1. General
1.1 Introduction
At CHG-MERIDIAN AG, we take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy. This privacy policy applies to our TESMA® app (hereinafter „App”). Our privacy policy for the App explains the nature, purpose and scope of data collection in the context of App use.
Responsible Entity:
„Responsible entity” means the entity that collects, processes or uses personal data (e.g., names, email addresses, or the like). The responsible entity for data processing within the scope of this app is:
CHG-MERIDIAN AG
Franz-Beer-Straße 111
88250 Weingarten
Tel.: +49 751 503-0
E-Mail: info@chg-meridian.com
Data Protection Officer:
Benjamin Hummer
E-Mail: datenschutz@chg-meridian.com
1.2 Terminology
For better comprehensibility, our data protection statement does not differentiate between the genders. In the interest of equal treatment, corresponding terms apply to both genders.
What the terms used, such as „personal data” or their „processing” mean, can be found in Article 4 of the EU General Data Protection Regulation (GDPR).
The prerequisite for using this app is the TESMA web application (hereinafter „web application”). An account in the web application is required in order to use the app. All data that you enter in the app is automatically transferred to the web application and managed there. You can find more information on the processing of personal data within the web application here: https://www.chg-meridian.com/en/tools/data-protection.html
1.3 Legal bases of processing
Article 6(1)(a) DSGVO serves as our legal basis for processing operations for which we have obtained consent for a specific processing purpose.
If the processing of personal data is necessary for the performance of a contract to which the data subject is a party, as is the case, for example, with processing operations that are necessary for a delivery of goods or the provision of another service or consideration, the processing is based on Article 6 (1) (b) DSGVO. The same applies to such processing operations that are necessary for the implementation of pre-contractual measures, for example in cases of inquiries about our products or services.
If we are subject to a legal obligation by which the processing of personal data becomes necessary, such as for the fulfillment of tax obligations, the processing is based on Art. 6 (1) c) DSGVO.
If the processing of personal data is necessary to protect the vital interests of the data subject or another natural person, the processing is based on Art. 6(1)(d) DSGVO.
Finally, processing operations may be based on Art. 6(1)(f) DSGVO. Processing operations are based on this legal basis if the processing is necessary to protect a legitimate interest of us or of a third party, provided that the interests, fundamental rights and freedoms of the data subject are not overridden.
2. Usage of TESMA® App
2.1 Collection of personal data when using our mobile app
When downloading the app, the required information is transferred to the Apple App Store or the Google Play Store, depending on the source from which you obtain the app. In particular, this is the username, email address and customer number of your account as well as the time of the download. We have no influence on this data collection and are not responsible for it. We process the data only insofar as it is necessary for downloading the app to your mobile device. In this respect, we refer you to the respective privacy information of the provider for further information.
When using the app, we only process your access data from the web application, consisting of user name and password, so that you can log in to your user account.
Beyond that, we do not process any further information in the app, such as details on the beginning and end as well as the scope of the respective use. All data that you process in the context of asset management in the app is automatically transferred to the web application and processed there under the conditions of the data protection provisions applicable there.
This mainly concerns the processing of data in the following functions available in the app:
- Goods Receipt: Confirmation of receipt of an item
- Status change: The tracking status of selected devices can be changed
- Serial number change: The serial number of a called device can be changed
2.2 Data transmission
2.2.1 Recipients of personal data
CHG-MERIDIAN AG only grants access to personal data if it is absolutely necessary. This access is restricted to personal data that is required for the specific purpose.
Authorization for access to personal data is always linked to a purpose, so that no general release for access to personal data is granted. Service providers receive personal data only in accordance with the purpose of the contractual relationship with the company.
2.2.2 International data transmission
A transfer to a third country or an international organization does not take place.
2.3 Storage duration
CHG-MERIDIAN AG will not process your personal data for longer than is permitted under applicable data protection laws and regulations. This applies subject to the applicable local retention regulations
2.4 Access rights of the app
To provide our services through the App, we require the access rights enumerated below that allow us to access certain features of your device.
- Camera
Capture is done for the following purpose:
- Scanning barcodes to capture assets
3. Data Security
This app uses encryption for security reasons and to protect the transmission of confidential content. This encryption is intended to prevent unauthorized third parties from reading the data that you transmit or receive. To protect your access data, we do not store your user name and password, but only a so-called LoginToken assigned by the server. This is stored encrypted in an isolated memory of the app.
4. Note underage
The app is not intended for minors under the age of 16. Persons who have not yet reached the age of 16 may not transmit any personal data to CHG Meridian AG without the consent of their legal guardians.
5. Rights of the persons concerned
In accordance with Art. 15 DSGVO, you have the right to request confirmation as to whether we are processing data relating to you. You can request information about this data as well as the further information listed in Art. 15 (1) DSGVO and a copy of your data.
In accordance with Art. 16 DSGVO, you have the right to request the correction or completion of the data concerning you and processed by us.
You have the right pursuant to Art. 17 DSGVO to request the immediate deletion of the data concerning you. Alternatively, you may request us to restrict the processing of your data in accordance with Art. 18 DSGVO.
In accordance with Art. 20 DSGVO, you have the right to request that the data you have provided to us be made available and transferred to another controller.
You also have the right to complain to the supervisory authority responsible for you in accordance with Art. 77 DSGVO.
5.1 Revocation of your consent to data processing
You have the possibility to revoke an already given consent at any time. For this purpose, an informal communication to dataprotection@chg-meridian.com by e-mail to us is sufficient. The legality of the data processing carried out until the revocation remains unaffected by the revocation.
6. Changes to our privacy policy
We reserve the right to adapt this data protection notice at any time in the event of changes on our website and in compliance with the applicable data protection regulations so that it meets the legal requirements.