Privacy Policy

of immmr GmbH, Winterfeldtstraße 21, 10781 Berlin (“immmr”, “we” “our”, or “us”)

General provisions

1. Preamble

1.1. At immmr our goal is to provide you with any unique and easy to use communication tool.  immmr GmbH attaches great importance to protecting your personal data. We always inform you what personal data we collect, how your data is used, and how you can influence the process.

1.2. This Privacy Policy amends the terms of service of immmr as well as any terms of service for purchases applicable.

2. Subject matter

2.1. This Privacy Policy covers any data processing that occurs when you use our service through the mobile or web app, purchase extras or visit the immmr website. Additional data processing occurs, where you use Value Added Services (VAS) from third-party-providers.

2.2. To ensure the protection of your privacy we rely on state of the art technology and our employees. Everyone who works for us has been sworn to data secrecy according to Sec. 5 BDSG (German Data Protection Law).

Data processing when using our app

Use of our service requires registration. To do so, you have to tell us your phone number. After you have registered you can add more details to your account. Some account information such as your name and picture can be seen by other users. All the information you give us will be stored to provide the service to you.

When you use our service you can call, send information, pictures, your locations etc. All that creates data that we process so that you can use our service and access your content from any device. When you chat with somebody we store the encrypted messages itself and other sent content (e.g. pictures, videos or your location) as well as certain information about the communication such as time and date of the communication and who you are chatting with. When you use immmr to call someone we register the time and date of the all and who you are calling.

Data processing when purchasing and using Extras

Within our service you can buy additional functionalities. To provide these, we rely on partners. This makes it necessary to share some of your data with them.

When you purchase extras we will store further information on that purchase in order to fulfill our contractually duties. However, we do not collect any payment information directly. When you purchase extras through the iOS App all payments will be processed by Apple Inc. 1 Infinite Loop, Cupertino, CA 95014, USA. Apple will only store the data required to process the payment.

Data processing when visiting our website

You can visit our website without providing any personal data.

When you visit our website we store the following information in order to establish the connection between your computer and our server:

  • time and duration of your visit,
  • your IP-address,
  • your browser
  • the domain you called and
  • the data downloaded.

To do this we use cookies. The use of cookies is explained in more detail below.

3. Where can I find the information that is important to me?

This data privacy information provides an overview of the items which apply to immmr GmbH processing your data in this web portal.

Further information, including information on data protection for specific products, is available at https://www.telekom.com/en/corporate-responsibility/data-protection-data-security/data-protection and https://www.telekom.com/en/deutsche-telekom/privacy-policy-1744.

4. Who is responsible for data processing? Who should I contact if I have any queries regarding data privacy at immmr GmBH?

immmr GmbH acts as the data controller. If you have any queries, please address your inquiries to: support@immmr.com or the Group Data Privacy Officer, Dr. Claus D. Ulmer, Friedrich-Ebert-Allee 140, 53113 Bonn, Germany datenschutz@telekom.de.

5. What rights do I have?

You have the right:

a) To request information on the categories of personal data concerned, the purpose of the processing, any recipients of the data, the envisaged storage period (Art. 15 GDPR);

b) To request incorrect or incomplete data is rectified or supplemented (Art. 16 GDPR);

c) To withdraw consent at any time with effect for the future (Art. 7 (3) GDPR);

d) To object to the processing of data on the grounds of legitimate interests, for reasons relating to your particular situation (Art 21 (1) GDPR);

e) To request the erasure of data in certain cases under Art. 17 GDPR – especially if the data is no longer necessary in relation to the purposes for which it was collected or is unlawfully processed, or you withdraw your consent according to (c) above or objected according to (d) above;

f) To demand under certain circumstances the restriction of data where erasure is not possible or the erasure obligation is disputed (Art. 18 GDPR);

g) To data portability, i.e. you can receive your data which you provided to us, in a commonly used and machine-readable format, such as CSV and can, where necessary, transmit the data to others (Art. 20 GDPR);

h) To file a complaint with the competent supervisory authority regarding data processing (for telecommunications contracts: the German Federal Commissioner for Data Protection and Freedom of Information (Bundesbeauftragte für den Datenschutz und die Informationsfreiheit); for any other matters: State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia (Landesbeauftragter für den Datenschutz und die Informationsfreiheit Nordrhein-Westfalen).

6. Who does immmr GmbH pass my data on to?

To processors, i.e. companies we engage to process data within the legally defined scope, Art. 28 GDPR (service providers). In this case, immmr GmbH also remains responsible for protecting your data. We engage companies particularly in the following areas: IT, sales, marketing, finance, consulting, customer services, HR, logistics, printing.

Owing to legal obligations: In certain cases, we are legally obliged to transfer certain data to the requesting state authority.

7. Where is my data processed?

In general, your data is processed in Germany and in other European countries.

If your data is also processed in countries outside the European Union (i.e. in third countries) by way of exception, this is done only if you have explicitly given your consent or it is required so we can provide you with services or it is prescribed by law (Art. 49 GDPR). Furthermore, your data is only processed in third countries if certain measures ensure a suitable level of data protection (e.g. EU Commission’s adequacy decision or suitable guarantees, Art. 44 ff. GDPR).

8. What data is recorded, how is it used and how long is it stored?

a) Technical characteristics: When you visit our websites, the web server temporarily records the domain name or your computer’s IP address, the file requested (file name and URL) by the client, the http response code, and the website from which you are visiting us.

The recorded data is used for data security purposes, particularly to protect against attempted attacks on our web server (Art. 6 (1) f GDPR). For the services we provide, we use it to create individual user profiles and share this information with third parties. Recorded data is kept until services are being used. We reserve the right to statistically analyze anonymized data records.

b) User surveys/customer feedback with SurveyMonkey: These websites and our services use the  SurveyMonkey service, Europe UC, 2nd Floor, 2 Shelbourne Buildings, Shelbourne Road, Dublin, Ireland, to provide customer surveys. Website ratings and your feedback can be surveyed (Art. 6 (1) a GDPR). Our customers’ opinions and improvement suggestions crucially help us improve our websites and services. Only anonymous information is processed and there is no way of tracing the sender. Personal data or personally identifiable data is not transferred at any time. We store and analyze the data for an indefinite time.

There are two different ways of conducting the surveys:

1. The feedback button on the website. You can use this button at any time to provide us with your feedback. No data is transferred unless you use this function.

2. An active feedback survey can also be displayed on the website. You can reject this survey or cancel it at any time. Answers are only sent once you have completed the survey.

c) Blog: When you post comments within our blog section, the web server records your name, comment,  email address and website data. Recorded data is kept for as long as the blog exists which is currently indefinite.

d) Newsletter: When you subscribe to our newsletter, the web server records your email address to keep you updated with latest news related to the service. Recorded data is kept until you unsubscribe from the newsletter.

9. Will my usage habits be evaluated, e.g. for advertising purposes, tracking or fraud prevention?

Fraud prevention: To protect you from fraud we process your data internally within our service.

10. Explanations and definitions

We want you to enjoy using our websites and take advantage of our products and services. We have an economic interest in ensuring this is the case. We analyze your usage habits on the basis of anonymized or pseudonymized data so you can find the products that interest you and so we can make our websites user-friendly. We or companies commissioned by us to process data create usage profiles to the extent permitted by law. Subsequently we inform you generally about the various purposes and techniques. Afterwards you have the right to revoke your consent. However, please remember that in this case you may not have access to the full range of functions offered by our websites.

a) Purposes (Art. 6 (1) f GDPR / §15 (3) German Telemedia Act (Telemediengesetz – TMG)

Tag management

Tag management is used to manage tracking tools in websites. A tag is set for each page to do this. Based on the tag, the system can determine which tracking tools should be used for this page. Tag management can be used to specifically control tracking so that the tools are only used where appropriate.

Market research / Reach measurement

Reach measurement provides statistics on a website’s usage intensity and the number of users, along with comparable figures for all the connected services. Individual users are not identified at any time. Your identity is always protected.

Profiles for designing the web portal based on needs

We use clickstream analysis to improve our websites and services constantly. The clickstream corresponds to your movement path on the websites. Analyzing the movement paths provides us with an insight into usage habits on our websites. This lets us identify possible

structural errors in the websites and thus improve the websites so they are optimally tailored to your needs. Individual users are not identified at any time.

b) Techniques

Cookies

We use cookies for certain services. These are small text files that are stored on your computer. They enable the system to tell if you repeatedly visit websites from the same computer.

Session cookies are cookies which are only stored on your computer for the duration of your Internet session and are required for transactions (e.g. to log in or to complete a purchase). They simply contain a transaction ID.

For certain services, we use persistent cookies, which are stored on your computer for future sessions. In this case, we notify you about the cookie’s storage period.

You can set your browser to prevent these cookies being stored or to delete the cookies at the end of your Internet session. However, please remember that in this case you may not have access to the full range of functions offered by our websites. For information about browser settings go to: https://www.sicherdigital.de/sicher-surfen#sicher-surfen-browsereinstellungen

Measurement pixels

Measurement pixels are simply images measuring 1×1 pixels. They are transparent or are the same color as the background, making them invisible. If a website is opened that contains a measurement pixel, this small image is then downloaded from the provider’s server on the Internet and the download is recorded on the server. This way the process provider can see when and how many users requested this measurement pixel or visited a website. The provider can also see whether JavaScript is enabled or not in the browser. If JavaScript is enabled, additional information such as browser information, operating system, screen resolution can be recorded.

This function is normally executed by calling JavaScript; nonetheless the term measurement pixel is still used.

JavaScript

JavaScripts are used to call the application and to transfer the collected parameters to the particular service provider/measurement pixel provider.

We use the following trackers for purposes of marketing and optimization of our services:

  • 360dialog by 360dialog GmbH, Saarbrücker Straße 36-38,10405 Berlin, Germany
  • Apteligent by Apteligent Inc., 760 Market Street, Suite 1101 San Francisco, CA 94102, USA
  • Adjust GmbH, Saarbrücker Straße 38a 10405 Berlin, Germany
  • Tealium by Tealium Inc. 11095 Torreyana Road, San Diego, CA 92121, USA
  • Webtrekk by Webtrekk GmbH, Robert-Koch-Platz 4, 10115 Berlin, Germany.

You can consult further information on cookies and the individual providers on the websites www.meine-cookies.org or www.youronlinechoices.com.

Here you can also choose not to receive usage-based online advertising from a single or from all of these companies at http://www.youronlinechoices.com/de/praferenzmanagement/.

10. Services from other companies that assume responsibility for providing their services

Google

We use Google Maps capabilities for enabling you to share your location to other user within our service.

11. Data security

11.1. We have taken extensive technical and operational measures to protect the personal data collected by us against unauthorized access and misuse. Our security procedures are revised regularly and adapted to reflect technological progress.

11.2. All data transfer between you and us whether it is through our app or our website is encrypted using 128 Bit TLS 1.2.

Last updated: June 2018