Data privacy policy for the Liebherr SmartDevice app

 

We at Liebherr-Hausgeräte GmbH are pleased to welcome you to our SmartDevice app (hereinafter also referred to generally as the “app”) and thank you for your interest in the Liebherr Group.

The protection and security of your personal data is extremely important to us. We therefore consider it essential that we inform you below about the types of personal data we collect concerning you, the purposes for which we process this and the rights you have in relation to your personal data.

This data privacy policy is governed by the GDPR and any Swiss data protection law that may apply.

 

The Liebherr SmartDevice app

The Liebherr SmartDevice app allows you to visualise and configure data relating to your Liebherr fridge and freezer. To make use of the Liebherr SmartDevice app, you need to have a Wi-Fi-enabled module (hereinafter referred to as “SmartDeviceBox”), a MyLiebherr account and an internet connection. The SmartDeviceBox connects your Liebherr fridge and freezer to the internet via a Wi-Fi-enabled router. The SmartDeviceBox can be retrofitted on Liebherr fridges and freezers which are SmartDevice-compatible. On some Liebherr fridges and freezers, the SmartDeviceBox is already integrated. In combination with the SmartDeviceBox, the Liebherr SmartDevice app enables you to control various features of your Liebherr fridge and freezer remotely, such as the cooling temperature, while you are out and about. The Liebherr SmartDevice app instantly shows you all the important alert messages, such as telling you that a door that has accidentally been left open. The Liebherr SmartDevice app has a notification function which will remind you, for example, when the air filter next needs to be changed or when the ventilation grille needs to be cleaned.

 

General information

What is personal data and what does processing mean?

 

Who is the controller for the processing of your data?

The controller for the processing of your data is:

Liebherr-Hausgeräte GmbH

Memminger Straße 77-79

88416 Ochsenhausen

Germany

E-mail: privacy.appliances@liebherr.com

 

How can you contact our data protection officer?                                                                                 

Our data protection officer can be reached using the following contact details:

Corporate Privacy

Liebherr-IT Services GmbH

St. Vitus 1

88457 Kirchdorf an der Iller

Germany

E-mail: datenschutz@liebherr.com

 

What rights do you have as a data subject?

Within the provisions of the legislation, as the data subject you have the right to:

If you seek to assert the above rights, kindly note that we may require you to provide proof to establish that you are the person who you say you are.

Furthermore, you have the right to lodge a complaint with a supervisory authority if you consider that the processing of your data infringes the GDPR.

 

Links to other websites

Our app may contain links to and from websites of other providers which are not affiliated with us (“third parties”). Once the link has been clicked, we no longer have any influence over the processing of any data transferred to the third party upon clicking the link (such as the IP address, or URL where the link is located), as the conduct of third parties is obviously beyond our control. We are therefore unable to take any responsibility for the processing of such data by third parties.

 

Links to social networks and messenger services

Our app may contain links for sharing content on our app on various social networks and/or messenger services. When you use our app, the links on our website do not result in any data being transferred to the providers of social networks or messenger services. Only if you click on one of the links to share content from our app will data (such as your IP address or the URL on which the link is located) be transmitted to the respective provider of the social network or messenger service. We have no influence on the subsequent processing of the data by the respective provider of the social network or messenger service.

 

Data processing

Downloading and accessing the app (log files)

Each time you download, access and use our app, the provider running on your end device (computer, smartphone or similar) automatically sends information to our web servers and we store this information in so-called log files.

What data do we process and for what purpose?

We process the following data:

We process this data in principle only for the purpose of ensuring stability as well as network and information security.

Processing for other purposes occurs only if the requisite legal conditions pursuant to Art. 6(4) GDPR have been met. In this case, we will of course comply with any information obligations pursuant to Art. 13(3) GDPR and Art. 14(4) GDPR.

On what legal basis do we process your data?

Your data is processed for the purposes of the legitimate interests in accordance with Art. 6(1)(f) GDPR.

The legitimate interests pursued by us are to improve and maintain the stability, functionality, and security of our app.

You have the right to object to processing at any time on the basis of Art. 6(1)(f) GDPR for reasons arising from your specific situation.

 

Registration and authentication in the app

When you register and authenticate yourself within the app, we collect the following information that is required to do this.

What data do we process and for what purpose?

We process the following data if required:

Note: If you register using a social login from Apple, Facebook, Google or Microsoft, the social login provider will send us, in addition to a User Principal Name (UPN), other data such as your first and last names (all providers), your profile picture (Facebook) or the link to your Google+ profile (Google) if you have activated or enabled these features with the respective social login provider. This data is not processed by us for any purpose.

We generally only process this data for the purposes of registration and authentication in the app.

Processing for other purposes occurs only if the requisite legal conditions pursuant to Art. 6(4) GDPR have been met. In this case, we will of course comply with any information obligations pursuant to Art. 13(3) GDPR and Art. 14(4) GDPR.

On what legal basis do we process your data?

Your data is processed for the performance of a contract or to take steps prior to entering into a contract in accordance with Art. 6(1)(b) GDPR.

 

Using the app

When you use the app, we collect the following information that is required to do this.

What data do we process and for what purpose?

We only ever process this data for the purposes of using the app, analysing faults and improving the app.

Processing for other purposes occurs only if the requisite legal conditions pursuant to Art. 6(4) GDPR have been met. In this case, we will of course comply with any information obligations pursuant to Art. 13(3) GDPR and Art. 14(4) GDPR.

On what legal basis do we process your data?

Your data is processed for the performance of a contract or to take steps prior to entering into a contract in accordance with Art. 6(1)(b) GDPR.

 

Use of technologies and services

A. General information

We use technologies and services in connection with the provision of our app. The information below allows us to provide you as the user of our app with additional information on data processing when technologies and services are used.

I. What are technologies and services?

Technologies and services are small text files which a web server or an app can store and read on your end device (computer, smartphone or similar) via the web browser or app you are using. Technologies and services contain individual, alphanumeric character strings that enable the web browser or app you are using to be identified and they may also contain information on user-specific settings.

Examples of technologies and services are small text files which a web server or an app can store and read on the end device (computer, smartphone or similar) you are using. Technologies and services contain individual, alphanumeric character strings that enable the web browser or app you are using to be identified and they may also contain information on user-specific settings.

The technologies and services referred to above are hereinafter also referred to together as “technologies”.

II. What types of technologies and services are there?

We distinguish between essential technologies on the one hand and optional technologies on the other:

Both essential and optional technologies may be so-called session technologies or persistent technologies. These differ in terms of their intended lifetime or functional life:

Note: You can generally erase the data stored on the technologies yourself via your end device settings. For details, please refer to the instructions from your end device manufacturer.

B. Use of technologies in our app

I. Essential technologies

1. Which essential technologies are used for what purpose and for how long?

Service

Purpose

Service provider

Functional life

Consent management

Obtaining and managing consent and storage of information about consent decisions

Usercentrics GmbH,
Sendlinger Straße 7,
80331 Munich, Germany

30 days

Language detection

Language detection for user-oriented language display of the app

-

Until the app is closed

AppsFlyer (fraud prevention)

For stability and security and to prevent any fraud with our campaigns

AppsFlyer Ltd.,

14 Maskit St.,

POB 12371,

Herzliya,

Israel

Until the purpose is achieved

2. On what legal basis are essential technologies used?

We use technologies that are essential for safeguarding our legitimate interests in accordance with Art. 6(1)(f) GDPR.

Our legitimate interests are:

3. How can I object to the use of essential technologies?

You can exercise your right to object using the blocking options described under “Erasing/blocking technologies” (cf. Art. 21(5) GDPR), i.e. by blocking essential technologies via your app settings.

Please note that, in the case of erasing without blocking, essential technologies will be used again when you access our app at a later point in time. Please also note that deactivating or erasing or blocking essential technologies may adversely affect the performance and functionality of our app and may cause certain features and functions to be unavailable.

II. Optional technologies

We would like to use the information below to enable you to make a sound decision for or against the use of optional technologies and the associated data processing.

1. Which optional technologies are used for what purpose and for how long?

Service

Purpose

Service provider

Functional life

Google Analytics

App analysis

Google Ireland Limited,
Gordon House, Barrow Street,

Dublin 4, Ireland

Up to two years

Google Firebase Crashlytics

Error reports

Google Ireland Limited,
Gordon House, Barrow Street,

Dublin 4, Ireland

Up to two years

AppsFlyer (marketing & re-targeting)

Marketing

AppsFlyer Ltd.,

14 Maskit St.,

POB 12371,

Herzliya,

Israel

Until the purpose is achieved

2. On what legal basis are optional technologies used?

We use optional technologies on the basis of consent in accordance with Art. 6(1)(a) in conjunction with Art. 7 GDPR.

3. How can I withdraw the consent I have granted for the use of optional technologies?

When you (first) access our app, we request, among other things, your consent for the use of optional technologies by means of a predefined query (“Technologies and services”). You can withdraw the consent you have granted at any time with effect for the future and thereby prevent further collection of your data by deselecting optional technologies (app analysis, marketing) in the settings of the consent management service.

If and insofar as you do not consent or withdraw consent already granted - (further) data collection by means of optional technologies requiring consent and data processing associated with this will cease. This has no disadvantages in terms of using the app unless you also deactivate the technology functions for essential technologies.

The withdrawal of consent will not affect the legality of the processing carried out on the basis of the consent up to withdrawal.

As an alternative to withdrawing your consent, the options described under “Erasing/blocking technologies” relating to erasing or blocking technologies along with the information provided there are also available to you.

C. Erasing/blocking technologies

Technologies are stored on your end device which means that you have the control over these. If you do not want us to recognise your end device, you can deactivate or erase technologies already stored on your end device at any time – manually or automatically – and/or block storage of technologies with future effect by making the relevant setting on your end device, e.g. “Do not accept technologies” or similar. Most apps can also be configured so that technology storage is only accepted if you agree to this separately on a case-by-case basis. If you do not want to accept technologies from our service providers and partners, you should have your web browser set to “Block third-party technologies” or similar. For details of the options described, please refer to the instructions from your end device manufacturer.

Please note that in the case of erasing without blocking, essential technologies will be set again and we may ask you again for your consent to optional technologies when you access our app at a later point in time. Please also note that deactivating or erasing or blocking essential technologies may adversely affect the performance and functionality of our app and may cause certain features and functions to be unavailable.

You can manage the settings for the use of optional technologies and the data processing associated with this at any time in the settings of the consent management service.

 

Integration of third-party services

As part of the provision of our app, we integrate different content and functional elements (hereinafter also referred to collectively as “services”) which are obtained from the web servers of their respective providers (hereinafter referred to as “third-party providers”). Your IP address always needs to be transferred to the respective third-party provider to ensure the proper presentation and provision of the services. Although we endeavour to only integrate services where the respective third-party provider uses the IP address only to deliver the services, we have no influence on the subsequent processing by third-party providers.

For data transfers requiring consent, we ask you for your consent for the data transfer to third-party providers/third countries associated with the use of miscellaneous services, among other things, when you access our app for the first time with a predefined query (“Technologies and services”). If you do not already grant your consent with this predefined query, third-party services requiring your consent will be blocked on our app and no data will be transferred to third-party providers/third countries. Instead, you can grant your consent separately in each case for individual third-party services by clicking “Accept” in the respective blocker. If, in future, you no longer want to grant consent individually to each third-party service and want to be able to load them without the respective blocker, you also have the option of selecting “always accept” and therefore also consenting to the associated data transfers for all other third-party services which you open on our app in the future.

You can withdraw the consent you have granted at any time with effect for the future and thereby prevent further transfer of your data by deselecting the corresponding services under “Miscellaneous services (optional)” in the settings of the consent management service.

 

Data recipients

We may transfer your data to:

 

Data transfers to third countries

A data transfer to entities in countries outside the European Union or the European Economic Area (so-called third countries) or to international organisations is permissible only (1) if you have given us your consent or (2) if the European Commission has decided that there is an adequate level of protection in a third country (Art. 45 GDPR). If the Commission has not taken such a decision, we can transfer your data to recipients located in a third country only if appropriate safeguards exist (e.g. standard data protection clauses adopted by the Commission or the supervisory authority under a specific procedure) and the enforcement of your rights as a data subject is guaranteed or the transfer is permissible in individual cases on the grounds of other legal bases (Art. 49 GDPR).

Where we transfer your data to third countries, we will inform you of the respective details of the transfer at the relevant points in this data protection declaration.

 

Data erasure and storage period

We process your data, provided that this is necessary for the respective purpose, if you have not effectively objected to the processing of your data or effectively withdrawn the consent that you may have granted.

If statutory retention obligations exist, we will have to store the data affected thereby for the duration of the retention obligation. After the expiry of the retention obligation, we will check whether there is any further necessity for processing. If there is no longer any necessity, your data will be deleted.

 

Data security

We use technical and organisational security measures to ensure that your data is protected from loss, from improper changes or from unauthorised access by third parties. Moreover, we ensure that, on our side, only authorised persons are granted access to your data and then only to the extent necessary for the above-mentioned purposes. The transfer of all data is encrypted.

 

Version: October 2022