Effective 1 May 2019
1. PERSONAL DATA AND INFORMATION WE COLLECT ABOUT YOU
We collect the following Personal data and information from you:
- Contact Information such as name and email address.
- Preferences Information you provide such as product or content interests, or communication or marketing preferences.
- Usage activity about how you interact with us such as purchase history, what content you viewed, and which areas of our app you visited.
- Fitness or Health information such as your weight, height, consumption of water.
- Device and Usage Information that may include data specific to your mobile device (e.g., make, model, operating system, advertising identifier and similar information); information about your use of features, functions, or notifications on the device; and signal strength relating to Wi-Fi or Bluetooth functionality, temperature, battery level, and similar technical data.
- Demographic information such as age and gender.
- Information about your mobile device such as your mobile device id (similar to a website IP address), device type, and mobile service carrier.
We may collect this Personal data and information even if you are not logged in to the application.
You will also have an option to permit us to import and export the App data from third-party services such as Apple HealthKit, among others. Such information may include: weight, gender, height, heartbeat rate, number of steps/distance travelled, and other information about your health.
- We do not use the information obtained via the HealthKit framework for advertising or similar purposes.
- We do not disclose any information obtained via HealthKit to third parties without expressed permission from the users.
- We do not sell information obtained via HealthKit to advertising platforms, data brokers or information resellers.
- PERSONAL DATA YOU PROVIDE TO US THROUGH THE USE OF THE APP INCLUDES PERSONAL DATA YOU ENTER INTO THE APP, SUCH AS YOUR ACCOUNT DATA (E.G. YOUR NAME AND EMAIL ADDRESS), AND YOUR HEALTH DATA (E.G. BODY MEASUREMENTS, PHYSICAL ACTIVITY AND OTHERS). DEPENDING ON THE DATA YOU PROVIDE, IT MAY ALSO CONTAIN INFORMATION ABOUT YOUR GENERAL HEALTH (E.G. WEIGHT, AND OTHERS).
- WE WILL NOT TRANSMIT ANY OF YOUR HEALTH DATA TO THIRD PARTIES UNLESS WE HAVE ASKED FOR YOUR EXPLICIT CONSENT.
YOU CAN ALWAYS WITHDRAW YOUR CONSENT TO PROCESSING OF YOUR PERSONAL DATA AND (OR) ITS TRANSMISSION TO THIRD PARTIES BY CONTACTING US AT email@example.com.
2. HOW WE USE YOUR PERSONAL DATA AND INFORMATION
- to analyze, operate, maintain and improve the App and marketing activities, to add new features and services to the App;
- to assess your needs to determine suitable products or services;
- to send product updates or warranty information;
- to respond to your comments, questions and requests and provide customer service;
- to send you push notifications, both internal and external. IF YOU DO NOT WANT TO RECEIVE THESE NOTIFICATIONS, YOU CAN MANAGE YOUR PREFERENCE EITHER THROUGH YOUR DEVICE OR APP SETTINGS DEPENDING ON YOUR DEVICE TYPE. YOU CAN ALSO CONTACT US AT firstname.lastname@example.org
- to send you marketing communications;
- to improve our App and marketing efforts, to conduct research and analysis, including for scientific and academic research purposes;
Choice/Opt-Out. You may opt-out of receiving our newsletter or marketing emails from us by following the instructions on how to unsubscribe included in each newsletter or marketing email, or you can contact us at email@example.com.
Social Networks. We enable you to create a profile, and share information such as messages, photos, and videos with others within your network. We cannot control the actions of others with whom you may choose to share your pages and information. Also, we cannot guarantee that the content you post on our App will not be viewed by others outside your network.
Any information (including Personal Data) you share in any online community area or online discussion is by design open to the public and is not private, unless provided differently in the App settings. You should think carefully before posting any Personal Data in any public forum. What you post can be seen, disclosed to, or collected by third parties and may be used by others in ways we cannot control or predict, including to contact you for unauthorized purposes. As with any public forum on any site, the information you post may also show up in third-party search engines.
If you mistakenly post Personal Data in our community areas and would like it removed, you can send us an email as listed below to request that we remove it. In some cases, we may not be able to remove your Personal Data, e.g. for technical reasons.
3. YOUR RIGHTS
Modification, correction, and erasure. You are able to modify, correct, erase and update your Personal Data in the App account settings or, if that is impossible, by writing to us at firstname.lastname@example.org.
Access. You have a right to access your Personal Data you insert into the App and ask us about what kind of Personal Data we have about you. You can do this by using the app settings or by writing to email@example.com.
EU residents. Individuals residing in the countries of the European Union have certain statutory rights in relation to their personal data introduced by the General Data Protection Regulation (the “GDPR”). Subject to any exemptions provided by law, you may have the right to request access to Personal data (including in a structured and portable form), as well as to seek to update, delete or correct Personal data:
- Access to your Personal Data and Data Portability. The App gives you the ability to access and update Personal Data within the App and your account settings. You shall be entitled to request information about whether we have any Personal Data about you, to access your Personal data (including in a structured and portable form) by using your app settings or by simply writing to us at firstname.lastname@example.org.
- Erasure of your Personal Data. If you believe that your Personal Data is no longer necessary in relation to the purposes for which it was collected or otherwise processed, or in cases where you have withdrawn your consent or object to the processing of your Personal Data, or in cases where the processing of your Personal Data does not otherwise comply with the GDPR, you have right to contact us and ask us to erase such Personal Data as described above. You can simply write to us at email@example.com. Please be aware that erasing some Personal Data inserted by you may affect your ability to use the App and its features. Erasure of some Personal Data may also take some time due to technical reasons.
- Right to object processing of your Personal Data. You can object to processing your Personal Data and stop us from processing your Personal data by simply writing to us at firstname.lastname@example.org. Please be aware that erasing some Personal Data inserted by you may affect your ability to use the App and its features.
- Notification requirements. We commit to notify you within a reasonable period of time and your data protection authority within the timeframe specified in applicable law (72 hours) about any personal data breaches in the App.
- Data Protection Authorities. Subject to GDPR requirements, you also have the right to (i) restrict our use of Personal Data and (ii) lodge a complaint with your local data protection authority about any of our activities that you deem are not compliant with GDPR.
Please keep in mind that in case of a vague access, erasure, objection request or any other request in exercise of the mentioned rights we may engage the individual in a dialogue so as to better understand the motivation for the request and to locate responsive information. In case this is impossible, we reserve the right to refuse granting your request.
Following the provisions of GDPR we might also require you to prove your identity (for example, by requesting an ID or any other reasonable proof of identity) in order for you to invoke the mentioned rights, specifically if you exercise them in respect to special categories of Personal Data like data about health. This is made to ensure that no rights of third parties are violated by your request, and the rights described in this section are exercised by an actual Personal Data subject or an authorized person.
4. SHARING YOUR PERSONAL DATA AND INFORMATION
We may disclose your Personal Data:
- as required by law, such as to comply with a subpoena, or similar legal process.
- when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.
- if we are involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified via email and/or a prominent notice on our Web site of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.
- to any other third party with your prior explicit consent to do so.
We share the information we collect with third-party business partners who commit to comply with applicable laws concerning their usage of your Personal Data (for example, GDPR for the EU residents). Our third-party business partners may share your Personal Data with their own third-party business partners, granted they have appropriate data protection safeguards in place, and use the information either for themselves or on behalf of their own business partners to:
- operate and improve their services;
- provide you with advertisements and information for products and services in this app or on other apps or websites based on variables such as your location, and assess your level of engagement with them;
- carry out other purposes that are disclosed to you and to which you consent.
Depending on a service you use, we may share some of your Personal Data and information with third-party business partners who perform analytical and other tasks for us (in some jurisdictions such parties may qualify for being a ‘processor’ under applicable laws). These are the third-party services with whom, among others, we may share some of your Personal Data and information:
- Appsflyer. Appsflyer is a mobile marketing platform. We may share certain non-identifiable information about you and some Personal Data (but never any data related to health without your explicit consent) in order to carry out marketing activities and provide you with better and more targeted service. We share the following data with Appsflyer: your IDFA or Android advertising ID, IP address, your user sessions, device information (model, location, OS version, CPU, screen size, etc.), application information (version, build number, etc.), information on launching, updating, installing the App. Once data is collected, it is not merged with any other data for personal identification purposes. You may choose at any time that such data shall no longer be collected in the future. If so, please simply use the opt-out option of Appsflyer.
- MoPub. Mopub is a subsidiary of Twitter, Inc. and a monetization platform. We may share non-identifiable information about you and some Personal Data (but never any data related to health without your explicit consent) in order to carry out marketing and adds activities. Learn more about MoPub opt-out information here.
- Facebook. We use Facebook as our advertising partner to display advertising in our App or to manage our advertising on other sites. We are using the following Facebook services: Ads manager, Lookalike audience, Campaign Planner, Creative Hub, Business Manager, Page Posts, Ads Reporting, Monetization Manager, Pixels, Audience Insights. We use Facebook’s Software Development Kit (SDK) within our apps in order to link various Facebook services with our apps. For example, this enables users to share content from our apps within their Facebook timeline. Further information about the Facebook SDK within iOS can be found here; for Android here. We may share certain non-identifiable information about you and some Personal Data (but never any data related to health without your explicit consent) for the purposes described above, including to carry out marketing activities and provide you with better and more targeted service. We share the following data with Facebook: your IDFA or Android advertising ID, your user sessions, device information (model, location, OS version, CPU, screen size, etc.), application information (version, build number, etc.), information on launching, updating, installing the App and attribution source. Learn more about Facebook ads here. Facebook may use data we provide for its own advertising purposes in accordance with the Facebook Data Policy.
- Fabric. We use Fabric, an analytics company and a Google subsidiary, to better understand your use of the App. For example, Fabric may use device identifiers that are stored on your mobile device and allow us to analyze your use of the App in order to improve our App features. We never share with Fabric data related to health without your explicit consent. Read more in Fabric Data Processing and Security Terms.
- Firebase. Firebase is an analytics product from Google, Inc. that allows us to track crashes of the App, monitor events in the App, provide us stats regarding the use of the App. To track and analyze behavior of our App’s users (in particular, how they react to changes of the App structure, text or any other component), we also use Firebase Remote Config. Firebase Remote Config is an A/B testing and configuration service provided by Google, which also enables us to tailor the content that our App’s users see (for example, it allows us to show different onboarding screens to different users). Firebase may collect certain device identifiers in order to understand on what devices and under which circumstances particular incidents and events happen. We share the following data with Firebase: your IDFA or Android advertising ID, data on installing the App, your actions in the App (for example, tapping particular buttons like whether to receive notifications or not), including actions with additional parameters, opening particular screens, starting and cancelling a trial period, starting and cancelling subscription, passing the onboarding screen, completing registration, different technical events (for example, whether you have read a manual or not). We never share with Firebase data related to health without your explicit consent. Read about Privacy and Security in Firebase here.
- Leanplum. We use Leanplum, which is a mobile marketing and analytics platform that allows us to customize and send messages to our users (in particular, via email) and notifications right to your phone. Leanplum enables us to choose the categories of users, which will receive such notification (for example, we can send notifications directly to users that chose “Workout Hero” fitness activity status). Leanplum also provides you with an opportunity to opt out at any time. Among others, we share the following data with Leanplum: your IDFA or Android advertising ID, your application information (version, build number, etc.), device information (model, location, country, OS version, installation date, time zone, carrier, etc.), data on installing the App, your actions in the App (for example, tapping particular buttons like whether to receive notifications or not), including actions with additional parameters, your actions with particular screens and information on visiting particular pages, starting and cancelling a trial period, starting and cancelling subscription, passing the onboarding screen, completing registration, different technical events (for example, whether the user has read a manual or not), language, login method, date of birth, gender, details of your interaction with content. We never share with Leanplum data related to health without your explicit consent.
- RockMyRun. We partner with RockMyRun, a music provider to integrate music services into the App. At the App start, we initialize RockMyRun’s SDK to check if it works properly. We also transmit data about your music preferences to be able to create best-matching popular music lists for your motivation. Read more info here.
Aggregated Information. We may also share aggregated, anonymized or de-identified information, which cannot reasonably be used to identify you. For example, we may share, including, without limitation, in articles, blog posts and scientific publications, general age demographic information and aggregate statistics about certain activities or symptoms from data collected to help identify patterns across users.
5. DATA SECURITY
Security of your Personal Data is important to us. When you provide your Personal data that is considered to be sensitive or falls under “categories of special data” under applicable laws to us, we encrypt the transmission of that information using secure socket layer technology (SSL). We follow generally accepted industry standards to protect the Personal Data submitted to us, both during transmission and once we receive it.
Among others, we utilize the following security measures to protect your Personal Data:
- Pseudonymization and tokenization of certain categories of your Personal Data;
- Protection of data integrity;
- Encryption of your Personal Data in transit and in rest;
- Systematic vulnerability scanning and penetration testing;
- Organizational and legal measures. For example, our employees have different levels of access to your Personal Data, and only those in charge of data management get access to your Personal Data and only for limited purposes required for the operation of the App. We impose strict liability on our employees for any disclosures, unauthorized accesses, alterations, destructions, misuses of your Personal Data.
- Conducting periodical data protection impact assessments in order to ensure that the App fully adheres to the principles of ‘privacy by design’, ‘privacy by default’ and other internationally accepted data protection principles. We also commit to undertake privacy audit in case of Company’s merger or takeover.
Bear in mind that no method of transmission, or method of electronic storage, is 100% secure. Therefore, we cannot guarantee its absolute security. If you have any questions about security on our App, you can contact us at email@example.com.
6. RETENTION AND STORAGE OF YOUR PERSONAL DATA
We will retain your Personal Data for as long as the application is installed on your mobile device or as needed to provide you service. If you remove the application from your phone or (and) deactivate your subscription, we will remove all your Personal Data within 12 months and use copies of your Personal Data only as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. We retain your Personal data for the indicated period of time in order for you to be able to restore all your information and settings, if you like to return to the App. If you wish to cancel your account or request that we no longer use your information to provide you services, or wish to delete all your information and Personal Data permanently, contact us at firstname.lastname@example.org.
In some cases, after we may anonymize you Personal Data in such a way that it will never identify you, actually or potentially. We may use such anonymized data for various purposes like training our AI built into the App.
We use our own servers located in the European Union (Germany) to transfer, process, and store your Personal Data.
7. CHILDREN’S PRIVACY
General age limitation. We are committed to protecting the privacy of children. The App is not intended for children and we do not intentionally collect information about children under 16 years old. The App does not collect Personal Data from any person the Company actually knows is under the age of 16. If you are aware of anyone under 16 using the App, please contact us at email@example.com and we will take required steps to delete such information and (or) delete their account.
8. DATA PROTECTION OFFICER
To communicate with our Data Protection Officer, please email at firstname.lastname@example.org.
9. CONTACTING US
WEST BLOCK, Floor 1, Flat 101, 12 Kolonakiou ,
Agios Athanasios, 4103, Limassol, Cyprus
Our EU representative:
ANGOLIACO INVESTMENTS LTD
Karaiskaki, 38 KANIKA ALEXANDER CENTER, 1st floor, Office 113B
BLOCK 1, 3032, Limassol, Cyprus