Data privacy

1. Data protection basics

This data protection declaration is intended to inform the users of:

• the “My personal Inventory”-Application (hereafter called App)
• the “My personal lnventory”-Account (hereafter called MyInventory Account)
• this website “https://miinventariopersonal.com”

about the type, scope and purpose of the collection and use of personal data by the author and website operator (see legal notice).

The author of the application, the MyInventory Account and this website (hereafter called Author) takes your data protection very seriously and treats your personal data confidentially and in accordance with legal regulations.

As new technologies and the constant further development of the app, the MyInventory Account and this website may result in changes to this data protection declaration, we recommend that you read the data protection declaration again at regular intervals.

Users of an MyInventory Account will also be informed of significant changes via the email address associated with their MyInventory Account.

Definitions of the terms used (e.g. “personal data” or “processing”) can be found in Art. 4 GDPR.

1.1. User rights

As a user of:

• this website “https://miinventariopersonal.com”
• the My personal Inventory application
• the MyInventory Account

you have the right to request free information about which personal data has been stored about you. You also have the right to correct incorrect data and to restrict the processing or request the deletion of your personal data. If applicable, you can also exercise your right to data portability. If you assume that your data has been processed unlawfully, you can submit a complaint to the responsible supervisory authority.

1.2. Handling of contact details

If you contact the Author through the contact options offered, your details will be saved so that they can be used to process and answer your request. This data will not be passed on to third parties without your consent.

1.3. Deletion of data

If your request does not conflict with a legal obligation to store data (e.g. data retention), you have the right to have your data deleted. Data stored by us will be deleted if they are no longer required for their intended purpose and there are no statutory retention periods. If deletion cannot be carried out because the data is required for permissible legal purposes, data processing will be restricted. In this case, the data will be blocked and not processed for other purposes.

1.4. Right to object

Users can make use of their right of objection and object to the processing of their personal data at any time.

If you would like a correction, blocking, deletion or information about the personal data stored about you or if you have any questions regarding the collection, processing or use of your personal data or if you would like to revoke your consent, please contact the following email address: thomas@thomaskoslowsky.com

2. Details in regard to the application “My personal Inventory”

The application “My Personal Inventory” can be used on your Android device, without sending any data to third parties (this is the default configuration).

The backup/restore function permits the user to saveguard and restore the application data to a supported platform of your choice. Currently supported platforms are:

• Google Drive^® 
• OneDrive^® 
• WebDAV
• MyInventory Account

Hereafter you will find information on how each of these platforms is integrated into the app.

2.1. Google Drive^® integration

If you want to use the Google Drive^® integration of the app, to backup your inventory data on your Google Drive^® through the app, you have to log in to your Google account. By doing so, you agree to the terms of use and the data protection regulations of Google^® and Google-Drive^®. You can find those at https://www.google.com/policies/privacy/ and https://www.google.com/drive/terms-of-service/

You may not use the Google Drive^® integration if you do not agree to the terms of use and the privacy policy of Google and Google Drive^®.

After you log in to Google^®, the app reads the name and email address stored in the Google account in order to display them as information in the backup window. This information is only stored and displayed locally in the app and is not sent to third parties or the author of the app. This information is also used to let the user know which account was used to perform the last backup or restore.

When performing a backup, the app transfers the app data created locally on the end device by the user (inventories, inventory items, related documents, etc.) to the Google Drive^® associated with the Google account, to a specific directory created by the app. No other files or directories of the Google Drive^® are accessed.

The same applies to restoring a backup from Google Drive^®. Only files in the directory created by the app are accessed and then copied to the user’s device.

2.2. OneDrive^® integration

If you want to use the OneDrive^® integration of the app, to backup your inventory data on your OneDrive^® through the app, you have to log in to your Microsoft account. By doing so, you agree to the terms of use and the data protection regulations of Microsoft and OneDrive^®. You can find those at https://www.microsoft.com/servicesagreement/

You may not use the OneDrive^® integration if you do not agree to the terms of use and the privacy policy of Microsoft and OneDrive^®.

After you log in to Microsoft, the app reads the account name stored in the Microsoft account in order to display it as information in the backup window. This information is only stored and displayed locally in the app and is not sent to third parties nor to the author of the app. This information is also used to let the user know which account was used to perform the last backup or restore.

When performing a backup, the app transfers the app data created locally on the end device by the user (inventories, inventory items, related documents, etc.) to the OneDrive^® associated with the Microsoft account, to a specific directory created by the app. No other files or directories of the OneDrive^® are accessed.

The same applies to restoring a backup from OneDrive^®. Only files in the directory created by the app are accessed and then copied to the user’s device.

2.3. WebDAV integration

In order to use the app’s WebDAV integration, you must provide your access data (server address “URL”/user/password). This information is used for authentication on the WebDAV server and stored encrypted locally on your device and is not otherwise transmitted to third parties. This information also serves to inform the user about the parameters with which the last backup or restore was carried out.

Please note the data protection guidelines of the respective WebDAV server provider and only use WebDAV backup if you have agreed to these guidelines.

When executing a backup, the app transfers the app data created locally on the device by the user (inventories, inventory items, documents of the articles, etc.) to the WebDAV server, into a directory specially created by the app. No other files or directories on the WebDAV server are accessed.

The same applies to restoring a backup from the WebDAV server. Only files in the directory created by the app are accessed and then copied to the end device.

2.4. MyInventory Account integration

In order to use the MyInventory Account, you must provide your MyInventory Account access data (“user/password”). This information is used for authentication and stored encrypted locally on your device. This information also serves to inform the user about the parameters with which the last backup or restore was carried out.

Please note the data protection guidelines of the MyInventory Account in chapter 4 and only use the MyInventory Account functionality if you have agreed to these guidelines.

When executing a backup, the app transfers the app data created locally on the device by the user (inventories, inventory items, documents of the articles, etc.) to your MyInventory Account.

When you restore a backup from the MyInventory Account, the previously stored data is accessed and then copied to the end device.

If you activate the synchronization function to maintain several devices synchronized, the application periodically connects to your MyInventory Account to synchronize the local app data with the data stored on your MyInventory Account.

2.5. Required rights of the app under Android

For the app to function optimally, the user must allow the following functions for the app under Android^®:

• Camera
  Used to take photos of inventory items and store them in the app.
• Access to the internal memory
  Serves to save the data of the app on the end device.
• Access to the Internet
  If you use the Google-Drive^® , OneDrive^® , WebDAV or MyInventory Account integration to back up or restore inventory data online.
• Access to the status of the network
  To warn you if there is no online connection. Optionally, the user can also be informed about a missing WiFi connection. Depending on your mobile phone contract, this can save connection costs.
• Microphone
  Optional: If you use the function to create and add voice notes to articles. The application only asks for this right when you use the “voice notes” functionality.

3. Details in regard to this website “https://miinventariopersonal.com”

3.1. Access data

The Author collects data on access to the website on the basis of our legitimate interest (see Art. 6 Para. 1 lit. f. GDPR) and save these as “server log files” on the website’s server. The following data is logged in this way:

• Visited website
• Time at the time of access
• Amount of data sent in bytes
• Source / reference from which you came to the page
• Browser used
• Operating system used
• IP address used

The server log files are stored for a maximum of 7 days and then deleted. The data is saved for security reasons, e.g. B. to clarify cases of abuse. If data have to be kept for reasons of evidence, they are excluded from deletion until the incident has been finally resolved.

3.2. Range measurement & cookies

This website does use technical cookies. We use technical cookies to manage the session and loading of the service. These cookies are essential for the website to function properly and allow us to provide a smooth and secure user experience. These cookies allow us to keep the user’s session active so that you do not have to log in repeatedly or reconfirm banners, for example, when browsing different pages of the website. In addition, these cookies help us ensure the security of the Platform by identifying possible risks and protecting the integrity of data. These technical cookies do not collect personal data and cannot be disabled as they are essential to provide the requested services. By continuing to use our website, you agree on the use of these technical cookies.

Common browsers also offer settings to not allow cookies. Nevertheless, there is no guarantee that you will be able to access all functions of a website without restrictions if you make the appropriate settings.

3.3. Collection and processing of personal data

The Author collects, uses and passes on your personal data only if this is permitted by law or if you consent to the data being collected.

Personal data includes all information that is used to identify your person and which can be traced back to you – for example your name, your email address and telephone number.

You can visit this website without providing any personal information. In order to improve our online offer, however, we save your access data on this website (without personal reference). These access data include the file you requested or your IP address. By anonymizing the data, it is not possible to draw conclusions about your person.

3.4. Dealing with comments and contributions

If you leave a post or comment on this website, your IP address will be saved. This is done on the basis of our legitimate interests within the meaning of Art. 6 Para. 1 lit. f. GDPR and serves the security of us as the website operator: If your comment violates applicable law, we can be prosecuted for it, that’s the reason for our interest in the identity of the author of the comment or contribution.

3.5 Google Analytics

We do not use Google Analytics.

4. Details in regard to MyInventory Account

The MyInventory Account offers you the possibility to safeguard your inventory data on the my personal inventory server and (depending on the my personal inventory application version) maintain several end devices synchronized. 

Changes data changed on one end user device will then automatically be synchronized with all other devices. 

To use this functionality you must create an account and accept the terms of use related to MyInventory Account.

MyInventory Account is not intended to store personal or sensitive information like passwords, financial information, health related data, etc..

4.1. Data Collection

The Author collects data in regard to the MyInventory Account on the basis of our legitimate interest (see Art. 6 Para. 1 lit. f. GDPR).

4.1.1. Account related data

To create and manage the MyInventory Account, the following data provided by the user is stored:

• username (a valid email address is required)
• password (stored in a hashed and non-reversible format)

To ensure security and service quality, the following data is stored automatically:

• last successful login date/time
• last failed login date/time
• device identifier from which the login was realized

4.1.2. Application related data

The “my personal inventory app” sents during the synchronization process local data changes to the server and receives data changes from the server.

Data added, modified or deleted locally will be added, modified or deleted on your account during the synchronization.

To offer the backup, restore and synchronization functionality the following data is stored on the MyInventory Account:

• the app data created locally on the device by the user, which includes the data of the inventories, articles, documents, etc.)

To ensure security and service quality, the following data is calculated and stored automatically by the ‘my personal inventory server’:

• size of the uploaded data

4.1.3. Access data

To ensure security and service quality, the following data is stored in “server log files”:

• Accessed server function
• Time of access
• Amount of data sent in bytes
• Source / reference from which you came to the page
• Browser used
• Operating system used
• IP address used

The server log files are stored for a maximum of 7 days and then deleted. The data is saved for security reasons, e.g. to clarify cases of abuse. If data have to be kept for reasons of evidence, they are excluded from deletion until the incident has been finally resolved.

4.2. Data Usage

The data you save on MyInventory Account is kept private to you and not available to others. 

Your data is exclusively used to offer data recovery, backup and synchronization functionality across multiple end devices which use the “My personal Inventory App” with your MyInventory Account. 

The data will not be used for any unauthorized purposes. Your data will not be shared or sold to third parties and neither be used for advertising.

We access your private content only when we have your permission or are required to by law. We collect performance and quota data and crash analytics, to adequately size the service and to prevent abuse of our services.

Document files uploaded via the “My personal Inventory App” during backup or synchronization are automatically tested for phishing or malware. Suspicious files will be deleted by the server.

Your email/password combination will be used to authenticate your user.

Your email will be used also to send you relevant information related to your account (account locking/unlocking/deactivation, password reset, etc.). Notifications will be sent to the registered email address of the user account.

4.3. Data sharing

Your data will not be shared without explicit user consent unless required by law.

4.4. Data deletion

You can request at any time the deletion of your data stored on your MyInventory Account. You can do this directly from the “My personal Inventory App” or sending an email to: support@miinventaripersonal.com

Inactive accounts and its data will be deleted automatically by the server. “MyInventory Accounts” without any activity during 6 months will receive a notification message to their email to realize a login into the account. In case no activity takes place during the following 3 months after notification, the account will be considered as inactive and will be deleted, including all related data.

The deletion is irreversible.

Data deletion includes all data and files stored on your MyInventory Account and the account itself. Data contained in encrypted server backups will be deleted automatically after the retention period (36 hours).

The data stored locally on your end devices will remain untouched.

4.5. Data storage

The server which stores and processes all data related to the MyInventory Account is hosted at the hosting provider “Contabo”: https://contabo.com in Europe.

Encrypted server based backup is done daily to restore data in case of server crashes. Each backup is retained for 36 hours and then deleted.

4.6. Data Security

The communication between the My personal Inventory App and the MyInventory Account is TLS/SSL encrypted.

The inventory data and document files are stored in a specific storage area which is created individually for each user and encrypted. Document files are checked for viruses and malware and will be deleted in case of detected anomalies.

MyInventory Account passwords are stored only in an hashed format using BCrypt and cannot be converted back into clear text.

The server itself is monitored with intrusion detection mechanisms and log file analysis.

4.7. User Obligations

Users are requested to maintain their login credentials confidential and to regularly update their end devices with available Android-security- and system-updates.

Any suspicion of compromised data security should be communicated immediately to: support@miinventariopersonal.com

Users should regularly check the email used for their MyInventory Account for any relevant notification (please check also your spam-folder, as your email provider might mark those notifications as unwanted email (spam)).