Cookies Policy

Cookies Policy

We use cookies on our website in compliance with Art. 6(1) f) of the GDPR. Our interest in improving our Services is recognized as legitimate in the aforementioned provision. Cookies are small files generated automatically by your browser and stored on your device (laptop, tablet, smartphone, etc.) when you use our Services. Cookies do not harm your device, and do not contain viruses, Trojans or other malware. Cookies contain information downloaded by the specific device. This does not mean, however, that we receive direct knowledge of your identity.  One purpose of cookies is to make it more convenient for you to use our Services. For example, we use session cookies to track your use of the individual pages of our website or when you have logged on to your customer account. When you use our Services again at a later time, the cookie automatically recognizes your previous visit to the website, as well as your input and settings, so that you do not have to enter them again. To make the site more user friendly, we also use temporary cookies, which are stored on your device for a predetermined period of time. These cookies are automatically deleted when you log off.

If you already have a customer account and are logged on, the information stored in the cookies are associated with that account.

Another reason we use cookies is to gather statistics on the use of our Services and evaluate them in order to optimize your experience and to display information tailored to you. These cookies allow us to automatically recognize that you have visited our site before. The cookies are automatically deleted after a predefined period. Most browsers accept cookies automatically. However, you can disable cookies on your browser or choose to be notified when a new cookie is created. However, disabling cookies completely may mean that not all features of our Services will be available to you. The storage period of cookies depends on their purpose and may vary.

Encharge

To design and continuously improve our customer engagement efforts in compliance with Art. 6(1) a) of the GDPR, we use the external service provider Encharge, str. Cherkovna 57, office 19, Sofia, Bulgaria, 1505 (hereinafter “Braze”).  We use Encharge to control our email marketing campaigns and to reach out to our registered users. For this purpose, when you set up an Fit Trainers account using our website, we send the following information to Encharge:

  • Name
  • Email address
  • Time zone
  • Device information (screen resolution, browser information and operating system)
  • IP address
  • Location
  • Language used

You can object to this data processing at any time by either clicking on the unsubscribe button of the respective newsletter or simply informing us that you no longer wish to have such processing in the future. Please use the contact options of our company data privacy officer for this purpose.

Sentry

We are constantly improving and developing our website to provide our users with the best possible customer experience. We use Sentry, an error tracking tool from Functional Software Inc., 132 Hawthorne St, San Francisco, CA 94107, USA (hereinafter “Sentry”) to improve the accessibility and technical stability of our website by monitoring system stability and detecting code errors. We may automatically send the following information to Sentry in the event of a software failure:

  • Device information (operating system, browser version, browser type)
  • The IP address of the device
  • Email
  • Name
  • Date and time of error

The legal basis of the aforementioned data processing is Art. 6(1) f) of the GDPR. There is no explicit analysis for advertising purposes in this process. The information is collected anonymously, is not used for personal reasons, and is subsequently deleted. This analysis helps us to continuously improve our website and fix hidden code errors. Such processing is in our legitimate interest because the data is used solely for identifying and analyzing errors. For more information on Sentry’s data processing and how it works, see Sentry’s privacy policy.

In the event that personal data is processed here, you can object to it at any time by simply informing us that you no longer wish to have such processing in the future. Please use the contact options of our company data privacy officer for this purpose.

Facebook Pixel

To set up, continuously improve, and track the conversion of our Facebook campaigns as required, in compliance with Art. 6(1) f) of the GDPR, we use the individual visitor action pixel of Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (hereinafter “Facebook”). This pixel is integrated into our website’s code. This helps us ensure that the Facebook ads we initiate are only displayed to Facebook users who have shown interest in our Services. In this way we know that our Facebook ads correspond to the potential interest of the respective users and not bothering them. It also allows us to track the actions of Facebook users after they have viewed or clicked on one of our Facebook ads. At the same time, it helps us track the conversion of the respective campaign for statistical, market-research and billing purposes. The following information is collected during its use:

  • Time stamp
  • URL
  • Campaign-related information (particularly impression, form field and activated button specifications)

Information collected in this way is anonymous to us and therefore does not provide us with any information about the identity of the respective user. Such processing for behavioral and interest-based advertising purposes is recognized as in our legitimate interest under Recital 47 of the GDPR. The data is stored in accordance with the legally established retention periods and then automatically deleted.

You should be aware that when you log on after placing the pixel on your Facebook account, or you visit our website while logged on, Facebook may store and process this information. Facebook can connect this data with your Facebook account and use it for its own advertising purposes, in accordance with Facebook’s data policy. You can find more information about the Facebook pixel here. You can enable Facebook and its partners to display ads on and off Facebook. You can object to this special data processing at any time by changing your Facebook settings accordingly or by simply informing us that you no longer want this processing in the future. Please use the contact options for our company’s data privacy officer for this purpose. Please be aware that the objection only applies to the device being used in each case. For further information, see the Facebook Privacy Policy and information on protecting your personal privacy.

Facebook Custom Audiences

To optimize targeting and track the conversion of our Facebook campaigns, in compliance with Art. 6(1) a) of the GDPR, we use the option of developing Facebook lookalike audiences offered to us by Facebook. You can find more information about theFacebook Lookalike Audiences here.

The data processing for advertising on the basis of behaviour and interests is recognized as in our legitimate interest under Recital 47 of the GDPR. If you belong to the Facebook Lookalike Audience, we send your email address and your device’s ID to Facebook. You can object to this special data processing at any time by changing your Facebook settings or simply inform us that you no longer want this processing in the future. Please use the contact options for our company’s data privacy officer for this purpose.

Facebook Login

We allow you to sign up for and log on to our Services via the Login with Facebook feature. This replaces the otherwise necessary registration. To log in you are redirected to the Facebook server, where you sign on using your user information. This links your Facebook profile to our Services. By using this simplified login feature, you give us your consent to use the following information from your publicly visible profile:

  • Name
  • Location
  • Birth date
  • Gender
  • Email address
  • Time zone
  • Friends or
  • Profile photo

The legal basis of the aforementioned data processing is Art. 6(1) a) of the GDPR and Art. 9(2) a) of the GDPR. The purpose of the data collection above is the simplified login and the establishment and fulfilment of an agreement. This information is required for the conclusion of the agreement in order to be able to identify it. For the purpose and scope of Facebook’s data collection and the further processing and use of the information, as well as the associated rights and setting options to protect your privacy, please consult the Facebook privacy information.

Pinterest Tag

To set up, continuously improve, and track the conversion of our Pinterest campaigns as required, in compliance with Art. 6(1) f) of the GDPR, we use a Pinterest Tag, an individual code snippet, from Pinterest Inc., 635 High Street, Palo Alto, CA, USA, (hereinafter “Pinterest”), which is integrated in our website. This helps us ensure that the Pinterest ads we initiate are only displayed to Pinterest users who have shown interest in our Services. In this way we know that our Pinterest ads correspond to the potential interest of the respective users and not bothering them. It also allows us to track the actions of Pinterest users after they have viewed or clicked on one of our Pinterest ads. At the same time, it helps us track the conversion of the respective campaign for statistical, market-research and billing purposes. The following information is collected during its use:

  • Device information (e.g. type, brand)
  • Device operating system (e.g. iOS 11),
  • IP address of the device
  • Date and time our Services are accessed
  • Type of campaign and content
  • Response to the respective campaign (e.g. clicking on a button)

Information collected in this way is anonymous to us and therefore does not provide us with any information about the identity of the respective user. Such processing for behavioral and interest-based advertising purposes is recognized as in our legitimate interest under Recital 47 of the GDPR. The data is stored in accordance with the legally established retention periods and then automatically deleted.

When you log in to your Pinterest account after visiting our website while logged on, Pinterest might store and process this information, which is why we would like to inform you about this. Pinterest can link this data with your Pinterest account and use it for its own advertising purposes. You can read more about Pinterest’s data policy here. You can object to this special data processing at any time by disabling the relevant settings in your Pinterest account under “Personalization” or enabling the “Do not track” setting in your browser.

Taboola

In compliance with Art. 6(1) f) of the GDPR, we use an individual pixel from Taboola Inc., Oneustonsq, 40 Melton Street, 13th Floor, London, NW1 2FD OR 28 West 23rd St. 5th fl., New York, NY 10010 (hereinafter “Taboola”). This allows us to optimize our marketing campaigns, and customize them as much as possible to the personal interests of the target audience. It permits us to adapt our approach to their specific behaviours and interests. Ultimately, we are able to track the conversion of the respective campaign. For this purpose, the following information is processed:

  • Device information (operating system, browser version)
  • The (truncated) IP address of the device
  • Browser type

This information is combined by Taboola into a user profile using pseudonyms. These user profiles are not merged with information about the bearer of the pseudonym and do not allow any conclusions to be drawn about your personal data. Data processed in this way to optimize the behavioral and interest-based marketing of our Services is considered to be in our legitimate interest. The information is stored in compliance with the legally established retention periods and then automatically deleted. You can find more information about Taboola’s data privacy policy here. You may object to this data processing at any time by clicking on the following opt-out link here.

Snowplow

For the custom design and continuous improvement of our Services, in compliance with Art. 6(1) f) of the GDPR, we use Snowplow open-source analytics of Snowplow Analytics Ltd., the Roma Building, 32-38 Scrutton Street EC2A 4RQ London, UK (hereinafter “Snowplow”). It is installed on our own servers. The following information is sent only to our webhost:

  • Device information (e.g. type, brand)
  • Operating system (e.g. iOS 11),
  • Provider name (e.g. Vodafone),
  • Events in the app and the use of individual features, such as your personal training plan, the activities you enter, access to recipes, or the period of use.

Data processed in this way to optimize our Services is considered to be in our legitimate interest. The information is stored in compliance with the legally established retention periods and then automatically deleted. You can object to this processing at any time by simply informing us that you no longer wish to have such processing in the future. Please use the contact options of our company data privacy officer for this purpose.

Google Analytics

For the custom design and continuous improvement of our Services, in compliance with Art. 6(1) f) of the GDPR, we use the web analytics service of Google Analytics of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter “Google”). Using cookies, Google creates pseudonymised user profiles. The information generated by the cookies for users includes:

  • Browser type/version
  • Operating system
  • Referrer URL (previously visited page)
  • Host name of the accessing computer (IP address)
  • Time of the server request

This information is sent to a Google server in the U.S. and stored there. The information is used to evaluate the use of our Services, to compile reports on the activities, and to provide other related services for purposes of market research and customized design. This information may also be sent to third parties if required by law or if third parties process this data on behalf of Google. Under no circumstances will your IP address be merged with any other Google data. The IP addresses are anonymised so that assignment is not possible (IP masking).

You can prevent the installation of the cookies in advance by configuring your browser software accordingly or object to the continued processing of your data with the cookies by clicking on the opt-out link. Please note that if you disable cookies, it will not be possible to fully take advantage of all of the features of our Services. You can also prevent Google from collecting and processing the data generated by the cookies and related to your usage (including your IP address) by downloading and installing this browser add-on. On mobile devices, we recommend using private mode. You can find more information on protecting your privacy in relation to Google Analytics on the Google Analytics website.

Google Tag Manager

We manage website tags (website code) with Google Tag Manager. These tags helps us manage and continuously improve our Services and reduce your loading time. Google Tag Manager only implements website code. Google Tag Manager itself does not generate cookies or collect any personal information. It merely integrates website code that we have stored elsewhere that may be used to collect data. It is therefore only used to facilitate the management of the respective code, but does not itself access the data processed by the code. In this privacy policy, we inform you about all tags that are integrated in this way. Consult the relevant Google pages for more information about Google Tag Manager and user guidelines.

Stripe Payment Service

For the fulfillment of the agreement and to process payments in particular, in compliance with Art. 6(1) a) and b) GDPR, we send your name and email address to our payment processor Stripe Payments Europe Ltd., Block 4, Harcourt Centre, Harcourt Road, Dublin 2, Ireland (hereinafter “Stripe”). By using Stripe’s library, the information entered during the ordering process (e.g. address, account number, bank code, credit card number, invoice amount, currency and transaction number) will not be processed by us but sent directly to Stripe by your browser. The information is used by Stripe exclusively for the implementation and realization of the payment process and is securely transmitted via SSL encryption. Stripe is certified by PCI DSS. Stripe may transmit, process and store personal information outside of the EU. You can find detailed information on the Stripes privacy policy at this Link.

Mobile App

Adjust

For the custom design and continuous improvement of our App, and for purposes of our own market research, we use the Adjust usage analytical tool of Adjust GmbH, Saarbrücker Str. 36, 10405 Berlin (hereinafter “Adjust”). We use Adjust to help us understand how our users find us and install our app. If you click on a link operated by Adjust, it will take you to the App Store via an Adjust server. Here, Adjust processes anonymous IP and MAC addresses, as well as the associated installation and event data. It is not possible for us or for Adjust to draw conclusions about an individual. The information collected in this way is used solely for the aforementioned evaluation purposes, specifically to analyse the feature and the use of the app by creating anonymous evaluations and graphics on the number of visits, the number of pages viewed per user, etc.

Apple Health Kit und Google Fit

To improve fitness tracking and health management, you have the option of transmitting the data collected by our Services via the interface provided by the respective providers into the Apple Health Kit or the Google Fit app. This only happens if you explicitly agree to the process via your device settings. If you consent to this transfer, we store the following personal data on our servers:

  • Start time of the steps taken
  • Distance in meters of the steps taken
  • Number of steps taken

We have no control over nor are we aware of how the health information is used in the Apple HealthKit or the Google Fit app. You can object to the processing of this data anytime by disabling the feature in your device settings. Before enabling the respective feature, we recommend reading the privacy policy of Apple or Google.

Sentry

We want to provide our users with the best possible customer experience, which is why we are constantly improving and developing our app through updates. Before each release, it is thoroughly tested. We use the Sentry error analysis tool from Functional Software Inc., 132 Hawthorne St, San Francisco, CA 94107, USA (hereinafter “Sentry”), to improve the accessibility and technical stability of our app, monitor system stability and identify code errors. We may automatically send the following information to Sentry in the event of a software failure:

  • Device information (type, brand, operating system, browser version, browser type),
  • The IP address of the device
  • Name and
  • Date and time of the error

The legal basis of the aforementioned data processing is Art. 6(1) f) of the GDPR. There is no explicit analysis for advertising purposes in this process. The information is collected anonymously, is not used for personal reasons, and is subsequently deleted. This analysis helps us to continuously improve our app and fix hidden code errors. Such processing is in our legitimate interest because the data is used solely for identifying and analyzing errors. For more information on Sentry’s data processing and how it works, see Sentry’s Privacy Policy.

In the event that personal data is processed here, you can object to it at any time by simply informing us that you no longer wish to have such processing in the future. Please use the contact options of our company data privacy officer for this purpose.

Snowplow

For the custom design and continuous improvement of our app, in compliance with Art. 6(1) f) of the GDPR, we use Snowplow open-source analytics. It is installed on our own servers. The following information is sent only to our webhost:

  • Device information (e.g. type, brand, operating system, browser version, browser type, etc.)
  • Operating system (e.g. iOS 11),
  • Provider name (e.g. Vodafone),
  • Events in the app and the use of individual features,, such as your personal training plan, the activities you enter, access to recipes, or the period of use.

Data processed in this way to optimize our app is considered to be in our legitimate interest. The information is stored in compliance with the legally established retention periods and then automatically deleted. You can object to this processing at any time by simply informing us that you no longer wish to have such processing in the future. Please use the contact options of our company data privacy officer for this purpose.

Amplitude

For the custom design and continuous improvement of our app, in compliance with Art. 6(1) f) of the GDPR, we use the Amplitude analytical tool of Amplitude Analytics Inc., 501 2nd Street Suite 100, San Francisco, California 94107, USA (hereinafter “Amplitude”). This tool helps us to better understand the behaviour of our users and gain insight on where improvements can be made. For this purpose, we use the Amplitude library, which collects the following data:

  • Device information (type, brand, operating system)
  • The IP address of the device
  • Name of provider (e.g. Vodafone),
  • Interaction with the app
  • Name
  • Email
  • Age
  • Weight
  • Height
  • Gender

User profiles may be created from this information, which we use exclusively for the aforementioned purpose. You can object to this processing at any time by simply informing us that you no longer wish to have such processing in the future. Please use the contact options of our company data privacy officer for this purpose. You can find more information about data processing by Amplitude here. You can also send your questions directly to the Amplitude data privacy officer at: contact@amplitude.com.

Facebook Login

We allow you to sign up for and log on to our app via the Facebook Login feature. This replaces the otherwise necessary registration. To log in you are redirected to the Facebook server, where you sign on using your user information. This links your Facebook profile to our Services. By using this simplified login feature, you give us your consent to use the following information from your publicly visible profile:

  • Name
  • Location
  • Birth date
  • Gender
  • Email address
  • Time zone
  • Friends
  • Profile photo

The legal basis of the aforementioned data processing is Art. 6(1) a) of the GDPR and Art. 9(2) a) of the GDPR. The purpose of the data collection above is the simplified login and the establishment and fulfilment of an agreement. This information is required for the conclusion of the agreement in order to be able to identify it. For the purpose and scope of Facebook’s data collection and the further processing and use of the information, as well as the associated rights and setting options to protect your privacy, please consult the Facebook privacy information.

Push Notifications per Braze

To customize the design and continuously improve the individual user experience of our Services, we manage push notifications through the external service provider Braze, 318 W 39th St, 10018 New York City, USA (hereinafter “Braze”). Braze is a technical support tool with which we automatically send or receive the following information:

  • Device type (e.g. iPhone 8)
  • IP address
  • Location
  • Language used
  • Time zone
  • Operating system (e.g. iOS 11)
  • Email address
  • Birth date
  • Status of any subscription
  • Gender
  • Events generated by the app, performance metrics, performance and usage data

When you allow the app to send you push notifications, you consent to the collection of the aforementioned data in the manner described herein. The collection of the data therefore complies with Art. 6(1) a) of the GDPR. You may object to the data collection at any time by disabling the push notifications in your device settings or by simply informing us that you no longer wish to have such processing in the future. Please use the contact options of our company data privacy officer for this purpose.

Recipients outside the EU

As indicated above under 3.4 and 3.5, data may also be sent to recipients located outside the European Union or the European Economic Area. This applies in particular to the aforementioned processing of analysis and/or targeting technologies, which can result in data transmission to the servers of the service providers. Other recipients may be affiliated service providers that we need in order to provide our services, e.g. hosts, CRM tools, analytical service providers. These servers may be outside the EU, especially in the US.

Last modified date: May 24, 2018


>