MBNL MyLocken PRIVACY POLICY

This policy describes what information we hold, why we hold it and how we use it by using the app.

LOCKEN IBÉRICA, C/ José Bardasano Baos, 9 - 28016 Madrid (España) is the data processor your personal data on behalf of MBNL (data controller in accordance of the agreement ex art. 28 GDPR) for every data processed by this application and thus informs you that these data will be treated in accordance with the provisions of Regulation (EU) 2016/679 of April 27 (GDPR) and the Organic Law 3/2018, of December 5

Type of data collected

The app serves to regulate and control the user access to the facility / location where the Locken Access control system is installed. This app can be used only by authorized personnel already enlisted in our system.

The app uses only the following data:

GPS Location data only during book-on and book-off operations and when an emergency situation is raised by the user or automatically by the system.

Legal basis of the process

The processing of your personal data is based on your Consent according to art. 6.1 GDPR freely given with the acceptance of this policy.

Without your consent no data location will be collected or processed.

The Device information data is processed based on our legitimate interest to research, develop, fix the app and to prevent breaches and harmful or illegal activity;

Usage of user location data – Purpose of the process

When the app is closed we do not collect any data.

By accessing to the app and prior giving your consent you give us access to your location

Your location tracking will be active as follows:

Location services (active when the user is directly using the app)

· Sends location to us when user books on the site where the system is active (only displayed as a Boolean showing that the user is within 200m of the site location or not)

· Sends location to us when user books off from the site (only displayed to us as a Boolean showing that the user is within 200m of the site location or not)

· Sends location to us when user presses the emergency escalation button from the work in progress screen (displayed to us the user’s actual location on a map in order to arrange for help to be sent);

 

Background Location (used when the user has the app open but is not using it)

· Sends location to us ONLY when an emergency is triggered due to the lone worker escalation process not being responded to by the user (user is sent 3 notifications at 10 minute intervals and if none are responded to then the emergency escalation is automatically triggered) (displayed the users actual location on a map so it can arrange an help to be sent to them

To cease the location tracking you must:

Uninstall the app from your device;

Change your device location permission in the general settings;

Device information:

We don’t collect any device information

Means of treatment 

The treatment consists of the registration in the database of Locken of the GPS location coordinates for the purpose of regulate the access to the facility where the Locken Access System is installed and to offer help in case of emergency.

Data conservation criteria

Location data will be kept for a period of 18 months. After this period every data will be deleted with adequate security measures to guarantee the anonymization of the data or its destruction.

Device information data will not be kept.

Communication of the data 

Data will not be communicated or disclosed to any third parties except to the eventual needs in case of the emergency as listed in the previous paragraph.

Location of the data process

No data will be transferred outside the European Union. Data will be kept within the Locken server bases in the UE. Locken adopt every measure provided by art. 32 GDPR to guarantee the safety of the data processed.

Rights that assist the Interested Party 

The data subject can exercise in any time the rights provided by art. 15 to 21 or the GPDR and in particular:

You have the right to have your data corrected if inaccurate or outdated

You have the right to obtain the deletion of your personal data (right to be forgotten)
You may, at any time, ask us to delete your personal data in our possession if its retention is no longer necessary for the processing purposes.

You have the right to object to the processing of your personal data carried out by us
You can always contact the Supervisory Authority to lodge any complaints. Contact us before doing so: we will be pleased to solve any problems related to the processing of your personal data.

You have the right to object to the use of your data through automated decisions, including profiling Even if we do not do this, we remind you that you will always have the right to object to such activities.

You have the right to request the restriction of processing of your data
You may ask for the restriction or blocking of your personal data in our possession in the event that you decide to exercise the aforementioned rights.

You have the right to transfer your data to another operator (data portability)
We will provide you with a copy of your data in an interoperable format should you want to transfer it to another operator, if technically possible.

We guarantee your rights even if we process your personal data on behalf of third parties
If we process your data on behalf of third parties, we guarantee that requests relating to the exercise of your rights will be transmitted to the same without undue delay.

Data Protection Officer Contact information to exercise your rights

The data subject can exercise his rights directly to LOCKEN IBÉRICA, S.L., DPO writing an E-mail at this address: dpo@iseo.com