Privacy policy of the "ThevoSmart" App
Data Processing at a Glance
By using the ThevoSmart sensor mat, various personal data is processed. We would like to give you a brief overview of the processing below:
The data of the sensor mat will be transmitted to our server (location within the EU) interpreted and if necessary a message will be generated to the caring person. The storage period for data collected in this way is currently limited to 18 months. After the user account has been deleted, the collected data will be deleted from our system after the expiry of the obligation to provide proof.
Please remember that you only enter the e-mail addresses of the additional supervisors into our system with their consent, the consent of the person being cared for and under consideration of the necessity.
If necessary, we record the user behavior of the operators within the app. We use this data exclusively to optimize functions, service and usability.
I. General
We take the protection of your personal data very seriously and treat it confidentially and in accordance with the legal data protection regulations and this privacy policy. This privacy policy applies to our mobile iPhone and Android apps (hereinafter "APP"). It explains the type, purpose and scope of data collection within the scope of APP use. We would like to point out that data transmission over the Internet may have security gaps. It is not possible to completely protect data from access by third parties.
Thomas Hilfen für Körperbehinderte GmbH & Co. Medico KG
Walkmühlenstr. 1
D – 27432 Bremervörde
e-Mail:
Website: www.thevosmart.com
Phone: +49 (0) 4761 8860
Fax: 04761 88619
Mr. Volker Weinhard
Company XMSplus
e-mail:
Phone: +49 (0) 4142 / 811 69 40
II. Your Rights
The DSGVO grants certain rights to those affected whose personal data is processed by us, about which we would like to inform you at this point:
IF YOUR PERSONAL DATA ARE PROCESSED FOR THE PURPOSE OF DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT, AT ANY TIME, TO THE PROCESSING OF YOUR PERSONAL DATA FOR THE PURPOSE OF SUCH MARKETING, INCLUDING PROFILING, INSOFAR AS IT IS CONNECTED WITH SUCH DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL NO LONGER BE USED FOR THE PURPOSE OF DIRECT MARKETING.
• If you dispute the accuracy of your personal data stored with us, we usually need time to verify this. For the duration of the review, you have the right to demand the restriction of the processing of your personal data.
• If the processing of your personal data was/is unlawful, you can demand the restriction of data processing instead of deletion.
• If we no longer need your personal data, but you need it for the exercise, defence or assertion of legal claims, you have the right to demand the restriction of the processing of your personal data instead of deletion.
• If you have lodged an objection in accordance with art. 21 para. 1 DSGVO, a balance must be struck between your interests and ours. As long as it is not yet clear whose interests prevail, you have the right to demand the restriction of the processing of your personal data.
If you have restricted the processing of your personal data, this data - apart from its storage - may only be processed with your consent or for the assertion, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of an important public interest of the European Union or a member state.
III. Access Rights of the APP
In order to provide our services via the APP, we require the access rights listed below, which enable us to access certain functions of your device.
android.hardware.camera: The app uses the camera, which is used to specify image acquisition settings and to acquire images and scan QR Codes (e.g. to select an existing image for the patient from the gallery or to acquire an image of the patient to upload it in the patient management - in the app permissions in the system settings "camera" and "memory" are listed).
android.hardware.faketouch: The app uses basic touch interaction events, such as tapping and dragging. When declared as required, this function indicates that the app is only compatible with a device if that device emulates a touch screen ("fake touch" interface) or has an actual touch screen.
android.hardware.location: The app uses one or more functions on the device to determine its location, such as GPS location, network location or cell location.
android.hardware.location.gps: The app uses precise location coordinates obtained from a GPS (Global Positioning System) receiver on the device. By using this function, an application implies that it also uses the android.hardware.location function unless this parent function is declared with the android:required="false" attribute.
android.hardware.microphone: The app records audio with the device's microphone (required due to the app's built-in QR Code scanner - can be removed immediately afterwards in the app's system settings).
Phone (to call our support directly from the app)
Access to the device functions is required to ensure the functionality of the APP. The legal basis for this data processing is our legitimate interest within the meaning of art. 6 para. 1 letter f DSGVO, your consent within the meaning of art. 6 para. 1 letter a DSGVO and/or - if a contract has been concluded - the fulfilment of our contractual obligations (art. 6 para. 1 letter b DSGVO).
The storage period for the data collected in this way is the duration of the active user account. After deletion of the user account, the collected data will be deleted from our system.
Type of mobile device
Operating system used
Used language
Technical information about the terminal device used
Date and time of the request
IV. Collection of Personal Data within the Scope of APP Use
• Salutation
• First and last name
• e-mail address (mandatory field)
• password (mandatory field)
• Street/house number
• Postcode/Place
• Phone number
• Country (mandatory field)
The processing of this personal data is necessary to guarantee the functionalities of APP. The legal basis for this data processing is our legitimate interest within the meaning of art. 6 para. 1 letter f DSGVO, your consent within the meaning of art. 6 para. 1 letter a DSGVO and/or - if a contract has been concluded - the fulfilment of our contractual obligations (art. 6 para. 1 letter b DSGVO).
The storage period for the data collected in this way is the duration of the active user account. After deletion of the user account, the collected data will be deleted from our system.
• Name (mandatory field) - will be displayed in the overview if no call sign has been entered
• Birthday (optional)
• Weight (optional)
• Size (optional)
• call sign (optional)
• clinical picture(s) (optional)
You can change the master data at any time via the settings in the app.
V. Use of Push Services
The app requires the push function and uses the service of OneSignal, 2194 Esperanca Avenue, Santa Clara, CA 95054 (hereinafter "OneSignal") to send you push messages. These are short messages that appear on the user's display and actively notify the user of status changes. A push token is assigned in the event of use of the push services. The sole purpose of their use by us is to provide the Push Services. OneSignal will receive information about the installed app and its use when you access the app, the temporary unique device identifier (e.g., IDFA and Android ID), the current location, linked to the temporary unique device identifier; your email address (if provided), your IP address, type of device, type and version of your operating system, your mobile operator, language settings, time zone and network settings (e.g., WiFi). For OneSignal's privacy policy and other information, please visit https://onesignal.com/privacy_policy.
The collection and processing of device-specific information is based on art. 6 para. 1 sentence 1 lit. b DSGVO for the purpose of processing contractual relationships with you or art. 6 para. 1 lit. f DSGVO if and to the extent that this is necessary to protect our interests or those of third parties. In particular, this may include passing on data to hosting or cloud computing providers for the purpose of optimizing services and increasing usability and user-friendliness. Data passed on may only be used by the third parties for the purposes mentioned.
VI. Links to Websites of other Providers
The ThevoSmart App may contain links to websites of other providers in the Recommendations and Maintenance Information sections. We have no influence on whether these providers adhere to the data protection regulations. We therefore ask you to contact these providers for information about their data protection practices.