2. Techmedfit Solutions Sp. z o.o., with its registered seat in Olsztyn, ul. Towarowa 20B, 10-417 Olsztyn, entered into the National Court Register kept by the District Court for Lublin-Wschód in Lublin, with its legal seat in Świdnik, 6th Commercial Division of the National Court Register, under KRS number 0000791028, with NIP [Tax Identification Number]: 7162826610, REGON [National Business Registry Number]: 383639700 ('the Provider’), shall be the provider of the Application and Website as well as the controller of the personal data of the users thereof (‘the Users’).
3. The Provider's e-mail contact address:
4. “Personal data” shall mean any information relating to an identified or identifiable natural person, which shall mean an identifiable natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
5. The Provider shall process the personal data, which shall include collection and storage thereof, in accordance with the applicable provisions of the law, in particular of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (‘the GDPR’), as well as in accordance herewith.
6. The provision of personal data shall always be voluntary; however, such provision may be necessary to use the Application or certain functions available in the Application or on the Website.
1. The information on the Users and their behaviour, including personal data, shall be collected as follows:
- from data voluntarily entered by the Users;
- from other platforms with which the Application cooperates, in particular Google Fit SDK or Apple HealthKit;
- from the device via which the User uses the Application (e.g. gyroscope information);
- by saving cookies on the User's end device.
2. The Provider shall collect personal data during the process of creating an account in the Application by User, as well as during the Users' use of the functionalities available as part of the Application or the Website. In particular, the personal data may be collected during the User's entering into the Application of any data concerning, for example, certain aspects describing the User (including, but not limited to, weight, height, etc.), his or her wellbeing, or any aspects concerning the User's fitness or activity. Such data may also be collected or created as a result of the functionalities available as part of the Application (e.g. the calculation of indices by the Application based upon data provided by the User).
3. The Provider may process the Users' personal data as follows and for the following purposes:
- for the purposes of making available to the User the functionalities available as part of the Application or Website,
- for marketing purposes, including promotion of the Provider's products and services, or – if agreed upon by the User – also the products and services of entities cooperating with the Provider;
- for the purposes of notifying the Users, including via mailing, e.g. notifying of upcoming or ongoing campaigns organised by the Provider, including those organised with its business partners;
- for the purposes of creating aggregated reports for business partners (e.g. demographic profiles), with the stipulation that in such situations, the data shall be made available to the partner in a fully anonymised manner, i.e. the data shall lose any value as personal data due to the inability to be tied to a specific natural person;
- for the purposes of sending a newsletter if the User has consented to receipt thereof;
- if the User consents to the collection of data on his or her location, in particular for marketing purposes (in such case, the location data may be collected in a manner available as part of the existing technologies, e.g. via a mobile network operator, by using Bluetooth signals, based upon the location of a WiFi access point, or by using GPS, Galileo or Glonass);
- when the User contacts the Provider in connection with the use of the Application;
- as a result of obtaining the data from external entities or from publicly available sources, including from software cooperating with the Application, in particular from applications integrated therewith, and from Apple HealthKit or Google Fit SDK;
- when using other services or offers (if any) available in connection with the Application or the Website;
- in cases required by the applicable provisions of the law, for purposes arising from such provisions, i.e. pursuant to Article 6(1)(a, b, c or f) of the GDPR.
4. The legitimate interests referred to in Article 6(1)(f) of the GDPR for the purposes of which the Provider may be processing the Users' personal data shall include in particular the marketing of the services rendered by the Provider, creation of statistics or communication with the User in connection with the services offered.
5. For the aforesaid purposes, the Provider may also profile the User's personal data, in particular for the purposes of displaying to the User advertisements or contents adjusted to the User's predicted preferences determined on the basis of the collected personal data, including in particular making available of a personalised recommendation or suggestion which could assist the User in building of healthy habits. The recommendations and other similar contents shall be based upon machine learning and artificial intelligence models, which shall be powered by personal data on the Users. The data may also be used and profiled for the purposes of sending to the Users personalised messages from business partners. The User shall have the right to object at any time to the processing of his or her personal data for the aforesaid purposes.
6. For analytical purposes, the Provider shall use Google Firebase.
7. The providers of the applications cooperating with the Application, including Amazon Web Services (Amazon Web Services Inc with its registered seat in the United States of America), Google (Google Inc with its registered seat in the United States of America) or Apple (Apple Inc with its registered seat in the United States of America) may be the recipients of the Users' personal data. The processing of the personal data may be entrusted to entities hired by the Provider for the purposes of proper functioning of the Application, in particular to companies rendering IT services, maintenance services, etc.
8. The Provider does not intend to ever transmit the User's full name or e-mail address to any business partner. Such entities may only obtain statistical data on the Users which does not comprise personal data, i.e. anonymised data or data in any other similar form rendering it impossible to be attributed to a specific natural person. With the User's consent, the Provider may send to the User offers or trade and promotional information of the Provider's business partners that enable the User to contact such entity, subscribe to the Provider's business partner's newsletter, request to be contacted, etc.
10. With regard to the personal data processed for marketing purposes, the Provider shall process the same for a period of time no longer than until the User objects or withdraws his or her consent if the processing has been based upon consent.
11. The Provider shall process any or all of the following personal data of the Users: name or nickname, e-mail address, User's location data, User's habits or activity data, e.g. walking pace, step count, physical activity data, as well as certain data pertaining to the User's health, such as his or her pulse. Personal data concerning health may only be processed on the basis of the User's consent and shall be erased immediately upon withdrawal of such consent.
12. The Provider may transmit the Users' personal data outside of the European Economic Area (EEA). In such cases, the Provider shall guarantee that a similar level of data protection in the third state will be ensured by the introduction of one of the following safeguards:
i. the personal data will be transmitted to states considered by the European Commission as providing adequate level of protection for personal data;
ii. the Provider will use appropriate standard contractual clauses.
As part of the exercise of the Users' rights, the Provider shall also ensure the ability to obtain copies of appropriate data safeguards in the event of transfer to third states.
1. In addition to any other rights referred to in Part II hereof, the User shall be entitled to demand from the Provider access to his or her personal data or rectification, erasure or restriction of processing thereof, as well as entitled to port the data and to lodge a complaint with the supervisory authority: President of the Personal Data Protection Office, ul. Stawki 2, 00-193 Warszawa, Poland.
2. Where processing is based on the the User's consent, the User shall be entitled to withdraw such consent at any time, with the stipulation that the withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
3. The Provider may be contacted with regard to personal data via the e-mail address firstname.lastname@example.org .
2. The Provider shall use remarketing techniques enabling adjustment of advertising messages to the User's behaviour, which may cause an illusion that the User's personal data are being used to spy on him or her; however, in practice, no personal data is being transmitted from the Provider to advertisers. The enablement of cookies is the technological condition for such actions.
4. The Provider shall use Hotjar, which is a service that examines the Users' behaviour by creating heat maps and recording behaviour on the Website. Such information is anonymised prior to its transmission to the service operator so that it is unaware of which natural person such information pertains to. In particular, no passwords or personal data entered are recorded.
5. The Provider shall use a solution which automates the operation of the Application and the Website with regard to the User, e.g. enabling the sending of an e-mail to the User upon visiting a specific page, provided that he or she has consented to the receipt of commercial correspondence from the Provider.
6. For the purposes of building the Website, the Provider shall use Webflow.
7. The Application may display advertisements, in particular those of Google Adsense and affiliate networks.
2. Cookies are IT data, in particular text files, which are stored on the User's end device and meant for the use of the Website. Cookies usually contain the name of the website from which they originate, their storage time on the User's end device, as well as a unique number.
3. The Provider is the entity saving and accessing cookies on the User's end device.
4. Cookies are used for the following purposes:
- pursuit of goals set forth in Part IV hereof (*Important Marketing Techniques*).
5. Two main types of cookies are used on the Website: session cookies and persistent cookies. Session cookies are temporary files stored on the User's end device until he or she logs out, leaves the Website or turns off his or her software (web browser). Persistent cookies are stored on the User's end device for a period of time defined in the cookie parameters or until deleted by the User.
6. Web-browsing software (web browsers) usually allows storage of cookies on the User's end device by default. Every User may change such settings. A web browser enables deletion of cookies. Cookies may also be blocked automatically. Detailed information on that subject may be found in the help section or documentation of the web browser.
8. Cookies saved on the User's end device may also be used by entities cooperating with the Provider, including in particular: Google (Google Inc. with its registered seat in the USA), Facebook (Facebook Inc. with its registered seat in the USA), Twitter (Twitter Inc. with its registered seat in the USA).
9. If the User does not wish to receive cookies, he or she may alter his or her browser settings. The Provider warns that disablement of the cookies necessary for the authorisation, security and maintenance of the User's preferences may hinder, and in extreme cases prevent, the use of a given functionality on the Website.
10. In order to manage cookie settings, the User must select from the list below the browser used by him or her and follow the instructions: