HIGH MOBILITY Developer Center Privacy Policy

Thank you for visiting the High-Mobility Developer Center. We take the protection of your personal data very seriously. In this Privacy Policy we inform you how we collect, process and use personal data.

1. Controller, Personal Data, Contact

(1) The person responsible (Controller) for the collection, processing and use of your personal data in accordance with Art. 4, Section 7 Data Protection Ordinance ("GDPR") is:

High-Mobility GmbH
Managing Directors: Risto Vahtra, Kevin Valdek
Skalitzer Straße 68
10997 Berlin
Germany
Tel: 030 26565600
email: support@high-mobility.com

hereinafter referred to as "we" or "us".

(2) Personal data means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person (Article 4 (1) GDPR).

(3) If you contact us by email or telephone we will collect and record your disclosed data (e.g. email-address, telephone number) to be able to answer your questions.

2. Your Rights

(1) At all times, you are entitled to claim your rights in relation to us as an affected person. Should the respective statutory requirements be met, these include the following rights:

  • Right of access in accordance with Article 15 EU GDPR
  • Right to rectification in accordance with Article 16 EU GDPR
  • Right to erasure in accordance with Article 17 EU GDPR
  • Right to restriction of processing in accordance with Article 18 EU GDPR
  • Right to data portability in accordance with Article 20 EU GDPR
    You can exercise these rights at any time by contacting us under the contact details listed under section 1 (1).

(2) In addition you have the right to lodge a complaint with a responsible data protection authority:

Berliner Beauftragte für Datenschutz und Informationsfreiheit
Friedrichstr. 219
10969 Berlin
Visitor entrance: Puttkamerstr. 16-18
Tel: +49 30 13889-0
E-Mail: mailbox@datenschutz-berlin.de

3. Data Collection, Processing and Use

(1) If you visit our developer center without registering or providing further information we collect only the personal data transmitted by your browser.

This data is statistically evaluated by us and is only used in order to improve the attractiveness, content and functions of our website. In our server log files, we save information that your browser automatically sends to us for technical reasons. This includes:

  • Browser type/version
  • Operating system used
  • Referrer URL (the most recently visited page)
  • Host name of the accessing end device (IP address, anonymised)
  • Date and time of the server access

In case of smartphones, tablets and other mobile end devices: manufacturer/model.
No person-related saving of this data takes place. This data is also not combined with other data sources.

The legal basis for the processing of your IP address is Article 6 Paragraph 1 Letter f) EU GDPR. Our legitimate interest arises from the purposes of the processing listed below:

  • Guaranteeing a seamless connection
  • Guaranteeing comfortable use of our website
  • Assessment of system security and stability

Your IP address is generally saved by us in anonymous form and no personal analysis takes place during this process. A full saving of the IP address only takes place in order to trace technical errors and hacking attempts, as well as to record consent, for example in the newsletter subscription.

(2) To receive the services of our developer center you have to register and create a user account. In that case we will collect the following data:

  • e-mail address
  • first name
  • last name
  • billing and payment information

The visibility of your personal data is restricted, will be accessible only by us, or in case of a team account, by your team members. Your email address, first and last name are visibly by the people you send an invitation to, or from whom you accept an invitation. In case you accept somebody’s invitation, the inviter will be able to access your personal data to the same limited extent. You are free to decline any invitation, and if you do so, the inviter will not get access to your personal data.

We use the submitted information for functional and improvement reasons, and we do not sell any of the submitted information.

The legal basis for the processing of your IP address is Article 6 Paragraph 1 Letter b) EU GDPR. Once your account is deleted the personal data is deleted from our servers within 24 hours.

4. Billing

We use third party payment services to provide you the possibility to receive fee-based services. Such payment services are rendered by Stripe Payments Europe, Limited, C/O A&L Goodbody, Ifsc, North Wall Quay, Dublin 1, Republic of Ireland (hereinafter Stripe Payments). Stripe Payments uses your billing and payment information on our behalf fulfill the agreement between you and us. We entered in to a processing agreement with Stripe Payments in accordance with Article 28 EU GDPR. Your billing and payment information may be transferred to Stripe Payments’ affiliated company Stripe, Inc. within the USA. Stripe, Inc. is certified under the privacy shield and therefore guarantees to provide adequate level of protection for personal data (https://www.privacyshield.gov/participant?id=a2zt0000000TQOUAA4&status=Active)

5. Hosting

Most of our developer center is hosted by Microsoft Corporation; One Microsoft Way, Redmond, WA 98052-6399, USA (Microsoft Azure). The hosting services include infrastructure and platform services, computing capacity, storage capacity, database services, security services as well as technical maintenance which are necessary to provide our developer center and services. In this context the host provider processes the data mentioned in this Privacy Policy on our behalf. Such data may be transferred to the USA. We entered in to a processing agreement with the host provider in accordance with Article 28 EU GDPR. Microsoft Corporation is certified under the privacy shield and therefore guarantees to provide adequate level of protection for personal data (https://www.privacyshield.gov/participant?id=a2zt0000000KzNaAAK&status=Active).

Parts of our developer center are hosted by Amazon Web Services, Inc.; 410 Terry Avenue North, Seattle WA 98109, United States (AWS). The hosting services include infrastructure and platform services, computing capacity, storage capacity, database services, security services as well as technical maintenance which are necessary to provide our developer center and services. In this context the host provider processes the data mentioned in this Privacy Policy on our behalf. We entered in to a processing agreement with the host provider in accordance with Article 28 EU GDPR.

6. Error Reporting

We use third party services for error reporting. This service is rendered by Rollbar, Inc., 221 Main St Suite 780 San Francisco, CA 94105, USA (Rollbar). Rollbar uses cookies to gather information about errors occurred during the use of our developer center. Rollbar will use such information on our behalf to identify errors which occur during the use of the developer center and the reasons for such errors. We only use Rollbar with activated anonymization of the IP address. That means that the IP address of the user will be masked or omitted to be used. Such information may be transferred to the USA. We entered in to a processing agreement with the provider in accordance with Article 28 EU GDPR. Rollbar, Inc. is certified under the privacy shield and therefore guarantees to provide adequate level of protection for personal data (https://www.privacyshield.gov/participant?id=a2zt0000000TNcNAAW&status=Active#privacy-policy-1).

The legal basis for the engagement of the service provider is Article 6 Paragraph 1 Letter f) EU GDPR. Our interest in accordance with Article 6 Paragraph 1 Letter f) EU GDPR to commercially optimize our service is considered to be legitimate in the sense of the regulation referred to above.

7. Search Engine

We use third party services for search engine functionalities within the development center . This service is rendered by Algolia, Inc., 972 Mission Street, 2nd floor, San Francisco, CA 94103, USA (Algolia). We only use Algolia with activated anonymization of the IP address. That means that the IP address of the user will be masked or omitted to be used. Algolia will use such information on our behalf to provide search engine services.

We entered in to a processing agreement with the provider in accordance with Article 28 EU GDPR, which contain the EU Standard Contractual Clauses so that an adequate level of protection for personal data is ensured.

The legal basis for the engagement of the service provider is Article 6 Paragraph 1 Letter f) EU GDPR. Our interest in accordance with Article 6 Paragraph 1 Letter f) EU GDPR to commercially optimize our service is considered to be legitimate in the sense of the regulation referred to above.

8. Car Makers

Under certain programs, car makers may engage us to provide them with certain processing services related to information controlled by the car makers. We are not responsible for any car makers’ use of information for which it is the controller. To learn more about how a car maker may use such information, you should review its privacy policy.

As far as we provide car data to you or third parties the separate Car Data Privacy Policy applies.

9. Disclosure to Third Parties

We do not disclose your data to third parties for commercial purposes (sale, rental). Should your data be processed by service providers who support us with customer service the scope of the transferred data is limited to the necessary minimum. The data transfer takes place in encrypted form. Within the framework of processing by a processor, our partners were carefully selected by us and are obliged, in accordance with the statutory provisions of Article 28 EU GDPR, to handle your data in a trustworthy manner and to comply with our own data protection standards. In particular, our partners are not permitted to transfer the data of our customers to third parties for direct marketing purposes or to use the data themselves for commercial purposes.

10. Our Newsletter

With our newsletters we inform you about us and our products.

If you want to receive the newsletter, we need a valid email address from you. The registration for the newsletter takes place in the so-called double-opt-in procedure, which means that when you sign up for the newsletter, you will initially receive a non-promotional confirmation e-mail, which you must confirm by clicking on the link contained in the e-mail. Only then we start to send you newsletters from time to time. You can revoke your consent to the sending of the newsletter at any time. The revocation can take place via a link in the newsletter itself, in your profile area (if you have created a user account) or by notification to the contact options listed under point 1.

The legal basis for our newsletter is Article 6 Paragraph 1 Letter a) EU GDPR.

If you register for our newsletter the service of sending out the newsletters will be fulfilled by the company Mailjet SAS, 13-13 bis, rue de l’Aubrac, 75012 Paris, France. We entered in to a processing agreement with the provider in accordance with Article 28 EU GDPR.

11. Cookies

The Website uses Cookies in order to provide you with a comfortable and functioning Website. Cookies are small files which contain information to identify recurring users only while visiting our Website. Cookies will be stored on your device and will not cause any damage. Cookies help to identify popular sections of our Website. By using Cookies we are able to provide the contents of our Website adjusted to your needs.

In addition, we use non-permanent Cookies (so called "Session Cookies") in order to identify your Browser when using the Website. Such Session Cookies contain a pseudonymized ID which will be read by the Website server. During the session, the Session Cookies (including the pseudonymized ID) are stored on the Website server. After the session, the Session Cookies will be erased automatically.

You can deactivate the use of all Cookies at any time by setting your browser to not accept Cookies. You can delete Cookies stored on your device at any time. The exact instructions for how to do this can be found in the manual for your browser or device. If you deactivate the use of Cookies it might cause a functional limitation of the website or the services.

The legal basis for the use of Cookies is Art. 6, Paragraph. 1 lit. f) GDPR. Our interest in tailoring our services to your requirements as best as possible and optimizing our services in commercial and technical terms is considered to be a legitimate in compliance with Art. 6, Paragraph. 1 lit. f) GDPR. Your IP address is only recorded in shortened form.

February 2019