data protection Theben apps

1. general information

We, Theben AG (hereinafter "Theben"), appreciate your interest in our products and services. We take the protection of your privacy and the personal data you provide to us very seriously. It is a matter of course for us to observe the legal provisions of data protection. Below we inform you which data we collect from you for which purposes, how long we store it and which rights you have when we process your data.
In our privacy policy, we use terms and definitions of the European Data Protection Regulation DS-GVO, especially of Art. 4 DS-GVO. According to this regulation, we are the "controller" and you are the "data subject". Data that directly or indirectly relate to you are "personal data". When we refer to your "data" in the remainder of this privacy policy, this generally means data that relates directly or indirectly to your person.

name and address of the person responsible

The responsible party within the meaning of the General Data Protection Regulation and other national data protection laws of the Member States as well as other data protection regulations is:


Theben AG
Hohenbergstrasse 32
72401 Haigerloch


Contact of the data protection officer
datenschutz@theben.de

legal basis of data processing

Your data will only be processed in connection with the establishment of a connection to your devices if you have given your express consent in advance.
The granting of your consent is valid if you have made a connection to your devices. have made a connection to your devices. The legal basis is Art. 6 para. 1 lit. a DSGVO. You can revoke a granted consent at any time.

purpose of data processing

The processing of device data and settings is solely for the purpose of the Functionality and the proper operation of the app. The authorizations on your end device are required to ensure the functionality and proper operation of the app. Please note that without the permissions requested by the app, no or only a few app functions can be used.

storage duration

Device data and settings are stored in the app until you delete the devices via the user interface or uninstall the app.

registration

For registration, first name, last name, email address, phone number, password are stored. The access data is created and stored in the Theben Cloud, a tool of Theben.

passing of data

A transfer of your personal data to third parties for purposes other than those listed below, does not take place. We only pass on your personal data to third parties if:

  • you have given your express consent to this in accordance with Art. 6 Para. 1 Sentence 1 lit. a DSGVO,
  • the disclosure is required under Art. 6 (1) p. 1 lit. f DSGVO for the assertion, exercise or defense of legal claims and there is no reason to believe that you have an overriding legitimate interest in not disclosing your data,
  • in the event that there is a legal obligation for disclosure pursuant to Art. 6 (1) p. 1 lit. c DSGVO, as well as
  • this is legally permissible and necessary according to Art. 6 para. 1 p. 1 lit. b DSGVO for the processing of contractual relationships with you.

rights affected

You have the right to:

  • Request information (pursuant to Art. 15 DSGVO) about your personal data processed by us. In particular, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of complaint, the origin of your data if it has not been collected by us, and the existence of automated decision-making, including profiling, and, if applicable, meaningful information about its details;
  • Correction (pursuant to Art. 16 DSGVO) of incorrect, or to request the completion of your personal data stored by us;
  • Erasure (pursuant to Art. 17 DSGVO) of your personal data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defense of legal claims;
  • Restriction (pursuant to Art. 18 DSGVO) of the processing of your personal data, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you object to its erasure and we no longer need the data, but you need it for the assertion, exercise or defense of legal claims or you have objected to the processing pursuant to Art. 21 DSGVO;
  • Transfer (pursuant to Art. 20 DSGVO) of your personal data that you have provided to us in a structured, common and machine-readable format, or request the transfer to another controller;
  • Revoke (pursuant to Art. 7(3) DSGVO) your consent once given. This has the consequence that we may no longer continue the data processing based on this consent for the future
  • Complaint (pursuant to Art. 77 DSGVO) to a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our company headquarters for this purpose.

right of objection

If your personal data is processed on the basis of legitimate interests pursuant to Art. 6 (1) p. 1 lit. f DSGVO, you have the right to object to the processing of your personal data pursuant to Art. 21 DSGVO, provided that there are grounds for doing so that arise from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right of objection, which is implemented by us without specifying a particular situation. If you wish to exercise your right of revocation or objection, an e-mail to: datenschutz@theben.de is sufficient.

right of revocation

You can revoke the consent you have given for the connection of your devices in by removing the devices or uninstalling the app via the app's user interface. You have the option to revoke your granted access to the end device at any time. The revocation takes place via your corresponding end device setting. For this purpose, you can individual permissions of the app.

data security

Within the website visit, we use the widespread SSL procedure (Secure Socket Layer) in connection with the highest encryption level supported by your browser. As a rule, this is a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is encrypted by the closed key or lock symbol in the lower status bar of your browser. We also use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.

actuality and change of this privacy policy

This data protection declaration is currently valid and has the status August 2023. Due to the further development of our website and offers on it or due to changed legal or official requirements, it may become necessary to change this data protection declaration.

2. collection & processing of personal data in our apps

We collect and process personal data in our Theben apps.

In the next sections, you can view app-specific information about the type of data processed, the purpose of the processing, and the app-specific access permissions.

LUXORplay App

The LUXORplay app enables the operation of Theben AG products integrated in the LUXORliving smart home solution via WLAN. During the connection, the device data data and settings of the devices included in LUXORliving are collected and stored in the app.

The following device data and settings are processed:

  • Serial number
  • Setup key
  • States (switching state on/off, window open/closed, rain yes/no, etc.)
  • Values (dimming value, blind position, temperature, wind speed, etc.)
  • Country of residence

If you establish a connection to the units via the network gateway, the IP addresses of the units are also processed. For proper functionality of the LUXORplay app, authorisations are required on your end device. The required authorisations are exclusively for the purpose of the LUXORplay app. Before access authorisation is granted on your device, you will be asked for your consent by the LUXORplay app.

The LUXORplay app is granted the following access authorisations:

  • Access to the local network
iONplay App

The iONplay app enables a connection to your room controllers of the products of Theben AG. Operation and programming are transmitted to the room controller via Bluetooth. During the connection, the device data and settings of your room controller are collected and stored in the app.

The following device data and settings are processed:

  • States (switching state on/off, window open/closed, rain yes/no, etc.)
  • Values (dimming value, blind position, temperature, wind speed, etc.).

For proper functionality of the iONplay app, authorisations are required on your end device. The required authorisations are designed exclusively for the purpose of the iONplay app. Before an access permission is granted on your terminal device, the iONplay app will ask you for your consent.


The following access permissions are granted to the iONplay app:

  • Access to Bluetooth
  • Access to memory
  • Access to photos/media/files
  • Access to the location
DIMAX 544 plus App

The DIMAX 544 plus dimmer app enables a connection to your universal dimmers from Theben. The operation and settings are transmitted to the universal dimmer via Network Field Communication (NFC). During the connection, the device data and settings of your universal dimmer are collected and stored in the app.


The following device data and settings are processed:

  • Serial number
  • NFC settings

Authorisations are required on your end device for proper functionality of the DIMAX 544 plus dimmer app. The required authorisations are designed exclusively for the intended use of the Dimmer DIMAX 544 plus app. Before access authorisation is granted on your end device, you will be asked for your consent by the Dimmer DIMAX 544 plus app.


The dimmer DIMAX 544 plus app receives the following access authorisations:

  • NFC access

 

 

MAXplus App

The MAXplus app enables a connection to your universal dimmers of the products of Theben AG. The operation and control programs are transmitted to the universal dimmers via Bluetooth. During the connection, the device data and settings of your universal dimmers are collected and saved in the app.

The following device data and settings are processed:

  • Serial number
  • Bluetooth connection data

For proper functionality of the MAXplus app, authorisations are required on your end device. The required authorisations are designed exclusively for the purpose of the MAXplus App. Before access authorisation is granted on your device, you will be asked by the MAXplus App for your consent.


The MAXplus app receives the following access authorisations:

  • Access to Bluetooth
  • Access to memory
  • Access to photos/media/files
  • Access to the location
OBELISK top3 App

The OBELISK top3 app enables a connection to your digital top3 time switches from Theben. The timer programmes are transmitted to the top3 timers via Bluetooth. During the connection, the device data and settings of your time switch are collected and stored in the app.


The following device data and settings are processed:

  • Serial number

For proper functionality of the OBELISK top3 app, authorisations are required on your end device. The required authorisations are designed exclusively for the purpose of the OBELISK top3 app. Before access authorisation is granted on your end device, you will be asked for your consent by the OBELISK top3 app.


The OBELISK top3 app receives the following access authorisations:

  • Access to Bluetooth
  • Access to memory
  • Access to photos/media/files
  • Access to the location
RAMSES BLE App

The RAMSES BLE app enables a connection to your digital clock thermostats of the Theben AG products. The operation and time switching programmes are transmitted to the clock thermostats via Bluetooth. During the connection, the device data and settings of your clock thermostat are collected and saved in the app.


The following device data and settings are processed:

  • Serial number
  • Device type and device name
  • Device data (e.g. operating mode, room temperature, setpoint and actual temperatures, etc.)

For proper functionality of the RAMSES BLE app, authorisations are required on your end device. The required authorisations are exclusively for the purpose of the RAMSES BLE app. Before access authorisation is granted on your device, you will be asked by the RAMSES BLE app for your consent.


The RAMSES BLE App is granted the following access authorisations:

  • Access to Bluetooth
  • Access to memory
  • Access to photos/media/files
  • Access to the location
thePIXA Plug App

The thePIXA Plug app enables a connection to the optical presence detectors of Theben. The detection settings of the thePIXA Plug App are transmitted to the optical presence detectors via Bluetooth. During the connection, the device data and settings of your presence detector are collected and stored in the app.


The following device data and settings are processed:

  • Firmware version
  • Images for image recognition (fully pixelated)

For the proper functionality of the thePIXA Plug app, authorisations are required on your end device. The required authorisations are exclusively for the purpose of the thePIXA Plug App. Before access authorisation is granted on your device, the thePIXA Plug App will ask you for your consent.


The following access authorisations are granted to the thePIXA Plug App:

  • Access to Bluetooth
  • Access to memory
  • Access to photos/media/files
  • Access to the location
theSenda Plug App

The theSenda Plug App enables a connection to your Theben AG presence and motion detectors. Operation and programming are transmitted to the presence and motion detectors via Bluetooth. During the connection, the device data and settings of your presence and motion detectors are collected and stored in the app.


The following device data and settings are processed:

  • Firmware version
  • Room temperature
  • Room occupancy

For proper functionality of the theSenda Plug app, permissions are required on your end device. The required authorisations are designed exclusively for the purpose of the theSenda Plug App. Before access authorisation is granted on your device, you will be asked by theSenda Plug App for your consent.


The following access authorisations are granted to theSenda Plug App:

  • Access to Bluetooth
  • Access to memory
  • Access to photos/media/files
  • Access to the location
theServa (Mini) App

The theServa(Mini) app enables operation of the Theben AG products via Ethernet or WLAN, which are integrated in the theServa smart home solution. During the connection, the device data and settings of the devices included in the theServa are collected and stored in the app.


The following device data and settings are processed:

  • Serial number
  • States (switching state on/off, window open/closed, rain yes/no, etc.)
  • Values (dimming value, blind position, temperature, wind speed, etc.)

If you establish a connection to the units via the network gateway, the IP addresses of the units are also processed.
For proper functionality of the TheServa(Mini) app, authorisations are required on your end device. The required authorisations are exclusively for the purpose of the TheServa(Mini) app. Before access authorisation is granted on your device, TheServa(Mini) App will ask you for your consent.


The following access authorisations are granted to TheServa(Mini) App:

  • Access to the local network
  • Access to the memory
  • Access to push messages
  • Access to the location