By making the App available in App Stores, the BAuA provides interested parties with a tool to quickly and easily assess potential hazards on site at the workplace and to find suitable protective measures. 

Whether and to what extent personal data is collected and processed when using the App, and by which bodies this may be done, is explained below. In addition, you will receive information on the cases in which and how you can contact the responsible bodies and their data protection officers and what rights you have with regard to the processing of your personal data. 

Personal data is any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified directly or indirectly, for example by user-name, email-address, customer-number. 

1. Data Controller (Article 4 (7) of the European General Data Protection Regulation - GDPR) 

The persons responsible for the processing of your personal data in the course of the online provision of our EMKG-App, which was developed by the company „dezign.de, Twisterlingsbogen 5, 26160 Bad Zwischenahn“, are 

the App Store providers "Google Play" and "Apple App Store" 

as well as the 

Federal Institute for Occupational Safety and Health
Friedrich-Henkel-Weg 1-25
44149 Dortmund (Germany), 

which uses the services of the above App Store providers in order to make its App available to the interested public free of charge via these providers.  

2. Data Protection Officer

 If you have specific questions about the processing of your personal data, which is collected and processed for registration and when installing the App on your end device (smartphone/tablet), please contact the respective data protection officers of the above-mentioned App Store providers. 

If you have specific data protection-related questions about the EMKG-App, please contact the data protection officer(s) at the Federal Institute for Occupational Safety and Health. You may contact our data protection officer(s) by post or email: 

Federal Institute for Occupational Safety and Health
Data Protection Officer
Friedrich-Henkel-Weg 1-25
44149 Dortmund (Germany)
Tel. 0231 9071 0
email: bds@baua.bund.de  

3. Data processing when using the App (downloading and installing the App)

 In order to download and install our App from an App Store (Google Play, Apple App Store), you must first register for a user account with the provider of the respective App Store and conclude a corresponding usage agreement with them. We have no influence on this, in particular we are not a party to such a user contract. When downloading and installing the App, the necessary information is transferred to the respective app store, such as your user name, your e-mail address, the customer number of your account, the time of the download, the individual device identification number, payment information if applicable, the country from which access is made and the smartphone model used. It is not disclosed which account/user installed the App. We have no influence on this data collection and the further processing of your personal data. We have no access to the data required for downloading and installing the App and provided by you. This data is collected, stored and processed exclusively by the App Store provider selected by you. In addition, largely anonymised statistics about the apps offered for use there are published by default via the respective Playstore. The App itself does not store any personal data or data that accrues in the course of using the App content. 

4. Access authorisation

 However, access to the internal memory of your end device is required for the full use of App content so that the App can open the PDF files of the protection guides stored there and share the summary of your entries and results via an App of your choice. 

If this permission is revoked from the App, the determination of the action level will work and an overview of the corresponding protection guides will also continue to be displayed, but opening the PDF files and sharing the results will no longer work and the app will open a request that reads as follows: "Allow EMKG to access photos, media and other files on your device?" Then there is the option to either allow or deny access.

 If you do not allow or deny access, the use of the App's content will be restricted. 

5. Data subject rights

 In principle, you have the rights listed below in accordance with the European General Data Protection Regulation (GDPR) with regard to the personal data concerning you vis-à-vis the persons responsible who collect, store and process your personal data (here: vis-à-vis the App Store providers). 

You can only assert your rights vis-à-vis the responsible parties (App Store providers) who process your personal data, as the BAuA or its App does not collect, store and further process any personal data from you. 

5.1 Right to information (Article 15 GDPR)

 The right of access provides the data subject with a comprehensive insight into the data concerning him/her and some other important criteria, such as the purposes of processing or the duration of storage.

 5.2 Right of rectification (Article 16 GDPR)

 The right of rectification includes the possibility for the data subject to have inaccurate personal data concerning him/her corrected.

 5.3 Right to erasure (Article 17 GDPR)

 The right to erasure includes the possibility for the data subject to have data deleted from the controller. However, this is only possible if the personal data concerning him/her are no longer necessary, are being processed unlawfully or if consent has been withdrawn in this regard.

 5.4 Right to restriction of processing (Article 18 GDPR)

 The right to restriction of processing includes the possibility for the data subject to prevent further processing of his/her personal data for the time being.

 5.5 Duty of notification in connection with the rectification or erasure of personal data or the restriction of processing (Article 19 GDPR)

 The notification obligation includes that the controller shall notify all recipients to whom personal data have been disclosed of any rectification or erasure of the personal data or restriction of processing pursuant to Article 16, Article 17(1) and Article 18, unless this proves impossible or involves a disproportionate effort. If the data subject so requests, the controller shall inform the data subject of those recipients.

 5.6 Right of data portability (Article 20 GDPR)

 The right to data portability includes the possibility for the data subject to obtain from the controller the personal data concerning him or her in a commonly used, machine-readable format in order to have it transferred to another controller, if necessary.

 5.7 Right to object (Article 21 GDPR)

 The right to object includes the possibility for data subjects to object to the further processing of their personal data in a specific situation, insofar as this is justified by the performance of public tasks or public as well as private interests.

 5.8 Right to withdraw consent (Article 7 GDPR)

 Insofar as the processing of personal data is based on your consent (Article 6 (1 a) GDPR), you may revoke this consent for the relevant purpose at any time.

The lawfulness of the processing based on the consent given remains unaffected until receipt of the revocation.

 5.9 Right of complaint to the supervisory authority

 You have the option of contacting the supervisory authority responsible for the processing of your personal data if you are of the opinion that the processing of your personal data is not carried out in accordance with the requirements of the European General Data Protection Regulation (GDPR).