Skip to content

Body Control Intranet

Privacy Policy

Privacy Policy for the Body Control App

Preamble

This service (hereinafter referred to as the „App“) is provided by Body Control GmbH, located at Hans-Henny-Jahnn-Weg 53, 22085 Hamburg (hereinafter „we“ or „us“) as the data controller within the meaning of the applicable data protection laws.

Within the App, we enable you to access and display the following information:

  • Accounts are created by administrators of the App, and login credentials are sent to users via email.
  • A unique key assigned to you is used as an identification feature, which is negotiated upon initial registration.
  • The data collected is transmitted to our servers exclusively for use as a time tracking system.

When using the App, we process personal data about you. Personal data refers to all information that relates to an identified or identifiable natural person. Since we value your privacy while using the App, we would like to inform you below about which personal data we process when you use the App and how we handle this data. In addition, we inform you about the legal basis for processing your data and, where processing is necessary to safeguard our legitimate interests, about our legitimate interests as well.

You can access this privacy policy at any time via the „Privacy Policy“ menu item within the App.

1. Information on the Processing of Your Data

Certain information is automatically processed as soon as you use the App. The personal data processed is outlined below:

1.1 Information Collected During Download

When downloading the App, certain required information is transmitted to the App Store you have selected (e.g., Google Play or Apple App Store), including, but not limited to, the username, email address, customer account number, time of download, payment information, and the unique device identifier. The processing of this data is carried out exclusively by Google Play Store/App Store and is beyond our control.

1.2 Information Collected Automatically

When using the App, we automatically collect certain data required for its operation. This includes:

  • Internal device ID
  • Operating system version
  • Time of access

This data is automatically transmitted to us but not stored. The purpose of this processing is to:

  1. Provide the service and its associated functionalities;
  2. Improve the features and performance of the App;
  3. Prevent and resolve misuse and malfunctions.

This data processing is justified because:

  1. It is necessary for the performance of the contract between you as the data subject and us in accordance with Article 6(1)(b) GDPR;
  2. We have a legitimate interest in ensuring the functionality and flawless operation of the App, which outweighs your rights and interests in the protection of your personal data under Article 6(1)(f) GDPR.

1.3 Creation of a User Account (Registration) and Login

If you request login credentials for a user account or log in, we use your access data to grant you access to your user account (sent via email) and to manage it („Mandatory Information“). Mandatory fields during registration are marked with an asterisk and are required to complete the user agreement. If you do not provide this data, you cannot create a user account.

The mandatory data is used to authenticate you upon login and to process password reset requests. The data you provide during registration or login is processed to:

  1. Verify your authorization to manage the user account;
  2. Enforce the App’s terms of use, including all associated rights and obligations;
  3. Contact you with technical or legal notices, updates, security alerts, or other information related to the management of your user account.

This data processing is justified because:

  1. It is necessary for the performance of the contract between you as the data subject and us in accordance with Article 6(1)(b) GDPR;
  2. We have a legitimate interest in ensuring the functionality and flawless operation of the App, which outweighs your rights and interests under Article 6(1)(f) GDPR.

1.4 Use of the App

Within the App, you can enter, manage, and process various information, tasks, and activities. This includes data about training progress and physical attributes recorded through the App, as well as time tracking and time symbols recorded by the user. A unique key assigned to you is used as an identification feature, which is negotiated upon initial registration. The data collected is transmitted exclusively to our servers for use as a time tracking system.

The App requires the following permissions:

  • Internet Access: Needed to transfer collected data via an encrypted connection to our servers. A unique key is used as an identification feature, which can only be assigned to the respective user on the server side. An automated service periodically checks whether data needs to be transferred and transmits it if necessary.
  • Camera Access: Required for uploading pictures or photos for the user profile or attaching image files in the messenger.

The processing and use of usage data is necessary to provide the service. This data processing is justified because it is necessary for the performance of the contract between you as the data subject and us in accordance with Article 6(1)(b) GDPR.

2. Disclosure and Transfer of Data

Your personal data will only be disclosed without your express prior consent in the cases explicitly mentioned in this privacy policy or where legally permissible or required. This may include cases where processing is necessary to protect the vital interests of the user or another natural person.

2.1 The data you provide during registration is shared within our company, Body Control GmbH, for internal administrative purposes, including shared customer support, as required.

2.2 If unlawful or abusive use of the App is detected or legal enforcement is necessary, personal data may be transferred to law enforcement authorities or other authorities, as well as, where applicable, to affected third parties or legal advisors. This occurs only if there are indications of illegal or abusive behavior.

2.3 We rely on contractually affiliated partners and external service providers for our services:

  • Body Control contractual partners (personal trainers and service providers in the sports and fitness sector)

3. Data Transfers to Third Countries

We process data exclusively within the European Economic Area.

4. Changes in Purpose

Processing of your personal data for purposes other than those described will only occur if legally permitted or if you have consented to the new purpose of data processing.

5. Data Retention Period

Your personal data will be deleted or anonymized as soon as it is no longer required for the purposes for which it was collected. Typically, your personal data is stored for the duration of the usage or contractual relationship plus an additional [7] days for backup retention, unless required for legal enforcement or defense of claims.

6. Your Rights as a Data Subject

You have the right to access, rectify, erase, restrict processing, object, and data portability under the GDPR.

7. Contact Information

For inquiries or to exercise your rights, contact:

Body Control GmbH Hans-Henny-Jahnn-Weg 53, 22085 Hamburg Email: info@bodycontrol.io

8. Changes to This Privacy Policy

We keep this privacy policy up to date. Therefore, we reserve the right to amend it as necessary.