MEDION App Privacy Policy (April 2018)

We take the protection of your personal data very seriously and want you to feel secure when using our app and products. The protection of your privacy when processing personal data is an important concern for MEDION that we also take into account in all our business processes.

Precepts

Personal data are collected, processed and used exclusively in accordance with legal regulations and in good faith. As far as possible, we design our business processes in such a way that the data protection requirements are already taken into account during the development of the products and service offers and that personal data is made anonymous in such a way that the person concerned cannot be identified or can no longer be identified if this does not endanger the agreed purpose.

Sources and data used

As part of our business relationships, we process personal data that we have received directly from you. In addition, we process personal data which we legitimately obtain from publicly accessible sources or which is legitimately transmitted to us by other third parties, insofar as this data is necessary for the provision of the corresponding services and within the scope of the agreed purpose.

We store your data which are necessary for the processing of your order, the use of our products or the provision of services, for example repairs, and - if selected by you - for the processing of payments. This is personal data such as your address details, the date of birth (for transactions with age verification) and data required for certain payment methods. The respective order data (article, quantity, price, etc.) are assigned to your address data.

Purpose of processing and legal basis

Your personal data will be processed in accordance with the provisions of the European Data Protection Ordinance (DSGVO) and the Federal Data Protection Act:

For the fulfilment of contractual obligations (Art. 6 Para. 1 b DSGVO):

The processing of personal data takes place in the context of trade with products and services in the field of consumer electronics.The purposes of data processing depend primarily on the specific product (e.g. physical or digital) and its possible applications. Further details on data processing purposes can be found in the contractual documents, the operating instructions and the terms and conditions.

Within the framework of the balancing of interests (Art. 6 para. 1 f DSGVO):

If necessary, we process your data beyond the actual performance of the contract to protect the legitimate interests of us or of third parties. This includes the examination and optimisation of procedures for needs analysis for the purpose of direct customer approach, advertising or market and opinion research, unless you have objected to the use of your data, the assertion of legal claims and defence in legal disputes, the guarantee of IT security and the IT operation of MEDION, the prevention and clarification of criminal offences, and the measures for business management and further development of services and products.

On the basis of your consent (Art. 6 Par. 1 a DSGVO):

If we have your consent to the processing of personal data for specific purposes (e.g. forwarding of data within the Group, evaluation of data for marketing purposes), the legality of such processing is given on the basis of your consent. The given consent can be revoked at any time. This also applies to the revocation of declarations of consent given to us prior to the validity of the DSGVO, i.e. before 25.05.2018. The revocation of the consent does not affect the legality of the data processed until the revocation.

Due to legal requirements (Art. 6 para. 1 c DSGVO) or in the public interest (Art. 6 para. 1 e DSGVO):

This includes, for example, identity and age checks or the fulfilment of tax control and reporting obligations.Unless explicitly stated below, no personal data will be processed when using this app; i.e. not stored or modified or passed on to third parties.

Special data protection for MEDION Life+ products:

MEDION uses your data to make the use of your Smart Home components as pleasant as possible for you. At the same time, we use this information to improve the MEDION service and thus give you the opportunity to control your components via various services. The following personal data to be entered by you will be stored if you create a free account: E-mail address, component name. The data is stored after your registration with an account via a local server in Germany (Amazon Web Services).

Your data will then automatically be completely and irrevocably deleted from the server, provided that no use of your account has taken place within 120 days.

To ensure the compatibility of your Life+ products with your smartphone, our application (MEDION Life+) accesses the following functions of your phone:

App permissions:

In order to provide you with the functionalities of the app, the app must be able to access various functions and data of your mobile device. To do this, it is technically imperative that you grant the app selected access authorizations. Otherwise the app cannot be used for technical reasons. Before using the app for the first time, we will explicitly inform you of the requested access rights. Usually the authorizations are as follows:

Location: This permission is required to determine your current location for location-based services. This permission allows your phone to access your GPS data, WLAN identifiers and/or Bluetooth, depending on which of them you have enabled, to locate your location.

Address Book: This permission supports the selection of contacts to be informed for the user and provides the possibility to search for and select the appropriate persons in the contact data. For this to be possible, the app requires the'Contacts' permission to access the contact data.

WLAN connection information: This permission requires access to the W-LAN status to automatically inform the user whether a connection to the Internet exists and to be able to point him to'offline' control if the Internet connection is not established or cannot be established, it is necessary to query the status of the network and to be able to search for WLAN connections/home networks.

Push notifications: Push notifications are messages that are sent from the app to your device and are prioritized there. This app uses push notifications on delivery, provided the user has consented during the installation of the app or the first use. The reception of push notifications can be deactivated at any time in the settings of the device.

User behaviour: Within the framework of legal regulations, we, or companies commissioned by us, create usage profiles under a pseudonym. These can be evaluated for advertising and market research or for the demand-oriented design of the app. A direct conclusion to the user is not possible. The profile data is not linked to any further information about the user.

Log data: This permission enables the automatic storage of log data, such as the information that your browser sends when you visit a website or that your mobile app sends when you use it. These log data may include your IP address, the address of the visited websites, type and settings of the browser, date and time of your request and cookies. Cookies are small text files that are removed from your mobile device every time you visit a MEDION website. MEDION uses cookies to track the preferences of users and to be able to optimize the website accordingly. Cookies help MEDION to identify particularly popular areas of our website. This enables us to better tailor the content of our Internet pages to the needs of users and improve our Internet offering. Cookies can be used to determine whether your computer has already been connected to our Internet pages. Cookies can identify your computer, but cannot establish a connection to you personally.

Device information: In addition to protocol data, MEDION may also collect information about the device on which the app is used. These include device type, operating system used, device settings, unique device identifiers and crash data. Whether some or all of this information is collected depends on the type of device used and its settings. This allows error messages and system crashes to be analyzed in order to improve future operation. Personal data is not required for this and is also not recorded.

Social Media: If you connect to this app via third party social media sites (such as Facebook or Twitter or Instagram or Google+), you agree to the permissions stored under your personal account. MEDION does not have access to the personal data stored by you there.

Data transfer to third countries or international organisations

Data are transmitted to offices in countries outside the European Union (so-called third countries) if

Furthermore, MEDION does not transfer any personal data to bodies in third countries or international organisations. However, MEDION uses service providers who also use service providers who may have their company headquarters, parent company or data centers in a third country for certain orders.

According to Article 45 DSGVO, transmission is permissible if the European Commission has decided that an adequate level of protection exists in a third country. In the absence of such a decision, MEDION or the Service Provider may only transfer personal data to a third country or to an international organisation if appropriate safeguards are provided (e.g. standard data protection clauses adopted by the Commission or the Supervisory Authority in a particular procedure) and enforceable rights and effective remedies are available.

MEDION has agreed contracts with these service providers for so-called order processing, which stipulate that the principles of data protection are always concluded with their contractual partners in compliance with the European data protection level.

Storage periods

MEDION processes and stores your personal data as long as this is necessary for the fulfilment of our contractual and legal obligations.

If the data are no longer necessary for the fulfilment of contractual or legal obligations, they are regularly deleted, unless their - limited - further processing is necessary for the following purposes: preservation of evidence within the framework of the statutory statute of limitations. According to §§ 195 ff. of the German Civil Code (BGB), these limitation periods can be up to 30 years, whereby the regular limitation period is three years. Furthermore, this includes the fulfilment of commercial and tax storage obligations in accordance with the German Commercial Code (HGB) or Fiscal Code (AO), the periods for storage and documentation specified in the aforementioned laws are two to ten years. Betroffenenrechte

Any person concerned by the processing of personal data has the right to:

However, §§ 34 and 35 BDSG apply to the right to information and the right of cancellation. In addition, there is a right of appeal to a competent data protection supervisory authority (Art. 77 DSGVO in conjunction with § 19 BDSG). For MEDION, this is the North Rhine-Westphalia State Commissioner for Data Protection and Freedom of Information, P.O. Box 20 04 44, 40102 Düsseldorf. https://www.ldi.nrw.de/metanavi_Kontakt/index.php

You can revoke your consent to the processing of personal data at any time. This also applies to the revocation of declarations of consent issued to us prior to the validity of the Basic Data Protection Ordinance (DSGVO), i.e. prior to 25 May 2018. Please note that the revocation will only take effect in the future. Processing that took place before the revocation is not affected by this.

Obligation to provide data

Within the framework of our business relationship, you must provide those personal data which are necessary for the establishment and execution of a business relationship and the fulfilment of the associated contractual obligations or which we are legally obliged to collect. Without this information we will usually not be able to conclude or execute the contract with you.

Automated decision making

In principle, we do not use fully automated decision making according to Art. 22 DSGVO for the establishment and implementation of the business relationship. Should we use these procedures in individual cases, we will inform you separately, insofar as this is required by law.

Profiling

We process some of your data automatically with the aim of evaluating certain personal aspects (profiling). We use profiling, for example, to inform you specifically about products and services or we use evaluation tools. These enable demand-oriented communication and advertising, including market and opinion research.

Information about your right of objection according to Art. 21 Basic Data Protection Ordinance (DSGVO)

Right of objection in individual cases

You have the right to object at any time for reasons arising from your particular situation to the processing of personal data concerning you, which is based on Art. 6 para. 1 e DSGVO (data processing in the public interest); this also applies to profiling based on this provision within the meaning of Art. 4 no. 4 DSGVO.

If you object, we will no longer process your personal data, unless we can prove compelling reasons worthy of protection for the processing, which outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

Right of objection to the processing of data for direct marketing purposes

In individual cases we process your personal data for direct marketing purposes. You have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising; this also applies to profiling, insofar as it is associated with such direct advertising.

If you object to the processing for direct advertising purposes, we will no longer process your personal data for these purposes.

The objection can take place form-free and should be directed if possibleen:

MEDION AG

Datenschutz
Am Zehnthof 77
45307 Essen, Germany

The responsible office is MEDION AG, Am Zehnthof 77, 45307 Essen, Germany. You can also reach the company data protection via e-mail: datenschutz@medion.com