The maxon Group's data protection notices in connection with the Bike Drive APP platform

Latest update on July 2, 2023

maxon switzerland ltd (hereinafter referred to as “maxon”, “we”, “us”) thanks you for using its BIKEDRIVE apps. With the BIKEDRIVE Service App & BIKEDRIVE Connect App, we look out for your privacy and want you to feel safe when using our apps. This Privacy Policy explains how we collect, process, use and protect your personal data. We process personal data that is collected and processed in connection with the use of our services confidentially and only in accordance with the applicable data protection legislation.

1 How to reach us

The controller for the processing of your data is maxon switzerland ltd.
Our contact details are as follows:

maxon switzerland ltd
Industriestrasse 23
6055 Alpnach Dorf
Switzerland
Telefon:    +41 41 660 15 00
E-Mail:      maxonbikedrive@maxongroup.com

If you have any questions or suggestions regarding this Privacy Policy, your personal data, or data security at maxon, please contact us at:

maxon international ltd 
Data Protection Officer
Brünigstrasse 220
6072 Sachseln
Switzerland
Telefon:    +41 41 666 15 00
E-Mail:      privacy@maxongroup.com

The address of our data protection representative as per Art. 27 GDPR is:

maxon motor hungary kft
Data Protection Coordinator
Tartu u. 4.
8,200 Veszprém
Hungary
Telefon:   + 36 88 886 000
E-Mail:      privacy27@maxongroup.com

2 How we gather, process and use personal data

Principles
"Personal data" means any information relating to an identified or identifiable natural person, e.g., any name, address, telephone number or e-mail address reflecting a person’s identity.
We only gather, process and use personal data (including IP address) if this is necessary for contractual performance or pre-contractual activities, if you have given us your consent (e.g., during registration), or if we have a legitimate interest in processing the data.

BIKEDRIVE Service App
You can use this BIKEDRIVE Service App if you are a maxon registered manufacturer and/or dealer. The following categories of data are processed so that you can use the app:

  • Communications data:           For example: Name, address, email, telephone number, IP address
  • Device-related data:               For example: Serial no. of the Powertab, ...
  • Log files

BIKEDRIVE Connect App
You can use this BIKEDRIVE Connect App if you are a user of a BIKEDRIVE drive system. The following categories of data are processed so that you can use the app:

  • Communications data:           For example: Name, email, IP address
  • Device-related data:               For example: Serial no. of the Powertab, ...
  • Log files

Installing our BIKEDRIVE Service App and BIKEDRIVE Connect App
Our BIKEDRIVE apps are made available for download on third-party operated platforms (iOS, Android). In order to download the apps, these platforms may at most require registration. Maxon has no influence over the processing of the collected data that may arise in the course of your registration on the respective platform.

3 Purposes and legal basis for data processing

We and service providers engaged by us will process your personal data for the following purposes:

BIKEDRIVE Service App
You can use this BIKEDRIVE Service App if you are a maxon registered manufacturer and/or dealer.

a)
We will process your email address and password because you use them to log into your maxon account. 
Categories of personal data recipients: External service providers (commissioned data processing), maxon Group joint data controllers 
Legal basis: The processing of your personal data is lawful, as this information is required so that we can operate and maintain your account at your request; furthermore, we have a legitimate interest in processing your requests.

BIKEDRIVE Connect App
You can use this BIKEDRIVE Connect App if you are a user of a BIKEDRIVE drive system.

a)
We will process your email address because you use it to log in to your account associated with the BIKEDRIVE Connect app.
Categories of personal data recipients: External service providers (commissioned data processing), maxon Group joint data controllers  
Legal basis: The processing of your personal data is lawful, as this information is required so that we can operate and maintain your account at your request; furthermore, we have a legitimate interest in processing your requests. You can delete your profile on the maxon BIKEDRIVE Connect app at any time.

4 Log files

When using our BIKEDRIVE Service App or BIKEDRIVE Connect App, certain information is automatically transmitted to us and stored in data files known as log files. In particular, the following information is stored in log files:

  • IP address (internet protocol address) of the device from which the online offering is accessed;
  • name of the files or information retrieved;
  • date and time and duration of the retrieval;
  • volume of data transmitted;
  • referrer URL;
  • device type (user interface string, e.g. iOS, Android);
  • technical data pertaining to the BIKEDRIVE system;

The log files are stored by us for the purpose of ensuring technical operation, for identifying and correcting faults and for security reasons (e.g., investigating attempted attacks). The data is deleted after 30 days if it is no longer required for the purposes described. Log files that must be retained for longer periods for evidentiary purposes are excluded from deletion until the applicable incident has been reviewed. In particular cases, they may be passed along to the investigating authorities. This technical data pertaining to the log files is stored separately from all personal data concerning you.

5 User analysis

When using the BIKEDRIVE Service App and the BIKEDRIVE Connect App, no data is collected for user analysis.

6 Forwarding of data

Forwarding of data to other controllers
As a general rule, your personal data will only be transferred by us to other controllers insofar as this is necessary for contractual performance, we or the third party have/has an overriding legitimate interest in forwarding the data, or you have given your consent For details about the legal basis and the recipients or categories of recipients, see Section 3 (Purposes and legal basis for data processing). If “joint data controllers from the maxon Group” are named as possible data recipients, this data may be passed on within the maxon Group in order to enable you to receive optimal support and advice from the maxon Group and thus to significantly improve customer contact. Forwarding of data within the maxon Group thus benefits both you and us, and as mentioned in Section 3 is based inter alia on our legitimate interest in maintaining good customer relations with current and future customers.
In addition, data may be transferred to other controllers, insofar as we are required to do so by law or pursuant to an enforceable official or court order.

Service providers (in general)
We engage external service providers to perform tasks such as marketing services, programming, data hosting and hotline services. We have carefully selected these service providers and monitor them regularly, particularly to ensure they are careful in the way they handle and safeguard the data stored by them. All service providers are under contractual obligation to maintain confidentiality and to comply with legal requirements. Service providers may also be other companies within the maxon Group.

Forwarding of data to recipients outside the EEA and Switzerland
We may also forward personal data to recipients domiciled outside the EEA (non-EEA countries). In such cases, before forwarding the data, we make sure the recipient contractually guarantees an adequate level of data protection or, if necessary, we obtain your consent to the forwarding of your data.

Social Sign-In (log-in via social networks)
We offer you the option of logging into our BIKEDRIVE Connect app using the so-called “Social Sign-In” from Google or Apple. In order to provide you with these sign-in features, we use the social plugins provided by Google and Apple. When you sign in via Google or Apple, your Internet browser establishes a direct connection to the servers of Google or Apple, whereby Google or Apple receives information about your use of our BIKEDRIVE Connect App, your login status, browser information and your IP address both during registration and during sign-in. It is possible that Google or Apple will collect this information at locations outside the EU or the EEA / Switzerland (e.g. in the USA). When you use the “Google Connect” / “Apple Connect” registration and login service, we transmit your browser data and IP address to Google or Apple. The legal basis for this processing is therefore your consent pursuant to Art. 6 para. 1(a) EU GDPR.

7 Duration of storage; retention periods

As a general rule, we store your data for as long as is necessary to ensure we can provide our online offering and related services, or for as long as we have a legitimate interest in further storage (e.g. after fulfilment of a contract, we may still have a legitimate interest in marketing via physical mail). After that, we will delete your personal data, except for data that we must continue to store in order to comply with legal obligations.

8 Use of cookies

What is a cookie?
A cookie is a small information file stored on your computer or mobile end device by the websites you visit. Cookies are often used to operate websites or to operate them more efficiently and to transmit information to the operators of the website.

Our use of cookies
With the BIKEDRIVE Service App & BIKEDRIVE Connect App, we only use technically necessary cookies. By "technically necessary cookies," we mean cookies without which the technical provision of the BIKEDRIVE apps cannot be guaranteed. 

9 Security

Our employees and the service providers engaged by us are obligated to maintain confidentiality and comply with the provisions of applicable data protection legislation.
We take all necessary technical and organizational measures to ensure an adequate level of protection and to protect your data we manage, in particular against the risks of accidental or unlawful destruction, manipulation, loss, alteration, or unauthorized disclosure or access. Our security measures undergo ongoing improvement in line with technological developments.

10 User rights

To exercise your rights, see Section 1, "How to reach us." Please make sure we can easily identify you.

Right to information; data subject's right to access processed personal data
You have the right to receive information from us about the processing of your data. For this purpose, you can exercise the right to access your personal data that we process.

Right to correction; right to erasure
You can ask us to correct incorrect data. Provided the legal requirements are met, you may request that incomplete data be completed, and you may also request that your data be erased.

Please write to us at privacy@maxongroup.com, create a ticket via Zendesk, or get in touch with your personal sales contact (Dealer/manufacturer) to request the erasure of your data. 

Restriction of processing
Provided the legal requirements are met, you are entitled to instruct us to place restrictions on the processing of your data.

Data portability
Provided the legal requirements are met, you can request to receive data that you have made available to us in a structured, commonly used machine-readable format, or you can instruct us to transfer the data to a third party, insofar as technically feasible.

Right to object
Right to object to the processing of your data for direct marketing purposes
At any time, you can object to the processing of your personal data for marketing purposes (“right to object to the processing of personal data for direct marketing purposes”). Please note that, for organizational reasons, there may be an overlap between your objection and the use of your data in a campaign that is already underway.

Right to object to the processing of data where we claim a legitimate interest
At any time, you are entitled to object to our processing your data where we claim a legitimate interest. We will then stop processing your data unless we can, as provided by law, demonstrate compelling legitimate grounds for further processing and those grounds outweigh your rights.

Revoking consent
If you have given consent to the processing of your data, you may revoke your consent at any time with prospective effect. However, it shall remain lawful to process your data until the date of revocation.

Right to file a complaint with our supervisory authority
You may have the right to file a complaint with the supervisory authority responsible for you, particularly the data protection authority responsible for your place of residence.

11 Amendments to this Privacy Policy

We reserve the right to change our security and data protection measures. In such cases, we will also amend our Privacy Policy accordingly. If we make any changes, we will notify you and indicate the changes clearly.