Movilizer is committed to protect your privacy. This statement provides details about the handling of your personal data when using the Movilizer Mobile Enterprise Application Platform (further as "Movilizer platform") as an end user of client applications build upon the platform.
The Movilizer platform includes the Movilizer Cloud to manage, store and distribute application descriptions and associated application data, the generic Movilizer Client app (further as "app container") to interpret and execute application descriptions representing arbitrary mobile applications to support your organizations business processes and applications. An organization thereby represents a customer of the Movilizer platform, while you as an end user represent a Movilizer platform user assigned to your organization. Optionally, the platform offers the use of Movilizer connectors to integrate your organizations' backend system(s).
Applications executed within the app container are either customizable Movilizer platform standard applications contractually agreed on their use by your organization or custom applications developed in charge of your organization. The Movilizer platform offers several application frontends over the Movilizer Portal (further as "portal") to support Movilizer platform standard applications that may make use of your personal data (e.g. current location of the end user) for optimization purposes. The portal furthermore offers several services including customer and user management, usage statistics, monitoring of data transfers between all involved parties as well as logging of errors that occurred during your use of the platform.
Data security in the Movilizer platform
The Movilizer platform provides a deep security concept that spans the overall platform.
User authorizations & rights can be applied at any point within your organizations application scenario, from securing access to a specific function up to the entire scenario. This is realized by authentication of the app container and its user with the Movilizer platform and by role-based authentication of users with the business scenario and the customer system within the platform.
With End-to-End encryption the Movilizer platform offers a concept that allows your organization to protect data and make it unreadable at any instance of the Movilizer cloud. Thereby data is sent encrypted with a symmetric key into the Movilizer cloud by your organization and transferred encrypted to the app container. The encrypted data can be then only decrypted by using the corresponding key on the app container. Vice versa, any data collected by the app container and transferred over the Movilizer Cloud to your organizations backend systems will also be encrypted.
The Movilizer platform offers secure backend integration by required authentication of your organizations system within the Movilizer cloud and support of X509 certificates.
The Movilizer Cloud implements tools and routines for Attack Detection and Cloud Security, which automatically block backend and client systems from sending any data requests, as soon as they identify attacks or malware. All information inside the Movilizer platform is stored in conjunction with your organizations specification and never directly accessible. Data can only be accessed for role-based created users while client-specific information can only be accessed via defined interfaces and authorizations.
By default, any data transfer between the app container and the Movilizer cloud as well as the potential data transfer between Movilizer cloud and your organizations backend system is based on secure HTTPS communication protocols unless your organization explicitly defines to apply unsecure HTTP communication.
The app container provides the capability for (temporary) storage of the data required to execute the applications as well as for the data that may be collected by those. As long as data is not explicitly stored in public accessible storage areas of the device, which can only be driven by the application provided and deployed by your organization, the data is kept in isolated storage which in general is not accessible by any other application or person. The Movilizer platform furthermore provides the storage of data in the Movilizer cloud within physical secured server environments in two computing centers located in Germany covering fire protection and fail over scenarios.
Movilizer Cloud Location
The Movilizer cloud is running on servers located in the European Union unless you have chosen to run a private Movilizer cloud at your premise. In case Movilizer would move the data storage outside of the European Union, it will
(I) sign EU Standard Contractual Clauses or any other necessary documentation for legalization of the data transfer as required by the European Union data privacy law or your applicable data privacy law.
( II ) will notify you of this fact.
By using the platform and the app container, you agree that your organization is the data controller determining the content of the applications, purpose for which are being used as well as the term for which data in general, as well as which personal data is collected, processed and stored in the app container, within the Movilizer cloud and potentially in the backend systems of your organization. The Movilizer platform thereby purely acts as a data processor providing the services and the platform to support the purpose of your organization's application scenarios. Movilizer itself does not analyze or process any content of data stored in the Movilizer cloud. In case f your organization are is using any of the above mentioned portal applications (only accessible by your organization) mentioned in the introduction, you allow the Movilizer platform to access and process data for the respective application or service purpose to be visible for role-based authenticated users of your organization based on your organization's specified request.
You understand that Movilizer just provides the overall platform to your organization and that the app container provides a set of permissions to execute applications that may use one of following permissions at run-time: camera or CCTV, contacts, location tracking, microphone, phone state and calls, text messaging and storage. Your organization, as a data controller, decides on the content of the applications and their purpose, the data collected, stored and processed further within the Movilizer platform and also which of the above mentioned permissions will be used at run-time. By installing the app container on your mobile device and using the app container with a Movilizer platform user account that has been assigned to you by your organization you understand that your organization may collect and make use of personal data that falls under the above mentioned permissions given by default to the app container.
To learn more about processing of your personal data please visit Privacy Statements of the application licensor.
Should you have any questions or comments please send them to: firstname.lastname@example.org