Data privacy

Information about Gerolsteiner's data privacy policy and the use of the DrinkCheck app

Gerolsteiner Brunnen GmbH & Co. KG (hereinafter: Gerolsteiner) is pleased about your interest in this mobile application (app). Data privacy and data security while using this app are important concerns for us. We are committed to protect your privacy and will treat your private data in accordance with the applicable data privacy laws.

At this point, we would like to mention what personal data we collect while you use this app and how it will be used.

As we reserve the right to amend this data privacy policy to reflect changes to the law as well as changes to our internal processes, we suggest you read it again from time to time when retrieving it.

1. What is personal data?

Personal data are particulars about a person or factual relationships that would allow the identity of a particular natural person to be ascertained. Anonymized or statistical data that either do not reveal a person's identity or only with reasonable amount of effort are not considered personal data.

You do not need to register to use the app. We do not ask you to enter personal data such as names, addresses, email addresses, etc. nor do we collect or process any of the following types of data while you use this app: IMEI, IMSI, UDID, address book data, mobile telephone number, credit car and payment data, SMS, instant messaging, call lists or images or videos. Your current location may be shared if you choose to do so (more about this below).

2. What data do we collect and process?

When you first start the app, you are asked whether you would like to allow the DrinkCheck app to access other apps and data already stored on your mobile device. If you consent to it, this would mean accessing other applications noted below for the purposes mentioned:

Access to Google Fit and Google Plus

Upon first use of our app and when activating Google Fit and Google Plus access later on, the following data, if stored, would be copied from Google Fit and Google Plus to the DrinkCheck app: date of birth, weight, height and sex. Should these data have not been stored in Google Fit or Google Plus this information need to be given manually upon first use of our app. If you provide us the information manually, data will then be stored only local at your mobile device; information will not be shared with Google Fit or Google Plus.

In addition, each time DrinkCheck starts it will retrieve from Google Fit the number of steps you covered and the length and burned calories of any workout you performed that day. Additionally, the app will try to retrieve updated Google Fit data in the background every four hours if your mobile device is in standby and connected to the internet.

These particulars are essential for the correct functioning of the DrinkCheck app as these factors are used for the calculation of your fluid requirement for the day.

When first launching the DrinkCheck app, you will be asked whether you wish to allow access to other apps on your mobile device. If you consent to it, the data mentioned above will be coped from the other apps into DrinkCheck. Alternatively, you may manually enter that data into DrinkCheck. You may allow or disallow access to other apps at any time within the settings of your mobile device. For instructions on how to do so, refer to the user manual for your mobile device.

You also have the choice to allow storing this data in the app. However, be aware that the app cannot function properly without the data.

You can enter your intake and the corresponding drink types into the DrinkCheck app. That allows the app to display a weekly overview of your intake.

Stored data will reside on your mobile device for use within the app, but will not be transmitted to Gerolsteiner. If you delete the app, all app data stored locally will also be deleted, unless you have also stored the data in your Google Drive account.

Data storage in your Google Drive account:

You will be asked to save your data in your Google Drive account when you first launch the app. Upon first use of our app you can store your data about weight, height, date of birth and sex in your Google Drive account. Furthermore you have the option of consenting to store data about your daily step count, workout duration and calories and fluid intake with the respective weather forecast as a fixed dataset in Google Drive. Google's data privacy policy governs the storage, processing and deletion of data from Google Drive.

Access to GPS data for weather forecasts

The app will gather geolocation data from your mobile device via GPS or cell network information if you have consented to this in the settings. Provided you have activated the geolocation function on your device, the geographic coordinates (location data) of your device will be collected at the time the app is launched and while your mobile device is in standby and connected to the internet. Your location will be transmitted to the weather forecasting service at The Dark Sky Company, LLC. (The Dark Sky Company LLC, 216 2nd Street Floor 2, Troy, New York 12180, United States)
This service provides the app with the weather forecast for your location, but it does not store your data. The weather forecast can be another factor used in the calculation of fluid requirements (e.g. hot weather implies greater need for fluids than cold weather). The collection of geolocation and weather data for the purpose of fluid requirements takes place when the DrinkCheck app is launched and periodically with an interval of four hours while the app is in the background. Only the type of weather, the temperature and the resulting required fluid intake are stored. You can change the GPS settings at any time for the DrinkCheck app, by turning off the positioning function on your device. See the user documentation for your device for more information.

 

Facebook Android SDK

We use the Facebook Android SDK (Software Development Kit) from Facebook Inc. 1601 S. California Ave, Palo Alto, CA 94304, USA within our Android apps. This software permits us to check which advertising display in the Facebook social network the user has used to download our App. For this purpose, when our advertising display is clicked, Facebook uses the unique advertising identifier of the operating system of your mobile end device, as well as possibly further data, if you have not deactivated this function on your end device (see below). Further, the data capture and processing within the scope of the switching and clicking of advertising displays on Facebook is the responsibility exclusively of Facebook and is beyond our knowledge. In this matter please check the Facebook data protection instructions (see below).

After the download and starting of our App, the SDK sends the App-ID, the App version, the information that the App was started, as well as the Advertising-Identifier of your end device to Facebook. In this way, Facebook recognizes that you have called up the advertising display on Facebook and have then started our app. Then we receive a statistical assessment from Facebook with information on the call-up of the advertising display as well as the download and start of our App in order, in this way to measure the success of our advertising campaign. In this assessment of the statistical information we can make no evaluation of your person.

If you have not downloaded our Andoid App via an advertising display in Facebook, then the Advertising Identifier is still sent to Facebook if you have not deactivated this function (see below) but Facebook can make no reference to an advertising campaign.

Further information about Facebook can be found here:

developers.facebook.com/docs/android

The Facebook data protection instructions are found here www.facebook.com/full_data_use_policy and here www.facebook.com/about/privacy

You can contradict the processing of the Advertising-Identifier or prevent it by switching off the corresponding function in your mobile end device as follows:

Google Settings/Ads/Opt out of interestbased ads

3. For what purpose will Gerolsteiner use your data?

Personal data will only be used for the context of the app. This implies technical operations, app improvement and calculations for the daily fluid requirements.

Using or processing your data for any other purpose, may only take place when required by law or with your express consent. Absent these requirements, your data will not be otherwise used.

4. Will your data be shared with third parties?

As a rule your data will not be shared with third parties.

In certain cases, we may be legally required to share your personal data with a third party, e.g. with  law enforcement agencies, in case of suspected crime.

5. Protecting data we've collected

We use all technical and organizational means at our disposal to use your personal data in such as way as to prevent third parties from accessing it. We recommend you use a telephone or mail to transmit confidential information. Privacy of data cannot be guaranteed when contacting us using email, social media or instant messaging services.

6. Information about rectifying, deleting, and blocking your personal data stored by Gerolsteiner

Gerolsteiner stores data only as long as is specified by law.

In spite of our efforts to ensure the accuracy and currency of your personal data, should stored personal data be found to be incorrect, we will correct it immediately after you notify us.

If you wish your data stored by Gerolsteiner to be deleted, we will likewise do so immediately upon notification. Should such deletion be impossible on legal grounds, the respective data will be blocked. However, please note that without the data, we may under certain circumstances no longer be able to provide the service in whole or in part.

Upon request, we would be happy to let you know whether and which of your data have been stored.

To these ends, please contact:

Gerolsteiner Brunnen GmbH & Co. KGDr. Gregor Scheja, Data Privacy OfficerVulkanring54567 Gerolstein

7. Contact

For other questions or concerns about data privacy, please contact us at:

Gerolsteiner Brunnen GmbH & Co KGDr. Gregor Scheja, Data Privacy Officer www.scheja-partner.de

 

Effective date: 09/09/2016