I. General

Privacy Policy

ISISIC GmbH takesthe protection of your data very seriously. For this reason, we havegenerally structured the HELIA® base station, the associatedHELIA® Push app (hereinafter referred to as HELIA® App) andthe associated HELIA®configuration website in such a way that aslittle personal data as possible is collected and only stored for asshort a period as possible. If you decide to use HELIA®, youagree that we collect, process and store this data. It is ourobligation to handle these personal data very carefully.

Definition ofpersonal data

Personal data areindividual pieces of information that allow conclusions to be drawnabout the identity or the factual circumstances of a person. Thisincludes, forexample, the official name, address, telephone number,e-mail address, etc. Accordingly, non-personal data includesinformation whose content does notdirectly indicate the identity orthe factual circumstances of an individual person, e.g. the number ofdownloads of HELIA® App.

Access Rights

To use HELIA®it is necessary that you grant the app certain access rights.
Youmust grant the following access rights to the HELIA® App:

Access to photos, media and files - so that an audible alarm can take place
(The HELIA® App does not access photos or files, but the operating system summarizes this access right.)
Access to telephone calls - so that a callback can take place in case of an alarm.

Collection anduse of personal data

For the use ofHELIA® it is necessary to collect some personal data.
Thefollowing data is collected, stored and processed by the HELIA®App (including all components involved):

HELIA®Account:

Theaccount is used exclusively for the configuration and setup of theHELIA® base station at https://iot.helia.online.
Thefollowing data is collected, processed and stored for the HELIA®account:

E-mail address of the HELIA® account
Login information of HELIA® account
Time of the last successful login
Assignment of HELIA® base stations

This data can beactively deleted by the user by deleting the HELIA® account viathe HELIA® configuration website. An automatic deletion is notprovided for, as this would endanger the functionality of HELIA®.

HELIA®Base station:

Motion activities of the HELIA® sensors
are necessary to ensure the functionality of HELIA® and are automatically deleted after 24 hours
Temperature and battery voltage of HELIA® sensors
are necessary to ensure the functionality of HELIA® and are automatically deleted after 24 hours
WLAN configuration
The WLAN integration of the HELIA base station is optional. In case of integration, the WLAN name (SSID) and the corresponding password must be saved. This data is stored exclusively locally on the HELIA® base station and is essential for WLAN operation. The user can delete the WLAN security settings from the HELIA® base station at any time by pressing a button. Automatic deletion is not provided for, as this would endanger the functionality of HELIA®.
HELIA® Configuration
Diagnostic data
- CPU temperature of HELIA® base station
- local IP address of the HELIA® base station (necessary for WLAN integration)
- Temperature of HELIA® sensors
The HELIA® Cloud is located on a cloud server on the Internet. This server generally logs system processes. This log data is used exclusively for error analysis
- (optional) Naming of the HELIA® base station
- (optional)Naming of the HELIA® sensors
- Hardware address of HELIA® Base station
- Hardware address of HELIA® sensors
- Rule periods of HELIA® sensors
- Validity periods of HELIA® sensors
- E-Mail addresses of notification receivers
- Timezone, in which the HELIA® base station is operated

The configurationdata is obtained cyclically (every 10 min) from the cloud. Theprevious configuration on the device is overwritten.
The data isstored in the Random Access Memory (RAM) of the HELIA® basestation. If the device is disconnected from the power supply, theconfiguration data is irretrievably deleted.
The diagnostic datais automatically deleted after 24 hours, the log files areautomatically deleted after 30 days.

HELIA®Push (mobile app):

The HELIA®Push app itself does not collect any personal data. It onlyvisualizes the messages from a HELIA® base station. Theprerequisite for this is the deliberate linking of a HELIA® pushapp to a HELIA® base station. The data,which the app canvisualize is:

Battery warnings for HELIA® sensors
Timestamps of triggered alerts (such as: HELIA® Mobile Emergency and HELIA® Alarm)
Notifications,which are triggered, if a HELIA® sensor is not moved within a specified time period (such as: HELIA® Life Signs or HELIA® Dispenser)
Information about reaching of leaving the radio reception range of the HELIA® Base station
Information about resetting a HELIA® Base station to factory defaults

The link to allinstances of the HELIA® app can be removed by removing the HELIA®base station from the associated account on the configurationwebsite.
The above data is only actively deleted by the user(e.g. by deleting the messages and deleting the HELIA® basestation from the HELIA® Push app). Automatic deletion is notgiven, as this would endanger the functionality of HELIA®.

HELIA®cloud server:

A configurationis created on the cloud server for each HELIA® base station. Theconfiguration already exists during delivery of the device. Furtherinformation can be added by the user.
The following information iscontained in the configuration:

Hardware address of the sensors (optionally also a name)
Periods of HELIA® sensors vital signs / dispensers / alarms / LifeGuard24
E-mail address of the message recipient (optional information)
Mobile phone number of the SMS message recipient (optional information)
Location designation of the HELIA® base station (optional information)
Timezone of the location
Telephone number at the HELIA® location for callback purposes (optional information)
The cloud server stores the following data for diagnostic purposes (Telemetry data):
- CPU temperature of HELIA® base station
- local IP address of HELIA® base station (necessary for WLAN integration)
- Temperature of HELIA® sensors
  This telemetry data is saved cyclically (every 10min) on the cloud server. The previous data is overwritten.
General technical log file of the server
The HELIA® Cloud is located on a server on the internet. This server generally logs system processes and is used only for error analysis.
This includes:
- Proof that HELIA® messages have been sent as push notifications to the mobile devices. (including device token of the mobile device)
- Proof that HELIA® messages have been sent as email notifications. (Addressee and type of message, e.g. "Dispenser alarm")
The technical log files are overwritten every 24 hours cyclically.

Data Transfer

ISIS IC GmbH willtreat your personal data as strictly confidential and will never passthem on to third parties. This does not apply to personal data thatis sent to the person to be alerted via push notification. ForAndroid systems, this data is sent via Firebase and for iOS systemsvia Firebase and Apple Push Notification Service and is transmittedto the person to be alerted and thus made known. This is necessaryfor the alarm handling. The following data is passed on by HELIA®via push notification:
Name of the HELIA® sensor(optionally specified by the user)
Telephonenumber of the HELIA®base station (specified by the user)
Timestamp (exact time of thealarm)

Consent

If you use HELIA®, you thereby consent to the collection, storageand use within the meaning of the Federal Data Protection Act / theEU General Data Protection Regulation. This personal data is onlyaccessible to ISIS IC GmbH, with the exception of the data that ispassed on through the push notification. These may be accessible toFirebase, Apple and the person specified by the user as the person tobe alerted. You can object to your consent at any time by emailingdatenschutz@isis-ic.com.If you withdraw your consent, HELIA® is no longer usable.

Changes tothis statement

ISISIC GmbHreserves the right to change these data protection regulations atanytime within the framework of the legal regulations.

II. Usage of function“recommend“

HELIA® offersyou the opportunity to recommend the app. The platform on which youcan carry out this recommendation depends on your system and the appsyou have installed. If you recommend HELIA®, there is apossibility that personal data will be transmitted to the app youhave selected and used for recommending. We cannot influence this andthe storage and processing of this data and leaves our area ofresponsibility.

III. Legal Notice

All informationprovided by HELIA® is without guarantee. We cannot guarantee thatthis data is up to date at all times and in full. We would like topoint out that HELIA® may contain technical inaccuracies ortypographical errors. We reserve the right to change or update HELIA®at any time and without prior notice. Under no circumstances willISIS IC GmbH be liable to you or third parties for any direct,indirect, special or other consequential damages that result from theuse of HELIA®. Any liability for loss of profit, businessinterruptions, loss of programs or other data in your informationsystems is also excluded. This also applies if we have expresslypointed out the possibility of such damage.

User rights

On request, usershave the right to receive information free of charge about thepersonal data that we have stored about them.
In addition, usershave the right to correct incorrect data, restrict the processing anddeletion of their personal data, if applicable, exercise their rightsto data portability and, in the event of unlawful data processing, tofile a complaint with the responsible supervisory authority.
Likewise, users can revoke consent, generally with effect for thefuture.

Deletion ofData

The data storedwith us will be deleted as soon as they are no longer required fortheir intended purpose and the deletion does not conflict with anylegal storage obligations. If the user data is not deleted because itis required for other and legally permissible purposes, itsprocessing is restricted. This means that the data is blocked and notprocessed for other purposes. This applies, for example, to user datathat must be retained for commercial or tax law reasons.
Accordingto legal requirements, the data is stored for 6 years in accordancewith § 257 Paragraph 1 HGB (commercial books, inventories,opening balance sheets, annual financial statements, commercialletters, accounting vouchers, etc.) and for 10 years in accordancewith § 147 Paragraph 1 AO (books, records, managementreports,accounting vouchers, commercial and business letters,documents relevant for taxation, etc.).

Right ofwithdrawal

Users can objectto the future processing of their personal data in accordance withthe legal requirements at any time. The objection may in particularbe made against processing for the purposes of direct advertising.

IV. Contact

Ifyou have any questions or suggestions regarding data protection,information,correction, blocking or deletion of data as well asrevocation of the given consent or objection against a certain use ofdata, please send us an e-mail to the following e-mail address:datenschutz@isis-ic.comor contact us via the address and telephone number given below.

Dataprotection Officer:

Timo Peraglie
ISIS IC GmbH,Wesel
datenschutz@isis-ic.com

Contact:

ISIS IC GmbH
Handelsweg 1
46485 Wesel
+49281 338 39 0

Date: 05.05.2020
Version 2.2

I have read the Privacy Policy and consent to the collection, processing and storage of my personal data.

I hereby certify that I am over 16 years old.