- Introduction
This iLOQ HOME – Mobile Application Privacy Policy (“Policy“) describes how users’ personal data are collected, used and otherwise processed when they use iLOQ HOME – Mobile Application (“Application“) provided by iLOQ Ltd (“iLOQ“, “we“, “us“).
The Application is intended for monitoring and managing the user’s (“user“, “you“) own keys connected to the iLOQ-locking system and for booking and using common spaces managed by corporate or institutional customer, such as a housing company, (“customer”) that deployed the iLOQ-locking system. The Application allows the user to unlock the exterior door lock of a residential building with a remote opening button, update key access features, order new keys, disable keys, receive notifications about the use of master keys in the user’s apartment, and reserve common spaces in customer-managed spaces once the customer has registered the user and his or her access rights to the iLOQ-locking service (the “iLOQ Service“). In addition, the Application allows the user to add sub-users to his or her keys (“sub-user“, “you“), invite the sub-user to the Application, and manage sub-user’s access rights and permissions in the Application.
This policy and the iLOQ HOME – Mobile End-User License Agreement apply to the use of the Application. If you do not agree to this policy, do not use the Application and remove it from your device.
- The Role of iLOQ
Customer acts as the principal controller for your personal data which is processed, in connection with the use of the iLOQ Service and the Application, for purposes defined by the customer, such as managing keys and access rights relating to customer’s premises. We act solely as a processor on behalf of the customer in order to carry out the purposes defined by the customer and to provide the iLOQ Service to the customer in accordance with the service agreement in force. The customer as a controller is responsible for determining and adopting lawful basis for the processing of personal data and for other controller obligations as set out in applicable law, such as the provision of transparent information to the user. We are not responsible for the personal data collected and processed by the customer or the way in which it is processed. We encourage you to familiarise yourself with the customer’s own privacy policy in order to have comprehensive overview of the processing of your personal data.
To a limited extend we are also acting in the role of a controller when we process your personal data for our own purposes relating to the provision of the Application to you. Such purposes include managing and protecting the Application, communicating and performing customer satisfaction surveys, as well as evaluating the use of the Application in order to develop the Application and iLOQ Services. Our role as a controller concerns only the provision of the Application to you.
- Collected Data
In connection with the use of the Application, iLOQ may process the following personal data as a controller:
- Identification data and contact information (e.g. name, telephone number and email)
- Mobile device identity data and traffic data (e.g. mobile device and operating system information, IP address, and the Application access log data)
- Communication data (e.g. any notifications you make to us or when responding to iLOQ’s customer satisfaction surveys)
Please note that we may also process, on behalf of the customer acting as controller, the following personal data relating to you (in accordance with the customer’s specifications):
- Access rights assigned for keys, user rights and permissions granted to the sub-user
- Lock event log data
- Subscription information relating to ordering new keys
- Information on booking the customer’s common spaces and rooms
Simply downloading the Application from the app store you use does not result in the collection and processing of your personal data by us. Your personal data will only be collected (as described in this Policy) when your device is registered for use by the customer. Please note, however, that app stores collect your personal data when you download apps from them. Such data collection is subject to the app stores’ own privacy policies and terms of use, which we encourage you to familiarize yourself with.
- Purpose and Lawful Basis for Processing Personal Data
Simply put, your personal data is processed so that you may use iLOQ Services through the Application. In addition, your personal data is processed because the operation of the Application or iLOQ Services requires the processing of personal data. As stated above, the customer acts as the primary controller with respect to the processing of personal data through the Application. The customer’s purposes and lawful basis are informed in the customer’s own privacy policy.
iLOQ processes your personal data as a controller for the purposes specified below.
Managing and protecting the Application
We may process your personal data in order to provide the Application to you, verify the operation and security of the Application, verify you before registering as a user of the Application, execute your requests in the Application as well as in order to prevent frauds or other abuses. The processing of personal data for this purpose is necessary for the performance of the iLOQ HOME – Mobile Application End-User License Agreement.
Performing customer communication and customer satisfaction surveys
We may process your personal data in order to communicate with you, for example when we contact you about customer satisfaction surveys. The processing of personal data for this purpose is necessary in order fulfil our legitimate interests in performing customer communication and customer satisfaction surveys.
Evaluating the use of the Application and developing the Application and iLOQ Services
We may also process your personal data in order to develop the Application and iLOQ Services. However, to achieve this purpose, we most often use anonymised, aggregated and statistical data, not data that could be directly linked to you. The processing of personal data for this purpose is necessary in order to fulfil our legitimate interests in evaluating and developing the Application and iLOQ Services.
- Recipients of Your Data
We may share your personal data with our subsidiaries and with third parties who process personal data on our behalf for the purpose of providing the Application or iLOQ Services, such as our data storage provider or other technical service providers.
We may also disclose or transfer your personal data if we choose to sell, purchase or reorganize our business or if disclosure is necessary to defend iLOQ’s legal interests, for example in connection with legal proceedings.
We store personal data within the EU and the European Economic Area (“EEA“). The data center facilities we use are located in the EU, but in exceptional circumstances, if we need technical support from our data storage provider, personal data may be accessed from countries outside the EEA. With respect to such situations, we have ensured that the level of protection provided for your personal data within the EEA does not decrease, as a result of access from non-EEA countries, by concluding European Commission Standard Contractual Clauses with data recipients as well as by implementing appropriate technical security measures, such as data encryption.
- Data Retention Period
iLOQ as a controller will only store your personal data for as long as it is necessary for the purposes mentioned above. After fulfilling the intended purpose, we will delete the personal data unless we need to store it for the exercise or defence of legal claims. For example, the data processed in order to perform customer communication and customer satisfaction surveys is stored only for the duration of the communication and thereafter until your response has been evaluated.
In addition, the customer as a controller determines the retention period of your personal data in relation to the customer’s own purposes. The retention periods specified by the customer are informed in the customer’s own privacy policy.
- Data Security of the Application
iLOQ has taken necessary steps to ensure that all personal data collected and processed through the Application remains confidential and secure. We always implement appropriate technical and organisational security measures to prevent and minimise the risks associated with the processing of personal data. Such security measures include the use of firewalls, access management systems (manual and electronic), staff training, secure server modes, and data encryption.
- Your Rights
You have some rights under applicable data protection legislation in relation to the processing of your personal data, such as the right to access the data collected about you and the right to rectify inaccurate data. Please note that you are only entitled to use rights in relation to your data and, for example, the user’s own rights do not extend to the data concerning the sub-users.
You have the right to:
- Get access to your personal data
- Correct inaccurate or outdated personal data
- Under certain conditions, you may have the right to have your data deleted (e.g. if we no longer need your personal data for our purposes or there is no basis for the processing of personal data)
- Under certain conditions, restrict the processing of your personal data (for example, when checking the accuracy of your data)
- Under certain conditions, you can have your personal data transferred to another controller or to yourself in machine-readable form (for example, if the processing is based on contract and you have provided the data to us yourself)
- Object to the processing carried out on the basis of our legitimate interest on the grounds relating to your particular personal situation.
In order to exercise your rights in relation to the processing of personal data by iLOQ as a controller, you can contact us at any time at the address specified in section 9 below.
If the processing of personal data in question is related to the customer’s activities as a controller, please contact the customer.
- Contact Information
If you have any questions about how we process your personal data, you can contact us at: fhccbeg@vYBD.pbz.
To the extent that the customer is the controller of your personal data, please contact the customer directly if you have any questions regarding the processing of your personal data.
If you are not satisfied with how we respond to a request related to the exercise of your rights, you can file a complaint with the national data protection authority in your country. You can find contact details for national data protection authorities here.
- Amendments to the Policy
This Policy may be amended from time to time. We make reasonable efforts to inform users of changes in advance through the Application. By continuing to use the Application or the iLOQ Services, after receiving the notification, you express your approval in relation to the changes made.