1. Data Controller

The entity responsible for processing personal data within this app is:
R3levance Solutions GmbH
Am Hofgarten 4
53113 Bonn, Germany
office@r3levance.com

2. Purpose of Data Processing

This app is used for visitor registration and management. Personal data is processed exclusively for the following purposes:

• Registration of visitors for access control

• Documentation of visit times and purposes

• Compliance with legal or organizational record-keeping requirements

   

3. Categories of Data Collected

Depending on the setup and customer configuration, the app may collect the following personal data:

• First and last name

• Contact details (e.g., phone number, e-mail address)

• Company affiliation (if applicable)

• Date, time, and purpose of the visit / host visited
   

4. Legal Basis

The processing of personal data is based on:

• Art. 6 (1) (b) GDPR – performance of a contract / organization of the visit,

• Art. 6 (1) (f) GDPR – legitimate interest in secure and traceable visitor management,

• Art. 6 (1) (c) GDPR, where legal obligations to retain or provide information apply.
   

5. Storage and Retention

Data storage depends on the customer’s system setup:

• On-premise at the customer’s infrastructure,

• Cloud environments (e.g., AWS or IONOS) operated on behalf of the customer.

Retention periods and deletion policies are determined by the individual data protection and retention agreements of each customer and can be reviewed in the respective customer’s privacy policy.

6. Data Sharing

The app itself does not actively share personal data with third parties.
If external hosting or cloud providers (e.g., AWS, IONOS) are used, this is done exclusively within the scope of a data processing agreement in accordance with Art. 28 GDPR.

7. Rights of Data Subjects

In accordance with the GDPR, users have the following rights:

• Right of access (Art. 15 GDPR)

• Right to rectification (Art. 16 GDPR)

• Right to erasure (Art. 17 GDPR)

• Right to restriction of processing (Art. 18 GDPR)

• Right to object (Art. 21 GDPR)

• Right to data portability (Art. 20 GDPR)

Since data storage is handled by the respective customer, requests to exercise these rights should be directed to the organization operating the app instance.

8. Data Security

We, together with our customers, implement appropriate technical and organizational measures to protect personal data from loss, misuse, and unauthorized access.

9. Changes to this Privacy Policy

We reserve the right to update this privacy policy as required. The current version is always available via the link provided in the Google Play Store.