This document is intended to help you use ESYSTA securely. While we take comprehensive technical measures to protect your data and privacy, you can also contribute significantly to security by following a few simple steps.

1. Access to ESYSTA

An application can only be executed securely if the device used is also secure. Ensure that the operating system is in a state recommended by the manufacturer. This means that the operating system is still supported by the manufacturer and that all security-relevant updates have been installed. Additionally, your device should have active device protection (password, fingerprint, etc.). When using mobile devices, they must not be rooted. The ESYSTA App must not be installed in simulation environments either.
If these measures are not implemented, your device will be vulnerable. If a third party gains unauthorized access to your device, they may also be able to access your ESYSTA data.

Access via a public network or via a third-party device can also result in risks that are beyond our and your control. Therefore, only access ESYSTA via a trustworthy network.

If you use ESYSTA in public spaces, be aware that third parties might be able to see your device and view information from ESYSTA. Ensure that no one can look over your shoulder and/or use a privacy screen protector.

2. Secure passwords

Weak passwords are one of the biggest security risks. Therefore, use a secure password for ESYSTA. A secure password should contain at least 12 characters and include a mix of uppercase and lowercase letters, numbers, and special characters. It should not contain sequences of three or more consecutive digits, and the same character should not be repeated four or more times in a row. Avoid simple or easy-to-guess combinations.

3. Handling Passwords

Do not share your password with third parties and only store it securely, for example, in a password manager protected by a master password. Storing usernames or passwords in a web browser, on mobile devices, or in an unprotected location poses security risks, as these data could become accessible to third parties in the event of a successful attack on your device.

We also point out that there are security differences between various authentication methods. When setting up the ESYSTA App, you can optionally enable biometrics. If you do so, you can use your stored biometric feature (fingerprint or facial recognition) instead of entering the app PIN to unlock the app. This generally increases the risk of unauthorized access to your data. By choosing this authentication method, you accept the higher risk in favor of easier handling. You can remove biometric login in your account settings at any time. Details on different biometric authentication methods can be found here: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR03107/TR-03107-1_Anforderungen.pdf

4. Security settings in ESYSTA

In the “Account settings/security” section of the ESYSTA Portal, you can configure security settings. There you can change your password, revoke device access, add security keys, biometric logins, or a "passkey."

Under “Account settings/Data sharing” you can manage the sharing of data with doctors. Please note that such sharing can endanger the confidentiality of your data.

Under “Account settings/Support access” you can grant the ESYSTA support team temporary access to your data to provide information or help with technical problems. Please note that this may endanger the confidentiality of your data.

In the ESYSTA App for Android, the option to enable or disable screenshot capturing is available. Please note that enabling screenshots may compromise the confidentiality of your data.

5. Export of sensitive data

We would like to remind you that you are responsible for the security of exported data. We recommend storing downloaded data only in encrypted form.

Please also make sure that you store the copy of the recovery keys that you receive during registration in a safe place. These serve as an authentication factor when logging in on other devices.
In general, using the copy-paste function can pose security risks, especially when sensitive data such as passwords or access codes are copied to the clipboard. This data could be accessed by other applications or malware. Use this function carefully and avoid transferring sensitive information this way. To minimize risks, clear clipboard entries after use.

You should also avoid taking screenshots of sensitive data. These images are stored unencrypted on your device and may be unintentionally shared with other apps or services, posing a security risk.

6. Log out after use

Please be aware that the ESYSTA Portal web application cannot prevent third-party access or the storage of screen content (e.g., screenshots and screen displays when switching between applications). Sensitive data could be exposed. We recommend logging out after use. If you remain logged in, an active connection to the backend system may persist even when the device is locked.

Please note that locking the screen does not automatically log you out of our service and that the connection to the background system will remain open. Therefore, please log out after using the service (especially on third-party devices).

7. Connection between mobile apps and ESYSTA Portal even when device is locked

When using the mobile app, a connection to the ESYSTA Portal remains active even when the operating system is locked. This ensures the synchronization of your data, such as blood sugar readings received from Bluetooth devices, with the ESYSTA Portal. This centralized data storage serves on the one hand to secure your data, e.g. in the event of a defect or loss of your smartphone, and on the other hand to ensure that your data is as up-to-date as possible when accessed via the ESYSTA Portal, whether by yourself or by a doctor to whom you have granted data access. To protect your data, this automatic data transfer occurs in the background with restricted access rights. However, despite security precautions, there is a potential risk of data interception or manipulation by third parties. You can disable automatic data transmission in the app settings at any time.

8. Use of Third-Party Software.

Both the ESYSTA App and the ESYSTA Portal use third-party software libraries to provide functionality. Wherever possible, publicly available standard software is used and continuously monitored for known vulnerabilities. However, using third-party software can still pose data protection and security risks. For more information, please contact ESYSTA Support.

9. Required and optional permissions when using the ESYSTA App.

The ESYSTA App requires certain permissions for both installation and runtime to function properly. These differ depending on the operating system. Some optional functions, such as displaying notifications, require separate permissions.

10. ESYSTA App for Android

Runtime permissions

The ESYSTA App requires certain permissions to function properly, which are requested at runtime. The request is made depending on the detected device or activated service. You can revoke permissions via the operating system’s settings, but this may restrict the following functions:

• Notifications (Android 13 and higher) – 7-day-trend messages
  
  Prompted at: App start
  Purpose: Display of 7-day-trend messages
  Revocation: Possible via the operating system settings
  Consequence of revocation: No 7-day-trend messages are displayed
  
  
• Notifications (Android 13 and higher) – SoloSmart®
  
  Prompted at: App start, as soon as a SoloSmart® device is recognized or the first bonding has occurred
  Purpose: Display of SoloSmart® notifications
  Revocation: Possible via the operating system settings
  Consequence of revocation: No notifications will be received regarding new applications, battery status, etc.
  
  
• Notifications (Android 13 and higher) – Auto Connect service (Bluetooth)
  
  Prompted at: App start, as soon as a Bluetooth device is recognized and the Auto Connect service is activated or after initial bonding
  Purpose: Display of the notification icon for the Auto Connect service
  Revocation: Possible via the operating system settings
  Consequence of revocation: The running service is not displayed in the notification area
  
  
• Scan for Bluetooth and connect (Android 12 and higher)
  
  Prompted at: App start, when a Bluetooth device with activated Auto Connect service is recognized or after first bonding
  Purpose: Establishing a connection to Bluetooth devices
  Revocation: Possible via the operating system systems
  Consequence of revocation: Data transmission from Bluetooth devices is disabled
  
  
• Bluetooth and Bluetooth Administration (below Android 12)
  
  Prompted at: Analogous to when a Bluetooth device with activated Auto Connect service is detected or after initial bonding
  Purpose: Ensuring the Bluetooth connection on older Android versions
  Revocation: Possible via the operating system systems
  Consequence of revocation: Data transmission from Bluetooth devices is no longer possible
  
  
• Location (approximate and precise) (only on Android 12)
  
  Prompted at: App start, when a Bluetooth device with activated Auto Connect service is recognized or after first bonding
  Purpose: Support for Bluetooth device connection
  Revocation: Possible via the operating system systems
  Consequence of revocation: Data transmission from Bluetooth devices is no longer possible
  
  

If you revoke any of these runtime permissions, the respective app functions may be restricted or unavailable.

Manifest permissions

These permissions are granted at installation and can only be revoked by uninstalling the app:

• Notifications (on Android 13)
  Purpose: Display of 7-day-trend messages, SoloSmart® messages and the icon for the Auto Connect service
• Receive Boot Completed
  • Purpose: Restarting the Auto Connect service, resuming the 7-day-trend service after a restart
• Internet and access to the network status (“Access Network State”)
  • Purpose: Communication with the ESYSTA Portal
• NFC
  • Purpose: Receiving data from NFC devices
• Foreground Service
  • Purpose: Enables running services in the foreground
• Foreground Service – Connected Device
  • Purpose: Supports the Auto Connect service
• Foreground Service – Data Synchronization
  • Purpose: Performing automatic data synchronization in the background
• Foreground Service – System Exception Handling
  • Purpose: Providing 7-day-trend messages
• Exact Alarm Planning (“Schedule Exact Alarm”)
  • Purpose: Scheduling and displaying 7-day-trend messages with precise timing
• Wake Lock
  • Purpose: Ensuring automatic data synchronization runs in the background
• Re-Order tasks
  • Purpose: Allowing tasks to be moved between the foreground and background

11. ESYSTA App for iOS

The ESYSTA App for iOS requires certain permissions to function properly, which are requested at runtime. The following points outline when and why these permissions are needed, how you can revoke your consent and what consequences this has:

• Notifications
  
  Prompted at: When the app is started for the first time or when notifications are activated in the app
  Purpose: Display of 7-day-trend messages
  Revocation: Settings → Notifications → [Select app] → Disable
  Consequence of revocation: 7-day-trend messages will not be displayed
  
  
• Bluetooth
  
  Prompted at: The first time you attempt to connect to a Bluetooth device
  Purpose: Connect and synchronize data with accessories
  Revoke: Settings → Privacy → Bluetooth → Disable for the app
  Consequence of revocation: Accessory connections and synchronization will no longer work
  
  
• NFC
  
  Prompted at: When initiating an NFC scan
  Purpose: Reading NovoPen NFC pens
  Revocation: Different iOS versions handle NFC differently; a direct option may not be available – deactivation occurs at the operating system level, if available
  Consequence of revocation: Data cannot be read from NovoPens via NFC.
  
  
• Face ID
  
  Prompted at: When the user activates Face ID login
  Purpose: Biometric authentication to protect access to app data
  Revocation: Settings → Face ID & Code → Deactivate Face ID for the app
  Consequence of revocation: Face ID login will no longer be available
  
  
• Automatic background data transfer
  
  Prompted at: This permission is not explicitly requested (no user prompt)
  Purpose: Execution of background tasks (e.g. Bluetooth scanning, background polling)
  Revocation: Settings → General → Background App Refresh → Disable for the app
  Consequence of revocation: The app will not perform background tasks or fetch data when not in the foreground