Privacy Policy

Privacy Policy

The author of the applications “Calories!”, “Purine!”, “MyCalorieApp”, and “Withings2GPX”, Stefan Diener Software-Entwicklung (in the following: operator, we, us), observes all relevant legal data privacy provisions, amongst others German data privacy laws, and the General Data Protection Regulation (GDPR) of the European Union, as well as the California Consumer Privacy Act (CCPA). Using this privacy statement we want to inform you as a user and customer about the type, coverage, and purpose of the collection and usage of personal data.

1) Area of Application

This privacy policy covers all our services for end users. In detail:

a) Android apps:
– “Calories!”, in the following “offline app”,
– “Purine!”, in the following also “offline app”,
– “MyCalorieApp”, in the following “online app”,
– “Withings2GPX”,
b) MyCalorieApp server, in the following “server”,
c) homepage: https://www.mycalorieapp.com, https://www.mycalorieapp.de and https://www.fitmitgicht.de
d) e-mail,
e) social media: Bluesky.

2) Responsible Office and Contact, Data Controller

The contact person (Data Protection Officer, DPO, as well as Data Controller) in the sense of the data privacy laws is:

Stefan Diener
Stefan Diener Software-Entwicklung
Sterzinger Str. 30
D-84024 Rosenheim
Germany

support@mycalorieapp.de
Phone: +49 176 99974394 (Important note: No support by phone or SMS.)

3) Collection and Usage of Data

Generally, we do not sell personal information.

3.1) Online Apps and Server

The following data may be collected and stored using our online apps:
– current user account of the app store (Google, Samsung): in-app purchases only, no storage inside the app or at the server,
– e-mail address, password hash, verification code: e-mail based user account only,
– Google ID, e-mail address, login token: Google based user account only,
– name,
– date of birth, body height, gender,
– date of account creation,
– date of last login,
– date of last device change: with activated quick login only,
– consumptions, exercises, job activities, mood, daily notices,
– weight diary,
– favorites foods and sports,
– settings,
– lists and recipes,
– user generated foods and barcodes,
– user generated food modifications, as long as the modifications are not applied,
– licenses (Pro version, Pro account),
– e-mail address, if the account is blocked permanently.

For the purpose of contract processing, the following data is stored with us for the online apps:
– e-mail address: e-mail based user account only,
– Google ID, e-mail address: Google based user account only,
– name,
– date of account creation,
– licenses.

There will be no transfer of data to third parties, except for the transmission to our tax advisor to fulfill our tax obligations, or if there is a legal obligation to transfer data.

The user account and all contract related data will be deleted as soon as the user account has not been used for a long period of time. Active use is assumed as long as a fee-based license is used or a successful login with this user account has been carried out in the last 24 months.

Consumptions, exercises, job activities, mood and daily notes are stored for 3 months. This period increases to 24 months as long as there is a valid Pro license throughout. The data of the weight diary is stored for 3 years. This period increases to 10 years, as long as there is a valid Pro license throughout.

Created foods and barcodes, as well as submitted, but still unprocessed suggestions for modification to existing foods are stored as long as the operator’s right to use the content you have created exists.

All personal data (with the exception of the contract-relevant data, as well as the created foods, barcodes and food modifications) can be deleted at any time by the user with the help of the app. Furthermore, the user can always lock his user account using the app. Registration is only possible again after the user account has been activated by the support team at the request of the user.

The following data are accessible by all users in an anonymized form:
– foods,
– barcodes,
– public lists and recipes.

The MyCalorieApp server serves as a platform for our own online and offline apps, as well as for third-party apps and services. There is a data processing contract with all third party providers. All third parties are required to design their privacy policies consistent with our privacy policy.

Personal information will only be transferred to a third party if you use an app or service of such a provider. This does not apply to data that is accessible to all users in anonymous form.

The transfer of all data from and to the server is done exclusively via secure connections (HTTPS).

All stored data are subject to the data protection laws of the European Union. The location of the MyCalorieApp server is Belgium.

The data processing takes place on the basis of the legal regulations of the article 6, paragraph 1, point a) and f) of the GDPR.

3.2) Offline-Apps und Server

The following data can be collected by our offline apps and stored on the server:
– user generated foods and barcodes,
– user generated food modifications,
– a user ID for data transfers,
– data transfers created by the user.

The user ID for data transfers is only created when the user performs a data transfer. It is anonymized and does not allow any conclusions to be drawn about the identity of the user. The data transfers are only stored temporarily on the server. They are only used to transfer data from one device to another and are not to be understood as a backup. All data transfers are automatically deleted from the server after 24 hours at the latest.

The following data are accessible by all users in an anonymized form:
– foods,
– barcodes.

The MyCalorieApp server serves as a platform for our own online and offline apps, as well as for third-party apps and services. There is a data processing contract with all third party providers. All third parties are required to design their privacy policies consistent with our privacy policy.

The transfer of all data from and to the server is done exclusively via secure connections (HTTPS).

All stored data are subject to the data protection laws of the European Union. The location of the MyCalorieApp server is Belgium.

The data processing takes place on the basis of the legal regulations of the article 6, paragraph 1, point a) and f) of the GDPR.

3.3) Apps

The following data is collected by our apps and stored locally on the device:
– current user account of the app store (Google, Samsung): in-app purchases only, no storage inside the app,
– date of birth, body height, gender (offline apps only, online apps for caching only),
– consumptions, exercises, job activities, mood, daily notices (offline apps only, online apps for caching only),
– weight diary (offline apps only, online apps for caching only),
– favorites foods and sports (offline apps only, online apps for caching only),
– settings (“Calories!”, “Purine!”, “Withings2GPX”, online apps for caching only),
– lists and recipes (offline apps only, online apps for caching only),
– user generated foods (offline apps only, online apps for caching only),
– licenses (Pro version, Pro account, ad removal),
– backups (offline apps only),
– e-mail address and password of the Withings user account (“Withings2GPX” only),
– GPS and exercise data (“Withings2GPX” only).

The apps “Calories!”, “Purine!”, and “Withings2GPX” don’t transfer any contract-relevant data to us. The online apps use the device’s memory as a temporary cache only.

With the apps “Calories!”, “Purine!”, and “Withings2GPX” all personal data can be deleted at any time by the user himself using the Android settings. Furthermore, all data will be deleted when the app is uninstalled from the device, for the offline apps with the exception of the backups. These can be deleted manually at any time if required.

Advertising Services

Our apps (except “Withings2GPX”) use features of multiple advertising services. It uses features that may use information about your visits to our apps to show ads about products and services that interest you. The information generated thereby is transmitted to the server of the particular advertising service and stored there.

The data processing takes place on the basis of the legal regulations of the article 6, paragraph 1, point a) and f) of the GDPR. Our concern in the sense of the GDPR (legitimate interest) is the maintenance of our offer and our apps.

Our apps are using the following advertising services:

– “Google AdMob” is provided by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. For more information on how to handle user data on Google AdMob, please see the Google Privacy Policy: https://privacy.google.com/businesses/processorterms/ and https://privacy.google.com/businesses/controllerterms/

Google Cloud Print

Our apps (except “Withings2GPX”) can print data using Google Cloud Print. Furthermore, PDF files can be exported. The Google Cloud Print Terms of Service apply: https://support.google.com/cloudprint/answer/2541843?ref_topic=4456298

Android Backup Service

The backup data of the apps “Calories!”, “Purine!”, and “Withings2GPX” is stored in the Android Backup Service. Google treats this data as personal information in accordance with Google’s Privacy Policy:
https://www.google.com/privacypolicy.html

Google Firebase Crashlytics

Our apps use “Google Firebase Crashlytics” to send, save and manage crash reports. The following data is recorded:
– date and time,
– stack trace of all threads,
– app information: name of the app, app version, database version, app store,
– device information: language used, version of Google Play Services, vendor, model, Android version, memory configuration, screen configuration,
– information about the user: used language of the database.

No information is transferred from the log file. Crashlytics doesn’t collect or transmit any personally identifiable information.

The data processing takes place on basis of the legal regulations of the article 6, paragraph 1, point a) and f) of the GDPR. Our concern within the meaning of the GDPR (legitimate interest) is the improvement of our offer and our apps.

Google Health Connect and Google Fit

Our apps use Google Health Connect and Google Fit to share fitness data. The following data is transferred:
– exercise, energy consumption, distance (read from Google Health Connect or Fit),
– weight, and body fat (read from Google Health Connect or Fit, write only Google Fit).

Our apps use Google Health Connect / Fit data to calculate your basic daily needs and daily balance. Details:

Excercises, energy consumption, and distance:
– Display of trainings / activities in My Day (type, duration, energy consumption)
– Consideration of energy consumption when calculating the daily balance
– Consideration of energy consumption when calculating training calories in the Analysis
– Export of trainings / activities and energy consumption as PDF and CSV, as well as printing

Weight, and body fat:
– Calculation of the basic energy needs from the current body weight
– This applies to the daily basic needs and the energy consumption of workouts from manually created trainings and trainings from Google Health Connect / Fit if the energy consumption is not specified.
– Display of body weight and body fat percentage in the Weight Diary: list and diagram
– Display of body weight on the dashboard: number and diagram
– Monitoring of body weight by the diet assistant
– Export of body weight and body fat percentage as PDF, CSV, PNG, as well as printing

All data remain on the device and are neither transferred to the MyCalorieApp server nor to third parties. All Google Health Connect / Fit data is stored in a local encrypted database.
The use of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
The terms of use of Google apply: https://policies.google.com/terms
Google privacy policy: https://policies.google.com/privacy

Protection mechanisms for sensitive data

With the “Calories!”, “Purine!” and “Withings2GPX” apps, no contract-relevant data is transmitted to us. The online apps only use the device’s memory as a temporary cache.

With the “Calories!”, “Purine!” and “Withings2GPX” apps, all personal data can be deleted by the user at any time using the Android settings. Furthermore, all data is deleted when the app is removed from the device, with the exception of backups in the case of offline apps. These can be deleted manually at any time if required.

All data read by Google Health Connect and Google Fit remains on the device and is neither transferred to the MyCalorieApp server nor to third parties. All Google Health Connect and Google Fit data is stored in a local encrypted database.

3.4) Homepage

Our homepage doesn’t use cookies, nor any kind of tracking. Furthermore no advertisement is displayed. No personal data is collected.

3.5) E-Mail

If you contact us by e-mail, your details will be stored for processing the request and for follow-up questions for twelve months. The transmission of data is voluntary. The use of e-mail support is, as far as possible, always possible without providing personal data. We will not disclose any data collected via e-mail without your consent, unless there is a legal obligation to do so.

3.6) Social Media: Bluesky

For our presence at Bluesky, the terms of use of the respective provider do apply.

4) Mandatory and voluntary data

The following data is required to fulfill the contract:
– for our online apps: contract data, see section “Online Apps and Server”,
– for all apps: current user account of the app store (Google, Samsung) for in-app purchases (temporary, will not be saved by us).

Without this mandatory data we cannot conclude the contract with you.

All other data are transmitted on a voluntary basis.

5) Permissions of the Application

We designed the application for minimal usage of permissions. To function correctly, the app requires access to your mobile phone or tablet:

– access to external storage: Access to the SD card of the device is required for the export and printing of data (offline apps, online apps, “Withings2GPX” only), for the backup of data (offline apps only), and by some ad networks (for caching data).
– access to network: Access to the network is required for the access of the MyCalorieApp server (offline and online apps), the access of the Withings server (“Withings2GPX” only), the printing (offline and online apps only), the in-app billing, the display of advertisements, the transmission of crash reports, as well as anonymized statistics.
– camera and flashlight: Required for the barcode scanner.
– activity recognition, read active calories burned, read total calories burned, read exercise, read distance, read weight, read body fat: Google Health Connect and Google Fit, reading of exercises, burned calories, distance, body weight, and body fat.
– write weight, write body fat: Google Fit, writing of body weight and body fat.
– billing: This permissions is required for the in-app billing.
– advertising ID: Required for personalized ads.
– notifications: Required for the display of notifications, e.g. for app updates, the ending of licenses, progress messages, compatibility issues, messages from the developer.
– boot completed: Required for license check (Purine! only).
– wake lock: Required for the update of widgets on pre-Oreo devices.

6) Your Rights

You have the rights to free-of-charge information about your data, correction, deletion, limitation of processing, data portability, revocation and opposition. You have the right to request access to the personal data that we collect. If you believe that the processing of your data violates data protection laws or your data protection claims have otherwise been violated in a way, you have the right to complain to the relevant supervisory authority.

7) Changes of the Privacy Statement

This privacy statement may change in the future. The official version is always accessible at our website.

8) Links

Our website contains links to external websites of third parties. We have no influence on the content of these directly or indirectly linked websites. The respective operator / provider is always responsible for the accuracy of the content, which is why we cannot assume any liability for external links.

The linked pages were checked for possible legal violations at the time of linking. Illegal content was not recognizable at the time of linking. However, a constant content control of the linked pages is not reasonable without concrete evidence of an infringement. Upon notification of violations, we will remove such links immediately. Please contact us if you have comments to external links.

9) Copyright Notice

Copyright © 2016-2024 Stefan Diener, Stefan Diener Software-Entwicklung.

All aspects of our web site – design, text, graphics, applications, software, underlying source code and all other aspects – are copyright Stefan Diener unless otherwise noted. In accessing these web pages, you agree that any downloading of content is for personal, non-commercial reference only (unless otherwise noted). No part of this web site may be reproduced or transmitted in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without prior permission of the web site operator.

As far as the contents on this web site were not created by the operator, the copyrights of third parties are considered. In particular contents of third parties are marked as such. If you should still be aware of a copyright infringement, we ask for a note. Upon notification of violations, we will remove such content immediately.

For rights clearance please contact us.