Effective 16 July 2020
PERSONAL DATA AND INFORMATION WE COLLECT ABOUT YOU
We may collect information that can identify You, such as Your name and email address (“Personal Data”), and other information that does not identify You, as listed below.
Information you provide
- First name, email address, gender, date of birth, password, height and weight, target weight and target zones, fitness level. We may collect and store the above-mentioned information when You register and use the Service or provide it to us in some other manner, for example by corresponding with us (by email or chat, for instance) when You report a problem with the Service or when You subscribe to any of our services or search for a service.
- We may also collect and store certain health information from other health-related applications on your mobile phone (e.g., Apple Health or Samsung Health), with your consent.
- Before providing us with information about a third party, You must have the consent of that third party. By providing us with information regarding a third party You represent and warrant that You have their permission to provide that information to us.
Information collected automatically
a) Device information: may include information specific to Your mobile device (e.g., OS Version, hardware, unique device identifier, mobile network information); information about Your logging in, use of features, functions, or notifications on the device. We also collect and use Your Apple Identifier for Advertising (IDFA) and Google Advertising ID (AAID) to recognize Your device and support advertising activities on our Services. These number values are not permanently tied to Your device and, depending on Your operating system, You can reset it through Your device settings.
4. Usage information: information about the use of the App, such as frequency of use, engagement with particular features, which sections of the App user visits and common use patterns.
5. Location: IP address, time zone, mobile service provider
6. Cookies. A cookie is a small amount of data stored on Your device used as an anonymous unique identifier. Please note that cookies commonly do not contain personal information. This Service does not use these cookies explicitly.
HOW WE USE YOUR PERSONAL DATA AND INFORMATION
We may use your Personal Data to:
a) provide the Services to You and enhance Your user experience on our App by operating, maintaining, and providing You with all of the content and features of the Service;
7. managing Your account and providing You with customer support. We may use Your Personal Information to respond to Your requests for technical support, Service information or to any other communication You initiate (“customer support purposes”);
8. performing research and analysis about Your use of, or interest in, our products, services or content, or products, services or content offered by others (“analytics purposes”);
9. communicating with You via email, push notifications, reminders and/or through other digital methods about products or services that may be of interest to You either from us or other third parties. You can opt out of receiving push notifications by changing the settings on Your device;
10. detecting and resolving any fraud or other illegal or undesirable user behaviour;
11. taking legally required actions.
YOUR GDPR RIGHTS
Individuals residing in the countries of the European Union have certain statutory rights in relation to their personal data introduced by the General Data Protection Regulation (the “GDPR”). If and to the extent Your use of the App is governed by the GDPR, you may have the following additional rights.
Legal Basis. Our legal basis for information collection and use depends on the Personal Data concerned and the context in which we collect it. Most of our information collection and processing activities are typically based on (i) contractual necessity, (ii) one or more legitimate interests of Reshape or a third party that are not overridden by your data protection interests, or (iii) your consent. Sometimes, we may be legally required to collect your information, or may need your personal information to protect your vital interests or those of another person.
Modification, correction, and erasure. You are able to modify, correct, erase and update your Personal Data in the App account settings or, if that is impossible, by writing to us at firstname.lastname@example.org.
Access. You have a right to access your Personal Data you insert into the App and ask us about what kind of Personal Data we have about you. You can do this by using the app settings or by writing to email@example.com.
EU residents. Individuals residing in the countries of the European Union have certain statutory rights in relation to their personal data introduced by the General Data Protection Regulation (the “GDPR”). Subject to any exemptions provided by law, you may have the right to request access to Personal data (including in a structured and portable form), as well as to seek to update, delete or correct Personal data:
- Access to your Personal Data and Data Portability. The App gives you the ability to access and update Personal Data within the App and your account settings. You shall be entitled to request information about whether we have any Personal Data about you, to access your Personal data (including in a structured and portable form) by using your app settings or by simply writing to us at firstname.lastname@example.org.
- Erasure of your Personal Data. If you believe that your Personal Data is no longer necessary in relation to the purposes for which it was collected or otherwise processed, or in cases where you have withdrawn your consent or object to the processing of your Personal Data, or in cases where the processing of your Personal Data does not otherwise comply with the GDPR, you have right to contact us and ask us to erase such Personal Data as described above. You can simply write to us at email@example.com. Please be aware that erasing some Personal Data inserted by you may affect your ability to use the App and its features. Erasure of some Personal Data may also take some time due to technical reasons.
- Right to object processing of your Personal Data. You can object to processing your Personal Data and stop us from processing your Personal data by simply writing to us at firstname.lastname@example.org. Please be aware that erasing some Personal Data inserted by you may affect your ability to use the App and its features.
- Notification requirements. We commit to notify you within a reasonable period of time and your data protection authority within the timeframe specified in applicable law (72 hours) about any personal data breaches in the App.
- Data Protection Authorities. Subject to GDPR requirements, you also have the right to (i) restrict our use of Personal Data and (ii) lodge a complaint with your local data protection authority about any of our activities that you deem are not compliant with GDPR.
Please keep in mind that in case of a vague access, erasure, objection request or any other request in exercise of the mentioned rights we may engage the individual in a dialogue so as to better understand the motivation for the request and to locate responsive information. In case this is impossible, we reserve the right to refuse granting your request.
Following the provisions of GDPR we might also require you to prove your identity (for example, by requesting an ID or any other reasonable proof of identity) in order for you to invoke the mentioned rights, specifically if you exercise them in respect to special categories of Personal Data like data about health. This is made to ensure that no rights of third parties are violated by your request, and the rights described in this section are exercised by an actual Personal Data subject or an authorized person.
We may share Your Personal Information with third parties that perform certain services on our behalf, such as our authorized service providers or analytics providers. In general, the third-party providers engaged by us will only collect, use and disclose Your information to the extent necessary to allow them to perform the services they provide to us, e.g. facilitating our Service and analyzing how our Service is used. Please note that they are obligated not to disclose or use the information for any other purpose.
We may share Your Personal Data with third parties that perform certain services on our behalf, such as our authorized service providers or analytics providers. In general, the third-party providers engaged by us will only collect, use and disclose Your information to the extent necessary to allow them to perform the services they provide to us, e.g. facilitating our Service and analyzing how our Service is used. Please note that they are obligated not to disclose or use the information for any other purpose.
These are the third-party services with whom, among others, we may share some of your Personal Data and information:
- Appsflyer. Appsflyer is a mobile marketing platform. We may share certain non-identifiable information about you and some Personal Data (but never any data related to health without your explicit consent) in order to carry out marketing activities and provide you with better and more targeted service. We share the following data with Appsflyer: your IDFA, IP address, your user sessions, device information (model, location, OS version, CPU, screen size, etc.), application information (version, build number, etc.), information on launching, updating, installing the App. Once data is collected, it is not merged with any other data for personal identification purposes.
- Facebook. We use Facebook as our advertising partner to display advertising in our App or to manage our advertising on other sites. We are using the following Facebook services: Ads manager, Lookalike audience, Campaign Planner, Creative Hub, Business Manager, Page Posts, Ads Reporting, Monetization Manager, Pixels, Audience Insights. We use Facebook’s Software Development Kit (SDK) within our apps in order to link various Facebook services with our apps. For example, this enables users to share content from our apps within their Facebook timeline. Further information about the Facebook SDK within iOS can be found here. We may share certain non-identifiable information about you and some Personal Data (but never any data related to health without your explicit consent) for the purposes described above, including to carry out marketing activities and provide you with better and more targeted service. We share the following data with Facebook: your IDFA, your user sessions, device information (model, location, OS version, CPU, screen size, etc.), application information (version, build number, etc.), information on launching, updating, installing the App and attribution source. Learn more about Facebook ads here. Facebook may use data we provide for its own advertising purposes in accordance with the Facebook Data Policy.
- Firebase. Firebase is an analytics product from Google, Inc. that allows us to track crashes of the App, monitor events in the App, provide us stats regarding the use of the App. To track and analyze behavior of our App’s users (in particular, how they react to changes of the App structure, text or any other component), we also use Firebase Remote Config. Firebase Remote Config is an A/B testing and configuration service provided by Google, which also enables us to tailor the content that our App’s users see (for example, it allows us to show different onboarding screens to different users). Firebase may collect certain device identifiers in order to understand on what devices and under which circumstances particular incidents and events happen. We share the following data with Firebase: your IDFA, data on installing the App, your actions in the App (for example, tapping particular buttons like whether to receive notifications or not), including actions with additional parameters, opening particular screens, starting and cancelling a trial period, starting and cancelling subscription, passing the onboarding screen, completing registration, different technical events (for example, whether you have read a manual or not). We never share with Firebase data related to health without your explicit consent. Read about Privacy and Security in Firebase here.
Security is our highest priority. Our App has been designed with Your security and privacy in mind.
- We protect the security of Your information by using encryption protocols and software;
- We aggregate and pseudonymize all of the Users Personal Information;
- We maintain physical, electronic and procedural safeguards in connection with the collection, storage and disclosure. of Personal Information;
- We employ Personal Information systematic backups, which are intended to reduce the risk from disk crashes and errors, such as accidental information deletion
While we cannot ensure or guarantee that loss, misuse or alteration of information will never occur, we make all reasonable efforts to prevent it. However, You should bear in mind that submission of information over the internet is never entirely secure. Please note that we do not collect and we are not responsible for the collection or security of Your payment details.
RETENTION AND STORAGE OF YOUR PERSONAL DATA
We will retain your Personal Data for as long as the application is installed on your mobile device or as needed to provide you service. If you remove the application from your phone or (and) deactivate your subscription, we will remove all your Personal Data within 12 months and use copies of your Personal Data only as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. We retain your Personal data for the indicated period of time in order for you to be able to restore all your information and settings, if you like to return to the App. If you wish to cancel your account or request that we no longer use your information to provide you services, or wish to delete all your information and Personal Data permanently, contact us at email@example.com.
In some cases, after we may anonymize you Personal Data in such a way that it will never identify you, actually or potentially. We may use such anonymized data for various purposes like training our AI built into the App.
This Service does not address anyone under the age of 16. We do not knowingly collect personally identifiable information from children under 16. If we discover that a child under 16 has provided us with Personal Information, we shall take steps to delete such information and terminate the child’s account. If You are a parent or a guardian and You are aware that Your child has provided us with Personal Information, please contact us so that we will be able to take the necessary actions.
YOUR CALIFORNIA PRIVACY RIGHTS
California Civil Code Section 1798.83 permits our visitors who are California residents to request certain information regarding the disclosure of personal data to third parties for their direct marketing purposes. To make such a request, please send an email to firstname.lastname@example.org or write to us:
Antakalnio g. 17-12
Vilnius, Lithuania LT-10312