1.1 We are pleased that you are using our application (hereinafter "App"). In the following, we inform you about the handling of your personal data when using our App. Personal data is any data that can be used to personally identify you.
1.2 The controller for data processing regarding this App within the meaning of the General Data Protection Regulation (GDPR) is Tobias Schiek, Nutzung 17, 09353 Oberlungwitz, Germany, Tel.: 01607657753, E-Mail: tobias.schiek@gmail.com. The controller responsible for the processing of personal data is the natural or legal person who alone or jointly with others determines the purposes and means of processing personal data.
1.3 For security reasons and to protect the transmission of personal data and other confidential content (e.g. orders or inquiries to the controller), this App uses SSL or TLS encryption. You can recognize an encrypted connection by the character string "https://" and the lock symbol in your browser line.
When you download our mobile app via an app store, the required information is transmitted to the app store, in particular the username, email address and customer number of your account, time of download, payment information and the individual device identifier. We have no influence on this data collection and are not responsible for it. We only process the data to the extent necessary for downloading the mobile app to your mobile device.
When using our mobile app, we collect the personal data described below to enable comfortable use of the function. If you want to use our mobile app, we collect the following data that is technically required for us to offer you the functions of our mobile app and to ensure stability and security:
The processing is carried out in accordance with Art. 6 para. 1 lit. f GDPR on the basis of our legitimate interest in improving the stability and functionality of our App. The data is not shared or used for other purposes. However, we reserve the right to review the aforementioned log files retrospectively if concrete indications of unlawful use arise.
Furthermore, we require your unique device number (IMEI = International Mobile Equipment Identity), unique subscriber number (IMSI = International Mobile Subscriber Identity), mobile phone number (MSISDN), possibly MAC address for WLAN use and the name of your mobile device.
When contacting us (e.g. via contact form or email), personal data is collected. Which data is collected when using a contact form can be seen from the respective contact form in the App. This data is stored and used exclusively for the purpose of answering your inquiry or for contact and the associated technical administration. The legal basis for processing this data is our legitimate interest in answering your inquiry in accordance with Art. 6 para. 1 lit. f GDPR. If your contact aims at concluding a contract, the additional legal basis for processing is Art. 6 para. 1 lit. b GDPR. Your data will be deleted after final processing of your inquiry. This is the case when it can be inferred from the circumstances that the matter in question has been conclusively clarified and provided that no legal retention obligations conflict with this.
- Apple Pay
If you choose the payment method "Apple Pay" from Apple Distribution International (Apple), Hollyhill Industrial Estate, Hollyhill, Cork, Ireland, payment processing is carried out via the "Apple Pay" function of your device running iOS, watchOS or macOS by charging a payment card stored with "Apple Pay". Apple Pay uses security features that are integrated into the hardware and software of your device to protect your transactions. To authorize a payment, it is therefore necessary to enter a code previously set by you and verification using the "Face ID" or "Touch ID" function of your device.
For the purpose of payment processing, your information provided during the ordering process along with information about your order is transmitted to Apple in encrypted form. Apple then encrypts this data again with a developer-specific key before the data is transmitted to the payment service provider of the payment card stored in Apple Pay to carry out the payment. The encryption ensures that only the website through which the purchase was made can access the payment data. After the payment has been made, Apple sends your device account number and a transaction-specific, dynamic security code to the original website to confirm the payment success.
Insofar as personal data is processed in the described transmissions, the processing takes place exclusively for the purpose of payment processing in accordance with Art. 6 para. 1 lit. b GDPR.
Apple stores anonymized transaction data, including the approximate purchase amount, approximate date and time, and whether the transaction was successfully completed. Anonymization completely excludes personal reference. Apple uses the anonymized data to improve "Apple Pay" and other Apple products and services.
When you use Apple Pay on iPhone or Apple Watch to complete a purchase you made via Safari on Mac, the Mac and the authorization device communicate via an encrypted channel on Apple servers. Apple does not process or store any of this information in a format that could identify you. You can disable the ability to use Apple Pay on your Mac in your iPhone settings. Go to "Wallet & Apple Pay" and disable "Allow Payments on Mac".
Further information on data protection with Apple Pay can be found at the following internet address: https://support.apple.com
You can register in our App by providing personal data. Which personal data is processed for registration can be seen from the input mask used for registration. We use the so-called double opt-in procedure for registration, i.e. your registration is only completed when you have previously confirmed your registration via a confirmation email sent to you for this purpose by clicking on the link contained therein. If your confirmation does not occur within 24 hours, your registration will be automatically deleted from our database. The provision of the aforementioned data is mandatory. You can provide all other information voluntarily by using our portal.
When you use our App, we store your data required for contract fulfillment, including any payment method information, until you permanently delete your access. Furthermore, we store the data you voluntarily provide for the duration of your use of the portal, unless you delete it beforehand. You can manage and change all information in the protected customer area. The legal basis is Art. 6 para. 1 lit. f GDPR.
In addition, we store all content published by you (such as public posts, wall entries, guestbook entries, etc.) to operate the App. We have a legitimate interest in providing the App with complete user-generated content. The legal basis for this is Art. 6 para. 1 lit. f GDPR. If you delete your account, your statements published especially in the forum remain visible to all readers, but your account is no longer accessible. All other data will be deleted in this case.
You can register to receive our push notifications. You will regularly receive information about our offered services via our push notifications.
To register, you must confirm receipt of notifications or allow it in your operating system settings. This process is documented and stored. This includes storing the registration time and your device identification. The collection of this data is necessary so that we can display the push notifications on the one hand and on the other hand can trace the processes in case of misuse and therefore serves our legal protection. The processing of this data is based on Art. 6 para. 1 lit. a GDPR.
You can revoke your consent to the storage and use of your personal data for receiving our push notifications and the statistical collection described above at any time with effect for the future. For the purpose of revoking consent, you can unsubscribe from the setting provided for receiving push notifications in your App settings in your operating system.
Your data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. Your data will therefore be stored as long as the subscription to our push notifications is active.
Our App uses various services from Google Firebase, a web service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google").
Firebase Analytics
We use Firebase Analytics to analyze the usage of our App. The following data is processed:
- Device information (device type, operating system, app version)
- Usage statistics (page views, dwell time, functions used)
- Unique advertising ID of the device
- IP address (shortened)
- Approximate location data at country/city level
Firebase Hosting/Database
For the technical provision of our App content, we use Firebase Hosting and Firebase Realtime Database. Technical log data is processed as described in Section 2.
The processing is based on our legitimate interest in optimizing our App and improving user-friendliness in accordance with Art. 6 para. 1 lit. f GDPR.
You can deactivate collection by Firebase Analytics by selecting the corresponding option in our App settings or by resetting the advertising ID in your device settings.
Google may process your data in the USA. Google is certified under the EU-US Data Privacy Framework.
Further information can be found in Google's privacy policy: https://policies.google.com/privacy
To improve the stability and performance of our App, we use Google Firebase Crashlytics, a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Processed data:
- Crash and error reports
- Device and system information (device type, operating system version, available memory)
- App version information
- Crash timestamp
- Unique installation ID (not a personal identifier)
- Custom Keys and Logs (if implemented by us)
Purpose of processing:
Crashlytics helps us identify and fix crashes and errors in our App to improve the quality and stability of the App.
The processing is based on our legitimate interest in providing a stable and functional App in accordance with Art. 6 para. 1 lit. f GDPR.
Crashlytics data is automatically collected. You can deactivate data collection in our App settings.
Google may process your data in the USA. Google is certified under the EU-US Data Privacy Framework.
Further information about Crashlytics can be found here: https://firebase.google.com/support/privacy
Our App offers you the possibility to sign in with your Apple ID. This service is provided by Apple Inc., One Apple Park Way, Cupertino, CA 95014, USA, or for users in the EU by Apple Distribution International Ltd., Hollyhill Industrial Estate, Hollyhill, Cork, Ireland.
Data processed during sign-in:
Unique user ID from Apple (not your Apple ID)
Name (if shared by you)
Email address (your real email or an anonymous email address provided by Apple)
Verification status of your email address
Purpose of processing:
The data is used to create and manage your user account in our App as well as for authentication during
future sign-ins.
Your control over the data:
- You can choose whether you want to share your real name
- You can choose whether you want to use your real email address or an anonymous email address created by Apple
- Apple does not share your Apple ID with us
The processing is carried out to fulfill the usage contract in accordance with Art. 6 para. 1 lit. b GDPR.
You can revoke your consent to data use at any time in your Apple ID settings under "Password & Security" > "Apps using your Apple ID".
Apple may process your data in the USA. Apple relies on adequacy decisions of the EU Commission and other appropriate safeguards for international data transfers.
Further information can be found in Apple's privacy policy: https://www.apple.com/de/privacy/
10.1 The applicable data protection law grants you comprehensive rights as a data subject (information and intervention rights) against the controller regarding the processing of your personal data, about which we inform you below:
10.2 RIGHT TO OBJECT
IF WE PROCESS YOUR PERSONAL DATA BASED ON OUR OVERRIDING LEGITIMATE INTEREST AS PART OF A BALANCING OF INTERESTS, YOU HAVE THE RIGHT AT ANY TIME TO OBJECT TO THIS PROCESSING FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION WITH EFFECT FOR THE FUTURE.
IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL END THE PROCESSING OF THE AFFECTED DATA. HOWEVER, FURTHER PROCESSING REMAINS RESERVED IF WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR PROCESSING THAT OUTWEIGH YOUR INTERESTS, FUNDAMENTAL RIGHTS AND FREEDOMS, OR IF THE PROCESSING SERVES THE ESTABLISHMENT, EXERCISE OR DEFENSE OF LEGAL CLAIMS.
IF YOUR PERSONAL DATA IS PROCESSED BY US TO CONDUCT DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR THE PURPOSE OF SUCH ADVERTISING. YOU CAN EXERCISE THE OBJECTION AS DESCRIBED ABOVE.
IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL END THE PROCESSING OF THE AFFECTED DATA FOR DIRECT MARKETING PURPOSES.
The duration of storage of personal data is measured by the respective legal basis, the processing purpose and - if applicable - additionally by the respective statutory retention period (e.g. commercial and tax law retention periods).
When processing personal data on the basis of explicit consent according to Art. 6 para. 1 lit. a GDPR, the affected data is stored until you withdraw your consent.
If statutory retention periods exist for data that is processed within the framework of legal or quasi-legal obligations on the basis of Art. 6 para. 1 lit. b GDPR, this data is routinely deleted after expiration of the retention periods, provided it is no longer required for contract fulfillment or contract initiation and/or we have no legitimate interest in continued storage.
When processing personal data on the basis of Art. 6 para. 1 lit. f GDPR, this data is stored until you exercise your right to object according to Art. 21 para. 1 GDPR, unless we can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or the processing serves the establishment, exercise or defense of legal claims.
When processing personal data for the purpose of direct marketing on the basis of Art. 6 para. 1 lit. f GDPR, this data is stored until you exercise your right to object according to Art. 21 para. 2 GDPR.
Unless otherwise stated in the other information in this declaration about specific processing situations, stored personal data is otherwise deleted when it is no longer necessary for the purposes for which it was collected or otherwise processed.