The hardware product we sell is an e-paper based smart screen, hereinafter referred to as the “Smart Screen”. We provide application for the Android and iOS operating systems to configure our hardware products, hereinafter referred to as the “Mobile Apps”.
The Smart Screen and the Mobile Apps connect to a server applciation through a web API hosted at the domain
What data do we collect, how do we use it and what is the purpose of collecting this data?
Our hardware products require configuration through our Mobile Apps. When you authenticate in our apps using the Google Sign-In authentication method, or the Sign in With Apple method, we will collect and store your email address. If you use the Google Sign-In authentication method, Google will store a user identifier to record authentication grants. Additionally, your IP address may be used by Google to estimate the general location of your mobile phone for fraud prevention.
If you allow read access to a Google calendar account, we store the names of the Google calendars which you selected to be displayed. This is necessary for the Mobile Apps to show you a list of calendars to choose from for display on the Smart Screen; and to make sure we know which calendars to display on any given Smart Screen.
If you allow read access to a Google calendar account, we will store oAuth tokens which give read access to calendar data from your account.
When fully configured, the Smart Screen will poll our servers in regular intervals for new or upated data to display. When such a request is received, our servers request calendar data from all connected Google accounts and respond to the Smart Screen with a render it can display. The associated data on calendar events is kept only during the computation of the render and the transmission of the render to the Smart Screen. It is never persisted.
We may retain logs containing the time and content of data transfers between the Mobile Apps or the Smart Screen and our servers, as well as logs containing data on events that occur within the server application. If you are logged in, we may also link these logs to your account. However, we will not store authentication credentials or data from calendar events.
How do we store your data?
Invisible Computers will keep your email address, the read access credentials to connected Google Calendar account and the names of connected Goolge calendars until you opt out or you ask us to delete it. We are keeping access logs for no more than 6 months.
Invisible Computers securely stores your personal data in the data centers of our third-party data processors.
Our third-party data processors are:
- Salesforce.com, Inc (Heroku for hosting of server applications and data storage)
- SumoLogic, Inc (Logs)
In some cases, the personal data collected from you may be processed outside the European Economic Area (“EEA”). These countries may not have the same level of data protection as the EEA. However, we are obliged to ensure that the personal data processed by us and our partners outside the EEA are protected in the same way as if they were processed within the EEA. Therefore, if your data is processed outside the EEA, there are certain safeguards in place. We ensure similar protection by ensuring that at least one of the following safeguards is in place:
Your personal data will be transferred to countries whose level of data protection is considered appropriate by the European Commission;
we use the standard contractual clauses approved by the EU.
What are your data protection rights?
Invisible Computers would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:
The right to access – You have the right to request Invisible Computers for copies of your personal data. We may charge you a small fee for this service.
The right to rectification – You have the right to request that Invisible Computers correct any information you believe is inaccurate. You also have the right to request Invisible Computers to complete the information you believe is incomplete.
The right to erasure – You have the right to request that Invisible Computers erase your personal data, under certain conditions.
The right to restrict processing – You have the right to request that Invisible Computers restrict the processing of your personal data, under certain conditions.
The right to object to processing – You have the right to object to Invisible Computers’s processing of your personal data, under certain conditions.
The right to data portability – You have the right to request that Invisible Computers transfer the data that we have collected to another organization, or directly to you, under certain conditions.
If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us at our email: email@example.com
How to contact us
Email us at: firstname.lastname@example.org
Or write to us at:
c/o sennder GmbH
Genthiner Straße 34
How to contact the appropriate authority
Should you wish to report a complaint or if you feel that Invisible Computers has not addressed your concern in a satisfactory manner, you may contact the Information Commissioner’s Office.
Berliner Beauftragte für Datenschutz und Informationsfreiheit