PRIVACY POLICY

PRIVACY POLICY – SA Sakra

1. Controller
The controller within the meaning of the General Data Protection Regulation (GDPR) is the operator of this application.

Contact:
Greendott Ltd.
Great Ancoats Street 132–134
Unit 620
Manchester
England
M4 6DE

2. General Information on Data Processing
The protection of your data is important to us.

This application generally does not process directly personal data such as name, address, telephone number, or email address within the app itself, unless such data is voluntarily provided by third parties or external systems.

The technical use of the application is primarily based on a unique User_Token.

This User_Token represents a pseudonymized identifier and is used exclusively for technical assignment within the system.

Without additional external information, the operator of the app cannot directly identify a natural person based on the User_Token.

Processing is carried out in accordance with:
- Art. 6(1)(b) GDPR (performance of a contract / use of the app)
- Art. 6(1)(f) GDPR (legitimate interest in a secure and functional operation)

3. Processing via User_Token
The app processes data exclusively using the User_Token.

The User_Token is used in particular for:
- technical user assignment
- backend communication
- permission management
- storage of usage-related functions
- system security

The User_Token itself is not directly personal data but may be considered pseudonymous data if identification is possible through third parties.

4. No Direct Personal Data Processing within the App
No personal data is processed within the app as long as no external party links the User_Token to an identifiable individual.

Personal data processing only occurs when additional identifying information is linked to the User_Token outside of the app.

5. Processing by Employers / Third-Party Systems
If an employer or third party uses the User_Token to integrate the user into external systems, such processing is carried out under the responsibility of that third party.

6. Push Notifications
The app uses push notifications exclusively to provide functional, informational, or operational messages.

Push notifications are not used for unsolicited marketing purposes.

Notifications may be assigned based on predefined roles or external system configurations, not on user behavior within the app.

Users can disable notifications at any time in their device settings.

7. No Tracking / Profiling
The app does not perform behavioral tracking or automated profiling of users.

No analysis of user interaction, usage frequency, or personal preferences is conducted.

8. Google AdMob
The app may display advertisements via Google AdMob.

Technical data may be processed, including:
- device information
- advertising ID
- IP address
- usage data
- approximate location data
- ad interaction data

Personalized advertising is only displayed after user consent where required.

Legal basis: Art. 6(1)(a) GDPR.

9. Data Retention
Data is stored only as long as necessary for the intended purpose.

10. User Rights
Users have rights under GDPR including access, rectification, deletion, restriction, objection, data portability, and complaint.

11. Disclaimer
This app is an independent tool and is not affiliated with any official railway operator or authority.

12. Changes
This policy may be updated if legal or technical requirements change.