Privacy agreement

1. Company AUTHOR-ALARM d.o.o.
2. Data Controller
Basic Information about the Data Controller
3. Data Protection Officer
4. Author BT update iOS and Android Applications
6. SMS Opt-in policy
7. Purposes of Personal Data Processing, Types of Personal Data Processed, and Legal Basis
8. Processing of Children’s Personal Data
9. Transfer of Data to Third Countries or International Organizations
10. Exercise of Rights
11. Right to lodge a Complaint
12. Existence of Automated Decision-Making, Including Profiling
13. Validity of the Policy

 
1. Company AUTHOR-ALARM d.o.o.

 

In the following privacy policy, you can find detailed information about the processing of your personal data by AUTHOR-ALARM L.L.C.

2. Data Controller

Basic Information about the Data Controller

Full Name of the Data Controller AUTHOR-ALARM, razvoj in prodaja avtomobilskih sistemov proti kraji, d.o.o.

Headquarters Koroška 26, 1000 Ljubljana, Slovenia

Tax Number SI 34229485

Registration Number 8013322000

Email Address info@author-alarm.si

Website

3. Data Protection Officer

The data controller does not process personal data in such a quantity and in such a way that it would be required, in accordance with legal provisions, to appoint a data protection officer.

4. Author BT update  iOS and Android Applications

  1. User registration and account

    1. There are no user accounts or details required for this application.

  2. Collection of personal data

    1. Author-alarm d.o.o. does not collect any personal data from the Author BT update application.

  3. Use of location and Bluetooth

    1. The application will request location information as it is required by iOS and Android when using Bluetooth. None of this information is used or stored in the application, neither is it transmitted to any server.

6. SMS Opt-in policy

No mobile information will be shared with third parties/affiliates for marketing/promotional purposes. All the above categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.

7. Purposes of Personal Data Processing, Types of Personal Data Processed, and  Legal Basis

AUTHOR-ALARM d.o.o. processes your personal data for the following purposes:

  1. Purpose: Visiting the website

Types of personal data processed for this purpose:

  • IP address

  • Time and date of website visit

  • Browser settings and information about the operating system of the computer or mobile device

How long we retain the data for this purpose:

  • We will retain the data for a maximum of 30 days from the website visit.

Legal basis:

  • Legitimate interest

Description

Every time you visit our website, log files of the web server are automatically stored (e.g., IP address – a number that identifies an individual computer or other device on the internet).

  1. Purpose: Conducting communication with individuals via email or telephone number

Types of personal data processed for this purpose:

  • Name

  • Email address

  • Phone number

How long we retain the data for this purpose:

We will retain data for communication purposes for as long as necessary to achieve the purpose of communication with you or until the revocation of your consent to the processing of personal data for communication purposes.

Legal basis:

  • Individual’s consent

Description

On our website, we provide the option to contact us via email or a contact form on the website. We use your email address and/or phone number for the purpose of communicating with you, responding to your inquiries, sending offers, news, and other information related to our products.

  1. Purpose: Ordering or purchasing products from , performing actions before order fulfillment, order fulfillment, installation, and delivery of goods

Types of personal data processed for this purpose:

  • Name and surname

  • Address

  • Email address

How long we retain the data for this purpose:

We retain data until the order is fulfilled or the purchase is completed, and an additional 5 years after the order is fulfilled or the purchase is made by the customer. Data on the issued invoice will be retained for an additional 10 years from the date of the issued invoice.

Legal basis:

  • Contractual legal basis

Description

On our website, we offer the option to order products that we manufacture. We will need your personal data for the purpose of concluding, performing, and fulfilling the sales contract, which means purchasing, selling, and delivering goods.

  1. Purpose: Monitoring the GPS location of the vehicle and technical (telemetric) data of the vehicle where the device is installed.

Types of personal data processed for this purpose:

  • GPS location of the vehicle

  • Vehicle telematics

  • User’s name and surname

How long we retain the data for this purpose:

We retain data on the GPS location of the vehicle and vehicle telematics data for 1 year from capture or until we receive a request to stop the GPS tracking of the user’s vehicle.

Legal basis:

  • Individual’s consent

Description

Our vehicle theft prevention solutions allow for tracking the GPS location of your vehicle and vehicle telematics data, which are crucial for determining the vehicle’s location in case it is stolen or damaged. If you do not want the solution to record the GPS location of the vehicle, you cannot use our devices.

  1. Purpose: Registration of the user’s account in the application.

Types of personal data processed for this purpose:

  • Name and surname

  • Address

  • Email address

  • Phone number

How long we retain the data for this purpose:

For the duration of using the user account in the application or until we receive a request for deletion of the user’s account.

Legal basis:

  • Individual’s consent

Description

To use our solutions and enable their operation, the user must register their user account in the application. When registering a user account, you must provide certain personal data because the user account is the personal account of the individual through which the individual manages the application and the device in the vehicle.

  1. Purpose: Use of the Author Alarm Application and Provision of its Functionality, Resolving Technical Issues on Devices and in the Application.

Types of personal data processed for this purpose:

  • Name and surname

  • Address

  • Email address

  • Phone number

  • User ID

  • GPS location

How long we retain the data for this purpose:

For the duration of the user’s account usage in the application or until the receipt of a request to delete the user’s account from the application, or for an additional 24 hours after receiving a request to remove the device from the user’s account.

GPS location data of the vehicle is retained for one year from capture or for an additional 24 hours after receiving a request to remove the device from the user’s account.

In case of user inactivity, data from the user account will be deleted three years from the year the user ceased using the solution and application.

Legal basis:

  • Individual’s consent

  • Contractual legal basis

Description

To enable comprehensive use of our solutions, users must install a dedicated application on their mobile devices, which provides monitoring of device functionality or our solutions. Users also link the device installed in their vehicle to their user account, enabling the execution of device functionality. Users can manage their vehicle-installed device through the application, including tracking the GPS location of the vehicle. If a user wishes to remove the device from their user account, the data will be retained for an additional 24 hours after the removal request to allow the user to reconnect the device to their account. If not, the data is permanently deleted.

  1. Purpose: Use of the Author Alarm Application and Provision of its Functionality, Resolving Technical Issues on Devices and in the Application.

Types of personal data processed for this purpose:

  • Name and surname

  • Address

  • Email address

  • Phone number

  • User ID

  • GPS location

How long we retain the data for this purpose:

For the duration of the user’s account usage in the application or until the receipt of a request to delete the user’s account from the application or a request to stop using 2FA.

Legal basis:

  • Individual’s consent

Description

To ensure adequate security for user login to the user account, we provide the option of two-factor authentication. By using 2FA, you will receive an SMS with a unique password when logging into your user account, enhancing the security of using the application. If we want to enable the use of 2FA, you will need to provide a phone number to which the solution can send SMS messages with unique access passwords. We will send SMS messages with unique passwords to you with every login to the application.

  1. Purpose: Improvement of the System, Preparation of System Updates and Solutions, and Resolution of Issues in the Solution.

Types of personal data processed for this purpose:

  • Technical data about the operation of the application (anonymized)

  • Data about the operation of the device (anonymized)

  • User ID

  • GPS location

How long we retain the data for this purpose:

Technical data about the operation of the application and data about the operation of the device in anonymized form are retained permanently.

Legal basis:

  • Legitimate interest

Description

For the purpose of preparing improvements to the application and technical solutions, we process anonymized technical data collected and processed by our solution, which helps us identify deficiencies in the technical solution and prepare appropriate system enhancements, updates, and solution improvements and address issues in the solution.,

  1. Purpose: Use of Cookies on Company Websites 

Types of personal data processed for this purpose:

  • Necessary cookies

  • Analytical cookies

  • Marketing cookies

How long we retain the data for this purpose:

For the duration of the company’s website usage or until receiving a revocation of consent for cookie usage.

Some cookies are time-limited and are stored for a limited time for the duration of the cookie.

Legal basis:

  • Legitimate interest

  • Individual’s consent

Description

Cookies allow us to customize the website to your needs, facilitate your use, and display content that is important to you while avoiding content that is not relevant to you or inappropriate. By using the company’s websites, you agree to the use of mandatory or necessary cookies. Mandatory cookies are essential for the operation of the websites and do not store your personal data, serving for the normal and proper operation of the websites. Non-mandatory cookies necessary for the operation of various interfaces are only loaded with your consent. You can learn more about cookies in the website cookie policy.

Collection of Your Personal Data

We collect personal data in the following ways:

  • Data you provide to us directly: You may provide us with your personal data when you contact us via email or phone, register for an account on our website or in our application, place an order for our products, or subscribe to receive news and offers.

  • Data collected automatically: When you visit our website, we may collect certain information automatically, such as your IP address, browser settings, and information about your operating system. This information is collected through cookies and similar tracking technologies.

  • Data from third-party sources: We may receive your personal data from third-party sources, such as business partners or publicly available sources.

Users of Personal data

We may share your personal data with the following categories of recipients:

  • A processor who provides hosting and server services for us,

  • A processor who provides accounting services for us,

  • A processor who takes care of the delivery, servicing, and installation of our solutions to customers,

  • A processor responsible for processing payments for our services,

  • A processor who is responsible for the development of the Author application.

  • A processor who provides 2FA (Two-Factor Authentication) services.

  • Government authorities to whom we are required to send data based on legal requirements.

Contract processors may process personal data only within the framework of the controller’s instructions and may not use personal data for pursuing any of their own interests.

8. Processing of Children’s Personal Data

We do not knowingly process personal data of children under the age of 16. If you are a parent or guardian and believe that your child has provided us with their personal data without your consent, please contact us, and we will take appropriate steps to remove the data.

9. Transfer of Data to Third Countries or International Organizations

Company AUTHOR-ALARM Ltd. does not transfer your collected data to third countries or international organizations, nor do we share them with users from third countries.

However, we do collaborate with providers from third countries, such as Stripe, which are based in third countries and provide various services to us. You provide your data to these mentioned providers yourself when using their products, such as when using payment services.

  1. Information on Individual Rights Regarding Personal Data Processing 

As an individual whose personal data is processed by AUTHOR-ALARM d.o.o., you have the following rights::

  1. Right to Withdraw Consent

If you, as an individual, have consented to the processing of personal data for one or more purposes, you have the right to withdraw your consent at any time.

Upon receiving your withdrawal of consent for one or more purposes of processing, the controller will immediately cease processing your personal data for that purpose.

The withdrawal of consent for the processing of personal data does not affect the lawfulness of the processing of personal data concerning you prior to your withdrawal or the use of this personal data for legal or contractual purposes.

You can withdraw your consent at any time and without any cost through the following methods:

  1. In electronic messages by clicking on the designated unsubscribe link.

  2. By sending a form with the withdrawal of consent.

  3. By sending an email requesting the withdrawal of consent for the processing of personal data.

  4. By deactivating your user account.

Right to Access Personal Data Processed 

You have the right to obtain confirmation from the controller as to whether or not personal data concerning you is being processed and to access personal data concerning you, along with the following information: the purpose of processing, the type of personal data concerning you, the recipients of your personal data, the expected period of storage of personal data, the source of personal data.

Right to Correct Inaccurate Personal Data 

At any time, you have the right to request that the controller correct or supplement inaccurate or incomplete personal data concerning you.

The controller will inform you of the correction of your personal data without delay, no later than 30 days after the correction is made.

Right to Restrict Processing of Personal Data

From the controller, you have the right to request that the controller restrict the processing of your personal data when:

  1. You contest their accuracy, for a period enabling the controller to verify the accuracy of the data.

  2. The processing is unlawful, and you oppose the erasure of personal data and request the restriction of their processing.

  3. The controller no longer needs the personal data for processing purposes, but you require them for the establishment, exercise, or defense of legal claims.

  4. You have objected to processing pending the verification of the legitimate grounds of the controller.

Right to Erasure of Personal Data (“Right to be Forgotten”)

In the event that your personal data is no longer necessary for the purposes for which it was processed, you have withdrawn consent to the processing of personal data for specific purposes, or there is no other legal basis for their processing, or the personal data have been processed unlawfully, you have the right to request the erasure of personal data concerning you without undue delay from the controller.

In the event of the erasure of personal data upon your request, the controller will inform you of the erasure.

The right to erasure is not absolute, and you should be aware that data required by law or for the conclusion or performance of a contract cannot be deleted. We will inform you about this.

Right to Object

In addition to the right to withdraw consent, you can, at any time, in the case of the use of your personal data for informational or direct marketing purposes, request in writing the cessation of the use of your data for this purpose. In the case of objection to processing for marketing purposes, the controller will immediately cease processing personal data for marketing and informational purposes.

Right to Data Portability

You have the right to have personal data that you provided to the controller transferred directly to another controller, where technically feasible.

10. Exercise of Rights

You can exercise all the rights mentioned in the above section of this statement by submitting a request to exercise each individual right. You may submit a request to exercise your rights in physical or electronic form. You can send a request to exercise your rights by mail to the following address: AUTHOR-ALARM d.o.o., Koroška 26, 1000 Ljubljana, or by email to: info@author-alarm.si.

11. Right to lodge a Complaint

You have the right to lodge a complaint with the competent supervisory authority in case of a breach of personal data protection by the controller. You can send your complaint to the following address: Information Commissioner, Dunajska cesta 22, 1000 Ljubljana, or by email to: gp.ip@ip-rs.si.

12. Existence of Automated Decision-Making, Including Profiling

The controller does not make automated decisions or create profiles of individuals.

13. Validity of the Policy

We reserve the right to modify or update this data protection statement without prior notice. The currently applicable version is the one published here.

Any changes to this data protection statement will be published on this website.

Version: 2.0, dated August 30, 2023