Overview
This privacy policy relates to the Uepaa app, Uepaa's website and the processing or disclosure of personal data carried out by Uepaa AG ("Uepaa"), Sonnhaldenstrasse 17, 8032 Zurich, in this context. Uepaa takes the protection of your personal data very seriously. In order for Uepaa to provide its services in a customer-oriented and appropriate manner, it is dependent on being allowed to collect and process certain personal data. Uepaa complies with the provisions of Swiss data protection legislation and the following statements provide information on how your personal data and information are handled.
1. what personal data is processed?
Uepaa collects information in several ways.
Some personal information is collected when you set up or modify your profile. In doing so, Uepaa will ask you for your name, a photo, your gender, your phone number, your year of birth, and emergency contacts from your address book (including all of their phone numbers), and may disclose this information to Uepaa. Uepaa may ask you for personal information on other occasions after you set up or change your profile, such as when you use add-on services or when you report a problem with their service to Uepaa. Furthermore, data related to your smartphone or similar device (hereinafter also "phone") is processed, such as the model of the phone, the operating system, the MAC address, cell phone service provider or operator and the version of the Uepaa App.
When the Uepaa app is running, Uepaa collects the following data: location data, battery level GPS and/or network-based position (longitude, latitude, altitude, accuracy, speed) and total paths/tracks (i.e. tracking history); cell phone network (coverage, signal strength and type); alarm data (enriched alarm with all relevant data from your profile and the running Uepaa app such as location/position and battery level). Furthermore, Uepaa collects and processes data about network coverage and performance (for different providers; GSM map).
Furthermore, user-generated content (including you) is distributed via the Uepaa Net. As part of an alert and/or rescue operation, users may comment on and modify existing rescue processes and interact with Uepaa, the victim and other Uepaa users. You hereby consent to such content being sent to you.
As a user, the above mentioned data will be continuously transmitted by you on the Uepaa Net (as defined and described in the Terms of Use) (so-called "Messages"). Such Messages can be generated manually by an action of the User (e.g. alarm) or automatically in the background by the Uepaa App (e.g. position (longitude, latitude, altitude, accuracy, speed), battery level, network coverage and performance data). Messages are exchanged in the ways described in the Terms of Use under Section II.B. You hereby agree that your smartphone may be used for Uepaa Net.
Uepaa conducts internal research regarding the interests and behavior of users based on the information available to Uepaa through registration and from its server log files. Uepaa does this in order to provide appropriately enhanced services to its users. These studies are compiled and analyzed on a holistic basis.
The following data from Uepaa is stored on your phone: The Uepaa App, the version of the Uepaa App and other data relevant for maintenance and support.
You agree that Uepaa App may access the following data and/or perform the following actions: (i) dial phone numbers (including those in your address book) directly without your intervention; (ii) exact and/or approximate location (Uepaa App may determine your exact or approximate location and movement using GPS data, location services, network location sources such as cell towers or Wi-Fi).
Finally, you agree that Uepaa and/or the rescue organization may link the data collected in connection with the Uepaa App with existing data of rescue organizations, provided that it serves the purpose of efficient mission planning and execution or communication with you.
2. for what purposes are personal data processed?
Uepaa collects and processes Personal Data in order to operate the Uepaa App in a customer-oriented and appropriate manner and to be able to provide its services as well as for the purpose of the use of the Uepaa App by the Users. Uepaa processes Personal Data in particular (i) for the purpose of alerting and rescuing (in particular performing and verifying alerting and rescuing), (ii) to increase security, in particular by using Users' smartphones for cloud communication services, (iii) to store and process information on the Uepaa Server in order to support the alerting and rescuing process in emergency situations; (iv) to allow Users to comment on and modify existing rescue processes or interact with Uepaa, rescuers, the victim and other Uepaa Users as part of an alert and/or rescue operation; (v) to allow Users to communicate throughout the Uepaa Net; and (vi) for identification, billing and marketing purposes and to provide you with corporate, product or other information that Uepaa believes may be of interest to registered Users.
The user agrees that his personal data may be processed by Uepaa for marketing purposes. In particular, the data may be used for announcements of events, contests and surveys, as well as information about services and products of Uepaa and its partners.
Uepaa processes the above mentioned data and keeps these data, e.g. log files with model of the phone, phone ID and signal strength, in order to improve its service and to be able to provide relevant information to mobile operators (on an anonymous basis).
3. which data is passed on to third parties and for which purposes?
In principle, Uepaa, the emergency contacts, rescue organizations recognized by Uepaa as partners, rescue forces and emergency physicians, authorities as well as other Uepaa users within the scope of the communication of messages have access to the collected and processed personal data. In particular, in the context of, for the execution and verification of alerting or rescue operations, emergency calls by the Uepaa user, in the context of comrade assistance or by a third party, as well as missing person reports or inquiries regarding potential or actual emergencies by authorities, rescue organizations, rescue forces or rescue physicians, it is possible that the personal data mentioned in section 1 are communicated and/or made accessible to other Uepaa users, rescue organizations, rescue forces and rescue physicians, as well as authorities or other third parties, who in turn process them. The transmission of as complete and correct as possible information on emergencies with the help of the Uepaa App enables the authorities, rescue organizations, rescue forces and any rescue doctors to efficiently assess the further course of action. The user agrees and authorizes Uepaa to use all data of the Uepaa user, in particular personal and location data (e.g. current position), in the context of operations requested via Uepaa, for the execution and verification of alerting or rescue operations, of emergency calls by the Uepaa user, in the context of comrade assistance or by a third person, as well as in connection with missing person reports or with inquiries regarding potential or actual emergencies by authorities, rescue organizations, rescue forces or rescue physicians.(e.g. current position), device-specific data (e.g. battery status) as well as other data mentioned in section 1, as well as to third parties such as rescue organizations, rescue physicians, rescue forces and/or authorities and other Uepaa users, which in turn can process them. Rescue operations, alerting, emergency calls, missing person reports or inquiries regarding potential or actual emergencies may also involve the transmission of user data to criminal or other authorities or to third parties providing rescue or other services.
Other Uepaa users are informed of the following in particular for the use of the Uepaa App: In the context of comrade assistance, your personal data mentioned above may also be disclosed and accessible to other users and processed by them for the purposes mentioned above. Insofar as personal data of other Uepaa users become accessible to you in this context, you hereby undertake to process these only under the conditions set out in this privacy policy for the purposes of alerting and/or rescue.
Furthermore, the data mentioned in section 1 may be disclosed to commercial partners such as advertising partners of Uepaa for the purposes mentioned in section 2.
Uepaa further reserves the right to process and disclose information and personal data to the appropriate civil and law enforcement authorities in order to comply with applicable laws, regulations, legal proceedings or criminal investigations. Uepaa also reserves the right to disclose information and personal data to third parties (i) if you have consented to it, (ii) if Uepaa deems it necessary to provide you with the services contained in the Uepaa App; (iii) to protect the personal safety or rights of you, Uepaa, another user or third parties; (iv) in the context of corporate transactions.
Uepaa uses various service providers that help it improve the quality and performance of its service and business. This means that such third party service providers may have access to and process Personal Data on behalf of Uepaa. In particular, Uepaa uses "amazon web service" from Amazon Web Services Inc, USA, and its affiliates for its servers. Amazon Web Services Inc. processes the data based on its Privacy Policy (http://aws.amazon.com/de/privacy), to which you also hereby expressly consent.
4. are personal data transferred abroad?
It is possible that, particularly in the case of repatriation missions, personal data may have to be transferred to third countries in which there is no level of data protection comparable to Swiss data protection legislation. By using this Uepaa app, the user declares his consent to this.
The servers of Uepaa are generally located in Switzerland, Ireland and other countries of the European Union, especially in the context of the "amazon web services" used by Uepaa. If Amazon Web Services Inc. or companies affiliated with it are legally obligated to do so or due to requests from authorities, the personal data may also be transferred to other countries, including countries (incl. the USA), which do not have data protection legislation equivalent to that of Switzerland. You hereby consent to the transfer of your personal data to such countries, in particular also to the USA.
5. what correction, update and deletion options are available to the user?
Any user can edit and change their profile information at any time within the Uepaa App. For all other issues and to delete your profile, contact support@uepaa.ch.
6. what rights does the user have?
Each user has the right to edit and, if necessary, correct his or her profile in accordance with section 5 of this statement.
By law, each user has the following rights: (i) right to access; (ii) right to block disclosure; (iii) right to rectify; (iv) right to delete personal information.
The user shall exercise his right in writing at
Uepaa AG
Sonnhaldenstrasse 17
8032 Zurich
to make a claim. A copy of the identity card or passport must be enclosed for clear identification.
Uepaa reserves the right to charge an appropriate contribution to the processing costs incurred for the provision of information if (1) the person making the request has already been provided with the requested information in the twelve months prior to the request and no interest worthy of protection in a new provision of information can be proven; if (2) the provision of information is associated with a particularly large amount of work. The contribution shall amount to a maximum of 300 francs.
7. what security measures are used to protect personal data?
Uepaa provides for security measures to prevent loss, misuse or alteration of information and personal data.
When exchanging messages (see section 1), SSL encryption is used for direct communication between the device and the Uepaa server.Once Uepaa has received transmissions, Uepaa appropriately secures the information in its systems.Other communications are not encrypted.8. ContactIf you have any questions about this statement or Uepaa's data handling practices, please contact support@uepaa.ch.