Last updated: March 24, 2020
1. Point of contact
The point of contact and so-called responsible body for the lawfulness of the processing of your personal data under data protection laws is:
Kollectiv Studio Limited
Mount Venus Road
Should you have any questions relating to data protection, you can get in touch with our company’s data protection officer at any time. The data protection officer can be contacted at the postal address above, as well as by email at email@example.com. The data protection officer is also available should you have any queries concerning the transfer of data to third countries and can provide copies or guarantees in the form of standard data protection clauses. Should you have any general concerns or queries, you can also contact Kollectiv Studio by email at firstname.lastname@example.org.
2. Area of applicability
3. Processing of personal data
Personal data will be processed before and during the downloading and installation of the apps.
Personal data is information relating to factual or personal relationships of a defined or definable natural person. Above all, this includes information which allows your identity to be traced, for example name, address or email address.
Statistical data which we collect during a visit to our apps for example and which cannot be connected to you does not come under the definition of personal data. Rather this is so-called anonymous data.
Processing when downloading and installing the apps
In order to be able to download and install our apps from an app store (for example Google Play Store or Apple App Store), you need to register first with the provider of the app store for a user account and finalise a corresponding use contract with the provider of the app store. We have no control over this, in particular we are not party to such a use contract. When downloading and installing the apps, the necessary information in this respect will be transferred to the respective app store, in particular your username, email address and customer number of your account, the time of the download and the individual device number. We have no control over this data collecting and are not responsible for this. We only process this data which has been provided should this be necessary for downloading and installing the app on your mobile end device (e.g. smartphone or tablet).
Processing when using the apps
In order to use the apps, the apps generate a number which is specific to the device when opened for the first time. This number cannot be assigned to a specific affected person (pseudonym). In addition, in order to technically display the named content, the operating system used (for example, Android or iOS), the hostname of the accessing device (IP address) and the time of the server request are processed.
Due to the way the Internet functions, the brief saving of the IP address is technically necessary. The IP addresses are deleted or anonymised after the processing. In case of anonymisation, the IP addresses are changed in such a way that the affected person cannot be identified or can no longer be identified. On the basis of the anonymised IP address, a location search will be carried out. For reasons connected to data protection, this only takes place on the geographical level of the country from where the access is taking place. By means of this, it is not possible to trace the concrete location or place of residence of a user. If you have consented to specific advertising technologies described under §10, these may have more specific localisation services in place.
The data in technical protocols (so-called log files) are evaluated by us in anonymised form in order to continually improve our apps and make them more user friendly, as well as in order to find and correct errors more quickly.
The data processing is necessary so that you can find out about the content of our apps. The legal basis is Article 6 Paragraph 1 f) GDPR, based on our interest in informing users of our content. The processing of the named data is necessary in order to provide the content. Otherwise, it is not possible for you to use the apps as requested.
Data processing as part of submitting feedback or signing up as a beta tester
If you use the “Suggest improvements, Report a bug, or Become a beta tester ” feature on the apps or website, only your email address, IP address and the information you provided will be processed.
The legal basis for the processing operations described above is Article 6 Paragraph 1 f) GDPR, based on our legitimate interest in improving our product and being accessible for our users.
Data processing as part of competitions
Competitions solely organised by Kollectiv Studio
The data required for you to participate in the contest will be collected and stored by Kollectiv Studio. This data will be used for the following purposes: To execute the contest, to notify prizewinners, and to clarify the shipping address for your prize. Unless otherwise stated, all data collected will be deleted after the conclusion of the contest.
4. Disclosure of personal data
In principle Kollectiv Studio does not pass your personal data on to third parties. The data collected by us is only passed on to third parties, if this is necessary to provide the technical functionality of the apps or another legal basis for the disclosure of data exists. Personal data may only be used by our service providers in order to fulfil their tasks. These were carefully selected by us and engaged in writing. They are subject to our instructions and are regularly monitored by us. Other use of the information is not permitted and is not carried out by any of the service providers used by us.
5. Storage of personal data
Kollectiv Studio Limited is committed to protecting the security of your personal information. We use a variety of security technologies and procedures to help protect your personal information from unauthorised access, use or disclosure. We have validated that all 3rd party vendors that we use internally are GDPR compliant.
Personal Data shall be processed and stored for as long as required by the purpose they have been collected for.
For certain functions, the apps need to be able to access certain services and data of your device. Depending on which mobile operating system you use, this may require you to express agreement to the accessing. Below, we will explain to you – in separate terms according to the mobile operating systems for which we offer the app – what authorisations the apps requests and what these are necessary for.
Push notifications: Should you click OK in the request “Enable push notifications” , you are permitting the apps to inform you of certain events and topics by means of push notification, even if the apps are not currently open. The notifications can take place by means of sounds, reports and/or symbol letter (a picture of a number on the app icon). Further information concerning push notifications and your configuration options can be found under number 6a).
Background updating: This function enables the apps to download data in the background and to update this, even if the apps are not currently open or are not being actively used.
Mobile data: This function enables the apps to download and update data outside of a WLAN network via mobile data connections (for example GSM, UMTS or LTE).
Apart from the standard entitlements for the operation of Android apps (such as the receipt of internet access or the option of letting the device vibrate; also called “normal entitlements” by Google), we do not request any further entitlements.
Using data which is saved on an external storage device: This function allows the app to save content on the storage card of your device. This is necessary in order to be able to provide content, for example relating to your favourite team, even if no Internet connection is currently present. For this purpose, the apps only use their own saved content. Other data on the storage card is neither deleted, altered or read.
In order to improve our apps, we use various technologies to analyse the usage behaviour and to evaluate the associated data. These procedures take place anonymously or on the basis of pseudonyms, however never in a directly personal way. Below, we wish to explain these technologies and the providers used for this purpose in more detail. For this purpose, we use so-called number pixels with which we create statistics.
The legal basis is Article 6 Paragraph 1 f) GDPR, based on the legitimate interest of Kollectiv Studio in improving our products.
We use different Firebase Services, including Cloud Messaging, Remote Config, A/B Testing, Performance Monitoring, Crashlytics, Predictions and App Distribution (services of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA).
Those services help us to optimise our product, spot and fix issues and make sure that all APIs work properly.
The legal basis is Article 6 Paragraph 1 f) GDPR, based on our legitimate interest in analysing usage behaviour in order to improve and further develop the apps.
n order to showcase relevant adverts to our users, we use the services of Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA, (“Google”), on the basis of our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our online service within the meaning of Art. 6 (1) lit. GDPR) .
Google is certified under the Privacy Shield Agreement, which provides a guarantee to comply with European privacy legislation (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
We use the service AdMob for our apps, which will display ads in our app and reward us for their insertion or other use. For these purposes, usage data, such as the click on an ad and the IP address of the users are processed, whereby the IP address is shortened by the last two digits. Therefore, the processing of the users’ data is pseudonymised.
We use AdMob with personalised ads. In doing so, Google draws conclusions about their interests on the basis of the websites visited by users or used apps and the user profiles created in this way. Advertisers use this information to align their campaigns with these interests, which benefits users and advertisers alike. For Google, ads are personalised when collected or known data determines or influences ad selection. These include previous searches, activities, site visits, apps, demographics, and location information. Specifically, this includes demographic targeting, interest category targeting, re-marketing, and targeting of customer matching lists and audience lists uploaded to DoubleClick Bid Manager or Campaign Manager.
Further information on the use of data by Google, configuration and objection options can be found in Google’s data protection declaration (https://policies.google.com/technologies/ads) and in the configuration for the display of advertising by Google (https://adssettings.google.com/authenticated).
10. Deactivating Ad IDs
You can also use settings in your operating system to prevent the delivery of personalised advertising. We will explain to you below – in separate terms according to the mobile operating systems for which we offer the app – how the activation or deactivation of the personalised advertising technologies (usage of advertising IDs) works. By deactivating you ensure that the delivered advertisement is no longer interest-based, as the Apple Ad-ID or Google Advertising ID is no longer used and information about your interaction with the app or advertisements can no longer be associated with an Advertising ID.
Open the “Settings” application of iOS and choose the menu item “Privacy” and then the sub-item “Advertising”. Activate the option “Limited Ad Tracking”, then we can only carry out limited measures, such as determining the unique user or combating fraud. In the same menu, you can reset the Ad ID at any time (“Reset Ad ID”), then a new ID will be created which will not be combined with the data which was previously collected.
Open the application “Google settings” and select the menu point “Adverts”. Activate the “Deactivate interest related advertising” option, in order to prevent the creation of profiles and the display of interest related advertising. In the same menu, you reset the Google advertising ID at any time (“Reset advertising ID”), then a new ID will be created which will not be combined with the data which was previously collected.
11. Your rights
Kollectiv Studio Limited would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:
- The right to access – You have the right to request Kollectiv Studio Limited for copies of your personal data.
- The right to rectification – You have the right to request that Kollectiv Studio Limited correct any information you believe is inaccurate. You also have the right to request Kollectiv Studio Limited to complete the information you believe is incomplete.
- The right to erasure – You have the right to request that Kollectiv Studio Limited erase your personal data, under certain conditions.
- The right to restrict processing – You have the right to request that Kollectiv Studio Limited restrict the processing of your personal data, under certain conditions.
- The right to object to processing – You have the right to object to Kollectiv Studio Limited processing of your personal data, under certain conditions.
- The right to data portability – You have the right to request that Kollectiv Studio Limited transfer the data that we have collected to another organisation, or directly to you, under certain conditions.
If you would like to exercise any of these rights, please contact us at our email: email@example.com or via our Postal address: Mount Venus Road, Rockbrook, Rathfarnham, Dublin 16, Ireland, D16 TP38.