Privacy Policy
1. General
The “Sover App” was developed to process and store as little metadata as possible on a central server. The identification of a user of the Sover App (hereinafter “User”) takes place exclusively via an 8-digit alphanumeric ID (hereinafter “Sover ID”) and a public key, both of which are randomly generated by the User when setting up the Sover App.
A. Scope of Application
This Privacy Policy applies to all data processing activities that take place while using the Sover App in its latest version and are related to personal data, namely:
A. Setting up the Sover App;
B. Address Book Synchronization;
C. Sending Messages;
D. Voice and Video Calls;
E. Group Calls;
F. License Verification;
G. Crash Reports.
Beeater as the data controller is a company limited by shares (AG) under Swiss law with its registered office in Küsnacht ZH (canton of Zurich), Switzerland, and business identification number (hereinafter “UID”) CHE-114.637.747.
When a User uses the Sover App, personal data is, unless otherwise stated in this Privacy Policy, processed and, if necessary, stored exclusively on Beeater’s own servers in two data centers of an “ISO 27001”-certified colocation partner located in Zurich, Switzerland (hereinafter “Beeater Servers”).
As a company with its registered office in Switzerland, Beeater and the data processing it carries out are subject to Swiss data protection law (Federal Act on Data Protection of September 25, 2020, SR 235.1; hereinafter “FADP”). For data subjects residing in the territory of the EU or the EEA (marked with “for EU/EEA”), European data protection law (Regulation (EU) 2016/679 of April 27, 2016, General Data Protection Regulation; hereinafter “GDPR”) may additionally apply.
Personal data pursuant to Art. 5 lit. a FADP [for EU/EEA: Art. 4 No. 1 GDPR] is information that relates to an identified or identifiable natural person.
B. Controller
Beeater AG
Freihofstrasse 22
8700 Küsnacht ZH
Switzerland
UID: CHE-114.637.747
C. Data Protection Officer
Beeater AG
Data Protection Officer
Freihofstrasse 22
8700 Küsnacht ZH
Email: support@sover.app
D. Swiss Supervisory Authority
Federal Data Protection and Information Commissioner (FDPIC)
Feldweg 1
3003 Bern
Switzerland
Telephone: +41 58 462 43 95
Contact form of the FDPIC: Link
A. Scope of Application
This Privacy Policy applies to all data processing activities that take place while using the Sover App in its latest version and are related to personal data, namely:
A. Setting up the Sover App;
B. Address Book Synchronization;
C. Sending Messages;
D. Voice and Video Calls;
E. Group Calls;
F. License Verification;
G. Crash Reports.
Beeater as the data controller is a company limited by shares (AG) under Swiss law with its registered office in Küsnacht ZH (canton of Zurich), Switzerland, and business identification number (hereinafter “UID”) CHE-114.637.747.
When a User uses the Sover App, personal data is, unless otherwise stated in this Privacy Policy, processed and, if necessary, stored exclusively on Beeater’s own servers in two data centers of an “ISO 27001”-certified colocation partner located in Zurich, Switzerland (hereinafter “Beeater Servers”).
As a company with its registered office in Switzerland, Beeater and the data processing it carries out are subject to Swiss data protection law (Federal Act on Data Protection of September 25, 2020, SR 235.1; hereinafter “FADP”). For data subjects residing in the territory of the EU or the EEA (marked with “for EU/EEA”), European data protection law (Regulation (EU) 2016/679 of April 27, 2016, General Data Protection Regulation; hereinafter “GDPR”) may additionally apply.
Personal data pursuant to Art. 5 lit. a FADP [for EU/EEA: Art. 4 No. 1 GDPR] is information that relates to an identified or identifiable natural person.
B. Controller
Beeater AG
Freihofstrasse 22
8700 Küsnacht ZH
Switzerland
UID: CHE-114.637.747
C. Data Protection Officer
Beeater AG
Data Protection Officer
Freihofstrasse 22
8700 Küsnacht ZH
Email: support@sover.app
D. Swiss Supervisory Authority
Federal Data Protection and Information Commissioner (FDPIC)
Feldweg 1
3003 Bern
Switzerland
Telephone: +41 58 462 43 95
Contact form of the FDPIC: Link
2. Processing Activities
Depending on how a User uses the Sover App, Beeater processes different categories of personal data about the User for different purposes, based on different legal bases and with different storage periods, if any personal data is stored at all.
A. Setting up the Sover App
Processing
In addition to the Sover ID and the key pair (public and private key), various other data points are generated and linked to the Sover ID on the Beeater Servers when the Sover App is set up on the User’s mobile device.
Categories of Processed Personal Data
When setting up the Sover App, the following personal data is generated and stored as inventory data on the Beeater Servers:
Note: Before a User’s telephone number and/or email address is linked to their Sover ID, this personal data must be verified as being that of the User in an automated process.
Email address verification: To verify a User’s email address, it is transmitted to the Beeater Servers after having been entered in the Sover App, and processed in plain text in order to send the User an email with a confirmation link.
Telephone number verification: For the verification of a User’s telephone number, it is transmitted to the Beeater Servers after having been entered in the Sover App, and processed in plain text. The User will then receive a confirmation code by SMS.
Purpose
The aforementioned personal data is processed by Beeater for the following purposes:
The processing and storage of personal data for setting up the Sover App is based on the overriding private interest (use of the Sover App by the User; contract performance) of Beeater; Art. 31 Sec. 2 lit. a FADP [for EU/EEA: Art. 6 Sec. 1 lit. b GDPR].
Necessity
The processing of the User’s personal data for setting up the Sover App is necessary to enable the User to use the Sover App as contractually agreed.
Storage Period
The push token stored when setting up the Sover App is stored on the Beeater Servers for a maximum of 1 year, calculated from the date of the last connection of a Sover ID to the Beeater Servers, and then automatically deleted. The User may delete the stored push token at any time (see Section 6).
The one-way encrypted hash values of the telephone number and/or email address of the User are stored on the Beeater Servers until revocation so that Users who reactivate their Sover ID with a backup do not have to relink this data. The User may delete this data at any time (see Section 6).
The telephone number and/or email address of the User processed for verification is stored on the Beeater Servers for a maximum of 1 month as a one-way encrypted hash value, provided the User does not complete the verification process. In the event of successful verification, the telephone number and/or email address are linked as one-way encrypted hash values to the Sover ID of the User.
In addition to the Sover ID and the key pair (public and private key), various other data points are generated and linked to the Sover ID on the Beeater Servers when the Sover App is set up on the User’s mobile device.
Categories of Processed Personal Data
When setting up the Sover App, the following personal data is generated and stored as inventory data on the Beeater Servers:
- Google push token (Android);
- Apple push token (iOS).
- Telephone number of the User (one-way encrypted);
- Email address of the User (one-way encrypted).
Note: Before a User’s telephone number and/or email address is linked to their Sover ID, this personal data must be verified as being that of the User in an automated process.
Email address verification: To verify a User’s email address, it is transmitted to the Beeater Servers after having been entered in the Sover App, and processed in plain text in order to send the User an email with a confirmation link.
Telephone number verification: For the verification of a User’s telephone number, it is transmitted to the Beeater Servers after having been entered in the Sover App, and processed in plain text. The User will then receive a confirmation code by SMS.
Purpose
The aforementioned personal data is processed by Beeater for the following purposes:
- Use of the Sover App’s features by the User (contract performance).
The processing and storage of personal data for setting up the Sover App is based on the overriding private interest (use of the Sover App by the User; contract performance) of Beeater; Art. 31 Sec. 2 lit. a FADP [for EU/EEA: Art. 6 Sec. 1 lit. b GDPR].
Necessity
The processing of the User’s personal data for setting up the Sover App is necessary to enable the User to use the Sover App as contractually agreed.
Storage Period
The push token stored when setting up the Sover App is stored on the Beeater Servers for a maximum of 1 year, calculated from the date of the last connection of a Sover ID to the Beeater Servers, and then automatically deleted. The User may delete the stored push token at any time (see Section 6).
The one-way encrypted hash values of the telephone number and/or email address of the User are stored on the Beeater Servers until revocation so that Users who reactivate their Sover ID with a backup do not have to relink this data. The User may delete this data at any time (see Section 6).
The telephone number and/or email address of the User processed for verification is stored on the Beeater Servers for a maximum of 1 month as a one-way encrypted hash value, provided the User does not complete the verification process. In the event of successful verification, the telephone number and/or email address are linked as one-way encrypted hash values to the Sover ID of the User.
B. Address Book Synchronization
Processing
In order to facilitate finding other Users of the Sover App, a User may voluntarily enter their telephone number and/or email address in the Sover App.
If Users voluntarily activate the optional contact synchronization in the Sover App, one-way encrypted hash values of telephone numbers and/or email addresses in the contact list of their mobile device are transmitted to the Beeater Servers manually (by pulling down the screen) or automatically approximately every 24 hours to search for identical hash values of telephone numbers and email addresses that other Users have linked to their Sover IDs. If identical hash values are found that other Users have linked with their Sover ID, these Users will appear in the Sover App contact list stored on the mobile device. In this way, the locally stored contact list of the Sover App automatically stays up to date.
Categories of Processed Personal Data
For address book synchronization, the following personal data is processed on the Beeater Servers only as one-way encrypted hash values:
Purpose
The aforementioned personal data is processed by Beeater for the following purposes:
The processing of the telephone number and/or email address of a User and of persons in the contact list on the User’s mobile device (only in the form of one-way encrypted hash values) for address book synchronization in a User’s contact list in the Sover App is based on the overriding private interest (use of the Sover App by the User; contract performance) of Beeater; Art. 31 Sec. 2 lit. a FADP [for EU/EEA: Art. 6 Sec. 1 lit. b GDPR].
Necessity
The processing of telephone numbers and/or email addresses of persons in the contact list on a User’s mobile device is necessary to enable the User to use the Sover App as contractually agreed.
Storage Period
The storage period of the telephone number and/or email address provided by the User is identical to the storage period for inventory data processed for setting up the Sover App (see Section 2. A.).
The one-way encrypted hash values of the telephone numbers and/or email addresses of persons in the contact list on a User’s mobile device are immediately deleted from the Beeater Servers after an address book synchronization has been performed. They are never permanently stored on the Beeater Servers, unlike the telephone number and/or email address linked with a User’s Sover ID.
In order to facilitate finding other Users of the Sover App, a User may voluntarily enter their telephone number and/or email address in the Sover App.
If Users voluntarily activate the optional contact synchronization in the Sover App, one-way encrypted hash values of telephone numbers and/or email addresses in the contact list of their mobile device are transmitted to the Beeater Servers manually (by pulling down the screen) or automatically approximately every 24 hours to search for identical hash values of telephone numbers and email addresses that other Users have linked to their Sover IDs. If identical hash values are found that other Users have linked with their Sover ID, these Users will appear in the Sover App contact list stored on the mobile device. In this way, the locally stored contact list of the Sover App automatically stays up to date.
Categories of Processed Personal Data
For address book synchronization, the following personal data is processed on the Beeater Servers only as one-way encrypted hash values:
- Telephone number of the User and their contacts (one-way encrypted);
- Email address of the User and their contacts (one-way encrypted).
Purpose
The aforementioned personal data is processed by Beeater for the following purposes:
- Use of the Sover App’s features by the User (contract performance).
The processing of the telephone number and/or email address of a User and of persons in the contact list on the User’s mobile device (only in the form of one-way encrypted hash values) for address book synchronization in a User’s contact list in the Sover App is based on the overriding private interest (use of the Sover App by the User; contract performance) of Beeater; Art. 31 Sec. 2 lit. a FADP [for EU/EEA: Art. 6 Sec. 1 lit. b GDPR].
Necessity
The processing of telephone numbers and/or email addresses of persons in the contact list on a User’s mobile device is necessary to enable the User to use the Sover App as contractually agreed.
Storage Period
The storage period of the telephone number and/or email address provided by the User is identical to the storage period for inventory data processed for setting up the Sover App (see Section 2. A.).
The one-way encrypted hash values of the telephone numbers and/or email addresses of persons in the contact list on a User’s mobile device are immediately deleted from the Beeater Servers after an address book synchronization has been performed. They are never permanently stored on the Beeater Servers, unlike the telephone number and/or email address linked with a User’s Sover ID.
C. Sending Messages
Processing
The Sover App encrypts all message content (text messages, media files, and system messages) and voluntarily and optionally set nicknames and profile pictures of Users by means of a secure end-to-end encryption process.
Since the private key to decrypt a message is stored exclusively on the recipient’s mobile device, Beeater doesn’t have access to message contents of Users.
Interested Users can find more information about the encryption in the Sover App on the Sover website: Link
The Sover App encrypts all message content (text messages, media files, and system messages) and voluntarily and optionally set nicknames and profile pictures of Users by means of a secure end-to-end encryption process.
Since the private key to decrypt a message is stored exclusively on the recipient’s mobile device, Beeater doesn’t have access to message contents of Users.
Interested Users can find more information about the encryption in the Sover App on the Sover website: Link
D. Voice and Video Calls
Processing
In addition to exchanging text messages and media files, Users of the Sover App can also communicate with each other independently of the public telephone network via internet-based voice and video calls.
An encrypted system message (see Section 2.C.) is sent when starting voice and video calls to establish the call with the correct User of the Sover App and to inform them of the incoming call. The callee answers with a corresponding encrypted system message, which informs the calling User whether the callee accepts or declines the call.
If the callee accepts the call, the IP addresses of the two Users are transmitted to and processed on the Beeater Servers. In principle, the processing ends with the establishment of a direct peer-to-peer connection between the Users without further processing of the IP addresses on the Beeater Servers. Further transmission of the voice or video call is only carried out via the Beeater Servers in the following cases:
Categories of Processed Personal Data
To establish voice and video calls between Users, and to transmit them via the Beeater Servers if no peer-to-peer connection can be established, the following personal data is processed on the Beeater Servers:
Users can deactivate voice and video calls in the Sover App.
Purpose
The aforementioned personal data is processed by Beeater for the following purposes:
The processing of IP addresses for the establishment and potential transmission of voice and video calls is based on the overriding private interest (use of the Sover App by the User; contract performance) of Beeater; Art. 31 Sec. 2 lit. a FADP [for EU/EEA: Art. 6 Sec. 1 lit. b GDPR].
Necessity
This processing of IP addresses for the establishment and potential transmission of voice and video calls is necessary to enable the User to use the Sover App as contractually agreed.
Storage Period
The IP addresses of the Users are immediately deleted from the Beeater Servers after the peer-to-peer connection between the call participants has been successfully established or, if the call is transmitted via the Beeater Servers, after the voice or video call has been terminated. IP addresses are never permanently stored on the Beeater Servers for voice and video calls.
In addition to exchanging text messages and media files, Users of the Sover App can also communicate with each other independently of the public telephone network via internet-based voice and video calls.
An encrypted system message (see Section 2.C.) is sent when starting voice and video calls to establish the call with the correct User of the Sover App and to inform them of the incoming call. The callee answers with a corresponding encrypted system message, which informs the calling User whether the callee accepts or declines the call.
If the callee accepts the call, the IP addresses of the two Users are transmitted to and processed on the Beeater Servers. In principle, the processing ends with the establishment of a direct peer-to-peer connection between the Users without further processing of the IP addresses on the Beeater Servers. Further transmission of the voice or video call is only carried out via the Beeater Servers in the following cases:
- Establishing a peer-to-peer connection fails;
- The caller’s contact is labeled with the verification level 1 (red) in the callee’s contact list;
- One of the call participants has activated the “Always Relay Calls” option.
Categories of Processed Personal Data
To establish voice and video calls between Users, and to transmit them via the Beeater Servers if no peer-to-peer connection can be established, the following personal data is processed on the Beeater Servers:
- IP addresses of the call participants.
Users can deactivate voice and video calls in the Sover App.
Purpose
The aforementioned personal data is processed by Beeater for the following purposes:
- Use of the Sover App’s features by the User (contract performance).
The processing of IP addresses for the establishment and potential transmission of voice and video calls is based on the overriding private interest (use of the Sover App by the User; contract performance) of Beeater; Art. 31 Sec. 2 lit. a FADP [for EU/EEA: Art. 6 Sec. 1 lit. b GDPR].
Necessity
This processing of IP addresses for the establishment and potential transmission of voice and video calls is necessary to enable the User to use the Sover App as contractually agreed.
Storage Period
The IP addresses of the Users are immediately deleted from the Beeater Servers after the peer-to-peer connection between the call participants has been successfully established or, if the call is transmitted via the Beeater Servers, after the voice or video call has been terminated. IP addresses are never permanently stored on the Beeater Servers for voice and video calls.
E. Group Calls
Processing
In addition to individual voice and video calls between two Users, the Sover App also offers “Group Calls” with more than two Users at the same time.
As a member of a group, a User can start a Group Call with the other members of the group. Like individual calls, a Group Calls allows both voice and video transmission.
Group Calls are only transmitted via special servers, so-called “Selective Forwarding Units” (hereinafter “SFU”). To start a Group Call, a User must first establish a connection to the SFU, for which their IP address is processed. As soon as the connection to the SFU has been successfully established, a system message notifies the other members of a group that a Group Call has been started and they can join. Like for the establishment of individual voice and video calls, encrypted system messages (see Section 2.C.) are sent by the Sover App to enable the correct Users of the Sover App to join the Group Call and to inform them that the Group Call has been started.
After informing the other members of the group with a system message, the Sover Apps of all members of a group, including of the one who started the Group Call, will continually request the status of the Group Call on the SFU until the Group Call is terminated. As long as the Group Call is active, the IP addresses of all members of the group, including of those who do not join the Group Call, are continually processed in order to request the status of the Group Call on the SFU, and permanently processed to maintain the connection to the SFU during participation in the Group Call.
Categories of Processed Personal Data
To establish and transmit a Group Call, the following personal data is processed on the SFU:
Like for individual voice and video calls (see Section 2.D.), the Sover App encrypts all Group Call contents with a secure end-to-end encryption process. Neither Beeater nor Leaseweb have access to the Users’ call content.
Purpose
The aforementioned personal data will be processed by Beeater for the following purposes.
Legal Basis
The processing of IP addresses for the establishment and potential transmission of Group Calls is based on the overriding private interest (use of the Sover App by the User; contract performance) of Beeater; Art. 31 Sec. 2 lit. a FADP [for EU/EEA: Art. 6 Sec. 1 lit. b GDPR].
Necessity
The processing of IP addresses for the establishment and potential transmission of Group Calls is necessary to enable the User to use the Sover App as contractually agreed.
Storage Period
The IP addresses of Users that are processed on the SFU for the establishment and transmission of Group Calls are immediately deleted from the SFU after the Group Call has ended, irrespective of whether the SFU are those of Beeater or Leaseweb. IP addresses are never permanently stored for Group Calls.
In addition to individual voice and video calls between two Users, the Sover App also offers “Group Calls” with more than two Users at the same time.
As a member of a group, a User can start a Group Call with the other members of the group. Like individual calls, a Group Calls allows both voice and video transmission.
Group Calls are only transmitted via special servers, so-called “Selective Forwarding Units” (hereinafter “SFU”). To start a Group Call, a User must first establish a connection to the SFU, for which their IP address is processed. As soon as the connection to the SFU has been successfully established, a system message notifies the other members of a group that a Group Call has been started and they can join. Like for the establishment of individual voice and video calls, encrypted system messages (see Section 2.C.) are sent by the Sover App to enable the correct Users of the Sover App to join the Group Call and to inform them that the Group Call has been started.
After informing the other members of the group with a system message, the Sover Apps of all members of a group, including of the one who started the Group Call, will continually request the status of the Group Call on the SFU until the Group Call is terminated. As long as the Group Call is active, the IP addresses of all members of the group, including of those who do not join the Group Call, are continually processed in order to request the status of the Group Call on the SFU, and permanently processed to maintain the connection to the SFU during participation in the Group Call.
Categories of Processed Personal Data
To establish and transmit a Group Call, the following personal data is processed on the SFU:
- IP addresses of the Users who are members of a group in the Sover App in which a User has started a Group Call.
Like for individual voice and video calls (see Section 2.D.), the Sover App encrypts all Group Call contents with a secure end-to-end encryption process. Neither Beeater nor Leaseweb have access to the Users’ call content.
Purpose
The aforementioned personal data will be processed by Beeater for the following purposes.
- Use of the Sover App’s features by the User (contract performance).
Legal Basis
The processing of IP addresses for the establishment and potential transmission of Group Calls is based on the overriding private interest (use of the Sover App by the User; contract performance) of Beeater; Art. 31 Sec. 2 lit. a FADP [for EU/EEA: Art. 6 Sec. 1 lit. b GDPR].
Necessity
The processing of IP addresses for the establishment and potential transmission of Group Calls is necessary to enable the User to use the Sover App as contractually agreed.
Storage Period
The IP addresses of Users that are processed on the SFU for the establishment and transmission of Group Calls are immediately deleted from the SFU after the Group Call has ended, irrespective of whether the SFU are those of Beeater or Leaseweb. IP addresses are never permanently stored for Group Calls.
F. License Verification
Processing
Beeater finances its business by collecting license fees instead of selling the data of its Users. When generating a Sover ID during the set-up of the Sover App, an automatic license verification is performed to verify the User’s authorization to use the Sover App.
During the license verification, a pseudonymized digital purchase receipt from the app store (Apple/Google/Huawei) where the User purchased the Sover App is transmitted to the Beeater Servers and verified. A one-way encrypted version of this purchase receipt is stored as a hash value together with a counter, and the purchase receipt is then immediately deleted.
Note: The User’s purchase receipt transmitted to Beeater is not linked to the User’s Sover ID.
Categories of Processed Personal Data
If the Sover App has been purchased from an app store, the following personal data is processed for license verification during the set-up of the Sover App:
The aforementioned personal data is processed by Beeater for the following purposes:
This data processing is based on the overriding private interest (contract performance) of Beeater; Art. 31 Sec. 2 lit. a FADP [for EU/EEA: Art. 6 Sec. 1 lit. b GDPR].
Necessity
This data processing is necessary to verify the User’s authorization to use the Sover App, and thus to prevent misuses and piracy.
Storage Period
The one-way encrypted hash value of the pseudonymized digital purchase receipt and the license key are stored together with a counter on the Beeater Servers for 30 days and then automatically deleted.
Beeater finances its business by collecting license fees instead of selling the data of its Users. When generating a Sover ID during the set-up of the Sover App, an automatic license verification is performed to verify the User’s authorization to use the Sover App.
During the license verification, a pseudonymized digital purchase receipt from the app store (Apple/Google/Huawei) where the User purchased the Sover App is transmitted to the Beeater Servers and verified. A one-way encrypted version of this purchase receipt is stored as a hash value together with a counter, and the purchase receipt is then immediately deleted.
Note: The User’s purchase receipt transmitted to Beeater is not linked to the User’s Sover ID.
Categories of Processed Personal Data
If the Sover App has been purchased from an app store, the following personal data is processed for license verification during the set-up of the Sover App:
- Digital purchase receipt (pseudonymized and then one-way encrypted).
- License key.
The aforementioned personal data is processed by Beeater for the following purposes:
- Verification of a User’s authorization to use the Sover App and thus for preventing misuses and piracy (contract performance).
This data processing is based on the overriding private interest (contract performance) of Beeater; Art. 31 Sec. 2 lit. a FADP [for EU/EEA: Art. 6 Sec. 1 lit. b GDPR].
Necessity
This data processing is necessary to verify the User’s authorization to use the Sover App, and thus to prevent misuses and piracy.
Storage Period
The one-way encrypted hash value of the pseudonymized digital purchase receipt and the license key are stored together with a counter on the Beeater Servers for 30 days and then automatically deleted.
G. Crash Reports
Processing
In order to improve the stability and reliability of the Sover App and to further develop the Sover App, Beeater relies on crash reports from Users.
It depends on the operating system of the mobile device (Android or iOS) used by the User which data is processed by Beeater when evaluating crash reports of the Sover App and how this data is collected by Beeater.
Note: As an alternative independent from the operating system, Users of the Sover App can voluntarily send crash reports within the Sover App to the Sover ID “*SUPPORT.” To send crash reports via the Sover App, the debug log (hereinafter “Debug Log”) must be activated in the Sover App. The Debug Log is never sent automatically to Beeater, but only manually by the User.
Categories of Processed Personal Data
iOS: No personal data is processed by Beeater when evaluating crash reports from Users with an iOS operating system.
Android: No personal data is processed by Beeater when evaluating crash reports from Users with an Android operating system.
Debug Log of the Sover App: The following personal data is processed when evaluating Debug Logs of the Sover App:
The aforementioned personal data is processed by Beeater for the following purposes:
The processing of Debug Logs is based on the overriding private interest (bug fixing and improvement of the product) of Beeater; Art. 31 Sec. 2 lit. a FADP [for EU/EEA: Art. 6 Sec. 1 lit. b GDPR.
Necessity
This data processing is necessary to fix bugs of the Sover App and to further improve the Sover App.
Storage Period
The data from Debug Logs of the Sover App is stored by Beeater on the Beeater Servers until their analysis and then anonymized or deleted.
In order to improve the stability and reliability of the Sover App and to further develop the Sover App, Beeater relies on crash reports from Users.
It depends on the operating system of the mobile device (Android or iOS) used by the User which data is processed by Beeater when evaluating crash reports of the Sover App and how this data is collected by Beeater.
Note: As an alternative independent from the operating system, Users of the Sover App can voluntarily send crash reports within the Sover App to the Sover ID “*SUPPORT.” To send crash reports via the Sover App, the debug log (hereinafter “Debug Log”) must be activated in the Sover App. The Debug Log is never sent automatically to Beeater, but only manually by the User.
Categories of Processed Personal Data
iOS: No personal data is processed by Beeater when evaluating crash reports from Users with an iOS operating system.
Android: No personal data is processed by Beeater when evaluating crash reports from Users with an Android operating system.
Debug Log of the Sover App: The following personal data is processed when evaluating Debug Logs of the Sover App:
- Log files.
The aforementioned personal data is processed by Beeater for the following purposes:
- Bug fixing and product improvement.
The processing of Debug Logs is based on the overriding private interest (bug fixing and improvement of the product) of Beeater; Art. 31 Sec. 2 lit. a FADP [for EU/EEA: Art. 6 Sec. 1 lit. b GDPR.
Necessity
This data processing is necessary to fix bugs of the Sover App and to further improve the Sover App.
Storage Period
The data from Debug Logs of the Sover App is stored by Beeater on the Beeater Servers until their analysis and then anonymized or deleted.
3. Disclosure of Data to Third Parties
Principally, Beeater does not disclose to third parties any personal data that is transmitted by the User when using the Sover App and that is then processed and stored on the Beeater Servers.
4. Collection of Data from Third Parties
Principally, Beeater does not collect from third parties any personal data that is transmitted by the User when using the Sover App and that is then processed and stored on the Beeater Servers.
5. Data Security
In addition to using state-of-the-art encryption methods, Beeater takes all necessary technical and organizational measures to prevent unauthorized access and misuse of data of Users of the Sover App. The security measures are continuously improved in line with technological developments.
6. Control Options of the User
In addition to the legal claims of data protection law (see Section 7), Beeater provides Users the following control options over their personal data:
Rectification, Completion, and Deletion of Telephone Numbers and Email Addresses
The User may rectify or complete their telephone number and/or email address in the Sover App under “My Profile.”
The User may unlink their telephone number and/or email address from their Sover ID at any time by deleting the corresponding data in the Sover App under “My Profile.”
Alternatively, the User may also unlink the data on the Beeater website: Link
The corresponding one-way encrypted hash values of the User’s telephone number and/or email address will then be deleted immediately from the Beeater Servers.
Deletion of Push Tokens
The User may delete the push tokens currently linked to their Sover ID at any time by resetting the push tokens in the Sover App under “About Sover > Troubleshooting”.
Sover Push Instead of Google Push Token
Users may use Beeater’s own push service “Sover Push” as an alternative to the Google push token. Users can find out more about Sover Push in the corresponding FAQ article on the Beeater website.
Information About Inventory Data
Users may request information about their inventory data, including personal data, stored by Beeater and linked to the User’s Sover ID at any time by sending the message “info” to the Sover ID “*MY3DATA.” Users can find out more in the corresponding FAQ article on the Beeater website.
Deletion of All Inventory Data by Revocation
The User may immediately delete their Sover ID and all information linked with it, including personal data, at any time. To do so, the User must revoke their Sover ID via the following link on the Beeater website: Link
The revocation of the Sover ID is irreversible, and a Revocation Password must be set in advance in the Sover App.
Rectification, Completion, and Deletion of Telephone Numbers and Email Addresses
The User may rectify or complete their telephone number and/or email address in the Sover App under “My Profile.”
The User may unlink their telephone number and/or email address from their Sover ID at any time by deleting the corresponding data in the Sover App under “My Profile.”
Alternatively, the User may also unlink the data on the Beeater website: Link
The corresponding one-way encrypted hash values of the User’s telephone number and/or email address will then be deleted immediately from the Beeater Servers.
Deletion of Push Tokens
The User may delete the push tokens currently linked to their Sover ID at any time by resetting the push tokens in the Sover App under “About Sover > Troubleshooting”.
Sover Push Instead of Google Push Token
Users may use Beeater’s own push service “Sover Push” as an alternative to the Google push token. Users can find out more about Sover Push in the corresponding FAQ article on the Beeater website.
Information About Inventory Data
Users may request information about their inventory data, including personal data, stored by Beeater and linked to the User’s Sover ID at any time by sending the message “info” to the Sover ID “*MY3DATA.” Users can find out more in the corresponding FAQ article on the Beeater website.
Deletion of All Inventory Data by Revocation
The User may immediately delete their Sover ID and all information linked with it, including personal data, at any time. To do so, the User must revoke their Sover ID via the following link on the Beeater website: Link
The revocation of the Sover ID is irreversible, and a Revocation Password must be set in advance in the Sover App.
7. Rights of the User
As data subjects, Users of the Sover App can assert various claims under data protection law against Beeater.
In order to fulfil these claims, Beeater may have to process personal data of data subjects. In particular, Beeater must be able to identify the data subject in order to ensure that the data subject rights are not exercised by anyone other than the data subject and that no personal data is unlawfully disclosed to third parties.
Regarding the processing of personal data through the use of the Sover App, secure identification of the data subject is only possible via algorithmic proof of possession of the private key associated with the Sover ID via a so-called key derivation. This is ensured in the case of automated inventory data information for Users of the Sover App via the Sover ID “*MY3DATA” (see Section 6).
Depending on the applicable law, data subjects may exercise the following rights in relation to personal data against Beeater:
Right to Information
Art. 25 and 26 FADP [for EU/EEA: Art. 15 GDPR]
A data subject has the right to request information about their personal data processed by Beeater.
Right to Correction or Completion
Art. 32 Sec. 2 FADP [for EU/EEA: Art. 16 GDPR]
A data subject has the right to request that Beeater corrects inaccurate or completes incomplete personal data without undue delay.
Right to Deletion
Art. 32 Sec. 2 FADP [for EU/EEA: Art. 17 GDPR]
A data subject has the right to request that Beeater deletes their personal data without undue delay.
Right to Withdrawal of Consent
only for data processing based on consent; Art. 30 Sec. 2 FADP [for EU/EEA: Art. 7 Sec. 3 GDPR]
A data subject has the right to withdraw their consent to the processing of their personal data by Beeater. This has the consequence that Beeater may no longer continue the data processing based on this consent. The processing of the User’s personal data by Beeater up to this point in time on the basis of the User’s consent remains lawful.
Right to Objection
only for data processing based on legitimate interests; Art. 30 Sec. 2 FADP [for EU/EEA: Art. 21 GDPR]
A data subject has the right to object to the processing of their personal data by Beeater where such personal data is processed based on Beeater’s overriding private interests; Art. 31 DSG [for EU/EEA: Art. 6 Sec. 1 lit. f GDPR].
Right to Blocking
Art. 32 FADP [for EU/EEA: Art. 18 GDPR]
For the protection of their personality, a data subject has the right to request that Beeater blocks the processing of their personal data.
Right to Data Transfer
Art. 28 and 29 FADP [for EU/EEA: Art. 20 GDPR] [only for data processing based on consent or a contract and with the aid of automated procedures]
A data subject has the right to receive the personal data they have provided to Beeater in a structured, commonly used, and machine-readable format, provided that:
In order to fulfil these claims, Beeater may have to process personal data of data subjects. In particular, Beeater must be able to identify the data subject in order to ensure that the data subject rights are not exercised by anyone other than the data subject and that no personal data is unlawfully disclosed to third parties.
Regarding the processing of personal data through the use of the Sover App, secure identification of the data subject is only possible via algorithmic proof of possession of the private key associated with the Sover ID via a so-called key derivation. This is ensured in the case of automated inventory data information for Users of the Sover App via the Sover ID “*MY3DATA” (see Section 6).
Depending on the applicable law, data subjects may exercise the following rights in relation to personal data against Beeater:
Right to Information
Art. 25 and 26 FADP [for EU/EEA: Art. 15 GDPR]
A data subject has the right to request information about their personal data processed by Beeater.
Right to Correction or Completion
Art. 32 Sec. 2 FADP [for EU/EEA: Art. 16 GDPR]
A data subject has the right to request that Beeater corrects inaccurate or completes incomplete personal data without undue delay.
Right to Deletion
Art. 32 Sec. 2 FADP [for EU/EEA: Art. 17 GDPR]
A data subject has the right to request that Beeater deletes their personal data without undue delay.
Right to Withdrawal of Consent
only for data processing based on consent; Art. 30 Sec. 2 FADP [for EU/EEA: Art. 7 Sec. 3 GDPR]
A data subject has the right to withdraw their consent to the processing of their personal data by Beeater. This has the consequence that Beeater may no longer continue the data processing based on this consent. The processing of the User’s personal data by Beeater up to this point in time on the basis of the User’s consent remains lawful.
Right to Objection
only for data processing based on legitimate interests; Art. 30 Sec. 2 FADP [for EU/EEA: Art. 21 GDPR]
A data subject has the right to object to the processing of their personal data by Beeater where such personal data is processed based on Beeater’s overriding private interests; Art. 31 DSG [for EU/EEA: Art. 6 Sec. 1 lit. f GDPR].
Right to Blocking
Art. 32 FADP [for EU/EEA: Art. 18 GDPR]
For the protection of their personality, a data subject has the right to request that Beeater blocks the processing of their personal data.
Right to Data Transfer
Art. 28 and 29 FADP [for EU/EEA: Art. 20 GDPR] [only for data processing based on consent or a contract and with the aid of automated procedures]
A data subject has the right to receive the personal data they have provided to Beeater in a structured, commonly used, and machine-readable format, provided that:
- the processing is based on consent or on a contract; and
- the processing is carried out with the aid of automated procedures.
8. Timeliness and Amendment of this Privacy Policy
Beeater reserves the right to amend this Privacy Policy from time to time in order to comply with changed legal requirements or to implement new features in the Privacy Policy. The current Privacy Policy is always linked in the Sover App.
Request Trial
Contact Us