Privacy Policy
This Privacy Policy explains how MISMOtech – Minos Eigenheer ("we", "us", or "our"), as the data controller, collects, uses, and protects your personal data when you use the Battery Remote mobile application ("the App") and the mismo-tech.com website and webshop ("the Site"). It applies to users in the European Economic Area (EEA) and other jurisdictions, and is written in accordance with the EU General Data Protection Regulation (GDPR) and the Dutch implementation thereof (Uitvoeringswet AVG).
1. Who Is Responsible for Your Data (Controller)
MISMOtech – Minos Eigenheer
the Netherlands
support@mismo-tech.com
2. Data We Collect and Legal Basis
The table below summarises the categories of personal data we process, why we process them, and the legal basis under GDPR / nDSG.
| Category | Examples | Purpose | Legal Basis (GDPR Art. 6) |
|---|---|---|---|
| Account & identity data | Email address, display name, profile photo; Apple may supply a relay address | Authentication and account management | Art. 6(1)(b) – performance of a contract |
| Device location data | GPS coordinates published by the tracker via Particle Cloud events (transient, TTL ~60 s in the Particle event stream); Particle retains device vitals for up to 1 month | Displaying live and last-known device location on the map | Art. 6(1)(b) – performance of a contract |
| Geofence zone | Centre coordinates (latitude/longitude) and radius of any geofence zones you configure, stored in Firestore as part of device settings | Triggering entry/exit notifications when the tracker crosses the defined boundary | Art. 6(1)(b) – performance of a contract |
| Device telemetry | Battery voltage, state of charge, charging state, temperature, warnings, motion events; stored in Firestore for 90 days | Dashboard, historical logs, and alert delivery | Art. 6(1)(b) – performance of a contract |
| Push notification token | Firebase Cloud Messaging (FCM) token linked to your account | Delivering push notifications (e.g. charge complete, warnings) | Art. 6(1)(b) – performance of a contract |
| Camera (transient) | Camera viewfinder frames used to decode a serial-number barcode or QR code when adding a device. No images are captured or stored by the app. | Filling in the device serial number automatically during pairing | Art. 6(1)(b) – performance of a contract |
| Phone location (transient) | Your phone’s current location, accessed once when you open the map to configure a geofence zone, so the map can centre on your position. Not stored by the app. | Providing a convenient starting point when drawing a geofence on the map | Art. 6(1)(a) – consent (iOS/Android permission prompt) |
| Technical & diagnostic data | Crash reports, app version, operating system version | Diagnosing errors and improving app reliability | Art. 6(1)(f) – legitimate interests (product quality) |
We do not sell, rent, or share your personal data with third parties for marketing or advertising purposes.
3. How We Use Your Information
- To authenticate you and protect access to your account and devices.
- To display real-time and historical battery and device data on your dashboard.
- To send push notifications about your device's status.
- To enable you to grant other users access to your devices.
- To improve app reliability and diagnose technical issues.
4. Data Storage, Security & Retention
Your data is stored in Google Firebase (Firestore, Authentication, Cloud Functions, and Cloud Messaging). Access is restricted by Firestore security rules so that only you and users you have explicitly authorised can read your device data. All data in transit is protected by TLS/HTTPS encryption. We apply reasonable technical and organisational measures to safeguard your information.
- Account data – retained until you delete your account.
- Device telemetry logs – retained for 90 days, then automatically deleted.
- Geofence zone data – retained as part of device settings until you delete the zone or delete the device.
- Camera frames – processed on-device in real time for barcode decoding; never stored or transmitted.
- Phone location (geofence map) – used transiently on-device to centre the map; never stored or transmitted to our servers.
- Particle device vitals – retained by Particle for up to 1 month (outside our control).
- FCM tokens – deleted when you sign out or delete your account.
5. International Data Transfers
Some of the third-party services we rely on are headquartered in the United States, meaning your data may be transferred to and processed in the US or other countries outside the EEA. Where required by law, these transfers are protected by appropriate safeguards, including the EU Standard Contractual Clauses (SCCs) as adopted by the European Commission:
- Google Firebase & Google Sign-In – Google LLC, USA. Google Data Processing Addendum (SCCs)
- Particle Industries – Particle Industries, Inc., USA. Particle Privacy Policy
- Apple Sign In – Apple Inc., USA. Apple Privacy Policy
- Google Maps – Google LLC, USA. Google Maps Platform Terms
6. Children's Privacy
Battery Remote is not intended for children under the age of 16 (or the minimum age required by the applicable law of your country of residence, if higher). We do not knowingly collect personal data from children below this age. If you believe a child has provided us with personal data, please contact us so we can delete it.
7. Your Rights
Depending on your location, you have the following rights regarding your personal data. To exercise any of them, contact us at the address in Section 9.
- Right of access (Art. 15 GDPR) – Request a copy of the personal data we hold about you.
- Right to rectification (Art. 16 GDPR) – Ask us to correct inaccurate or incomplete data.
- Right to erasure (Art. 17 GDPR) – Request deletion of your personal data. You can also do this directly in the app via Settings → Account → Delete Account.
- Right to restriction (Art. 18 GDPR) – Ask us to restrict processing of your data in certain circumstances.
- Right to data portability (Art. 20 GDPR) – Receive your personal data in a structured, commonly used, machine-readable format.
- Right to object (Art. 21 GDPR) – Object to processing based on our legitimate interests.
- Right to withdraw consent – Where processing is based on your consent, you may withdraw it at any time without affecting the lawfulness of prior processing.
We will respond to your request within 30 days. We may ask you to verify your identity before fulfilling a request.
8. Right to Lodge a Complaint
If you believe we have violated applicable data protection law, you have the right to file a complaint with the competent supervisory authority:
- the Netherlands: Autoriteit Persoonsgegevens (AP)
- Other EU/EEA countries: The data protection authority of your country of residence. A list of EU DPAs is available at edpb.europa.eu.
9. Automated Decision-Making
We do not use your personal data for automated decision-making or profiling that produces legal or similarly significant effects on you.
10. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes to our practices or applicable law. We will notify you of material changes via the app or by updating the "Last updated" date at the top. Continued use of the App after changes are published constitutes your acceptance of the updated policy.
11. Purchases, Payments & Shipping (mismo-tech.com webshop)
The following applies in addition to the sections above when you buy hardware or a monitoring subscription on the mismo-tech.com webshop.
Data we process for orders
- Contact & account: name, email address, and your Battery Remote account identifier.
- Billing & tax: billing address and country, used to calculate and document VAT.
- Shipping: recipient name and delivery address for physical orders.
- Order details: the products, quantities, amounts, and order status.
- Payment: card and payment details are entered directly with our payment processor (Stripe). We never receive or store your full card number — only a payment reference and the last-4 / brand returned by Stripe.
Why we process it (legal basis)
- Performance of a contract (Art. 6(1)(b) GDPR) — to process your order, take payment, deliver hardware and provide the subscription.
- Legal obligation (Art. 6(1)(c) GDPR) — to keep invoices and tax records as required by Dutch law.
- Legitimate interests (Art. 6(1)(f) GDPR) — fraud prevention and securing our webshop.
Processors we share order data with
| Processor | Purpose |
|---|---|
| Stripe | Payment processing, subscriptions and VAT (Stripe Tax) |
| MyParcel / PostNL | Shipping labels and delivery of physical orders |
| Resend | Transactional email (order, shipping and payment notifications) |
| Google Firebase / Google Cloud | Authentication, database and order records |
| Cloudflare | Website hosting and content delivery |
Some of these providers may process data outside the EEA (e.g. in the United States). Where they do, transfers are covered by appropriate safeguards such as the EU Standard Contractual Clauses.
How long we keep order data
Invoices and order records are retained for the statutory retention period under Dutch tax law (currently 7 years). Other order-related data is kept only as long as needed to provide the service and handle warranty or support requests.
Your rights for order data
Your rights (access, rectification, erasure, objection, portability and complaint) are the same as set out above. Note that data we must keep for tax purposes cannot be deleted before the statutory period ends.
12. Contact Us
For any questions about this Privacy Policy or to exercise your rights, please contact:
MISMOtech – Minos Eigenheer
the Netherlands
support@mismo-tech.com