Personal Data Protection

Compliance with GDPR regulation of European Union

 

Lawful Purpose

For the correct functionality of applications, certain data fulfilling the definition of “personal data” given by paragraph 4.1 of GDPR needs to be processed. This data is stored and processed solely for the purpose of enabling the features of applications. By purchase and use of the app, you are entering a contract and personal data is lawfully processed in accordance to paragraph 6.1.b of GDPR.

Identity of Personal Data Controller

The controller of the personal data processed by the app as defined in Article 4.7 of GDPR is: Citovox, CITOVOX AG Banhofstrasse32 6300 Zug Switzerland, citovox.ch. To write us, please use support@citovox.ch.

Location

The Personal Data is stored on servers within the European Union and the United States of America. In case the servers are located in the USA, they are always hosted at centers which participate in EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce and the European Commission.

Time Period

The Personal Data is necessary for the correct operation of the Service. They will be processed as long as the service is in use. In case you decide to stop using the Service and uninstall the app, all Personal Data will be removed from our servers within a period of 7 days, with the exception of data we are required to hold for compliance with a legal obligation which requires processing by Union or Member State law, as specified in GDPR Article 17.3.

Right to be forgotten, rectification of Personal Data

You have the right to request erasure of your Personal Data by GDPR Article 17 and 18). To do so, uninstall the apps and the data will be removed automatically as specified in the “Time Period” paragraph. The service depends on the Personal Data being processed and can not work correctly without it. The Personal Data originates from the input given by the user; rectification can be done by editing the data within the app at any time.

Processed Data

SIP Account Credentials for Push Notifications

SIP Account Credentials are required for Push Notifications to work. They are securely transferred to Push Server and used to register the account and forward any incoming calls and messages to the device via Push Notifications. Note that this information is not collected if you decide not to use Push Notifications for incoming calls (configurable within the app).

SIP traffic for Push Notifications

In case Push Notifications are in use and the account is registered on the Push Server, this server will also process all SIP traffic related to calls and messaging. It will not process any RTP traffic though (voice or video); this traffic never reaches Push Server.

IP Addresses

When using features which require server components, like Push Notifications or any web services, the IP address and browser information may be logged by the servers. The logs are automatically rotated and the information in them is only processed when troubleshooting specific issues, or when required by law.

Troubleshooting Data

In case you contact our support and require assistance in troubleshooting some problem with the apps, the support person may enable (or ask you to enable) logging of additional information on the server and/or client side, which may contain Personal Data. This information will only be used for resolving the reported issues and the logging will be disabled again as soon as the troubleshooting ends.

Data Portability

You have the right to request a copy of your Personal Data in a portable format.

Complaints

You have the right to lodge a complaint with a supervisory authority.

©Copyright 2003 -2020 Citovox AG