PRIVACY POLICY
"Connected Command App"
(March 2023)
This
app is operated by Rosenbauer International AG (FN 78543f), hereinafter referred to as "we",
"us" and "Rosenbauer", with its registered office in 4060 Leonding, Paschinger Str. 90. In
this privacy policy, we as the controller pursuant to Art. 4 Para. 7 EU-DSGVO
describe, which data we collect when you use our "Connected Command
App" and for what purpose we process it. In addition, we inform you about
the rights and safeguards we offer in the course of data processing.
Since the
protection of your personal data is of particular concern to us, we strictly
adhere to the legal requirements of the Austrian DSG and the EU-DSGVO when
collecting and processing your personal data.
In the following, we inform you in detail about the scope and purpose of
our data processing as well as your rights as a data subject. Therefore, please read our privacy policy
carefully before you continue to use our app and, if necessary, give your consent
to data processing.
1. personal data
The use of
our app is generally possible without your consent to the processing of
personal data, although the use may then be restricted for technical reasons.
For the use of individual services, however, different rules may apply, which
we will point out to you separately.
In
principle, we only collect and store the data that you yourself provide to us
by entering it in our app or otherwise actively interacting with our app or
agreeing to its collection.
Personal
data is any information relating to an identified or identifiable natural
person. This includes, for example, your name, your address, your telephone
number or your date of birth, but also your IP address or geolocation data that
allow a conclusion to be drawn about you.
2. collection and processing of personal
data in the "Connected Command App
To support aid-/organizations and associations or rather the persons
belonging to them (such as fire departments or rather firefighters, rescue
etc.) as well as any other persons who would like to use the services of the
application, we provide the application "Connected Command App". This allows the
user for example to gain an overview of the situation during a firefighting
operation, for example, the sites, hydrants, fire engines, commanders and group
commanders. In this context, position data is required in order to display an
overview map with all points of interest. For this purpose,
moving and tracked persons or vehicles are displayed in the APP by means of
green PINs, while static information or the associated data (deployment
objects, hydrants, etc.) are entered into the system by the administrator (if a
proper authorisation exists). This can for example be
building plans of sites, photos of building accesses or comparable information.
In a first step, if you download the application from the App Store or in
any other way to your (mobile) end device, the information required for this is
transferred to the App Store or the download portal. In particular, this
includes your user name, email address and the customer number of your account,
the time of the download and the individual device identification number. We
have no influence on this data collection and are not responsible for it. We
process the data only insofar as it is necessary for downloading the mobile app
to your mobile device.
The following data is processed when using the "Connected Command
App":
Registration data: For registration and
login purposes, we collect your e-mail address, your first and last name and,
if applicable, the organization (e.g. fire brigade unit) to which you belong.
Position data: With your permission,
we collect your position data to display you or your vehicle on the map. This
information can be shared automatically when the user for example gets an
assignment pushed to their phone. It is also possible to collect the position
from your device when the app is not actively running, in order to track
essential roles, such as dispatcher and vehicles in the operation, even if
other apps are being used.
Communication: For communication
purposes for example during deployment, there is a deployment feed in which
authorized persons can share information (image, text, video, audio). This
information is then visible to the other authorized persons of an organization
and is also used to document the deployment.
Third-party login credentials: Facebook
ID; Google ID; Apple ID;Microsoft ID
Mobile device data: Activity, IP
address, Firebase identity, device identity.
We do not evaluate or process the collected data statistically or for
marketing purposes.
3. storage period
This data is generally processed for the duration of the contractual
relationship existing between you and us regarding the use of our app. Beyond
this period, we only store data that must continue to be stored for up to 7 years
due to legal obligations (e.g. accounting) or that we need for legitimate
interest to defend against unjustified claims until the end of a legal dispute
with you.
Incidentally, you can at any time irretrievably delete the data you
yourself have provided in the context of using our app in your profile or by
deleting your entire profile (and thus terminating the contractual relationship
with us).
4. data transmission
We do not
transfer your data to third parties (outside your organization), unless we are
legally obliged to do so, the data transfer is necessary for our contractual
relationship or you have previously expressly consented to the transfer of your
data. External processors or other
cooperation partners will only receive your data if this is necessary for the
execution of the contract or if we have a legitimate interest in doing so,
which we will always disclose separately in the event of an incident. As far as
one of our processors gets in touch with your personal data, we ensure that
they comply with the regulations of the data protection laws in the same way as
we do.
We do not
sell or otherwise market your personal data to third parties. If our
contractual partners or processors are based in a third country, i.e. a country
outside the European Economic Area (EEA), we will inform you about the
consequences of this circumstance in the description of the offer.
5. safety
We use
numerous technical and organizational security measures to protect your data
against manipulation, loss, destruction and against access by third parties.
Our security measures are continuously improved in line with technological
developments on the Internet. If you would like more detailed information on
the type and scope of the technical and organizational measures we have taken,
we will be happy to receive written enquiries in this regard at any time.
6. your rights
In
accordance with the General Data Protection Regulation and the Data Protection
Act, you have the following rights and remedies as a data subject of our data
processing:
As a data subject of the data processing
described above and other data processing, you have the right to request
information as to whether and, if so, which personal data about you are being
processed. For your own protection - so that no unauthorized person receives
information about your data - we will verify your identity in an appropriate
form before providing information.
You have the right to request without undue
delay the rectification of inaccurate personal data concerning you or - taking
into account the purposes of the data processing - the completion of incomplete
personal data as well as the deletion of your data, provided that the criteria
of Art. 17 EU-DSGVO are met.
You have the right to restrict the processing
of all collected personal data under the legal conditions. This data will only
be processed from the restriction request onwards with your individual consent
or for the assertion and enforcement of legal claims.
You may request the unimpeded and unrestricted
transfer of personal data that you have provided to us to you or to a third
party.
You may object at any time, on grounds relating
to your particular situation, to the processing of personal data concerning you
which is necessary for the purposes of protecting our legitimate interests or
those of a third party. Your data will no longer be processed after objection,
unless there are compelling legitimate grounds for the processing which
override your interests, rights and freedoms, or the processing serves to
assert, exercise or defend legal claims. You may object to data processing for
the purpose of direct marketing at any time with effect for the future.
If you have separately given your consent to
the processing of your data, you may revoke this consent at any time. Such a
revocation affects the permissibility of the processing of your personal data
after you have expressed it to us.
If you take
a measure to enforce your rights under the GDPR as listed above, Rosenbauer must
comment on the requested measure or comply with the request without delay, but
no later than one month after receipt of your request.
We will respond to all reasonable requests
within the law free of charge and as promptly as possible.
The data
protection authority is responsible for requests concerning infringement of the
right to information, infringement of the rights to confidentiality, to
rectification or to erasure. Their contact details are:
Austrian
Data Protection Authority
(Österreichische Datenschutzbehörde)
Barichgasse
40-42
1030 Vienna
4. contact information / contact person
a. Contact information of the responsible person
Rosenbauer International AG
Paschinger Str. 90
4060 Leonding
Austria
+43 732 67
94-0
b. Contact information of the contact
person for data protection matters
Rosenbauer
International AG
Digital Solutions
Paschinger Str. 90
4060 Leonding
Austria