In the following, the scope and purpose of the collection as well as the use of personal data by Senic are described and the rights to which the user / you are entitled to according to data protection law are stated.
Definitions of the terms used (e.g. "personal data" or "processing") can be found in Art. 4 GDPR.
Senic takes your data protection very seriously and treats your personal data confidentially and in accordance with the statutory provisions. Accordingly, your personal information will not be sold and will only be shared with third parties with your permission. Senic only processes as much personal data as the operation of the Senic Hub and the associated app actually requires. Since new technologies and the constant development of this app may result in changes to this privacy statement, we recommend that you read the privacy statement again at regular intervals. Senic will also notify you of any changes.
The data controller within the meaning of the General Data Protection Regulation and other national data protection laws of the Member States as well as other provisions of data protection law is the Data Protection Supervisor:
The contact details of the Data Protection Officer of the data controller:
When you download the app, certain required information is sent to the App Store you select (e.g., Google Play or Apple App Store). This may require registration with the selected App Store. In this context, the username, e-mail address, customer number of your account, time of download, payment information as well as the individual device code number can be processed. The processing of these data takes place exclusively through the respective App Store and is beyond our sphere of influence. The operator of the selected App Store is solely responsible for this.
To be able to use all functions of the Senic App, some system permissions are required. These permissions are requested once when the app is first being used or only when using the respective functions.
Access to location
The app and the Senic Hub need access to the site. Only the approximate location (country) based on the network address is processed. This is necessary in order to be able to distribute updates for the hub in a targeted manner.
Access to Phone Status and Identity
The app requires access to Phone Status to ensure that the user can accept a call when a call arrives. This serves the operating comfort of the user.
Accessing SD Memory
The app needs access to handle data like PDFs. The app does not have access to passwords, contacts or mails.
Access to Bluetooth
The app requires a Bluetooth connection to devices to find and pair them. This is necessary to find and configure the Senic Hub via the app.
Access to WLAN connections and network connections
The app requires a connection to the Internet. For this purpose, a connection is established via WLAN or via the mobile network.
1. Scope of processing
Senic processes your personal data found in your registration input and installation of the Senic App, particularly within the framework of the provision of contractual services. The extent of the collection, processing and use of the data depends on the services you have used. These are the following
Senic processes your personal data, which enable the provision of the Senic App and the services offered - the control of Senic Smart Home Devices. In addition, personal data is processed to identify bugs and other errors and to ensure the constant improvement of the product.
3. Legal basis
Senic may collect and process your personal data for the fulfilment of contractual obligations pursuant to Art. 6 Para. 1 lit. b GDPR in order to fulfil legal obligations. Among other things, this includes the provision of the app for controlling Senic Smart Home Devices.
4. Duration of storage
Senic processes your personal data for as long as it is necessary for the fulfilment of contractual and legal obligations.
The data stored locally on the device is completely removed from the end device when the Senic App is uninstalled.
5. Right to objection and deletion
To assert your rights, you can update the data in your user account or delete the account.
Alternatively, please contact us with an email at firstname.lastname@example.org
The app is installed locally on the user's mobile device, but the data is transferred to servers administered by Senic GmbH. The servers on which the processing is based are located in the computer centres of Interxion in Frankfurt. The server location is ISO 27001 certified. The server racks in the data center were rented by Digital Ocean LLC, New York. Digital Ocean operates a cloud platform for virtual servers there, which we use as a platform for operating our virtual servers. A contract processing agreement was concluded with DigitalOcean. In addition, DigitalOcean is subject to the EU-US Privacy Shield Agreement.
The servers automatically collect and store information in so-called server log files, which are automatically transmitted through the use of the app. The stored information is:
This data will not be merged with other data sources. This data is collected in accordance with Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in the technically error-free presentation and optimization of the app - for this purpose, the server log files must be recorded. These log files are processed using the Sentry application and stored on the above cloud platform of Digital Ocean LLC. For example, it stores how many Sonos devices are controlled in the Senic Hub, how warm the Senic Hub is, and how often the Senic Hub is used.
If your personal data is being processed, you are the data subject within the meaning of the GDPR and you are entitled to the following rights vis-à-vis the person responsible:
1. Right to information
You may ask Senic, as the data controller, to confirm whether personal data concerning you will be processed by Senic.
In the event of such processing, you may request for the following information from the data controller:
You have the right to request information as to whether your personal data will be transferred to a third country or to an international organisation. In this context, you may request to be informed of the appropriate guarantees pursuant to Art. 46 GDPR in connection with the transfer.
2. Right to rectification
You have the right to have your personal data corrected and/or completed by the data controller if your personal data that is being processed is inaccurate or incomplete. The data controller must make the necessary corrections immediately.
3. Right to limit the processing
Under the following conditions, you may request that the processing of your personal data be restricted:
Where the processing of your personal data has been restricted, such data may not be processed, with the exception of their storage, without your consent or for the purpose of asserting, exercising or defending rights or protecting the rights of another natural or legal person or for reasons of an important public interest of the Union or of a Member State.
If the processing has been restricted in accordance with the above conditions, you will be informed by the controller before the restriction is lifted.
4. Right to deletion
a) Duty to delete
You may request for the data controller to delete your personal data immediately and the data controller is obliged to delete the data immediately if one of the following reasons applies:
b) Information to third parties
If the data controller has made your personal data public and is obliged to delete them in accordance with Art. 17 (1) GDPR, they shall take the appropriate measures, including technical measures, taking into account the available technology and the implementation costs, to inform the controllers for data processing who process the personal data that you, as the data subject, have requested them to delete all links to their personal data or copies or replications of their personal data.
The right to deletion does not exist if the processing is necessary
5. Right to information
If you have exercised your right to rectify, delete or limit the processing of your personal data against the data controller, the latter is obliged to notify all recipients to whom the personal data concerning you have been disclosed of such rectification, deletion or limitation, unless this proves impossible or involves a disproportionate effort.
They shall have the right vis-à-vis the data controller to be informed of such recipients.
6. Right to data transferability
You have the right to receive your personal data that you have provided to the data controller in a structured, common and machine-readable format. In addition, you have the right to communicate this data to another data controller without being hindered by the controller to whom the personal data was provided, provided that
In exercising this right, you also have the right to request that your personal data be transmitted directly by one responsible person to another responsible person, insofar as this is technically feasible. Freedoms and rights of other persons must not be affected by this.
The right to data transfer does not apply to the processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
7. Right of objection
You have the right, for reasons arising from your particular situation, to object at any time to the processing of your personal data on the basis of Art. 6 Para. 1 S. 1 lit. e or f GDPR; this also applies to profiling based on these provisions.
The controller will no longer process your personal data unless they can prove compelling reasons for processing worthy of protection which outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
If your personal data are processed for the purpose of direct advertising, you have the right to object at any time to the processing of your personal data for the purpose of such advertising; this also applies to profiling to the extent that it is connected with such direct advertising.
If you object to the processing for direct marketing purposes, your personal data will no longer be processed for these purposes.
You have the possibility to exercise your right of objection in relation to the use of Information Society services - notwithstanding Directive 2002/58/EC - by means of automated procedures using technical specifications.
8. Right to revoke the declaration of consent under data protection law
You have the right to revoke your declaration of consent under data protection law at any time. The revocation of the consent does not affect the lawfulness of the processing carried out on the basis of your consent up to the revocation.
9. Automated decision in individual cases including profiling
You have the right not to be subject to any decision based solely on automated processing, including profiling, that has legal effect on you or similarly, significantly affects you. This shall not apply where the decision is necessary for the conclusion or performance of a contract between you and the data controller, is permitted by Union or national law to which the data controller is subject, and if such law contains appropriate measures to safeguard your rights and freedoms and your legitimate interests or is taken with your express consent.
However, these decisions may not be based on special categories of personal data under Art. 9 para. 1 GDPR, unless Art. 9 para. 2 lit. a or g GDPR applies and appropriate measures have been taken to protect your rights and freedoms as well as your legitimate interests.
In the cases referred to in 1 and 3, the controller shall take reasonable steps to safeguard your rights and freedoms and your legitimate interests, including, at least, the right of the controller to select or have an individual to intervene or to act on their behalf, to present their point of view and to contest the decision.
10. Right of appeal to a supervisory authority
Without prejudice to any other administrative or judicial remedy, you shall have the right to complain to a supervisory authority, in particular in the Member State of your residence, place of work or place of presumed infringement, if you consider that the processing of your personal data is in breach of the GDPR.
The supervisory authority to which the complaint was submitted shall inform the complainant of the status and outcome of the complaint, including the possibility of a judicial remedy under Article 78 GDPR.
This privacy statement has been prepared with the assistance of DataGuard.