Privacy Policy luca App

You can reach our data protection officer at our Berlin location as follows:

culture4life GmbH
Data Protection Officer
Charlottenstraße 59
10117 Berlin
Germany
privacy@culture4life.de

n order to use the functionalities of your luca App, a one-time activation is necessary. The activation is not linked to your smartphone and can be transferred by means of an account that is stored in the luca system, for example. 

You have the option of using the account function in the luca App. This allows you to access your luca App regardless of the device. 

Your email address stored in the luca App is required for this. This is used, by means of a link, for verification when logging in on another device. Once this has been done, you will be logged in to your luca App. 

If you enter an email address that is not already stored, an account will be created for it. 

Your personal details will be stored in your app and in your account. This includes your first and last name as well as your email address. If you use the luca Pay functionality (section G), this also includes your user ID and your payment history. 

Optionally uploaded test and vaccination certificates as well as proof of recovery (section E) and identification documents from luca ID (section F) are not included in your account, but are only stored on the device.

1. 1. Data categories

   We process the following contact data, which is necessary to register in the app: 

   • Name 
   • First name 
   • Email address 

   Temporary usage data is continuously collected when using the app: Data that may be collected when using the luca App, which includes IP address, IP location, type and version of the end device used, information on the mobile network used, time zone settings, operating system and platform. 

   Furthermore, we use the open-source software Matomo to measure reach. In addition, the following analysis data is collected. You can also object to the reach measurement by Matomo directly in the app in the Account / Settings area. 

   • Anonymised IP addresses 
   • Pseudo-anonymised location (based on the anonymised IP address) 
   • Pseudonymised visitor ID 
   • Date and time, time zone settings and local time 
   • Functions and elements of the app accessed 
   • Files and links clicked and downloaded 
   • External links used to open the app 
   • Loading time of the app 
   • App settings (e.g. language set, screen resolution) 
   • Converted destinations 

If you have signed up for the newsletter in the app, you can find information about this processingin our Website Privacy Policy.

2. Purposes and legal basis of the processing

We will only process your personal data for a specific purpose in accordance with the listed legal bases. In the following, processing is described in relation to the respective purpose and the respective legal basis for the processing of your personal data is stated: 

Sect.	Processing and purpose	Legal basis	Controller
(1)	When you register, we collect and store your contact details in order to be able to guarantee the use of the services of our app.	Art. 6 (1) 1 b) GDPR:  Based on the terms of use for the luca services that apply between you and us.	culture4life GmbH (we)
(2)	When using the account function, your contact details will be transferred to another device for renewed registration after verification by your specified email address.	Art. 6 (1) 1 b) GDPR:  Based on the terms of use for the luca services that apply between you and us.	culture4life GmbH (we)
(3)	Temporary usage data is collected and stored during registration and use of the luca App. The purpose of this is to ensure the security of the luca system and thus to guarantee the provision of services to you.	Art. 6 (1) 1 b) GDPR:  Based on the terms of use for the luca services that apply between you and us.	culture4life GmbH (we)
(4)	We use the open-source software Matomo to measure reach. It is configured so that no cookies are stored on the device.    In doing so, we collect analytics data to analyse the behaviour of our visitors for the purpose of improving our offer.	Art. 6 (1) 1 f) GDPR.  You can also object to the range measurement by Matomo directly in the app.  The evaluation of the legitimate interests has been documented.	culture4life GmbH (we)

3. Recipients of personal data

In order to achieve the purposes described earlier in this Privacy Policy, we share your personal data with the following recipients, with the understanding that they may not use the data in any way other than to provide services to us (as so-called processors within the meaning of Art. 28 of the GDPR): 

Services provided by suppliers	Suppliers	Processed data
Software maintenance and operation services	neXenio GmbH, Charlottenstr. 59, 10117 Berlin	Contact data, temporary usage data.  (The processing is limited to a possible inspection of the listed data within the scope of the implementation of the software maintenance and operation services).
IT infrastructure services (server)	Telekom Deutschland GmbH, Landgrabenweg 151, 53227 Bonn	Contact data, temporary usage data.  Server location: Germany, Hungary (Open Telekom Cloud)
Hosting of Matomo Analytics	SaaS Web Internet Solutions GmbH, Steinstraße 25, 76133 Karlsruhe	Analysis data  Here you can find further information on the processing by Matomo.

Data Processing Agreements have been concluded with these recipients in accordance with Art. 28 GDPR, so that they can only process your data for a specific purpose and on our instructions. 

4. Duration of storage of personal data

Your personal data will be automatically deleted after the periods described below have expired: 

• Contact details: 

• Within the luca App you will find a so-called delete button. You can use this button to delete your data. 
• By simply uninstalling the app, the data stored locally on your end device will be deleted even without using the delete button. 

• Temporary usage data: Temporary usage data is processed in log files. These are stored by us for a maximum of 7 days and then automatically deleted. Any storage beyond this period does not take place. 
• Analysis data: Your data will be anonymised and pseudonymised directly upon collection. The above measures do not allow us to draw any conclusions about the identity of individual visitors. This data is stored for a maximum of 14 months and then automatically deleted. 

With Pausing of contact tracking, all contact and stay data (check-ins) still stored in the luca system have already been removed from our database.

With the help of your luca app, you can easily store your contact details when you visit a restaurant, for example, for the purpose of contact tracking. This data is stored in encrypted form and can only be retrieved and viewed in clear form by a health department through decentralized decryption. We as culture4life as well as the restaurateurs, retail stores, event organizers and other operators (hereinafter collectively referred to as “operators”) visited by you do not have access to your data in unencrypted form at any time.

Due to the different actors involved in contact tracing, the responsibility of data processing is also in different hands. We are directly responsible for processing the personal data you enter when registering in the luca app. We only have your personal data in encrypted form. Your stay data is not collected by us, but by the operators you visit. This is done by them scanning your QR code or you scanning the operator:in QR code. The operator is responsible for this processing and we act as the processor of the operator and are obligated to comply with the data protection requirements through corresponding contracts with the operator.

We are convinced that encryption helps to protect your personal data, as this means that it can only be viewed in its clear form by you and, if required, by the relevant health authority. In the following, we describe specifically which data we collect and process, on what basis and for what purposes, which service providers we pass this on to and which rights you have with regard to your data.

1. data categories

We process the following categories of data, which are necessary to provide or facilitate contact tracing in accordance with country regulations issued in connection with the control of COVID infections:

• Contact details: Name, first name, address, telephone number, e-mail address.
• Functional data: Data mapping IDs, keys and QR codes.
• Stay data: Name or designation of the operators with whom you have stayed, date, beginning and end of your stay and address of your place of stay.
• Additional Input Data: Other information that an Operator:in may enter through input fields in our Services, each of which relates to your stay, such as table and/or room number.

2. process description

The luca app is the most used luca service. You can find them in all popular app stores and conveniently install and use them on your smartphone. After entering your contact details and successfully verifying your phone number, an individual key will be generated for you. This is used to encrypt your contact details. Your contact details as well as your key will remain exclusively on your own smartphone until your first check-in. The encrypted data is transferred to the luca system and stored on the servers of our service providers within the EU area.

Capture the data at the beginning of your stay: Now you can check in at your favorite locations. This records the period of your stay with an operator:in by scanning the QR code. In this context, your personal key (with which your contact data was encrypted in the course of registration) is encrypted with the key of the health authorities. The operator:in turn encrypts this data with its own key. Your contact details are thus encrypted with your user key and this key is encrypted by both the health department and the operator:s at every check-in and thus stored in the luca system in a doubly encrypted form. Neither the operators nor we can view the encrypted data in its clear form and assign it to you as a person. Only the responsible health authority will be able to decode the data in the case of follow-up. Provided that you decide to scan the QR code of the operator:in, it is necessary to turn on the camera of your smartphone. Only the recording of the QR code is saved. The encrypted data is transferred to the luca system and stored on the servers of our service providers within the EU area.

The operator:in is responsible for this processing and we act here as the processor of the operator:in.

Capturing data at the end of your stay: After you have successfully checked in and want to end your stay, you can check out in the app in different ways. You can check out manually in your app or use the automatic check-out. Geo-Fencing is used for automatic check-out. With geo-fencing, the area specified by the operator:in is matched with your location. As soon as you leave it, the check-out is automatically performed and the time of leaving is collected. Using this feature requires turning on the GPS function in your smartphone settings. If you no longer wish to use geo-fencing, you can deactivate the automatic check-out in your luca app at any time or switch off the GPS function in your smartphone settings. If you forget to check out, the operator:in has the possibility to check you out.

Capturing data at private events: You can also create your own private events and check in to those, such as when you host a birthday party at home. When checking in at such private events, the private host:receives in your first and last name. While you will see this location in your history, such private events will not be shared with the Health Department.

Optional sharing of history with the appropriate health department in case of infection:

If a health office contacts you and asks you to report your recent stays, you can do this conveniently via your luca app. To do this, select the “Share history” function and choose the number of days you want to submit (maximum 14 days). You then generate a so-called TAN (i.e. a transaction number that is used for authorization and is only valid for one-time use). In this process, your stay data of the selected days and your personal key will be transferred to the health department. All this data is encrypted for transmission using the health department key. As soon as you provide the health authority with your TAN, this data packet can be assigned by the health authority and then decrypted.

This is done expressly with your consent and active involvement by communicating the TAN. Once you have communicated your TAN, revocation of this consent comes to nothing, because the health department is the controller of further processing after retrieval of the data and acts on a legal basis.

Transmission of contact tracing data by the operator:s to the responsible public health department:The public health department can assign and contact the affected operator:s on the basis of your history in order to find out which other persons were also present in the location (i.e. in the spatial area of the operator:s) at the time in question. The operator:in can then submit the requested data to the health department via their luca profile. Since the data is dual-encrypted (using the operator:in and the health department key), parts of the data will override the operator:in encryption. The health department receives the data still encrypted with the health department key and can decrypt it. This allows only one health department to view the clearing data. The operator:in is responsible for this processing and we act here as the processor of the operator:in.

3. special categories of personal data according to Art. 9 DSGVO

When transferring your visit history (as shown in the process description) to a health department, there is an increased likelihood that you are infected or are being tracked due to possible contact with an infected person. Since this may allow conclusions to be drawn about your health, it is a health date within the meaning of Art. 9 DSGVO. Due to the encryption, this health data can only be assigned to you as a person by the health office to which you have provided the TAN. On the basis of your express consent pursuant to Art. 9 (2) a) in conjunction with Art. 6 (1) 1 a) DSGVO, luca transmits your encrypted object. This can only be decoded by a health department.

Other sensitive data (e.g. political opinions, religious affiliation, genetic or biometric information) are generally not processed by us. We ask that you do not disclose any such data to us through or in connection with our services.

4. purposes and legal bases of the processing operations

We will only process your personal data for a specific purpose in accordance with the listed legal bases.

In the following, processing operations as well as their purposes and legal bases are presented, which serve to support contact tracing.

The processing is carried out on the basis applicable to the operators. For operators who voluntarily use luca, this is your consent (Art. 6 (1) 1 a) DSGVO).

Digit.	Processing and purpose	Legal basis	Responsible
(1)	When you check in with an operator:in, the operator:in uses luca to collect your stay data and, if applicable, additional input data . The latter are optionally collected after check-in and shared with a health authority in the event of a request, provided that the operator:in decides to do so. This data is collected and processed for the purpose of digital contact registration.	The processing is carried out on the basis applicable to the operators. For operators who voluntarily use luca, this is your consent (Art. 6 (1) 1 a) DSGVO).	Operator:inside We process the data on the basis of the order processing agreement between the relevant operator:in and us.
(2)	If you wish to scan the QR code of the operator:in yourself (holding the smartphone camera over the QR code) to perform the check-in, this is done using your camera. Only the QR code is read in the process. Data located in the environment is not recorded. This serves the purpose of checking in with an operator:in.	Art. 6 (1) 1 a) DSGVO: Consent by switching on the camera function, if necessary after prompting in the app. You can revoke consent at any time for the future by turning off your camera function.	Operator:inside We process the data on the basis of the order processing contract between the relevant operator and us.
(3)	At the same time, when you check in, your Functional Data will be transmitted to Operator:inside to create the link between you and your stay.	Art. 6 (1) 1 b) DSGVO: Based on the terms of use applicable between you and us for the luca App	culture4life GmbH (we)
	You can voluntarily choose to have your 2G/ 3G status checked against the site’s admissions policy when you check in. Your app will indicate if you meet the admission requirements.	Art. 9 (2) a) in conjunction with Art. 6 (1) 1 a) DSGVO: Consent by activating the 2G / 3G function	Operator:inside We process the data on the basis of the order processing contract between the relevant operator and us.
(6)	You can perform the check-out manually in your app. In addition, the operator:in can check you out. This is for the purpose of determining the period of your stay.	Operator:inside We process the data on the basis of the order processing contract between the relevant operator and us.
	For many locations, you can use geo-fencing as an alternative to manual check-out. For this purpose, you use the location services of your smartphone. Only the information at which time you leave the radius of the location of the operator:in is stored. This is for the purpose of determining the period of your stay	Art. 6 (1) 1 a) DSGVO: Consent by switching on the location services, if necessary after prompting in the app. You can revoke consent at any time for the future by turning off the automatic check-out feature or your location services feature.	Operator:inside We process the data on the basis of the order processing contract between the relevant operator and us.
(8)	Your stay data is available for viewing in clear form within the history in the app. The purpose behind this is to enable you to check the accuracy of your whereabouts at any time and to provide you with information about the whereabouts data that is still stored.	Art. 6 (1) 1 b) DSGVO: Based on the terms of use applicable between you and us for the luca App	culture4life GmbH (we)
(9)	To the extent that a health department contacts you with a request to share your visit history, you can voluntarily do so through the luca app. Then your contact information, functional data, and residency data for the selected time period will be transmitted to the respective health department for the purpose of digital contact tracking.	Art. 9 (2) a) in conjunction with Art. 6 (1) 1 a) DSGVO: Express consent because you want us to transmit a health record to a health department at your request	culture4life GmbH (we)
(10)	An operator:in visited by you may be requested to provide visitor data for a specified period of time by a health department. In the process, your Contact Data, Functional Data, Residence Data and, if applicable, Additional Input Data(to the extent Operator:in chooses to collect and transmit them) will be transmitted to the Health Department for the purpose of digital contact tracking. The transmission takes place provided that the operator and the health department complete the decryption of the data.	The processing is carried out on the basis applicable to the operators. For operators who voluntarily use luca, this is your consent (Art. 6 (1) 1 a) DSGVO).	Operator:inside We process the data on the basis of the order processing contract between the relevant operator and us.

5. recipients:inside of personal data

In order to achieve the purposes described earlier in this Privacy Policy, we disclose your personal data to the following recipients, with the understanding that they may not use the data in any way other than to provide services to us (as so-called processors within the meaning of Art. 28 DSGVO):

Services provided by suppliers	Provider:inside	Processed data
Software maintenance and software operation services	neXenio GmbH, Charlottenstr. 59, 10117 Berlin	Contact data, Functional data, Residence data, Additional input data (The processing is limited to a possible inspection of the listed data in the context of the implementation of the software maintenance and operation services).
IT infrastructure services (server)	Telekom Deutschland GmbH, Landgrabenweg 151, 53227 Bonn, Germany	Contact data, Functional data, Residence data, Additional input data Server location: Germany, Hungary (Open Telekom Cloud)
SMS dispatch services	Message Mobile GmbH, Stresemannstraße 6, 21335 Lüneburg, Germany	Phone number
SMS dispatch services	Sinch Germany GmbH, Wilhelm-Wagenfeld-Str. 20, 80807 Munich	Phone number

Order processing contracts in accordance with Art. 28 DSGVO have been concluded with these recipients so that they can only process your data for a specific purpose and on our instructions. We share your personal data with the following recipients:

• Operators with whom we cooperate and whose locations you have visited using the luca app,
• Health departments to whom you share your visit history from the luca app, or if you qualify as a potential contact person to an infected person, to enable contact tracing under state regulations issued in connection with COVID infection control, among other things.

6. duration of the storage of personal data

Your personal data will be automatically deleted after expiry of the periods described below:

• Contact details and functional data:
  • Within the luca app you will find a so-called delete button. With this you can independently carry out the complete deletion of your contact data and functional data.
  • Data collected for contact tracking will remain in the luca system for up to 28 days after your last stay with an operator:in. Your information may be transmitted to a health department during this time, so you may be contacted by a health department if necessary. This is necessary in order to comply with any legal requirement for contact tracing by providing the residence data and thus also the contact data of the last 28 days by operators.
  • When uninstalling the luca app, all data stored locally in the app will be deleted immediately. Likewise, your user key stored in the app will be deleted. Without this key, your contact data can no longer be used, assigned and decrypted.

• Residence Data and Additional Input Data: Your stay data and input data generated by or in connection with checking in with an operator:in will be deleted after 28 days.
• Phone number processed in addition to verification: Your phone number is processed by our subcontractors Message Mobile GmbH and Deutsche Telekom AG for verification purposes only. This is stored for up to 45 days in their production databases, or up to 60 days in their archive databases. Any storage beyond this does not take place.

The luca App offers you the possibility to store your test, recovery and vaccination certificate in your app. The certificates are only stored locally on your own smartphone and are not linked to the account function.

1. Data categories

If you use the function to deposit your test result, vaccination or recovery certificate, we also collect the following data based on your consent: 

• Test result / recovery /vaccination document: first and last name as well as date of birth, infection status, the identification number of your document and additionally: 

• For the test result: type of test (PCR or antigen test), details of the test manufacturer, the test centre as well as the issuing centre of the certificate, test and issue date. 
• For the recovery certificate: date of positive test, details of the issuing body, period of validity. 
• For the vaccination certificate: date of vaccination, number of vaccinations, details of the vaccine (disease, manufacturer, product), details of the issuing body.

2. Process description

The luca App provides you with a way to store a test result or a vaccination or recovery card (hereinafter “document”) in the luca App and show it to authorised parties when needed. This is no longer based on the purpose of supporting contact tracing and only serves you as a kind of wallet (uniform storage location). You can get access to the document required for access, if applicable, directly in the luca App during your check-in. The respective document is neither transmitted to the operator nor to the health department. The document remains exclusively in your luca App and is not stored by us on the server. We therefore have no access to your data stored in this context. To enter a document, you can do so via the QR code, or the link provided by the issuing office on your test result or digital health/vaccination card. If you choose to use this feature, you may need to turn on your smartphone camera to scan the QR code. The negative test result or the recovery or vaccination status will be validated and stored locally on your device in the luca App. The validation is done by matching the first and last name with the data stored in the app locally on your device. The validity, the electronic signature contained in the QR code, and the authenticity of the document are also checked. To prevent misuse, so that the document cannot be stored in the luca App more than once by different people, a pseudonymised identifier is created by your luca App and transmitted to the luca system. Only this identifier is stored in the luca system. We cannot assign this to you. Each document can only be stored once at a time. This means that it is not possible to use the same document on several devices. 

3. Special categories of personal data according to Art. 9 GDPR

If you decide to store your COVID test result or the digital health or vaccination card in the luca app, this will also only be done based on your express consent in accordance with Art. 9 (2) a) in conjunction with Art. 6 (1) 1 a) GDPR. 

4. Purposes and legal foundations of the processing operations

This section describes the processing operations and their additional purposes and legal foundations, which serve the purpose of the simple and local deposit and storage of a test result, a vaccination or health certificate (hereinafter referred to as “document”). You can show this document to authorised bodies if necessary. 

Sec.	Processing and purpose	Legal Basis	Controller
(1)	If you would like to deposit your document in the luca App on your smartphone, the data of the documents will be transmitted locally to your smartphone.  This serves the purpose of depositing the document so that it can be shown on request.	Art. 9 (2) a) in conjunction with Art. 6 (1) 1 a) GDPR: Consent by inserting the document.	culture4life GmbH (us)
(2)	If you want to store your document in the luca App by scanning the QR code (holding your smartphone camera over the QR code), you need to switch on your camera. Only the QR code will be read. Data surrounding the QR code will not be captured.  This serves the purpose of depositing the document so that it can be presented if desired.	Art. 9 (2) a) in conjunction with Art. 6 (1) 1 a) GDPR:  Consent by switching on the camera function, if necessary, after request in the app.  You can revoke your consent for the future at any time by switching off your camera function. (See also part D. 7.)	culture4life GmbH (us)
(3)	After inserting the document into your luca App, your app compares the first and last name of the document with your entries in the luca App. This is only done locally on your device and serves to assign it to your person.	Art. 9 (2) a) in conjunction with Art. 6 (1) 1 a) GDPR: Consent by inserting the document.	culture4life GmbH (us)
(4)	The validity, the electronic signatures contained in the QR code, and the authenticity of the document are also checked.	Art. 9 (2) a) in conjunction with Art. 6 (1) 1 a) GDPR: Consent by inserting the document.	culture4life GmbH (us)
(5)	To prevent misuse, so that the document cannot be deposited more than once by different people in the luca App, a pseudonymised identifier is created by your luca App, transferred to the luca system and stored there.	Art. 9 (2) a) in conjunction with Art. 6 (1) 1 a) GDPR: Consent by inserting the document.	culture4life GmbH (us)

5. Recipients of personal data

Services supplied by provider	Provider	Data processed
Software maintenance and software operation services	neXenio GmbH, Charlottenstr. 59, 10117 Berlin	Identification of test result, recovery or vaccination documents.  (The processing is limited to possible consultation of the listed data in the context of the performance of the software maintenance and operation services).
IT infrastructure services (server)	Telekom Deutschland GmbH, Landgrabenweg 151, 53227 Bonn	Identification of test result, recovery or vaccination documents.  Server location: Germany, Hungary (Open Telekom Cloud)

 

Data processing agreements have been concluded with these recipients in accordance with Art. 28 GDPR, so that they can only process your data for a specific purpose and on our instructions. 

6. Duration of the storage of personal data

An antigen/ PCR test stored locally in the luca App is automatically deleted after 48 (antigen test)/72 (PCR test) hours. All locally stored documents are automatically deleted as soon as the validity of the document is exceeded. You can also manually delete your COVID test result, recovery or vaccination status at any time within your app. 

The pseudonymised identifier of the document is automatically deleted from the luca system after 72 hours. The identification of the respective document serves exclusively to prevent misuse, so that the respective document cannot be stored in the luca App more than once, possibly by different persons. 

The luca App offers you to use an ID document to store proof of identity in your luca App. For example, when visiting a luca location, you can authenticate yourself via luca to prove the identity of your vaccination, recovery or test certificate. This proof of identity is only stored locally on your own smartphone and is not linked to the account function. 

 

his proof of identity



is only stored locally on your own smartphone



and is not linked to the account function



.

1. Data categories

If you have expressly consented in accordance with Art. 6 (1) 1 a) GDPR and have deposited proof of identity in your luca App, the following data will be processed and, if applicable, shared with the operator when you visit an event or restaurant:  

• First and last name  
• Data containing your identification document and processed by our processor: Photographs and images of you and the identification documents used, as well as any personal data given on the identification document (document number, first name, last name, address, date of birth, place of birth, nationality, expiry date).  
• Signed data: ID number, your identity document and its data (access only via unlocking your phone by Face ID, fingerprint or password), and additionally your first name, last name and date of birth.  

• Functional data: Data association IDs, keys and QR codes. 

2. Process description

The luca app offers you to use an ID document to store a digital proof of identity in the luca App. This function is only enabled for devices with an activated security function and secure login using Face ID, fingerprint sensor or password, for example.  

If you decide to use this function, you will be shown a code or link that you can enter or click directly in the IDnow app. You will then be asked to install the IDnow app and then use the code to start the identification process. For the identity verification, IDnow now needs a photo of the front and back of your ID document as well as a photo of you.   

After successful identification, IDnow sends your signed data object back to the luca system in encrypted form. The luca system hands this over to your own app. The data of your ID document is not stored in the luca system after the successful transfer. Your signed data object is encrypted so that only your own app can decrypt the data. The luca system cannot decrypt your data.   

When the signed data object is transmitted, a lock code is also displayed to you. In case of misuse or loss of your phone, you can send it to us. We will then block your proof of identity for the luca system.   

As soon as your proof of identity has been decrypted on your end device and stored in your app, you can, based on your consent, confirm the identity of your vaccination, recovery or test certificate, which is also stored in the app, when you visit a location (restaurant, event). Your luca ID is displayed in the luca App and a QR code can be displayed for proof. This QR code can be scanned from a luca location. In doing so, the first and last name signed by IDnow as well as your birthday will be transmitted to the operator by means of the luca system. Your data will not be stored.   

You can revoke your consent at any time by deleting your proof of identity stored locally in the app.

3. Special categories of personal data according to Art. 9 GDPR

If you decide to store your proof of identity in the luca App, this will also only be done based on your expressed consent in accordance with Art. 9 (2) a) in conjunction with Art. 6 (1) 1 a) GDPR. 

The data contained in your identity document also includes biometric data, which belong to special categories of personal data according to Art. 9 GDPR. 

 

4. Purposes and legal foundations of the processing operations 

The following section describes the processing operations and their purposes and legal foundations, which serve the purpose of depositing proof of identity and presenting your identity to an operator, in connection with the sharing of the named data. 

Sec.	Processing and purpose	Legal Basis	Controller
(1)	If you want to deposit your proof of identity, your luca App will initially exchange your first and last name with our subcontractor (IDnow). Your first and last name will be matched by IDnow with the data of your identification document (after transmission).	Art. 6 (1) 1 a) GDPR (Consent)	culture4life GmbH (us)
(2)	You then use the IDnow app to upload images of yourself and your ID document. IDnow will now verify your identity document:   The data is electronically read from the images of your ID document that you have created, and your portrait image is matched with the images of your ID document (facial matching).   After successful identification, IDnow transmits your encrypted data object (signed data) via the luca system to your luca App.	Art. 9 (2) a) in conjunction with Art. 6 (1) 1 a) DSGVO (Explicit Consent)	culture4life GmbH (us)
(3)	As part of an identification process in the IDnow app, IDnow requires access to the microphone and the camera. This also includes access to the camera light, which is activated to make the holograms on the ID documents more visible.    The verification and recordings of these security features are mandatory and required for successful identification due to regulatory requirements.	Art. 9 (2) a) in conjunction with Art. 6 (1) 1 a) GDPR:    Before the actual identification process, each user is informed that the app needs access to the microphone and the camera. Both must be explicitly enabled.	culture4life GmbH (us)
(4)	When visiting an event or a restaurant, you can show your QR code and have it scanned by the operator. The operator will see your first name, last name and date of birth of your signed data. The operator can now, for example, compare your identity with that of your vaccination, recovery or test certificate. The data is not stored.	Art. 6 (1) 1 a) GDPR (Consent)	culture4life GmbH (us)

5. Recipients of personal data

Services supplied by provider	Provider	Data processed
Identity verifications	IDnow GmbH, Auenstr. 100, 80469 München	First and last names,    data from your identity document, signed data.     Here the applicable privacy policy of IDnow can be found. For the storage period of your data transmitted to IDnow, please refer to F.6.   Server location: Germany
Software maintenance and software operation services	neXenio GmbH, Charlottenstr. 59, 10117 Berlin	First and last name, data of your identification document, signed data
IT infrastructure services (server)	Telekom Deutschland GmbH, Landgrabenweg 151, 53227 Bonn	First and last name, data of your identification document, signed data  Server location: Germany, Hungary (Open Telekom Cloud)

 

Data processing agreements have been concluded with these recipients in accordance with Art. 28 GDPR, so that they can only process your data for a specific purpose and on our instructions. 

6. Duration of the storage of personal data

Proof of identity stored locally in the luca App can be deleted manually in your app at any time. If you delete your app using the delete button provided in the app and/or uninstall the app on your device, your stored proof of identity will be automatically removed from your device.   

After successful verification, your signed data will be encrypted and transferred to your app via the luca system. Your data that you have transmitted to our contractor IDnow for the purpose of identification will be deleted automatically after your identification, at the latest after 7 days. The luca system as well as our contractor IDnow only store your signed data until the data object has been successfully transferred to your app. To prevent misuse, the identifier of your encrypted data object is stored in the luca system. This identifier is the only one stored in the luca system. We can only assign this to you by informing you of your lock code.  

An unsuccessful identification attempt is automatically removed from all systems after a maximum of 48 hours. 

The luca App offers you to pay digitally in various locations in cooperation with the payment service provider Rapyd, to give tips, to save your means of payment for repeated payment transactions in luca and to display an overview of your past payments. 

1. Categories of data

If you wish to make a payment and/or save your means of payment via the luca system, the following data will be processed and, if necessary, shared with the operator and with the payment service provider used during the payment process: 

• User Identification: User ID 
• Optional user data: Email address 
• Payment method information: Bank and billing account information, credit card information, name of cardholder(s). 

• Information about the transaction with the operator: transaction ID, time, date of the transaction, invoice amount, name or designation of the operator(s) 
• Technical connection data when using the operator’s WLAN: location, local WLAN SSID 

2. Process description

If you want to use the payment function of your luca App, you can activate it in your app. The luca system generates your user ID. It may be stored in the account function when you use it.  

As soon as you decide to make a payment using luca, the operator provides a QR code, which is placed on a table, for example, and contains the open invoice amount. After scanning the QR code, the luca App will show you the information stored by the operator about the open invoice. You can then still decide to give a tip of the desired amount.  By confirming the invoice amount and the tip, you will be automatically redirected to the payment service provider Rapyd. There you will again see the payment amount and the recipient (i.e. the operator). During this process, your user ID is also transmitted by the luca App to the operator and assigned to the payment process. You have several payment methods to choose from, including MasterCard, Visa Card, ApplePay and GooglePay. After selection, you can enter your payment method information. With a final confirmation, your payment will be executed via the Rapyd payment service. 

If payment is not possible due to poor internet coverage, it is possible to activate the local WLAN of the operator for payment. In doing so, the current location and the local WLAN SSID are read out from the mobile phone and the surrounding area and only used to establish the connection. A permanent storage will not be carried out. If the local WLAN is not activated, an attempt is made to make the payment via the existing connection. 

luca offers you the option of permanently storing your payment method information so that you do not have to enter it again (in the Rapyd system) each time you make a new payment using luca. 

Your payment method information is collected by luca, linked to your user ID and transmitted to an operator for the execution of the payment when payment is requested (scanning of the QR code and acceptance of the amount). This means that when you pay again using luca, the data you have already provided is used and assigned to the payment process. This means that you do not have to be redirected to the Rapyd website again. 

When saving your payment method information, luca provides you with a list (“payment history”) of your completed payments for viewing. Here you can view information about your transactions with the operators. 

3. Purposes and legal bases of the processing operations

The following section describes the processing operations and their purposes and legal foundations, which serve the purpose of payment processing. 

Sec.	Processing and purpose	Legal Basis	Controller
(1)	If you wish to use the digital payment function, a user ID will be created for you. Using this, your payments can be linked and displayed to you as a payment history.	Art. 6 (1) 1 b) GDPR:   Based on the terms of use for the luca App that apply between you and us.	culture4life GmbH (us)
(2)	If you wish to scan the QR code of the operator (holding your smartphone camera over the QR code) in order to make the payment, this is done using your camera. Only the QR code is scanned. Data surrounding the QR code will not be captured.	Art. 6 (1) 1 a) GDPR:   Consent by switching on the camera function, if necessary, after request in the app.  You can revoke your consent for the future at any time by switching off your camera function.	Operator     (The processing is conducted under the sole responsibility of the operators)
(3)	When scanning the QR code, your user ID is transmitted to the operator.	Art. 6 (1) 1 b) GDPR:  (In order to fulfil the contracts in place between you and the operator).	Operator     (The processing is conducted under the sole responsibility of the operators)
(4)	If you want to make a payment via the operator and have started the payment process in your app, you can enter your preferred payment method information.	Art. 6 (1) 1 b) GDPR:  (In order to fulfil the contracts in place between you and the operator).	Operator     (The processing is conducted under the sole responsibility of the operators)
(5)	If payment is not possible due to poor internet coverage, it is possible to activate the local WLAN for payment.	Art. 6 (1) 1 a) GDPR:  (Consent)	Operator     (The processing is conducted under the sole responsibility of the operators)
(6)	luca offers you the possibility to save your payment method information so that you do not have to enter your data again when making payments. Your payment method information is collected and linked to your user ID.	Art. 6 (1) 1 a) GDPR:  (Consent)	culture4life GmbH (us)
(7)	In order to subsequently execute a payment again and confirm your payment to you, the operator now receives your payment method information via your user ID.	Art. 6 (1) 1 b) GDPR:  (In order to fulfil the contracts in place between you and the operator).	Operator     (The processing is conducted under the sole responsibility of the operators)
(8)	Finally, you will be asked to confirm the payment. Once this has been done, the payment is made via the Rapyd payment service. The operator can now accept your payment and your invoice is settled. During this payment process, the information about the transaction is stored by the operator.	Art. 6 (1) 1 b) GDPR:  (In order to fulfil the contracts in place between you and the operator).	Operator     (The processing is conducted under the sole responsibility of the operators)
(9)	As an option, you can send the payment receipt (information about the transaction with the operator) to your email address (optional user data) after the payment has been executed.	Art. 6 (1) 1 a) GDPR:  (Consent)	Operator     (The processing is conducted under the sole responsibility of the operators)
(10)	Your transaction is available for you to view within your own history in the app. The purpose behind this is to allow you to check the accuracy of your payment at any time.	Art. 6 (1) 1 b) GDPR:  (In order to fulfil the contracts in place between you and the operator).	Operator     (The processing is conducted under the sole responsibility of the operators)

4. Recipients of personal data 

Services supplied by provider	Provider	Data processed
Execution of payments and related services	Rapyd Europe hf., Suðurlandsbraut 30, 108 Reykjavík, Island	User ID, payment method information, information about the transaction with the operator.  Here you can access the applicable Privacy Policy of Rapyd.
Software maintenance and software operation services	neXenio GmbH, Charlottenstr. 59, 10117 Berlin	User ID, information about the transaction with the operator
IT infrastructure services (server)	Telekom Deutschland GmbH, Landgrabenweg 151, 53227 Bonn	User ID, information about the transaction with the operator  Server location: Germany, Hungary (Open Telekom Cloud)
Sending of the payment receipt	Sendinblue GmbH Köpenicker Str. 126, 10179 Berlin	Optional user data, information on the transaction with the operator

 

Data processing agreements have been concluded with these recipients in accordance with Art. 28 GDPR, so that they can only process your data for a specific purpose and on our instructions. 

 

• 5. Duration of the storage of personal data

  Your personal data will be automatically deleted after the periods described below have expired: 

  • Your user ID as well as your optional user data will be deleted by pressing the delete button within your app or by revocation. In the event of inactivity (for example, by previously uninstalling the app without explicitly deleting it using the delete button), this data may remain in the luca system for up to a maximum of 1 year. 
  • Payment method information and information about the transaction with the operator are stored by the payment service provider Rapyd for up to 10 years in accordance with banking supervisory regulations. Likewise, luca must also store the payment data for settlements with the operator for 10 years. 
  • Your payment history stored in the luca App (created by the information collected about the transaction with the operator) will be kept for you to view after deletion (using the delete button) for one additional year for further traceability and will then be automatically deleted. 

In irregular intervals we organise raffles in which you can participate on a voluntary basis. 

1. Data categories

The following data is required for your participation: Email address. 

2. Purposes and legal foundations of the processing operations

Participation in the competition is voluntary, so that the processing of your data in connection with competitions only takes place after you have given your consent and is thus based on Art. 6 (1) 1) a) DSGVO. Participation for under 16-year-olds is only possible with the consent of a parent or guardian. You can revoke your consent for the future at any time. 

3. Recipients and personal data

For the purpose of sending the prize, we will pass on your personal data to shipping service providers. However, these are not subcontractors within the meaning of the GDPR. In addition, the following providers will receive your personal data: 

Services supplied by provider	Provider	Data processed
Software maintenance and operation services	neXenio GmbH, Charlottenstr. 59, 10117 Berlin	User ID, information about the transaction with the operator, email address
IT infrastructure services (server)	Telekom Deutschland GmbH, Landgrabenweg 151, 53227 Bonn	User ID, information about the transaction with the operator, email address.     Server location: Germany, Hungary (Open Telekom Cloud)
Processing of the raffles	Sendinblue GmbH, Köpenicker Str. 126, 10179 Berlin	Email address

 

Data processing agreements have been concluded with these recipients in accordance with Art. 28 GDPR, so that they can only process your data for a specific purpose and on our instructions. 

 

4. Duration of the storage of personal data

The data required for participation will be stored by us for the purpose of conducting the respective competition and deleted two weeks after the end of the competition. 

With the location search, you can find operators in the desired search area in Germany or near your location with which you can use luca. 

1. Data categories

With luca Discovery, you have the option of searching for operators located in your area. In doing so, we process your location data. The use of this function requires the activation of the location services in your smartphone settings. 

2. Purposes and legal basis of the processing operations

The use of luca Discovery is voluntary, so that the processing of your location data only takes place after you have given your consent and is thus based on Art. 6 (1) 1) a) GDPR. You can revoke your consent for the future at any time within your smartphone settings. 

3. Recipients of personal data 

For the purpose of identifying your location, we share your personal data with the following providers: 

Services supplied by provider	Provider	Data processed
Software maintenance and operation services	neXenio GmbH, Charlottenstr. 59, 10117 Berlin	Location data
IT infrastructure services (server)	Telekom Deutschland GmbH, Landgrabenweg 151, 53227 Bonn	Location data  Server location: Germany, Hungary (Open Telekom Cloud)

 

Data processing agreements have been concluded with these recipients in accordance with Art. 28 GDPR, so that they can only process your data for a specific purpose and on our instructions. 

4. Duration of the storage of personal data

Your last location search is displayed in your app. This is only stored locally on your smartphone. It is not stored any further in our systems. 

If a restaurant uses the reservation function, you can make a table reservation directly via your own luca App. 

To do this, select the location within luca Discovery and enter a date and time slot. You then select the number of people. During this process, personal data is collected. You will then receive a reservation confirmation. 

1. Data categories 

In the course of the reservation, the operator processes your contact data. This includes your first and last name as well as your telephone number and email address. 

2. Purposes and legal basis of the processing operations

The reservation function is used to ensure pre-contractual measures within the meaning of Art. 6 (1) 1 b) GDPR between you and the operator. 

3. Recipients of personal data

The operator is responsible for the collection of your data when you make a reservation. We provide the technical service to the operator and are therefore contractors of the operator in accordance with Art. 28 GDPR. 

In addition, the following provider receive your personal data: 

Services supplied by provider	Provider	Data processed
Software maintenance and operation services	neXenio GmbH, Charlottenstr. 59, 10117 Berlin	Contact data
IT infrastructure services (server)	Telekom Deutschland GmbH, Landgrabenweg 151, 53227 Bonn	Contact data  Server location: Germany, Hungary (Open Telekom Cloud)
Dispatch of the reservation confirmation	Sendinblue GmbH Köpenicker Str. 126, 10179 Berlin	Contact data, reservation requests

Data processing agreements have been concluded with these recipients in accordance with Art. 28 GDPR, so that they can only process your data for a specific purpose and on our instructions. 

4. Duration of the storage of personal data

The data required for the reservation will be stored by the operator and automatically deleted 12 weeks after the expiry of the reservation. 

The luca App offers you the possibility to register as a regular guest at your favourite location or to enable the release of your personal data by yourself as a regular guest to the location. One example is the transmission of your name or how you would like to be addressed. Your name will then be displayed in a customer overview (CRM system) for your location. Without registering or sharing your data, your location will see a pseudonymised name that is difficult or impossible for the location to assign to you. The functionality is constantly being developed and new possible data will be added that you can share with your location. This gives your location the opportunity to better respond to your wishes or needs in order to improve the experience for you. 

1. Data categories

If you register as a regular guest or share your data with the location, the following data will be processed:    

• User ID   
• Name: pseudonymised name or real name, reference name  

• Reservation data: First and last name, number of persons, telephone number and email address 
• Information about the transaction with the operator: transaction ID, time, date of the transaction, invoice amount, name/ designation of the operators 
• Preferences/needs: The location has the option for you (regular guest) to store your preferences or needs in the system. 

2. Process description

If you want to activate the regular guest function, use the “Become a regular guest” button after payment. Alternatively, you can select your operator in the “My locations” area and activate the sharing of your data to become a regular guest. The regular guest function is only available for the selected location.  

When you activate the regular guest function, your name and the preferred contact name are transferred to the customer system of the location. The staff of the location can now address you with your preferred name or possibly know that you are back.  

If necessary, the location can record your preferences or needs for future visits. Your stored data can be retrieved via your account in the data information area. 

3. Purposes and legal basis of the processing operations 

The following section describes the processing operations and their purposes and legal basis, which serves the regular guest functions. 

Sec.	Processing and purpose	Legal basis	Controller
(1)	Customer overview of the location in a CRM system	Art. 6 (1) 1 b) GDPR: To fulfil the contracts applicable between you and the operator.	Operator      (Processing is the sole responsibility of the operator)
(2)	Become a regular guest to provide the real name or preferred name for the chosen location.	Art. 6 (1) 1 a) GDPR: Consent	Operator      (Processing is the sole responsibility of the operator)
(3)	If required, the location has the option to record your preferences or needs for future visits.	Art. 6 (1) 1 a) GDPR: Consent	Operator      (Processing is the sole responsibility of the operator)

4. Recipients of personal data

Services supplied by provider	Provider	Data processed
Software maintenance and operation services	neXenio GmbH, Charlottenstr. 59, 10117 Berlin	User ID, name, reservation data, payment data, preferences/needs
IT infrastructure services (server)	Telekom Deutschland GmbH, Landgrabenweg 151, 53227 Bonn	User ID, name, reservation data, payment data, preferences/needs      Server location: Germany, Hungary (Open Telekom Cloud)

5. Duration of the storage of personal data

Your personal data will be automatically deleted after the periods described below have expired:  

• Your user ID and names are deleted by operating the delete button within your app or by revocation.   

• Reservation data: Reservation data is automatically deleted after 12 weeks.  
• Information about the transaction with the operator: These are considered invoicing documents and must be kept by law for 10 years for the location.  
• Preferences/needs: Preferences/needs are kept until you withdraw your consent. The revocation can be, for example, the termination of the regular guest relationship or direct revocation to the location. 

 

With regard to the processing of your personal data, you have the following rights provided for in the GDPR, which you may exercise against us for all processing operations for which we are responsible:

• The right to request a statement as to whether your personal data are being processed and, if this is the case, the right to information about these data. Within the app, you can download the data stored with us by operating the information button. The following comments are made on the specifics of the individual data:
  • We store your contact tracking data exclusively in encrypted form and do not ourselves possess the keys necessary for decryption. Therefore, we cannot track whether personal data of a specific person is processed in the luca system. Unlike ourselves, you can view all data collected via the luca app and stored in encrypted form in your own history and contact data.
  • Your test and certificate documents are only stored locally on your end device. We only have the identifier that is transmitted to us for abuse prevention purposes. We cannot assign this identifier to you.
  • Provided you have an ID document on file that has been verified, you can view your IDnow ID code as well as the blocking code within your app (as well as via the information button). Using these codes, we can determine for you whether your personal data is held by our contractor Idnow.
  • For your information about your luca Pay data, you can use the information button to determine your user ID. If you let us know, we as culture4life can research your data at Rapyd Europe and provide you with information about it.

• The right to request the rectification of your personal data if it is inaccurate or incomplete (Art. 16 GDPR). You can only correct your contact data yourself (except for the history) in the luca app. We already fulfill this right through the functionalities provided. To exercise, you just need to go to the appropriate areas within the luca app and make the correction or change. Correction of the contact tracking data by us is not feasible due to the encryption of the data.

• The right, under certain conditions, to request that your personal data be deleted without undue delay (so-called “right to be forgotten”) (Art. 17 GDPR). We comply with this right by providing a delete button. Through it, you can carry out the deletion of your data, and the deletion will be carried out within the deadlines described in sections C. 5, E. 6, F. 8, G. 9, H. 5. The following comments are made on the specifics of the individual data:
  • We cannot run your contact tracking data for you even because of the encryption.
  • Your test and certificate documents as well as your ID document are only stored locally on your app and can additionally be removed manually from the app at any time. When uninstalling the app, they will be removed with the uninstall process.

• The right to request the restriction of the processing of your personal data under certain conditions (Art. 18 GDPR). Limiting:
  • We cannot fulfill this right for contact tracking data due to encryption, as we do not have even the keys necessary for decryption.
  • A restriction of processing with regard to uploaded documents can be made on our part, as these are only stored locally on your device in the luca app. You can remove them accordingly and avoid the unwanted processing.
  • For your proof of identity, you will find a blocking code in your app and via the information button, through which we can block the use of the document via the luca app after it has been communicated by you.

• The right to revoke at any time any consent given to us with regard to the processing of your personal data. This is done for the future by changing your settings, as well as by deleting the stored certificates, the identification document and your payment data. Such revocation shall not affect the lawfulness of the processing that took place until your revocation. The following should be noted in addition for individual data:
  • Please note that in case of revocation, the encrypted contact tracking data cannot be assigned to you due to the encryption and therefore cannot be excluded from processing until it is automatically deleted.

To exercise these rights against us, you may also contact our Data Protection Officer using the contact details set out in Part B of this Privacy Policy.

Notwithstanding the foregoing rights, you have the right to lodge a complaint with a supervisory authority for data protection and freedom of information, for example, with the State Commissioner for Data Protection and Freedom of Information of Baden-Württemberg, which is responsible for us:

State Commissioner for Data Protection and Freedom of Information Baden-Württemberg, Lautenschlagerstrasse 20, 70173 Stuttgart, P.O. Box 10 29 32, 70025 Stuttgart.

Tel.: 0711/615541-0
Fax: 0711/615541-15

poststelle@lfdi.bwl.de