This privacy policy is intended to inform the users of the services offered by APPSTIQ about the way, scope and purpose of the collection and use of personal data by the website operator or rather app operator.
1. Contact
APPSTIQ
Elias Mitropoulos
Freundstraße 2a
42579 Heiligenhaus
Germany
E-Mail: info@appstiq.com
2. Purpose
Your privacy is important to APPSTIQ (in the following: “we”, “our” or “us”), and we take our responsibility of caring for it seriously. Our obligation to do so arises from the European General Data Protection Regulation (GDPR). Our offer contains telemedia within the meaning of sect. 1 para. 1 of the German Telemedia Act (Telemediengesetz, TMG). We offer our services on several platforms. You can access our information on our website at www.appstiq.com. In addition, we offer our applications (apps) for mobile devices. Our apps are available via the independent platforms "Google Play Store" (for Android) and "Apple AppStore" (for iOS/iPadOS, iOS/iPadOS will be called iOS in the Following) and can be installed from there. We also maintain our own channels/pages on the social networks YouTube, Twitter, Instagram and TikTok to present our products or/and our offer. These data protection instructions apply in principle to all aforementioned offers. If there are data protection particularities for individual offers, we will explain them separately.
3. Collection and processing of personal data
By default, when you visit our website (-s) or use one of our applications, the web servers temporarily store data for the purposes of system security and to improve the online offerings such as connection information of the requesting device, the sites you visit, the date and duration of the visit, the IP address, the recognition data of the used browser/device and operating system as well as eventually the website from which you visit us. The personal data provided by you are initially used exclusively for the purpose of technical administration of the website or the respective app. Additional personal information such as your name, address, mobile phone number (list incomplete) will only be used with the express consent of the user to fulfil a contract (our offer) or pre-contractual measures. We do not share personal data with third parties unless it is necessary to respond to your request or fulfil our offer.
The basis for data processing is article 6 para. 1 GDPR. We collect, process, or use as few personal data as possible, if you use one of our services.
3. a) Server-Log-Files
We collect and store due to legitimate interest automatically information in server log files that your browser automatically transmits to us. These are:
- browser type and browser version or app-version
- used operating system
- referrer URL
- host name of the accessing device
The data concerning the time of the server request cannot be assigned to a specific person. This data will not be merged with other data sources. But we reserve the right to check this data retrospectively, if we become aware of specific indications for illegal use.
3. b) Contact form and E-Mail
On our website you have the possibility to contact us via a contact form. In order to send a message to us via the contact form, it is mandatory to provide your name, your message and your e-mail address. In the case of providing your name, there is no requirement to provide a clear name, pseudonymous use is possible. The provision of your telephone number while contacting us via a contact form is voluntary.
Data transmitted via the contact form, including your contact details, are stored to be able to process your enquiry or to be available for follow-up questions. This data will not be passed on and/or further processed without your consent. You can revoke your consent at any time. An informal e-mail (see e-mail address in our legal notice) is sufficient for the revocation. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation.
Data transmitted via the contact form will remain with us until you request us to delete it, revoke your consent to store it or there is no longer any need to store the data. Mandatory legal provisions - in particular retention periods - remain unaffected.
If you contact us directly via e-mail, the collection, processing and storage of your transmitted personal data is exactly identical to the explanations for the contact option "contact form".
3. c) Presentation and support on social-media-networks
To present our products and services and to provide information on our offer, we maintain one or more own channels/pages on the social networks YouTube, Twitter, Instagram and TikTok.
According to the ruling of the European Court of Justice (ECJ) of 05.06.2018, Ref. C-210/16, the operator of social media pages is jointly responsible for data processing, at least in the case of Facebook fan pages, within the meaning of Art. 26 GDPR. We assume an analogous applicability of this decision to other social networks, including YouTube, Twitter, Instagram and TikTok. So far, we are not aware that these social networks each offer an agreement that meets the requirements of Art. 26.
We would like to point out that you use the social media sites operated by us and their functions (e.g. liking, commenting, etc.) on your own responsibility.
We only process your data if you contact us via one of the platforms. In this case, the respective platform provider collects your data and makes it available to us. We use the data provided by the platform provider and the data provided by you to us (e.g. chat messages) only to be able to process your enquiry and/or to be available for follow-up questions. We do not pass on this data to third parties, store the data on our own systems or systematically process it further without your consent.
The legal basis for the processing of personal data is, depending on the case constellation, the processing for the initiation and execution of a contract pursuant to Article 6 para.1 (b) GDPR or the processing based on our legitimate interest in communicating with users for the purpose of advertising and/or presentation or optimisation of offers pursuant to Article 6 para.1 (f) GDPR. If you have consented to the operator of the social network to the aforementioned data processing with effect for us, the legal basis is Article 6 para.1 (a) GDPR.
For any further collection and processing of (personal) data on our social media pages, the privacy policy of the respective network operator applies. We have no knowledge of and no influence on the type and scope of the data processed by the respective operators, the type of processing and use or the transfer of this data to third parties. We also have no effective means of control in this regard. The respective data protection declarations of the individual platform providers can be found here:
• YouTube (represented by Google): https://policies.google.com/privacy
• Instagram: https://help.instagram.com/155833707900388
• Twitter: https://twitter.com/de/privacy#update
• TikTok: https://www.tiktok.com/legal/privacy-policy
3. d) Collection of personal data when using our apps and in-app purchases
Our apps are available via the independent platforms "Google Play Store" (for Android) or "Apple AppStore" (for iOS), so called app stores, and can be downloaded from there. When you download one of our apps from an app store, the required information is transmitted to the app store, in particular the user name, time of download and the individual device identification number. Furthermore, you have the possibility to rate the app on the page of the app store. We have no influence on this data collection and processing and are not responsible for it. Information on this can be found in the privacy policy of the "Google Play Store" or the privacy policy of the "Apple AppStore".
When you purchase products within our apps (in-app purchase) or download one of our apps via an app store, we do not collect or process your personal data. This data, in particular the data for electronic payment processing, is only collected and processed directly by the respective app store operator. When using one of the app stores, please observe its privacy policy.
• For Android: Privacy policy of Google: https://policies.google.com/privacy
• For iOS: Privacy information from Apple about the AppStore: https://support.apple.com/en-en/HT210584
Privacy policy of Apple: https://www.apple.com/privacy/
3. e) User account
The creation of a user account is a requirement for the use of the Provider's application offer as well as certain other parts of the offer provided by the Provider. To create a user account, you need to "sign in with your Google account" or sign in with your Apple-ID ("Sign in with Apple"). Therefore, an activated Google account or an active Apple-ID is required for registration. During "signing in with a Google Account", we receive information about your email address linked to your Google account, your Google profile name, the ID of your Google account and your Google profile picture, using the Google API. When you sign in using an Apple ID ("Sign in with Apple"), we receive information about your Apple-ID identification number and the name you provided Apple when you created your Apple-ID. We use this data to create a profile/user account in our database. You can change the profile name of your user account, even independently of the linked third-party account (Google account or Apple-ID). There is no obligation to use a clear name, pseudonymous use is possible. In general, this personal data is collected and stored exclusively for internal use and for our own purposes necessary to fulfil our offer. Your registration with voluntary provision of personal data serves us to provide certain contents or services of our offer which, due to the nature of the matter, can only be offered to registered users. For example, your in-app progress is stored via the user account you have created. Registered persons are free to change the personal data provided during registration at any time or to have it deleted from our database. You can find an overview of your rights in the final provisions of this privacy policy (see 10. Final provisions).
4. Data processing of user content and data visibility in communication platforms
Parts of our offer may include various communication platforms and chat functions in which the user can distribute so-called user content and share this content with other users. "User content" means all communications, images and all other content, data and information that the user uploads or transmits via the provider's offer or that other users upload or transmit, in particular, for example, chat text. Special provisions apply to User Content, which can be found in our GTC.
User Content may be shared/distributed in certain parts of our Service either "publicly", i.e., for example, within chats, which are freely accessible to all registered users, or "privately", i.e., within certain "private messaging features" with selected registered users.
All user content that you distribute via parts of our offer will be stored by us within the framework of the provision of our offer for no longer than necessary for the provision of the respective part of the offer.
However, you can delete your own distributed user content at any time, if not already done by our systems, on your own "in advance". Tools for doing so are available within the parts of the offer that allow the distribution of user content.
Your "publicly" distributed user account can only be viewed by the provider or users, who are also registered.
"Privately" transmitted user content can, apart from the user sending the private message, explicitly only be viewed by users who have been designated to receive it by the sending user. This is because privately transmitted user content is secured by us using end-to-end encryption, so that the provider or third parties are prevented from viewing the privately transmitted user content. Only the time of provision, the user account names of the recipients and the sender ("frame-data"), but not the transmitted user content of a private message can be viewed by the provider. The actual communication within "private message features" thus remains completely private. More information about end-to-end encryption can be found on https://appstiq.com/endtoend.
According to end-to-end encryption, each private message is stored and encrypted locally by the sender on the device used by the sender to transmit user content privately and, after delivery of the message, is decrypted and stored locally on the device used by the recipient. It follows that private messages which, by their nature, must pass through APPSTIQ's servers for delivery purposes always are encrypted during the delivery-process according to end-to-end encryption principles. Immediately after delivery to the recipients, the encrypted private message will be deleted from APPSTIQ's servers, but at most after 30 days, even if the private message could not be (fully) delivered by then. In connection with the deletion of the private message from APPSTIQ’s servers, all "frame-data" of the private message will also be completely removed from our servers, so that they are also no longer available for viewing by the provider.
After delivery, the private message is then only viewable on the device from which the message was sent, by the user who sent the message, and on the devices on which the message was received, by the recipients involved in the private communication. This is because all private messages are stored locally, both on the sender's side and on the recipient's side.
If a user deletes the locally stored, user-specific data of the communication platform or app from the device with which he or she sent and/or received private messages, all private messages sent or received up to that point are also completely removed from the device and can no longer be viewed on this specific device.
Please consider always carefully which user content you wish to share with other users of the communication platform "privately", and/or also "publicly", and which you do not share.
In connection with the user-activity in communication platforms and chat functions of the provider and the display of your user content distributed via our offer within the offer, your user account name, in the case of the distribution of a user content, the provision time of the user content, and your profile picture will also be visible for other registered users who may interact with you directly.
Any registered user can, if available, contact you "privately" using "private message features" implemented in certain parts of the offer. However, you have the option of rejecting such contact attempts from a user by blocking the user.
Blocking users is also possible when using "public" chats. All messages distributed by blocked users will then be censored for you personally.
You are also free to have the user account, which you used to participate in a communication platform or specific chat-functions of the provider, deleted by the provider (pursuant to Art. 17 GDPR). If you have your user account deleted, your user content disseminated up to that point, which has not been deleted beforehand, and the time at which it was made available, in particular, for example, within private or public chat histories, will continue to be visible to participating, registered users of the service and thus remain stored for as long as the system deems it is necessary for the smooth provision of the relevant part of the service. However, your account will no longer be accessible after deletion and all other personal data, such as your user account name, your user account ID and profile picture, will be deleted and suitable, universal placeholders will be inserted in places where such data would be necessary in connection with your still visible, already disseminated user content. All other data will be deleted as already described.
5. Cookies
Our website(s) use(s) cookies. These are small text files that your web browser stores on your device. Cookies help us to make our offer more user-friendly, effective and secure. Some cookies are "session cookies." “Session cookies” are automatically deleted after the end of your browser session. On the other hand, other cookies remain on your device until you delete them manually. Such cookies help us to recognize you when you return to our website. With a modern web browser, you can monitor, restrict or prevent the setting of cookies. Many web browsers can be configured to automatically delete cookies when the program is closed. The deactivation of cookies may result in a limited functionality of our website. The setting of cookies, which are necessary for the exercise of electronic communication processes or the provision of certain functions requested by you, is based on Art. 6 para. 1 GDPR. As the operator of this website, we have a legitimate interest in the storage of cookies for a perfect presentation of our services. If you restrict the cookie settings, we cannot guarantee that our services will work perfectly well.
6. Advertising
In our apps that can be downloaded free of charge, we may display advertisements from our advertising partner. This is necessary to be able to continue to provide our apps free of charge in the future. For the display and insertion of advertisements in our apps, we use Google AdMob, a service for the integration of advertisements for mobile apps of Google Inc. ("Google"). The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Admob uses device identifiers during the use of one of the relevant apps to personalise content and ads, provide social media functionality and analyse traffic to the Admob API. During this, we transmit your IP address as well as, if available, your Advertising-ID to AdMob in the USA. The Advertising-ID is a pseudonym under which general information about your surfing behaviour is stored. Google processes the data on our behalf to display personalised advertising for you. You can restrict or disable the use of this Advertising-ID by AdMob in the device settings of your mobile device as follows:
• Android: Settings > Google > Ads (sometimes: "Advertising") > Reset Ad ID.
• iOS (iOS 13 or lower): Settings > Privacy > Advertising > Reset Ad-ID
• iOS (iOS 14 or higher): As of iOS 14, tracking for advertising purposes is disabled by default. To allow our apps to request tracking, you can proceed as follows: Settings > Privacy > Tracking > Allow apps to request tracking
If users wish to object to interest-based advertising by Google marketing services in addition, they can use the settings and opt-out options provided by Google: https://adssettings.google.com/.
We receive a fee from Google for the displaying advertisements.
The personal data of the users to be processed for this purpose are processed on the basis of our legitimate interest (i.e. interest in the analysis, optimisation and economic operation of our app offer within the meaning of Art. 6 para. 1 lit. f. GDPR).
If data is also processed in the USA, we would like to point out that Google is certified under the Privacy Shield agreement and thereby assures that it complies with European data protection laws.
You can find information about AdMob here: https://admob.google.com/home/
You can read about how Google uses data from apps that use Google services here: https://policies.google.com/technologies/partner-sites
7. Google Firebase
For some of the apps we offer (currently: TV Live Chat, Sports Live Chat), we use the developer platform "Google Firebase" and the functions and services associated with it, offered by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Google Firebase is a platform for app-developers for mobile devices and websites. The functions include, among other things, the storage of apps including personal data of the users, such as their user content or information regarding their interaction with the apps (so-called "cloud computing"). Google Firebase also offers interfaces that allow the users interaction between the respective apps and other services, e.g. authentication using services such as Facebook, Google or email/password combination.
The evaluation of the users' interactions can be carried out with the help of the analysis service "Firebase Analytics". Firebase Analytics is designed to record how users interact with an app. Events are recorded, such as the first opening of the app, uninstallation, update, crash or frequency of use of the app. The events can also be used to record other user interests, e.g. for certain functions of the apps or certain topics. This can also be used to create user profiles, which can be used, for example, as the basis for displaying advertisements.
Google Firebase and the personal data of users processed by means of Google Firebase may also be used together with other Google services, such as Google Analytics and the Google marketing services and Google Analytics (in this case, device-related information such as the Advertising-ID are also processed in order to identify users' mobile devices).
The users' personal data to be processed for this purpose are processed on the basis of our legitimate interest (i.e. interest in the analysis, optimisation and economic operation of our app offering within the meaning of Art. 6 para.1 lit. f. GDPR).
If data is also processed in the USA, we would like to point out that Google is certified under the Privacy Shield Agreement and thereby assures that it complies with European data protection laws.
Google's privacy policy is available at https://policies.google.com/privacy. Users can find further information on the use of data for marketing purposes by Google on this overview page: https://policies.google.com/technologies/ads.
8. Google Fonts
Our website and apps use fonts made by Google. Provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
For your safety and to respect your right to informational self-determination, we only load these fonts from our own server, locally, if you visit our website. By using these fonts, it will be possible to present the desired presentation of our website or app, regardless of which fonts are available to you locally. However, no personal data of yours, such as your IP address, is transmitted to Google.
9. Integration of external services
9. a) Twitter
Features of the service Twitter are integrated on our websites. These functions are offered by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. By using Twitter and the "Re-Tweet" feature, the web pages you visit will be linked to your Twitter account and shared with other users. This data is also transmitted to Twitter. The transfer of data to Twitter is based on the consent you have given Twitter when registering your account in accordance with Art. 6 para. 1 a) GDPR. We point out that we as the provider of the website are not aware of the content of the transmitted data and their use by Twitter. For more information, see the Twitter Privacy Policy at https://twitter.com/privacy#update. You can change your privacy settings on Twitter in the account settings at: https://twitter.com/settings/account.
9. b) Instagram
Features of the service Instagram are integrated on our sites. These functions are offered by Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA. If you are logged in to your Instagram account, you can link the contents of our pages to your Instagram profile by clicking on the Instagram button. This allows Instagram to associate the visit of our pages with your user account. The transfer of the data to Instagram is based on the consent you have given Instagram when registering your account in accordance with Art. 6 para. 1 a) GDPR. We point out that we as the provider of the website are not aware of the content of the transmitted data and their use by Instagram. For more information, see the Instagram Privacy Policy: https://help.instagram.com/155833707900388
9. c) YouTube
We use the provider YouTube for the integration of videos. YouTube is powered by YouTube LLC, headquartered at 901 Cherry Avenue, San Bruno, CA 94066, USA. YouTube is represented by Google Inc., located at 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. If you enter our websites, which contain such a plugin, a connection is established to the YouTube servers and the plugin is displayed. This will send the information to the YouTube server which of our websites you have visited. The transfer of the data to YouTube is based on the consent you have given Google when registering your account in accordance with Art. 6 para. 1 a) GDPR. If you are logged in as a member of YouTube, YouTube assigns this information to your personal user account. When using the plugin for (e.g.) clicking on the start button of a video, YouTube will also assign this information to your user account. You can prevent this association by logging out of your YouTube user account and other user accounts of the companies YouTube LLC and Google Inc. before using our website and deleting the corresponding cookies from the mentioned companies. You can find more information about data processing and privacy by YouTube (represented by Google) at: https://policies.google.com/privacy?hl=en&gl=en.
10. Final provisions
10. a) Rights of the user
As a user, you have the right to receive free information on your request about whether and which personal data has been stored about you (Art. 15 GDPR). You also have the right to correct incorrect data (Art. 16 GDPR) and to restrict the processing (Art. 18,19 GDPR) or to delete your personal data (Art. 17 GDPR). If applicable, you can also assert your right to data portability (Art. 20 GDPR). If you suspect that your data has been processed unlawfully, you can file a complaint with the competent authority.
10. b) Deletion of personal data
If your request does not violate a legal obligation to store data (e.g. data retention), you may request the deletion of your data. Data stored by us will be deleted if it is no longer necessary for its purpose and there are no legal retention periods. If the deletion can not be carried out because the data is required for legal purposes, the data processing is restricted. In this case, the data is locked and not processed for other purposes.
10. c) Right to object
Users of our services can use their right to object and object to the processing of their personal data at any time (Art. 21 GDPR). If you wish to correct, block, delete or receive information about the personal data stored about you, or if you have questions about the collection, processing or use of your personal data or if you wish to revoke your consent, an informal e-mail to privacy@appstiq.com is sufficient.
11. More information
In order to provide the user of our services a secure use of them, we use modern security techniques and security measures (such as SSL encryption). The servers we use to provide our website-offer are all located in Germany and have a certification according to ISO 27001.
If Google Firebase is used by the Provider to offer an specific part of our application-offer and therefore data is eventually processed in the USA, we would like to point out one more time that Google is certified under the Privacy Shield Agreement and thereby assures that it complies with European data protection laws.
Google's privacy policy is available at https://policies.google.com/privacy.
If Google Firebase is not used by the Provider to offer an specific part of our application-offer, we only use servers, which are all located in Germany and have a certification according to ISO 27001, to provide our application-offer.
We regularly improve our security measures to the ongoing technical development. Furthermore, despite careful content control, we assume no liability for the content of external links. The operators of the linked pages are solely responsible for its contents.
We reserve the right to change this privacy policy at any time. The user of our offer will be informed in advance about any changes.
If you have any questions about this privacy policy or you would like to revoke your consent, feel free to contact us via e-mail: privacy@appstiq.com.
Effective date: October 15, 2022