Privacy policy

Data Protection Declaration STARFACE Mobile Apps

The responsible party within the meaning of the law is:
STARFACE GmbH
Adlerstraße 61
76137 Karlsruhe, Germany
Tel.: +49 721 50959-600
E-Mail: info@starface.com

We appreciate your visit to our website or the use of our products as freeware or licensed products. We understand data protection as a customer-oriented quality feature. The protection of your personal data and of your personal rights are important to us. We process and use personal data collected during visits to our websites in accordance with the current legal provisions on the protection of personal data. Furthermore, we collect data when using our software for quality assurance purposes. Our websites may contain links to websites from other providers to which this data protection declaration does not apply.

2.1 General

When you visit our websites, our web servers store technical access data by default, such as the IP address of the computer that requested the data, the objects that you requested and retrieved from us, and the date and time of the request. However, this data cannot be assigned to a specific person. We use this technical access information exclusively to improve the attractiveness and usability of our web pages and, if necessary, to identify technical problems on our website at an early stage. In accordance with the principle of data avoidance and data economy, we only collect and store personal data if it is absolutely necessary for the purpose you have requested and you have provided it of your own accord. We use your personal information to process your order, respond to your inquiry, provide you with access to special information and offers, or provide you with special services.

Gemäß dem Grundsatz der Datenvermeidung und Datensparsamkeit erheben und speichern wir persönliche Daten nur, wenn sie für den von Ihnen gewünschten Zweck zwingend erforderlich sind und Sie diese von sich aus angegeben haben. Ihre persönlichen Daten verwenden wir, um Ihren Auftrag zu bearbeiten, Ihre Anfrage zu beantworten, Ihnen Zugang zu speziellen Informationen und Angeboten zu verschaffen oder Ihnen besondere Dienste zu erbringen.

Personally-Identifiable Information refers to data concerning your person. These can comprise your name, postal address or email address. You do not need to release personally-identifiable data to us in order to visit our website. In some cases, it can be necessary for us to ask for your name and address, as well as other information in order to provide the services requested by you. When you use our services, we typically only ask for the data required to provide these services. We may ask for additional information which you can submit on a voluntary basis. whenever we process personally-identifiable information, we do this to be able to offer you our services or because we need to as part of our commercial interests.

The user of the STARFACE app can choose to display the contacts stored locally on their device in the App in the menu "Contacts -> Phone". This can only be triggered manually by the user and must be confirmed via the displayed permission request notification (it cannot be displayed automatically). In the permission request, the user is informed about the processing of local telephone contact data within the STARFACE Mobile App:

• The STARFACE Mobile App accesses, as described above (Usage of the feature "Contacts -> Phone"), the local contact data in order to display these to the user within the App. This requires a physical interaction with the feature and the confirmation of the data access permission request.
• After permission has been granted, the telephone numbers of the locally-stored contacts can be dialed by the user from within the App.
• The local contacts accessed by the App will not be uploaded to any server.
• The contact data will not leave the user's device.

3.1 General

We use your personal information only for the purposes stated on this privacy information page. Beyond that, personal data will only be collected, processed or used by us if, after careful consideration of all interests, it is necessary to protect the legitimate business interests of STARFACE GmbH. Without your express consent, we will only transfer the personal data you provide to subsidiaries or business partners involved in the execution of an order to the extent necessary for this purpose, but we will not pass it on to other third parties and, in particular, we will not sell it to commercial users or make it available to them for use in any other form.

The STARFACE PBX is on-premise within the customer's network:

Direct authentication with the customer's own server. The STARFACE PBX Server is deployed by the customer and the STARFACE Mobile App connects directly to this Server. No personally-identifiable information is transmitted to STARFACE.

The STARFACE PBX is hosted in the STARFACE Cloud: The STARFACE Mobile App connects to the STARFACE PBX Server in the STARFACE Cloud, personally-identifiable information is transferred between the STARFACE PBX Server and the STARFACE Mobile App. The personally-identifiable information is stored in compliance with the EU General Data Protection Regulation on the customer's own STARFACE PBX Server installation in the STARFACE Cloud datacentre.

In order to log in the user, we process login credentials including the username, name and email address belonging to the user in accordance with Art 6 Paragraph 1 lit.b DS-GVO (Erfüllung von (vor-)vertraglichen Pflichten / Fulfilment of (pre)contractual obligations). Additionally, contact information, communication data and connection data are processed by STARFACE in accordance with Art 6 Paragraph. 1 lit.b DS-GVO (Erfüllung von (vor-)vertraglichen Pflichten / Fulfilment of (pre)contractual obligations).

Data transmitted during the session is encrypted, so that STARFACE has no access to the unencrypted source data. A perpetual storage of audio and/or video data does not take place, they may be stored temporarily until the end of the session for technical reasons. The processing of this data occurs in accordance with Art 6 Paragraph 1 lit.b DS-GVO (Erfüllung von (vor-)vertraglichen Pflichten / Fulfilment of (pre)contractual obligations).

You may at any time request in writing, in accordance with applicable law, whether and which personal data about you are stored by us. We will then send you a message to that effect. Please direct your inquiries to our data protection officer (see below). You can also use it to have your data corrected and deleted. The Internet pages use so-called cookies in several places. They serve to make our offer more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and saved by your browser. Most of the cookies we use are so-called "session cookies". They are automatically deleted after the end of your visit. Cookies do not harm your computer and do not contain viruses.

5.1 Google Firebase

Our App uses services provided by Google Firebase, a web analysis tool belonging to Google Inc. ("Google"). Firebase is a part of the Google Cloud Platform and offers services for developers, a list of which can be found here: firebase.google.com/terms/. Some of the services provided by Firebase process personally-identifiable information belonging to the end user. This is a requirement for the use of Google Services. Which types of data are used for which purpose can be found in the Google Firebase Data Processing Declaration: firebase.google.com/support/privacy/. Google Firebase frequently uses "Instance IDs" which, according to information provided by Google, are saved until the end user deletes the ID via the respective API call. Following the execution of this API call, the data is deleted from both the live and backup systems after 180 days. Further details can be found here: firebase.google.com/support/privacy/manage-iids. These Instance IDs are used, for example, to discover to which device notifications have been sent.

We use appropriate technical and organisational means to protect the data you provide against accidental or intentional manipulation, loss, destruction or access by unauthorised persons. Our security measures are continuously monitored and improved in line with technological developments and organisational possibilities.7. Weitere Informationen

Your trust is important to us. So we are always available to answer questions about the processing of your personal data. If you have any questions that this data protection declaration could not answer, or if you would like more detailed information on any point, please contact the data protection officer at any time.