Privacy policy
COVID-19 App
The protection of your personal data has a high priority for BS software development GmbH & Co. KG attaches great importance to the protection of your personal data. It is important to us to inform you about what personal data is collected, how it is used and what design options you have.
1. what data is collected, how is it used and how long is it stored?
a) When registering/logging in: To register for the app, read in the order ident (QR label) of your lab test. This information is required to submit the test result and to register for push notification.
If you agree to receive push notifications in the device settings, a device-specific token is stored on the server that allows us to send you push notifications. This information (order identity and token for the push notifications) will be completely deleted from the server again after 30 days of inactivity.
By agreeing to this statement, you give us your consent in accordance with Art. 6 para. a in conjunction with Art. 9 para. 2 letter a DSGVO.
b) When using the app:
When you use the app, our servers record the IP address of your device for 10 minutes to prevent brute force attacks on our system (Art. 6 para. 1 b DSGVO). Within the app, you enter the orderIdent for your lab order manually or via the camera of the cell phone. This is not stored temporarily and is only used to generate a query on the server regarding the test status and to display the result to you. Here, too, the legal basis is your consent given with the approval of this declaration in accordance with Art. 6 Para. 1 a in conjunction with Art. 9 Para. 2 Letter a DSGVO.
2. permissions
In order to use the app on your device, the app must be able to access various functions and data on your end device. For this purpose, it is necessary that you grant certain authorizations (Art. 6 para. 1 a DSGVO).
The authorizations are programmed differently by the various manufacturers. For example, individual authorizations may be combined into authorization categories and you may also only agree to the authorization category as a whole.
Please note that if you object to one or more authorizations, you may not be able to use all the functions of our app.
If you have granted authorizations, we will only use them to the extent described below:
Internet communication
The app requires access to the Internet via W-LAN or mobile radio for the following purposes: Querying the test result on the central server (see also 1.).
Camera, microphone, USB, photos, videos, message content, etc.
The app requires access to the camera for the following purpose: reading the QR label. Data is not stored here.
3. does the app send push notifications?
Push notifications are messages sent by the app to your device and displayed there in a prioritized manner. This app uses push notifications by default, provided that you have consented to this during app installation or first use (Art. 6 para. 1 a DSGVO).
You can disable the receipt of push notifications at any time in the settings of your device.
4. is my usage behavior evaluated, e.g. for advertising or tracking?
The app does not use any methods to evaluate user behavior.
Who is responsible for data processing? Who is my contact person if I have questions about data protection?
The data controller is BS software development GmbH & Co. KG. If you have any questions, please contact our customer service or our data protection officer Mr. Erwin Feroudj audius GmbH Mendelstraße 13 89081 Ulm.
6. what rights do i have?
You have the right,
a) to request information on the categories of data processed, the purposes of processing, any recipients of the data, the planned storage period (Art. 15 DSGVO);
b) to demand the correction of incorrect or incomplete data (Art. 16 DSGVO);
c) revoke a given consent at any time with effect for the future (Art. 7 para. 3 DSGVO);
d) object to data processing that is to be carried out on the basis of a legitimate interest for reasons arising from your particular situation (Art. 21 (1) DSGVO);
e) in certain cases, within the framework of Art. 17 DSGVO, to demand the deletion of data - in particular insofar as the data is no longer required for the intended purpose or is processed unlawfully, or you have revoked your consent in accordance with (c) above or declared an objection in accordance with (d) above;
f) under certain conditions, to demand the restriction of data, insofar as deletion is not possible or the obligation to delete is disputed (Art. 18 DSGVO);
g) to data portability, i.e. you can receive your data that you have provided to us in a common machine-readable format such as CSV and transmit it to others if necessary (Art. 20 DSGVO;)
h) complain to the competent supervisory authority about the data processing (BS software development GmbH & Co. KG with its registered office in Ulm is subject to control by the LfDI Baden-Württemberg).
7. to whom does BS software development GmbH & Co. KG pass on my data?
Due to legal obligation: In certain cases, we are required by law to transmit certain data to the requesting government agency. Example: Upon presentation of a court order, we are required by Section 101 of the Copyright Act to provide owners of copyrights and ancillary copyrights with information about customers who are alleged to have offered copyrighted works on Internet file-sharing networks.
Apart from the fulfillment of legal obligations to which BS software development GmbH & Co. KG is subject to, no data will be disclosed to third parties.
To processors, which are companies that we commission with the processing of data within the scope provided by law, Art. 28 DSGVO (service providers, vicarious agents). BS software development GmbH & Co. KG remains responsible for the protection of your data.
8. where will my data be processed?
Your data will be processed in Germany.