Remote Access Privacy Policy

1. Data Controller and Contact Information

BackupExperts
Contact: info@backupexperts.de
Phone: +49 37298 909061

2. Remote Access Software

We provide RustDesk (version 1.4.0) as our remote access solution. RustDesk is an open-source remote desktop software that enables secure remote connections.

3. Legal Basis for Processing

We process your personal data based on:

• Art. 6(1)(a) GDPR - Your explicit consent
• Art. 6(1)(b) GDPR - Performance of our service contract
• Art. 6(1)(f) GDPR - Legitimate interest in providing technical support

4. Data Processing During Remote Sessions

4.1 Data Collected

• Screen content and application data
• Keyboard and mouse inputs
• System information (OS version, hardware specs)
• Connection logs (IP addresses, timestamps)
• Session duration and performance metrics

4.2 Data Storage and Location

• Local Processing: RustDesk primarily processes data locally on your device
• Connection Data: Temporary connection data may be processed through RustDesk's relay servers
• EU Data Residency: All personal data remains within the EU/EEA where possible
• Retention: Session logs are retained for 30 days maximum

5. Security Measures

We implement comprehensive security measures:

• End-to-End Encryption: All remote sessions use AES-256 encryption
• Authentication: Session-based authentication with unique access codes
• Access Control: User-initiated connections only
• Monitoring: Connection attempts are logged for security purposes
• Data Minimization: Only necessary data is processed

6. Professional Secrecy Compliance

For clients subject to professional secrecy (§203 German Criminal Code):

• Additional data processing agreements are required
• Enhanced confidentiality measures apply
• Specific consent for accessing protected information
• Separate documentation of all access events

7. Your Rights Under GDPR

You have the following rights:

• Right of Access (Art. 15 GDPR) - Request information about your data
• Right to Rectification (Art. 16 GDPR) - Correct inaccurate data
• Right to Erasure (Art. 17 GDPR) - Delete your data
• Right to Data Portability (Art. 20 GDPR) - Receive your data
• Right to Object (Art. 21 GDPR) - Object to processing
• Right to Withdraw Consent - Withdraw consent at any time

8. Data Sharing and Third Parties

Your data may be shared with:

• RustDesk Infrastructure: For connection relay services only
• Legal Authorities: When required by German law
• No Marketing: We do not share data for marketing purposes

9. Incident Response

In case of a data breach:

• We will notify supervisory authorities within 72 hours
• Affected individuals will be informed if high risk exists
• Immediate containment measures will be implemented

10. Consent Withdrawal

You can withdraw your consent at any time by:

• Ending the remote session
• Uninstalling RustDesk software
• Contacting us at info@backupexperts.de

11. Supervisory Authority

You have the right to lodge a complaint with:

German Federal Commissioner for Data Protection and Freedom of Information
Website: bfdi.bund.de

12. Policy Updates

This policy was last updated: July 25, 2025
We will notify users of material changes to this policy.