Manager” is displayed immediately. See also section 8.2 below

7.2. Technically necessary cookies

Our website uses cookies for technically necessary functions to display the website: The technical structure of the website requires us to use certain technologies, in particular cookies. Without these technologies, our website cannot be displayed completely and correctly or the support functions could not be made possible. We explain which cookies these are in section 8 ff. of this privacy policy. You cannot deselect these cookies if you wish to use our website. The legal basis for this processing is Art. 6 para. 1 (f) GDPR.

7.3. Other cookies

We also use optional cookies for whose use we require your consent: we only use these cookies after receiving your consent via the Consent Manager (see section 7.1 above). The functions are only activated with your consent and may be used in particular to enable us to analyze and improve visits to our website, to make it easier for you to use our website via different browsers or end devices, to recognize you when you visit our website or to place advertising (possibly also to tailor advertising to your interests, measure the effectiveness of advertisements or show interest-based advertising). We explain which cookies these are in Section 7 and Section 8 et seq. of this Privacy Policy. The legal basis for this processing is your consent pursuant to Art. 6 para. 1 (a) GDPR. You may withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.

8. processing of data when visiting the website: Data processing in the context of technical provision
8.1. LogFiles

When you visit our website and view its content, information is transmitted from your browser to our server, including the following personal data:

  • Browser type
  • Browser version
  • Operating system used
  • Referrer URL
  • Host name of the accessing computer
  • Time of the server request
  • IP address

This information is temporarily stored in a so-called log file until it is automatically deleted, which regularly takes place within 24 hours.

We process this data in order to provide and display our website and the content it contains, as well as to protect against brute force attacks. The legal basis for this processing is Art. 6 para. 1 (f) GDPR. Our legitimate interest in the processing arises from the fact that the processing is technically necessary in order to display our website to you and to ensure the stability and security of the website. The data will be deleted as soon as it is no longer required for the purpose described. You can object to this legitimate interest at any time.

8.2. Our “Consent Manager”: Borlabs

As we explain in section 7.1, we offer you the option on our website of controlling the use of cookies at any time with the help of our Consent Manager. However, our Consent Manager must communicate with your device, i.e. know its IP address, in order to function correctly. These are processed in anonymized form. The Consent Manager must also store the consent or refusal of consent, as well as the date and time of consent and browser information, as otherwise it would not be able to fulfill its purpose.

We use the Borlabs Cookie Consent Manager on our website. The provider of this technology is Borlabs GmbH, Hamburger Str. 11, 22083 Hamburg. We have concluded an order processing contract with Borlabs as our service provider in accordance with Art. 28 GDPR. Processing by Borlabs takes place exclusively in the European Union. You can find Borlabs’ privacy policy here .

When you enter our website, a Borlabs cookie is stored in your browser, in which the consents you have given or the revocation of these consents are stored. This data is not passed on to the provider of Borlabs Cookie.

The legal basis for data processing is our legitimate interest within the meaning of Art. 6 para. 1 (f) GDPR to offer you a website that works as well as possible and to enable you to control the cookies used on it. The data is stored for a maximum period of 12 months. You can object to this legitimate interest at any time.

8.3. Google Tag Manager

We use the Google Tag Manager service on our website. The Google Tag Manager is an auxiliary service and ensures the loading of other services on the website. The Google Tag Manager itself does not access this data, but it does enable the function of other services, which in turn may process data. We explain which data these services process at the relevant point in this privacy policy.

“Google” is a group of companies and consists of the companies Google Ireland Ltd (provider of the service), Gordon House, Barrow Street, Dublin 4, Ireland and Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA as well as other affiliated companies of Google LLC. We have concluded an order processing contract with Google Ireland Ltd. as our service provider in accordance with Art. 28 GDPR. Further information on Google Tag Manager and Google’s privacy policy can be found here.

9. processing of data when visiting the website: Web analysis
9.1. Google Analytics

We want to know how users use our website and how we can make our website better. We use the Google Analytics service on our website to analyze user behavior. The service sets and uses cookies and processes the IP address used by your device.

“Google” is a group of companies and consists of the companies Google Ireland Ltd (provider of the service), Gordon House, Barrow Street, Dublin 4, Ireland and Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA as well as other affiliated companies of Google LLC. We have concluded an order processing contract with Google Ireland Ltd. as our service provider in accordance with Art. 28 GDPR. Further information on Google Analytics and Google’s privacy policy can be found here.

We use Google Analytics with the “user ID function” deactivated. This means that, according to Google, there is no collection and assignment of user behavior with a pseudonymized ID of the user.

We use Google Analytics with the addition “_gat._anonymizeIp”. This means that, according to Google, the IP address used by your device is immediately shortened and anonymized by Google within the European Union. According to Google, non-anonymized IP addresses only reach the USA in exceptional cases. According to Google, the IP address transmitted by your browser as part of Google Analytics is not merged with other Google data.

The information generated by the cookies about your use of this website, which regularly cannot be assigned to a person due to the anonymization of the IP address, is usually transferred to a Google server in the USA and stored there. Google will use this information on our behalf for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator.

The legal basis for the processing described is your consent in accordance with Art. 6 para. 1 (a) GDPR. You give us this consent via our Consent Manager (see section 7.1 above), which you can use to revoke your consent at any time. You can also prevent the processing described above by changing the settings in your browser program. Google participates in the EU/US Data Privacy Framework. Any data transfers to the USA associated with our use of Google services are lawful in accordance with the adequacy decision of the European Union pursuant to Art. 45 GDPR.

9.2. Use of Matomo

If you give us your consent, we use Matomo, a web analysis service based on open source software. We use Matomo to analyze and statistically evaluate the use of the website. For this purpose, cookies are used. The information obtained about website usage is transmitted exclusively to our servers and summarized in pseudonymous usage profiles. We use the data to analyze the use of the website. The data collected will not be passed on to third parties. The IP addresses are anonymized (IP masking) so that it is no longer possible to assign them to individual users. Data is not transferred to countries outside the European Union.

The legal basis for data processing is your consent pursuant to Art. 6 para. 1 (a) GDPR. If you do not or no longer agree to this, please do not give your consent or revoke your consent in the Consent Manager (see section 7.1 above).

10. processing of data when activating embedded content: Vimeo

We have embedded videos on our website. The videos were published on the video platform Vimeo and are embedded from this platform.

Vimeo is an offer of Vimeo, Inc, 555 West 18th Street, New York, New York 10011, USA. Please inquire with Vimeo about the processing of personal data carried out by Vimeo. You can find Vimeo’s privacy policy here .

We have set up a so-called “two-click solution” for linking or embedding Vimeo videos. This means that the embedding is always inactive and no personal data is transmitted to Vimeo. This only happens when you start a video by clicking on it. If the user is logged in to Vimeo at the same time, Vimeo recognizes which specific subpage of our website the user is visiting by clicking on the Vimeo video. This information is collected by Vimeo and assigned to the respective Vimeo account of the data subject. Vimeo always receives information via the embedding that the person concerned has visited our website if the person concerned is logged in to Vimeo at the same time as accessing our website; this takes place regardless of whether the person concerned clicks on a Vimeo or not. If you do not want this information to be transmitted to Vimeo, you can prevent it from being transmitted by logging out of your Vimeo account before accessing our website.

The legal basis for the processing described is your consent in accordance with Art. 6 para. 1 (a) GDPR. You give us this consent via our Consent Manager (see section 7.1 above), which you can use to revoke your consent at any time. You can also prevent the processing described above by changing the settings in your browser program. Insofar as data is transferred to the USA when using Vimeo Videos, the legal basis is your consent in accordance with Art. 49 para. 1 (a) GDPR.

If you do not want Vimeo to process your personal data, please do not click on the videos.

11. use of social media plug-ins

We do not use any social media plugins on our website. If our offers contain symbols from social media providers (e.g. Facebook, Instagram), we only use these to passively link to our pages on the respective platform: if you click on the symbol, you will be redirected to the corresponding platform. However, the symbols themselves do not process, collect or send any data.

12. processing of data when using the “BIMWorldScan” app

When using our app, the above applies in principle Please also note the following information:

12.1. Responsibility of the app store operators

If you use the “BIMWorldScan” app, your personal data and the personal data stored by you will not only be processed by you or by us as the controller. Due to the way in which the app is technically provided, the app store operator through which the app is downloaded will also process your personal data or data stored by you in the app as an independent controller under data protection law. We have no insight into the data processing of the app store operators and also have no influence on it.

Please contact the app store operator to find out which personal data is processed by them before you download the app from the app store.

12.2. Your user profile in the “BIMWorldScan” app

If you use the “BIMWorldScan” app, we will create a user profile for you. This user profile is stored locally in the app on your end device. The user profile is used to identify you when you use the app, especially if you read “digital business cards” (see section 6.3 above) of third parties. You can also use your user profile as your own “digital business card” and pass it on to third parties.

We will store the following data in the user profile: Title, name, position and job title, the company and industry in which you work, as well as the postal address and your e-mail.

The legal basis for the processing of this data is your consent pursuant to Art. 6 para. 1 (a) GDPR. You always provide this voluntarily when installing the app. This data will be stored in the app until you withdraw your consent and deleted when you delete the app from your device. If you wish to withdraw your consent, please delete the app. Statutory retention periods remain unaffected.

12.3. Data collected when using the app

We can only provide you with the benefits of our app if we process certain data required for the operation of the app when you use it. We only collect this data if this is necessary for the fulfillment of the contract concluded between you and us for the use of the app (Art. 6 para. 1 (b) GDPR). Furthermore, we collect this data if this is necessary for the functionality of the app and your interest in the protection of your personal data does not outweigh this (Art. 6 para. 1 (f) GDPR) or if you consent to the collection and processing (Art. 6 para. 1 (a) GDPR or § 25 para. 1, 2 TTDSG). We collect and process the following data

  • Device information: IP address, device ID, device type, device-specific settings and app settings as well as app properties, the date and time of the retrieval, time zone the amount of data transferred and the message as to whether the data exchange was complete, app crash, browser type and operating system. This access data is processed to enable the technical operation of the app. Among other things, we use Google technologies for this purpose (see section 12.4).
  • Information with your consent: We process other information (e.g. GPS location data) if you allow us to do so.
12.4. Reading out “digital business cards” and storing them in the app

Please note: if you use the app to read out a “digital business card” of a third party and transfer it to the app on your mobile device, you are responsible for any processing of the personal data contained in the “digital business card” read out in this way and transferred to the app on your mobile device. Please agree with the owner of the “digital business card” the purposes for which you collect and process their personal data, e.g. export it from the app and transfer it to your own systems.

12.5. Use of Google Cloud Run and Google Firebase

Our app uses the Cloud Run and Firebase technologies from Google. “Google” is a group of companies and consists of the companies Google Ireland Ltd (provider of the service), Gordon House, Barrow Street, Dublin 4, Ireland and Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA as well as other affiliated companies of Google LLC. We have concluded order processing contracts with Google Ireland Ltd. as our service provider for the named technologies in accordance with Art. 28 GDPR. Google participates in the EU/US Data Privacy Framework. Any data transfers to the USA associated with our use of the aforementioned technologies are lawful in accordance with the adequacy decision of the European Union pursuant to Art. 45 GDPR. Further information about Google Cloud Run and Google Firebase as well as Google’s privacy policy can be found here.

Some of the Firebase functions use so-called “instance IDs”. “Instance IDs” are uniquely assigned identifiers that are provided with a timestamp and enable the linking of different events or processes in connection with the app. According to Google, instance IDs do not process any personally identifiable data. Further information on the instance IDs used and the management of the data concerned can be found here.

We use the following functions of Google Firebase:

  • Cloud Run

We use the Cloud Run content delivery network for our app. Technically, the information transfer to your end device is handled by Cloud Run. Cloud Run processes your device information, as this is necessary for the delivery of data to the app.

The legal basis for data processing is our legitimate interest within the meaning of Art. 6 para. 1 (f) GDPR to provide you with a service that works as well and securely as possible. The data is stored for a maximum period of 90 days. Diesem berechtigten Interesse können Sie jederzeit widersprechen.

  • Firebase Crashlytics

In order to improve the stability and reliability of our app, we rely on anonymized crash reports. We use the Firebase Crashlytics function for this purpose. In the event of a crash, anonymous information is transferred to Google’s servers in the USA (instance ID, status of the app at the time of the crash, installation UUID, crash trace, manufacturer and operating system of the cell phone, last log messages).

Crash reports will only be sent with your express consent. When using the iOS operating system, you can give your consent in the app settings or after a crash. When using the Android operating system, it is possible to generally agree to the transmission of crash notifications to Google and app developers when setting up the mobile device.

The legal basis for the processing described is your consent in accordance with Art. 6 para. 1 (a) GDPR. The data is stored for a maximum period of 90 days. You can revoke your consent for the future by changing the app settings in your device’s operating system.

  • Firebase Analytics

We want to know how users use the SWOOSH app and how we can make the SWOOSH app better. We use the Firebase Analytics function for the purpose of analyzing user behavior.

The following data types are processed when Firebase Analytics is used: Instance ID, number of users and sessions, session duration, operating systems, device models, region, first-time starts, app version, app updates. A complete list of the events automatically recorded in Google Firebase can be found here. This data is analyzed by Google on our behalf for troubleshooting, fixing problems and improving the app.

The legal basis for data processing is our legitimate interest within the meaning of Art. 6 para. 1 (f) GDPR to provide you with an offer that works as well as possible. The data is stored regularly for a period of up to 60 days, but for a maximum period of 14 months. You can object to this legitimate interest at any time.

  • Firebase Performance Messaging

We want to know the technical performance of our app in order to identify weaknesses and improve the app and its security and functionality. We use the Firebase Performance Messaging function for this purpose.

For this purpose, Firebase uses the instance ID to recognize conspicuous access patterns and possible misuse, as well as to create performance event reports. In addition, Firebase uses the IP address of the end device to assign performance events to the countries from which they originate.

The legal basis for data processing is our legitimate interest within the meaning of Art. 6 para. 1 (f) GDPR to provide you with the best and most secure service possible. The data is stored for a maximum period of 90 days. You can object to this legitimate interest at any time.

  • Firebase Cloud Messaging

We offer a “push functionality” in our app. If this is activated, you will receive messages from us directly to your end device. We use the Firebase Cloud Messaging function for this. If the push functionality is activated, the function uses instance IDs to identify the devices to which the push messages are to be sent in order to initiate the sending of the push message to your end device.

We statistically evaluate push messages and can thus recognize whether and when push messages were displayed and clicked on. This enables us to determine which push messages are of interest to recipients in order to tailor future messages to the presumed interests of all recipients and thus increase interest in our offer. The push functionality is only active if you expressly consent to it.

The legal basis for the processing described is your consent in accordance with Art. 6 para. 1 (a) GDPR. The data will be deleted within 180 days of withdrawal of consent at the latest. You can revoke your consent for the future by changing the app settings in your device’s operating system.