ATLAS Access – Privacy Policy
TKH Security B.V., having its registered office at Zoetermeer, Chamber of Commerce number 30191139 (hereinafter referred to as: TKH Security)
Version March 2024
Data protection in the use of our applications is a particularly high priority at TKH Security B.V.
The processing of your personal data is in line with the General Data Protection Regulation (GDPR) and in accordance with the country-specific data protection regulations that apply to TKH Security B.V.
By means of this data protection declaration, we inform you, as users of the ATLAS Access app, about the nature, scope and purpose of the personal data we collect, use and process as well as about your rights and how you can exercise them.
TKH Security B.V. has taken numerous technical and organizational measures to ensure the most complete protection of the personal data processed via this app. However, internet-based data transmissions can, in principle, have security gaps, so absolute protection may not be guaranteed.
Name and address of the controller
TKH Security BV
Werner von Siemensstraat 7
2721 PN Zoetermeer
The Netherlands
Phone: +31 79 363 8111
Email: privacy@tkhsecurity.com
Processing of personal data
When using the ATLAS Access app, we process the following personal data:
In the access control process
We will receive your name and e-mail address from our customer, the administrator of the facility which has granted you access via ATLAS to this facility. Your e-mail address will be used to invite you to register your mobile device. By registering your mobile device to the ATLAS Access app, we will generate a mobile device ID for identifying your mobile device. This mobile device ID is device-specific and is used for each mobile access of that device. If you register a new device or the app is reinstalled, a new mobile device ID will be generated for this new installation.
Once your mobile device is registered, access tokens will be generated and stored at the mobile app according to the locations you are allowed to enter. When you present your mobile device to a reader, an access token is sent, and it will be validated if access should be granted.
After presenting your mobile device to a reader, feedback to the ATLAS Access app will be sent, containing the location of the door.
The following personal data is processed by us in the process described above:
- Name Provided by the administrator of the facility.
- E-mail address Provided by the administrator of the facility.
- Mobile device ID Randomly generated number to identify your mobile device.
- Personal ID Randomly generated number to identify you as user.
In access logs
In order to provide the services of the app, we process your data when you use the app, for example when you request access with your mobile device. In addition to the personal data mentioned above, these logs also contain data about the location of granted access and the time of entry.
- Name
- E-mail address
- Mobile device ID
- Access activity Information on the locations of granted or denied access.
Purpose of the processing
When you use our app, we process the aforementioned personal data to identify you via your mobile device and to manage your right to access the location(s) in question.
Retention period
We do not store your data longer than is necessary for the purpose for which we process your data.
Once your access is generated, we will remove the access activity after thirty (30) days. Your name, e-mail address and Mobile device ID and Personal ID will be stored for as long as you are a user of the app.
Legal basis for the processing
When using our app, Article 6(1)(a) GDPR serves as the legal basis for processing for which we obtain consent for a specific processing purpose.
If you use this app, this use is based on your consent.
The personal data that we receive from the administrator of the facility to which you are granted access to are provided on the basis of legitimate interests (Article 6(1)(f) GDPR) of that facility.
Transfer to third parties
Our cloud environment is hosted by a company in the European Union. In addition, we use external parties for maintenance of our systems.
We use Google Crashlytics for monitoring our app. Data that is shared with Google Crashlytics for this purpose do not contain personal data.
All third parties we use are selected by us on the basis of strict data protection criteria. We have entered into data processing agreements with these parties. They work in accordance with all relevant laws and regulations, our security requirements and they only process personal data for the agreed purposes. We declare that your personal data will not be resold.
What are your rights?
You can contact us if you wish to exercise your right to:
- access to your personal data that we process;
- erasure of your personal data;
- restriction of the processing of your personal data;
- transferring your personal data;
- object to our processing of your personal data; and
- not to be subject to automated individual decision-making.
To exercise any of these rights, please send an email to our Privacy Officer at privacy@tkhsecurity.com. We may ask you for further information if we cannot identify you as a user of the ATLAS app.
Withdrawal of consent
You can always withdraw your consent to the processing of your data for the use of the ATLAS app. You can let us know by e-mail via the above e-mail address.
You can only exercise your rights with TKH Security, including withdrawing your consent, for the data that we process as a controller.
We also process data as a processor for our customers. If you have any questions or wish to exercise your rights in relation to this data, you should contact the customer. This customer is the manager of the property to which you have been given access through ATLAS Access Control.