Gizlilik politikası
This Gizlilik politikası applies to the iOS app "MVM Vardiya planlayıcı".
Data Veri sorumlusu
Veri sorumlusu within the meaning of the GDPR:
Samir Salimovic
Independent iOS Developer
Vienna, Austria
Privacy İletişim:
E-mail: privacy@mvm-app.at
Web: https://mvm-app.at
Gizlilik yaklaşımı ("Local-First")
MVM Vardiya planlayıcı is primarily designed for local data processing. Planning data is primarily stored on your device. Data is transferred to external services only when necessary for the feature you use (e.g., Firebase login/synchronization, AI assistant, in-app purchases, advertising in the free version).
Kişisel verileri satmıyoruz.
İşlenen veri kategorileri
Depending on usage, we process the following data in particular:
Planning and Shift Data
Shift codes, colors, calendar entries, notes, overtime values, planning rules, settings.
Storage: primarily local on the device; when Share/Sync is active, additionally in Cloud Firestore.
Personalization Data
Optional name, language, theme, reminder times, app settings.
Storage: local app storage areas (e.g., UserDefaults).
Authentication Data
Email address, user ID (UID), sign-in status, auth provider information (e.g., Apple, email/password), security-relevant event data (e.g., timestamp, device reference where required).
Storage: Firebase Authentication, required local status data, and where applicable Firestore event data.
MVM Share Data
Connected partner ID, shared shifts, swap requests including status, required timestamps/metadata.
Storage: Cloud Firestore.
Transaction/Subscription Status Data
Purchase and subscription status information from Apple for unlocking Pro features.
We do not process credit card or bank account data.
Technical Data
Diagnostics and crash data, where provided by Apple and enabled by you.
Advertising Data (Free Sürüm Only)
When using AdMob, advertising/device identifiers (e.g., IDFA) may be processed, where legally permissible and enabled by you.
Legal Bases (Art. 6 GDPR)
We process data based on:
- Art. 6(1)(b) GDPR (contract performance / app functionality)
- Art. 6(1)(a) GDPR (consent, e.g., ATT, optional AI use)
- Art. 6(1)(f) GDPR (legitimate interest, security, stability, abuse prevention)
- Art. 6(1)(c) GDPR (legal obligations, where applicable)
MVM-AI Assistant
The AI feature is optional. When used, data may be transmitted to technical service providers to process your request.
Processed data (depending on request):
- Your entered text (prompt/chat message)
- Required context from the app, to the extent necessary for the response
Alıcılar:
- Cloudflare (technical AI proxy / worker)
- OpenAI (AI service provider)
Purpose:
- Providing the AI response requested by you
Consent:
- Consent is obtained before the first transmission
- No AI transmission takes place without consent
- Consent can be withdrawn at any time with effect for the future
Firebase Authentication & Synchronization (MVM Share)
When you use login and share features, the app uses:
- Firebase Authentication (sign-in, account management)
- Cloud Firestore (synchronization of MVM Share data, e.g., partner connections, shifts, swap requests)
Processing occurs only to the extent required for the features you use.
Email Security Emails (via Firebase Authentication)
When using email login, security-related emails may be triggered (e.g., verification, password reset, login-related notices).
For this, we process in particular:
- Email address
- Security/event data (e.g., timestamp, required device information)
Alıcılar:
- Google Firebase Authentication (for verification/reset and security-related auth processes)
Payments & Abonelikler (StoreKit)
In-app purchases are processed via Apple StoreKit. We only receive required transaction/status information to unlock functionality.
Advertising (Free Sürüm Only)
The free version may use Google AdMob.
- Personalized advertising only with corresponding consent (ATT)
- Without consent: non-personalized ads may be shown
- Advertising is disabled when an active Pro subscription is present
Alıcılar / Categories of Alıcılar
Depending on usage, data may be transmitted to the following recipients:
- Apple (StoreKit, and possibly diagnostics services)
- Google Firebase (Firebase Authentication, Cloud Firestore)
- Cloudflare (technical AI proxy, only when using AI)
- OpenAI (only when using AI and with consent)
- Google AdMob (free version only, depending on consent)
Third-Country Transfers
Where service providers outside the EEA are used (e.g., USA), third-country transfers may occur. Such transfers are carried out in compliance with legal requirements, in particular based on appropriate safeguards (e.g., EU standard contractual clauses), where required.
Saklama süreleri
- Local app data: until deleted by you or uninstallation
- AI chat histories (local): until deleted by you or uninstallation
- Firestore share data: until deleted by you (e.g., disconnect/removal or "Delete Data") or account deletion, unless legal obligations prevent this
- Auth/login data: according to applicable Firebase and app operational rules, as long as required for operation/security
- Subscription/status data: as long as required for verification/unlocking
- Security/auth event data: only as long as required for operation, security, abuse prevention, and error analysis
- Diagnostics/log data: according to platform provider rules
Your Rights Under GDPR
You have, in particular, the following rights:
- Access (Art. 15 GDPR)
- Rectification (Art. 16 GDPR)
- Erasure (Art. 17 GDPR)
- Restriction of processing (Art. 18 GDPR)
- Data portability (Art. 20 GDPR)
- Objection (Art. 21 GDPR)
- Withdrawal of consent with effect for the future (Art. 7(3) GDPR)
- Denetim makamına şikayet hakkı (Art. 77 GDPR), e.g., in Austria at the Data Protection Authority
Veri güvenliği
We implement appropriate technical and organizational measures to protect data against loss, misuse, and unauthorized access (e.g., transport encryption, access controls, use of established platform services).
Değişiklikler to this Gizlilik politikası
We reserve the right to update this Gizlilik politikası when features, legal requirements, or used services change. The currently published version is authoritative.
İletişim
For privacy inquiries: