Contact
x
Call us:

Deutsch  |  English  |  Polski

Online Privacy Policy: ELO App

Privacy Policy: ELO App (Android)

The protection of your personal data is an important concern to us. For this reason, we conduct our business in compliance with applicable laws on protection of personal data and data security. Below, we explain what information we collect, how we use it, and who we may potentially share it with.

1.    Responsibility
The company responsible for providing the application (including the DEMO account) is

ELO Digital Office GmbH
(hereafter: "ELO")
Tübinger Str. 43
70178 Stuttgart, Germany

2.    What is personal data?
The subject of data protection is personal data. As per Article 4 No. 1 (GDPR), personal data encompasses all information related to an identified or identifiable natural person; a natural person is considered "identifiable" if they can be identified directly or indirectly, especially by means of an identifier such as a name, ID, location data, user name, or several unique characteristics that are the expression of the physical, physiological, genetic, physical, economic, cultural, or social identity of this natural person. This generally pertains to data such as a person's name, postal address, e-mail address or telephone number, but also usage data. Usage data are those data that are required or are created to use our application (hereafter: "App"). The processing of data includes the storage and transmission of personal data collected.

3.    What is the ELO App?
The ELO App gives you access to the complete ELO ECM repository (operator server). The App allows you to easily navigate through the ELO repository, create new folders, or upload images. You can conveniently view documents such as PDFs, Office documents, images, and e-mail as well as any metadata associated with an object. The App also integrates iSearch technology. You can also view your current tasks and processes (workflows) from the ELO repository. Together with the ELO Workflow Engine, you can approve tasks within current processes or forward them to colleagues. The offline function enables you to download documents from the repository and work with them offline and also means you can view documents when your mobile signal is inadequate or when you are using flight mode.

4.    Which data, in particular personal data, is collected, processed and used?
a)    Data minimization
When using the App, data is collected and processed subject to German and European data protection laws. In accordance with the principle of data minimization, data is only collected and processed if it is absolutely necessary for the App's intended purpose. Equally, data that is no longer needed for the purposes specified here is immediately deleted.

b)    Collecting, storing, processing and use of data when using the App
When using the App, you can record, save, and process your data and files. All the data and files that the App transmits to the corresponding server is subject to the data protection principles of the server operator (the company collecting data is always responsible, i.e. the corresponding server operator). ELO does not have access to this server.

Data and files recorded in a log file for security reasons are not stored on our server (e.g. IP address, date, time and files retrieved). As a result, it is not possible to evaluate this kind of data anonymously to carry out internal studies for statistical purposes regarding user interests and user behavior. Similarly, we do not analyze usage data to create personal user profiles. Furthermore, data is not transmitted automatically for technical reasons (date and time of access, the operating system, the volume of data sent, etc.). In addition, neither the App nor ELO collects, processes or uses data such as IMEI, UDID, IMSI, location data, crash logs, or Analytics relating to the users of the App.

All the data and files recorded, stored, processed and used by you are stored on the server of the corresponding operator. However, temporary data and files can be stored permanently on the user's device until they are deleted by that user. When you close the App, these data and files are not automatically deleted and you can continue to access them provided that they are

a) called specifically (e.g. offline, data sets, etc.) or
b) called as a result of normal use (e.g. document cache).

By default, these data/files are saved to the internal storage so only this App can access the data/files. If corresponding settings were made that enable the user to save the data/files to external storage (e.g. an SD card), then every app with access to this storage medium (e.g. SD card) can see, edit or use the data. The two storage areas are separate and the user can modify the settings for each.

c)    Registering for an ELO account
Before you use the App, you may need to provide the following information: first name, last name, and password. This data is required for the purpose of creating a user account and so that you can authenticate to the App. The access account and corresponding data are stored on the user's device; for logon, the access account connects to the server of the operator/customer (see 4b. section 1 of the ELO App privacy policy (Android)).

d)    Exceptions
•    We use personal data provided by users in accordance with the provisions of German and European data protection law. Personal data (basic data), insofar as these are necessary for establishing, defining and modifying the contractual relationship, are used exclusively for fulfilling the contract. Any further use of the basic data for purposes of market research or for customizing our offers will not take place. Any further use of the basic data for purposes of market research or for customizing our offers will not take place. Personal data (usage data) is only collected, processed and used where required e.g. in order to allow the user to make use of our services and, where applicable, for invoicing purposes. This usage data includes, in particular, data that identifies the user, information on the start, end and extent of usage and information on the services used.

•    We only collect personally identifiable information transmitted by users on a voluntary basis (e.g. when contacting us via e-mail) or on the basis of data protection regulations (e.g. if the user actively sends personal data to ELO via e-mail for the purpose of carrying out a request).

•    We reserve the right to evaluate this usage data in the event of a misuse of the App or other legal violations that may lead to charges being placed with the relevant law enforcement authorities.

•    Test access (DEMO account)/DEMO server
i.    Access
If you want to use the DEMO account to test the App, you must create a DEMO account. To set up this DEMO account, you need to enter your computer's current IP address as well as the date on which you created the account. This is purely for logging purposes.

ii.    Entering and saving data/files to our systems
The DEMO account allows you to test the App and familiarize yourself with its functions. ELO operates the corresponding DEMO system on ELO systems.

Please note that when you use the DEMO account/server, you cannot upload or save data/files to the DEMO app, which means that no personal data is stored or processed during use. However, you can enter personal information and data, for example when using the document feed. In such cases, this data is visible to all users of this DEMO account and as such can be edited. Any personal data that is stored and processed on the ELO systems while testing the App is done so entirely voluntarily and is not required for the DEMO account.

Any information you enter in the course of using the DEMO account/server will not be passed on to third parties (exception: section 6 of the ELO App privacy policy).

5.    Security
i.    Device backups
Depending on the operating system and the version of the App in use, the backup generally secures all data/files including documents within the App (e.g. the keychain and the offline database).

ii.    Offline data
Offline data stored on the device are not encrypted; instead, the security mechanisms provided by the operating system apply. It is possible to encrypt the internal and external storage areas by changing the corresponding Android settings.

6.    Disclosure of information
We will not disclose any data, in particular personal data, to third parties without informing users in advance and without obtaining their consent. We may only disclose information to third parties without notifying the user in advance in the following cases:

•    If it serves to investigate illegal use of the application or demo access, or is required for prosecution, personal data can be disclosed to law enforcement authorities and, if there is concrete evidence of unlawful or abusive behavior, to aggrieved third parties. Disclosure of data may also take place if it serves to enforce general terms and conditions or other agreements. In addition, we are legally obligated to provide information to certain public authorities at their request.

•    We are entitled in accordance with the European General Data Protection Regulation (GDPR) to commission specifically selected companies or individuals to undertake or carry out those tasks in our name that are associated with the purposes set out in this Privacy Policy. These include, for example, Internet providers, server operators, and other companies or individuals providing supporting services. Such enterprises may be granted access to personal data which they need in order to perform their activities; these companies or individuals are not permitted to use the data for any other purposes.

•    As our business continues to develop, the structure of ELO Digital Office GmbH may change in that the legal form can change, and subsidiaries, business units or components can be established, purchased, or sold. In such transactions, customer information will be passed along with the part of the company that is to be transferred. Every time personal data is transferred to third parties to the extent described above, we will ensure that it is done so in accordance with this Privacy Policy and the relevant data protection laws.

7.    Permissions required for the Android app
AUTHENTICATE_ACCOUNTS: The App acts as an authentication service to authenticate with server services.

MANAGE_ACCOUNTS: In its function as an authentication service, the App can create and edit ELO accounts.

GET_ACCOUNTS: The App can query the accounts stored in the operating system to find the ELO account for authentication.

USE_CREDENTIALS: The App can use the account data to call the authentification service which then creates a connection.

INTERNET: Allows the App to connect to the Internet. This permission is required for sending data to the ELO server.

ACCESS_NETWORK_STATE: Allows the App to access information about networks. Determines whether the App is connected to a wireless network so that it can send any offline data sets to the server. When offline data sets are marked for sending by the user, the App can send these at any time provided it has a network connection.

WRITE_EXTERNAL_STORAGE: The App can write data to external storage. This is required if the user wants all data and/or the cache to be stored on the external storage.

READ_EXTERNAL_STORAGE: The App can read data on external storage. This is required for accessing the user's own data as well as public data, e.g. for importing images or other files to the ELO repository.

READ_SEARCH_SUGGESTIONS: The App can read search suggestions from the ELO repository.

READ_INTERNAL_FILE: The App can read documents on the App's internal storage.

Permission for:
Camera, photos, message content/notifications etc.
The App requires access to your camera and/or photos in order to be able to save images to the Intray. The App also sends local notifications to the system as soon as the offline download is running in the background and is completed. These are not push notifications. Push notifications are messages that the App sends with a high priority to your device. This App does not use push notifications.

8.    Cookies and web tracking software
We use cookies to maximize and analyze the performance of our services and generally improve the user experience. Cookies are small text files that are stored to your computer's Internet browser cache when you visit a website. In particular, cookies recognize the web browser. Cookies do not collect personal data about you or your use of websites. Once set, you can delete cookies at any time, by accessing the appropriate menu item in your browser, or you can delete the cookies from your hard disk.

The App does not use any web tracking software.

9.    Social media plugins
We have not integrated any social media plugins (e.g. Facebook button, YouTube button).

10.    External pages/links
You can download our App from different websites. We are not responsible for the privacy practices of these third-party websites. We urge you to review the privacy policy that governs each of these external websites or links.
Our App may include links to other third-party websites. This Privacy Policy does not apply to these websites and/or links. When you enter such a website, you acknowledge that ELO is not responsible for these websites, does not check or endorse them and is neither indirectly nor directly responsible for:

-    what these websites do with your personal data
-    the content of these websites
-    how others use these websites.

Please review the privacy statements of these sites or mobile apps before providing them with personally identifiable information.

11.    Personal rights
Users have a statutory right to request information about the data that we store about them as well the right to have personal data corrected, blocked or deleted as well as to limit our ability to process and transfer the personal data. At your request, we shall issue information about the data stored by the responsible body specified in Section 1. If we collect anonymous data from you, we can issue this information at your request. Data that ELO must store in compliance with statutory retention periods are locked rather than deleted to ensure that they cannot be used for other purposes.
 
12.    Right of revocation
You are entitled to revoke the permission to use personal data at any time with future effect. In this case, please contact:

ELO Digital Office GmbH
- Data Protection Officer -
Tübinger Str. 43
70178 Stuttgart, Germany


13.    Changes to the Privacy Policy
We want to ensure that our Privacy Policy conforms to the latest technical, organizational and legal requirements. For this reason, it may be necessary to change parts of the Privacy Policy from time to time. We will inform you about this when you start the App.


14.    Data Protection Officer
The Data Protection Officer ELO Digital Office GmbH is responsible for all matters relating to data protection and IT security of this App. You can contact him at:

ELO Digital Office GmbH
- Data Protection Officer -
Tübinger Str. 43,
70178 Stuttgart, Germany

Privacy Policy: ELO App (iOS)

The protection of your personal data is an important concern for us. For this reason, we conduct our business in compliance with applicable laws on protection of personal data and data security. Below, we explain what information we collect, how we use it, and who we may potentially share it with.

1.    Responsibility
The company responsible for providing the application (including the DEMO account) is

ELO Digital Office GmbH
(im Folgenden -„ELO“-)
Tübinger Str. 43
70178 Stuttgart

2.    What is personal data?
The subject of data protection is personal data. As per Article 4 No. 1 GDPR, personal data encompasses all information related to an identified or identifiable natural person; a natural person is considered "identifiable" if they can be identified directly or indirectly, especially by means of an identifier such as a name, ID, location data, user name, or several unique characteristics that are the expression of the physical, physiological, genetic, physical, economic, cultural, or social identity of this natural person. This generally pertains to data such as a person's name, postal address, e-mail address or telephone number, but also usage data. Usage data are those data that are required or are created to use our application (hereafter: "App"). The processing of data includes the storage and transmission of personal data collected.

3.    What is the ELO App?
The ELO App gives you access to the complete ELO ECM repository (operator server). The App allows you to easily navigate through the ELO repository, create new folders, or upload images. You can conveniently view documents such as PDFs, Office documents, images, and e-mail. The App also lets you view any metadata associated with each object. The App also integrates iSearch technology. You can also view your current tasks and processes (workflows) from the ELO repository. Together with the ELO Workflow Engine, you can approve tasks within current processes or forward them to colleagues. The offline function means you can easily download documents from the repository and work with them offline. This function lets you view documents when your mobile signal is inadequate or when you are in flight mode.

4.    Which data, in particular personal data, is collected, processed and used?
a)    Data minimization
The data collected and processed during use of the App is subject to German and European data protection laws. In accordance with the principle of data minimization, data is only collected and processed if it is absolutely necessary for the App's intended purpose. Equally, data that is no longer needed for the purposes specified here is immediately deleted.

b)    Collection, storage, and processing of data when using the App
The App enables users to record, save, and process data and files. All the data and files that the App transmits to the corresponding server is subject to the data protection principles of the server operator (the company collecting data is always responsible, i.e. the corresponding server operator). ELO does not have access to this server.

Data and files recorded in a log file for security reasons are not stored on our server (e.g. IP address, date, time and files retrieved). As a result, it is not possible to evaluate this kind of data anonymously to carry out internal studies for statistical purposes regarding user interests and user behavior. Similarly, we do not analyze usage data to create personal user profiles. Furthermore, data is not transmitted automatically for technical reasons (date and time of access, the operating system, the volume of data sent, etc.). In addition, neither the App nor ELO collects, processes or uses data such as IMEI, UDID, IMSI, location data, crash logs, or Analytics relating to the users of the App.

All the data and files recorded, stored, processed and used by you are stored on the server of the corresponding operator. However, temporary data and files can be stored permanently on the user's device until they are deleted by that user. When you close the App, these data and files are not automatically deleted and you can continue to access them provided that they are

a) called specifically (e.g. offline, data sets, etc.) or
b) retrieved while using the application (e.g. document cache), log (a log is only generated as soon as the user has enabled it manually in the settings. Logs are not generated by default).

By default, these data/files are saved to the internal storage so only this App can access the data/files. If corresponding settings were made that enable the user to save the data/files to external storage (e.g. an SD card), then every app with access to this storage medium (e.g. SD card) can see, edit or use the data. The two storage areas are separate and the user can modify the settings for each.

c)    Registering for an ELO account
Before you use the App, you may need to provide the following information: first name, last name, password, and/or server URL This data is stored (in the keychain of the App, which only the App has access to) for the purpose of creating a user account and so that you can authenticate to the App.

d)    Exceptions when registering for an ELO account
•    We use personal data provided by users in accordance with the provisions of German and European data protection law. Personal data (basic data), insofar as these are necessary for establishing, defining and modifying the contractual relationship, are used exclusively for fulfilling the contract. Any further use of the basic data for purposes of market research or for customizing our offers will not take place. Any further use of the basic data for purposes of market research or for customizing our offers will not take place. Personal data (usage data) is only collected, processed and used where required e.g. in order to allow the user to make use of our services and, where applicable, for invoicing purposes. This usage data includes, in particular, data that identifies the user, information on the start, end and extent of usage and information on the services used.

•    We only collect personally identifiable information transmitted by users on a voluntary basis (e.g. when contacting us via e-mail) or on the basis of data protection regulations (e.g. if the user actively sends personal data to ELO via e-mail for the purpose of carrying out a request).

•    We reserve the right to evaluate this usage data in the event of a misuse of the App or other legal violations that may lead to charges being placed with the relevant law enforcement authorities.

•    Test access (DEMO account)/DEMO server
i.    Access
If you want to use the demo account provided to test the App, a DEMO account is automatically created under iOS. To set up this DEMO account, you need to enter the IP address of your iOS device as well as the date on which you created the account. This is purely for logging purposes.

ii.    Entering and saving data/files to our systems
The DEMO account allows you to test the App and familiarize yourself with its functions. ELO operates the corresponding DEMO system on ELO systems.

Please note that when you use the DEMO account/server, you cannot upload or save data/files to the DEMO app, which means that no personal data is stored or processed during use. However, you can enter personal information and data, for example when using the document feed. In such cases, this data is visible to all users of this DEMO account and as such can be edited. Any personal data that is stored and processed on the ELO systems while testing the App is done so entirely voluntarily and is not required for the DEMO account.

Any information you enter in the course of using the DEMO account/server will not be passed on to third parties (exception: section 6 of the ELO App Privacy Policy (iOS)).

5.    Security
a)    Device backups
Depending on the operating system and the version of the App in use, the backup generally secures all data/files including documents within the App (e.g. the keychain and the offline database).

b)    Pin lock, passcode lock, encryption
You have the option to activate a pin lock ("Settings" -> "Code"). This pin lock for the App only locks the App and does not replace the passcode lock of the device itself, which ensures that the App data is encrypted and therefore secure.   

c)    Offline data
In the case of offline data, files and the database are protected by iOS file data protection (NSFileProtectionComplete), i.e. when the device is locked, the data is encrypted with AES256. To enable this function, the user must have set a corresponding passcode lock (see https://www.apple.com/business/docs/iOS_Security_Guide.pdf).

d)    iTunes file sharing
File sharing is enabled in versions 8 and 9. When an iOS device connects to iTunes and the user has explicitly consented to this, then ELO receives the offline data and offline forms that are stored addition to the log file.
In this case, explicit consent means that when you connect a PC/Mac to a mobile device with a USB cable, a dialog box appears that requires you to allow the connection. However, logging is disabled by default.

Starting with version 10, users of the App must send this information by e-mail.

6.    Disclosure of information
We will not disclose any data, in particular personal data, to third parties without informing users in advance and without obtaining their consent. We may only disclose information to third parties without notifying the user in advance in the following cases:

•    If it serves to investigate illegal use of the application or demo access, or is required for prosecution, personal data can be disclosed to law enforcement authorities and, if there is concrete evidence of unlawful or abusive behavior, to aggrieved third parties. Disclosure of data may also take place if it serves to enforce general terms and conditions or other agreements. In addition, we are legally obligated to provide information to certain public authorities at their request.

•    We are entitled in accordance with the European General Data Protection Regulation (GDPR) to commission specifically selected companies or individuals to undertake or carry out those tasks in our name that are associated with the purposes set out in this Privacy Policy. These include Internet providers, server providers, and other companies or agents that provide supporting services. Such enterprises may be granted access to personal data which they need in order to perform their activities; any use for other purposes is not permitted to these companies or individuals.

•    As our business continues to develop, the structure of ELO Digital Office GmbH may change in that the legal form can change, and subsidiaries, business units or components can be established, purchased or sold. The legal form can change and subsidiaries and participations established, acquired or sold. In such transactions, customer data will be passed along with the part of the company that is to be transferred. Every time personal data is transferred to third parties to the extent described above, we will ensure that it is done so in accordance with this Privacy Policy and the relevant data protection laws.

7.    Permissions required for the App
To use the App on an iOS device, our App must be able to access various functions and data on your mobile device. In all the following cases, you need to give your explicit consent the first time the device requires that permission. The user can change this permission setting at any time.

Permission for:
Camera, photos, message content/notifications etc.
The App requires access to your camera and/or photos in order to be able to save images to the Intray. The App also sends local notifications to the system as soon as the offline download is running in the background and is completed. These are not push notifications. Push notifications are messages that the App sends with a high priority to your device. This App does not use push notifications.

8.    Cookies and web tracking software
We use cookies to maximize and analyze the performance of our services and generally improve the user experience. Cookies are small text files that are stored to the computer's Internet browser cache when a user visits a website. In particular, cookies recognize the web browser. Cookies do not collect personal data about the user or their use of websites. Once set, the user can delete cookies at any time, by accessing the appropriate menu item in the browser, or delete the cookies from the hard disk.

The App does not use any web tracking software.

9.    Social media plug-ins
We have not integrated any social media plug-ins (e.g. Facebook button, YouTube button).

10.    External pages/links
The App is available for download from different websites. We are not responsible for the privacy policies of these third-party websites. We urge users to review the privacy policy that governs each of these external websites or links.

Our App may include links to other third-party websites. This Privacy Policy does not apply to these websites and/or links. When you enter such a website, you acknowledge that ELO is not responsible for these websites, does not check or endorse them and is neither indirectly nor directly responsible for:

-    what these websites do with your personal data
-    the content of these websites
-    how others use these websites.

Please review the terms of use and privacy statements of these sites or mobile apps before providing them with personally identifiable information.

11.    Personal rights
Users have a statutory right to request information about the data that we store about them as well the right to have personal data corrected, blocked or deleted as well as to limit our ability to process and transfer the personal data. At your request, we shall issue information about the data stored by the responsible body specified in section 1. If we collect anonymous data from you, we can issue this information at your request. Data that ELO must store in compliance with statutory retention periods are locked rather than deleted to ensure that they cannot be used for other purposes.

12.    Right of revocation
You are entitled to revoke the permission to use personal data at any time with future effect. In this case, please contact:

By mail to:
ELO Digital Office
- Data Protection Officer -
Tübinger Str. 43
70178 Stuttgart, Germany


13.    Changes to the Privacy Policy
We strive to ensure that our Privacy Policy conforms to the latest technical, organizational and legal requirements. For this reason, it may be necessary to change parts of the Privacy Policy from time to time. We will notify you about this when you start the App. We will inform you in time about this.

14.    Data Protection Officer
The Data Protection Officer at ELO Digital Office GmbH is responsible for all matters relating to data protection and IT security of this App. You can contact him at:

ELO Digital Office
- Data Protection Officer -
Tübinger Str. 43,
70178 Stuttgart, Germany