Privacy Policy for the “BRAVIS” Software
Pursuant to the EU General Data Protection Regulation (GDPR), we are obliged to inform you about the processing of your data by us and your rights. When you use the software, we process personal data concerning you. Personal data means any information relating to an identified or identifiable natural person. Since protecting your privacy when you use the app is important to us, we would like to provide the following details to inform you about the personal data processed by us during such use and the way we handle this data. The information also provides details about your rights in terms of data protection. You can access this Privacy Policy at any time under “Privacy statement” in the software menu.
1. Controller, Software Purpose and Main Function
As controller in terms of data protection law, the company BRAVIS International GmbH, Calauer. Straße 70, 03048 Cottbus, Germany (“us” or “we”), provides you (data subject) with the “BRAVIS” software (“software” or “app”) to enable confidential conversations via video telephony in encrypted form.
The video consultation provides a virtual presence not possible with a conventional telephone call. In addition, several call participants can be connected to form a video conference. In order to depict the possibilities of communication in a real meeting as comprehensively as possible on a virtual level, the software also offers chat functionality, file transfer as well as sharing the screen or individual applications within the conference group.
2. Information on the Processing of Your Data
For the operation of the software it is necessary to store and process some personal data. Such data processing is justified by the fact that (1) processing is necessary for the performance of the contract between you as data subject and us acc. to point (b) of Art. 6(1) of the GDPR to use the software or (2) we have a legitimate interest in guaranteeing the operative readiness and error-free operation of the software, which overrides your rights and interests in the protection of your personal data within the meaning of point (f) of Art. 6(1) of the GDPR here.
Certain information will already be processed automatically once you use the software. The personal information processed in a given case is listed below:
2.1 Information Collected During the Download
When the software is downloaded, certain necessary information is transferred to the app store chosen by you (e.g. Google Play or Apple App Store) or the download service of the BRAVIS International GmbH. Data processed in this context may include, in particular, user name, e-mail address, your account customer number, download time, payment information, if applicable, your operating system, and the individual device indicator. When downloading from an app store this data is processed exclusively by the respective store provider and is beyond our control. If the download takes place via the download service of BRAVIS International GmbH, this data is used in aggregated and anonymous form for usage statistics that enable us to ensure the access quality for this service.
2.2 Information Collected Automatically
As part of your use of the software, we automatically collect certain data required to use the software. This includes the version of your operating system and time of access.
This data is automatically transferred to us, but not saved, (1) to make the service and the related functions available to you, (2) to improve the functions and performance features of the software and (3) to prevent and remedy misuse and malfunctions.
3. Nature of Personal Data Processed by the Software
In the software, services provided by BRAVIS International GmbH can be used for the administration of the personal user account, the transmission of a connection request to other users, the forwarding of encrypted data packets (connection relay), the transmission of presence information (readiness to communicate), the determination of the own IP address, automatic software updates and a call test. Information necessary for the provision is transmitted and processed, including your current IP address, the software version used, the display language and the operating system version used. When creating a user account, your email address is stored. This email address is required for account confirmation, password recovery, and the provision of important information regarding your account and is used only for these purposes. When using a mobile app, a unique device identifier is transmitted and stored, which allows the device to be woken from standby mode when a communication request is received (push token).
If necessary, the information will be stored, at most for the duration of the use of the service. Some services require authentication with user name and password. In this case, your password is generally only transmitted and stored as a cryptographic hash, so that we cannot determine your password.
To establish a communication channel, your IP addresses are transmitted to your communication partner. If the connection is established via a user account on our server, we will forward this data to the communication partner. No further processing or storage of this data takes place. It is technically impossible for us to record or store the type or duration of the communication.
Due to the use of peer-to-peer connections and end-to-end encryption between the communication partners, the contents of your communication are generally not visible to us. Recording or storage is therefore impossible.
Information about your readiness to communicate (presence status) is forwarded to your communication partners via our server. Further processing or storage of this data does not take place.
4. Data Retention by Us
4.1 Nature of the Data Stored
On the servers of BRAVIS International GmbH, personal data is only stored if you use a BRAVIS user account. The BRAVIS connection server provides and manages the user accounts. We transfer and store the following personal data in your user account:
– Username (Login)
– Cryptographic hash of the password
– Used software product
– Self-selected display name
– Email address
– User language
– Creation date
– Date of last registration
– Push token
– Optional data that you link to your user account yourself, e.g. name, company, public signature keys
While you are logged in with your user account, your IP address via which you communicate with the service will be stored for the duration of the login.
4.2 Use of Guest Accounts
With the host function you have the possibility to create user accounts for other users in the software (guest accounts). The entry of personal data for your guests and the administration of these guest accounts is beyond our control. It is your responsibility to comply with the data protection obligations towards your guests and to obtain their consent for the processing of this data.
4.3 Deletion of Stored Data
We erase or anonymize your personal data once it is no longer necessary for the purposes for which we have collected or used it pursuant to the clauses above. As a rule, we retain your personal data for the duration of the usage and/or contractual relationship concerning the user account, plus a period of 30 days during which we retain back-up copies following the erasure, unless such data is still necessary for criminal prosecution or for the securing, establishment or enforcement of legal claims. The usage and/or contractual relationship concerning the user account results ends with its deletion, which you can initiate with the function “Delete user account” in the software. All assigned guest accounts are also automatically deleted with this action. To delete a single guest account, you can use the “Delete Guest” function in the software.
5. Data Retention in the Software
5.1. Nature of the Data Stored
All data that is not part of your user account according to section 4 is stored locally in your user account on your device. This includes your settings, the list of your user accounts used including your login data in encrypted form, your contact lists as well as signature keys that you and your communication partners use to secure your communication.
5.2. Deletion of Stored Data
Deletion of the data on a desktop PC is done by deleting the configuration folder “BRAVIS” in the user account of your PC. On a mobile device, the deletion is performed by uninstalling the app or by using the functions provided by the operating system to delete the memory of an app.
6. Software Permissions
When the app is installed, the user is asked to consent to the software accessing the microphone and camera, if this is required by the used operating system, since this is necessary for the video telephony as main purpose of the app.
The app requires the following permissions:
– Internet access: This is required to enable video, image, sound and data transmissions and to identify you and/or your device.
– Camera access: This is required so that video can be captured by your video camera that can be transmitted in a video conference.
– Microphone access: This is required so that your speech can be captured and transmitted via your microphone.
– Photo album: You can send media files from the photo album on your device to your contacts, the software needs access to the photo album to do this.
– Notifications: The app requires permission to send notifications to the user. These are used to indicate missed calls or other important events in the software.
– Additional permissions, such as location information, are not requested.
7. Recipients of Your Data
We transmit your personal data to third parties only if this is technically required to provide the app service (computer centre for the operation of the connection server), permitted by law or you have given your consent and/or your legal representatives gave one for you.
To provide our service, we are dependent on the following third-party companies and external service providers:
– myLoc managed IT AG, Am Gatherhof 44, 40472 Düsseldorf, Germany – computer centre operating the connection server and the services for providing automatic updates, connection relay and call tests
Any disclosure of the personal data is justified by the fact that (1) we have a legitimate interest in processing the data for administrative purposes and your rights and interests in the protection of your personal data within the meaning of point (f) of Art. 6(1) of the GDPR do not override our interest and (2) we have carefully selected, regularly audit and contractually obligated our third-party companies and external service providers as processors within the framework of Art. 28(1) of the GDPR to process all personal data exclusively in line with our instructions.
Data is not processed in third countries (outside the EU).
8. Data Transmission and Data Security
8.1 Data security of Your Communication Contents
In view of the special security requirements of communication, special attention was paid to data security with the development of the software. The contents of your communication are subject to the following security features:
End-to-End Encryption:
All communication data is encrypted directly between sender and receiver. Unlike server-based conferencing systems, there is no central location where this communication data is decrypted and processed. The key exchange is carried out end-to-end via the Diffie-Hellmann protocol with a key length of 3072 bits and thus exceeds the length recommended by the BSI (Bundesamt für Sicherheit in der Informationstechnik), which is considered secure even after 2023. The key is thus only known to the two users of the connection. The connection is encrypted using AES-256.
End-to-End Authentication:
The BSI in technical guideline TR-02102-1 7.2.1.1. requires that system parameters must be exchanged authentically between the communication partners in advance. This takes place in BRAVIS using an RSA signature with 4096 bit key length and thus exceeds the length recommended by the BSI, which is considered secure even after 2023.. The keys are generated by the user himself and are not dependent on a trustworthy certification authority or on us. Thus the contents of your communication are also completely protected against access by employees of the BRAVIS International GmbH and the data center.
In order to check the key authenticity of the end user, the software additionally offers the verification by reading out a Short-Authentication-String (SAS).
Peer-to-Peer:
BRAVIS also uses peer-to-peer connections in conferences with several participants. A central communications server therefore does not exist as a point of attack.
Perfect Forward Secrecy:
By using session keys that are dynamically generated for each connection, it is not possible to eavesdrop on previous or future connections even if an attacker has gained possession of a key. In addition, the software uses a dynamic conference key that is regenerated with each change to the conference participants. This makes it impossible for a participant who has left the conference to listen to the further proceedings. Likewise, a participant joining later cannot decrypt the preceding communication.
The administration of your user account on the connection server is carried out via a secure hypertext transmission protocol (https) according to the current state of the art, which is secured by a certificate.
8.2. Data Security in the Data Center
The connection server as well as the update service, connection relay and call test are hosted on a server in a secure and certified data center of a German company in Germany and are administered by us. User accounts are stored there in encrypted form. Therefore the data center has no insight into your personal data. The data center proves its highest security level by an ISO 27001 certification.
9. Log Data
Neither the app nor the connection server record when, who, with whom and how long or especially about what has (been) communicated. There is no tracking, reach measurement or profiling.
10. Summary
10.1 As a German software provider, the BRAVIS International GmbH is subject to the stringent German and European data protection legislation. The communication servers are located in certified data centres of a German company in Germany. The strong end-to-end encryption ensures that the communication cannot be decrypted. There is no recording, profiling, advertising, sale of data, saving of conversations, messages or other connection data, collection or retention of location data, retention of log data and payment transaction data. No communication data or meta data is saved.
10.2 As part of the continued development of our business, the structure of our company may change in such a way that the legal form is modified, company parts or divisions are established, acquired or sold. In the course of such transactions, the customers’ information may be transferred together with the company part to be exchanged. Any time personal data is transferred to third parties to the extend described above, we will ensure that this is effected in line with this Privacy Policy and the applicable data protection legislation.
Any transfer of the personal data is justified by the fact that we have a legitimate interest in adapting our company form to the economic and legal conditions, where required, and your rights and interests in the protection of your personal data within the meaning of point (f) of Art. 6(1) of the GDPR do not override this interest.
11. Your Data Subject Rights
11.1 Right of Access
You have the right to obtain from us at any time, upon request, access to information about the personal data concerning you and processed by us to the extent stipulated in Art. 15 of the GDPR. To this end, you can file an application by mail or e-mail to the address indicated below.
11.2 Right to Rectification of Inaccurate Data
You have the right to obtain from us without undue delay the rectification of inaccurate personal data concerning you where such data is inaccurate. To this end, please use the contact addresses indicated below.
11.3 Right to Erasure
You have the right to obtain from us the erasure of personal data concerning you subject to the conditions described in Art. 17 of the GDPR. Such conditions provide, in particular, for a right to erasure where the personal data is no longer required for the purposes for which it was collected or otherwise processed, as well as in cases of unlawful processing, existence of an objection or of an obligation of erasure in Union or Member State law to which the we are subject. For the data retention period, see also clause 5 of this Privacy Policy. To assert your right to erasure, please use the contact addresses indicated below.
11.4 Right to Restriction of Processing
You have the right to obtain from us the restriction of processing in accordance with Art. 18 of the GDPR. This right applies, in particular, if the accuracy of the personal data is a matter of dispute between the user and us, for a period enabling us to verify the accuracy of the data, as well as in case that a right to erasure exists and the user opposes the erasure and requests restriction of use instead; furthermore, in the event that the data is no longer necessary for the purposes pursued by us, but the user requires it for the establishment, exercise or defence of legal claims, and if the successful exercise of an objection is still a matter of dispute between us and the user. To assert your right to restriction of processing, please use the contact addresses indicated below.
11.5 Right to Data Portability
You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format in accordance with Art. 20 of the GDPR. To assert your right to data portability, please use the contact addresses indicated below.
12. Right to Object
Acc. to Art. 21 of the GDPR, you have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based, inter alia, on point (e) or (f) of Art. 6(1). We will cease processing of your personal data, unless we are able to demonstrate compelling legitimate reasons for the processing which override your interests, rights and freedoms or if the processing serves the establishment, exercise or defence of legal claims.
13. Right to Lodge a Complaint
Furthermore, you have the right to lodge complaints with a data protection supervisory authority. The supervisory authority in charge for us is:
The State Officer for Data Protection and for the Right of Access to Files
Stahnsdorfer Damm 77
14532 Kleinmachnow
14. Contact
If you have any questions or comments regarding our handling of your personal data, or if you want to exercise your rights as data subject, please contact André Röhrig using the following contact details:
BRAVIS International GmbH, Calauer. Straße 70, 03048 Cottbus, Germany
Phone +49 355 290 243 20
E-mail: contact@bravis.eu
15. Amendments to this Privacy Policy
We always keep this Privacy Policy up to date. We thus reserve the right to amend it from time to time and to update information regarding the collection, processing or use your data. The current version of the Privacy Policy can always be accessed under “Privacy statement” in the software.
Version 1.0
as of 03/2020