Contact for questions regarding data protection

Please use this contact for all data protection issues. Individual instructions (according to data processing agreement 3.3) have to be sent in written form to this contact.

movisens GmbH
Augartenstraße 1
76137 Karlsruhe
Germany
+49 721 381344-0
privacy@movisens.com

Data protection officer

Michael Salbeck - IT Management
Jollystraße 29
76137 Karlsruhe
Germany

Technical and organizational measures (TOMs)

These technical and organizational measures are taken to adequately protect the client's data:

Access control

(rooms and buildings)

Objective: Deny unauthorized persons access to data processing systems with which personal data is processed or used or in which personal data is stored.

Access control

(IT systems, applications)

Objective: Prevent data processing systems from being used by unauthorized persons.

  • movisens GmbH: No additional data is stored that goes beyond the subject of the contract. All access data to subcontractors is stored in encrypted form.
  • 1&1 IONOS Cloud GmbH: See TOM 1&1 IONOS Cloud GmbH

Access control

(to data)

Objective: It must be ensured that those authorized to use a data processing system can only access the data subject to their access authorization, and that personal data cannot be read, copied, changed, or removed without authorization during processing, use, and after storage.

  • All movisens GmbH employees who have access to data processing systems that relate to this contract are obligated to comply with data protection laws and regulations in accordance with the DSGVO and are trained accordingly.
  • At the application level, database queries are limited to the data with the corresponding access authorization.
  • The client's application administrators determine the access of the client's employees to the respective study data.
  • 1&1 IONOS Cloud GmbH: See TOM 1&1 IONOS Cloud GmbH

Input Control

(into data processing systems)

Objective: It must be ensured that it can be subsequently checked and determined whether and by whom personal data has been entered into data processing systems, changed or removed.

  • Data can only be collected from the study participant via smartphones. The assignment takes place via a coupling by means of subject ID
  • Entered data cannot be changed.

Disclosure control

(of data)

Objective: To ensure that personal data cannot be read, copied, altered, or removed without authorization during electronic transmission or while being transported or stored on data media, and that it is possible to verify and determine to which entities personal data is intended to be transmitted by data transmission equipment.

  • 256 Bit SSL encryption of all data connections.
  • Both the communication between the smartphone and the server and the communication between the server and the researcher's browser are encrypted.
  • The certificates and technologies used for encryption are regularly checked for vulnerabilities.
  • Data on the smartphone is encrypted using cryptography, which ensures that the captured data is not accessible to unauthorized persons even if the device is lost. Furthermore, the transmission path from the smartphone to the server is additionally secured.
  • A hybrid encryption approach was chosen for the encryption, consisting of symmetric and asymmetric encryption. First, a private and a public key are generated. The public key is transmitted to the smartphone. A session key is generated on the smartphone, which is used to symmetrically encrypt the subject's responses. The encryption algorithm used for symmetric encryption is the Advanced Encryption Standard (AES) with a key length of 256 bits. To securely transfer the secret session key used for symmetric encryption from the smartphone to the server, it is encrypted asymmetrically. The RSA algorithm with a key length of 1024 bits is used. The encrypted session key is transmitted to the server together with the encrypted responses. to the server together with the encrypted responses. The server can obtain the session key using the the private key and use it to decrypt the responses. After successful decryption, the data is deleted from the smartphone.

Job control

Objective: Within the scope of order control, it must be ensured that personal data processed on behalf of the customer can only be processed in accordance with the customer's instructions.

  • movisens GmbH does not further process the collected data. Further processing is the responsibility of the ordering party.

Availability control

(of data)

Objective: To ensure that personal data is protected against accidental destruction or loss.

  • Daily data backups are created. These are archived for up to 6 months.
  • 1&1 IONOS Cloud GmbH: See TOM 1&1 IONOS Cloud GmbH

Separation control

Objective: Data collected for different purposes must also be processed separately (internal multi-client capability/ purpose limitation, separation of functions production/test).

  • At application level, database queries are restricted to data with the appropriate access authorization.

Data deletion

When Particpants and Studies are deleted in the web platform they are at first soft deleted (marked as deleted). After 30 days soft deleted objects are hard deleted (deleted from the database). When a partcipant is deleted all acquired data (i.e. ESM data, mobile sensing data, sensor data) is also deleted. When a Study is deleted all Participants of that Study are also deleted. User Accounts are hard deleted directly. Information needed for accounting will be kept. It usally takes another 30 to 60 days for deleted data to disappear from the backups.

Subcontractors

The contractually agreed services and respectively the partial services described below are carried out with the involvement of subcontractors, namely:

Name and address of the subcontractor

Description of the partial services

1&1 IONOS Cloud GmbH

Greifswalder Straße 207

10405 Berlin

  • Virtualisation platform for the operations of the movisensXS platform

TelemaxX Telekommunikation GmbH

Amalienbadstraße 41 Bau 61

76227 Karlsruhe

  • Data center for the physical hosting of the movisensXS platform

Telekom Deutschland GmbH

Landgrabenweg 151

53227 Bonn

  • Storage of encrypted Backups of the movisensXS platform

Functional Software, Inc.

132 Hawthorne St

San Francisco, CA 94107

United States

  • Sentry: Storage of error messages of the movisensXS server applications

Rapid7

100 Summer Street

Boston, MA 02110–2115

United States

  • Logentries: Storage of error messages of the movisensXS server applications

Additional optional subcontractors

The following subcontractors are only used if the respective optional functionality is used.

Name and address of the subcontractor

Description of the partial services

Google, Inc.

1600 Amphitheatre Parkway,

Mountain View, CA 94043

United States