In addition to the data protection declaration of KOSMOS (https://www.kosmos.de/de/content/Footer/Legal/Datenschutz), the following data protection provisions apply specifically to the use of our app.
- Preface and selected terms
- GDPR is the abbreviation for the European Data Protection Regulation.
- BDSG is the abbreviation for the Federal Data Protection Act in its current version.
- Personal data are all individual details that allow conclusions to be drawn about a natural person (for definition see Art. 4 (1) GDPR). This includes, for example, names, e-mail addresses, telephone numbers, but also data such as IP addresses or customer numbers.
- The processing of personal data includes all operations, for example the collection, storage, transmission, archiving or deletion of personal data (definition Art. 4 (2) GDPR).
- The data subject within the meaning of data protection law is any natural person from whom personal data are processed.
- Further definitions of terms can be taken from the General Data Protection Regulation, which can be found in Art. 4 of the GDPR (Definitions).
- Responsible Party and Data Protection Officer
Responsible Party for processing of personal data
Franckh-Kosmos Verlags-GmbH & Co KG
Pfizerstraße 5 - 7
DPO External Data Protection Officer Stuttgart
Certified Data Protection Officer
Phone: +49(0)176 32744172
- Data exchange when using the App
Principle: Local processing
All processing takes place exclusively locally on your terminal device; deleting the app simultaneously leads to the deletion of all data processed with the app. We have configured our app so that it does not send any data to our servers. This also includes metadata that accumulates as part of server log files. The use of the app is completely anonymous. This means that Kosmos Verlag does not know the user and cannot establish any connection to your identity.
Exception: Sending anonymized crash reports based on your consent
If you have consented to this, a report will be generated in the event of a crash of the app and sent to us for analysis of the cause of the crash. We use the service Sentry to receive these crash reports, provider is Functional Software Inc, 132 Hawthorne Street, San Francisco, California 94107, USA. When sending crash reports, no personal data is stored, only information about the type of device used, operating system and its version, date and time. For the transmission of the crash report to Sentry, however, your IP address is inevitably sent to Sentry once, this is technically necessary for the exchange of data on the Internet. However, this is not stored.
The legal basis for sending the crash reports to the extent described here is your consent within the meaning of Art. 6 (1) lit. a GDPR. You can revoke your consent at any time. To do so, please uninstall the app and install it again.
Sentry is operated on our behalf (under a data processing agreement in the sense of Art. 28 GDPR) by the company SkySpirit GmbH, which supports us in the development and troubleshooting of the app. The company SkySpirit GmbH has concluded a data processing agreement with Sentry on the basis of the EU standard contractual clauses; a sample of this contract can be found at https://sentry.io/legal/dpa. Sentry's data protection declaration can be found at Sentry: https://sentry.io/privacy/.
- Access authorizations on the device
For the full functionality of the app, it is necessary that you grant access rights. We explicitly point out at this point that even by granting access rights, no data exchange with our systems takes place.
You are free to grant access rights; by granting access rights, you allow the app to access certain functions or data in your terminal device; these are processed locally on your device by the app. In this respect, you give the app your consent to process data locally on your device (Art. 6 para. 1 lit. a GDPR). You can revoke the granting of access rights at any time; for this purpose, call up the settings with app permissions in your device. Depending on the operating system, you will find the rights management in the settings under Apps or Permissions. You can find more detailed information on this in the operating instructions for your end device or operating system.
Access to the storage
The app allows you to record data using the camera and the microphone, among other things, and this requires access to the memory.
Access to the camera
Access to the camera is required to record gestures and movements that the robot learns, but images are not recorded. The robot can learn commands based on movements in front of the camera.
Access to the microphone
Access to the microphone is required to record and classify different sounds that are processed by the app to extract a fingerprint that allows distinguishing between different sounds, which the robot learns. The robot can learn commands based on waveforms recorded by the microphone.
Access to Bluetooth
The app requires access to the Bluetooth interface in your device. This is required to connect the robot to, and to control it with, your smartphone.
Note on Bluetooth access in Android-based systems
When using Bluetooth, the right of geolocation is required on devices with Android operating system. This is not specified by our app, but by the operating system. The app does not perform any positioning at this point and does not process any geolocation data.
- Your rights under the basic data protection regulation
Every natural person is entitled to certain rights, these are defined in particular in Articles 15 to 21 and 77 of the GDPR. In principle, you have the following rights, which you can claim from us.
Right to revoke consent given in accordance with Art. 7 (3) GDPR
You can revoke consent given to us at any time without giving reasons with effect for the future.
Right to information according to Art. 15 GDPR (restrictions possible according to § 34 BDSG)
You have the right to request information about the data processed about you and the purposes of the processing at any time.
Right to rectification according to Art. 16 GDPR
If you discover that we are processing incorrect or incomplete data about you, you have the right to rectification.
Right to deletion according to Art. 17 GDPR (restrictions possible according to § 35 BDSG)
You have the right at any time to demand the deletion of your personal data that we process about you. Insofar as a complete deletion is not possible, for example because we have to fulfil legal storage obligations or we can assert legitimate interests for another reason, we will restrict your data until these reasons cease to apply.
Right to restriction of processing in accordance with Art. 18 GDPR
You have the right to request the restriction of the processing of your personal data. To do this, you can contact us at any time at the address given in the imprint. The right to restriction of processing exists in the following cases:
- If you dispute the accuracy of your personal data stored by us, we usually need time to verify this. For the duration of the review, you have the right to request the restriction of the processing of your personal data.
- If the processing of your personal data happened / happens unlawfully, you can demand the restriction of the data processing instead of the deletion.
- If we no longer need your personal data, but you need it to exercise, defend or enforce legal claims, you have the right to request restriction of the processing of your personal data instead of deletion.
- If you have lodged an objection pursuant to Art. 21 (1) GDPR, a balancing of your and our interests must be carried out. As long as it has not yet been determined whose interests prevail, you have the right to request the restriction of the processing of your personal data.
If you have restricted the processing of your personal data, such data may - apart from being stored - only be processed with your consent or for the assertion, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or a Member State.
Right to data portability in accordance with Art. 20 GDPR
You have the right to have data that we process automatically on the basis of your consent or in fulfilment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done insofar as it is technically feasible.
Right to object to certain processing operations and direct marketing pursuant to Art. 21 GDPR.
If your personal data is processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to profiling insofar as it is associated with such direct marketing. If you object, your personal data will subsequently no longer be used for the purpose of direct advertising (objection pursuant to Art. 21 (2) GDPR).
Right of appeal to a supervisory authority pursuant to Art. 77 of the GDPR in conjunction with Section 19 of the German Federal Data Protection Act (BDSG)
In the event of violations of the GDPR, data subjects shall have a right of appeal to a supervisory authority, in particular in the Member State of their habitual residence, their place of work or the place of the alleged violation. The right of appeal is without prejudice to other administrative or judicial remedies.
- Further information
If you contact us, for example by telephone or e-mail, we process your data for the purpose of responding to your inquiry. You will find comprehensive information on the processing of your data in the context of contacting and communicating with us in the general KOSMOS data protection declaration, which you can access via the following link https://www. https://www.kosmos.de/de/content/Footer/Legal/Datenschutz.