Privacy Policy for the Borochi App

Last updated: June 2025

  1. Introduction and Scope
    Protecting your personal data is of utmost importance to us. This privacy policy explains the type, scope, and purpose of the processing of personal data within the Borochi App. It applies to all data processing operations associated with the use of our mobile application, and it complies with applicable legal requirements, including those of the Apple App Store and Google Play Store.
  2. Controller and Data Protection Officer
    The controller within the meaning of the General Data Protection Regulation (GDPR) is Borochi Climate Solutions GmbH, Bertha-Benz-Str. 5 / Alt-Moabit 2, 10557 Berlin, Germany. You can contact us via email at info@borochi.de. No external data protection officer has been appointed at this time.
  3. Collection and Processing of Personal Data
    When you use our app, we process personal data required to provide the functionality and stability of the app. This includes technical information about your device such as the operating system, app version, device type, language settings, timestamps, and how you use the app. We also automatically log your IP address and usage interactions to ensure the security and performance of the system.
  4. Registration and User Account
    When creating a user account, we collect your email address and a securely encrypted password. You may optionally provide further details, such as your name or phone number. Registration is conducted via a double opt-in process. Processing is based on Article 6(1)(b) GDPR for the performance of a contract. If confirmation is not received within 24 hours, the data provided during registration will be automatically deleted.
  5. Permissions and Voluntary Data
    If you use specific app features, we may request additional data with your explicit consent. This includes access to location services, push notification tokens, or file uploads (e.g., PDFs or images). These data are only processed if you grant the necessary permissions, and you may revoke these permissions at any time via your device settings. The legal basis for this is Article 6(1)(a) GDPR.
  6. App Store and Google Play Compliance
    The app complies with Apple App Store and Google Play Store policies. This privacy policy is linked in both store listings and accessible within the app under “Settings” or “Legal.” Before accessing sensitive data such as the camera or location, we provide in-app notices. We fully disclose data collection practices in the Google Play “Data Safety” section, including which data are collected, for what purpose, whether they are encrypted or optional, and whether any sharing with third parties occurs.
  7. Use of Third-Party Services and Hosting
    Our app is fully hosted on AWS cloud infrastructure located in Europe (Frankfurt), including all databases and relevant storage systems. Amazon Web Services (AWS) meets extensive security and compliance standards, including full GDPR compliance. Data processing takes place exclusively within the European Union. AWS provides high levels of data protection through physical security measures, network isolation, encryption, and certified protocols (including ISO 27001 and SOC 1/2/3).
  8. External Contract Services and Partner Pages
    Certain buttons in our app (e.g., to sign a dynamic electricity tariff) may redirect you to external websites operated by our partners, such as RABOT Charge GmbH. These websites are outside the control of Borochi Climate Solutions GmbH. Any data processing that occurs there is the sole responsibility of the respective provider. Please refer to their respective privacy policies.
  9. Data Security
    All personal data are protected by appropriate technical and organizational measures to prevent loss, misuse, or unauthorized access. These include encryption technologies, access controls, and regular security audits. Data are retained only as long as necessary for the stated purposes or as legally required. Server logs are typically deleted after 30 days. User account data are deleted when the account is terminated, unless legal retention obligations apply.
  10. Your Rights
    You have the right to request access to the data we store about you. You also have the right to correct inaccurate data, delete your personal data, restrict processing, request data portability, and object to the processing of your data. Additionally, you may revoke your consent at any time with future effect. If you believe your rights have been violated, you may lodge a complaint with a supervisory authority.
  11. Changes to This Privacy Policy
    We reserve the right to amend this privacy policy at any time, especially as we further develop our app or if legal or regulatory requirements change. The current version of the policy is always available within the app and in the respective app stores. We will inform you via the app if significant changes requiring your renewed consent are made.