The hardware product we sell is an e-paper based smart screen, hereinafter referred to as the “Smart Screen”. We provide application for the Android and iOS operating systems to configure our hardware products, hereinafter referred to as the “Mobile Apps”.
The Smart Screen and the Mobile Apps connect to a server application through a web API hosted at the domain
What data do we collect, how do we use it and what is the purpose of collecting this data?
Our hardware products require configuration through our Mobile Apps. When you authenticate in our apps using the Google Sign-In authentication method, or the Sign in With Apple method, we will collect and store your email address. If you use the Google Sign-In authentication method, Google will store a user identifier to record authentication grants. Additionally, your IP address may be used by Google to estimate the general location of your mobile phone for fraud prevention.
If you allow read access to a Google calendar account, we store the names of the Google calendars which you selected to be displayed. This is necessary for the Mobile Apps to show you a list of calendars to choose from for display on the Smart Screen; and to make sure we know which calendars to display on any given Smart Screen.
If you allow read access to a Google calendar account, we will store oAuth tokens which give read access to calendar data from your account.
If you allow read access to a Google calendar account, we may access your calendar event data in order to display it on your Smart Screen. This calendar event data may also be temporarily stored on our servers (“Caching”). When we store calendar event data on our servers, we end-to-end encrypt it with a password that is only stored on your Smart Screen.
We may retain logs containing the time and content of data transfers between the Mobile Apps or the Smart Screen and our servers, as well as logs containing data on events that occur within the server application. If you are logged in, we may also link these logs to your account. However, we will not store authentication credentials or data from calendar events.
How do we store your data?
Invisible Computers will keep your email address, the read access credentials to connected Google Calendar account and the names of connected Goolge calendars until you opt out or you ask us to delete it. We are keeping access logs for no more than 6 months.
Invisible Computers securely stores your personal data in the data centers of our third-party data processors.
Our third-party data processors are:
- Salesforce.com, Inc (Heroku for hosting of server applications and data storage)
- SumoLogic Inc (Log processing and storage)
- Functional Software Inc (Log processing and storage)
In some cases, the personal data collected from you may be processed outside the European Economic Area (“EEA”). These countries may not have the same level of data protection as the EEA. However, we are obliged to ensure that the personal data processed by us and our partners outside the EEA are protected in the same way as if they were processed within the EEA. Therefore, if your data is processed outside the EEA, there are certain safeguards in place. We ensure similar protection by ensuring that at least one of the following safeguards is in place:
Your personal data will be transferred to countries whose level of data protection is considered appropriate by the European Commission;
we use the standard contractual clauses approved by the EU.
What are your data protection rights?
Invisible Computers would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:
The right to access – You have the right to request Invisible Computers for copies of your personal data. We may charge you a small fee for this service.
The right to rectification – You have the right to request that Invisible Computers correct any information you believe is inaccurate. You also have the right to request Invisible Computers to complete the information you believe is incomplete.
The right to erasure – You have the right to request that Invisible Computers erase your personal data, under certain conditions.
The right to restrict processing – You have the right to request that Invisible Computers restrict the processing of your personal data, under certain conditions.
The right to object to processing – You have the right to object to Invisible Computers’s processing of your personal data, under certain conditions.
The right to data portability – You have the right to request that Invisible Computers transfer the data that we have collected to another organization, or directly to you, under certain conditions.
If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us at our email: email@example.com
How to contact us
Email us at: firstname.lastname@example.org
Or write to us at:
How to contact the appropriate authority
Should you wish to report a complaint or if you feel that Invisible Computers has not addressed your concern in a satisfactory manner, you may contact the Information Commissioner’s Office.
ULD – Unabhängiges Landeszentrum für Datenschutz Schleswig Holstein