Amphiro has set itself the goal of motivating consumers to use water and energy consciously and efficiently, to make the use of drinking water safer and to support companies in complying with compliance rules in the area of drinking water.
The collected data enables us to offer our products, services and apps (e.g. for smartphones, tablets or PCs) as well as our websites and helps us to improve our offer, promote its marketing and develop new offers.
The following information provides an overview of what happens to the personal information we collect about you. Personal information is any information that personally identifies you.
Data is collected when you visit our website, use our products (e.g. amphiro connect) and services (e.g. amphiro legionella alert) or use our apps. You can find detailed information on the subject of data protection in our following data protection declaration.
Data collection on our website, our products, services and smartphone apps
Who is responsible for data collection?
The data processing is done by Amphiro. You can find the contact details in the imprint of this website. The data protection officer is also named there.
How do we collect your data?
On the one hand, your data is collected by you communicating it to us. This may be data that you enter in a contact form or that you enter when placing an order.
Other data is automatically collected by our IT systems when you visit the website. These are, for example, technical data (e.g. about the Internet browser, the operating system or the time of a page call or a command). This data is collected automatically as soon as you enter our website.
Further data is collected when you install or use our products or apps. This can happen automatically after the installation of a device (e.g. to record your energy consumption when using hot water) or as an input by you (e.g. when you enter information about your hot water heating in an app). Some functions in the app also require access to information provided by your mobile phone, tablet or PC. This includes, for example, information on the use of network connections. Access to the corresponding data provided by your telephone only takes place after you have granted the app the necessary rights.
What do we use your data for?
Some of the data is collected in order to offer the functions of our products, services and apps or to enable the purchase and delivery of our products. Other data may be used to analyze your user behavior and to improve our website and our products, services and apps.
In anonymous form, the data may also be shared with universities and research institutions for use in research and teaching. Before the data is passed on, it is ensured that no conclusions can be drawn about individual persons and that there is therefore no reference to identifiable persons.
The data can also be used anonymously to illustrate and advertise the functionality and effect of Amphiro’s products and services and the products associated with them. Prior to use, it is ensured that no conclusions can be drawn about individual persons and that there is therefore no reference to identifiable persons. Furthermore, the names of companies in whose area of application the data is collected are only mentioned with their consent. The purpose mentioned in this section is also granted to the companies Hansa and Oras with the same obligations.
What rights do you have with regard to your data?
You have the right at any time to receive information free of charge about the origin, recipient and purpose of your stored personal data. You also have the right to demand that this data be corrected, blocked or deleted. You can contact us at any time at the address given in the imprint for this and other questions on the subject of data protection. Furthermore, you have the right to appeal to the responsible supervisory authority.
2. General information and mandatory information
Amphiro takes the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration.
We would like to point out that data transmission on the Internet (e.g. communication by e-mail or smartphone apps) and in general in communication networks (e.g. via Bluetooth) can have security gaps. A complete protection of the data against access by third parties is not possible.
The responsible body is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (e.g. names, e-mail addresses, etc.).
Revocation of your consent to the processing of your data
Many data processing operations are only possible with your express consent. You can revoke your consent at any time. For this purpose, an informal e-mail notification to us is sufficient. The legality of the data processing carried out until the revocation remains unaffected by the revocation.
Right to file complaints with regulatory authorities
You have the right to have data which we process automatically on the basis of your consent or in fulfilment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another responsible person, this will only be done as far as it is technically feasible.
SSL or TLS encryption
This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or requests that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line. If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
Encrypted payments on this website
If, after the conclusion of a contract with costs, there is an obligation to provide us with your payment data (e.g. account number for direct debit authorization), this data is required for payment processing.
Payment transactions via the usual means of payment (Visa/MasterCard, direct debit) are carried out exclusively via an encrypted SSL or TLS connection. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.
With encrypted communication, your payment data, which you transmit to us, cannot be read by third parties.
Information, blocking, deletion
Within the framework of the applicable legal provisions, you have the right at any time to free information about your stored personal data, their origin and recipient and the purpose of data processing and, if applicable, a right to correction, blocking or deletion of this data. You can contact us at any time at the address given in the imprint for this and other questions on the subject of personal data.
Opposition to promotional emails
We hereby object to the use of contact data published within the scope of the imprint obligation to send unsolicited advertising and information material. The operators of this website expressly reserve the right to take legal action against unsolicited mailing or e-mailing of spam and other similar advertising materials.
3. Data collection on our website
Most of the cookies we use are so-called “session cookies.” They are automatically deleted after your visit. Other cookies remain in your device’s memory until you delete them. These cookies make it possible to recognize your browser when you next visit the site.
Server log files
The website provider automatically collects and stores information that your browser automatically transmits to us in “server log files”. These are:
Browser type and browser version
Operating system used
Host name of the accessing computer
Time of the server request
The basis for data processing is Art. 6 (1) (f) DSGVO, which allows the processing of data to fulfill a contract or for measures preliminary to a contract.
Should you send us questions via the contact form, we will collect the data entered on the form, including the contact details you provide, to answer your question and any follow-up questions. We do not share this information without your permission.
We will, therefore, process any data you enter onto the contact form only with your consent per Art. 6 (1)(a) DSGVO. You may revoke your consent at any time. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.
We will retain the data you provide on the contact form until you request its deletion, revoke your consent for its storage, or the purpose for its storage no longer pertains (e.g. after fulfilling your request). Any mandatory statutory provisions, especially those regarding mandatory data retention periods, remain unaffected by this provision.
Registration on this website
You can register on our website in order to access additional functions offered here. The input data will only be used for the purpose of using the respective site or service for which you have registered. The mandatory information requested during registration must be provided in full. Otherwise, we will reject your registration.
To inform you about important changes such as those within the scope of our site or technical changes, we will use the email address specified during registration.
We will process the data provided during registration only based on your consent per Art. 6 (1)(a) DSGVO. You may revoke your consent at any time with future effect. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.
We will continue to store the data collected during registration for as long as you remain registered on our website. Statutory retention periods remain unaffected.
Leaving comments on this website
If you use the comment function on this site, the time at which you created the comment and your email address will be stored along with your comment, as well as your username, unless you are posting anonymously.
Storage of the IP address
Our comment function stores the IP addresses of those users who post comments. Since we do not check comments on our site before they go live, we need this information to be able to pursue action for illegal or slanderous content.
How long comments are stored
The comments and the associated data (e.g. IP address) are stored and remain on our website until the content commented upon has been completely deleted or the comments are required to be removed for legal reasons (slander, etc.).
The comments are stored based on your consent per Art. 6 (1) (a) DSGVO. You may revoke your consent at any time with future effect. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.
Products for recording consumption data
Some of our products (e.g. amphiro basic) collect, store and transmit (e.g. amphiro connect) data on the use of water and hot water. The data includes flow rates, volumes, temperatures, energy quantities and energy efficiency levels, hot water heating efficiencies, the duration of withdrawals and pauses between withdrawals, and the number of withdrawals, consumption targets and efficiency ratings.
The products do not store names or addresses, but only an ID that allows assignment to one or more accounts. If the account(s) is/are deleted, the assignment is lost – the data thus loses its personal reference.
When you install and use an Amphiro app, the following personal data is collected from you:
First name and surname. Purpose: To enable personal communication.
E-mail address. Purpose: To contact you by e-mail, to confirm your user account, to reset your password, to provide you with reports and mailings. The e-mail also serves as a user name.
IP address. Purpose: The collection is made for the following purpose: Ensuring the stability of the service.
Location information. Purpose: To provide services such as consumption comparisons in the region, regional efficiency tips, provision of country-specific compliance information and reference values.
Times of use. Purpose: User motivation and calculation of averages.
Age, gender. Intended use: collection for scientific purposes and market analysis.
Type of client. Intended use: Differentiation between business and private customers to adapt functionality.
Language. Purpose: to enable simple communication.
Desire to receive newsletters. Purpose: To send newsletters for motivation and marketing.
Information on motivation. Purpose: Wish to participate in efficiency competitions.
Type of smartphone or tablet PC used. Intended use: Optimization of the service.
All data collected by the products (e.g. amphiro connect). Intended use: Offer of the service.
Access rights of the app
In order to provide our services via the app, some end devices require an authorization to access location data in order to use Bluetooth.
This app uses encryption for security reasons and to protect the transmission of confidential content, such as requests you send to us as an app operator or communications between app users and Amphiro products. This encryption prevents or drastically complicates the possibility that the data you transmit can be read by unauthorized third parties.
Processing of data (customer and contract data)
We collect, process, and use personal data only insofar as it is necessary to establish, or modify legal relationships with us (master data). This is done based on Art. 6 (1) (b) DSGVO, which allows the processing of data to fulfill a contract or for measures preliminary to a contract. We collect, process and use your personal data when accessing our website (usage data) only to the extent required to enable you to access our service or to bill you for the same.
Collected customer data shall be deleted after completion of the order or termination of the business relationship. Legal retention periods remain unaffected.
Data transmitted when entering into a contract with online shops, retailers, and mail order
We transmit personally identifiable data to third parties only to the extent required to fulfill the terms of your contract, for example, to companies entrusted to deliver goods to your location or banks entrusted to process your payments. Your data will not be transmitted for any other purpose unless you have given your express permission to do so. Your data will not be disclosed to third parties for advertising purposes without your express consent.
The basis for data processing is Art. 6 (1) (b) DSGVO, which allows the processing of data to fulfill a contract or for measures preliminary to a contract.
Data transferred when signing up for services and digital content
We transmit personally identifiable data to third parties only to the extent required to fulfill the terms of your contract with us, for example, to banks entrusted to process your payments.
Your data will not be transmitted for any other purpose unless you have given your express permission to do so. Your data will not be disclosed to third parties for advertising purposes without your express consent.
The basis for data processing is Art. 6 (1) (b) DSGVO, which allows the processing of data to fulfill a contract or for measures preliminary to a contract.
4. Social media
Facebook plugins (Like & Share buttons)
Our website includes plugins for the social network Facebook, Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA. The Facebook plugins can be recognized by the Facebook logo or the Like button on our site. For an overview of Facebook plugins, see https://developers.facebook.com/docs/plugins.
If you do not want Facebook to associate your visit to our site with your Facebook account, please log out of your Facebook account.
Our website contains functions of the Pinterest social network, operated by Pinterest Inc., 635 High Street, Palo Alto, CA, 94301, USA.
When you visit a page containing the Pinterest social plugin, your browser establishes a direct connection to the Pinterest servers. The plugin transmits this log data to Pinterest servers in the United States. This log data may include your IP address, the address of the websites visited, which also includes Pinterest features, browser type and settings, the date and time of the request, how you use Pinterest, and cookies.
More information about the purpose, scope and further processing and use of data by Pinterest, as well as your rights and options to protect your privacy, can be found in the privacy notices of Pinterest: https://about.pinterest.com/de/privacy-policy.
5. Analytics and advertising
This website uses Google Analytics, a web analytics service. It is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Google Analytics uses so-called “cookies”. These are text files that are stored on your computer and that allow an analysis of the use of the website by you. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there.
Google Analytics cookies are stored based on Art. 6 (1) (f) DSGVO. The website operator has a legitimate interest in analyzing user behavior to optimize both its website and its advertising.
We have activated the IP anonymization feature on this website. Your IP address will be shortened by Google within the European Union or other parties to the Agreement on the European Economic Area prior to transmission to the United States. Only in exceptional cases is the full IP address sent to a Google server in the US and shortened there. Google will use this information on behalf of the operator of this website to evaluate your use of the website, to compile reports on website activity, and to provide other services regarding website activity and Internet usage for the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with any other data held by Google.
You can prevent these cookies being stored by selecting the appropriate settings in your browser. However, we wish to point out that doing so may mean you will not be able to enjoy the full functionality of this website. You can also prevent the data generated by cookies about your use of the website (incl. your IP address) from being passed to Google, and the processing of these data by Google, by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en.
Objecting to the collection of data
You can prevent the collection of your data by Google Analytics by clicking on the following link. An opt-out cookie will be set to prevent your data from being collected on future visits to this site: Disable Google Analytics.
Demographic data collection by Google Analytics
This website uses Google Analytics’ demographic features. This allows reports to be generated containing statements about the age, gender, and interests of site visitors. This data comes from interest-based advertising from Google and third-party visitor data. This collected data cannot be attributed to any specific individual person. You can disable this feature at any time by adjusting the ads settings in your Google account or you can forbid the collection of your data by Google Analytics as described in the section “Refusal of data collection”.
You can object to the collection and use of your data at any time with future effect by clicking on this link and setting an opt-out cookie in your browser: https://www.quantcast.com/opt-out.
If you delete the cookies on your computer, you will have to set the opt-out cookie again.
We use “Google reCAPTCHA” (hereinafter “reCAPTCHA”) on our websites. This service is provided by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (“Google”).
reCAPTCHA is used to check whether the data entered on our website (such as on a contact form) has been entered by a human or by an automated program. To do this, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis starts automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, how long the visitor has been on the website, or mouse movements made by the user). The data collected during the analysis will be forwarded to Google.
The reCAPTCHA analyses take place completely in the background. Website visitors are not advised that such an analysis is taking place.
Data processing is based on Art. 6 (1) (f) DSGVO. The website operator has a legitimate interest in protecting its site from abusive automated crawling and spam.
If you would like to receive our newsletter, we require a valid email address as well as information that allows us to verify that you are the owner of the specified email address and that you agree to receive this newsletter. No additional data is collected or is only collected on a voluntary basis. We only use this data to send the requested information and do not pass it on to third parties.
We will, therefore, process any data you enter onto the contact form only with your consent per Art. 6 (1) (a) DSGVO. You can revoke consent to the storage of your data and email address as well as their use for sending the newsletter at any time, e.g. through the “unsubscribe” link in the newsletter. The data processed before we receive your request may still be legally processed.
The data provided when registering for the newsletter will be used to distribute the newsletter until you cancel your subscription when said data will be deleted. Data we have stored for other purposes (e.g. email addresses for the members area) remain unaffected.
This website uses the services of MailChimp to send newsletters. This service is provided by Rocket Science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA.
MailChimp is a service which organizes and analyzes the distribution of newsletters. If you provide data (e.g. your email address) to subscribe to our newsletter, it will be stored on MailChimp servers in the USA.
MailChimp is certified under the EU-US Privacy Shield. The Privacy Shield is an agreement between the European Union (EU) and the US to ensure compliance with European privacy standards in the United States.
We use MailChimp to analyze our newsletter campaigns. When you open an email sent by MailChimp, a file included in the email (called a web beacon) connects to MailChimp’s servers in the United States. This allows us to determine if a newsletter message has been opened and which links you click on. In addition, technical information is collected (e.g. time of retrieval, IP address, browser type, and operating system). This information cannot be assigned to a specific recipient. It is used exclusively for the statistical analysis of our newsletter campaigns. The results of these analyses can be used to better tailor future newsletters to your interests.
If you do not want your usage of the newsletter to be analyzed by MailChimp, you will have to unsubscribe from the newsletter. For this purpose, we provide a link in every newsletter we send. You can also unsubscribe from the newsletter directly on the website.
Data processing is based on Art. 6 (1) (a) DSGVO. You may revoke your consent at any time by unsubscribing to the newsletter. The data processed before we receive your request may still be legally processed.
The data provided when registering for the newsletter will be used to distribute the newsletter until you cancel your subscription when said data will be deleted from our servers and those of MailChimp. Data we have stored for other purposes (e.g. email addresses for the members area) remains unaffected.
For uniform representation of fonts, this page uses web fonts provided by Google. When you open a page, your browser loads the required web fonts into your browser cache to display texts and fonts correctly.
For this purpose, your browser has to establish a direct connection to Google servers. Google thus becomes aware that our web page was accessed via your IP address. The use of Google Web fonts is done in the interest of a uniform and attractive presentation of our website. This constitutes a justified interest pursuant to Art. 6 (1) (f) DSGVO.
If your browser does not support web fonts, a standard font is used by your computer.
This site uses the Google Maps map service via an API. It is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
To use Google Maps, it is necessary to save your IP address. This information is generally transmitted to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer.
The use of Google Maps is in the interest of making our website appealing and to facilitate the location of places specified by us on the website. This constitutes a justified interest pursuant to Art. 6 (1) (f) DSGVO.
Our website accepts payments via PayPal. The provider of this service is PayPal (Europe) S.à.r.l & Cie, S.C.A. (22-24 Boulevard Royal, L-2449 Luxembourg.
If you select payment via PayPal, the payment data you provide will be supplied to PayPal based on Art. 6 (1) (a) (Consent) and Art. 6 (1) (b) DSGVO (Processing for contract purposes). You have the option to revoke your consent at any time with future effect. It does not affect the processing of data previously collected.
Our website accepts payments via Stripe. Stripe Payments Europe Ltd , Block 4, Harcourt Centre, Harcourt Road, Dublin 2, Ireland.
If you select payment via credit card, the payment data you provide will be supplied to Stripe based on Art. 6 (1) (a) (Consent) and Art. 6 (1) (b) DSGVO (Processing for contract purposes). You have the option to revoke your consent at any time with future effect. It does not affect the processing of data previously collected.
9. Amendment of the Directive
Sources: Some paragraphs are taken from templates provided by www.e-recht24.de. The text has been translated in parts with deepl.com from English.