1. Responsible data controller
The responsible data controller for the “magicplan” app is Sensopia Inc., 434 rue Sainte Hélène, Montreal, QC H2Y 2K7, Canada („Sensopia“). Sensopia and its affiliated company, enapt GmbH, Leopoldstraße 59, 80802 München, Germany („enapt“) are partly jointly responsible. In this respect, the companies have defined in an agreement which of them fulfils which data protection obligation. The essential content of this agreement is available to you from Sensopia or enapt upon request.
If you have any question, please do not hesitate to contact Sensopia’s data protection officer:
2. What qualifies as personal data?
Personal data means information relating to an identifiable natural person, such as your name, e-mail address, telephone number, postal address and/or IP address of your computer.
3. What data do we use for what purposes?
In the following we explain which personal data we process. As far as such data is processed or stored, this occurs on your smartphone and /or in an IT environment.
Unless it is explicitly stated otherwise in the following sections the legal basis for the processing of data is Art. 6 (1) b) GDPR (performance of a contract).
3.1 Technical communication data
We collect and use technical communication data which your smartphone automatically transmits to us and which is used for communication with your smartphone. This includes
- the name of the device
- the operating system and app version
- the mobile phone provider
- different identification numbers in order to be able to uniquely assign the device to you
- the time of occurrence of app disturbances for troubleshooting, and
- the IP address assigned to you.
The legal basis for the associated processing of your personal data is Art. 6 (1) f) GDPR (balancing of interests, based on our legitimate interest in constantly and profitably improving the content, functionality and attractiveness of the app by analyzing your usage) as well as Art. 6 (1) b) GDPR (performance of a contract) and Art. 6 (1) a) GDPR (your consent). This data will be deleted six months following its collection at the very latest.
In order to display personalized content, we use service providers to track the usage of the app. Please find below in this document all service providers we use for personalization purposes.
In order to be able to use the functions of this app, you must set up a personal user account (hereinafter “account”). You can store your personal information (e.g. floor plans) in your account.
In order to set up a personal account, users must enter their email address and a freely selectable password which at the same time serve as an access code for the account. With the same access data, the user can also log on the magicplan cloud, which is part of the app, at https://cloud.magic-plan.com/login.
After successful registration, the user automatically receives a confirmation by e-mail. In this way, the user concludes the contract for the provision of the account with us. In addition, users can store their personal contact details in their account and update these details at any time.
Unless you “log off” by clicking, so-called persistent cookies are stored on your device, which serve to ensure that the user does not have to log on again during subsequent visits to the app.
The legal basis for the associated processing of your data and for the display of corresponding information in the app is Art. 6 (1) b) GDPR (performance of contract) and/or Art. 6 (1) f) GDPR (balancing of interests, based on our legitimate interest in providing users with a simple and customer-friendly user experience).
You can terminate your account at any time and without giving any reasons. The easiest way to do this is by sending an informal email to firstname.lastname@example.org.
5. Processing of orders
We offer the opportunity to purchase products in our app (e.g. floor plans, standard or business subscriptions). Sensopia does not process any personal data in connection with the purchase of these products. The data you enter for electronic payment processing will only be collected and processed by the relevant app store.
For more information on the processing of data in the app stores, please refer to the respective privacy statements:
Apple App Store:
Google Play Store:
The legal basis for the associated processing of your data is the fulfillment of the contract with your app store, Art. 6 (1) b) GDPR (performance of contract).
6. App permissions
In order to provide you with certain functionalities of the app, the app must be able to access various functions and data on your mobile device.
For this purpose, it is necessary from a technical point of view that you grant the app access permissions as described in each case. Otherwise, the app is not fully usable for technical reasons. The reason for this is that the permission settings in smartphone operating systems are usually programmed in such a way that some authorizations can only be granted or requested together and not in the form of individual partial authorizations. Therefore, Sensopia is dependent in such cases on requesting full authorization from customers, even if only part of it is required and used specifically.
In the following, we will inform you about the permissions required by the app, whereby we will only use these to the extent required in each case, even if an authorization technically includes more.
The legal basis for the associated processing of your data is Art. 6 (1) b) GDPR (performance of contract) respectively Art. 6 (1) a) GDPR (your consent).
6.1 Your location
Your consent to the collection of your current location is required for location-based services. If you give your consent, your device may use your GPS data, WLAN identifiers and/or Bluetooth to determine your location, depending on what you have activated.
In any case, the app collects your location only if you have previously agreed to this in the corresponding device settings. For android versions, consent may be given after confirmation when downloading the app or in the device settings. For Windows Mobile and iPhone versions, consent may be given in a dialog box when the app is first opened as well as in the device settings.
Right of withdrawal:
You are entitled to withdraw your consent at any time for the future. Such withdrawal may be effected in the settings of the app under “Account -> Legal -> Statistics”.
The legal basis for collecting and processing your location is Art. 6 (1) a) GDPR (your consent).
6.2 Map functionality
Our app allows you to display your location on a map, provided you have consented to the collection of your location.
The app on the android operating system uses the Google Maps service of Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) which receives your IP address to display the map. The legal basis for this is Art. 6 (1) a) GDPR (your consent).
At https://www.google.com/intl/de_en/policies/technologies/product-privacy/ you can adjust your privacy settings as desired.
The app on the iOS operating system uses a map service of Apple Inc. (1 Infinite Loop, Cupertino, CA 95014, USA). Apple will only receive your IP address after your consent to using the map service. The legal basis for this is Art. 6 (1) a) GDPR (your consent).
The privacy settings for this can be adjusted in the device settings of your end device.
Right of withdrawal:
You are entitled to withdraw your consent at any time for the future. Such withdrawal may be effected in the respective device settings.
6.3 Network Communication
The app will establish a connection with us via the internet and to communicate with us regarding the services you require.
The legal basis for the data processing associated herewith is Art. 6 (1) b) GDPR (performance of a contract).
Your consent to access your system-side camera is required so that you can digitize a room while using our app.
The legal basis for access to your system camera is Art. 6 (1) a) GDPR (your consent).
Right of withdrawal:
You are entitled to withdraw your consent at any time for the future. Such withdrawal may be effected in the settings of the app under “Preferences -> Send data to improve magicplan”.
7. Google Firebase (Category Statistics)
We use Google Firebase (Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, “Google”) to analyze overall usage, categorize user groups, and optimize our products. In some cases, the content of our app also is adapted to the measurement results. Google Firebase processes your data anonymously and in larger quantities together with data from other users so that your individual data and measurements cannot be assigned to you.
Google Firebase uses servers located in the EU for these services wherever possible. However, it cannot be ruled out that data may also be transferred to the USA. Whereas no personal data is transferred to the United States, Sensopia and Google have nevertheless agreed on the standard contractual clauses for the transfer of personal data to processors established in third countries under Directive 95/46/EC in order to adduce adequate safeguards with respect to the protection of privacy of individuals.
You can stop the data transfer to Google by deactivating the built-in slider in the settings of the app under “Account -> Legal -> Statistics”.
8. Data Security
As far as this app communicates with Sensopia, this is done in encrypted form. Please note, however, that personal data stored locally on your device may be misused by third parties, e.g. if your mobile phone is stolen. We therefore recommend that you carefully secure your device accordingly, e.g. with a code lock.
If the app is uninstalled, all personal data in the app will be deleted.
9. External Service Providers
For certain activities in connection with the “magicplan” app, we use external services providers for data processing (e.g. data center operators). To the extent it is necessary these service providers also process personal data. Sensopia diligently selects and supervises its service providers. They process the data only in accordance with our instructions and are also bound by by respective data processing agreements and this privacy statement.
10. Retention Periods
We store personal data only as long as it is necessary for the purposes described herein, or as long as it is necessary to comply with statutory storage periods.
Technical communication data in accordance with Section 3.1 will be deleted after six months. Personal data will be deleted when you ask us to delete your account or when you delete the app on your device.
11. Your rights
You have the following rights with regard to the personal data concerning you:
Insofar as the legal basis for the processing of data is Art. 6 (1) f) GDPR (the processing of data serves our legitimate interests), you have the right to object to the processing of data at any time. In order to do so, you may send us an email to email@example.com.
Furthermore, you have the
- right of information,
- right of rectification or deletion,
- right to limitation of processing,
- right to data portability.
You also have the right to complain to a data protection supervisory authority about our processing of your personal data.