RCT Digital Application Center "DAC"
Privacy policy

The RCT Digital Application Center "DAC" is provided by Remote Control Technology GmbH in Germany as a cloud-based web interface (web browser URL: webapp.r-c-t.biz) and as a mobile app (Android/iOS).

If you use the web platform, the mobile app and the associated services, this is done on basis of the privacy policy of Remote Control Technology GmbH described below, in accordance with the legal regulations on data protection

Please read this document carefully. It contains important information that must be observed in connection with the use of our services.

1. Who is the provider/operator of the web platform and mobile app "DAC"?

Responsible organization in terms of data protection law:

Remote Control Technology GmbH
Turmstraße 15
35075 Gladenbach
GERMANY

Phone: +49 6462 419880
E-Mail: info@r-c-t.biz

2. For which purposes the app is designed?

With the IoT platform RCT Digital Application Center "DAC", all IoT transmitters and sensors from RCT Remote Control Technology GmbH can be easily and securely monitored on a mobile application: Filling levels in tanks (e.g. oil, liquid gas, water, fuels), meter readings of analog gas meters as well as various other operating states. With the unique tank and energy monitoring platform, all resources, requirements, consumptions and forecasts can be kept in view at all times, regardless of location.

3. What kind of information and personal data is collected and stored?
a) Technically required data:

If you use the "DAC" web platform or app, it is technically necessary that some data is collected in connection with your mobile device or computer. Data can also be used for error analysis in server log files. The following data is recorded during a connection for communication between your Internet browser and our web server:

  • Date and time
  • IP address
  • Used browser and device identifiers
  • Volume of transfered data
b) Data collected by the app or entered by users:

We collect and store the following contents that you or other users enter or upload to the "DAC" platform or that are transmitted by the connected IoT transmitters:

  • E-mail address of the user account + password hash code
  • Data of the assigned RCT devices (device SID, type ...)
  • Received measurement data and alarm messages incl. historical messages
  • Optional further data entered by the users:
    • Personal data/individual user account details
    • Address and contact details, e.g. of further users and assigned customers, locations of monitored objects, notification addresses for alarm messages and reports (e.g. e-mail, phone number)
    • Images, files and additional information uploaded by the user
  • When recording meter readings: Meter number and start value
4. To which functions of the end device the app will need access?

The mobile app requires access to the push notification service of the corresponding mobile device in order to display notifications and alarm messages for certain events as push notifications.

5. Where will my data be stored?

The data collected in the RCT Digital Application Center "DAC" via the mobile app or the web interface is stored in one of the most modern and secure data centers in the world: the Open Telekom Cloud (T-Systems International GmbH, Hahnstraße 43d, 60528 Frankfurt am Main, GERMANY). This means that all your data remains in Germany and the EU in strict compliance with data security in accordance with the European General Data Protection Regulation (GDPR).

More information can be found here: https://www.open-telekom-cloud.com/en/security

6. Where and how often is the data backed up?

The data is backed up weekly at Remote Control Technology GmbH in Gladenbach, DE using inactivated copies. Optionally, automatic backup copies can be booked and activated in several operating zones of the Open Telekom Cloud in customer-specific applications

7. Is the data accessible at all times? How high is the reliability?

Your data can be accessed at any time 24/7 via the Internet in the cloud-based RCT Digital Application Center "DAC" using the mobile app or the web interface. The data center that we use for the application (Open Telekom Cloud) offers maximum reliability with a permanent maximum availability of 99.999 percent. An emergency power supply also guarantees self sufficient operation of the data centers for a minimum of 48 hours in the event of an emergency.

8. Is the data transmission secure?

Data transfer between the web browser and the server is encrypted using HTTPS (Hyper Text Transfer Protocol Secure). This protocol establishes a secure connection between the browser and server so that the data is encrypted in both directions and cannot simply be copied or manipulated. You can recognize this, for example, by the fact that the URL of the server begins with HTTPS. Newer browsers confirm the security of the connection by showing a safety symbol or text in the address bar. If the connection is insecure, the certificate is incorrect or the protocol is outdated, current browsers usually display a warning message.

Data transmission between the current RCT transmission units and the Internet is also encrypted by the Internet service providers using HTTPS. Normally, the RCT transmitter units are equipped with SIM chips and cards from Deutsche Telekom AG. Data transmission from the transmitter units to the server is encrypted via IP Sec-Tunnel of Deutsche Telekom, via GPRS encrypted by IMSI and SID or via NB-IoT by IP VPN. Other transmission options such as Sigfox, LoRa-WAN and Cat M1 are also available on customer request

9. Who has access to my data? Is the data transferred to third parties, and if so, for what purpose?
a) Individual users:

Access to the personal user account is protected by default using a combination of e-mail address and password. After the initial login, the user can change the password individually. Use a strong, secure password and keep it secret to help protect your data. You can also set up two-factor authentication to protect your user account.

A user/company with administration rights can add further users and contacts in different hierarchy levels and with different rights for data management of assigned objects.

b) Platform operator and data processor:

The administration of the "DAC" with the associated user accounts and device data is exclusively managed internally at Remote Control Technology GmbH in Germany by authorized persons.

The following companies are involved in data backup and provision as data processors within the meaning of the GDPR by providing hardware and network services, as well as server hosting and cloud services.

Compañía Dirección Service/further information
T-Systems International GmbH Hahnstraße 43d
60528 Frankfurt am Main
GERMANY
Hardware: Data center, hosting and cloud services via the "Open Telekom Cloud" (encrypted data only) https://www.open-telekom-cloud.com/en/security
BDS IT- und Kommunikations- Center Gladenbach Bahnhofstr. 1
35075 Gladenbach
GERMANY
Hardware and network administration
taschner.biz GmbH Alte Bahnhofstr. 15
35096 Weimar (Lahn)
GERMANY
Software administration for order processing and invoicing
c) External services/plugins:

The following external services can be used in conjunction with the "DAC". These cannot see all data, but can only retrieve individual data that is required to perform the corresponding functions.

  • Postmark (https://postmarkapp.com):
    This e-mail service is used to send notifications and alarm messages by e-mail to users of the platform or external contacts. "Postmark" can see the e-mails that are sent and the e-mail address of the recipients.
  • Google Maps (https://policies.google.com/privacy?hl=en):
    This service can be used to display address locations, e.g. of your own company, customers and objects on an online map embedded in the "DAC". In the "DAC", the visualization is linked to the current object data, so that tank levels and critical conditions, for example, can be immediately identified and localized on the map by means of coloured markings. The display in "Google Maps" is only possible for locations for which the corresponding address details have been entered in the "DAC". The maps displayed in the "DAC" are downloaded directly from "Google Maps" and correspond to the current status of the map content provided by "Google Maps". "Google Maps" can see, save and process the addresses that are searched for via the "DAC". The "DAC" does not automatically detect the location of your cell phone or computer with which you are using the app or the web interface.
d) Possible use of data for research and development purposes:

Especially in energy management, the use of artificial intelligence offers a great potential, e.g. in exact consumption analysis, optimal planning, automation of processes and precise prediction and simulation of scenarios. That is why we are constantly working on improving and further developing the applications. It is therefore possible that we will also use sensor data and reports for the development and training of internal AI models in the future.

By using the RCT Digital Application Center "DAC" via the mobile app or the web interface, the customer consents to the processing and use of the personal and device-related account and communication data within the company Remote Control Technology GmbH, as well as by the data processors and external services listed above.

The entered and collected data is stored for the purpose of fulfilling the service in the form of data provision via the RCT Digital Application Center "DAC" as well as for operating the corresponding user account and for order and invoice generation.

10. How long will my data be stored?

Data is only stored for the duration of use of the RCT Digital Application Center "DAC" via the mobile app or the web interface, unless statutory retention periods require longer storage. RCT does not pass on data to third parties except to the processors specified above and within the scope of external services.

11. What rights do I have with regard to deleting, blocking and correcting my data? How can I object?

In the following, you will find information regarding the rights that the applicable data protection law grants you towards the responsible party concerning the processing of your personal data:

  • In accordance with Art. 15 GDPR, the right to request information about your personal data processed by us, in particular about the processing purposes, the category of personal data, the recipients to whom your data has been or will be made available, the planned storage period, your rights to correction, deletion, restriction of processing or objection, the existence of a right of appeal, as well as the origin of your data.
  • The right to demand the immediate correction of incorrect or incomplete personal data stored by us in accordance with Art. 16 GDPR
  • The right to request the deletion of your personal data stored by us in accordance with Art. 17 GDPR, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims.
  • The right to demand the restriction of the processing of your personal data in accordance with Art. 18 GDPR if you dispute the accuracy of the data, the processing is unlawful but you refuse to delete it and we no longer need the data, but you need it to assert, exercise or defend legal claims or you have lodged an objection to the processing in accordance with Art. 21 GDPR.
  • You have the right to be informed in accordance with Art. 19 GDPR if you have asserted the right to correction, deletion or restriction of processing against the responsible party. The responsible party is obliged to inform all recipients to whom the personal data has been disclosed of this correction or deletion of the data or restriction of processing, unless this is impossible or involves a disproportionate effort. You have the right to be informed about these recipients.
  • Right to data transferability in accordance with Art. 20 GDPR: You have the right to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request that it be transferred to another person responsible, insofar as this is technically feasible
  • You have the right to lodge a complaint with a supervisory authority in accordance with Art. 77 GDPR. As a rule, you can contact the supervisory authority of the federal state of our registered office or, if applicable, that of your usual place of residence or workplace.
  • Right to withdraw granted consent in accordance with Art. 7 (3) GDPR: You have the right to withdraw your consent to the processing of data at any time with effect for the future. In the event of withdrawal, we will delete the data concerned immediately, unless further processing can be based on a legal basis for processing without consent. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
12. How can I delete my account and my user data?

You can delete your user account at any time by executing in the mobile app or in the "DAC" web interface in the profile settings the function "DELETE ACCOUNT". Detailed step-by-step instructions can be found below.

Deleting your account will remove the following account information:

  • Personal information: Name, Email address, User IDs
  • Files and docs
  • App activity: Other user-generated content

Please note that your information will not be deleted if you only delete the mobile app from your mobile device without using the in-app function "DELETE ACCOUNT".

Step-by-step instructions for deleting the user account:

The detailed steps on how to delete your user account are explained below using the display in the web interface:

Step 1: Open a web browser on a PC or Mobile device. Log in to your user account in the "DAC" web interface (webapp.r-c-t.biz) with your e-mail address and password.

Step 2: Click on your user name on the right in the header bar. Select the menu item "Profile".

Step 3: Click in the field "Delete account" on the "DELETE ACCOUNT" button.

13. Subject to change

We reserve the right to adapt or update this privacy policy if necessary in compliance with the applicable data protection regulations. In this way, we can adapt it to the current legal requirements and take into account changes to our services, e.g. when introducing new services. For your visit, the current version applies.

Status of this privacy policy: April 2024.

RCT Digital Application Center „DAC“ - Privacy policy for mobile app and web interface.

Remote Control Technology GmbH | Status: 11.04.2024