User Tools

Site Tools


manual:about:permissions

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
Next revisionBoth sides next revision
manual:about:permissions [2016/12/08 16:42] mstupkamanual:about:permissions [2021/02/19 14:55] mstupka
Line 1: Line 1:
-====== Privacy Policy ====== +====== Personal Data Processing Policy ======
-<WRAP center round important> +
-**Application Locus Map does not collect, save, publish nor share any of its user's private or otherwise sensitive information. All permissions stated below are necessary for running particular application features only.** +
-</WRAP> +
- +
-===== Why Locus needs access to photos, videos, microphone and other permissions =====+
  
 ---- ----
  
-Locus Map is growing. Over the years of development it contains more and more features that require permission from the Android Operation System. The main reason of it is of course your protection as the user. 
  
-<WRAP center round info> +In accordance with Regulation of the European Parliament and of the Council (EU) 2016/679 ("GDPR"), this Personal Data Processing Policy provides all relevant information on the processing of personal data pertaining to you, the data subject, in connection with the Locus Map application and related services, including the web platform (jointly referred to as "Application"). This Personal Data Processing Policy does not apply to the Locus Forum and Locus Helpdesk platforms, offered as separate services.
-A list of all available permissions for Android platform is [[http://developer.android.com/reference/android/Manifest.permission.html|here]] - as you can see bellow, Locus Map uses only a few of them. +
-</WRAP>+
  
-A complete list of all the permissions and their explanation:+===== Who is responsible for processing your personal data? =====
  
 +The controller of personal data is Asamm Software, s.r.o., Business ID: 24225321, a company with registered office at Krhanická 719/25, 142 00 Prague 4 – Kamýk, Czech Republic ("Controller" or "We").
  
-----+===== For what purposes do We process your personal data? =====
  
-==== Basic Android permissions ==== 
  
-  * //android.permission.ACCESS_COARSE_LOCATION// +The purpose of processing your personal data is to allow you to use the Application and related servicesto carry out the maintenance and improvement of the functions of the Application, and to communicate with you, given that you are the Controller's customer. 
-    * allows **access to Wi-Finetwork location**+
  
-  * //android.permission.ACCESS_FINE_LOCATION// +Your personal data are necessary for creating your user account through which you will be able to use certain functions of the ApplicationIn addition, the Application allows, either publicly or privately, sharing your geographic position in real time with an unspecified number of other persons as well as storing a record of your previous itinerary recorded in the Application. 
-    * allows to **acquire GPS location**+
  
-  * //android.permission.ACCESS_LOCATION_EXTRA_COMMANDS// +Profiling takes place only in the framework of the use of the Locus Store function (improvement of commercial offers based on your Locus Store purchase history) and the Track Recording function (for example, the calculation of calories burned during sports activities).
-    * allows **disabling the A-GPS data status and forcing system to load new**+
  
-  * //android.permission.ACCESS_MOCK_LOCATION// +===== What personal data do we process? =====
-    * allows **creating and receiving simulated locations**+
  
-  * //android.permission.ACCESS_NETWORK_STATE// +When you use the Application, we collect and process some or all of the following data, which you provide during registration, which are generated while you use the Application, or which you enter into the Application
-    * allows **testing if internet connection is available**+The mandatory data needed for the registration of your account in the Application include first name, last name, and e-mail address. The same applies to logging into the Application through third-party services and social networks, such as Facebook.
  
-  * //android.permission.ACCESS_WIFI_STATE// +Since the Application has a nature of map and navigation software, it uses location data from your mobile device to determine your position.
-    * allows to **check Wi-Fi network state** (connected/disconnected)+
  
-  * //android.permission.BLUETOOTH// +If you use the Application's relevant functions, we collect data on your history of purchases made via the Application, ways in which you use the Application, location data, and search historyIf you use the Application's web platform, we also retain the IP address for the purpose of communicating with your device
-    * allows to **work with (connect to) a Bluetooth device**+Optional data you provide during registration include your profile photograph and designation of your end-user device. If you use the relevant functions, you can also upload multimedia content into the Application, such as your photographs in specific locations.
  
-  * //android.permission.BLUETOOTH_ADMIN// +In addition, the Application can optionally process your biometric dataFor the purposes of calculating other parameters of recorded movement, you can enter into the Application such data as age, sex, height, and weightUsing the measuring capabilities of a suitable end-user device, the Application can also monitor and process such data as heart rate, heart rate bands, lactate threshold, cadence, and temperature. The scope of the foregoing data may change depending on the development of the Application's functions.
-    * allows to **search for and pair Bluetooth devices**+
  
-  * //android.permission.GET_ACCOUNTS// +The Application uses Firebase Analytics, analytical software provided by Google that analyses certain data on devices and ways in which the Application is used by the userSuch data are used exclusively for analytical purposes.
-    * allows to read the list of **available Google accounts** (for possibility to enter **Locus Store** or launch **Live tracking**). +
-      +
-  * //android.permission.MANAGE_ACCOUNTS// +
-    * allows **restoring expired access to a logged in account**Each account has its validity time and when this expires a request for re-login has to be made.+
  
-  * //android.permission.USE_CREDENTIALS// +If you use the Application's web platform, we store cookies on your deviceCookies contain technical information necessary for communication, login into your user account, and, where applicable, analytical data.
-    * allows to **request auth_tokens from the AccountManager**This means that Locus Map may request you to login to your account without writing any username/password information into the app.+
  
-  * //android.permission.INTERNET// +To use certain functions, such as functions related to the Geocaching service, you will be asked to log into third-party servicesLogin takes place directly within the third-party systemin which case we process through the Application only the verification identifier obtained from the login process or your user name and profile photograph from a given third-party service for the purpose of displaying them in the Application.
-    * allows **downloading map tilesaddress search** and more tools+
  
-  * //android.permission.KILL_BACKGROUND_PROCESSES// +===== What is the legal basis for processing your personal data? =====
-    * allows to **restart the app and also kill it after exit**. Thanks to this Locus Map is removed from the system memory when closed+
  
-  * //android.permission.NFC// +Processing some of your personal data is necessary for the performance of the license agreement you have entered into with Us ("License Agreement"), particularly for allowing your use of the Application's applicable functionsSuch processing is compliant with Article 6(1)(b) GDPR.
-    * required for **handling NFC system**+
  
-  * //android.permission.RECEIVE_BOOT_COMPLETED// +Some of your personal data pertaining to analytical outputs are further processed in accordance with Article 6(1)(f) GDPR, based on the Controller's legitimate interest in improving and maintaining the Application or, where applicable, for protecting property rights after the performance of the Licensing Agreement and for monetizing the Application through advertising.
-    * required for **automatic backup feature**+
  
-  * //android.permission.VIBRATE// +Based on the Controller'aforestated legitimate interest, the Controller will occasionally send you a newsletter to inform you about news concerning the Application.
-    * allows to **control the device'vibrator for notifications**+
  
-  * //android.permission.WAKE_LOCK// 
-    * allows to **keep Locus Map awake if required by user** for some demanding tasks like track recording etc. 
  
-  * //android.permission.WRITE_EXTERNAL_STORAGE// - <wrap important>limited in Android 4.4.2 and later</wrap> +===== How long do we keep personal data? =====
-    * allows **handling the external storage card** - for reading external maps, storing vector maps, backup and SRTM data +
-    * allows also **accessing your photos and videos** so that they are available as attachments to points+
  
-  * //android.permission.RECORD_AUDIO// +Data the processing of which is required for the purposes performing the License Agreement are processed for no longer than the term of the License Agreement, unless otherwise specified belowBasic identification data are processed during three years after the termination of the License Agreement, a period that coincides with the limitation period pertaining to property rights arising from the License AgreementFor the purposes of the "Live Tracking" function that allows sharing your current location, we process your current location data only until the time of exiting the Application; data are deleted without unnecessary delay afterward. 
-    * allows **access to microphone** for recording of audio as attachment to points+
  
-----+You can change your optional data at any time, for example by deleting an uploaded photograph from the Application. In such a case, the Controller will terminate the processing of such data no later than as of the time at which regular backup data are deleted.
  
-==== Google stuff ====+Any and all personal data processed for analytical purposes are processed only until the compilation of statistical data; afterward, data are automatically deleted. The Controller subsequently analyzes only anonymized summary data. 
 +Cookies are kept for a period of 30 days after being stored on your device.
  
-  * //com.android.vending.CHECK_LICENSE// +Other data that are not listed above are processed no longer than until the time at which your user account will be deleted.
-    * used to **check your license**+
  
-  * //com.android.vending.BILLING// +===== To whom do we provide your personal data? =====
-    * allows to **provide in-app billing**+
  
 +Where the Controller transmits your personal data to third parties, the Controller does so for the purpose of fulfilling one of the purposes listed above. Typically, personal data are provided to personal data processors or to other controllers. In the further processing of your personal data, the Controller uses third-party services inside and outside the European Union, such as Host Europe GmbH, DigitalOcean Inc., Google Inc., and Google Ireland Limited, that is entities providing services necessary for the operation of the Application, server hosting, and, where applicable, analytical services. Necessary personal data are provided to the foregoing entities exclusively for the foregoing purpose.
  
-  * //com.google.android.providers.gsf.permission.READ_GSERVICES// +For the purpose of providing personalized advertising in the Application through the Google AdSense platform, some of your personal data may be provided to third parties acting as independent controllers of such data. For additional information on the Google AdSense service, visit https://policies.google.com/technologies/ads.
-    * allows **access to Google services** (for Locus Store, Google Analytics, planned Cloud to device messaging etc.)+
  
-----+After logging into your user account in the Application and on the Controller's website at http://www.locusmap.app ("Website"), the Controller uses Firebase Authentication services provided by Google Ireland Limited. These services rely on a unique identifier (ID token) for your identification across a variety of the Controller's and third-party services. The ID token contains your basic identification data, particularly first name, last name, e-mail address, IP address, and, where applicable, profile photograph. For this purpose, we store your IP address for several weeks after login and the other data listed above until the time at which your user account used in the Application is fully closed. Subsequently, your data are stored for 180 days in the framework of the procedures for backing up data on our servers. 
 + 
 +In case that you activate the Application's incident reporting function, your location data and, if applicable, biometric data are transmitted to the contact persons you specify in the Application. 
 + 
 +Moreover, your personal data are also transmitted based on your consent and instruction you give us by using the applicable function that allows sharing selected data with third parties. Explicit information to the foregoing effect is provided to you through the Application. The Controller bears no liability for any processing carried out by the recipient of such data selected by you, owing to the absence of a decision on appropriate protection and adequate guarantees within the meaning of the GDPR, such transmission entails risk and may not provide sufficient protection for your personal data. If you choose to export your personal data to a recipient from a third country outside the European Economic Area, you will be asked for express consent prior to such transmission. 
 + 
 +If you share your itinerary from your library through the Website, you will be able to choose, prior to sharing, whether or not the itinerary will be shared in conjunction with your basic identification data (first name, last name, e-mail address, and, where applicable, uploaded photograph). This function is available only to registered users. 
 + 
 +If you decide to use the Application's Live Tracking function to share your current location in a public group, your user name and current geographic position will be publicly displayed to all persons visiting the Website as well as in the Locus Map application. The Controller does not unilaterally block access to the Website to users from any country, including countries outside the European Union. Selecting whether your current position is shared in real time privately and publicly can be done directly in the Application. 
 + 
 +Your name and location data are shared in the framework of the Live Tracking function only after the activation of the Live Tracking in the Application, and such sharing lasts until you deactivate this function or exit from the Application on your device. The fact that you activate the Live Tracking function and the fact that your name and current position at a given time are actively being shared is indicated in the Application by displaying a rotating arrows icon in the system tray of your device. 
 + 
 +===== What are your rights? ===== 
 + 
 +You have the following rights under the GDPR: 
 +  * the right to request the Controller to provide access to personal data in accordance with Article 15 GDPR 
 +  * the right to request correction of personal data in accordance with Article 16 GDPR 
 +  * the right to request the erasure of unlawfully processed personal data in accordance with Article 17 GDPR 
 +  * the right to request restriction of personal data processing subject to the conditions laid down in Article 18 GDPR 
 +  * the right to portability of personal data in accordance with Article 20 GDPR 
 +  * the right to object the unlawful processing of personal data in accordance with Article 21 GDPR 
 +The Controller hereby informs you that no automated decisions will be made based on the aforestated personal data within the meaning of the GDPR.  
 + 
 +You also have the right to object the processing of personal data at any time, including, where applicable, profiling, due to reasons pertaining to your specific situation. You can exercise the right to raise objection at any time due to reasons pertaining to your specific situation in case that your personal data are processed for direct marketing purposes, including, where applicable, thereto related profiling.
  
-==== ANT+ support ====+If the processing of your personal data violates any provision of the GDPR, you can contact the Controller to rectify the violation. In addition, you can submit the matter to the oversight body, specifically the Office for Personal Data Protection at Pplk. Sochora 27, 170 00 Prague 7, Czech Republic.
  
-  * //com.dsi.ant.permission.ANT// +The Controller may update this Personal Data Processing Policy from time to time as necessaryKindly pay attention to the current version of this Personal Data Processing Policy, which is available HEREWe will inform you of updates of the Personal Data Processing Policy by sending a message to the e-mail address you provide during the registration of your user account through the Application or by means of notifications sent through the Application itself
-  * //com.dsi.ant.permission.ANT_ADMIN// +
-    * allows to **connect and manage connection to ANT+ sensors**+
manual/about/permissions.txt · Last modified: 2021/02/19 15:04 by mstupka