Privacy Policy

Thank you for using our app PHNX. The protection of your personal data is of high importance to us and we wish you to feel safe when using our app.

In the following, we describe if and which information we collect when you download and use our app and how this information is used. If you have any questions in this context, send an e-mail to dataprotection@tesis-sysware.de.

 

General Contact Data

TESIS SYSware Software Entwicklung GmbH
Machtlfinger Straße 11
81379 Munich
Germany

Phone +49 89 4141769 0
Telefax +49 89 4141769 99
info@tesis-sysware.de

 

Provision and Use of Our App

To enable the installation and use of PHNX, data transmitted from your device is collected and processed by the respective app store operator (e.g. Apple Store or Google Play Store). The store operator does not pass this data on to us, or if it does, it does so anonymously.

When using the app, the following data may be transmitted for statistical purposes and for the ongoing improvement of our product: IP address (anonymized), date and time of use, time zone difference to Greenwich Mean Time (GMT), country in which the use takes place, hardware, operating system and user interface used, as well as their language and version (Art. 6 (1) lit. b, f DSGVO /GDPR).

If PHNX uses an in-app browser to access websites, it is possible that the accessed website sets cookies; the same applies for automatic password changes. Regarding the use of cookies, we kindly refer you to the Data Protection Notice on the TESIS SYSware website.

Google Drive

The PHNX app is capable of saving vaults to your Google Drive, Dropbox, OneDrive and in case of iOS to your iDrive account. The App is also capable of searching the mentioned Cloud Storages for saved vaults in order to enable vault synchronisation and restores from backups. Before the app may perform any actions in your cloud, you will be asked to provide consent by entering your credentials into a web browser separate from the PHNX app. This credential request is a security feature provided by the respective Cloud Storage and the mechanism is industry standard known as OAuth.

All write and read operations in your cloud are initiated by you, except in case when you have activated the synchronization, where the app performs read and write operations automatically to keep the local and remote vaults synchronized.

The App does not collect nor transfer any information from your remote file storage neither to us nor to anyone else. In this regard you can compare the app to your spreadsheet application in which you control where to save your own data. In case of the vaults this data is encrypted and only you know the password to open the vault. Even the storage provider, who stores the data physically on their servers, can‘t read the vault contents.

Google Firebase

We use Google’s Firebase Analytics tool (Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA).

Firebase Analytics collects information on PHNX usage behavior. Google uses this information on our behalf to provide us with app usage reports (crash and error reports) and reports on IP address (anonymous), data and time of use, time zone difference to Greenwich Mean Time (GMT), country in which the use takes place, hardware, operating system and user interface used, as well as their language setting and version. The software is set up in a way that the IP addresses are not saved in their entirety, but with 2 bytes of the IP address masked (for example: 192.168.xxx.xxx). This way, it is no longer possible to match the shortened IP address to the calling computer.

The collected data (Art. 6 (1) lit. f DSGVO/GDPR) is usually transmitted to a server at Google in the US for analysis and stored there. A merger with other data about you which might be stored at Google will not take place. More information about privacy at Google can be found here: https://www.google.de/intl/en/policies/privacy/.

Contact via e-mail or contact form

If you give feedback on PHNX or make inquiries via our contact form on the website, we will process the data you provide exclusively to answer your request (Art. 6 (1) lit. b DSGVO/GDPR).

Storage and transfer of data

Data that you enter into one or more vaults created using PHNX will be encrypted there to the highest legal standard possible (256-bit AES encryption). These are then exclusively accessible using the master password assigned by you and known to you only. Resetting and assigning a new master password can only be carried out by you and only via a multi-level authentication process, provided you have set this up under the “Vault Security” menu item. The data you have deposited in your PHNX vault(s) and the corresponding master password(s) are not saved by us nor stored with us and are in no way accessible to us. This data is only known to you and stored exclusively on your local device(s) or in the trusted cloud directory of your choice. We will never ask you for it.

Your rights

With respect to your personal data, you have the right to request from us information, correction, deletion or limitation of such data in accordance with legal regulations. In addition, we make your data available to you in a structured, conventional and machine-readable format. If we use your data based on your consent, you may revoke your consent at any time. Once revoked, we will no longer use your data for this purpose. Should we have a legitimate interest in processing your data, you may contact us and raise your objection. Irrespective of this, you may at any time contact the relevant supervising authorities.

Deletion of data

When your data is no longer required for the specified purposes, it will be deleted. Please note that every time we delete data, it is first only blocked and then later deleted for good after a time lag to prevent accidental deletion or possible intentional damage. For technical reasons, data may be duplicated in backup files or by mirroring. In case, such copies are also deleted only after a time lag for technical reasons.