Your privacy is important to us. It is OMY! SportTech UG (haftungsbeschränkt)'s policy to respect your privacy regarding any information we may collect from you within our OMY! Sports app and its associated services such as website, web application and external online presences, such as our social media profiles. With regard to the terms used, such as "processing" or "controller", we refer to the definitions in Art. 4 of the General Data Protection Regulation (GDPR).Responsible
OMY! Sports UG
CEO: Oleg Mazurov1. Information we collectLog data
When you access our servers via OMY! Sports, we may automatically log the standard usage data provided by your device. This data may include your device's Internet Protocol (IP) address, your device type and version, your activity within the app, time and date, and other details.
Additionally, when you encounter certain errors while using the app, we automatically collect data about the error and the circumstances surrounding its occurrence. This data may include technical details about your device, what you were trying to do when the error happened, and other technical information that may have contributed to the problem.Device data
Our app may also access and collect data via your device's in-built tools, such as:
- Your identity
- Background data refresh
What we collect can depend on the individual settings of your device and the permissions you grant when you install and use the app.Personal information
We may ask for personal information, such as your:
- Social media profiles
Business data refers to data that accumulates over the normal course of operation on our platform. This may include transaction records, stored files, user profiles, analytics data and other metrics, as well as other types of information, created or generated, as users interact with our services.2. Legal bases for processing
We take appropriate technical and organizational measures to ensure a level of protection appropriate to the risk in accordance with Article 32 of the GDPR, taking into account the state of the art, the costs of implementation and the nature, scope, circumstances and purposes of the processing, as well as the varying likelihood and severity of the risk to the rights and freedoms of natural persons. The measures include, in particular, safeguarding the confidentiality, integrity and availability of data by controlling physical access to the data, as well as access to, entry into, disclosure of, assurance of availability of and segregation of the data. Furthermore, we have established procedures to ensure the exercise of data subjects' rights, deletion of data, and response to data compromise. Furthermore, we already take the protection of personal data into account during the development or selection of hardware, software and processes, in accordance with the principle of data protection through technology design and through data protection-friendly default settings (Article 25 of the GDPR).
We will process your personal information lawfully, fairly and in a transparent manner. We collect and process information about you only where we have legal bases for doing so.
These legal bases depend on the services you use and how you use them, meaning we collect and use your information only where:
- it's necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract (for example, when we provide a service you request from us);
- it satisfies a legitimate interest (which is not overridden by your data protection interests), such as for research and development, to market and promote our services, and to protect our legal rights and interests;
- you give us consent to do so for a specific purpose (for example, you might consent to us sending you our newsletter); or
- we need to process your data to comply with a legal obligation.
Where you consent to our use of information about you for a specific purpose, you have the right to change your mind at any time (but this will not affect any processing that has already taken place).
We don't keep personal information for longer than is necessary. While we retain this information, we will protect it within commercially acceptable means to prevent loss and theft, as well as unauthorized access, disclosure, copying, use or modification. That said, we advise that no method of electronic transmission or storage is 100% secure and cannot guarantee absolute data security. If necessary, we may retain your personal information for our compliance with a legal obligation or in order to protect your vital interests or the vital interests of another natural person.3. Collection and use of information
We may collect, hold, use and disclose information for the following purposes and personal information will not be further processed in a manner that is incompatible with these purposes:
4. Disclosure of personal information to third parties
- for technical assessment, including to operate and improve our app, associated applications and associated social media platforms;
- to provide you with our app and platform's core features;
- to contact and communicate with you;
- for internal record keeping and administrative purposes;
- for analytics, market research and business development, including to operate and improve our app, associated applications and associated social media platforms; and
- for advertising and marketing, including to send you promotional information about our products and services and information about third parties that we consider may be of interest to you.
We may disclose personal information to:
- third party service providers for the purpose of enabling them to provide their services, including (without limitation) IT service providers, data storage, hosting and server providers, ad networks, analytics, error loggers, debt collectors, maintenance or problem-solving providers, marketing or advertising providers, professional advisors and payment systems operators; and
- our employees, contractors and/or related entities.
If, in the course of our processing, we disclose data to other persons and companies (order processors or third parties), transmit it to them or otherwise grant them access to the data, this will only be done on the basis of a legal permission (e.g. if a transmission of the data to third parties, such as to payment service providers, is necessary for the performance of the contract pursuant to Art. 6 (1) lit. b DSGVO), you have consented, a legal obligation provides for this or on the basis of our legitimate interests (e.g. when using agents, web hosts, etc.). If we commission third parties to process data on the basis of a so-called "order processing agreement", this is done on the basis of Art. 28 DSGVO.5. International transfers of personal information
The personal information we collect is stored and processed in Germany, or where we or our partners, affiliates and third-party providers maintain facilities. By providing us with your personal information, you consent to the disclosure to these overseas third parties.
If we process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or if this happens in the context of using third-party services or disclosing, or transferring data to third parties, this will only happen if it is done to fulfill our (pre)contractual obligations, on the basis of your consent, due to a legal obligation or on the basis of our legitimate interests. Subject to legal or contractual permissions, we process or allow the processing of data in a third country only if the special requirements of Art. 44 et seq. DSGVO are met. This means that the processing is carried out, for example, on the basis of special guarantees, such as the officially recognized determination of a level of data protection that corresponds to the EU (e.g. for the USA by the "Privacy Shield") or compliance with officially recognized special contractual obligations (so-called "standard contractual clauses").
We will ensure that any transfer of personal information from countries in the European Economic Area (EEA) to countries outside the EEA will be protected by appropriate safeguards, for example by using standard data protection clauses approved by the European Commission, or the use of binding corporate rules or other legally accepted means.
Where we transfer personal information from a non-EEA country to another country, you acknowledge that third parties in other jurisdictions may not be subject to similar data protection laws to the ones in our jurisdiction. There are risks if any such third party engages in any act or practice that would contravene the data privacy laws in our jurisdiction and this might mean that you will not be able to seek redress under our jurisdiction's privacy laws.6. Collection and use of activity data
You can choose to upload activities (e.g., runs, walks, bike rides, swims, hikes, gym activities, etc.) and activity data (e.g., steps, distance, pace, activity time, calories burned, heart rate, sleep, location, etc.) from your device to your OMY! Sports account. You can use your device without providing your consent to upload your activities to OMY! Sports. If you choose to upload your activities to OMY! Sports, you are fully aware that that no other customers can see your activity data in your OMY! Sports account. Your activity data is only available for OMY! Sports.
PURPOSES AND LEGAL GROUND:
(a) OMY! Sports processes your activity data, if you choose to upload it to OMY! Sports, to enable you to analyze your activity data, identify any devices used to collect data during the activity, see your location on your activity course and segment maps, see your heart rate related metrics such as stress score, track your fitness goals, and others. The legal ground for this processing is your explicit consent, which you can withdraw at any time within your OMY! Sports account.
(b) If you choose to upload activity data (such as steps, distance, pace, activity time, calories burned, heart rate, etc.) from your device to your OMY! Sports account you will be provided with updated training plan based upon analysis of uploaded activity data and identified plan-fact gaps and motivational messages, information and links to articles that may be of interest to you based upon analysis results and OMY! Sports training recommendations. The legal ground for processing this data for this purpose is your explicit consent, which you can withdraw at any time within your OMY! Sports account.
(c) OMY! Sports also processes your activity data, if you choose to upload it to OMY! Sports, in an aggregated manner to analyze usage and trends and develop or improve features and services. The legal ground for this processing is OMY! Sports's legitimate interest in providing relevant and quality features and services.
(d) If you choose to upload your activity data to OMY! Sports and you are opted in to product improvement, OMY! Sports will process your activity data uploaded to your account for research and development purposes internally to help us build better and more relevant OMY! Sports products and services. The legal ground for processing this data for this purpose is your explicit consent, which you can withdraw at any time within your OMY! Sports account.7. Your rights and controlling your personal information
Choice and consent:
Information from third parties:
- If you are a third party providing personal information about somebody else, you represent and warrant that you have such person's consent to provide the personal information to us.
- When you register through a third party account (such as Apple, Google or Facebook), we receive Information which may include your name, username, email address, and profile picture. We use this information for authentication (email as a primary ID of your account) and for your identification for our coaches (so they may see your name and a picture). We store this information in our internal database. We don't share this information to any third party.
You may choose to restrict the collection or use of your personal information. If you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time by contacting us using the details below. If you ask us to restrict or limit how we process your personal information, we will let you know how the restriction affects your use of our app or products and services.
Access and data portability:
You may request details of the personal information that we hold about you. You may request a copy of the personal information we hold about you. Where possible, we will provide this information in CSV format or other easily readable machine format. You may request that we erase the personal information we hold about you at any time. You may also request that we transfer this personal information to another third party.
Correction: If you believe that any information we hold about you is inaccurate, out of date, incomplete, irrelevant or misleading, please contact us using the details below. We will take reasonable steps to correct any information found to be inaccurate, incomplete, misleading or out of date.
Notification of data breaches: We will comply with laws applicable to us in respect of any data breach.
Complaints: If you believe that we have breached a relevant data protection law and wish to make a complaint, please contact us using the details below and provide us with full details of the alleged breach. We will promptly investigate your complaint and respond to you, in writing, setting out the outcome of our investigation and the steps we will take to deal with your complaint. You also have the right to contact a regulatory body or data protection authority in relation to your complaint.
To unsubscribe from our e-mail database or opt-out of communications (including marketing communications), please contact us using the details below or opt-out using the opt-out facilities provided in the communication.
A cookie is a small piece of data that an app may store on your device, typically containing a unique identifier that allows the app servers to recognize your device when you use the app; information about your account, session and/or device; additional data that serves the purpose of the cookie, and any self-maintenance information about the cookie itself.
If we or our assets are acquired, or in the unlikely event that we go out of business or enter bankruptcy, we would include data among the assets transferred to any parties who acquire us. You acknowledge that such transfers may occur, and that any parties who acquire us may continue to use your personal information according to this policy.
Limits of our policy
Our app may link to external sites that are not operated by us. Please be aware that we have no control over the content and policies of those sites, and cannot accept responsibility or liability for their respective privacy practices.
Changes to this policy
OMY! SportTech UG (haftungsbeschränkt) Data Controller
This policy is effective as of March 27, 2021.