3. Processing of personal data when using CIB doXiscan
(1) When downloading the mobile app, the required information is transferred to the App store. We have no influence on this data processing and are not responsible for it. We only process the data to the extent necessary for downloading CIB doXicloud to your mobile device. For more information, please visit policies.google.com/privacy.
(2) When you use CIB doXiscan, we process the personal data described below to enable you to use the features comfortably. If you wish to use the CIB doXiscan app, we process the following data that is technically necessary for us to offer you the functions of our mobile app. The legal basis is Art. 6 para. 1 p. 1 lit. b GDPR:
When using the OCR function, the photos are transferred to the CIB server for a short time and deleted from the CIB server immediately after processing.
The OCR function can be deactivated at any time in the settings of the app under the menu item searchable pdf (OCR). If this function is deactivated, no personal data will be sent to CIB by using the app.
(3) Crash reports by Firebase Crashlytics
a. To ensure the stability and security of doXiscan, we require crash reports. We use “Firebase Crashlytics” to generate anonymised crash reports. Provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. The responsible entity for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”).
b. If a crash occurs, information (e.g. the timestamp of the crash; the name and version number of the operating system of the device; the model name of the device, the CPU architecture, the amount of RAM and storage space) will be transmitted to Google’s servers in the USA. This information may also include the following personal data:
- Crashlytics installation UUIDs
- Crash traces
- Breakpad minidump formatted data (NDK crashes only)
The legal basis is Art. 6 para. 1 p. 1 lit. a GDPR. The crash reports are only sent with your consent. With the Android app, you can agree to the transmission of crash reports to Google and the app developers centrally on your end device. With the iOS app, you can consent in the settings of the app or after a crash.
Revoking consent in the Android app:
You can revoke your consent by selecting the item “Google” in the settings of your end device and clicking on the three-dot menu in the upper right corner. There you can deactivate the item “Use & Diagnosis” under the menu item “Use & Diagnosis”. Further information can be found in the Google Account Help.
Revoking consent in the iOS app:
You can revoke your consent by deactivating the item “Crash reports” under Settings in the doXiscan app.
c. Google stores the collected data for 90 days.
(4) We have concluded a data processing agreement with Google and fully implement the strict requirements of the German data protection authorities when using Google tools.
Further information on Google’s data protection can be found in Firebase’s data protection information at https://firebase.google.com/support/privacy.