Privacy Policy

Use of our mobile app (“inomatic”)
Valid from: 01.12.2025
The privacy policy consists of a total of pages (§§ 1-10)

§ 1 Information on the processing of personal data

(1) In addition to our online offering, we provide you with a mobile app ("inomatic") for Android and iOS, which you can download to your mobile device. In this privacy policy, we inform you about which personal data is processed when you use the app and for what purposes this is done. Personal data is any information relating to an identified or identifiable natural person (e.g., name, contact details, device identifiers, usage data).

(2) The controller within the meaning of Art. 4 No. 7 DS-GVO is:

inomatic GmbH

Karl Braun Straße 12, 48531 Nordhorn, Germany

E-Mail: Johannes.Siebert@inomatic.de

(3) If you contact us by e-mail, we will process the data you provide (e.g., e-mail, address, name, phone number, and the content of your message) in order to process and respond to your inquiry. The legal basis for this is Art. 6 (1) (b) DS-GVO insofar as it concerns pre-contractual or contractual communication, otherwise Art. 6 (1) (f) DS-GVO (legitimate interest in processing inquiries). The data collected in this process will be deleted as soon as it is no longer required for processing and there are no legal retention obligations to the contrary.

(4) For the technical operation, hosting, and maintenance of the app, we may use specialized service providers, who process personal data on our behalf and in accordance with our instructions (contract processing in accordance with Art. 28 DS-GVO). These service providers are carefully selected and contractually bound to data protection. Further disclosure of data to third parties occurs only if this is required by law or if you have expressly consented to this.

§ 2 Your rights

(1) You have the following rights with regard to the processing of your personal data in accordance with Articles 15-21 of the DS-GVO:

• Right of access

• Right to rectification or erasure

• Right to restriction of processing

• Right to object to processing

• Right to data portability

• Right to withdraw consent with future effect.

(2) You also have the right to lodge a complaint with the competent supervisory authority regarding the processing of your personal data (Art. 77 DS-GVO).

§ 3 Processing of personal data when using our mobile app

(1) Processing when downloading the app

When downloading the app from the Apple App Store or Google Play Store, certain information is transferred to the respective store operator (e.g., user account, e-mail address, time of download, payment information for paid offers, device identifiers). We have no influence on this data processing and are not responsible for it; it is carried out exclusively under the responsibility of the respective platform operator. We only process this data to the extent necessary for the provision and installation of the app on your device.

(2) Technically necessary data processing in the app

When you use our app, the technical information required for its operation, stability, security, and error analysis is processed automatically. This may include the following data in particular:

• IP address

• Date and time of requests

• Technical log data (e.g., status codes)

• Operating system and version of the end device

• App version

• Language settings

• Device type/model

• Error messages and crash information (if technically necessary).

The processing of this data is technically necessary in order to provide the app, ensure its functionality, and detect and remedy security incidents. The legal basis is Art. 6 (1) (f) DS-GVO (legitimate interest in secure and stable app operation).

(3) Processing in connection with the IoT module

The app is used to connect to an IoT module you have installed, which controls various vehicle functions (e.g., interior lighting, heating, air conditioning, pumps). In this context, we process the following in particular:

• Identification data of the IoT module (e.g., module ID, serial number)

• Technical status and configuration data of the module

• Control commands that you initiate via app

• Feedback from the module on the execution status (e.g., successfully executed, error message).

This processing is necessary to provide the app functions you have requested (control of your vehicle via the IoT module). The legal basis is Art. 6 (1) (b) DS-GVO (fulfillment of the user or contractual relationship). No further evaluation for marketing or profiling purposes takes place.

§ 4 Use of the camera (QR code scan)

(1) The app accesses the camera on your device to scan the QR code attached to your IoT module and thus establish a secure connection between the app and the module. Access to the camera is only granted after you have given your consent in the operating system or in the app. The legal basis is Art. 6 (1) (a) DS-GVO. Without this consent, the IoT module cannot be paired via QR code.

(2) The camera is used solely for the duration of the QR code scanning process. The camera image is only processed in real time in order to read the technical information contained in the QR code (e.g., module ID, connection token). No photos or video data are stored, logged, or transmitted to third parties.

(3) Only the technical content read from the QR code (e.g., module ID and necessary connection parameters) that is required to pair your IoT module with the app and provide the control functions is processed and- to the extent necessary for the connection-stored. The legal basis for this is Art. 6 (1) (b) DS-GVO (fulfillment of the user agreement).

(4) You can revoke or restrict camera permission at any time in the settings of your mobile operating system. Please note that the pairing function via QR code will no longer be available if camera permission is deactivated.

§ 5 No processing of certain categories of data

The app is designed to process only the data necessary for the functions described. In particular, the app does not currently process the following categories of data

• Location data / GPS

• Contacts / Address book

• Calendar data

• Locally stored photos or other media files (except for the temporary camera stream for QR code scanning)

• Microphone recordings

• Advertising IDs (e.g., IDFA, GAID) for advertising purposes

• Cookies or comparable tracking technologies

• Usage profiles for advertising, analysis, or remarketing purposes

• Transfer of personal data to advertising networks.

§ 6 No cookies / No tracking

The app does not use cookies or any analytical or advertising tracking tools. User behavior is not evaluated for marketing or profiling purposes. Any technical log data that may be collected is used exclusively to ensure operation, for error diagnosis, and for IT security (Art. 6 (1) (f)DS-GVO).

§ 7 Objection and withdrawal

(1) You may withdraw your consent (e.g., for camera access) at any time with effect for the future. The lawfulness of the processing until the time of revocation remains unaffected (Art. 7 (3) DS-GVO).

(2) Insofar as we process your data on the basis of Art. 6 (1) (f) DS-GVO (legitimate interests), you have the right to object to the processing at any time for reasons arising from your particular situation (Art. 21 DS-GVO). If an objection is lodged, we will no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or the processing serves to assert, exercise, or defend legal claims.

(3) You can send us an objection or withdrawal in particular via e-mail to [Johannes.Siebert@inomatic.de].

§ 8 Data deletion and storage period

• Technical log data is only stored for as long as is necessary for the operation of the app, for error analysis, and to ensure security; it is then deleted or anonymized.

• Data processed in connection with the pairing and use of the IoT module will be deleted as soon as it is no longer required for the operation of the connection or you unpair the device, unless statutory retention periods prevent this.

• Communication data (e.g., e-mail inquiries) will be deleted after processing has been completed and any statutory retention periods have expired.

§ 9 Provision of the privacy policy

This privacy policy is available

• on the app's offer page in the respective app store via a corresponding link ("Privacy Policy") and

• within the app via the menu under "Settings → Privacy Policy" (accessible within a maximum of two navigation steps).

§ 10 Changes to the privacy policy

We may update this privacy policy as required by technical developments, new app function, or changes in legal requirements. The current version can be viewed in the app and on the app store's product page. Previous versions will no longer apply once a new version comes into effect.