Personal Data Subject to GDPR, UK GDPR and DPA 2018
1. Introduction and Legal Framework for Processing of Personal Data
Personal Data in connection with our products and services. It only applies to
Processing of Personal Data
subject to EU General Data Protection Regulation No. 2016/679 (the “GDPR”), or
GDPR and the Data
Protection Act 2018 (the “DPA 2018”).
- We will always process the Data Subject's Personal Data based on one of the
bases provided for in
GDPR, or the UK GDPR and the DPA 2018, as applicable. In addition, when
special categories of
Personal Data which require special care, we will do so in accordance with the
special rules provided for in
GDPR, or the UK GDPR and the DPA 2018.
2. General Information
- “EEA” means the European Economic Area.
- “UK” means the United Kingdom
- “GDPR” means EU General Data Protection Regulation No. 2016/679.
- “UK GDPR” means United Kingdom General Data Protection Regulation
- “DPA 2018” means the Data Protection Act 2018.
- “Personal Data” means the personal data subject to the GDPR, or the UK GDPR and
DPA 2018. Please note
- “Data Subject” means persons protected under the GDPR, or the UK GDPR and the
- “Processing of Personal Data” means processing of Personal Data of the Data
in any of the
- if carried out in connection to activities of our establishment in the
and/or the UK,
- if related to the offering of goods or services to the Data Subject
in the EEA and/or
the UK, or
- if related to the monitoring of the behavior of the Data Subject
the EEA and/or
the UK as far as their behavior takes place within the EEA and/or the
- “Software” means the software we are using in order to operate our intercom
2.2 Collection and Processing of Personal Data
2.2.1 Legal Bases for Processing Operations
1. We may collect and process the Data Subject's Personal Data in the following cases
- if we have a legitimate interest in such processing, unless except where such
interests are overridden
interests or fundamental rights and freedoms of the data subject which require
protection of personal data,
particular where the data subject is a child, in accordance with the GDPR, or
GDPR and the DPA 2018,
- if required in order to perform an agreement with the Data Subject or carry out
initiated by the Data Subject in accordance with the GDPR, or the UK GDPR and
DPA 2018, as applicable;
- if we have obtained the Data Subject's express prior consent in accordance with
GDPR, or the UK
and the DPA 2018, as applicable.
2.2.2 Children’s Personal Data
Where we collect and process Personal Data from a child who is under 16 years of age
who has not reached the
age limits under the laws of a Member State, we will process that data
2.2.3 Withdrawal of Consent
- Where our Processing of Personal Data is based on consent, the Data Subject is
entitled to withdraw his
consent to the collection and Processing of the Personal Data at any time
having to provide reasons.
- We will not collect and Process Personal Data that is based on consent after
withdrawal, but this
withdrawal will not affect the lawfulness of processing based on the consent
2.2.4 Change of Purpose of Use
- We will process the Data Subject's Personal Data for the above specified,
and will not further process the Personal Data in a way that is incompatible
- If we intend to process Personal Data originally collected for one purpose in
to attain other
or purposes, we will ensure that the Data Subject is informed of this.
2.2.5 Storage of Personal Data
We will retain Personal Data for the period necessary for us to fulfill the
processing purpose, unless
a longer retention period is required by applicable laws.
2.2.6 Sharing of Personal Data
- We may share Personal Data with our group entities and with specific
in accordance with the
GDPR, or the UK GDPR and the DPA 2018, as applicable.
- Where we share Personal Data with any entity outside the EEA and the UK, we will
frameworks in place, notably controller-to-controller (2004/915/EC) and
Standard Contract Clauses approved by the European Commission, in order to cover
2.2.7 Collaborative Partners
- Personal Data may be transferred to, stored, and further processed by
partners that work
to provide our products and services or help us market to Data Subjects. Such
processing is based on our
prevailing legitimate interests.
- Data Subjects may object to the Processing of their Personal Data for direct
marketing purposes without
to specify any reasons. Upon receipt of the objection, we will immediately
discontinue such Processing
2.2.8 Corporate Reorganizations
In the event of a merger, corporate reorganization, civil rehabilitation,
joint venture, assignment,
transfer, sale or disposition of all or any portion of our business (including in
connection with any bankruptcy
or similar proceedings), etc., we may transfer any and all Personal Data to the
third party based on
our prevailing legitimate interests.
2.2.9 Legal Compliance andSecurity
- It may be necessary for us – by law, legal process, litigation, and/or
requests from public and
governmental authorities within or outside the Data Subject's country of
– to disclose
Data. We may also disclose Personal Data if we determine that, for purposes of
national security, law
enforcement, or other issues of public importance, disclosure is necessary or
- We may also disclose Personal Data if we determine in good faith that disclosure
protect our rights and pursue available remedies, enforce our internal
investigate fraud, or
protect our operations or users.
2.2.10 Data Transfers outside EU /EEA and the UK
Disclosures or sharing of Personal Data as described above may involve transferring
Personal Data out of the EEA
and the UK. For each of these transfers we make sure that we provide safeguards of
adequate level of
protection to the data transferred, including without limitation by entering into
Standard Contract Clauses as
defined by the European Commission decisions 2001/497/EC, 2002/16/EC, 2004/915/EC
2010/87/EU, as necessary,
or by transferring Personal Data based on the rules of the GDPR, the UK GDPR and the
2.2.11 Security measures
We process Personal Data in a manner that ensures such data appropriate security
(including protection against
unauthorized or unlawful processing and against accidental loss, destruction damage,
etc.) using appropriate
technical or organizational measures to achieve this.
2.2.12 Data subject's rights
Data Subjects are entitled to the following rights with regard to our
of your Personal Data:
- The right to require free of charge (i) information whether your
Data is retained and (ii) to
your Personal Data under our control. However, if the request affects
rights and freedoms of others
manifestly unfounded or excessive, we reserve the right to charge a
reasonable fee (taking into account
administrative costs of providing the information or communication or
the action requested) or
act on the request;
- The right to request proper rectification, removal or restriction of
- Where processing is based on prevailing legitimate interests in
with the GDPR or the UK GDPR
DPA 2018, as applicable, the right to object on grounds relating to your
particular situation at any
you object we will no longer process your Personal Data unless there are
compelling and prevailing
grounds for the processing or the data is necessary for the
exercise or defence of legal
- Where processing of your Personal Data is either based on your consent
necessary for the performance
contract with you and processing is carried out by automated means, the
right to receive the Personal
concerning you in a structured, commonly used and machine-readable
to have your Personal Data
transmitted directly to another company, where technically feasible
- Where the processing of your Personal Data is based on your consent,
right to withdraw your consent
time without impact to data processing activities that have taken place
before such withdrawal or to any
existing legal justification of the processing activity in question; and
- The right not to be subject to any automatic individual decisions which
produces legal effects on you or
similarly significantly affects you
- If the Data Subject will exercise such rights, please contact us at the address
forth in 2.2.14
- If the Data Subject is not satisfied with the way in which we have proceeded
any request, or if the
Subject has any complaint regarding the way in which we process Personal Data,
Data Subject may lodge a
complaint with a Data Protection Supervisory Authority.
Policy will become
- If we make changes which we believe are significant, we will inform the Data
through the Website
the extent possible and seek for the Data Subject's consent where applicable.
- With respect to the Personal Data, you provided to us, we will appropriately
to your request for
disclosure, correction, suspension of use, or deletion of your personal
or opinions, inquiries,
complaints or consultations, in accordance with laws and regulations regarding
protection of personal
email as follows:
3. Processing of Personal Data on Our Website
This section highlights how we collect, process and use your Personal Data when you
using our Website.
3.1 Processed Personal Data
We collect and use your Personal Data when you are accessing and interacting with
Website. If you visit our
Website without providing Personal Data via registration or in any other way, only
internet connection data
that your browser transmits to our server will be processed. This information
Personal Data only to a
limited extent. The processed data includes information on:
- Your IP address
- Your device (type, name, ID)
- Your browser (type/version)
- Your operating system (including language settings)
- Date and time of your request
- Content of your requests
- Your screen resolution
- Your Internet service provider
- Websites from which your system accesses our website (referrer URL)
- Web pages that are called up by your system via our website.
We process this information in order to enable you to use our website (e.g. by
our website to the needs
of your device) as well as to generate comprehensive demographic data to create
anonymous statistics on the use
of our website. This data is not merged with other data sources.
The legal basis for this data processing is Art. 6(1)(b) of the GDPR and the UK GDPR,
we need this data for
the provision of our Website, and Art. 6(1)(f) of the GDPR and the UK GDPR, as we
legitimate interest in
ensuring the stability and security of our Website.
3.2 Processing of Personal Data For Additional Services
We offer additional services on our website (e.g. contact forms, newsletter and
requests). When you use
these services, we ask you for further Personal Data such as your name or e-mail
address. Mandatory information
is always marked as such. Without this Personal Data, we may not be able to provide
with the requested
service or answer any queries you may have. In the following, we will inform you
the respective data
processing operations and legal bases.
- Contacting Us – We will store your Personal Data if you choose to contact
– e.g. via email
contact form. This is usually your name and email address as well as the
you have provide us
your message. We process these information solely for the purposes of answering
request and the
technical administration and do not forward the information to any third parties
without your consent. The
basis for this data processing is Art. 6(1)(b) of the GDPR and the UK GDPR, if
carried out performance of
contract or as pre-contractual measures, as well as Art. 6(1)(f) of the GDPR and
UK GDPR, as the
of these requests is in the interest of both parties.
- Newsletter – If you opt-in for our newsletter informing you about our
products and services,
will process the Personal Data provided by you (such as name, address or email
address) for the sending the
newsletter to you.
- Brochure Requests – If you make a request for a brochure of our products
and/or services, we will
process the Personal Data provided by you (such as name, address and email
for the purpose of
the brochure to you.
disk which can be
to your browser and deliver particular information about your use of our
They are useful for making
internet devices more effective and more user-optimized such as remembering your
choices when you revisit
Website. The use of such cookies which are required to ensure the functionality
our Website and to
safe user experience are used based on our prevailing legitimate interest.
- Cookies used for other purposes, such as analyzing visitor’s preferences and
activities on the Website,
used. In regard to visitors from the EEA and the UK, Cookies are used in such
only if Data Subjects
declared their consent to the Use of such Cookies.
- Certain cookies we use last only for the duration of your web session and expire
when you close your
and are called session cookies. These cookies are stored as session IDs whereby
different requests sent by
browser are assigned to the common session until you close the browser or
cancel the session.
cookies are used to remember you when you return to the Site/Application and
remain for longer. These
generally called persistent cookies which will remain on your device after
concluding the session. However,
persistent cookies are automatically deleted after a specified period of time.
can adjust the retention
period or manually delete cookies from your device via your browser settings at
time. Please be advised
if you disable cookies you may not be able to use our Website’s services to
3.3.1 Google Analytics
- Our Website uses Google Analytics. Google Analytics is a service from Google
Mountain View, CA 94043. USA; ‘Google’) employing cookies which are saved on
computer, allowing Google
analyze your use of the Site. The information generated by the cookie is
to a Google server
generally located in the USA and stored there. On our Website, IP anonymization
activated, so that the IP
address of Google users within member states of the European Union or other
contracting parties to the
on the European Economic Area is effectively anonymized before being
thus eliminating any
possibility of personally identifying the user in question.
- In exceptional cases only the full IP address is transferred to a Google server
the USA and
there. Google uses this information on our behalf in order to analyze the use of
Website, to compile
on the Website activities, and to provide other services relating to use of the
and Internet use for
Website operator. The IP address transferred from your browser through Google
Analytics is not merged with
data by Google for profiling purposes. Further information on Google’s use of
can be [https://support.google.com/analytics/answer/4597324?hl=en].
- You can prevent the collection and subsequent transfer of any data (including
anonymized IP address)
generated by the Google Analytics cookie relating to use of the Website by
well as the processing
this data altogether by Google by either downloading and installing the Browser
Plugin available here.
Alternatively, you can click here [https://tools.google.com/dlpage/gaoptout?hl=en].
3.3.2 Social-Media Plugins
We use social-media plugins from Facebook, Twitter and LinkedIn. The providers of
services can communicate
with you via the plugins and collect information about your visit to our website.
processing is based on
Art. 6(1)(f) of the GDPR and the UK GDPR. We have a legitimate interest in
your user experience and
optimizing our Services.
Facebook - Our Website uses social plugins operated by Facebook Inc, 1601 S.
California Ave, Palo Alto,
94304, USA ("Facebook").
The social-media plugins are being used to create user profiles in order to
information about you.
information may include, for example, content viewed, websites visited,
partners and technical information (device information, metadata). This may
include location data
have given your consent in the collection of such data. The collection of
is being carried out
devices. Additionally, if you use the social network facebook.com, the
data can be assigned to
Facebook user profile. We generally only receive access to aggregated
information about the interaction
ads and can use the aggregated data to provide our marketing campaigns to
relevant interest groups.
note that you can find further information about Facebook's privacy policies
[https://www.facebook.com/about/privacy]. You may object to your data being
captured by Facebook and used
above-mentioned way. You can change your user-based advertising settings
[https://de-de.facebook.com/ads/settings]. You can also prevent Facebook from
installing the respective
adjusting your browser settings.
- Twitter – We are using Twitter social-media plugins on our Website. These
social-media plugins are
operated by Twitter, Inc. 1355 Market St, Suite 900, San Francisco, CA 94103,
(“Twitter”). By using
and the Re-Tweet function, the website you visit will be linked to your Twitter
account and made public to
users. This includes the transfer of your personal data.
These processing operations are based on Art. 6(1)(f) of the GDPR and the UK
as we have a legitimate
interest in an attractive presentation and simplification of the use of our
online offers. Please find
information on the data processing under [http://twitter.com/privacy].
You can change your privacy settings on Twitter in the account settings under
- LinkedIn – We use social-media plugins on our Website operated by LinkedIn
Court, Mountain View, CA 94043, USA (“LinkedIn”).
The social-media plugin notifies LinkedIn of which specific page of our
is being visited. If you
the LinkedIn Recommend Button while you are logged in to your LinkedIn
you can post the
website via your LinkedIn profile. This enables LinkedIn to associate your
to our website with
The data processing is based on Art. 6(1)(f) of the GDPR and the UK GDPR as
have a legitimate interest
attractive presentation and simplification of the use of our online offers.
For further details about LinkedIn's data processing and your rights and
preferences, please refer to
4. Processing of Personal Data for the Provision of Our Products and/or
Services, Including Software
We are processing your Personal Data for the provision of our products and/or
services, including Software.
For users of our products and/or services, please
For administrators and/or installers, please visit the following URL for our privacy
Last updated on the 1st March, 2023