Lapz - Privacy Policy
Privacy Policy
Introduction
Thank you for being part of our Lapz community.
The protection of your personal data is a serious concern for us. Therefore, we would like to inform you in this way, what types of personal data we process from you and for what purposes. This takes place exclusively in the context of the provision of our services.
Responsible
Maximilian Trauboth
Solalindenstraße 77a
81827 München
Fabian Rittmeier
Straßl ins Holz 21
81829 München
E-Mail: kontakt@lapz.app.
Imprint: https://lapz.app/en/impressum.
Topics
What data do we collect?
How do we collect your data?
How will we use your data?
How do we store your data?
What are your data protection rights?
Privacy policy of other websites
Changes to our privacy policy
How to contact us
Definitions
What data do we collect?
In case you are not using Health features within the app, we do not collect any personally identifiable information from you. The best way to keep information private is to never ask for it at all. The app and website are designed in a way that there is no identifiable information to protect in the first place. We are not collecting data through 3rd party services from you (e.g. Firebase, etc.) and none of your personal data is shared with 3rd parties.
In case you are using Health features within the app, we may require you to provide us with certain personally identifiable information, limited to your body weight, burned calories, and duration of a workout. The information that we request will be retained on your device and shared with Apple Inc.
As visitor on the website
You do not need to register or have any user account
We do not ask for your name, e-mail address or phone number
We are not using any cookies to store information in your browser
As user of the app
Your timers and workouts are only saved locally on the device
The App does not require an internet connection
The App is not able to access your photo library, GPS, mail and will not ask you for permission to do so
Only when you share a workout through the share option the name, duration, and the single intervals with name, type and duration are uploaded to our server
Only with your in-app given approval, your body weight, burned calories, and duration of a workout are shared with Apple Inc.
How do we collect your data?
You directly provide Lapz with most of the data we collect.
We collect and process personal data when you use the workout sharing or import feature of the iOS application.
Or when you voluntarily provide feedback to us via our contact form or directly per e-mail.
With your in-app given approval, your body weight, burned calories, and duration of a workout are shared with Apple Inc.
How will we use your data?
We collect your personal data so that we can correspond to you via e-mail regarding your feedback or inquiry.
If you are using the sharing feature of the Lapz iOS application the uploaded workout is made available for download to everyone in the Lapz Community who is provided the generated download link.
In case you are using Health features within the app, your body weight, burned calories, and duration of a workout are shared with Apple Inc.
Applicable legal basis
Below you will find an overview of the legal basis of the GDPR on which we process personal data. Please note that in addition to the provisions of the GDPR, national data protection regulations may apply in your or our country of residence or domicile. Should more specific legal bases be relevant in individual cases, we will inform you of these in the privacy policy.
Contract performance and pre-contractual requests (Art. 6 para. 1 p. 1 lit. b. DSGVO) – The processing is necessary for the performance of a contract to which the data subject is a party or for the performance of pre-contractual measures which are carried out at the request of the data subject.
Legitimate interests (Art. 6 (1) p. 1 lit. f. DSGVO) – Processing is necessary for the purposes of the legitimate interests of the controller or a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require the protection of personal data.
National data protection regulations in Germany:In addition to the data protection regulations of the General Data Protection Regulation, national regulations on data protection apply in Germany. These include, in particular, the Act on Protection against Misuse of Personal Data in Data Processing (Federal Data Protection Act – BDSG). In particular, the BDSG contains special regulations on the right to information, the right to erasure, the right to object, the processing of special categories of personal data, processing for other purposes and transmission, as well as automated decision-making in individual cases, including profiling. Furthermore, it regulates data processing for employment purposes (Section 26 BDSG), in particular with regard to the establishment, implementation or termination of employment relationships as well as the consent of employees. Furthermore, state data protection laws of the individual federal states may apply.
How do we store your data?
All of the data we collect is kept fully secured and hosted on our servers in Germany.
The servers are owned by Uberspace, a European company to ensure that all data is being covered by the European Union’s strict laws on data privacy. See Uberspace privacy policy for full details.
When you write to us with an inquiry or question via e-mail, we will keep the correspondence until the issue is completely resolved and not longer than 90 days.
We will keep your workouts on our server for a maximum of 90 days. Once this time period has expired we will delete your data automatically.
What are your data protection rights?
As a user of Lapz you are entitled to various rights under the GDPR, which arise in particular from Art. 15 to 21 GDPR:
Right to object: You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Article 6(1)(e) or (f) DSGVO; this also applies to profiling based on these provisions. If the personal data concerning you is processed for the purposes of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purposes of such marketing; this also applies to profiling, insofar as it is related to such direct marketing.
Right to withdrawal for consents: You have the right to revoke any consent given at any time.
Right to access: You have the right to request confirmation as to whether data in question is being processed and to information about this data, as well as further information and a copy of the data in accordance with the legal requirements.
Right to rectification: You have the right, in accordance with the law, to request the completion of data concerning you or the correction of incorrect data concerning you.
Right to erasure and restriction of processing: In accordance with the statutory provisions, you have the right to demand that data relating to you be deleted immediately, or alternatively, in accordance with the statutory provisions, to demand restriction of the processing of the data processing.
Right to data portability: You have the right to receive data concerning you, which you have provided to us, in a structured, common and machine-readable format in accordance with the legal requirements, or to request its transfer to another responsible party.
Complaint to supervisory authority: Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or the place of the alleged infringement, if you consider that the processing of personal data concerning you infringes the requirements of the GDPR.
If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us at our e-mail: privacy@lapz.app
Privacy policies of other websites
The lapz.app website contains links to other websites. Our privacy policy applies only to our website, so if you click on a link to another website, you should read their privacy policy.
Changes to our privacy policy
Lapz keeps its privacy policy under regular review and places any updates on this web page. This privacy policy was last updated on 05 March 2022.
How to contact us
If you have any questions about our privacy policy, the personal data we hold on you, or you would like to exercise one of your date protection rights, please do not hesitate to contact us at privacy@lapz.app.
Definitions
This section provides you with an overview of the terms used in this privacy policy. Many of the terms are taken from the law and defined primarily in Art. 4 of the GDPR. The legal definitions are binding. The following explanations, on the other hand, are primarily intended to help you understand them. The terms are sorted alphabetically.
Personal data: „Personal data“ means any information relating to an identified or identifiable natural person (hereinafter „data subject“); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (e.g. cookie) or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Responsible „Responsible“ means the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data.
Processing: „Processing“ means any operation or set of operations which is performed upon personal data, whether or not by automatic means. The term is broad and includes virtually any handling of data, be it collection, analysis, storage, transmission or deletion.