Content
1. Collection and processing of personal data
2. Access data
3. Thenics Flow Sign Up
4. Google and Apple Sign Up
5. Firebase
6. Youtube
7 RevenueCat
8. Access permissions
9. Cookies
10. SSL or TLS encryption
11. Contradicting advertising mails
12. Rights of the user
13. Contact form
14. Contact and Responsible
Our website and the apps are provided to you by Innothenics UG (limited liability). Protecting your personal data is taken very seriously by us, so we treat your personal data confidentially and according to legal regulations.
This privacy policy should inform you in detail about the scope and purpose of the collection and use of personal data.
We reserve the right to change or adapt this privacy policy at any time in accordance with applicable data protection regulations. Thus, we advice to review this page periodically for changes.
Personal data includes all information which can determine your person and which can be traced back to you (e.g. your name or e-mail address). Definitions of the terms used (e.g. "personal data" or "processing") can be found in Art. 4 DSGVO.
Personal data that you provide to us will be used only if it is necessary for the performance and processing of our services. Legal basis therefore is our legitimate interest pursuant to Art. 6 DSGVO. Your data is kept secure and will not be disclosed to third parties.
We do not pass on your personal data without your express consent, but we cannot rule out the possibility that this data may be viewed in the event of unlawful conduct. If you send us personal data by e-mail - i.e. outside of this website - we cannot guarantee the secure transmission and protection of your data. We recommend that you never send confidential data unencrypted by e-mail.
If we store data from you, the data is stored for as long as it is necessary to fulfill our services, or until you delete your account/data, or retention periods make storage necessary.
The use of our website is basically possible without providing any personal information. However, in order to improve our online services, we store your access data to this website (without personal reference). More details on that in the following chapter.
We, the website operator or page provider, collect data on access to the website/app on basis of our legitimate interest (see Art. 6 Para. 1 lit. f. DSGVO) and store these as 'server log files'. The information is used by us to determine the attractiveness of our offers and to improve their performance or content if necessary and to make them even more interesting for you. We do not use this data to identify individual users. The following data is logged in this way:
Data | Purpose |
Visited website | Evaluation according to devices to ensure optimized presentation of the website |
Time and date of access | Clarification and prevention in cases of fraud |
Browser used | Evaluation according to devices to ensure optimized presentation of the website |
Operating system used | Evaluation according to devices to ensure optimized presentation of the website |
Device model or manufacturer (of smartphone, tablet, …) | Evaluation of device manufacturers and types of mobile devices for statistical purposes |
IP address used | Clarification and prevention in cases of fraud |
The data is stored indefinitely if feasible and for security reasons, e.g. to clarify cases of misuse. Furthermore it is mandatory for the operation of the website. Consequently, there is no possibility for the user to object.
You can create a Thenics account, in order to use all of our services. The registration will require personal data, which is exclusively used and needed for the respective services.
In the event of important changes, for example for technical reasons, we will inform you by e-mail. The message will be sent to the e-mail address provided during registration.
The data entered during registration will be processed on the basis of your consent (Art. 6 para. 1 lit. a DSGVO).
We store the data collected during registration for the period that you are registered on our website/app. Your data will be deleted if you cancel your registration. Legal retention periods remain unaffected.
You have the right to revoke given consents. For more details about your rights, please refer to chapter „Rights of the user & Responsible“.
We are using the Firebase Authentication service to authenticate your account. It provides added security and prevents abuse during sign-up and authentication. Data can be transfered to third country = USA, but is under EU-US Privacy shiled guarantee according to Art. 44ff DSGVO. More details on Firebase can be found in the respective chapter.
During the registration we require the following data. All mandatory information must be provided, otherwise we will refuse the registration. In addition, you must read our privacy policy and accept our terms and conditions. The data is deleted 30 days after account deletion.
Data | Purpose |
E-Mail address |
Account identification |
Password |
Account identification |
Name |
Direct approach |
Lastname |
Direct approach |
IP address used |
Clarification and prevention in cases of fraud |
You can also create your Thenics account via Apple or Google Sign Up. Therefore just click on the Google/Apple Button during registration. You will be redirected to Apple/Google, where you will need to sign in with your account. There it will be shown which data we request (public data: first name, last name and e-mail address). This information is necessary to create an identifiable and secure Thenics account for you.
Data | Purpose |
E-Mail address |
Account identification |
Password |
Account identification |
Name |
Direct approach |
Lastname |
Direct approach |
We use the Firebase service from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) to store your personal workout data within the Thenics app.
Furthermore we use Firebase to analyze your user behavior. The information we collect is used to monitor your interaction with our website and apps. It is used to optimize the user experience, for example by evaluating crash reports. The data collected is not personal data and we do not take any action to personalize it.
We currently use the following Firebase services:
Firebase Authentication
Purpose: Creating and authenticating your Thenics account
Data: E-Mail address, First name, Last name, Password
Place of processing: USA
Cloud Firestore
Purpose: Cloud Firestore is a database, where your user data is saved
Data: Workout data (e.g. skill level and history)
Place of processing: Europe
Cloud Storage
Purpose: If you upload photos to Thenics, they will be saved with Cloud Storage
Data: Profile picture or photos for the journey
Place of processing: Europe
Google and Firebase Analytics
Purpose and data: Google and Firebase Analytics collects data to provide analysis and attribution information. The type of data collected varies by device and by environment. Google and Firebase Analytics stores ID-related data for 60 days and collects reporting and campaign data indefinitely, unless the Firebase customer changes the Analytics data storage settings or deletes the project. An instance ID is used to track events and also the advertising ID of the device. You can change the use of the ad ID in the device settings of your mobile device. Android: Settings > Google > Ads > Reset Ad ID iOS: Settings > Privacy > Ads > No Ad Tracking.
Place of processing: Europe
Firebase Cloud Messaging
Purpose and data: If you give us your consent, we can send you push messages with Firebase Cloud Messaging on your mobile iOS device, even if our app isn’t opened. On Android push notifications are automatically allowed. On both OS you are able to manually deactivate push notifications in your settings. Firebase Cloud Messaging uses instance IDs to determine to which devices messages should be delivered. Firebase stores instance IDs until the Firebase customer initiates the deletion of the ID using an API call. The data is deleted from both live servers and all backup systems within 180 days of the call.
Place of processing: Europe
Firebase uses this data on our behalf for the above purposes.
The legal basis for the use of Google Analytics is § 15 Abs.3 TMG resp. Art. 6 Abs. 1 lit. f DSGVO.
More details on Firebase privacy: https://firebase.google.com/support/privacy
We use YouTube services from YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA, to link-out to relevant videos. We are not responsible for the content on YouTube. Also be aware that when you open a screen with a video, a connection to YouTube is made, which informs about the visited page. If you are logged in to your YouTube account, these information can be assigned to your personal profile. To prevent this, log out beforehand.
Details on YouTube's privacy policy: https://policies.google.com/privacy?hl=en
Permission | Purpose |
Camera |
Taking photos for profile and journey |
Photo library |
Selecting photos for profile and journey |
Push notifications |
Getting information via push notifications |
Mobile data/WLAN (provided by operating system) |
Saving workout and user data. Loading new content |