· workouts
· exercises
· recipes
· state of finishing
subscription data from Apple
AppStore servers
To check for a valid subscription
Art. 6(1) (b) GDPR
For avoidance of doubt, we note that we do not process any health data or monitor your
health via your mobile device, sensory equipment or the app. In case we extend the app – in
the future - to allow users to track their health – user’s informed consent will always be
requested prior to processing any such personal data.
May we process your personal data?
We may only use personal data for a reason (so called ‘legal basis’) stated in the privacy
laws. Under the General Data Protection Regulation (GDPR) the legal basis is listed in
Article 6 GDPR.
The main legal basis on which we process personal data is because it is necessary for the
performance licensed use of the app. That way we can provide the services you are
expecting from our app; or verify that you have a valid subscription; or properly address any
complaints (legal basis: Art. 6(1)(b) GDPR).
In addition we store the IP-address of app-users to secure the app and try to prevent
illegitimate use of the app or your account (legal basis: Art. 6(1)(f) GDPR).
We also analyse content that is liked by our user in order to improve the app and its content
(legal basis: art. 6(1)(f) GDPR). The interests or fundamental rights and freedoms of our
users is not harmed in any way.
In case consent is the legal basis for the processing of your personal data, we will inform you
in advance why we use the information. Please note that you can withdraw your consent at
any time. From that moment we will no longer process your personal data, unless there is
(also) another legal basis for processing your personal data (legal basis: art. 6(1)(a) GDPR).
In some cases we might be obligated by law to process/archive personal data (legal basis:
art. 6(1)(c) GDPR).
How do we secure your data?
The privacy of our users is important to us. In developing our app, we have tried to keep the
applicable privacy principles in mind as much as possible.
In addition, we take both technical and organizational measures to secure the personal data
we process.
Technical measures:
A few examples of the technical measures taken are:
- Physical security of data centres
- Logical access control
- Secure connections for data transfer
- Hashing of passwords