Last Updated: 28-09-2023
What Data Do We Collect?
We may collect the following types of personal data when you use our app:
- Account Information: If you register for an account, we may collect your name, email address, and other contact information.
- Device Information: We may collect information about the device you use to access our app, including the type of device, operating system, and unique device IDs.
- Usage Data: We collect information about how you use our app, such as the features you use, the pages you visit, and the actions you take.
- Location Data: If you have given permission, we may collect location information via GPS or other technologies to provide certain app features.
How Do We Use Your Data?
We use the collected data for the following purposes:
- Providing the App: We use your data to deliver the app and its associated services, including personalizing your experience.
- Customer Service: We may use your data to respond to your inquiries and requests.
- App Improvement: We analyze data to improve our app and develop new features.
- Marketing: We may send you marketing communications if you have provided consent. You can opt out of such communications at any time.
How Do We Protect Your Data?
We take the security of your data seriously and implement reasonable measures to protect it from unauthorized access, disclosure, alteration, or destruction. This includes the use of encryption technologies to secure your data.
Sharing Your Personal Data
We share personal information with the following parties:
- Delivery Companies: To deliver products you have ordered from us.
- Service Providers and Advisors: Such as companies supporting our IT infrastructure, helping us analyze the data we process, processing payments, sending messages to our customers, providing legal or financial advice, and generally assisting us in delivering our services to you.
- External Partners: In some cases, you may have purchased a Scoptvision product through an installer, energy provider, or other external partner who may have bundled these products with their own applications or service offerings. Such functionalities may require your personal data or part of it. By registering the Scoptvision account, we may share your personal data with these third parties.
- Legal Responsibility: Your personal data may be shared with third parties if reasonably necessary or appropriate to comply with the law, respond to legal requests from authorities, address any claims, or protect the rights, property, or safety of us, our users, our employees, or the public, including, without limitation, protecting ourselves or our users from fraudulent, abusive, inappropriate, or unlawful use of the Service.
- Business Transfer: As we develop our business, we may buy or sell businesses or assets. In the event of a corporate sale, merger, reorganization, dissolution, or similar event, personal data may be part of the transferred assets.
We disclose personal information solely for the purposes described above. We may provide anonymized statistical information and analyses about users of our products and services, where such information is not traceable back to your identity.
How Scopt Complies with GDPR Requirements
Privacy-focused archiving forms the basis for GDPR compliance. Many GDPR requirements are easier to implement based on central data management with retention management.
- Data Classification: Our data processing involves detailed data classification, aiding data minimization and limiting storage in line with GDPR requirements. We process only data necessary for specific purposes.
- Data Deletion: We implement retention management to ensure that personal data is not stored longer than necessary. Our systems can automatically erase data when the retention period expires.
- Data Transparency: We ensure transparency in our data processing and archiving by maintaining an audit trail/history, documenting all events of processes in the backend.
- Data Archiving with Retention Management: Our data storage and archiving are designed to comply with GDPR requirements. We use retention management (timestamps & locks) to apply a fixed storage period to each file, aiding storage limitation and data minimization.
Your Rights Under GDPR
According to GDPR, you have certain rights regarding your personal data:
- Right to Request a Copy (Article 15): You can request a copy of your personal data at any time. Each chart or table can be downloaded individually or requested per query.
- Right to Erasure (Article 17): We comply with the right to erasure by granting deletion requests and adhering to legal retention obligations.
- Continuous Monitoring of Technical & Organizational Measures (Article 24(1)): We ensure continuous monitoring of the implemented technical and organizational measures to meet GDPR requirements.
- Data Protection by Technology Design and Default Settings (Article 25): Our systems are designed to implement data protection principles, including data minimization, storage limitation, and retention management.
- Recording of Processing Activities (Article 30): We record processing activities and monitor log data, including an audit trail/history.
- Security of Processing (Article 32): We ensure security of processing through encryption, server authentication, and other appropriate technical measures.
- Data Breach (Articles 33 & 34): In the event of a data breach, we report it to the supervisory authority and the data subjects without undue delay, and document facts related to data breaches.