Privacy Policy of the GFOS Corporate Group

Responsible Authority

Responsible

GFOS mbH
Am Lichtbogen 9, 45141 Essen
+49 . 201 • 613000
info[at]gfos.com

You can reach our external data protection officer at the above-mentioned address by adding the words "Privacy Policy" or via email at: datenschutz[at]gfos.com

Which sources and data do we use at all?

We process personal data that we receive as part of the use of our website, e.g. by customers, applicants or interested parties.

Why do we process your data (purpose of processing) and on what legal basis?

We process personal data in accordance with the provisions of the EU General Data Protection Regulation (GDPR) and the Federal Data Protection Act (i.e. the German ‘Bundesdatenschutzgesetz’).

a) for the fulfillment of contractual obligations (Article 6, paragraph 1b GDPR)

The processing of data may take place in the context of the execution of contracts with you as our customer or for the implementation of pre-contractual measures.

b) in the context of the balancing of interests (Article 6, paragraph 1f GDPR)

If necessary, we can process your data beyond the actual fulfillment of the contract for the protection of legitimate interests of us or third parties. Examples:

• Review and optimization of requirements analysis procedures for direct customer approach,
• Advertising or market- and opinion research as far as you have not objected to the use of your data,
• Asserting legal claims and defense in legal disputes,
• Ensuring the IT security and IT operations of the company,
• Measures for business control and further development of services and products,

c) on the basis of your consent (Article 6, paragraph 1a GDPR)

Insofar as you have given us consent to the processing of personal data for specific purposes (for example, for marketing purposes, newsletter delivery), the legality of this processing is based on your consent.

d) due to legal requirements (Article 6, paragraph 1c GDPR) or due to public interest (Article 6, paragraph 1e GDPR)

In addition, we are subject to various legal obligations, i.e. legal requirements (for example tax laws). The purposes of the processing include the fulfillment of tax control- and reporting obligations as well as other matters.

e) in the context of the establishment of an employment relationship Article 88 GDPR in combination with §26, paragraph 1 of the German Federal Data Protection Act.

If you apply for a job at GFOS, we may also process your personal data.
 

Provision of the website and creation of log files

Each time our website is accessed, our system automatically collects data and information from the computer system sending the request. The following data is collected here:

• information about the browser type and version used
• the operating system of the user
• the internet service provider of the user
• the IP address of the user
• date and time of access
• websites from which the user's system if referred to our website
• websites that are accessed from the user's system through our website

The data is also stored in the log files of our system. A storage of this data together with other personal data of the user does not take place.

The legal basis for the temporary storage of data under log files is Article 6, paragraph 1f GDPR.

The temporary storage of the IP address by the system is necessary to allow delivery of the website to the computer of the user. To do this, the user's IP address must be kept for the duration of the session. Storage in log files is done to ensure the functionality of the website. In addition, the data is used to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context. These purposes constitute our legitimate interest in data processing Article 6, paragraph 1f (GDPR).

The data will be deleted as soon as it is no longer necessary to achieve the purpose of its collection. In the case of collecting the data for providing the website, this is the case when the respective session is completed.

In the case of storing the data in log files, this is the case after no more than seven days. An additional storage is possible. In this case, the IP addresses of the users are deleted or alienated, so that an assignment of the calling client is no longer possible.

The collection of data for the provision of the website and the storage of the data in log files is essential for the operation of the website. There is consequently no contradiction on the part of the user.
 

Cookies

When visiting our website, we occasionally use cookies. Among other things, they serve to make our offer user-friendly, effective and secure.

The following data are stored and transmitted in the cookies: (for example)

• Login information
• Visitor information (e.g. cookie indications or contact information)
• In the context of the use of technically necessary cookies, we process your personal data in accordance with Article 6, paragraph 1f GDPR.

The use of technically necessary cookies is for the purpose of making the use of our website easier for you. Some features of our website cannot be offered without the use of cookies. For this, it is necessary that the browser is recognized even after a page break. We need your cookies for the following applications: (for example)

• Customer Login
• Visitor information

The user data collected through technically necessary cookies will not be used to create user profiles.

Cookies are stored on your computer and transmitted by it to our site. Therefore, as a user you have full control over the use of cookies. By changing the settings in your internet browser, you can disable or restrict the transmission of cookies. Already saved cookies can be deleted at any time. This can also be done automatically. If cookies are disabled for our website, it may not be possible to use all of the functions of the website to the whole extent.

When you visit our website, you will be informed by an info banner about the use of cookies for analysis purposes and referred to this privacy policy. In this context, there is also an indication of how the storage of cookies in the browser settings can be prevented.
 

CookieFirst

In order to obtain your valid consent to use and store cookies in the browser you use to access our website and to properly document this, we use a consent management platform: CookieFirst. This technology is provided by Digital Data Solutions BV, Plantage Middenlaan 42a, 1018 DH, Amsterdam, The Netherlands. Website: https://cookiefirst.com referred to as CookieFirst.

When you access our website, a connection is established with CookieFirst's server to allow us to obtain valid consent from you to use certain cookies. CookieFirst then stores a cookie in your browser to enable only those cookies to which you have consented and to properly document this. The processed data will be stored until the specified storage period expires or you request the deletion of the data. Deviating from this, certain legal retention periods may apply.

CookieFirst serves to obtain the legally required consent to the use of cookies. The legal basis for this is Article 6(1)(c) of the General Data Protection Regulation (DSGVO).

Server log files

Our website and CookieFirst automatically collect and store information in so-called server log files, which your browser automatically transmits to us. The following data is collected:

• Your consent status or revocation of consent.
• Your anonymized IP address
• Information about your browser
• Information about your device
• the date and time of your visit to our website
• The URL of the website where you saved or updated your consent form
• The approximate location of the user who saved their consent preferences
• A universally unique identifier (UUID) of the website visitor who clicked on the banner cookie
   

Use of web fonts

On these web pages external fonts (Google fonts) are used. Google Fonts is a service of Google Inc. ("Google"). The integration of these web fonts is done by a server call, usually a Google server in the USA. The information of which of our websites you have visited will be transmitted to the server. Also, the IP address of the browser on the user’s device used to visit this website is stored by Google.

For more information, see the Google Privacy Policy, which you can access here:

www.google.com/fonts#AboutPlace:about
www.google.com/policies/privacy/

Newsletter

On our website, you can subscribe to a free Newsletter. During the registration for the newsletter, the data from the input mask are transmitted to us.

We ask for the following data for this purpose:

• Salutation, last name, first name
• E-mail address
• Optional: company, department, function

In addition, the following data will be collected upon registration:

• IP address of the requesting computer
• Date and time of registration

In connection with the processing of data for the sending of newsletters, the data is not passed on to third parties - with the exception of the newsletter service provider mailingwork GmbH Chemnitz / Hubspot. The portal provided by Mailingwork / Hubspot is used by GFOS for sending newsletter mailings. The collected data will be sent to Mailingwork / Hubspot immediately before the newsletter is sent and will be deleted after dispatch within 24 hours. The data will be used exclusively for sending the newsletter.

Insofar as you have registered for the newsletter and thus have given your consent regarding the processing of your data, Article 6, paragraph 1a GDPR serves as legal basis for this.

The collection of your e-mail address is necessary to deliver the newsletter. The collection of other personal data as part of the registration process is intended to prevent misuse of the services or the e-mail address used.

The data will be deleted as soon as it is no longer necessary for the purpose of its collection. Your e-mail address will therefore be saved as long as the subscription to the newsletter is active. Other personal data collected during the registration process will normally be deleted after a period of 7 days.

Subscription to the newsletter may be terminated by you at any time. For this purpose, there is a corresponding link in each newsletter.

This also allows the revocation of the consent of the storage of the personal data collected during the registration process.

Contact form & e-mail contact

We use the HubSpot service to provide the following online forms. For this we forward your data to HubSpot, which process the data exclusively on our behalf. See privacy policy for "HubSpot".

On our website you will find a contact form, which can be used for electronic contact. If you choose to contact us via this form, the data entered in the input mask will be transmitted to us and saved. These data are:

• Name & e-mail address
• Optional: company, telephone

At the time of registration, the following data is also stored:

• The IP address of the user
• Date and time of registration

For the processing of your data, your consent is obtained during the process of sending in the form and reference is made to this privacy policy.

Alternatively, contact via the provided e-mail address is possible. In this case, the personal data transmitted with your e-mail will be stored. There is no disclosure of data to third parties in this context. The data is used exclusively for processing the conversation.

Legal basis for the processing of the data in the case of your consent is Article 6, paragraph 1a GDPR.

The legal basis for the processing of the data transmitted in the course of sending an e-mail is formed by Article 6, paragraph 1f GDPR. If the e-mail contact aims to conclude a contract, then additional legal basis for the processing is formed by Article 6, paragraph 1b GDPR.

The processing of the personal data on the input mask serves only to process the contact. In the case of contact via e-mail, this also includes the required legitimate interest in the processing of the data. The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.

The data will be deleted if they are no longer necessary for the purpose of their collection. For the personal data processed in the input form of the contact form and for those sent by e-mail, this is the case when the respective conversation with you as a user has ended. This is the case when it can be inferred from the circumstances that the facts are finally clarified. The additional personal data collected during the sending process will be deleted at the latest after a period of 7 days.

You have the option to revoke your consent to the processing of personal data at any time. If you contact us by e-mail, you may object to the storage of your personal data at any time. In this case, the conversation cannot continue.

All personal data stored in the course of contacting will be deleted in this case.
 

Application Management

Would you like to apply for a job at GFOS? We are looking forward to receiving your application via e-mail.

As part of the application management, we process the personal data you provide us for the purpose of initiating an employment relationship based on Article 88 GDPR in combination with §26, paragraph 1 of the German Federal Data Protection Act. Alternatively, collective agreements according to Article 88 GDPR in combination with §26, paragraph 4 of the German Federal Data Protection Act and consent (for example, when taking photos) according to Article 88 GDPR in combination with §26, paragraph 2 of the German Federal Data Protection Act can be adduced. 

In some cases, we process your data to obtain legitimate interests, e.g. in the case of intra-corporate data exchange for administrative purposes (Article 6, paragraph 1f of the GDPR in combination with recital 48).

Insofar as special categories of personal data (for example, severe disability) are processed, this is done on the basis of Article 88 GDPR in combination with §26, paragraph 3 of the German Federal Data Protection Act. In addition, the processing of health data for the assessment of your ability to work according to Article 9, paragraph 2h in combination with §22, paragraph 1b of the German Federal Data Protection Act can be required.

We process and store your personal data as long as it is necessary for the fulfillment of the purposes of data processing or of juridical, contractual or legal obligations. Thereafter, the data is deleted or its processing restricted. In the event that there is no employment relationship after the application process has been completed, we will delete your data no later than 6 months after the application process has been completed. If we want to save your application for more than 6 months in a so-called "applicant pool", we would for your consent at the end of the 6 months.

Of course, you are also free to withdraw your application at any time. In this case your data would also be deleted if they are no longer necessary for the purpose of their collection. Submitting an e-mail to us with appropriate content is sufficient. The revocation of any given consent is also possible at any time.

Google Tag Manager

We use the Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google Tag Manager is a tool that allows us to integrate tracking or statistical tools and other technologies on our website. Google Tag Manager itself does not create user profiles, does not store cookies and does not perform any independent analyses. It only serves to manage and play out the tools integrated via it. However, Google Tag Manager records your IP address, which may also be transmitted to Google's parent company in the United States.

The use of Google Tag Manager is based on Art. 6 (1) lit. f DSGVO. The website operator has a legitimate interest in a quick and uncomplicated integration and management of various tools on his website. If a corresponding consent has been requested, the processing is based exclusively on Art. 6 para. 1 lit. a DSGVO; the consent can be revoked at any time.

Google Remarketing

This website uses the functions of Google Analytics Remarketing. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Remarketing analyzes your user behavior on our website (e.g. clicking on certain products) in order to classify you in certain advertising target groups and subsequently play suitable advertising messages to you when you visit other online offers (remarketing or retargeting).

Furthermore, the advertising target groups created with Google Remarketing can be linked with Google's cross-device functions. In this way, interest-based, personalized advertising messages that have been adapted to you depending on your previous usage and surfing behavior on one end device (e.g. cell phone) can also be displayed on another of your end devices (e.g. tablet or PC).

If you have a Google account, you can object to personalized advertising at the following link: https://myadcenter.google.com/. The use of Google Remarketing is based on Art. 6 para. 1 lit. f DSGVO. The website operator has a legitimate interest in marketing its products as effectively as possible. Insofar as a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a DSGVO; the consent can be revoked at any time.

Further information and the data protection provisions can be found in Google's privacy policy at: https://policies.google.com/technologies/ads.

Target group formation with customer matching
For target group formation, we use, among other things, the customer matching of Google Remarketing. In this process, we transfer certain customer data (e.g. e-mail addresses) from our customer lists to Google. If the customers in question are Google users and logged into their Google account, they are shown suitable advertising messages within the Google network (e.g. on YouTube, Gmail or in the search engine).

Google Analytics

This website uses functions of the web analytics service Google Analytics. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics enables the website operator to analyze the behavior of website visitors. In doing so, the website operator receives various usage data, such as page views, length of stay, operating systems used and the origin of the user. This data may be summarized by Google in a profile that is assigned to the respective user or their end device.

Google Analytics uses technologies that enable the recognition of the user for the purpose of analyzing user behavior (e.g. cookies or device fingerprinting). The information collected by Google about the use of this website is usually transferred to a Google server in the USA and stored there.

The use of this analysis tool is based on Art. 6 para. 1 lit. f DSGVO. The website operator has a legitimate interest in analyzing user behavior in order to optimize both its website and its advertising. If a corresponding consent has been requested (e.g. consent to store cookies), the processing is based exclusively on Art. 6 para. 1 lit. a DSGVO; the consent can be revoked at any time.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://privacy.google.com/businesses/controllerterms/mccs/.

IP anonymization

We have activated the IP anonymization function on this website. This means that your IP address will be truncated by Google within member states of the European Union or in other states party to the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with any other data held by Google.

Browser Plugin
You can prevent the collection and processing of your data by Google by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout.
More information on how Google Analytics handles user data can be found in Google's privacy policy: https://policies.google.com/privacy

Order processing
We have concluded an order processing agreement with Google and fully implement the strict requirements of the German data protection authorities when using Google Analytics.

Demographic characteristics with Google Analytics
This website uses the "demographic characteristics" function of Google Analytics to display suitable advertisements to website visitors within the Google advertising network. This allows reports to be generated that include statements about the age, gender, and interests of site visitors. This data comes from interest-based advertising from Google as well as from visitor data from third-party providers. This data cannot be assigned to a specific person. You can deactivate this function at any time via the ad settings in your Google account or generally prohibit the collection of your data by Google Analytics as shown in the item "Objection to data collection".

Storage period
Data stored by Google at user and event level that is linked to cookies, user identifiers (e.g. User ID) or advertising IDs (e.g. DoubleClick cookies, Android advertising ID) is anonymized or deleted after 50 months. For details, please see the following link: https://support.google.com/analytics/answer/7667196

Facebook-, Custom Audiences and Facebook marketing services

Due to our legitimate interests in the analysis, optimization and economic operation of our online offer and for these purposes, the so-called "Facebook pixel" of the social network Facebook, by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025 USA, or, if you are based in the EU, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland, is used.

Facebook was certified under the Privacy Shield Agreement and thus offered a guarantee of compliance with European data protection law. Now that the ECJ has invalidated the Privacy Shield Framework, it can no longer be relied upon as a guarantee of compliance. 

With the help of the Facebook pixel, it is on the one hand possible for Facebook to determine the visitors to our online offer as a target group for the presentation of advertisements (so-called "Facebook ads"). Accordingly, we use the Facebook pixel to display the Facebook ads we have been sent only to those Facebook users who have also shown an interest in our online offer or certain features (e.g. interests in certain topics or products that were visited by them), which we transmit to Facebook (so-called "Custom Audiences"). With the help of the Facebook pixel, we also want to make sure that our Facebook ads are in line with the potential interest of users and are not annoying. With the help of the Facebook pixel, we can also understand the effectiveness of the Facebook ads for statistical and market research purposes, in which we see whether users were redirected to our website after clicking on a Facebook ad (so-called "conversion").

The Facebook pixel is integrated directly through Facebook when viewing our website and can save a so-called cookie on your device. If you subsequently log on to Facebook or visit Facebook in the logged-in state, the visit to our online offer will be noted in your profile. The data collected about you are anonymous to us. This means that we cannot draw any conclusions about the identity of the users. However, the data is stored and processed by Facebook, so that a connection to the respective user profile is possible and can be used by Facebook as well as for its own market research and advertising purposes. If we should send data to Facebook for comparison purposes, they will be encrypted locally in the browser and then sent to Facebook via a secure https connection. This is done solely with the purpose of establishing a comparison with the equally encrypted by Facebook data.

The processing of the data by Facebook is part of Facebook's data usage policy. Special information and details about the Facebook pixel and how it works can be found in the help section of Facebook.

You may object to the capture by the Facebook Pixel and use of your data to display Facebook Ads. To set which types of ads you see within Facebook, you can go to the page settings by Facebook and follow the instructions for user-based advertising settings. The settings are platform independent (desktop or mobile).

LinkedIn Conversion Tracking

Based on our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offer within the meaning of Article 6, paragraph 1f GDPR) we use the analysis and conversion tracking technology of the LinkedIn platform (LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA). LinkedIn's technology can help you see more relevant, interest-based advertising. We also receive aggregated and anonymous ad activity reports from LinkedIn and information about how you interact with our online offers.

See LinkedIn's privacy policy at https://www.linkedin.com/legal/privacy-policy for more information about data collection and use as well as ways to protect your privacy. If you are logged in to LinkedIn, you can disable it at any time by visiting the following link: https://www.linkedin.com/psettings/enhanced-advertising.

Rights of the data subject

Each data subject has the right to information according to Article 15 GDPR, the right to a correction according to Article 16 GDPR, the right to cancellation according to Article 17 GDPR, the right to restriction of processing according to Article 18 GDPR, the right to object according to Article 21 GDPR and the right to data portability according to Article 20 GDPR. With regard to the right to information and the right to deletion, the restrictions under §§ 34 and 35 of the German Federal Data Protection Act apply. In addition, there is a right of appeal to a competent data protection supervisory authority (Article 77 GDPR, in combination with § 19 of the German Federal Data Protection Act).

You may revoke your consent to the processing of personal data at any time. This also applies to the revocation of declarations of consent that were issued to us before the validity of the GDPR, i.e. before May 25, 2018. Please note that the revocation only works for the future. Processing that occurred before the revocation is not affected.
 

Do I have to provide my personal data?

As part of our business relationship, you must provide those personal data necessary to enter into a business relationship and to perform its contractual obligations, or those that are required to collect by us per law. Without this data, we will usually have to refuse the conclusion of a contract or the execution of a might have to end an existing contract as we are no longer able to fulfill it.

Is there an automated decision-making?

No. Currently, we do not use fully automated decision-making according to Article 22 GDPR in order to establish and conduct business relations. A "profiling" act does not take place.

Information about your right of objection according to Article 21 GDPR

Case-specific right of objection

You have the right to object to the processing of your personal data at any time and for reasons related to your particular situation, according to Article 6, paragraph 1e GDPR (data processing in the public interest) and Article 6, paragraph 1f GDPR (data processing on the basis of a balance of interests); this also applies to a profiling based on this provision within the meaning of Article 4, No. 4 GDPR.

If you object, we will no longer process your personal information unless we can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or if the processing is for the purpose of enforcing, pursuing or defending legal claims.

Right to object to the processing of data for direct marketing purposes

In individual cases, we process your personal data in order to operate direct mailings. You have the right to object at any time to the processing of your personal data with regard to such advertising; this also applies to profiling insofar as it is associated with such direct mailings. If you object to the processing for direct marketing purposes, we will no longer process your personal data for these purposes.

Recipient of the objection

The objection can be form-free with the subject "objection" stating your name, your address and should be addressed to:

GFOS mbH
Am Lichtbogen 9
+49 . 201 • 61 30 00
info[at]gfos.com
 

Links to other websites

Our website may contain links to third-party websites. The contents of the linked websites are checked before linking and then at irregular intervals for illegal content. If necessary, the links are removed. GFOS therefore is not responsible for the privacy practices or the content of websites outside the GFOS group of companies.

The gfos.App is available to gfos.Mobile users using the release gfos 4.8. The respective licensee is responsible for the workforce management software gfos.Workforce. If the licensee uses the gfos.KnownCloud to provide gfos.Workforce, GFOS is the order processor for the respective licensee. In such a case, GFOS processes the data exclusively on behalf of the respective data controller and not for its own purposes. The data processing is thus carried out in the interest of the responsible party (Art. 6 para. 1 lit. f EU-GDPR). The communication between the gfos.KnownCloud and your smartphone is encrypted. 

When installing the gfos.App on your smartphone, your mail address and password or the general login "client, plant, personnel number and password" is required, depending on the configuration. The data in the gfos.App may vary depending on the functionality of gfos.Workforce, but it corresponds to the data in gfos.Workforce. Thus, transaction data such as: absences, requests, balances and time data (time arrives/leaves) can be processed in gfos.App. Depending on the release, project time recording data and various extensions for the calendar function can also be processed. The gfos.App additionally creates a database on your smartphone for offline capability.

The subjects of push notifications are sent from the licensee's gfos.Workforce system to your smartphone via our GFOS servers. GFOS uses Firebase Cloud Messaging and Apple Push Notifications (APN) for this purpose. The subject does not contain any personal data by default, but is editable by the licensee. The message text of the push notification ("Your application has been approved ..." etc.) is downloaded directly from the licensee's gfos.Workforce system to your smartphone.

The licensee can activate the geo-coordinates for location determination during time booking, but this must be explicitly activated by the licensee during the configuration of gfos.Mobile and is subject to the regulations of your respective company agreement. The geo-coordinates are only processed during a time booking. The use of the geo-coordinates as well as the settings "Send crash report" and "Send performance metrics", you can confirm or reject during the installation of the gfos.App. The settings for the crash reports and performance metrics can also be edited later in the gfos.App settings under the menu item Privacy. We use Google's Firebase services for this purpose. Location tracking can be disabled and also re-enabled in the smartphone settings at any time.

Die in der Datenbank auf Ihrem Smartphone gespeicherten Daten können aktiv durch das Deinstallieren der gfos.App gelöscht werden. Die übrigen Löschfristen richten sich nach dem Löschkonzept des Lizenznehmers für das Workforce Management System, gfos.Workforce.

The data stored in the database on your smartphone can be actively deleted by uninstalling the gfos.App. The other deletion periods are based on the licensee's deletion concept for the workforce management system, gfos.Workforce.

Firebase Crashlytics

In order to improve the stability and reliability of our apps, we rely on anonymized crash reports. For this purpose, we use "Firebase Crashlytics", a service of Google Ireland Ltd, Google Building Gordon House, Barrow Street, Dublin 4, Ireland.

In case of a crash, anonymous information is transferred to Google's servers in the USA (state of the app at the time of the crash, installation UUID, crash trace, manufacturer and operating system of the cell phone, last log messages). This information does not contain any personal data.

Crash reports are only sent with your explicit consent. 

The legal basis for the data transfer is Art. 6 para. 1 lit. a EU-GDPR.

You can revoke your consent at any time by editing in the settings under the menu item Privacy.

For more information on data protection, please refer to the privacy policy of Firebase Crashlytics at https://firebase.google.com/support/privacy.

Firebase Cloud Messaging & Apple Push Notifications

We use the services Firebase Cloud Messaging from Google (Android) and Apple Push Notifications (iOS) for push notifications. In the process, Firebase and Apple generate a calculated key, which is composed of the identifier of the app and its device identifier. This pseudonymized push reference is stored on our push platform by with your chosen settings. The Firebase or Apple servers cannot draw any conclusions about the requests of users or determine any other data related to a person. Firebase or Apple serve solely as intermediaries, but there may still be a third party transmission. The push messages can be deactivated in the settings of the end device at any time, but can also be reactivated.