Responsible for the processing of data on this website: neosfer GmbH
Eschersheimer Landstraße 6
60322 Frankfurt am Main
You can reach our Data Protection Officer at neosfer GmbH
Data Protection Officer
Eschersheimer Landstraße 6
60322 Frankfurt am Main
As a basic principle, no data is processed by the Responsible Entity when the app is used. All data is stored only on your end device and the Responsible Entity has no access to this data.
However, the app is associated with a digital mail box service (“Mediation Agent”), which is operated by the Responsible Entity. The installation ID of the User is saved and processed for the User of this mail box. This is the only way that incoming messages can be assigned to the appropriate User.Incoming messages of participants to the User are then encrypted and sent to the mail box service and forwarded by the mail box service to the User's app. The Recipient of the message transmits a dedicated code to the Sender which he had previously received from the mail box service. The code is linked to the installation ID with the mail box service.
Assignment to an individual person by Main Incubator GmbH is not possible. Once the messages are successfully delivered to the app, the messages are deleted from the mail box service. If the app of the user cannot be reached, the messages are stored on the mail box service until they can be delivered to the app. Because the messages are encrypted and are decrypted only on the User’s end device, the Responsible Entity has no access to the content of the messages.
To enhance the user experience, in the event of errors or application crashes, the app generates automated crash reports which contain the cause of the crash in addition to an error report and additional data such as the date and time of the crash, the model number of the used device, the installed operating system version, the set language and User’s country.
The app uses Microsoft’s App Center services to process this data. The Responsible Entity and the Microsoft App Center are not able to identify the User from this data.The app uses Microsoft App Center Analytics, which collects anonymized data that is based on the app usage, which make possible a statistical analysis of the following features: The number of users in certain periods of time, distribution of the models on which the app was installed, daily use of the application per user, country of installation, the User’s preselected language and the version of the app that was used. This data is also not associated with the individual users.
The installation ID is processed for contractual purposes (Sect. 6 Para. 1 specified in b) GDPR). This is automatically made available by the Responsible Entity through the end device. The Responsible Entity cannot assign or deliver incoming messages to the individual users without processing the installation ID. The purpose of the contract (exchange of identity information) could not be achieved.Error analysis and other analyses are carried out in the legitimate interests of the Responsible Entity (Sect. 6 Para. 1 specified in f) General Data Protection Regulation - GDPR). These analyses serve to ensure the functionality and/or improvement of the app.There is no automated decision making.
With regard to the transfer of data to third parties (recipients apart from the Responsible Entity), it should be stated at the outset that fundamentally the transfer of data does not take place and is not planned. However, transfer of data may take place in individual cases where we are legally obligated to do so or the User has provided consent. This may be the case in the following cases:
Transfers are not made to third countries.
We process and store your personal data as long it is required for the fulfilment of our contractual obligations and protection of our rights.The Installation ID is deleted when the app is uninstalled from the User's device.
As an affected person, the User retains the following rights related to the processing of his or her personal data:
- Right of access (Article 15 GDPR)
- Right to rectification (Article 16 GDPR)
- Right to erasure (“right to be forgotten”) (Article 17 GDPR)
- Right to restriction of processing (Article 18 GDPR)
- Right to data portability (Article 20 GDPR)
- Right to object (Article 21 GDPR)
- Right to withdraw consent (Article 7 Para. 3 GDPR)
- Right to lodge a complaint with a supervisory authority (Article 77 GDPR)
To exercise these rights, the User may contact us via the contact information provided under No. 1.
7.1 Right to information
The Right to Information means, in particular, that the User retains the right to request confirmation from the Responsible Entity as to whether the User’s personal data is being processed. If this is the case, the User also retains the Right to Information about such personal data and the information listed in Article 15 Para. 1 GDPR.
7.2. Right to rectification
The Right to Rectification means, in particular, that the User retains the right to request from the Responsible Entity without undue delay the rectification of inaccurate personal data related to the User and the right to have incomplete data completed.
7.3. Right to erasure ("right to be forgotten").
The Right to Erasure means, in particular, that the User fundamentally retains the right to request from the Responsible Entity that personal data related to the User be deleted without undue delay, and we are obligated to delete personal data without undue delay, provided that one of the reasons listed in Article 17 Para. 1 GDPR applies. This can be the case if, for example, the personal data is no longer needed for the purposes for which it was collected or for which it was processed (Art. 17 Para. 1 specified in a) GDPR).
In the event that we have made personal data public and we are obligated to delete it, we are additionally obligated to take appropriate measures, taking into account available technology and the cost of implementation, including the technical nature, to inform other data processing responsible entities which process the personal data that an affected party has requested that they delete all links to this personal data or copies or replications of said personal data.
As an exception, the Right to Erasure (“right to be forgotten”) shall not apply provided that said processing is necessary for reasons listed in Article 17 Para. 3 GDPR. This may be the case, for example, when the data processing is required to satisfy a legal obligation or to assert, exercise or defend legal claims (Art. 17 Para. 3 specified in a) and e) GDPR).
7.4. Right to restriction of processing
The Right to Restriction of Processing means that the User retains the right to request from the Responsible Entity that processing of data be restricted when one of the conditions listed in Article 18 Para. 1 GDPR is satisfied. This can be the case if, for example, the User has disputed the accuracy of the personal data. In this case, processing is restricted for the amount of the time that the Responsible Entity requires in order to check the accuracy of the personal data.
7.5. Right to data portability
Right to Data Portability means that the User retains the fundamental right to obtain his or her personal data, which he has provided the Responsible Entity, in a structured, commonly used and machine-readable format, and the User retains the right to transmit this data to a different responsible entity without restriction, provided that processing is based on consent or a contract, and that the processing is carried out in an automated manner.
In addition, when exercising the right to data portability, the User retains the fundamental right to obtain personal data so that it is transferred directly from us to a different responsible entity, provided that this is technically feasible.
7.6. Right of objection
We expressly advise the User of his or her Right to Object no later than at the time of the first communication. The Right to Object applies in the following cases:
7.6.1 Right to object on grounds relating to the particular situation of the data subject.
The User retains the right to object at any time to the processing of his or her data that is carried out in his or her or public interest on grounds relating to his or her particular situation; this also applies to profiling that is based on these provisions.In the event of an objection on grounds relating to an exceptional situation, we will no longer process the affected personal data unless we are able to demonstrate compelling legitimate grounds for said processing that override the interests, rights and freedoms of the User, or the processing serves to assert, exercise or defend legal claims.
7.6.2. Right to object to direct marketing
If the personal data is processed for direct marketing purposes, you retain the right to file an objection to the processing of your personal data for the purposes of such marketing; this applies as well to profiling, to the extent that it is connected to such direct marketing.In the event of an objection to processing for direct marketing purposes, we will no longer process the affected personal data for these purposes.
7.7. Right to withdraw consent
Where processing is based on consent, the User retains the right to withdraw such consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on the consent that was provided prior to the withdrawal. The User shall be informed of the right to withdraw consent prior to giving consent.
7.8. Right to complain to a supervisory authority
The User retains the right to lodge a complaint with a supervisory authority. The relevant supervisory authority for us is:
Der Hessische Datenschutzbeauftragte [The Data Protection Officer of the Hessian State Chancellery]
Telephone: 0611 14080
Fax: 0611 1408 - 900
This data protection information was updated in February 2020.Due to technical advancements, changes to the app functionality and/or due to changing legal and/or official requirements, it may become necessary to update this data protection information. The current data protection information is available at any time in the app.