Privacy S4DX Satellite and Courier App [English]

Choose your language:

BR | CS | DE | EN | ES | FR | PT | RO | SK | TR

If you use our mobile service, your information will be provided to us. For that reason, we would like to be completely transparent and disclose what information we collect, how we use it, who we share it with, and what ways you can access, update, and delete your personal information.

I. Who is responsible?

Responsible for data protection laws, in particular the EU General Data Protection Regulation (GDPR), is:
Smart4Diagnostics GmbH
D-81379 Munich
Office: +49 (0) 89 724 018 40

As Data Protection Officer, we have appointed:
Data Protection Officer of IITR Datenschutz GmbH
Phone:  +49 (0) 89 724 018 40

II. What processing activities are carried out?

We have two basic categories of data:

  • Data that you provide
  • Data we receive through your use of the application.

We will explain these categories in more detail.

Data you provide
When you use our application, we collect information that you provide to us. This requires you to set up an S4DX account. To do this, we need to store some important information from you, such as: your name, a username, a password, and an email address.

Data we receive through your use of the application
If you use our Courier app and if you have activated location tracking via GPS positioning, only then we temporarily collect data about your location. However, GPS positioning only starts from the time of a SmartTube registration and ends when a SmartTube is delivered. The location is captured every 60 seconds, stored for 60 seconds, and then overwritten with the next captured location. There is no storage of the location or the time point over time and thus no traceable route based on the recorded location data is generated.

The location tracking functionality can be deactivated at any time by the user in the settings of the app.

The following library is used to collect location data: react-native-geolocation-service.

Purpose, legal basis and legitimate interest
In principle, your data will only be processed on the basis of consent given by you. The legal basis is Art. 6 sec. 1 p. 1 lit. a GDPR.

Recipients of the data
Our server  is serviced by a service provider who acts as our processor.
The operation of the infrastructure is also agreed with a processor.
All service providers are contractually obliged to treat your data confidentially.

Storage duration
The storage period refers to your active usage of this app.
If at some point you decide that you no longer want to use S4DX, you can simply ask us to delete your account or you can delete your account in the app on your own.  Your data will no longer be saved after the deletion.

Provision required 
The provision of personal data is not required by law or contract. However, no processing is possible without this consent.

Please read the information on your right to object under Art. 21 GDPR below.

Use of the application

Purpose, legal basis, and legitimate interest
When you access our application, general information is automatically collected. This information includes, for example, the  storage of the email address to send a confirmation email, internet service provider details,  camera usage to capture the barcodes, [Satellite] use of local memory to temporarily store usersessions and sample test, [Satellite] and the use of our algorithm that improves sample detection.
In particular, these are processed for the following purposes:

  • Ensuring a trouble-free connection of the application,
  • Ensuring a smooth use of our application,
  • evaluation of system security and stability as well as
  • for other administrative purposes.

The processing is carried out in accordance with Art. 6 sec. 1 lit. f GDPR based on our legitimate interest in improving the stability and functionality of our application.

Recipients of the data
We use technical service providers to operate and maintain our servers, who act as our processors.

Storage duration
The data will be deleted as soon as it is no longer necessary for the purpose of the collection. This is generally the case for the data used to provide the app  when the session is over.

Provision required
The provision of the aforementioned personal data is not required by law or contract.

III. What are your privacy rights?

Every data subject has the right to information under Article 15 GDPR, the right to rectification under Article 16 GDPR, the right to erasure under Article 17 GDPR, the right to restrict processing under Article 18 GDPR, the right to object under Article 21 GDPR and the right to data portability under Article 20 GDPR.
In the case of the right of access and the right of cancellation, the restrictions under Sections 34 and 35 of the German Data Code (BDSG) apply.

You may withdraw your consent to the processing of personal data at any time to us. This also applies to the withdrawal of declarations of consent given to us before the General Data Protection Regulation was applied, i.e. before 25 May 2018. Please note that the withdrawal will only work for the future. Processing carried out prior to your withdrawal is not affected.

In addition, there is a right of appeal to a competent data protection supervisory authority (Art. 77 GDPR i.V..m. Section 19 of the German Federal Data Protection Act). A list of supervisory authorities (for the non-public sector) with their respective addresses can be found at

IV. Data security

We only deal with personal data insofar as this is possible in accordance with data protection regulations. We also take all necessary technical and organisational security measures to adequately protect your personal data from unauthorized access and misuse.
Insofar as we store or process personal data, this is done within a high-security data center. In order to protect the security of your data during transmission, we use encryption methods (e.g. SSL) over HTTPS. Our servers are secured by firewall and anti-virus protection. Back-up and recovery procedures as well as role and authorization concepts are a matter of course for us.
Our employees are obliged to comply with the provisions of the GDPR and the BDSG when handling data.

Information about your right to object under Article 21 GDPR

You have the right, for reasons pertaining to your circumstances, to object at any time to the processing of personal data concerning you, which takes place pursuant to Article 6 (1) lit. f GDPR (data processing based on a balance of interests); this also applies to profiling based on that provision within the meaning of Article 4(4) GDPR.
If you object, we will no longer process your personal data unless we can prove compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise, or defend legal claims.

The objection may be informed with the subject “opposition” stating your name, address or other identifiers to:
Smart4Diagnostics GmbH
D-81379 Munich