This privacy policy applies to data processing by us as the controller pursuant to Art. 4 (7) of the General Data Protection Regulation (GDPR):
NOYO AG
Erlenstrasse 4A
CH 6343 Rotkreuz
noyo-mobility.com
Commercial register entry:
Number CHE-353.953.650
Commercial Register Office Canton Zug
Unless this privacy policy contains or implies a different definition, reference is made to the definitions in Art. 4 GDPR with regard to the terms used. According to Art. 4 No. 1 GDPR, personal data means any information relating to an identified or identifiable natural person. This includes, for example, first and last name, date of birth, private and business contact details, working hours and remuneration.
Youare neither legally or contractually obliged nor is it necessary for you to provide us with personal data in order to conclude a contract. However, if you do not wish to provide us with any personal data, you will not be able to use the app's functions. There are no further consequences for you if you do not provide us with personal data.
Wecannot provide all the resources required to offer you our app ourselves. We therefore rely on the services of carefully selected third parties who process data on our behalf. All processors we use have been carefully selected and checked in advance. We conclude an agreement with all processors used in accordance with Art. 28 GDPR and of course regularly ensure that our processors are reliable and comply with all data protection regulations so that your data is always secure.
Weprovide you below with an overview of data processing operations that may affect your personal data in the course of your use of NOYO:
When you download the app, the necessary information is transferred to the Google Play Store (if you use our app on an Android device) or the Apple App Store (if you use our app on an iOS device). In particular, this requires your user name, email address and customer number of your account, time of download, payment information and the individual device identification number as well as any other data. We have no influence on this data collection and processing and are not responsible for it. We only process the data to the extent necessary for downloading the app to your device.
Please also refer to the privacy policies of Google(https://policies.google.com/privacy?hl=de) and Apple(https://www.apple.com/de/privacy/privacy-policy/).
Whenyour end device connects to our servers or services of other providers used by us, we process certain device and connection data. This includes:
This data is required to make our app available to you and to be able to assign your end device, as well as to improve the app and our services. The legal basis for this processing is Art. 6 para. 1 sentence 1 lit. f GDPR. The deletion takes place as soon as the storage is no longer necessary. .
In order to carry out the aforementioned data processing, we use the services of carefully selected service providers who process your data on our behalf and in accordance with our instructions and whom we monitor regularly. Therefore, the data is stored on our behalf on servers in the Frankfurt data center (europe-west3) of Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland). It cannot be ruled out that data may also be transferred to the USA in individual cases. The level of data protection in the USA is not considered adequate by the European Commission. Data is therefore transferred to the USA on the basis of the standard contractual clauses pursuant to Art. 46 para. 2 lit. c GDPR. The standard contractual clauses are available at https://ec. europa.eu/info/law/law-topic/data-prote... Alternatively, you can also request these documents from us using the contact details provided in section 1.
You can find more information on data processing by Google in Google's privacy policy: https://www.google.com/policies/privacy/.
a.) Registration with telephone number
Google stores your telephone number when you register until you delete your account.
b.)Transmission to third countries
As part of your registration, personal data (email address, telephone number) is also transmitted to Google in the USA. The level of data protection in the USA is not considered adequate by the European Commission. The data transfer to the USA therefore takes place on the basis of the standard contractual clauses pursuant to Art. 46 para. 2 lit. c GDPR. The standard contractual clauses are available at https://ec. europa.eu/info/law/law-topic/data-prote... Alternatively, you can also request these documents from us using the contact details provided in section 1. You can find more information on data processing by Google in Google's privacy policy: https://www.google.com/policies/privacy/.
The processing is necessary so that we can create a user account for you and thus fulfill our obligations under the user contract. The legal basis for this is Art. 6 para. 1 sentence b GDPR. If you cancel your user account, the information stored in your user account will be deleted, unless its retention is necessary for commercial or tax law reasons in accordance with Art. 6 para. 1 lit. c GDPR.
Registrations are logged. For this purpose, we store the time of registration, the time of the last login and your IP address. Logging helps us to comply with legal requirements. We delete the logged information after two years, starting from the end of the year in which you terminate your user account. The legal basis for logging is Art. 6 para. 1 sentence 1 lit. f GDPR.
5.4 As part of the coordination and management of service appointments
You can use our app to submit and manage service requests to our partners. We process personal data for this purpose. This includes in particular
So that we can continue to improve the app, anonymous statistics are automatically generated on how you use the app, such as how often, on which days and on which devices. The data on how you use our app is necessary for us to ensure and further improve the stability and security of the app. The data collected in this way will not be merged with your other profile information, but will be included in anonymous statistics that help us to get to know our users better and to better adapt the app to their needs. This processing is necessary to ensure and further improve the stability and security of the app and is carried out on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR.
To enable us to further improve the app, reports are created and analyzed in the event of a crash. Our app uses Sentry technology for this purpose. This collects information about the device used and the use of our app (e.g. the time stamp, when the app was started and when the crash occurred), which enables us to diagnose and solve problems. This personal data is not merged with your other profile information. Chat messages are excluded from this and are not sent with crash reports. We collect this data and transmit it to Sentry in the USA (Functional Software Inc., 132 Hawthorne Street, San Francisco, California 94107) for analysis purposes. Sentry analyzes the data in connection with the crash of our app on our behalf. The processing of this data is necessary for us to further improve the stability and security of the app and is carried out on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR.
The level of data protection in the USA is not considered adequate by the European Commission. Data is therefore transferred to the USA on the basis of the standard contractual clauses pursuant to Art. 46 para. 2 lit. c GDPR. The standard contractual clauses are available at https://ec. europa.eu/info/law/law-topic/data-prote... Alternatively, you can also request these documents from us using the contact details provided in section 1. We have concluded an order processing contract with Sentry. You can find more information about this here: https://sentry.io/legal/dpa/.
Weonly process your personal data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) if it is necessary for the fulfillment of our (pre)contractual obligations (pursuant to Art. 6 para. 1 sentence 1 lit. b GDPR), on the basis of your consent (pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR), on the basis of a legal obligation (pursuant to Art. 6 para. 1 sentence 1 lit. c GDPR) or on the basis of our legitimate interests (pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR). The same applies if third parties process your data on our behalf in a third country. Furthermore, data will only be transferred to a third country if this is permitted under Art. 44 et seq. GDPR is permitted.
The data processed by us is deleted in accordance with Art. 17 GDPR or its processing is restricted in accordance with Art. 18 GDPR. Unless otherwise stipulated in this privacy policy, the data processed by us will be deleted as soon as it is no longer required for its intended purpose and the deletion does not conflict with any statutory retention obligations. We review the necessity every six months. If the data is not deleted because it is required for other, legally permissible purposes, its processing is restricted, i.e. the data is blocked and not used. This applies, for example, to data that must be retained for commercial or tax law reasons.
According to legal requirements in Germany, books, records, inventories, annual financial statements, management reports, the opening balance sheet as well as the work instructions and other organizational documents required for their understanding, received and sent commercial or business letters, accounting vouchers and other documents, insofar as they are relevant for taxation, are retained or stored for ten years in accordance with Section 147 (1) AO. This also applies to any personal data of data subjects contained in the aforementioned documents.
In connection with your use of our app, no automated decision-making in individual cases or profiling within the meaning of Art. 22 GDPR takes place.
You have the right:
Ifwe process your personal data on the basis of your consent pursuant to Art. 6 (1) (a) GDPR, you have the right to revoke any consent you have given us pursuant to Art. 7 (3) GDPR with effect for the future.
If you wish to exercise your right of revocation, you can inform us by e-mail to info@noyo-mobility.com. Alternatively, you can also use the contact details provided in section 1 above.
If we process your personal data on the basis of our legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR, you have the right to object to the processing of your personal data in accordance with Art. 21 GDPR, provided that there are reasons for this arising from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right to object, which we will implement without you having to specify a particular situation.
If you wish to exercise your right to object, you can inform us by sending an email to info@noyo-mobility.com. Alternatively, you can also use the contact details provided in section 1 above.
Wetake organizational, contractual and technical security measures in accordance with the state of the art to ensure that the provisions of data protection laws are complied with and to protect the data processed by us against accidental or intentional manipulation, loss, destruction or against access by unauthorized persons.
Wereserve the right to amend our privacy policy if this should be necessary due to new technologies or changes to our data processing processes or in order to adapt it to changes in the legal situation applicable to us. However, this only applies to this privacy policy. If we process your personal data on the basis of your consent or if parts of the privacy policy contain provisions of the contractual relationship with you, any changes will only be made with your consent. You can access the current version of our privacy policy at any time in our app.
