for mobile app
Last modified: 26 February 2020
Changes in relation to previous versions: none (first version)
Our data protection principles
This notice tells you which data we collect from you, how we use it and how you can withdraw consent to the use of your data.
Who is responsible for data collection and processing?
Everyworks Coworking GmbH is responsible for the collection and processing of your data. The appointed data protection officer is Ms Chris Newiger.
If you have any questions, suggestions and/or criticisms with regard to data protection and the Everyworks app, please contact:
DB Station&Service AG, Europaplatz 1, 10557 Berlin
Data protection contact: firstname.lastname@example.org
Legal basis for data processing:
Where we request your consent to the processing of your personal data, this serves as the legal basis in accordance with Article 6 (1) (a) GDPR.
With regard to the processing of personal data required for performance of a contract with you, the contract is the legal basis in accordance with Article 6 (1) (b) GDPR. Article 6 (1) (b) GDPR applies also to data processing operations required for the performance of pre-contractual measures, such as with regard to enquiries about our products or services.
Where our company is subject to a legal obligation requiring the processing of personal data, such as for the fulfilment of tax obligations, such processing is based on Art. 6 (1) (c) GDPR.
When the app is downloaded, your user name, e-mail address and customer number, the time of download, the payment information and the individual device number are sent to the App Store. We have no control over such data processing and are not responsible for it.
Technical and contractual reasons
For technical reasons, use of the everyworks app requires certain data (e.g. IP address, device type) to be collected and stored so that the app can work on your device.
To be able to provide our services in the app, we require further personal data from you for contractual reasons:
Registration/logon for the customer account
First name, surname, company name (optional), additional company information (optional), street and house number, state, e-mail address, password (anonymized), verification of e-mail address
Payment data, such as credit card data, contact/identification data, is collected for payment processing.
See also the data protection notice of the payment service provider Payone GmbH bspayone.com/DE/en/gtc
Minute-based billing via check-in and check-out, acceptance of the rules and regulations valid for each space.
Sending of invoices
E-mail address for sending of invoices by e-mail as PDF.
The legal basis for such data processing is Art. 6 (1) (b) GDPR.
In order to process personal data for technical and contractual reasons, the app requires access permissions to certain features on your device. These access permissions are therefore enabled as the default. The following tells you which service processes your data and for what purposes, unless such access is absolutely necessary for technical reasons:
Technically required access:
Up to Android 6:
- AUTHENTICATE_ACCOUNTS: Use of account authentication features, creation of accounts, retrieval and setting of passwords for the Everyworks app.
- GET_ACCOUNTS: For retrieving the list of configured accounts (only the accounts, not the actual access data). This permission simply makes it possible to determine which accounts exist. For example, the app can determine whether a matching account already exists.
- MANAGE_ACCOUNTS: Management – i.e. including the changing – of accounts/access data.
- USE_CREDENTIALS: Use of authentication information of an account
For higher versions, only the following permissions are requested:
- INTERNET and ACCESS_NETWORK_STATE: For interrogating the internet and network status
No permissions are currently collected for iOS.
Offers matching your booking
Following your booking, we would like to send you offers of similar products or services to the e-mail address used for the booking. You can unsubscribe at any time by clicking on the link in the e-mail.
Rights of the data subject
- You can ask which of your data has been stored.
- You can request the correction, deletion or blocking of your personal data, provided this is legally admissible and possible under an existing contract.
- You have the right to lodge a complaint with a regulatory agency. The regulatory agency responsible for everyworks Coworking GmbH is: Berliner Beauftragte für Datenschutz und Informati¬onsfreiheit, Friedrichstr.219, 10969 Berlin, e-mail: email@example.com
- You have the right to portability of the data you have provided to us on the basis of a consent or contract (data portability).
- If you have consented to your data being processed by us, you can withdraw this consent at any time. Withdrawal of consent does not affect the lawfulness of any prior processing based on such consent.
To exercise your rights, it is sufficient to send a letter by post to Everyworks Coworking GmbH, Europaplatz 1, 105571 Berlin or by e-mail to firstname.lastname@example.org
Duration of processing
We store your data only for as long as necessary for fulfilling the purpose for which the data was collected (e.g. under a contract) or where this is provided for by law. Under a contract, for example, we store your data at least until the contract has been completely terminated. The data is then kept for the length of the statutory retention periods. If inactive, your customer account is maintained in the system for four years and then deleted from the system along with notification by e-mail (30 days before deletion).
Updating of the data protection notice
We adapt the data protection notice to modified functionalities or changed legal situations. We therefore advise you to read the data protection notice at regular intervals. Where your consent is required or parts of the data protection notice contain provisions of the contract with you, any amendments require your approval.