Data privacy at a glance
We value your trust. This means we take the protection of your personal data very seriously. We treat your personal data with confidentiality and in accordance with the provisions of data privacy law and this data privacy statement.
When you use the IT’S MY BIKE service portal, we collect a variety of personal data. This data privacy statement explains the data that we collect and what we use them for. It also describes how this is carried out and why.
Who is responsible for IT’S MY BIKE data processing?
The operator handles data processing for this app.
IoT Venture GmbH
c/o HUB 31
Phone: +49 611 205 68 422
How can you contact the Data Protection Officer?
What data do we process?
Mainly the following data categories are processed for the use of IT’S MY BIKE services:
- The user’s contact and contract details
- Bicycle data
- The IT’S MY BIKE tracker’s/e-bike’s location data
- Journey data
Your IP address is also stored for a maximum of seven weeks to ensure that our service is secure and functions correctly. The legal basis for such storage is Art. 6 (1) (f) GDPR.
What do we use your data for? What is the legal basis?
Data need to be processed to use the IT’S MY BIKE services and to locate your bike if you report it missing. Data need to be processed to comply with contracts and processing has its legal basis in Art. 6 (1) (b) GDPR.
If we should process your personal data for any other purpose, they are processed on the basis of separate consents you have granted as per Art. 6 (1) (a) GDPR or on the basis of our legitimate interest as per Art. 6 (1) (f) GDPR.
Who receives your data?
Within our company, the only persons and offices who receive your personal data are those who require them to fulfil our contractual or statutory obligations.
If several users are registered with a tracker number, the name that you used to register will appear alongside the other users of the same tracker.
We may also transmit your personal data to other recipients outside the company if this transmission is used to fulfil contractual and statutory obligations. These recipients may be rescue and emergency workers or contractual partners.
If you use the Emergency Assistant service, data are transmitted to external emergency assistance partners. These data include the registered user’s name and telephone number and the bike’s GPS data. Telephone conversations are also recorded for safety reasons and erased after 90 days. The other data are anonymised after 90 days, so they can no longer be associated with a specific person.
We use different service providers to fulfil our contractual and legal obligations. This is the case with data hosting, for example. As a general rule, all data are stored on servers within the EU or, in exceptional cases, in the US. No data are transferred to any other countries outside the EU.
If personal data are also processed in the US, we ensure that the contractor is registered with the EU-US Privacy Shield framework. The privacy shield is based on an agreement between the European Union and the US and ensures that any data transfer from the EU to the US is given the same level of data protection in the US as it would be given in the EU.
What are your rights with respect to your data?
You have the right to receive information on the source, recipient and intended use of your stored personal data free of charge at all times. You also have the right to request rectification, suspension or erasure of such data. You may contact us or our Data Protection Officer at any time for further information on this topic or matters related to data privacy. Moreover, you also have a right of appeal to the competent supervisory authority. The competent supervisory authority for matters of data privacy law is the State Data Privacy Authority in the German Federal State of Hesse, where the company has its registered office. You will find a list of data protection authorities and their contact details at: https://www.bfdi.bund.de/ZASt/EN/Home/home_node.html