App Privacy Policy
Feat by Yona is a digital meal planner (hereinafter: App, Product) for iOs and is operated by Imperium Apps GmbH (hereinafter: Imperium Apps, Provider) with registered office in Berlin, Germany. The following data protection provisions apply to all the App’s registered users. By registering, you agree with the following data protection provisions.
Controller
The body responsible for collecting, processing and using the personal data concerning you (Controller) in terms of the General Data Protection Regulation, GDPR, is Imperium Apps GmbH Rheinsberger Str. 76/77 10115, Berlin
Encryption
All the incoming and outgoing data traffic when communicating with the Apps or with third parties is encrypted via TLS. The code “https://” in the address bar and the lock icon show you that the connection for using our website is encrypted. TLS encryption means that third parties cannot read the data transmitted.
Collection, processing and use of personal data
Personal data
“Personal data” in terms of the GDPR means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. The Provider only processes the personal data concerning you (e.g. email address, nutritional information in the App) in accordance with the provisions of applicable data protection law as amended. The following provisions inform you about the nature, scope and purposes of collecting, processing and using personal data. This Data Privacy Policy applies only to the aforementioned Product. If a link leads to you another website, please check the information there for the respective treatment of the personal data concerning you.
Data collection when using our website
When you visit our www.imperiumapps.com website, the web server automatically creates log files that cannot be associated with a certain person; this processing is based on our legitimate interests pursuant to point (f) of Art. 6 (1) GDPR. Such data may include, for instance, browser type and version, operating system used, referrer URL, IP address of the requesting computer, date and time of access of the server request and the client’s file request (name of file and URL). These data are only collected for statistical purposes and for safety reasons (e.g. in order to investigate misuse and fraudulent acts), stored for a period of seven days and erased thereafter. Data that needs to be stored as evidence for a longer period is excluded from erasure until the respective incident has been clarified.
Cookies
In order to make the web pages more user-friendly and effective, Imperium Apps and third parties commissioned by Imperium Apps store so-called cookies on the customers’ hard disk. The legal basis for this type of use is point (f) of Art. 6 (1) GDPR. Cookies are small text files that serve, among other purposes, to record information on how a website is used. These cookies cannot execute programmes, nor can they infect your computer with viruses. They do not contain any personal data, cannot be attributed to a certain person and are automatically erased at the latest after one year, unless otherwise stated. Such data is not combined with data from other sources. The website can also be used without cookies. In your browser settings, you can deactivate or limit the use of cookies or prompt your browser to warn you before a cookie is sent. You can also delete cookies from the computer’s hard disk at any time.
Newsletter, mailings
Upon your request, we regularly inform you via email of current nutrition trends, recipes and other interesting offers and tips surrounding eating, weight loss, etc. Registration for this service is voluntary and conducted via the so-called double opt-in process. Following registration, you will receive an email asking you to confirm your registration. This is required to prevent unauthorised third parties from using your email address to subscribe to our newsletter. In order to be able to demonstrate your registration in accordance with the legal requirements, it is in our legitimate interest pursuant to point (f) of Art. 6 (1) GDPR to log the registration. By registering to the newsletter, you give your consent to the data provided being processed to send and receive emails (point (a) of Art. 6 (1) GDPR). You further give your consent for Feat by Yona to collect and process data regarding your user patterns (i.e. opening and clicking on links in the email) in order to customise the mailings to meet your specific needs; if, for instance, you click links on topic A several times, but never click links on topic B, you will only receive links on topic A in future mailings. You may, at any time and without stating any reasons, withdraw your consent given to receiving these emails in the future by sending an email to info@imperiumapps.com. You can also unsubscribe to the newsletter by clicking on a link that you find at the end of each newsletter. We may store the unsubscribed email addresses and the data stored within the scope of the registration records for a period of up to three years based on our legitimate interests in order to demonstrate that consent was previously given before we erase them for the purpose of mailing newsletters. The processing of these data is restricted to the purpose of defending against any claims that might be asserted. Individual requests for erasure are possible at any time, provided that the consent previously given is confirmed at the same time.
Use by children
Feat by Yona is aware of the additional measures that are required to protect the privacy of children. Persons under 16 may not open accounts, unless one parent has agreed in accordance with the applicable law. If we discover that we have recorded personal data of a child below the minimum age without its parent’s consent, we will take measures to immediately erase such data. Parents who believe that their child has made personal data available to us and who wish to have such data erased should please contact us under the details stated in item 1.
Use of web analysis, remarketing and retargeting tools
Based on our legitimate interests in terms of point (f) of Art. 6 (1) GDPR, we use various tools or plugins to conduct web analysis, remarketing, and retargeting in order to optimise our online offering and to be able to compile more relevant offers for you. These services use cookies, forward the IP address and/or record and analyse various types of data, including the number of website visitors, duration of the visit, average page loading time and origin of the visitors. Detailed information:
Google Analytics
We use Google Analytics, a web analysis service offered by Google. Google Analytics uses cookies that help to analyse how visitors use the website. The information generated by the cookie about the way you use the website (including your IP address) will generally be transmitted to and stored by Google on servers in the United States. Feat by Yona has activated IP anonymisation by adding the code “gat._anonymizeIp();” on the websites, meaning that Google will shorten your IP address within a member state of the EU or another state party to the Agreement on the European Economic Area beforehand (this procedure is called IP masking). Only in exceptional cases will the full IP address be transmitted to a Google server in the US and shortened there. Google will use this information on our behalf for the purpose of evaluating the way you use the website, compiling reports on website activity for Feat by Yona and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google offers an add-on for web browsers that serves to prevent data collection by Google Analytics and data processing by Google. The add-on can be downloaded and installed at your own risk from https://tools.google.com/dlpage/gaoptout. More information is available at: http://www.google.com/intl/de/analytics/privacyoverview.html (general information on Google Analytics and data protection). Google is certified under the Privacy Shield Framework, thus guaranteeing that the European data protection law will be complied with: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI
Social Media plugins
Based on our legitimate interests in terms of point (f) of Art. 6 (1), we use various Social Media plugins to conduct web analysis, remarketing, and retargeting in order to optimise our online offering and to be able to compile more relevant offers for you.
We use the Social Media plugin of Facebook.com operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”). Such plugins may constitute interaction elements or content (e.g. videos, graphics or text) and are marked with one of the Facebook logos (white “f” in a blue tile, the terms “Like” or the “thumbs up” sign) or are labelled “Facebook Social Plugin”. For a list and illustrations of the Facebook Social Plugins, please go to: https://developers.facebook.com/docs/plugins A direct connection is established with the Facebook servers whenever a user accesses a feature on this website that contains such a plugin. Facebook transmits the plugin content directly to the user’s device, which is then incorporated into the online offering. In this context, the processed data may by used to compile user profiles. We therefore have no influence whatsoever on the scope of the data collected by Facebook with the help of this plugin. The information we provide to our users is based on what we know. By incorporating the plugin, Facebook receives the information that a user has accessed the corresponding page of the website. If the user is logged into Facebook, Facebook can attribute the website visit to that user’s Facebook account. Whenever a user interacts with a plugin, for instance by clicking the Like button or writing a comment, the user’s device transmits the corresponding information to Facebook directly, where it is stored. Facebook may even find out and store the IP address of users who are not registered with Facebook. According to Facebook, they only store anonymised IP addresses in Germany. The Facebook privacy policy is available at: https://www.facebook.com/about/privacy and gives more information on the purpose and scope of data collection and further data processing and use of the data by Facebook as well as the corresponding rights and setting options to protect your privacy. Users, who are registered with Facebook, but who do not wish Facebook to collect data concerning him or her via this website and to combine such data with the membership data stored by Facebook, must log out of Facebook before using our website and must delete their cookies. Additional settings as well as the possibility to object to the use of data for marketing purposes are available can be found in the Facebook user settings: https://www.facebook.com/settings?tab=ads or at http://www.aboutads.info/choices for the US and http://www.youronlinechoices.com for the EU. The settings are platform-independent, meaning that they will be assumed for all devices, whether desktop computers or mobile devices. Facebook is certified under the Privacy Shield Framework, thus guaranteeing that the European data protection law will be complied with: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC
X (Twitter)
Our website may contain features and content of the Twitter service operated by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. This may include, for instance, content such as pictures, videos or text and buttons that users can use to show that they like the content or the authors of the content or to subscribe to our posts. Twitter can attribute the access to the aforementioned content or functions to the profiles of registered Twitter users. For Twitter’s privacy policy, please go to https://twitter.com/de/privacy. Twitter is certified under the Privacy Shield Framework, thus guaranteeing that the European data protection law will be complied with: https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO How to opt out: https://twitter.com/personalization
Our website may contain features and content of the Instagram service operated by Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA. This may include, for instance, content such as pictures, videos or text and buttons that users can use to show that they like the content or the authors of the content or to subscribe to our posts. Instagram can attribute the clicking of the aforementioned content or functions to the profiles of registered Instagram users. For Instagram’s privacy policy, please go to: http://instagram.com/about/legal/privacy
Erasure of your data
Feat by Yona stores personal data concerning users as long as the App is used. When the user account is deleted, we will finally and irrevocably erase the email address, first name, surname, profile image and links to third party providers.
How to reset your account
Users can reset their accounts. In this case, we will use a transparent procedure to set up a new account to which the settings are copied (email address, password, settings, targets, etc.).
Your rights
Please do not hesitate to contact us using the contact details in item 1 at any time if your have questions regarding your rights and other topics surrounding personal data. You have the following rights:
Right of access
You have the right to request, free of charge at any time, information regarding the personal data concerning you that is stored by Feat by Yona, the origin and recipients of such data, the purpose of data processing, the planned duration of data storage and a copy of the personal data that are being processed (Art. 15 GDPR).
Right to rectification
You further have the right to obtain without undue delay the rectification of inaccurate personal data and to have incomplete personal data completed (Art. 16 GDPR).
Right to withdraw consent
You have the right to withdraw, without stating reasons, your consent to data processing at any time with effect to future processing (Art. 7 (3) GDPR).
Right to erasure
You have the right to obtain erasure of personal data concerning you without undue delay if the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed or if you withdraw your consent to lawful processing and there are no other legal grounds for the processing. If you object to data processing and there are no overriding legitimate grounds for the processing, your data will also be erased. Finally, your data will be erased if processing is unlawful for any other statutory reasons (Art. 17 GDPR).
Right to restriction of processing
You have the right to obtain restriction of processing if you contest the accuracy of the personal data for a period of time that enables us to review the accuracy. Data processing is also restricted if processing is unlawful but you refuse erasure of the personal data concerning you and instead of requesting erasure, you request restriction of processing, or if we no longer need the personal data for the corresponding purposes, but we need them for the establishment, exercise or defence of legal claims, or if you had previously objected against processing but it has not yet been established whether Feat by Yona has legitimate grounds to store the personal data that override your interests (Art. 18 GDPR).
Right to data portability
You have the right to receive the personal data concerning you that you provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller where the processing is based on consent and the data is processed by automated means (Art. 20 GDPR).
Right to object
Finally, you have the right to object at any time to processing of personal data concerning you in the future. You have the right to object at any time to the compilation of user profiles and to the processing of the corresponding personal data concerning you where processing is based on consent. The personal data concerning you will no longer be processed where no compelling legitimate grounds override your interests, rights and freedoms. Where the personal data concerning you is processed for direct marketing purposes, you naturally have the right to object to such processing at any time (Art. 21 GDPR).
Right to lodge a complaint
You further have the right to lodge a complaint with a supervisory authority (Art. 77 GDPR).
Validity and updates
The Data Privacy Policy is currently valid and was prepared on 7 February 2022. Further developments of our website might make it necessary to amend this Data Privacy Policy. We reserve the right to amend the Data Privacy Policy at any time with future effect.