The confidentiality and security of the processing of personal data is very important to us. We have reviewed our processes and ensured that they are in compliance with the General Data Protection Regulation (GDPR).
This privacy policy fulfills our obligation to inform according to Articles 13 and 14 GDPR.
This privacy policy is up to date as of 21.08.2018 and can be changed at any time. We will inform you about changes to the privacy policy on our website www.smartwithmaveo.com/maveo-data-privacy and in the Maveo app.
Marantec Marienfeld GmbH & Co. KG
Remser Brook 11 3. 33428 Marienfeld
Germany
Tel. +49 5247 7050
E-Mail: info@marantec.com
Website: www.marantec.com
You can contact our data protection officer at privacy@marantec.com.
Maveo App needs access to your location (Background and Precise Location Data) in order to function correctly (i.e. "Arriving Home" Function), so you need to provide us with permission to use your location data from your mobile device. The location is NOT shared with us, or any third parties, and it is stored locally, on your mobile device. The location data (Background & Precise Location Data) is only compared to your pre-defined location in order to for the app to send you a notification about home coming and allow you one-tap interraction to open your garage door. The location data (Background and Precise Location Data) is needed to provide the automated functionality of opening your garage door.
Personal data is processed in connection with the use of your Maveo product. Specifically:
To operate your Maveo product properly, you need to use the Maveo app, which can be installed on your smartphone or tablet. Access information, specifically Bluetooth and Wi-Fi connection information, is exchan- 5. ged between the app and the Maveo product. This data is not transferred to us. The exchange of this informa- tion between the devices is technically necessary for the intended use of your Maveo product. Insofar as this involves the processing of personal data, this is necessary for the performance of a contract to which the data subject is a party. The legal basis is Art. 6 para. 1 lit. b) GDPR.
Personal data, specifically IP addresses and MAC addresses, is processed for the purpose of product updates. This data is sent to a GUH server for the III. purpose of performing any necessary updates. Before such personal data is transmitted to the GUH server, we will obtain your consent via the app. Of course, you can object to the data transfer at any time. A corresponding functionality is provided in the app for this purpose. The processing of this data is based on your consent, which we will ask you for in connection with the product updates. Legal basis for processing data is Art. 6 para. 1 lit. a) GDPR.
Furthermore, personal data is processed in connection with the registration of your Maveo product. When you register your product, a file folder will be created on our server for you. This will store personal data such as user name, password, serial number of the app or Maveo product. The storage of this data serves to provide our contractual service and is also based on your consent, which we will ask you to give when registering. Legal basis for processing data is Art. 6 para. 1 lit. a) and lit. b) GDPR.
Furthermore, we process additional personal data, provided that you transmit it to us for the purpose of contract execution. In particular, this may include tele- phone numbers, email addresses, names and addresses. We pass this data on to administrators for the purpose of system maintenance and to service companies that provide services at your request. The data is used solely for the provision of these services. Legal basis for this processing is Art. 6 para. 1 lit. b) GDPR.
In addition, we collect personal data when your Maveo product is serviced. Our service technicians read the status of your Maveo product with the help of a specific service stick. The information read contains, in particu- lar, a serial number that can be attributed to you. This in-formation is stored together with your hardware-re- lated machine data on one of our servers. The purpose of this storage is the proper provision of maintenance services as well as the documentation of the proper provision of services and the error analysis. Legal basis for this is Art. 6 para. 1 lit. b) and lit. f) GDPR.
With the data processing described above, we are, in particular, pursuing the legitimate interest of proper documentation of the provision of contractual services.
We only transfer personal data to:
service companies for the purpose of providing maintenance services at your request;
address and contract data to tax consultants and lawyers bound to professional secrecy for the purpose of fulfilling our tax obligations and, if nec- essary, for enforcing or defending our rights.
Insofar as data is transferred for the enforcement or defense of rights, the transfer is based on legitimate interests as defined in Art. 6 para. 1 lit. f) GDPR.
We do not transfer data to a third country or internatio- nal organization
We store the abovementioned personal data until the purpose of its storage has ceased to apply. In the case of IP and MAC addresses used to establish a connection with our server or other servers, the data will be deleted immediately after completion of the transaction.
In the event that address data and other personal data is stored for the purpose of providing services, we will delete this data if it is no longer required for the performance of the contract. In particular, this shall be the case when a contractual relationship has been completely settled and warranty rights can no longer exist. In view of the statutory warranty period of 2 years from acceptance of the service, we delete the data 3 years after the end of the contractual relationship at the latest.
You have the following rights:
1. Right to information
You can request that we confirm whether we will pro- cess personal data that concerns you.
If such processing is taking place, you can request to be informed by us regarding the following information:
You have the right to request information regarding whether your personal information will be transmitted to a third-party country or an international organiza- tion. In this respect, you can request the appropriate guarantees in accordance with Art. 46 GDPR to be informed with regard to the transmission. This right to information may be limited to the extent that it is likely to make it impossible or seriously impair the realization of research or statistical purposes and the limitation is necessary for the fulfillment of research or statistical purposes.
2. The right to rectification
You have a right to rectification and/or completion if the processed personal data concerning you is incorrect or incomplete. Your right to rectification may be restricted to the extent that it is likely to render impossible or seriously impair the achievement of the research or statistical purposes and the restriction is necessary for the fulfillment of the research or statistical purposes.
3. The right to restrict processing
You may request that the processing of personal data concerning you be restricted if:
you dispute the accuracy of the personal data con- cerning you for a period that enables us to verify the accuracy of the personal data;
the processing is unlawful and you refuse to delete the personal data and instead request that the use of the personal data be restricted;
we do not need the personal data for longer than the processing‘s purposes, but you need it for the assertion, exercise or defense of legal claims, or
you object to the processing in accordance with Art. 21 para. 1 GDPR and it is not yet clear whether our legitimate grounds outweigh your grounds.
Where processing of the personal data that concerns you has been restricted, such data – apart from being stored – may be processed only with your consent or for the purpose of asserting, exercising or defending rights or protecting the rights of another natural or legal per- son or on the grounds of an important public interest of the Union or of a Member State.
We will inform you before the restriction is lifted.
Your right to restrict processing may be limited to the extent that it is likely to make it impossible or seriously impair the realization of research or statistical purposes and the limitation is necessary for the fulfillment of research or statistical purposes.
4. The right to erasure
You may request that we delete the personal data that concerns you immediately if one of the following reasons applies:
Should we have made personal data that concerns you public, and should we be required to delete it, we will take appropriate measures, including technical mea- sures, while taking into account available technology and implementation costs, to inform the parties re- sponsible for data processing who process the personal data, that you as the person concerned have requested deletion of all links to such personal data or of copies or replications of such personal data.
The right to erasure does not exist insofar as the pro- cessing is necessary:
5. The right to information
If you have exercised your right to have us correct, delete or limit the processing, we are obliged to inform all recipients to whom the personal data that concerns you has been disclosed of this correction or deletion of the data or restriction on processing, unless this proves impossible or involves a disproportionate effort. It is your right to be informed regarding such recipients.
6. The right to data portability
You have the right to obtain your personal data, which you have provided to us, in a structured, commonly used and machine-readable format. In addition, you have the right to pass this data on to another controller without obstruction by us, insofar as
In exercising this right, you also have the right to requ- est that the personal data concerning you be transfer- red directly from us to another controller, insofar as this is technically feasible. The freedoms and rights of other persons must not be affected by this.
The right to data portability shall not apply to the processing of personal data necessary for the perfor- mance of a task in the public interest or in the exercise of official authority conferred on us.
7. Right to object
You have the right, for reasons arising from your specific situation, to object to the processing of personal data concerning you at any time, which is carried out in accor-dance with Art. 6 para. 1 lit. e) or lit f) GDPR; the same applies to profiling based on these provisions.
We will no longer process the personal data that concerns you, unless we can prove compelling legiti- mate reasons for the processing, which outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
If the personal data that concerns you is being proces- sed for direct marketing purposes, you have the right to object at any time to the processing of the perso- nal data that concerns you for the purpose of such marketing; this also applies to profiling, insofar as it is associated with such direct marketing. If you object to processing that is for direct marketing purposes, the personal data that concerns you will no longer be processed for these purposes.
In the context of the use of information society services – and notwithstanding Directive 2002/58/EC – you may exercise your right to object by automated means using technical specifications.
You also have the right to object, for reasons arising from your particular situation, to the processing of per- sonal data relating to you, for scientific or historical re- search purposes or for statistical purposes pursuant to Art. 89 para. 1 GDPR, unless the processing is necessary to fulfil a task in the public interest.
8. The right to withdraw the data protec-tion declaration of consent
You have the right to withdraw your data protection declaration of consent at any time. The withdrawal of consent shall not affect the lawfulness of processing taking place on the basis of this consent before its revocation.
9. Automated decision in individual cases, including profiling
You have the right not to be subject to a decision based exclusively on automated processing - including profi- ling - that has legal effect against you or significantlyimpairs you in a similar manner. This does not apply if the decision
is necessary for the conclusion or fulfillment of a contract between you and ourselves,
is permissible on the basis of legislation of the Union or the Member States, to which we are subject, and these laws contain adequate measures to safeguard your rights and freedoms, as well as your legitimate interests, or
is undertaken with your express consent.
However, these decisions may not be based on special categories of personal data pursuant to Art. 9 para. 1 GDPR, unless Art. 9 para. 2 lit. a) or lit. g) GDPR applies and appropriate measures have been taken to protect your rights and freedoms as well as your legitimate interests.
In the above-mentioned cases, we shall take reasonable measures to safeguard your rights, freedoms and legiti- mate interests, including at least the right to obtain the intervention of a person on our part, to state your own position and to challenge the decision.
10. The right of appeal to a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right of appeal to a supervisory authority, in particular in the Member State where you reside, work or where the infringement is suspected, if you believe that the processing of personal data that concerns you is in contravention of the GDPR.
The provision of the above-mentioned personal data is neither required by law nor contract. The provision of the personal data, specifically name and contact infor- mation, is required to establish and implement main- tenance contracts for your Maveo product. The processing of IP addresses and MAC addresses is necessary for the maintenance and regular software updates of your Maveo product. However, your Maveo product can also be operated independently of these, but will not unfold its full scope of performance.