Last Updated: 12/01/2020
Simplified Explanation of Data Collection
- If you are using the App without making purchases, you are an anonymous user to us and we collect only technical information necessary for running and improving the app (iOS version, device model, app usage, crash reports, device time zone) – some of this data has been requalified as Personal Data as well.
- When you are purchasing services, we need to identify your Apple ID
- We don´t share any information concerning you or your device with any 3rd parties unless it is necessary for running the App, delivering services, or fulfilling legal obligations.
- Technical 3rd parties are f.e. Apple (app), Amazon Web Services (servers), Graylog (logs), etc..
- Under recent legislation concerning data privacy (General Data Protection Regulation), many types of data have been designated as personal data to catch up with the nature of the digital age. Personal data means any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name and surname, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. When the Customer installs or downloads the App, the Provider may collect a variety of non-personal data of technical nature (the version of the operating system, device model, device language, time zone, etc.). This data allows the Provider f.e. to improve the App´s performance and resolve potential technical issues. The Provider may collect also other kinds of data that are considered Personal Data such as contact information (e-mail address and other information supplied to the Provider in accordance with his support service), device information (unique device identifier), etc. (hereinafter collectively as “Personal Data”), etc. These are used primarily for the delivery of Services purchased via the App.
- The Provider uses the Personal Data (i) to provide the Application Services, (ii) to maintain and/or (iii) to develop the Application Services. In cases prescribed by law, the Provider requires the Customer’s consent for processing the Personal Data.
- The Personal Data are proceeded both in an automated and a manual way and are stored for as long as is necessary to provide the Customer with the App (for the duration of the Customer’s use of the App) and for a reasonable period of time after the last use of the App, not exceeding five years.
- The Customer hereby further agrees not to use the Application Services to send sensitive data about him or a third person where unauthorized disclosure could cause material or immaterial damage, severe harm or impact to the Provider, any data subjects and/or thirds parties. Sensitive data includes, but is not limited to: health data, genetic data, biometric data, data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, data concerning sexual orientation. The Customer hereby further agrees to not use Services for personally identifiable information knowingly collected from children under the age of 17 from online services designated for children.
- The App is not designated for children. By downloading or installing the App, the Customer declares that he is older than 17 years old and is solely responsible for any damage or loss that the Provider may suffer because of his untruthful declaration.
- Access to Personal Data. The Customer has the right to obtain from the Provider confirmation as to whether or not the Personal Data concerning him are being processed, and where that is the case, access to the Personal Data and the following information: the purposes of the processing, the categories of the Personal Data concerned the recipient to whom Personal Data has been or will be disclosed; the envisaged period for which the Personal Data will be stored (if not possible the criteria used to determine that period), the existence of automated decision-making, including profiling, and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the Personal Data subject.
The Customer has the right to request from the Provider rectification or erasure of the Personal Data (Right to be forgotten) or restriction of processing of the Personal Data concerning the Customer or to object to such processing. The Customer has also the right to lodge a complaint with the supervisory authority (in European Union) and the right to Personal Data portability.
Right to rectification. The Customer shall have the right to obtain from the Provider without undue delay the rectification of inaccurate the Personal Data concerning him or her. Taking into account the purposes of the processing, the data subject shall have the right to have incomplete Personal Data completed, including by means of providing a supplementary statement.
Right to be forgotten. The Customer shall have the right to obtain from the Provider the erasure of the Personal Data concerning him without undue delay and the Provider shall have the obligation to erase the Personal Data without undue delay where one of the following grounds applies: (i) the Personal Data are no longer necessary in relation to the purposes for which they were collected or otherwise processed, (ii) the Personal Data has been unlawfully processed, (iii) the Personal Data have to be erased for compliance with a legal obligation in the European Union or Member State law to which the Provider is subject, (iv) the Customer withdraws consent on which the processing is based and there is no other legal ground for the processing, and/or (v) the Customer objects to the processing and there are no overriding legitimate grounds for the processing. The Provider will not erase the Personal Data, if the processing of the Personal Data is necessary for (i) the exercising the right of freedom of expression and information, (ii) the compliance with a legal obligation which requires processing by the European Union or Member State law to which the Provider is subject, (iii) the performance of a task carried out in the public interest or in the exercise of official authority vested in the Provider, (iv) the reasons of public interest in the area of public health, (v) the archiving purposes in the public interest, scientific or historical research purposes or statistical purpose in so far as the right to be forgotten is likely to render impossible or seriously impair the achievement of the objectives of that processing, or (vi) the establishment, exercise or defense of legal claims.
Right to Personal Data portability. The Customer shall have the right to receive the Personal Data concerning him, and which the Customer has provided to the Provider, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the Provider to which the Personal Data has been provided. In exercising the Customer’s right to the Personal Data portability, the Customer shall have the right to have the Personal Data transmitted directly from one controller to another, where technically feasible.