Privacy policy for the Staffice employee app

1. Subject

With this privacy notice, we inform you about the processing of your personal data by us when you
– use the Staffice employee app (“App”), or
– visit the web interface at aap.staffice.app of the web interface, e.g. to use functions of the App in the browser or to log in as administrator or editor in the backend.

In addition, we explain the rights you are entitled to under the EU General Data Protection Regulation (GDPR).

The employee app and the web interface are hereinafter jointly referred to as “MAPP”.

In addition, the general data protection information for employees of their respective company applies.

2. Responsible party and data protection officer

The person responsible is, ATINO GmbH, Springorumallee 2,44795 Bochum, info@atino.de, +49 (0)234 5200890

Contact details of the data protection officer: René Rautenberg, ATINO GmbH, Springorumallee 2, 44795 Bochum, Germany.

3. User account and master data

To use MAPP, you need an user account. You can either create this account yourself or we can create it for you.

The following master data are assigned to the user account:

– Access data (e.g. e-mail and password)
– Contact data (e.g. name, business e-mail address, telephone number)
– Organizational data (e.g. company, department, groups, role, supervisor)
– Roles and rights (e.g. reading and editing rights of posts).

Your cell phone number is not required to use MAPP.

We may also use your email address as part of MAPP for system-related emails, such as notification of changes to privacy notices or workflow notifications (e.g., approvals granted). As part of the registration process, you may receive an email to your business email address asking you to click a link. This is to ensure that the email address is assigned to you.

We generally store the master data in MAPP for the duration of your user account; this corresponds to the time of your employment with or for us. Your data will also be deleted if you or we delete your user account, for example, if we discontinue the Employee App as a whole or you decide you no longer want to use MAPP. To delete your usage account, please contact us (info@atino.de).

Within MAPP, your contact and organizational data is generally visible to all other MAPP users at our company.

Providing your data for the user account is optional. However, you cannot use MAPP without your data. There is no obligation to use MAPP.

4. Individual app functions

In the following, we explain how we handle your data when you use individual functions of MAPP. This may also describe functions that are not (yet) available to you.

4.1. Chat

The chat function allows you to send messages to other employees (individual chat) and to groups (group chat). The chat is available to all users of MAPP of our company.

In addition to the chat messages themselves, the date/time of sending messages is also saved, as well as the reading status of the message. The sender of a message in the individual chat can see whether – but not when – you as the recipient have read a message. In addition, you can optionally upload a profile picture that all users of the chat can see.

We use the data to provide you with the chat function. The chat content is business communication (similar to an e-mail), for which our general rules for business communication apply, unless otherwise stated.

Messages generally remain even if their user account is deleted, as the messages are still contained in the recipients’ mailboxes (similar to an e-mail). It is not possible to delete individual messages after you have sent them.

Chat messages are routinely deleted by us after a certain period of time. See also section 9.4.

Only users directly involved in the chat have access to messages. Messages in the individual chat are encrypted end-to-end, and we cannot access their content. Messages in the group chat are encrypted in transit, but are available on the server in unencrypted form, but can only be viewed by administrators.

4.2. Surveys

If you participate in a survey, your answers will not be assigned to your user account (anonymous survey). We only count the number of answers per question or the answer text for free text fields to determine the aggregated survey result. This data is not added to your user account. We only record “that” you participated in the survey to prevent multiple voting. When the survey is finished, the information that you participated in the survey is also deleted.

Once you submit your response, you will not be able to delete or change it.
Unless otherwise stated, participation in surveys is voluntary.

Details on data protection, such as the purpose of use, the recipients and the storage period may be specified in additional data protection information on the survey.

4.3. Applications and notifications (e.g. sickness notifications, vacation applications)

If you use MAPP to send us applications or notifications concerning your employment relationship (e.g., sick leave or vacation applications), we receive the data and content you enter as well as the date and time of submission. The data is received by a responsible employee (e.g. in the personnel department). In this respect, MAPP is merely an additional communication channel.
If you send photos in your applications and messages that were taken within the employee app, the photos are deleted immediately after they are sent. If you select photos from the gallery on your smartphone, the image will still remain on your device.

The purposes, storage period, legal grounds and recipients are otherwise governed by our general data protection information for employees.

4.4. Content contributions (e.g., on the intranet or bulletin board).

If you publish content-related contributions in MAPP (e.g. on the intranet or bulletin board), whether in your role as a user, editor or administrator, the content, your name including contact details, and the date and time of the contribution are generally visible to all MAPP users in our company.

The contributions remain stored until they are deleted by you or an editor. In case of deletion, the contribution itself or all identifying information (author’s property) will be deleted. Contributions are generally visible to all users of MAPP of our company.

5. Notifications on mobile devices (push notifications).

We may send push notifications to your mobile device if it is running the iOS or Android operating system. Push notifications are messages that are displayed to you on your end device even if you are not currently using the Employee App. It is therefore a function of the operating system provider and not of the employee app itself.

You can individually set the receipt of push notifications in the settings menu of the employee app. You can also disable the delivery of our push notifications in the operating system settings of your mobile device.

We use push notifications, for example, to inform you about incoming chat messages. MAPP can also be used without the push function.

For the delivery of push notifications, we have to hand over the content of the notifications to a technical service of your operating system provider. In the case of end devices with Android operating system, this is Google Ireland Limited Gordon House, Barrow Street Dublin 4. Ireland and takes place as part of the “Firebase Cloud Messaging” service, in the case of iOS the Apple Inc, One Apple Park Way, Cupertino, California, USA, 95014. The addressing of your device takes place technically via a pseudonymous identification number, which is provided to us by your operating system provider and which only applies to our app and your specific end device. We do not transmit any information that directly identifies you, such as your name or e-mail address, to the operating system provider.

The basis for a data transfer to the USA, as an unsafe third country in the sense of the GDPR, is the provision of the push functionality expressly requested by you, Art. 49 (1) b) GDPR (contract performance).

6. Data processing for analysis purposes

6.1. Server Log Files (Web Interface)

In principle, we do not keep server log files. We activate them only on occasion in case of troubleshooting. In this case the following applies:

When you call up an individual page of the web interface, our web servers record in a log file the address (URL) of the page called up, the date and time of the call-up, any error messages and, if applicable, the operating system and browser software of your end device as well as the website from which you are visiting us. We also store the IP address of your computer in our log files.

The log file data is used by us exclusively to ensure the functionality of our services (e.g. error analysis, ensuring system security and protection against misuse) and deleted after problem resolution, at the latest after 7 days, or shortened so that no personal reference can be established.

Insofar as log file data qualifies as personal data in individual cases, the legal basis for processing the log file data is our legitimate interest (error analysis, ensuring system security and protection against misuse).

6.2. Usage statistics

We collect anonymous usage statistics about which functions and pages were used and how often. These are simple counters. There is no assignment to your device or your usage account or your name and no pseudonymous profiles are created. No third-party service providers are used to create usage statistics.

7. System permissions (apps)

The Employee App requires the following system permissions on your terminal device and uses them as follows:

– Camera: to take photos that you take in the employee app and send to us (e.g., vacation request).

– Storage: to send photos that you have saved on your end device (e.g., photo of the vacation request from your gallery)

– Internet access: to communicate with our servers, e.g. retrieve content, send chat messages.

8. Cookies (web interface)

Cookies are small text files that are stored in the browser of your terminal device and transferred to us each time you call up our website.

When you log in to the web interface with your user account, our server sets a cookie on your computer: this contains a random identification number and is technically necessary because it serves to recognize you as a logged-in user. This cookie is deleted when you close the browser (so-called “session cookie”).

9. Supplementary information on the obligation to provide data, legal basis, data recipients and storage period

Unless otherwise stated in this data protection information, the following applies:

9.1. Obligation to provide data

You are not obliged to provide data. Mandatory data in input forms are marked as such, e.g. by an asterisk (*).

9.2. Legal basis

MAPP is a working tool. Its provision by us is voluntary, as is its use by you. We provide you with the work tool in order to facilitate the fulfillment of your contractual rights and obligations. The legal basis in this respect is the performance of the employment relationship (contract performance, Art. 6 para. 1 lit. a GDPR, § 26 BDSG).

Insofar as MAPP is not used in the context of a direct employment contract, the provision of data takes place within the framework of the balancing of interests and serves to protect our and your legitimate interest in a modern communication platform available on mobile devices basically “everywhere and at any time” to improve and facilitate the exchange of information between our employees.

9.3. Data recipients and data exports

Within the company responsible for data protection, your data is received by the respective departments responsible for the subject matter, e.g. the HR department.

For the technical operation of the servers for the administration of push messages and for the provision of the web interface, we may use technical service providers within the EU bound by instructions within the framework of so-called order processing, in particular for the operation and maintenance of the server on which your data is stored and the web interface is provided.

We currently use ATINO GmbH for this purpose, which in turn uses the hosting provider Host Europe.

Unless otherwise stated in this privacy policy, we do not transfer your data to countries outside the EU and the EEA for which the EU Commission has not determined that they guarantee a level of data protection adequate for the EU (no transfer to so-called “unsafe third countries”).

9.4. Storage period

We measure the storage period for your data on the basis of the specific purposes for which we use the data. In addition, we are in part subject to statutory retention and documentation obligations, which arise in particular from the German Commercial Code (HGB) and the German Fiscal Code (AO). Finally, the storage period is also assessed according to the statutory limitation periods, which, for example, according to §§ 195 ff. of the German Civil Code (BGB) are generally three years.

On the device on which you have installed the Employee App, the data stored by the Employee App will be deleted if
– you uninstall the app
– your user account ends or is deleted.

As far as your data is stored on our server in the backend, the explanations in this privacy notice apply.

10. Your GDPR rights

By law, we are required to inform you of your rights under the GDPR. We explain these rights below. You are entitled to the rights under the conditions of the respective data protection regulations. The following description does not grant you any further rights.

10.1. Information

You have the right to request confirmation from us as to whether we are processing personal data relating to you; if this is the case, you have a right to information about this personal data and to the information listed in detail in Art. 15 GDPR.

10.2. Correction

You have the right to demand that we correct any inaccurate personal data relating to you and, if necessary, complete any incomplete personal data without undue delay, Art. 16 GDPR.

10.3. Deletion

You have the right to demand that we delete personal data concerning you without delay, provided that one of the reasons listed in detail in Art. 17 GDPR applies, e.g. if the data is no longer required for the purposes pursued.

10.4. Restriction of processing

You have the right to demand that we restrict processing if one of the conditions listed in Art. 18 GDPR applies, e.g. if you have objected to the processing, for the duration of the review by us.

10.5. Data portability

You have the right, under certain conditions, to receive, transmit and – if technically feasible – have transmitted data relating to you that you have provided to us in a structured, common and machine-readable format, Art. 20 GDPR.

10.6. Complaint

You have the right to lodge a complaint with a supervisory authority, irrespective of any other administrative or judicial remedy, if you consider that the processing of personal data concerning you by us infringes the GDPR, Art. 77 GDPR. You may assert this right before a supervisory authority in the Member State of your residence, workplace or the place of the alleged infringement. You can find the contact details of the supervisory authorities in Germany at https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

10.7. Revocation (of consent)

If you have given us data protection consent, you have the right to revoke this at any time with effect for the future. This also applies to data protection consents that you gave us before the GDPR came into force.

10.8. Right of revocation

In addition, you have the right to object, this is explained at the end of this document.

11 Appendix: Explanation of terms

11.1. Terms

Below we explain some legal and technical terms used in this privacy notice.
a) Processor:
Processors are service providers who process your data in accordance with our instructions and for a specific purpose.
b) Personal data:
Personal data (data) is any information relating to an identified or identifiable natural person.
c) Processing:
A processing of personal data is any operation related to personal data, such as collection via an online form, storage on our servers or use to contact us.
d) IP address:
The IP address is a number that your Internet provider assigns to your terminal device, either temporarily or permanently. With a complete IP address, it is possible, for example, on the basis of additional information from your Internet access provider, to identify the connection owner in individual cases.

11.2. Legal basis

The GDPR only permits processing of personal data if a legal basis exists. We are required by law to inform you of the legal basis for processing your data.

In the following, we explain the terms used in this context.

Legal basis Designation Explanation
Art. 6 (1) lit. a) GDPR Consent This legal basis allows processing if and insofar as you have given us your consent.
Art. 6 (1) lit. b) GDPR Contract performance This legal basis permits processing insofar as this is necessary for the performance of a contract with you, including pre-contractual measures (e.g. performance of the employment contract).
Art. 6 (1) lit. f) GDPR Legitimate interests According to this legal basis, we are permitted to process insofar as this is necessary to protect our legitimate interests (or those of third parties) and your conflicting interests do not override them. Unless otherwise stated, our interests are to pursue the specified processing purposes.

 

Your right of objection

You also have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you, insofar as we base the processing on Art. 6(1)(e) or (f) GDPR. We will then no longer process this data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims (Art. 21 GDPR).

If your personal data is used by us for direct marketing (e.g. by means of e-mail), you have the right to object to the use of your data for these purposes at any time. This also applies to profiling, insofar as this is connected with direct advertising. Profiling means the use of personal data to analyze or predict certain personal aspects (e.g. interests).

 

 

As of: 1.1.2021