We appreciate your visit to our website https://syfit.de. This privacy policy informs users about the nature, scope and purposes of the processing of personal data within this website and the associated websites, mobile applications and external online presences, such as social media profiles.
Privacy policy
1. Responsible
SYFIT GmbH
Gmünder Straße 13
73430 Aalen/Germany
Phone: +49 7361 97387-00
E-Mail: kontakt@syfit.de
Website: https://syfit.de
You can reach our data protection officer at datenschutz@syfit.de
2. Processing of personal data
2.1 What is personal data?
Personal data means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person, Article 4 (1) GDPR.
2.2 Legal basis
SYFIT processes personal data in compliance with the relevant data protection regulations (in particular GDPR and BDSG) and on the basis of a legal permission.
SYFIT processes personal data only
- with the consent of the user pursuant to Art. 6 para. 1 p. 1 lit. a GDPR,
- for the performance of a contract or for the implementation of pre-contractual measures pursuant to Art. 6 para. 1 p. 1 lit. b GDPR,
- for the fulfilment of legal obligations pursuant to Art. 6 para. 1 p. 1 lit. c GDPR or
- for the protection of SYFIT’s legitimate interests pursuant to Art. 6 para. 1 p. 1 lit. f GDPR.
2.3 Passing on data
Insofar as SYFIT passes on personal data to other persons or companies in the course of processing, this shall be done in compliance with the statutory requirements and following the conclusion of corresponding contracts or agreements.
2.4 Data processing in third countries
Should a transfer of personal data to a so-called „third country“ (i.e. to a state outside the European Union or the European Economic Area) be absolutely necessary, this will only take place if there is a recognised level of data protection or on the basis of special guarantees, certifications or binding internal data protection regulations within the meaning of Art. 44 – 49 GDPR.
2.5 Storage period
Unless otherwise stated in this privacy policy, personal data will be deleted as soon as the purpose of the processing no longer applies or the consent on which the processing is based has been revoked. If legal retention obligations or limitation periods prevent deletion, the personal data concerned may only be processed for commercial or tax law purposes or for the purpose of asserting, exercising or defending legal claims.
2.6 Data subjects‘ rights
The user has the right to:
- a confirmation as to whether their own personal data are being processed and to information on these data as well as to further information and a copy of these data, Art. 15 GDPR.
- Completion of own personal data or correction of incorrect own personal data, Art. 16 GDPR
- Deletion of own personal data if there is a reason for deletion mentioned there, Art. 17 GDPR
- Restriction of the processing of one’s own personal data if a reason mentioned there exists, Art. 18 GDPR
- Transfer of own personal data to another controller, Art. 20 GDPR
- Complain to a supervisory authority if he or she considers that the processing of personal data concerning him or her infringes applicable law, Art. 77 GDPR
Competent supervisory authority:
The State Commissioner
for Data Protection and Freedom of Information Baden-Württemberg
Lautenschlagerstraße 20
70173 Stuttgart
Phone: 0711 / 61 55 41 – 0
E-mail: poststelle@lfdi.bwl.de
The user has the right to revoke given consent with effect for the future at any time, Art. 7 (3) GDPR.
The user has the right to object at any time to the future processing of data concerning him or her in accordance with Art. 21 GDPR. The objection can be made in particular against processing for the purpose of direct advertising.
3. Processing of personal data on this website
As a rule, users can use the website without providing any personal information. The exception to this is information that SYFIT automatically collects each time the website is accessed (so-called server log files). This includes:
- File name of the requested file
- End device used (mobile device or PC/laptop)
- Browser type / version
- Javascript activation
- Cookie activation
- referring URL
- IP address
- Access duration
- Number of pages viewed
- Click path
The legal basis for the processing of personal data in this context is Art. 6 (1) sentence 1 lit. f GDPR, as the possibility of technical administration and ensuring the security of the website is in the legitimate interest of SYFIT. The purposes of the processing are to enable the use of the website (connection establishment), system security, the technical administration of the network infrastructure and the optimisation of the website. The stored data is deleted after seven days unless there is a justified suspicion of unlawful use on the basis of concrete indications that make further examination necessary. SYFIT is not able to identify users as data subjects on the basis of the stored information.
For individual functionalities of the website, it may exceptionally be necessary to provide personal information. Further information on this can be found under „Individual functionalities“.
4. Cookies
The website uses cookies. Cookies are small files that are stored on the user’s terminal device (PC, smartphone or similar). If the use of cookies results in the processing of personal data, this is based on Art. 6 (1) sentence 1 lit. f GDPR. The processing serves the legitimate interest of SYFIT to make the website more user-friendly, effective and secure.
Users can influence the use of cookies. Most browsers have an option that restricts or completely prevents the storage of cookies. In addition, users can delete cookies at any time in the security settings of their browser. Further information on this can be found at the Federal Office for Information Security.
Necessary cookies
These cookies are mandatory for websites and their functions to work properly. Without these cookies, certain functionalities cannot be provided.
The data processed by necessary cookies are required for the aforementioned purposes to protect the legitimate interests of SYFIT pursuant to Art. 6 (1) p. 1 lit. f GDPR.
Non necessary cookies
These cookies make it possible, for example, to improve the comfort and performance of websites, to collect information about how users use websites or to track visits and individual activities on websites in order to serve targeted advertising and ads.
The processing of personal data by means of non-essential cookies for the purposes described in more detail in the cookie banner may only take place with the consent of the users in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR.
SYFIT currently uses the following cookies for the following purposes:
5. Individual functionalities
The functionalities used on the website are operated on the basis of the user’s consent pursuant to Art. 6 (1) sentence 1 lit. a GDPR or on the basis of SYFIT’s legitimate interest pursuant to Art. 6 (1) sentence 1 lit. f GDPR. SYFIT’s legitimate interest lies in ensuring the purposeful design and continuous optimisation of the website. The purpose of data processing and categories of personal data are described in the context of the respective functionality.
5.1 Google Tag Manager
The website uses the Google Tag Manager of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (hereinafter referred to as „Google“). With the Google Tag Manager, it is possible to manage website tags via an interface. The Google Tag Manager itself is a cookie-less domain and does not collect any personal data. It triggers other tags, which in turn may collect personal data. The Google Tag Manager itself does not access this data. If a deactivation has been made at domain or cookie level, this remains in place for all tracking tags implemented with Google Tag Manager. Google’s privacy policy is available at https://policies.google.com/privacy.
5.2 Google Analytics
The website uses Google Analytics, a service for reach analysis provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (hereinafter referred to as „Google“). Google Analytics uses cookies that enable an analysis of the use of the website by the user. Among other things, personal data (IP address) is transmitted to Google servers outside the EU and stored there. In order to ensure the protection of users‘ personal data, SYFIT has activated the so-called „IP anonymization“ for the website. As a result, the IP addresses of users within the EU are only processed by Google in abbreviated form – i.e. anonymously. Only in exceptional cases the complete IP address transmitted to Google servers outside the EU and will be shortened there. The transmitted IP address will not be merged with other Google data.
On behalf of SYFIT, Google uses the collected data to evaluate the activities of the users of the website, to compile reports on website activity and to provide other services related to website activity and internet usage to SYFIT.
Users can prevent the collection and use of their data by Google by downloading and installing the following browser plug-in: http://tools.google.com/dlpage/gaoptout?hl=en.
Google’s privacy policy is available at https://policies.google.com/privacy.
5.3 Google Maps
The website uses the Google Maps service of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (hereinafter referred to as „Google“). This allows interactive maps to be displayed directly on the website and enables the user to conveniently use the map function.
In this context, it is necessary to store the user’s IP address. The information obtained in this way is usually transferred to a Google server outside the EU and stored there. This takes place regardless of whether the user is logged into their Google account or not. Google stores the user data as usage profiles and uses them for the purposes of advertising, market research and/or the needs-based design of the website.
If the user is logged in to their Google account, the data is assigned to the account. An allocation can be prevented by the user logging out of his Google account beforehand.
Google’s privacy policy is available at https://policies.google.com/privacy.
5.4 Google WebFonts
The website uses Google WebFonts from Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (hereinafter referred to as „Google“). Google WebFonts are transferred to the browser’s cache when the website is called up so that they can be used for display. If the browser does not support Google WebFonts or prevents access, the text is displayed in a standard font. Data transmitted in connection with calling up the website are sent to resource-specific domains such as fonts.googleapis.com or fonts.gstatic.com. They are not associated with data that may be collected or used in connection with the parallel use of authenticated Google services such as Gmail.
Users can set their browser so that the fonts are not loaded from Google servers (e.g. by installing NoScript or Ghostery für Firefox.)
Google’s privacy policy is available at https://policies.google.com/privacy.
5.5 Facebook Fanpage
SYFIT operates its own Facebook fan page at https://www.facebook.com/SYFITGmbH. Facebook is a social media network of Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Irland (hereinafter referred to as „Meta“).
SYFIT’s own processing of personal data on the Facebook Fanpage is based on Art. 6 (1) lit. f GDPR, as it is in SYFIT’s legitimate interest to offer customers, interested parties and users up-to-date information and interaction options.
When calling up the Facebook fan page, the general terms and conditions as well as the data policy of Meta for Facebook products apply, over which SYFIT has no influence. In particular, data may also be processed by Facebook outside the European Union. The Meta data policy for Facebook products is available at https://de-de.facebook.com/policy.php.
When visiting the Facebook fan page, statistical information about the use of the Facebook fan page is created with the help of cookies. If the user is logged into his or her Facebook account when calling up the Facebook fan page, the statistics are collected across all devices. Further information is available at https://de-de.facebook.com/help/pages/insights. SYFIT has no influence on the generation and presentation of these so-called „page insights“. The data provided by Meta includes: Total number of page views, „Like“ votes, page activity, post interactions, reach, video views, post reach, comments, shared content, responses, proportion of men and women, country and city origin, language, shop views and clicks, route planner clicks, phone number clicks. Further information is available at https://www.facebook.com/legal/terms/page_controller_addendum.
SYFIT is aware that Meta processes data at least for the purposes of advertising, the creation of user profiles and market research.
If users do not wish the data processing described, the connection between the user’s Facebook account and the Facebook fan page can be disconnected via the function „I no longer like this page“ or „Do not subscribe to this page“.
Objections (so-called opt-outs) to Facebook can be set at https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Fads%2Fpreferences%2F%3Fentry_product%3D.
Meta’s data protection officer responsible for Facebook products can be reached at https://www.facebook.com/help/contact/540977946302970.
5.6 Instagram
On Instagram, SYFIT operates its own page at https://www.instagram.com/syfit_gmbh. The page and its technical functionality is provided by Meta Platforms Limited, 4 Grand Canal Square, Dublin 2, Ireland.
SYFIT’s own processing of personal data on the Instagram page is based on Art. 6 (1) lit. f GDPR, as it is in SYFIT’s legitimate interest to offer customers, interested parties and users up-to-date information and interaction options.
When calling up the Instagram page, the terms and conditions and data processing policies of Meta for Instagram products, apply, over which SYFIT has no influence. Data may also be processed outside the European Union. The privacy policy of Meta for Instagram products is available https://help.instagram.com/519522125107875.
When visiting the Instagram page, Meta collects, among other things, the IP address and other information of the users (e.g. through the use of cookies). This also applies if users do not have an Instagram account or are not logged in to Instagram. If the user is logged into his Instagram account when calling up the Instagram page, Meta is able to track whether and how users use this website. This data can be used to offer content or advertising tailored to the user.
If users do not want the data processing described above, they should log out of Instagram or deactivate the „stay logged in“ function, delete the cookies on their device and close and restart their browser.
Meta’s Privacy Officer responsible for Instagram products can be reached at https://www.facebook.com/help/contact/540977946302970.
5.7 YouTube
The website uses YouTube, an internet video portal of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (hereinafter referred to as „Google“). YouTube allows video publishers to post video clips free of charge and other users to view, rate and comment on these video clips free of charge. Further information on YouTube is available at www.youtube.com/yt/about/de. Each time a website is accessed on which a YouTube video has been integrated, the user’s browser is automatically prompted to download a representation of the corresponding YouTube video from YouTube. As part of this technical process, YouTube and Google receive information about which specific website is visited by the user.
If the user is logged into YouTube at the same time, YouTube recognises which specific website the user is visiting when a website containing a YouTube video is called up. This occurs regardless of whether the user clicks on a YouTube video or not. This information is collected by YouTube and Google and assigned to the user’s YouTube account. If the user does not want this information to be transmitted to YouTube and Google, the transmission can be prevented by logging out of YouTube before accessing the website.
Google’s privacy policy is available at https://policies.google.com/privacy.
5.8 XING
SYFIT operates its own page on Xing at https://www.xing.com/companies/syfitgmbh. The site and its technical functionality is provided by XING SE, Dammtorstraße 30, 20354 Hamburg, Germany (hereinafter referred to as „Xing“).
SYFIT’s own processing of personal data on the Xing page is carried out on the basis of SYFIT’s legitimate interests pursuant to Art. 6 (1) lit. f GDPR, in order to provide information about our offer there and to contact customers, interested parties and users who are active there.
When calling up the Xing page, the terms and conditions and data processing guidelines of Xing apply, over which SYFIT has no influence. Data may also be processed outside the European Union. The privacy policy of Xing is available at https://privacy.xing.com/de/datenschutzerklaerung.
When visiting our Xing site, Xing collects personal data of the users (e.g. through the use of cookies). This also applies if you do not have a Xing account or are not logged in to Xing. Information about the data collection and further processing by Xing can be found at https://privacy.xing.com/de/datenschutzerklaerung.
If the user is logged into his or her Xing account when calling up the Xing page, Xing is able to track whether and how users use this website. Based on this data, Xing can assign the user’s behaviour to a specific Xing account. For SYFIT, only the user’s public profile on Xing is visible. The information that can be viewed depends on the selected profile settings.
If users do not want the data processing described, they should log out of Xing or deactivate the „stay logged in“ function, delete the cookies on their device and close and restart their browser.
5.9 XING
Auf Xing betreibt SYFIT unter https://www.xing.com/companies/syfitgmbh eine eigene Seite. Die Seite und ihre technische Funktionalität wird bereitgestellt durch die XING SE, Dammtorstraße 30, 20354 Hamburg, Deutschland (nachfolgend bezeichnet als „Xing“).
Die eigene Verarbeitung personenbezogener Daten auf der Xing-Seite geschieht aufgrund der berechtigten Interessen von SYFIT nach Art. 6 Abs. 1 lit. f DSGVO, um dort über unser Angebot zu informieren und mit den dort aktiven Kunden, Interessenten und Nutzern in Kontakt zu treten.
Bei Aufruf der Xing-Seite gelten die Geschäftsbedingungen und Datenverarbeitungsrichtlinien von Xing, auf die SYFIT keinen Einfluss hat. Dabei können Daten auch außerhalb der Europäischen Union verarbeitet werden. Die Datenschutzerklärung von Xing ist abrufbar unter https://privacy.xing.com/de/datenschutzerklaerung.
Bei einem Besuch auf unserer Xing-Seite werden von Xing personenbezogene Daten der Nutzer erhoben (z. B. über den Einsatz von Cookies). Dies gilt auch dann, wenn Sie kein Xing-Konto haben oder nicht bei Xing eingeloggt sind. Informationen über die Datenerhebung und weitere Verarbeitung durch Xing sind abrufbar unter https://privacy.xing.com/de/datenschutzerklaerung.
Ist der Nutzer bei Aufruf der Xing-Seite selbst in seinem Xing-Account eingeloggt, ist Xing in der Lage, nachzuvollziehen, ob und wie Nutzer diese Website verwenden. Anhand dieser Daten kann Xing das Verhalten des Nutzers einem bestimmten Xing-Account zugeordnet werden. Für SYFIT ist nur das öffentliche Profil der Nutzer bei Xing einsehbar. Welche Informationen einsehbar sind, ist abhängig von den gewählten Profileinstellungen.
Wenn Nutzer die geschilderten Datenverarbeitungen nicht wünschen, so sollten Sie sich bei Xing abmelden beziehungsweise die Funktion „angemeldet bleiben” deaktivieren, die auf Ihrem Gerät vorhandenen Cookies löschen und Ihren Browser beenden und neu starten.
5.10 Twitter
SYFIT operates its own short message service on Twitter at https://twitter.com/SYFIT_GmbH. The site and its technical functionality is provided by Twitter, Inc.,1355 Market Street, Suite 900, San Francisco, CA 94103, USA (hereinafter referred to as „Twitter“).
The processing of personal data on Twitter by SYFIT GmbH is based on Art. 6 (1) lit. f GDPR, as it is in the legitimate interest of SYFIT GmbH to offer customers, interested parties and users up-to-date information and interaction options.
When calling up Twitter, the general terms and conditions as well as the privacy policy of Twitter apply, over which SYFIT has no influence. Twitter’s privacy policy is available at https://twitter.com/de/privacy.
SYFIT points out to users that they use the short message service offered and its functions at their own responsibility. This applies in particular to the use of the interactive functions (e.g. sharing, rating).
The data collected when using the service is processed by Twitter and may be transferred to countries outside the European Union. This includes the IP address, the application used, details of the end device used (including device ID and application ID), information on websites accessed, location and mobile phone provider. This data is assigned to the data of the Twitter account or the Twitter profile of the user. SYFIT has no influence on the type and scope of the data processed by Twitter, the type of processing and use or the transfer of this data to third parties. Information on which data is processed by Twitter and for which purposes can be found at https://twitter.com/privacy and at https://help.twitter.com/de/managing-your-account/accessing-your-twitter-data.
SYFIT does not collect and process any data from the use of the short message service beyond this.
Users have options to restrict the processing of their data in the general settings of their Twitter account and under the item „Data protection and security“. In addition, users can restrict Twitter’s access to contact and calendar data, photos, location data, etc. on mobile devices (smartphones, tablet computers) in the settings options there. However, this depends on the operating system used. Further information on this can be found at: https://support.twitter.com/articles/105576#.
5.11 Telephone conferences, online meetings, video conferences and/or webinars
For conference calls, online meetings, video conferences and/or webinars, SYFIT uses „Microsoft Teams“, a service provided by Microsoft Ireland, South County Business Park, One Microsoft Place, Carmanhall and Leopardstown, Dublin, D18 P521, Ireland (hereinafter referred to as „Microsoft“).
The processing of personal data takes place on the basis of SYFIT’s legitimate interest pursuant to Art. 6 (1) lit. f GDPR in the effective implementation of telephone conferences, online meetings, video conferences and/or webinars. Insofar as personal data is processed by employees of the controller, Section 26 BDSG is the legal basis for the data processing.
Telephone conferences, online meetings, video conferences and/or webinars can be participated in via the respective app as well as via the respective browser-based version. We would like to point out that the use of the browser-based versions is generally more data protection-friendly than the use of the app-based versions. The scope of the personal data processed depends on the information you provide before or when participating in a telephone conference, an online meeting, a video conference and/or webinars.
The following personal data may be processed:
User details:
Display name, email address (optional), profile picture (optional), preferred language
Meeting metadata:
Title, date, time, location, meeting details if applicable, meeting ID, device/hardware information.
Text, audio and video data:
Users may have the option of using the chat function during telephone conferences, online meetings, video conferences and/or webinars. In this respect, the text entries made by the user are processed in order to display and, if necessary, log them. In order to enable the display of video and the playback of audio, the data from the microphone of the terminal device and from any video camera of the terminal device are processed accordingly for the duration of the meeting. Users can turn off or mute the camera or microphone themselves at any time.
Microsoft Teams is part of Microsoft Office 365. If users have a Microsoft Office 365 account and are logged into it, personal data may be stored by Microsoft in the context of telephone conferences, online meetings, video conferences and/or webinars. The extent and duration of the storage depends on the respective settings in the user account, over which SYFIT has no influence.
There is no recording of telephone conferences, online meetings, video conferences and/or webinars. Chat contents are not logged.
An appropriate level of data protection is guaranteed on the one hand by the conclusion of the so-called EU standard contractual clauses. As supplementary protective measures, we have configured the respective applications as strictly as possible from a data protection point of view. SYFIT points out that Microsoft Teams is part of Microsoft Office 365.
Further information on data protection and data security is available at:
https://privacy.microsoft.com/de-de/privacystatement
https://docs.microsoft.com/de-de/microsoftteams/teams-privacy
5.12 TeamViewer
For support and remote maintenance purposes, SYFIT uses „TeamViewer“, a service of TeamViewer Germany GmbH (hereinafter referred to as „TeamViewer“).
The processing of personal data is carried out on the basis of SYFIT’s legitimate interest in accordance with Art. 6 (1) lit. f GDPR in the effective performance of customer support and remote maintenance work. Insofar as personal data is processed by employees of the controller, Section 26 BDSG is the legal basis for the data processing.
When using TeamViewer, a connection to the TeamViewer servers is established. In addition to the IP address, the location and MAC address of the user as well as the beginning and end of the TeamViewer session are transmitted to TeamViewer. In the course of customer support and remote maintenance work, it is generally possible for SYFIT to take note of the content accessed by the user on his computer. It is therefore recommended to close all programs and windows that are not required for customer support or remote maintenance before using TeamViewer.
Further information on data protection at TeamViewer can be found at: https://www.teamviewer.com/de/privacy-policy
5.13 Contact
When contacting SYFIT (for example by e-mail or by contact form), the information of the requesting user is processed insofar as this is necessary to answer the contact request and any measures requested.
The legal basis for the processing of personal data in this context is Art. 6 (1) lit. f GDPR, as it is in SYFIT’s legitimate interest to respond to enquiries.
The data provided by the enquiring user in the course of contacting us will only be passed on with the user’s consent within the meaning of Art. 6 Para. 1 lit. a GDPR.
6. Further data processing
6.1 SYFIT’s own apps
All data collected, processed and stored in SYFIT’s own apps will only reach SYFIT and will not be passed on to third parties.
All SYFIT’s own apps are available via distribution platforms operated by third parties, so-called app stores (Google Play and Apple iTunes). Their download may require prior registration with the respective app store and installation of the app store software. SYFIT has no influence on the collection, processing and use of personal data in connection with the registration and the provision of downloads in the respective app store and the app store software. In this respect, the operator of the respective app store is solely responsible in terms of data protection. Further information can be obtained directly from the respective app store provider if required.
6.1.1 AYE-OT-BOX
After installation, the AYE-OT-BOX app requires the following login data: „Username“ and „Password“. These credentials are required for the app to function.
In order to be able to use the AYE-OT-BOX app comprehensively, some system authorisations are required. You will be asked to grant the corresponding access authorisation either once at the beginning or only when using the respective function.
Location
Location access is required because the AYE-OT-BOX app registers and displays inventory based on its individual beacons.
Bluetooth
Bluetooth access is required because inventory is recognised by its individual beacons via Bluetooth and transferred to the app together with the location of the inventory item and displayed on the map.
Camera
Camera access is required so that inventory can be recorded in the AYE-OT-BOX app via QR code without an individual beacon. Furthermore, photos can also be taken of inventory items. If already saved photos are to be used, access to the photo memory is also required.
Users can check which permissions have already been granted and revoke them at any time in the „Settings“ section of the AYE-OT-BOX app. However, in order for the AYE-OT-BOX app to function properly, it is necessary to grant access to certain smartphone functions.
All data processed in the AYE-OT-BOX app is stored by SYFIT until it is deleted by the user. No data is stored in the AYE-OT-BOX app itself.
6.1.2 AYE-D TOOLS / Tools management
In order to be able to use the AYE-D-TOOLS app comprehensively, system authorisations are required. You will be asked to grant the corresponding access authorisation either once at the beginning or only when using the respective function.
Camera
Camera access is required to manually assign inventory or employees to an organisational unit via QR code. When returning inventory, it is assigned to the workshop or warehouse in the same way.
Users can revoke the authorisation for camera access in the system settings of their smartphone at any time. However, for the AYE-D-TOOLS app to function properly, it is necessary that camera access is granted.
All data processed in the AYE-D-TOOLS app is stored by SYFIT until it is deleted by the user. No data is stored in the AYE-D-TOOLS app itself.
6.1.3 AYE-D-NET / Equipment inspection
After installation, the AYE-D-NET app requires the following login data: „Username“ and „Password“. These credentials are required for the app to function.
In order to be able to use the AYE-D-TOOLS app comprehensively, system authorisations are required. You will be asked to grant the corresponding access authorisation either once at the beginning or only when using the respective function.
Camera
Camera access is required so that inventory can be recorded via QR code in the AYE-D-NET app. Furthermore, photos can also be taken of inventory items. If already saved photos are to be used, access to the photo memory is also required.
Users can revoke the authorisation for camera access in the system settings of their smartphone at any time. However, for the AYE-D-NET app to function properly, it is necessary that camera access is granted.
All data processed in the AYE-D-NET app is stored by SYFIT until it is deleted by the user. No data is stored in the AYE-D-NET app itself.
6.1.4 AYE-DRIVE / Drivers license check
With the help of the AYE-DRIVE-APP, NFC/RFID chips attached to driving licences can be read and thus proof of a valid driving licence can be provided. The ID recorded during the scanning process is fed back into the central SYFIT system and linked to an individual driving licence.
Separate system authorisations are not required for this.
All data processed in the AYE-DRIVE app is stored at SYFIT until it is deleted by the user. The validity period of driving licence checks is 6 months. Shortly before the expiry of this period, an automated email is sent to the ID linked to the driving licence with a reminder to renew the proof of a valid driving licence. No data is stored in the AYE-DRIVE app itself.
6.1.2 Syfit Mobile Hub
After installation, the Syfit Mobile Hub app requires the following login data: „Username“ and „Password“. These credentials are required for the app to function.
In order to be able to use the Syfit Mobile Hub app comprehensively, some system authorisations are required. For example, you will be asked once at the beginning or only when using the respective function to grant the corresponding access authorisation.
Location
Location access is required because the Syfit Mobile Hub app registers and displays inventory based on its individual beacons.
Bluetooth
Bluetooth access is required as inventory is recognised by its individual beacons via Bluetooth and transferred to the app along with the location of the inventory item.
Users can revoke granted access authorisation in the system settings of their smartphone at any time. However, in order for the Syfit Mobile Hub app to function properly, it is necessary to grant access to certain smartphone functions.
All data processed in the Syfit Mobile Hub app is stored by SYFIT until it is deleted by the user. No data is stored in the Syfit Mobile Hub app itself.
6.2 Contractual relationships
The processing of personal master, contract and payment data is necessary for the establishment and/or implementation of contractual relationships with customers. The legal basis for the processing is Art. 6 para. 1 p. 1 lit. b GDPR.
SYFIT processes customer and prospective customer data for evaluation and marketing purposes. The legal basis for the processing is Art. 6 para. 1 p. 1 lit. f GDPR. The processing serves the legitimate interest of SYFIT to further develop the range of services and to provide targeted information about this.
Further processing of personal data is only carried out on the basis of consent in the sense of Art. 6 Para. 1 Sentence 1 lit. a GDPR or in the context of the fulfilment of legal obligations in the sense of Art. 6 Para. 1 Sentence 1 lit. c GDPR.
6.3 Employment relationships
The website offers applicants the opportunity to apply to SYFIT by e-mail or by post. In the process, personal data related to the specific application is processed, e.g. general personal data, information on school, professional and further education as well as other information that applicants submit.
SYFIT processes personal data for the purpose of carrying out the application procedure as well as the processing of the employment relationship, if such a relationship is established, on the basis of Art. 88 GDPR in conjunction with. § 26 para. 1, para. 8 p. 2 BDSG. Furthermore, personal data may be processed if this is necessary for the fulfilment of legal obligations (Art. 6 para. 1 lit. c GDPR) or for the defence of asserted legal claims against SYFIT. The legal basis for this is Art. 6 para. 1 lit. f GDPR. The legitimate interest is, for example, a duty of proof in proceedings under the General Equal Treatment Act (AGG).
Personal data will be stored for the aforementioned purposes for as long as is necessary for the fulfilment of these purposes. For the purpose of defending asserted legal claims from the application process against SYFIT, personal data will be stored for a maximum of 6 months and then deleted.
If no employment relationship is currently being considered, it is possible to have the application included in an applicant pool. In the event of inclusion, all documents and details from the application will be transferred to the applicant pool in order to contact applicants in the event of suitable vacancies. Inclusion in the applicant pool only takes place on the basis of consent within the meaning of Art. 6 para. 1 sentence 1 lit. a GDPR. The provision of consent is voluntary and is not related to the current application process. The data subject may revoke his/her consent at any time. In this case, the data will be deleted from the applicant pool, provided there are no legal reasons for retention. The data from the applicant pool will be stored for a maximum of 2 years and then deleted.
The provision of personal data in the context of application procedures is neither legally nor contractually required. Applicants are therefore not obliged to provide information. However, the provision of personal data is necessary for the decision on an application or the conclusion of a contract in relation to an employment relationship. Insofar as applicants do not provide personal data, SYFIT cannot make a decision on the establishment of an employment relationship. It is recommended that only personal data that is required in this context is provided as part of the application.
7. Processing safety
The website uses the SSL (Secure Socket Layer) procedure in conjunction with the highest encryption level supported by the browser used. Whether an individual web page of the website is transmitted in encrypted form can be recognised in the address bar of the browser by the prefix https:// and/or the closed padlock symbol.
SYFIT uses technical and organisational security measures in order to protect the personal data it manages against accidental or intentional manipulation, loss, destruction or against access by unauthorised persons. The security measures are continuously improved in line with technological developments.
8. Validity and up-to-dateness of the privacy policy
The privacy policy is currently valid and dated 27.12.2021.
Due to ongoing legal and technical developments, SYFIT reserves the right to update this privacy policy at any time.
Sponsoring & Verbände
Zertifizierungen
Auszeichnungen
