Privacy Policy 📚

I. General Information 📗

As a subsidiary of one of the leading telecommunications companies, we take the protection and security of personal data very seriously. At this point we inform you about the data processing during your visit of our website tingg.io. However, it does not apply to websites of other companies, even if they included a link to this or another website of our company. These instruction have no regulatory nature, they are for your information only.

1. Contact details of the controller

Telefónica Germany NEXT GmbH, Georg-Brauchle-Ring 50, 80992 München, encrypted contact form: https://next.telefonica.de/kontakt

2. Contact details of the data protection officer

Telefónica Germany NEXT GmbH, Datenschutzbeauftragter, Georg-Brauchle-Ring 50, 80992 München, encrypted contact form: https://www.telefonica.de/datenschutz-kontakt

3. Your rights

In accordance with the GDPR, data subjects (see below) generally have the following rights:

  • You have the right to obtain access to and information about your processed data (Art. 15 GDPR).
  • You have the right to have inaccurate personal data rectified or to have incomplete data completed (Art. 16 GDPR).
  • Under certain legal conditions, you have the right of erasure of your personal data (Art. 17 GDPR).
  • Under certain legal conditions, you have the right to restrict processing (Art. 18 GDPR).
  • Under certain legal conditions, you have a right to receive or transfer your personal data (Art. 20 GDPR).
  • You have the right to complain to a supervisory authority (Art. 77 GDPR). For this purpose you can for example directly contact the data protection supervisory authority.
  • Withdrawal of consent: You have the right to withdraw your consent at any time with future effect. The lawfulness of processing based on consent before its withdrawal is not affected by this. When asking for your consent we will inform you about how you can explain your withdrawal. In any case you can contact our data protection officer to explain your withdrawal.
  • You have a right to object under certain legal conditions. We inform you about this at the end of this privacy policy.

To assert your rights, you can contact our data protection officer at any time using the contact details mentioned above.

4. Place of data processing

We generally process your personal data in Germany and in the European Union only. Service providers who process personal data on our behalf outside the European Union (so-called third countries) are only employed if there is an “adequacy decision” by the European Commission (Article 45 GDPR) or “appropriate safeguards” (Article 46 GDPR) or “binding corporate rules” (Article 47 GDPR) exist within the recipient’s company. General information on the adequacy decisions can be found at: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_de, for the appropriate safeguards are available at https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/model-contracts-transfer-personal-data-third-countries_de, as well as https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/eu-us-privacy-shield_de and about the binding corporate rules at https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/binding-corporate-rules_de
For more information you can contact our data protection officer. Besides that, your personal data will be processed in third countries insofar as it is necessary for the fulfillment of the contract, if you have given your consent of if there is a legal obligation.

Employees of our company and service providers who assist us with data processing as a data processor (service providers for IT operation, website operation and contact processing) have access to your personal data to the extent necessary for the fulfillment of the purposes mentioned below. Possible existing deviations are explicitly designated below. By law, we are required to provide personal data to authorities (for example, requests for information from investigative authorities) or natural / legal persons (for example, to assert claims) on a case by case basis.

5. Secure communication

For the transmission of confidential information, we recommend that you contact us by phone, mail or encrypted contact form. Should you, for example, use e-mail, social media, messenger services (such as WhatsApp) or other means of contacting us, full data security cannot be guaranteed.

6. Changes to the Privacy Policy

This Privacy Policy may be accessed and printed at any time under the “Privacy Policy” link. As changes in legislation or changes in our internal processes may require an amendment to this Privacy Policy, which remain reserved to us, we request that you regularly review this Privacy Policy.

II. Visiting our website 📕

We would like to inform you below which personal data we process during your visit to our website.

You have the option of providing your personal data in various places on our website (for example in the contact form). We have marked the respective mandatory fields as such. Without them we cannot provide you with the requested service.

1. Error logs

For the purpose of error identification and correction, so-called error logs are created. This is necessary in order to be able to react as quickly as possible to possible problems in the presentation and implementation of content (Art. 6 (1) lit. f) GDPR).

If an error message occurs, general data such as the domain name of the website, the web browser and web browser version, the operating system, the IP address as well as the timestamp and metadata of the request (headers and payload) are recorded when the corresponding error message/specification occurs.

These error logs are deleted as soon as they are no longer required for the deletion and elimination of possible malfunctions.

2. User account

You can create a user account on our website. You can use this account to connect your IoT device to the internet and to process and visualize your sensor data.

“IoT device” means any technical device with an export function for the data it generates, e. g. with an internet or mobile connection or upload functionality as provided by the device you own and as described in the device’s data sheet.

We process the data that you provide during the registration process to send you an activation link to the e-mail address that you’ve used to start the registration process. After you have clicked on the activation link we also use the data that you have provided to activate the deposited user account. We process this data to fulfill our obligations under our Terms of Service (Article 6 (1) lit. b) GDPR).

If you make changes within your user account (e. g. change your data), these will also be stored in our customer database in order to fulfill our contractual obligations under our Terms of Service (Article 6 (1) lit. b) GDPR).

You can delete your customer account yourself at any time. The data that can be called up in the customer account will be processed and deleted within 14 days.

3. Cookies, pixel and similar technologies

Under certain circumstances, we and our partners may store small text files called “cookies” on your computer to recognize users, to help us make our website more user-friendly and customized. You may, for example, adjust your browser settings to be informed in advance about the settings of cookies, or you may completely refuse to accept cookies. In certain cases, the refusal of cookies may limit the functionality of our website.

Targeting cookies are generally used to show you advertising based on your interests. If you visit another website, your browser’s cookie will be recognized and you will be shown selected advertising based on the information stored in this cookie.

Tracking cookies can measure the reach of our website. Due to the set cookie we can e. g. track which website was visited before our website was accessed and how our website was used. We use this data e. g. to evaluate our campaigns or to optimize our website.

Technically-required cookies are necessary for the smooth functioning of our website (for example, to apply security settings for the website).

Name of cookieDurationProvider with addressCollected dataPurpose of data processingOpt-Out optionsCategory of data processingData protection information by providerLegal basis of data processing
_ga2 years Google Inc.,
1600 Amphitheatre Parkway
Mountain View, CA 94043 USA
Dwell Time, Clicks on Links, Anonymized IP, Location, Browser, OS, Screen Size, Flash/Java, Referring Site Distinction of usersPrivacy button on websiteTargeting http://www.google.com/policiesArt. 6 para. 1 sentence 1 a) GDPR
_gid24 hours Google Inc.,
1600 Amphitheatre Parkway
Mountain View, CA 94043 USA
Dwell Time, Clicks on Links, Anonymized IP, Location, Browser, OS, Screen Size, Flash/Java, Referring Site Distinction of usersPrivacy button on websiteTargeting http://www.google.com/policiesArt. 6 para. 1 sentence 1 a) GDPR
_gat1 minute Google Inc.,
1600 Amphitheatre Parkway
Mountain View, CA 94043 USA
Dwell Time, Clicks on Links, Anonymized IP, Location, Browser, OS, Screen Size, Flash/Java, Referring Site Restriction of query numbersPrivacy button on websiteTargeting http://www.google.com/policiesArt. 6 para. 1 sentence 1 a) GDPR
tng_auth15 days Telefónica Germany NEXT GmbH
Georg-Brauchle-Ring 50
80992 München
User session tokenUser can log into tingg.io console-Technically Required https://tingg.io/privacy.htmlArt. 6 para. 1 sentence 1 c) GDPR

We have placed links on our website to websites of other providers. We are not responsible for the data processing on these websites. Please consult the privacy policy of the respective provider to learn how they handle data processing.

III. Your right to object 📘

You have the right at any time, for reasons arising from your particular situation, to object to the processing of your personal data, which is based on Article 6 (1) lit. e) GDPR or Article 6 (1) lit. f) GDPR; this also applies to profiling based on these provisions. We will then no longer process such personal information for these purposes unless we can demonstrate compelling legitimate grounds for processing which override your interests, rights and freedoms, or the processing is for the purpose of establishing, exercising or defending legal claims. Such objections can be asserted against the controller.

If personal data is processed for direct advertising, you have the right to object at any time to the processing of such personal data for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct advertising. You can declare your objection to direct advertising to our data protection officer.