Privacy Policy – SECORUN Mobile ID

Privacy Policy – Secorun Mobile ID

1. General Provisions

Secorun Mobile ID is a mobile application and a supplementary product for the Secorun KD access control system. The application was developed by Vemco Sp. z o.o. to enable users to authenticate at access control readers using mobile credentials stored on their mobile device.
The application is provided to users free of charge and is intended for use in its current form. The scope of its functionality, including the method of storing and managing credentials, is defined in separate license agreements concluded between Vemco and the Vemco Client.
This Privacy Policy sets out the rules for collecting, processing, disclosing, and using the personal data of application users, and serves as a fulfillment of the information obligations under Articles 13 and 14 of Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR).
Note: The use of the application takes place at the request of the Vemco Client, who may collect and process personal data of users independently of Vemco. This policy does not cover data transmitted directly to the Vemco Client or data made available to the Vemco Client through application functionality.
Changes to the Privacy Policy:
This Privacy Policy may be updated. Any changes will be communicated in the application. Continued use of the application after changes are made constitutes acceptance of those changes.
If you have any questions regarding this Privacy Policy or the practices described herein, you may contact us at: iod@vemco.pl.

2. Definitions

  • Vemco Client – the entity managing the Secorun KD access control system – the administrator of the system instance (Workspace) to which the user logs in.
  • User – a person registered by the Workspace administrator who has an account in the Application (typically: an employee of the Vemco Client).
  • Application – the Secorun Mobile ID IT system, including the mobile app and its associated functions, services, and integrations provided by Vemco.

Unless otherwise stated, terms such as personal data, processing, controller, and processor have the meanings given in the GDPR. The terms personal data and personal information are used interchangeably.

3. Data Collection and Use

Technical information about the device and application:

  • Device manufacturer and model
  • Bluetooth and NFC support
  • Operating system version
  • Application identifier and version
  • Unique application identifier and push notification token

Usage and analytics data:

  • Application status, events, statistics
  • Logs of interactions with readers (IDs and technical data)
  • Error logs

Purpose of data use:

  • Licensing and service delivery
  • Software updates and support
  • Product and feature development
  • User communication
  • Legal compliance
  • Service provision to the Vemco Client under the agreement

Location data:
The application does not collect real-time precise location data of the device. Enabling location services (e.g. iBeacon/BLE) is voluntary and serves only to improve reader detection. Location data is not stored.

4. Personal Data Processed

The application processes personal data provided by the Vemco Client, in particular:

  • First and last name
  • Email address
  • Name of the assigned company (as defined in the Secorun KD system)
  • Employee registration number in the assigned company (as defined in the Secorun KD system)
  • User profile photo
  • Workspace name – the Secorun KD system instance the user logs into

These data are necessary for:

  • Using application features
  • Assigning a mobile access identifier
  • Enabling identification by the Vemco Client’s security personnel

Personal data management:

  • All requests regarding the management of your personal data should be directed to the Vemco Client, who acts as the data controller.
  • Information on data management is available in the Application in the user account menu of the respective Workspace.

5. Sharing Data with Third Parties

Vemco does not share personal data with third parties for marketing purposes.
Data may be shared with third parties only in the following situations:

  • As required by applicable law (e.g., court subpoena)
  • In good faith when necessary to protect rights, safety, or prevent fraud
  • With trusted service providers acting on behalf of Vemco
  • To combat abuse or technical issues

6. Opt-Out and Security

Opting out of data collection:
You may stop data collection by uninstalling the application using the standard procedure of your operating system or app store.

Data security:
We use physical, electronic, and organizational security measures. Only authorized employees and processors have access to the data. However, please note that no system can guarantee 100% security.

7. International Data Transfers

Personal data may be processed outside the European Economic Area (EEA), using EU standard contractual clauses and appropriate safeguards in compliance with GDPR.

8. Contact

Vemco Sp. z o.o.
ul. Biała 1, 80-435 Gdańsk, Poland
iod@vemco.pl
+48 58 550 75 65
https://www.vemco.pl