Fitaino

🔒 Privacy policy

1. General

The following privacy information informs you about which personal data we collect and what happens to your personal data when you use the fitaino app or visit this website. Personal data is any data that can be used to personally identify you. Detailed information on data protection can be found in the following privacy policy.

Please note that data transmission over the Internet (e.g., when communicating via email) may have security vulnerabilities. Complete protection of data from access by third parties is not possible.

Responible company

K & O Software Solutions UG(haftungsbeschränkt)
Senkelteichstraße 11
32602 Vlotho
Germany
E-Mail: info@ko-software.solutions

Storage duration

Your personal data will remain with us until the purpose for data processing no longer applies. If you make a legitimate request for deletion or withdraw your consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g., retention periods under tax or commercial law); in the latter case, the data will be deleted once these reasons no longer apply.

General refers to the legal basis of data processing on this Website

In general, we process personal data on basis of the GDPR-Regulations of the european union.
If you have consented to this privacy policy, we process your personal data on the basis of Art. 6(1)(a) GDPR and, where special categories of data under Art. 9(1) GDPR are processed, on the basis of Art. 9(2)(a) GDPR. In the case of explicit consent to the transfer of personal data to third countries, data processing is also based on Art. 49(1)(a) GDPR. If you have consented to the storage of cookies or to access to information on your device (e.g., via device fingerprinting), data processing is additionally based on § 25(1) of the TTDSG (German Telecommunications-Telemedia Data Protection Act). Consent can be withdrawn at any time. If your data is required for the performance of a contract or for pre-contractual measures, we process your data on the basis of Art. 6(1)(b) GDPR. This is often the case with our services when you use our app or website, where contractual terms such as the general terms and conditions apply, or if you have entered into or are about to enter into a purchase agreement with us. Furthermore, we process your data if this is necessary to fulfill a legal obligation, based on Art. 6(1)(c) GDPR. Data processing may also be carried out on the basis of our legitimate interests pursuant to Art. 6(1)(f) GDPR. The specific legal basis applicable in each individual case is explained in the following sections of this privacy policy.

2. Data processing upon contact requests

If you contact us by email or telephone, your inquiry, including all resulting personal data (such as your name and the content of your inquiry), will be stored and processed by us for the purpose of handling your request. This data will not be shared with third parties without your consent.

The processing of this data is based on Art. 6(1)(b) GDPR if your inquiry is related to the fulfillment of a contract or is necessary for carrying out pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective handling of inquiries addressed to us (Art. 6(1)(f) GDPR) or on your consent (Art. 6(1)(a) GDPR), if this has been requested; consent can be withdrawn at any time.

The data you send to us via contact inquiries will remain with us until you request its deletion, revoke your consent to storage, or the purpose for data storage no longer applies (e.g., after your request has been fully processed). Mandatory legal provisions – in particular statutory retention periods – remain unaffected.

3. Data processing on this Website

Third-party-tools for analysing activity

When you visit the website, your browsing behavior may be statistically analyzed. This is primarily done using so-called analytics programs. Detailed information about these analytics programs can be found in the following privacy policy.

4. Data collection and processing in the app

Registration/Login-process

During the registration in the app(fitaino), we collect some basic information about you. In particular we collect:
- Date/time of the download/registration
- Name
- E-Mail-Adress
- Password(encrypted)
- Gender
- Height
- Weight
- Bodyfat
- Level of activity
- Your weight goal
- Food preference (e.g. vegan or vegetarian)
- Allergies

All data mentioned here is entered by you and is strictly necessary to ensure the proper functioning of the app. The data is used, for example, to provide suitable recipe recommendations (e.g., vegetarian or vegan) or to estimate calorie requirements. The data is stored in whole or in part in the United States.

If you signed in using the “Sign in with Google” function, we collect data from your Google account, such as your name and email address. If you signed in using the “Sign in with Apple” function, we only collect your email address, unless you choose to hide it from us.

Since the data is entered voluntarily and independently during the registration process, it is collected in accordance with Art. 6(1)(a) GDPR and, where applicable, in accordance with Art. 6(1)(b) GDPR. Pursuant to Art. 44 et seq. GDPR, appropriate safeguards for the processing of data in the USA (a third country) are in place in the form of the European Commission’s Standard Contractual Clauses.

More information:
https://policies.google.com/privacy
https://www.apple.com/de/legal/privacy

A prerequisite for completing the registration process is that you agree to our Terms and Conditions and this Privacy Policy.

Paid subscription

When using the app, the status of the subscription (active/inactive) and the type of subscription (monthly or yearly) are recorded. The payment process is handled via the Google Play Store or the Apple App Store and their respective payment functions.

This data is processed in accordance with Art. 6(1)(b) GDPR.

More information about privacy by the payment-processing third-parties:
https://policies.google.com/privacy
https://www.apple.com/de/legal/privacy

Data collection with logfiles

We collect certain data during the installation and use of the app in order to make the overall user experience more convenient. This data includes:
- Operating system
- Perhabs information about the device
- Country
- Login-information like e-mail, ID etc.
- IP-adress
- Timezone, aswell as time and date of app usage
- App-version

We use this data to improve our services, for example with regard to security. The processing of this data is therefore carried out in accordance with Art. 6(1)(f) GDPR. The collection of this data is strictly necessary and cannot be objected to.

Collected data within the ongoing use of the app

While you use the app, we collect certain data about you. This data includes:
General
- Language
- Units(kg/lbs and cm/inch/foot)
- Theme(Dark or light mode)
Nutrition
- Foods/groceries you tracked
- The time when foods are tracked
- Amount of water
- Calorie need
- Recipes, you create
- Foods/groceries, you create
- Barcodes of groceries, which you scan
- Supplements
Bodymeasurements
- Weight
- Bodyfat
- Chest
- Arms
- Legs
- And other (e.g. custom measurements)
Training
- Workout schedule, workouts and exercises, you create
- Which workout schedule you choose
- Data about specific workouts, like sets, reps, weight, duration, rest-time, date, notes
- Data about exercises, like weight, reps, when was the exercise done etc.

Almost all of the data mentioned is essential for the proper functioning of the app. The data is processed solely for the purpose of app usage and in your interest. For example, we use data from training sessions to provide you with recovery recommendations, or weight data to adjust your calorie needs. The data is processed and stored in whole or in part in the United States.

Since the data is entered voluntarily and independently, it is collected in accordance with Art. 6(1)(a) GDPR and, where applicable, in accordance with Art. 6(1)(b) GDPR. Pursuant to Art. 44 et seq. GDPR, appropriate safeguards for the processing of data in the USA (a third country) are in place in the form of the European Commission’s Standard Contractual Clauses.

5. Marketing and tools for analysing activity

We partially process your personal data to tailor and improve advertising and marketing. Furthermore, we use services to analyze, for example, user behavior or other details. Your personal data is processed exclusively to improve our services or for other purposes directly related to our services. In most cases, the data is evaluated and processed only in a statistical form.

Google Firebase

We use the service “Firebase,” which is offered by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland). Google Firebase collects various data on user behavior within the app and provides the ability to analyze this data. When your personal data is transferred to Firebase by us, it is usually processed and stored in the United States. We use Google Firebase, for example, to analyze user behavior or marketing campaigns. Firebase offers a wide range of features that are important for app developers. The collected data is primarily analyzed statistically, and information such as the number of users in the past month, the amount of time spent using specific features in the app, the number of app crashes, or other details is stored. We use this data to better tailor the app and marketing campaigns to our users.

We process this data based on our legitimate interest in accordance with Art. 6(1)(f) GDPR. Pursuant to Art. 44 et seq. GDPR, appropriate safeguards for the processing of data in the USA (a third country) are in place in the form of the European Commission’s Standard Contractual Clauses.

More information:
https://firebase.google.com/terms
https://firebase.google.com/support/privacy

Google Analytics

We use Google Analytics by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) to analyze your usage behavior on our website. In this process, your usage data along with your IP address is processed and stored in the USA. The IP address is generally shortened in a country within the EU before being transmitted to the USA.

We process this data based on our legitimate interest in accordance with Art. 6(1)(f) GDPR. Pursuant to Art. 44 et seq. GDPR, appropriate safeguards for the processing of data in the USA (a third country) are in place in the form of the European Commission’s Standard Contractual Clauses.

More information:
https://google.com/policies/privacy

Push-notifications

We notify you via so-called push notifications if you have given us your consent to do so. Android smartphones are generally set by default to receive all push notifications, which means Android users may receive push notifications from us even without explicit consent; however, these can be disabled in the smartphone’s settings. When sending push notifications, your name and usage behavior may be processed.

E-mail-marketing

We process data such as your email address, name, or date of birth for promotional emails in order to inform you about offers, etc. If you do not wish to receive such emails, you can unsubscribe by clicking on "I no longer wish to receive this type of promotional email" at the bottom of any promotional email you receive. We process this data based on your consent in accordance with Art. 6(1)(a) GDPR.

6. Your rights

Revocation of your consent for data processing

Many data processing operations are only possible with your explicit consent. You may revoke your consent at any time. The legality of the data processing carried out before the revocation remains unaffected by the revocation.

Right to Object to Data Collection in Specific Cases and to Direct Marketing (Art. 21 GDPR)

If the processing of your personal data is based on Art. 6(1)(e) or (f) GDPR, you have the right to object at any time, on grounds relating to your particular situation, to the processing of your personal data; this also applies to profiling based on these provisions. The relevant legal basis for the processing can be found in this privacy policy. If you object, we will no longer process your affected personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or the processing is for the establishment, exercise, or defense of legal claims (objection pursuant to Art. 21(1) GDPR). If your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for such marketing; this also applies to profiling insofar as it is related to such direct marketing. If you object, your personal data will no longer be used for direct marketing purposes (objection pursuant to Art. 21(2) GDPR).

Right to complain at the responsible supervisory authority

In the event of violations of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, place of work, or the place of the alleged infringement. The right to lodge a complaint exists without prejudice to any other administrative or judicial remedies.

Right of data portability

You have the right to receive data that we process automatically on the basis of your consent or in fulfillment of a contract, in a common, machine-readable format, either for yourself or for a third party. If you request the direct transfer of the data to another controller, this will only be done where technically feasible.

Information, deletion and correction

Within the scope of applicable legal provisions, you have the right at any time to obtain free information about your stored personal data, its origin and recipients, and the purpose of the data processing. You also have the right to request the correction or deletion of this data, if applicable. For this purpose, and for any further questions regarding personal data, you can contact us at any time.

Right to Restriction of Processing

You have the right to request the restriction of the processing of your personal data. You can contact us at any time to do so. The right to restrict processing applies in the following cases:
1. If you contest the accuracy of your personal data stored by us, we usually need time to verify this. For the duration of the verification, you have the right to request the restriction of the processing of your personal data.
2. If the processing of your personal data was/is unlawful, you may request the restriction of data processing instead of deletion.
3. If we no longer need your personal data, but you need it to exercise, defend, or assert legal claims, you have the right to request the restriction of the processing of your personal data instead of deletion.
4. If you have objected pursuant to Art. 21(1) GDPR, a balancing of your and our interests must be carried out. As long as it has not yet been determined whose interests prevail, you have the right to request the restriction of the processing of your personal data.
If you have restricted the processing of your personal data, such data – apart from being stored – may only be processed with your consent or for the establishment, exercise, or defense of legal claims, or for the protection of the rights of another natural or legal person, or for reasons of important public interest of the European Union or a Member State.
Source: www.e-recht24.de (Only some parts of this privacy policy)

An unhandled error has occurred. Reload 🗙