Data from any third parties, phone contacts, accounts or system states of the phone are not stored or transmitted to the server. Applications collect only the data needed to smoothly run the application and anonymous statistical data which are transmitted in a secure channel to a secure server. We undertake to protect the data against misuse. We are not liable for damage caused by external influences (e.g. A technical glitch), by faulty or insufficient protection (weak passwords, theft, etc).
Collected data type
Information about the system account, location, type of device, system info, anonymous statistics, attitudes and behaviour in order to improve application data to communicate with Web Services.
The data needed for the smooth operation of the application that is updated with Web services (e.g. A list of users, definition errands …). Photos, videos and audio recordings made through our app.
Third Party Rights
Applications not infringe rights of third parties. We reserve all rights, you may use the application, you must not modify or distribute in any way outside the official channel Play Store.
Restrictions on property rights
Applications are entirely our property. It is allowed to distribute a link to the official distribution channel Play Store. You may not distribute outside the official channel Play Store. It is prohibited to use any video or audio materials from our applications.
App permissions using
BIND_DEVICE_ADMIN – The application can become Device Admin and temporary disable to uninstall itself. Only the dispatcher (with correct rights) can choose whether the app is Device Admin.
Data Processing Agreement
(hereinafter referred to as the “Agreement”)
1.1 As part of its business activity, TTC TELSYS provides its clients with a software product built on the TOUCHGUARD platform. When managing the client application of this software, TTC TELSYS handles personal data entered into the application by its clients and the Distributor’s clients (hereinafter referred to as the “Controllers”).
1.2 The Distributor offers TTC TELSYS’s software product to its customers with whom the Distributor directly establishes business relations. The Distributor has access to the client application and thus to personal data entered into the application by the Controllers just like TTC TELSYS.
1.3 The Parties enter into this Agreement in order to regulate their mutual rights and obligations in connection with handling personal data pursuant to Article 1 of the Agreement and to ensure compliance of such processing with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regards to the processing of personal data and on free movement of such data, and repealing Directive 95/46/EC (hereinafter referred to as “GDPR”).
2 Specification of Personal Data Processing
2.1 TTC TETLSYS and the Distributor process the personal data of the Controllers through patrol system databases.
2.2 TTC TELSYS and the Distributor process for the Controllers the following personal data categories: first and last name e-mail address, personal number, GPS position (if activated), phone number and photographs of the following data subject categories: regular employees, workers working based on work contracts and work activity contracts, collaborating self-employed persons and the contact persons of contractual partners.
2.3 TTC TELSYS and the Distributor process personal data for the Controllers for the purposes of fulfilling obligations arising from executed contracts.
2.4 TTC TELSYS and the Distributor adopted the following measures in order to secure the processing of personal data:
· The database is managed on a secured server with controlled access;
· Access to the database is protected with a password;
· TTC TELSYS has processes certified in accordance with ISO/IEC 27 001 “Information Security Management System” and ISO/IEC 20 000-1 “IT Services Management.”
2.5 TTC TELSYS and the Distributor process the personal data of each Controller during the term of the contract with the specific Controller, unless the Controller erases personal data from the application prior to termination of the contract.
3 Rights and Obligations of the Parties
3.1 The Parties agree to:
3.1.1 process personal data only based on the Controllers’ documented instructions;
3.1.2 ensure that all persons helping to process personal data maintain confidentiality or that they are subject to a similar legal obligation;
3.1.3 adopt security measures in compliance with Article 32 of GDPR;
3.1.4 observe the conditions for sub-processing in compliance with Paragraph 3.2 of the Agreement;
3.1.5 take into account the nature of processing, help the Controllers in fulfilling their obligations and respond to requests concerning the exercising of data subjects’ rights;
3.1.6 provide reasonable help to the Controllers in ensuring compliance with respect to obligations specified in Articles 32 through 36 of GDPR, taking into account the nature of processing and information available to the Parties;
3.1.7 either erase personal data or anonymize personal data after their processing is finished and erase existing copies based on the Controllers’ decision, unless the law of the European Union or a Member State requires to keep such personal data;
3.1.8 allow the Controllers to perform audits and allow the Controllers or the auditors authorized by the Controllers to carry out inspections, provided that the Controllers and the auditors authorized by the Controllers agree to keep confidential any information, about which they shall learn during audits and which do not directly relate to the Controllers and the processing of their personal data;
3.1.9 cooperate with each other in processing of personal data to the extent necessary for handling personal data in compliance with the requirements laid down in GDPR and other binding legal regulations.
3.2 The Parties may provide the personal data of the Controllers to a third party as another subcontractor for the purposes of their processing. In such a case, the Party that wishes to use another subcontractor must provide the other Party and the Controllers with the name of the selected subcontractor prior to providing personal data to such a subcontractor, except if such a subcontractor had already been processing personal data prior to the execution of the Agreement. The other Party and the Controllers may object to such selection or a change in the subcontractor within 15 days of obtaining the name of the subcontractor. The objection can be sent electronically to TTC TELSYS’s e-mail address podpora@TouchGuard.eu. In the case that the other Party objects to a specific subcontractor and thus the Party that wishes to use the subcontractor incurs additional costs in connection with the processing of personal data based on the Agreement and/or in connection with selecting another subcontractor under less advantageous conditions, the Party that wishes to use subcontractor may request reimbursement of such additional costs from the other Party.
4 Erasure or Return of Personal Data
4.1 TTC TELSYS and the Distributor agree to stop processing the personal data of a Controller upon the moment the contract executed with such a Controller is terminated. TTC TELSYS and the Distributor shall erase or anonymize all personal data, including their copies, unless legal regulations require to keep such personal data.
4.2 Irrespective of Paragraph 4.1, TTC TELSYS and the Distributor may keep the personal data of the Controllers to the extent required by the laws of the EU or a Member State only to the extent and during the time specified in the laws of the EU or a Member State, provided that the Parties ensure the confidentiality of all personal data of the Controllers and ensure that these personal data of the Controllers are processed only as necessary based on the purpose specified in the EU’s or a Member State’s laws requiring their keeping and not for any other purpose.
5.1 The Parties declare that they enter into the Agreement only in order to unify the processing of personal data and to confirm the obligation to cooperate with each other in observing all effective legal regulations on the protection of personal data and do not intend to request any fee for the processing of personal data based on the Agreement.
6 International Transfer of Personal Data
6.1 The provisions of the Agreement apply to personal data from the Controllers or processed for the Controllers in the EU/EEA and submitted to the Parties, their other sub-contractors or associated entities in the EU/EEA.
6.2 In the case that personal data come from the Controllers or are processed for the Controllers in the EU/EEA but are accessed or processed by the Parties, their other sub-contractors or associated entities in jurisdiction outside the EU/EEA (including by using IT cloud solutions), the Parties and the entity in a third country receiving personal data shall execute a contract with a standard EU contractual clause based on Commission Decision C (2010) 593. Irrespective of the aforesaid, the contract with a standard EU contractual clause shall not be used if the European Union believes that the law of the country, in which the relevant other sub-contractor or the associated entity of the Parties is domiciled, sufficiently protects personal data or if the Parties and/or their other sub-contractor or associated entity located in the USA joined the EU – USA Privacy Shield.
7.1 Each Party shall be responsible for processing personal data in compliance with the Agreement, GDPR and other binding legal regulations on the protection of personal data. It means that each Party shall answer for any caused unauthorized use of personal data provided by any of the Controllers or for their provision to unauthorized third parties. Each Party shall also answer for securing the processing of personal data in compliance with the Agreement, except for such security incidents or Force Majeure events that the Party could not prevent in spite of its maximum efforts.
7.2 The Party, which caused damage or breached its obligations in processing personal data and was charged a penalty by a public authority, must pay such damage and/or penalty. In the case that a Party is required to pay for damage and/or pay a penalty even though it did not cause damage and did not breach its obligations in processing personal data and thus is not responsible for the penalty, it shall be reimbursed by the other Party responsible for the damage and/or penalty. In the case that both Parties are responsible for damage and/or a penalty, they shall pay for such damage and/or pay the penalty in proportion to their fault.
8 Final Provisions
8.1 The Agreement shall come into effect and force upon the moment it is signed by both Parties.
8.2 The Agreement has been drawn up in two equally original counterparts, of which each Party shall receive one counterpart.
8.3 In the case that either Party does not exercise its rights or fulfil its obligations based on, or in connection with, the Agreement, such a fact shall not be considered a waiver or remission of these rights, and these rights shall not be prejudiced in any way.
8.4 The Agreement may be changed or expanded only through written amendments. For these purposes, written form does not mean any electronic communication.
8.5 The Parties may not assign to transfer any rights or obligations arising from the Agreement to any third party.
8.6 No provision of the Agreement that proves to be invalid, ineffective or unenforceable shall prejudice the remaining provisions of the Agreement, provided that they can be severed from the invalid, ineffective or unenforceable provision. In such a case, the Parties agree to replace the invalid, ineffective or unenforceable provision with a new provision, the content of which shall correspond to that of the replaced provision as much as possible.
8.7 The Parties declare that they duly read the Agreement and that the Agreement expresses their true and free will. In witness thereof, they append their signatures.
- TTC TELSYS, Inc., Úvalská 1222/32, Prague 10, Czech Republic
- Phone: +420 234052212
- Email: email@example.com