Privacy Policy
IDS Diagnostic Systems AG
The following data protection declaration applies to all online services on our websites (www.ids-ds.de and www.mysportsapp.net/de/ ) and to our mobile app (“mySportsApp”).
The terms used are based on formulations of the General Data Protection Regulation (“GDPR”).
Principles of data processing
the “mysportsapp”, which in this case is explained separately below, it is necessary to provide an e-mail address. The legal basis for data protection can be found in particular in the General Data Protection Regulation (GDPR).
When you visit our website or apps, some information is transmitted, such as your IP address. They also provide information about the end device used (computer, smartphone, tablet, etc.), the browser used (Internet Explorer, Safari, Firefox, etc.), the time of access to the website, the so-called referrer and the amount of data transferred.
This data is not used by us to identify individual users. The information is used exclusively to determine the attractiveness of our offers and to improve the performance and content of our offers.
However, we would like to point out that in the case of a static IP address, a personal reference could be established via a RIPE query in individual cases, but we do not do this under any circumstances.
Collection and processing of personal data
Personal data is only collected by us if you contact us and actively provide data, in particular when registering an account, requesting information or entering it in your profile within our app.
When transmitting and storing any type of data, it is always encrypted. Your personal data is thus protected against unauthorized or unlawful access, alteration or disclosure.
We use the personal data you provide exclusively for the fulfillment and processing of our services.
We store your data for as long as is necessary to fulfill the intended purpose, or until you delete your account or statutory retention periods make storage necessary. Your personal data will then be deleted or its processing restricted in accordance with the statutory provisions.
In the case of purely informational use, we generally only collect the personal data that your browser transmits to our server. If you only visit our website, we only collect data that is technically necessary for us to display our content to you and to ensure stability and security (legal basis is the legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR).
We have carried out a balancing of interests in accordance with Art. 6 para. 1 lit. f GDPR. In doing so, we have taken into account and weighed up our interest in the provision and your interest in data protection-compliant processing of your personal data. For technical reasons, the following data is necessary for the provision of our service in order to be able to offer our services and also to ensure the stability and security of our services, in particular to protect against misuse. We have therefore come to the conclusion that this data can be processed – with a guarantee of data security based on the state of the art – taking due account of your interest in data protection-compliant processing.
data |
Purpose of the processing |
Storage duration |
---|---|---|
Operating system used |
Evaluation by device to ensure an optimized display of the website and app |
Up to 30 days after deletion of the customer account |
Evaluation of the browsers used in order to optimize our websites for this purpose |
Up to 30 days after deletion of the customer account |
|
IP-address |
Display of the website on the respective device; clarification and prevention of fraud; proof of the user’s consent to the newsletter dispatch |
Up to 30 days after deletion of the customer account |
Date and time of the call |
Display of the website on the respective device; clarification and prevention of fraud; proof of the user’s consent to the newsletter dispatch |
Up to 30 days after deletion of the customer account |
If applicable, manufacturer, type designation and version of the smartphone, tablet or other end device as well as the app version and the app provider |
Evaluation of device manufacturers and types of mobile devices for statistical purposes |
Up to 30 days after deletion of the customer account |
Session ID |
Identification of the installation |
Up to 30 days after deletion of the customer account |
The collection of data for provision and the storage of data in log files are absolutely necessary for the operation of the website and the apps. Consequently, there is no possibility of objection on the part of the user.
Registration/Installation of a mySportsApp account
The app can be downloaded via the Google Play Store and the Apple App Store, either directly or via a store link on the mySportsApp website. When starting the app, an e-mail address and optionally a name must be entered. An email with an activation number or activation link will be sent to this email address. The app is activated by entering this number or by opening the activation link. After activation, the app can be used on the device without having to log in again.
Required permissions
The following permissions are required by the app:
Collected and processed data
Data for registration
Data on health and fitness activities
Data about app usage
If you have enabled error logging (opt-in), data on usage and errors in the app will be collected. We use this data to analyze problems and constantly improve the app.
Payment information about subscriptions
Payments are handled by payment providers Google and Apple. Although we do not store any financial data ourselves, we receive from the provider with each transaction a transaction ID, duration, price, currency and VAT for the purchased product. The payment provider can trace the purchase to a person using the transaction ID.
If your data is processed outside the EU, the payment service provider has undertaken to comply with the EU standard contractual clauses. In some cases, the payment service providers also collect this data themselves under their own responsibility. Further information on the processing of personal data by payment service providers can be found in their data protection guidelines:
Die Rechtsgrundlage fuer diese Verarbeitung ist Art. 6 Absatz 1 Buchstabe b DSGVO (Erfuellung eines Vertrages) und Art. 6 Abs. 1 Buchstabe a DSGVO.
Amazon Web Services
We use Amazon Web Services (AWS) to deliver the videos and media files. The app downloads this content directly from AWS. This will give Amazon personal information such as IP address and information about the device, the operating system and the installed web browser.
See the Amazon AWS privacy policy for details on whether and how Amazon uses this information (https://aws.amazon.com/en/compliance/data-privacy/).
Devices and location information
When using the app, we receive the following data:
App Analysis
App installations, used devices, and in-app purchase information can be evaluated for statistical purposes. Crash reports can be transmitted voluntarily via the corresponding functionality in the operating system.
Storage periods and deletion of the data used
Storage periods for active use
The data is stored as long as the user account exists. Beyond that, data will only be stored if required by law (due to warranty, statute of limitations or retention periods) or otherwise.
Deletion of your data
When your user account is deleted, all data will also be deleted, except for the data required to fulfill contractual obligations or to fulfill legal retention requirements. These data are not deleted, but minimized to the extent necessary.
Contact form
You have the option of contacting us via our e-mail address or the contact form.
We will of course use the personal data transmitted to us in this way exclusively for the purpose for which you provide it to us when contacting us.
The legal basis in this respect is our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR. If your request is aimed at concluding a contract (e.g. purchase of a subscription), the legal basis for the processing of the data provided is also the necessity for the provision of (pre)contractual services, in accordance with Art. 6 para. 1 lit. b GDPR.
Insofar as we request information via our contact form that is required to contact you, we have always marked this as mandatory (*). All information without an asterisk is optional. This information is used to specify your request and to improve the processing of your request. This information is provided expressly on a voluntary basis and with your consent. If this involves information on communication channels (e.g. e-mail address, telephone number), you also agree that we may also contact you via this communication channel in order to respond to your request.
You can of course revoke your consent at any time for the future. To exercise your right of revocation, please contact the office named at the end of this declaration.
Push notifications
If you would like to receive our push notifications on your mobile iOS device or on your Android device, even if you are not currently in our app, we ask for your consent.
Google Analytics
Our websites, expressly not our app (“mySportsApp”), use Google Analytics, a web analytics service provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “Google”). Google Analytics uses cookies that enable your use of the website and our app to be analyzed. The information generated by the cookie about your use of this website or our app is usually transferred to a Google server in the USA and stored there.
The information is used by Google on our behalf to evaluate the use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage to the website operator or app owner. Pseudonymous user profiles can be created from the processed data.
We only use Google Analytics with activated IP anonymization. This means that Google will truncate the IP address of users in member states of the European Union or in other signatory states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. The IP address transmitted by the user’s browser will not be merged with other Google data. Users can prevent the storage of cookies by adjusting the settings in their browser software accordingly. We have made data protection-friendly default settings.
Section 25 (1) sentence 1 of the GDPR and, for the subsequent processing of personal data, Article 6 (1) (a) of the GDPR are the legal basis for the use of Google Analytics. Users can prevent Google from collecting the data generated by the cookie and relating to their use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser add-on. Opt-out cookies then prevent the future collection of data when visiting this website. If you click here, the opt-out cookie will be set: Deactivate Google Analytics. Google has signed the EU standard contractual clauses as a guarantee in accordance with Art. 44ff GDPR.
Further information on data processing by Google Analytics can be found in the provider’sPrivacy policy of the provider.
If you no longer wish to be tracked by Google Analytics in the future, you can send an email to info@ids-ds.de at any time.
Data transfer to third parties
We only pass on your personal data to third parties if:
If data is transferred outside the European Union, the high European level of data protection does not apply. In the case of a transfer, it may be that there is currently no adequacy decision by the EU Commission within the meaning of Art. 45 para. 1, 3 GDPR.
This means that the EU Commission has not yet positively determined that the country-specific level of data protection corresponds to the level of data protection in the European Union on the basis of the GDPR. If the recipient is located outside the European Union / European Economic Area, we have taken the necessary measures, such as signing the EU standard contractual clauses approved by the EU Commission, and have also taken appropriate security precautions.
Instruction of data subject rights
Every data subject has the right of access under Art. 15 GDPR, the right to rectification under Art. 16 GDPR, the right to erasure under Art. 17 GDPR, the right to restriction of processing under Art. 18 GDPR, the right to object under Art. 21 GDPR and the right to data portability under Art. 20 GDPR. The restrictions under Sections 34 and 35 BDSG apply to the right of access and the right to erasure.
Deletion of your mySportsApp account
Via website:
Please use folgendes Formular: https://mysportsapp.net/delete_account_antrag.html
Via app:
Instruction on the right of appeal
You also have the right to complain to the competent data protection supervisory authority about the processing of your personal data by us.
Instruction on revocation of consent
You can withdraw your consent to the processing of personal data at any time. This also applies to the revocation of declarations of consent that were given to us before the General Data Protection Regulation came into force, i.e. before May 25, 2018. Please note that the revocation is only effective for the future. Processing that took place before the withdrawal is not affected.
Right in the case of data processing for direct marketing purposes
Pursuant to Art. 21 (2) GDPR, you have the right to object at any time to the processing of personal data concerning you. If you object to processing for the purposes of direct marketing, we will no longer process your personal data for these purposes. Please note that the objection will only take effect for the future. Processing that took place before the objection is not affected.
Reference to the right to object when balancing interests
If we base the processing of your personal data on a balancing of interests, you can object to the processing. When exercising such an objection, we ask you to explain the reasons why we should not process your personal data as described by us. In the event of your justified objection, we will examine the situation and either discontinue or adapt the data processing or explain to you our compelling reasons worthy of protection.
Links to other websites
Our websites may contain links to websites of other providers. We would like to point out that this data protection declaration applies exclusively to the websites of IDS Diagnostic Systems AG. We have no influence on and do not check that other providers comply with the applicable data protection regulations.
Changes to the privacy policy
We reserve the right to amend or adapt this privacy policy at any time in compliance with the applicable data protection regulations.
Withdrawal of consent and objection to data processing
If you have given us your consent, you can revoke it at any time with effect for the future.
Insofar as we base the processing of your personal data on the balancing of interests, you can object to the processing. When exercising such an objection, we ask you to explain the reasons why we should not process your personal data as we have done. In the event of your justified objection, we will examine the situation and will either discontinue or adapt the data processing or show you our compelling reasons worthy of protection on the basis of which we will continue the processing.
You can object to the processing of your personal data for advertising and data analysis purposes at any time.
You can send us your revocation or objection using the contact details under “Controller”.
Your rights at a glance
You have the following rights vis-à-vis us with regard to your personal data:
• Right of access
• Right to rectification or erasure
• Right to restriction of processing
• Right to object to the processing
• Right to data portability.
You also have the right to complain to a data protection supervisory authority about the processing of your personal data by us.
Person responsible
IDS Diagnostic Systems AG, Zehntwiesenstraße 35 b, 76275 Ettlingen; Tel.: +49 721 1702998-10; Fax: +49 721 1702998-19; E-Mail: info@ids-ds.de
Data Protection Officer
IT – Consulting & Datenschutz
Am Schind 14
D-97514 Oberaurach
E-Mail: m.weiss@mwe-consulting.de
Tel.: + 49 (0)9529 – 95 03 90
Fax: + 49 (0)9529 – 95 03 91
Web: www.mwe-consulting.de
This version of the privacy policy is valid from 06.04.2024.