Bike Companion

Privacy policy

Identification of the responsible entity

The responsible entity for data processing on this website as well as in the app is:

aves software e.K.
Justin Andreas Lacoste
Spannstraße 18
44328 Dortmund, Germany
kontakt@aves.software

The responsible entity alone or jointly with others decides on the purposes and means of processing personal data (e.g., names, contact details, etc.).

Revocation of your consent to data processing

Some data processing operations are only possible with your explicit consent. You can revoke your consent at any time. An informal notification by email is sufficient for the revocation. The legality of the data processing carried out before the revocation remains unaffected by the revocation.

Right to lodge a complaint with the supervisory authority

In the event of a breach of data protection law, the data subject has the right to lodge a complaint with the competent supervisory authority. The competent supervisory authority regarding data protection issues is the state data protection officer of the federal state in which our company is based. The following link provides a list of data protection officers and their contact details: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

Right to data portability

You have the right to have data which we process automatically based on your consent or in fulfillment of a contract handed over to you or to a third party in a machine-readable format. If you request the direct transfer of the data to another controller, this will only be done to the extent technically feasible.

Right to information, correction, blocking, deletion

You have the right to free information about your stored personal data, their origin and recipients and the purpose of data processing at any time within the scope of the applicable legal provisions and, if applicable, a right to correct, block or delete this data. For this purpose and for further questions regarding personal data, you can contact us at any time using the contact options listed in the legal notice.

SSL or TLS encryption

For security reasons and to protect the transmission of confidential content that you send to us as the site operator, our website uses SSL or TLS encryption. This means that data you transmit via this website cannot be read by third parties. You can recognize an encrypted connection by the “https://” address line of your browser and by the lock symbol in the browser line.

Personal data collected

The following personal data is collected through registration and usage:

Name and EmailIdentification of the user & login
PicturesPictures uploaded during the use of the app
Firebase Cloud Messaging (FCM) IDFor delivering push notifications
Geographical regionMarketing & Analysis, for determining local motorcycle manufacturers
Phone modelMarketing & Analysis

Hosting

We host the content of our app with the following provider:

Amazon Web Services (AWS)

The provider is Amazon Web Services EMEA SARL, 38 Avenue John F. Kennedy, 1855 Luxembourg (hereinafter AWS).

When you use our app, your personal data is processed on AWS servers. Personal data may also be transferred to AWS’s parent company in the USA. The data transfer to the USA is based on the EU Standard Contractual Clauses. Details can be found here: https://aws.amazon.com/de/blogs/security/aws-gdpr-data-processing-addendum/.

For further information, please refer to AWS’s privacy policy: https://aws.amazon.com/privacy/?nc1=h_ls.

The use of AWS is based on Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in a reliable presentation of our app. If consent has been requested, processing is based exclusively on Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information on the user’s terminal device (e.g., device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time.

The company is certified under the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the United States aimed at ensuring compliance with European data protection standards in data processing in the USA. Each company certified under the DPF undertakes to comply with these data protection standards. Further information can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt0000000TOWQAA4&status=Active

Data Processing Agreement

We have concluded a Data Processing Agreement (DPA) for the use of the above-mentioned service. This is a legally required data protection agreement that ensures that the personal data of our website visitors is processed only according to our instructions and in compliance with the GDPR.

Google AdMob

Nature and scope of processing

We use Google AdMob, a mobile advertising tool, in our app. The service provider is the American company Google Inc. For the European region, the company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services.

Google processes data from you, including in the USA. Google is an active participant in the EU-US Data Privacy Framework, which regulates the correct and secure transfer of personal data from EU citizens to the USA. More information can be found at https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en.

In addition, Google uses so-called standard contractual clauses (= Art. 46. Para. 2 and 3 GDPR). Standard contractual clauses (Standard Contractual Clauses – SCC) are model templates provided by the EU Commission and are intended to ensure that your data also comply with European data protection standards when transferred and stored in third countries (such as the USA). Through the EU-US Data Privacy Framework and the standard contractual clauses, Google undertakes to comply with European data protection standards when processing your relevant data, even if the data is stored, processed, and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses, among other things, here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

The data processing terms for Google advertising products (Google Ads Controller-Controller Data Protection Terms), which refer to the standard contractual clauses, can be found at https://business.safety.google/intl/de/adsprocessorterms/.

You can learn more about the data processed by using Google AdMob in the Privacy Policy at https://policies.google.com/privacy?hl=de.

Google Firebase

Nature and scope of processing

We use Google Firebase, a cloud service for various purposes, including sending push notifications, in our app. The service provider is the American company Google Inc.

For further information, please refer to Google Firebase’s privacy policy: https://firebase.google.com/support/privacy?hl=de