Privacy Declaration App
Status: February 2021
Data protection and the privacy of our users are our highest priority. Therefore, we are committed to protecting your personal data and to collect, process and use it only in accordance with the provisions of the General Data Protection Regulation (GDPR) and other national data protection regulations. In the following, we inform you about the processing of your personal data by the anybill app of techreach GmbH and the rights to which you are entitled under data protection law.
I. Who is responsible for processing my personal data?
The person responsible under data protection law for the operation of the anybill app is:
Tel.: +49 941 46297731
When terms such as "we" or "us" are used in the following, this means techreach GmbH.
II. For what purposes is personal data processed?
In connection with the installation and use of the anybill App, we process your data for various purposes, which we explain in more detail here.
Unless otherwise stated below, the legal basis for the data processing associated with this is in each case Art. 6 (1) b) DSGVO (contract performance).
Further legal bases for the data processing described in 2. and 2.1 are Art. 6 para. 1 f) DSGVO (balancing of interests), based on the interest of techreach GmbH and the partner companies to successfully submit advertising that is aligned with the individual interests of the recipients in order to optimise advertising measures as well as to use them for market research purposes and for the data processing described in 3. Art. 6 para. 1 c) DSGVO (fulfilment of a legal obligation).
1. Personalised shopping
One of the most important functions of the anybill app is that by installing and using the app, we learn which topics, shops or products you are interested in and which offers and information from the partner companies of techreach GmbH are therefore relevant to you.
Based on this, we can show
you the most relevant information and offers from anybill and the techreach GmbH partner companies directly in the app.
The legal basis for the associated collection and storage of your data and for the display of corresponding information in the app is Art. 6 para. 1 b) DSGVO (contract performance).
2. Marketing measures and market research
By using the anybill application, you allow us to use your data for advertising and market research purposes. This means that, based on the data collected, suitable offers tailored to your interests are selected and displayed for you. Market research purposes means, for example, the recognition of patterns in shopping and usage behaviour in order to enable such a selection of offers based on certain criteria.
techreach GmbH may place individualised advertisements based on your interests and selected on the basis of the following data:
- Your basic data from the registration process
- Voluntary information in the app settings
- Purchasing data (brand name, product, price, location)
2.1 Marketing planning and performance review
When using the anybill app and simultaneously consenting to data processing, the anonymised data will also be used for advertising planning and success monitoring by techreach GmbH and the partner companies:
In order to monitor the success of certain advertisements and to ensure better planning of future marketing measures, techreach GmbH compares the purchasing behaviour of recipients and non-recipients of the advertisements. For this purpose, techreach GmbH may also transmit anonymised marketing performance analyses of received or non-received advertising to the respective partner company. The personal data will not be passed on to third parties.
3. Billing with partner companies of techreach GmbH
Where necessary in connection with the above purposes, we also use the data collected for billing purposes between techreach GmbH and the techreach GmbH partner companies.
III. What categories of data do we process for the above purposes?
When using the app, the following data is collected. This data is stored in an ISO 27001 certified data centre in the EU.
1. Technical information data
For troubleshooting purposes in the app, the data that your smartphone automatically transmits to us and that is required for communication with the smartphone is collected and used in the event that faults occur. This includes:
- The unit name
- the operating system and app version
- the mobile phone provider
- User ID
- the time of occurrence of app malfunctions
2. Your anybill data
The functions of the app relate to your personal creation of an anybill account. In order to use the app, it is therefore necessary for you to register in the app. The app functions are only fully available after successful registration/login and submission of the aforementioned consent. Therefore, in addition to the above-mentioned data, we also process the basic data from the registration process (surname, first name, email, age), which are requested for the creation of an anybill account during registration. Furthermore, we store your receipts as well as the recorded expenses depending on the category. Optionally, you can connect your bank account. In this case, we store your transactions to associate them with the receipts.
When registering via Facebook and Google, the gender is also requested.
To display relevant advertisements in your vicinity, we recommend activating the location query. This is determined by the smartphone and the anybill app using GPS data, identifiers of WLAN networks in the vicinity or the mobile phone cell in which the device is currently registered. At least one of these technologies must be active and the anybill app must be granted access to it so that the anybill app can determine the location. Whether or not a location is currently being determined by our app can be recognised by the location symbol of the respective operating system in the status bar of your smartphone. The release of the location is optional and is therefore not mandatory for the use of the app, however, we recommend the activation of the location for the most accurate offer displays.
In order to track usage behaviour in the app, we use so-called "tracking information", for example:
- Search for content and products
- Inputs in the anybill app
- Click behaviour, sequence and dwell time on pages and content
- Available and activated device functions of the smartphone
- Display and click behaviour for messages, links or offers
- Connection speed to the Internet
To provide this function, we use the technology of Google Firebase (Google Ireland Limited, Gordon House, Barrow Street Dublin 4, Ireland).
Firebase offers numerous services for developers as part of the Google Cloud Platform. Some Firebase services process personal data, but in most cases the personal data is limited to so-called "instance IDs". Since the "Instance IDs" assigned by Firebase are unique, they thus allow the linking of different processes or operations. However, this data is not personally identifiable information for us, nor do we make any effort to personalise it afterwards. We only process this data to analyse and optimise user behaviour, for example by evaluating error reports.
Furthermore, for the "Firebase Analytics" service, Google also uses the advertising ID of the end device in addition to the "instance ID" described above. The use of the advertising ID can be restricted in the device settings of the mobile device. This restriction can be made as follows:
- For Android: Settings > Google > Ads > Reset Ad ID
- For iOS: Settings > Privacy > Advertising > No Ad Tracking
VI. How is push notification used?
Our app also offers push services that actively inform you about certain topics (e.g. when a new receipt is added) in the form of messages on your smartphone. If you do not want to use this function, you can adjust it in the device settings as well as in the app settings. If you want to use push notifications, the platform provider tells us the assigned "push token", which allows us to send and display notifications to the smartphone. We use Firebase Cloud Messaging technology to provide this feature.
V. Conditions of use
A functioning network connection is required so that the app can establish a connection to our system via the Internet and thus fulfil the respective services such as synchronising the sales slips on the smartphone, etc. The app can also be used for other purposes.
VI. Will my data be passed on to third parties?
If you have the QR code from the anybill application scanned by the POS system when issuing receipts, your user ID is transmitted to the POS system so that the receipts can be allocated accordingly in our systems.
If you scan the QR code yourself from the display of the POS system when issuing receipts, the POS system does not receive any user data at any time.
In order to send you emails, this data is transmitted to our mail service provider. These can be general letters, automated mails (e.g. password reset) and product results.
Anonymised data can be passed on to third parties for market research purposes. However, no conclusions can be drawn about your person.
VII. Is the security of my data guaranteed?
The communication of the anybill app with the system (cloud servers) of techreach GmbH takes place in encrypted form throughout.
When you uninstall the app, all personal data in the app will be deleted locally. Of course, you can always download the app again and log in to your anybill account with your login data.
VIII. For how long will my data be stored?
Techreach GmbH will retain your basic data and voluntary details for as long as you actively use the anybill app. After 3 years of inactivity, your data will be deleted, with the option to download the relevant receipt or delete all data. Communication data, such as the use of our contact form, will be deleted by techreach GmbH after 3 years at the latest. Automatically collected technical communication data as well as tracking information will be deleted after 1 year at the latest and included in a data pool in anonymised form for market research purposes. In order to provide you with personalised advertising, we optionally request your location, but your location data is only stored and processed when you use the app, after which it is immediately deleted.
IX. What are my rights as a data subject?
You can find out at any time on request whether and which data is stored and processed (Art. 15 of the GDPR) and where this data comes from (Art. 14 of the GDPR). If the legal requirements are met, you have the right to access your data at any time:
- Correction of the data (Art.16 DSGVO)
- Deletion of data (Art.17 DSGVO)
- Blocking of data (Art.18 DSGVO)
You also have the right to receive information from us about the use and storage of your data in a structured, common and machine-readable format (Art. 20 (1) DSGVO). You also have the right to lodge a complaint (Art. 77 DSGVO) with the data protection supervisory authority responsible for us:
Bavarian State Office for Data Protection Supervision (BayLDA)
In addition, you can exercise the following rights towards us at any time: Objection to the processing of your stored data, right of revocation of a once granted consent to the collection, processing and use of your personal data with effect for the future.
To object to the processing of your data, you can permanently and irrevocably delete your user account within the anybill app at any time.