This Privacy Policy applies to all DeepCloud Mobile Apps, regardless of the app store in which they are offered. For the sake of readability, all designations of persons apply equally to all genders.
DeepCloud’s Mobile Apps include:
- DeepBox (Android and iOS)
- DeepID (Android and iOS)
Here we provide information about the data processing performed by us when our Mobile Apps are used. Our Mobile Apps are primarily used for document management (DeepBox app), identification of persons, verification of organisations, and release of expressions of intent and actions, or for authentication and verification of a user (DeepID app).
The Mobile Apps are used either as a stand-alone solution or in combination with web applications. It is also possible for a Mobile App to be downloaded and data collected via the Mobile App without any data being transferred to a web application. In this case, the data collected by you via the Mobile App does not leave your device; the same applies to the use of the Mobile Apps in “offline mode.” The collected data remains locally in the Mobile App on your device unless it is switched to “online mode” or synchronised.
As a general rule, our Mobile Apps are either downloaded and used by you on a mobile device, or your employer (or its service provider) requests that you use the Mobile App. The use for data exchange with a web application may then exist within the framework of an existing contractual relationship with you, with your employer, or with another contractual partner.
You are under no obligation to provide your data to DeepCloud. However, it is possible that certain functions of a Mobile App may not be available or only be available to a limited extent if you do not provide data.
What data is processed when using the Mobile Apps?
Various data may be collected when the Mobile Apps are used, transmitted to the corresponding web application linked to the Mobile App, and processed by it. This is done using synchronisation. Some Mobile Apps require that synchronisation with the corresponding web application is permitted. The first step is a check of whether the Mobile App is accepted by this web application or whether any DeepCloud subscriptions exist (“DeepCloud Sub” at DeepBox). User information is transmitted to DeepCloud and compared with existing DeepCloud Subs.
In order to use a confirmed DeepID identity, an exchange of data between DeepCloud and a third-party provider may occur for you as a user of DeepID. For details, please refer to the “DeepID” section.
Depending on the Mobile App, different data of different categories of data subjects may be processed depending on which DeepCloud Service is used in order to synchronize or exchange this data between the Mobile App and a web application. How the data controller for the web application (third-party provider) processes this data is within that party’s area of responsibility and DeepCloud is not informed of it.
The following categories of data may be included depending on the Mobile App:
- Personal master data (e.g., name, company name, address)
- Communication data (e.g., telephone, e-mail address)
- Identification data (e.g., user ID or identity UID)
- Data from identification documents (e.g., ID cards and passports) such as name, maiden name, date of birth, nationality, photo, data and certificate of the NFC chip, ID data, date of issue, term of validity, country of issue, metadata, optical character recognition, security features, MRZ
- Documents and their content if they contain personal data
- Multimedia data (photos, videos such as challenge response videos and voice recordings)
- Location data
- Diagnosis and analysis data (e.g., product interaction, usage data)
- Data on data subjects’ devices used as means of authentication
- Confirmations, such as acceptance of the applicable GTCs or acknowledgement of the Privacy Policy
Depending on the Mobile App, these may be the following categories of data subjects:
- End customers and business customers
- General customers
- Employees of customers
- Users of an app, such as a person to be identified
- Signatory for an electronic signature
- Employees
- Business partners
- Subscribers
- Freelancers
- Contact persons (employees of a business partner/customer)
If support is needed, users may send error reports to DeepCloud if anything abnormal occurs when using the Mobile App. The crash logs do not contain any personal data.
When a Mobile App is downloaded, the data required for this purpose will additionally be transmitted to the respective app store (e.g., user name, e-mail address, customer number, time of download, any payment information from the app and the individual device number). We have no control over such data processing and are not responsible for it. This data is processed because it is necessary in order to download the Mobile App onto your device. Further information can be found in the privacy policy of the app store in question.
Where is the data stored?
Data that DeepCloud stores in a DeepBox is located in a cloud solution certified in accordance with ISO 27001 by a contracted service provider who only processes your data for the purposes described by us. The contracted service provider has been carefully selected and commissioned by us, is bound by our instructions and is subject to regular review. The server locations are in Switzerland.
Name of the App: DeepBox (iOS / Android)
Function of the DeepBox mobile App:
DeepBox (iOS and Android) allows documents from different sources (via the camera, from the photo album, or from another cloud service) to be transferred to a DeepBox.
Technical data and information that is processed and/or stored:
The App supports devices with iOS and Android (from Android version 5.0, exception: Huawei devices with their own operating system that do not support Google Services).
- (Static) URL for access to the DeepBox system
- Authentication factors (Access & Refresh Token) for access to the DeepBox Tokens are deleted after the user logs out within the App.
- App Version
- Model of the terminal device (iPhone/Android)
- Version of the operating system
- Indication of the countries/regions in which the App is used
- Android: CrashReports and StackTrace (Sentry). In the case of event logs, these are active by default (Matomo). The user can set restrictions or deactivate this via the settings.
- iOS: Logs are created by the Microsoft AppCenter for debugging purposes (CrashReports only). Information processed by the AppCenter can be found at https://docs.microsoft.com/en-us/appcenter/gdpr/faq.
- Documents and content captured via App
“Privacy/ Data Protection”: Display of a window with selection
- Required analysis data: CrashReports and StackTrace, specification of countries/regions, Microsoft AppCenter information (by default)
- Complete analysis data: Event logs (Android)
Saving:
Data, information, and documents for uploading to a DeepBox are (temporarily) stored in the App (storage also possible for offline use) or made available via access authorisation. DeepCloud only stores technical or statistical analysis data on the use of the App (such as crash reports, countries/regions) within the scope of App use, otherwise storage takes place in the user’s mobile device or after transfer of the data, information, and documents in the connected DeepBox.
Third-party services used:
iOS: Microsoft AppCenter services to make the App more secure and to analyse crash reports.
Android: Sentry, to analyse crash reports and Matomo to analyse the use of the App.
including the libraries listed within the App settings “Licences”.
Access authorisation/s:
The App requires access to the camera function (to be able to scan, store, and read the documents), the photo album (where documents are stored to be used), the calendar (iOS only, so that expiry dates of the documents can be determined by means of the calendar) and the activation of the location services (where the locations are recorded by code). Furthermore, access to the “Internet” is required to enable a corresponding transfer connection to the connected DeepBox.
The access authorisations are requested when the App is installed and the respective function is used for the first time. They only become active when the user has agreed and can be deactivated at any time, after which certain functions of the App can no longer be used.
Android: On older devices (older than Android 6), permission is requested when the App is installed.
Access protection:
Access protection can take place via the mobile terminal, in which the possible access restrictions are activated and the existing encryptions are used. No separate App access protection is implemented.
Network protocol:
As a network protocol, the App uses the HTTPS protocol with TLS encryption for communication.
DeepID service and DeepID Mobile App (Android and iOS)
The DeepID service and the DeepID App (DeepID) are used to digitally identify individuals, e.g., in order to be able to use DeepCloud’s digital signature service—DeepSign—to verify organisations, to approve statements of intent and actions, or to enable users to authenticate themselves using DeepID for DeepCloud web applications or for services of third-party providers, with no user name or password, securely and easily.
This requires going through an online identification process using the DeepID app. This identification process has been developed and tested in accordance with the legal provisions of ZertES/VZertES in Switzerland and the eIDAS Regulation in Europe, as well as the requirements of recognised certification and trust service providers as part of an implementation plan for identification of persons for advanced and qualified electronic signatures (AES and QES). Verification of the secure online identification process using DeepID and the DeepID app is documented by KPMG and is available in the form of the corresponding documentation. The legal requirements provide for a regular review that audits and confirms the legal changes and functions of DeepID.
A user’s identification documents are checked and digitised as a DeepID. Each user can have only one confirmed DeepID. The process recognises whether the same user appears with different identification documents. Furthermore, each means of authentication must be registered in accordance with the implementation plan and assigned to the user. The user must be the authorised owner of the device and must have sole control over it so that it can be used for authentication. Identity verification and signature creation or other authorisation are linked in the same technical connection, until a new identity verification is carried out. The link between identity verification and the authentication method used is therefore clear and certain.
This ensures that the identified person is actually identical to the active user of the DeepID app and that the authenticated device is in his/her possession. The process required for this purpose is prescribed by the DeepID app. The authentication factors used also include verification of the submitted and approved identification document, the image material, and the challenge response video taken by the person him/herself.
DeepID has a wide range of applications; for instance, the confirmed identity can be used for various services for the authentication of a person in a system login, time recording, access solutions or the release of expressions of intent such as the commissioning of electronic signatures.
The user can change the overall configuration, such as the device used, at any time. However, this automatically leads to a new authentication of the device, possibly even making it necessary to go through parts of the identification process once again. The detailed procedure is described below.
What data is processed in DeepID?
DeepCloud records the following user data for identification purposes and to maintain the traceability of identification confirmation as well as for the use of the DeepID (insofar as this data is disclosed by the user in the identification process or within the DeepID app or is transmitted by a third-party provider for whom the DeepID is to be used):
- Nationality
- Place of residence (country information)
- Photos of the relevant pages (such as front and reverse) of the selected identification document (as permitted by the prescribed process) with the information contained therein (such as surname, first name, gender, date of birth, signature, date of validity and serial number of the identification document, nationality, place of origin, and any biometric data from the photo)
- If supported: Scan of the NFC chip of an identification document with the data read from it (such as surname, first name, date of birth, address, date of validity and serial number of the identification document, nationality, signature, and any biometric data from the photo)
- Distinguished Name: A statutory standard for the form of a name in certificates; the Subject DN includes the name of the signatory, and the Issuer DN the identification of the Trust Service Provider providing the service (in the case of DeepID, DeepCloud)
- Photos and challenge response video of the user from video identification, as specified in the process
- Email address
- Address
- Telephone number
- User ID
- Data on the means of authentication personally used (such as device number) and technical data on the device
- Result of identification and verification (success, failure)
- Information that the user provides in inquiries to DeepCloud (as in the case of support)
- Data on acceptance of DeepCloud’s and third-party providers’ current terms of use, as well as confirmation of the user’s place of residence for advanced and qualified electronic signatures (AES or QES)
- Other data, information or documents provided when using DeepID relating to a requested signature, or to organisations such as commercial register extracts, powers of attorney, shareholder contracts, address, e-mail address or other supporting documents relating to specific attributes for a certificate for AES or QES, other relevant information such as the responsible registration office (such as DeepCloud), signature or authentication log files (such as business partner number, process number, process-related data) and hash values
Data is temporarily stored in the DeepID app so that the user can continue the identification process after closing the Mobile App, but only for a limited period of time. If this time window has expired, the data must be recorded again. Once the identification process has been completed, the following data will continue to be stored locally in the DeepID app:
- User ID, device number
- Identity information such as user name, place of residence, place of origin, and date of birth
- Profile image if the user uses one for the DeepID app
The identity information is also deleted within the DeepID app and stored in DeepCloud for the use of DeepID as soon as the user has been confirmed in the DeepID app and the affected data can be accessed on a case-by-case basis.
Procedure for identification and the data processing that is carried out:
The user’s identity must be confirmed before using the functionalities of the DeepID App for the first time. To do so, the user follows the steps provided for in the DeepID App. In certain cases, a QR code or voucher can be used to start the identification process. He/she indicates their place of residence and nationality. The identification documents approved for identification are selected based on these choices. Certain third-party services and DeepCloud are restricted in this respect as the user’s place of residence is required to be in Switzerland, the EU, or the EEA, and only certain countries and their identification documents are accepted. Only those identification documents are permitted that the providers of the certification or trust services allow for this purpose. These are indicated during the identification process. The identification documents must be valid at the time of identification.
The user then photographs an identification document approved by DeepCloud twice. To make this possible, the user must allow the DeepID app to capture images and videos with their device. If a passport is used, the NFC chip contained therein is automatically read and stored with its certificate, the passport metadata and the passport photo. Data from other identification documents is collected and stored automatically using an image.
The user then performs facial recognition using a 3D selfie and Challenge Response Videos. The user’s biometric data is processed for this comparison to establish identity, which the user expressly consents to. A rating is generated by a test algorithm to determine whether the person named in the identification document is really the user. For this reason, photos and videos must be taken personally by and from the person being identified. If the test produces a positive result, the identification process can be continued. If an error report is made, the user can repeat the process and contact DeepID support if necessary.
The user then confirms his/her data (such as first name, last name, birth date, place of origin, gender), enters his/her residential address and provides his/her e-mail address so that DeepCloud can send him/her important messages such as his/her e-mail verification code. He/she will then receive this verification code using which he/she can confirm his/her e-mail address. The user will receive a recovery code, which he/she must keep in a safe place.
It is necessary that the device used to identify the user can be registered as his/her means of authentication and verified in accordance with a user authentication method recognised in accordance with DIN standards. By doing so, the user confirms that he/she has sole control over the means of authentication.
An AI-based user-centric authentication suite from a third-party provider is used to authenticate the device used to ensure secure communication between the DeepID App and the releases desired by the user, such as the provision of an electronic signature. As an additional security factor, the user specifies a six-digit PIN for access to the DeepID App or activates his/her device’s access protection (such as face ID) as well as the automatic screen lock to unlock the DeepID App in order to protect it from unauthorised access and to protect it from unintentional expressions of intent. The DeepID PIN must be confirmed in order to activate the DeepID App for use.
After that, the user is registered and the identity is verified, a process that can take some time. If the data entered by the user cannot be verified automatically, DeepCloud support endeavours to complete the process, together with the user if necessary. The user can be contacted for this purpose within a reasonable time frame or contacts DeepCloud support him/herself. After the verification is completed, the user will receive a push notification to this effect.
If the identification of the release of electronic signatures serves a certification or trust service provider in Switzerland or the EU, then once the user has submitted a request, his/her registration for such electronic signatures will only be granted if all prescribed requirements of these providers have been met. Users must therefore accept their terms of use and confirm their place of residence in Switzerland, the EU or the EEA.
The existence of a registration is checked before each electronic signature is approved; if necessary, the identification must be repeated. The data processing occurring thereby will be performed to the extent required by law for a signature process (identification of the signatory and authentication of the device before release of the signature).
Further data processing performed during use of the app
Within the DeepID App, the user has the option of selecting different functionalities as part of the dashboard. The user may manage his/her data in his/her profile and complete tasks such as releasing statements of intent or actions and starting the process for verification of an organisation. To this end, he/she may invite other persons to identify themselves so that they can subsequently verify an organisation. To do so, the user can use the communication tools available on his/her device, such as email or SMS, to invite the person in question for identification.
After logging out or if the PIN input is incorrect three times, the user must follow the steps provided by DeepCloud in order to be able to log in to his/her DeepID App again. This will require the following actions: The user inputs his/her date of birth, retakes a selfie and video, confirms his/her device with the PIN received by e-mail and specifies a six-digit PIN and registers with the access protection he/she chooses.
There is no automated decision-making within the meaning of applicable data protection laws.
To which recipients is data transmitted?
Recipients fulfilling legal obligations: DeepCloud may disclose personal data to recipients if this appears necessary or appropriate to comply with applicable laws and regulations or to verify compliance with them and to respond to requests from competent authorities. This concerns, in particular, state-accredited conformity assessment bodies, audit officers and the approving body for certification services for the purpose of checking the proper performance of the registration service.
Third-party providers as recipients of data: DeepCloud may transfer personal data to third-party providers if the user makes use of a service provided by such a third-party provider, such as if the user wishes to authorise a declaration of intent or action, or in order to enable an authentication for such a service.
Service providers as recipients of data: DeepCloud is used to provide DeepID to external service providers. These are hosting and service providers. They only process data for the purposes described by DeepCloud and are contractually bound to comply with the data protection obligations under the relevant data protection laws. They have been carefully selected, are bound by DeepCloud’s instructions and are regularly monitored. They use server locations in Switzerland for this purpose; their registered office is in Switzerland or the EU, which offers an adequate level of data protection for Switzerland.
What diagnostic data is transmitted to DeepCloud via the DeepID app?
Fundamental diagnostic data for diagnosing errors or problems within the DeepID app is collected using Firebase Crashlytics (Android) or Microsoft AppCenter (iOS), to which DeepCloud has access. These do not contain any personal data. How Firebase Inc. and Microsoft handle this information can be found in their respective privacy policies.
How long is data stored?
Fundamentally, data is stored for as long as necessary for the stated purpose and as required by contract or statute. In the area of identification and in the case of certification and/or trust services, there are very long statutory retention obligations—from completion of the identification process at least 17 years according to ZertES and at least 36 years according to the eIDAS Regulation—in order to be able to prove that a person was identified and that an electronic signature was granted. If there is no longer any purpose for storage or contractual or statutory retention obligations no longer exist, anonymisation or deletion will occur after expiration of existing backup periods.
Information that is necessary to enable users to log into the Mobile App, such as login data or a profile picture, remains stored for as long as the usage relationship with the user, retention obligations or any other purpose for their processing exists.
Diagnostic data is deleted as soon as it is no longer needed for its purpose.
What is the purpose of the data processing?
The data and information are processed by DeepCloud in order to provide the functionalities offered in DeepID, to allow secure and smooth use of the DeepID Service and the DeepID app, to contribute to their improvement, to provide support, and to comply with legal obligations such as responding to official requests.
What are the legal bases/justification for data processing?
DeepCloud collects and processes data and information in accordance with your express consent, based on overriding legitimate interests, a contract or legal obligations.