Privacy

The protection of personal data is very important to KGE UG (haftungsbeschränkt). Here we inform you about how we process your personal data when you use our DoDay app (section C). You will also find general information about your rights regarding data processing (section D). If you have any questions after reading this privacy statement, please contact us at request@kge-it.de.

A. Who is responsible for processing my personal data?

The controller within the meaning of Article 4 No. 7 GDPR is KGE UG (haftungsbeschränkt), Haardtring 15,64295 Darmstadt, Germany ("KGE").

B. Data protection information for visitors of our website

1. Which data are processed when visiting the KGE website?

When accessing the KGE website, various data about the accessing system are automatically stored. This includes the browser type, browser version, operating system, the website from which access is made to the KGE website, the subpages accessed on the KGE website, the date and time of access, the Internet Protocol address (IP address), the Internet service provider, and comparable data. KGE uses these data to make the website accessible, to identify and resolve technical issues, and to prevent and, if necessary, prosecute misuse of KGE's services. In addition, KGE uses these data in anonymized form, i.e., without the possibility of identifying the user, for statistical purposes and to improve the website.

The legal basis for this processing of personal usage data is our legitimate interests under Article 6(1)(f) GDPR.

Matomo

We use Matomo (InnoCraft Limited), an open-source software for statistical analysis of visitor access on this website. Matomo is operated by us on our own servers (no data is shared with third parties for advertising purposes).

Processing is carried out to analyze the use of our website and to improve our offering. In particular, the following data are processed: pages/URLs visited, referrer URL (the page you came from), date/time, shortened/ anonymized IP address, technical information about the device/browser (e.g., user agent), approximate location (derived from the anonymized IP).

Cookies: Matomo is configured so that no tracking cookies are set.

IP anonymization: We use IP anonymization so your IP address is only processed in shortened form.

Objection / opt-out: You can object to web analytics at any time. In this case an opt-out will be set so Matomo will no longer record your visit:

The legal basis (where applicable) is Article 6(1)(f) GDPR (legitimate interest) in the statistical analysis and optimization of our website. If consent is required, processing is based on your consent (Article 6(1)(a) GDPR).

2. How long is my personal data stored?

Personal data of visitors to our website are deleted when their knowledge is no longer required for the purposes described in this privacy policy, unless statutory provisions require longer storage. Usage data are regularly stored for a period of 30 days (B.I.).

C. Data protection information for users of our DoDay app

I. General

We process personal data that you voluntarily provide as a user of the DoDay app (the "App"), such as your name, profile picture, and email address, as well as data provided by others. To use the app, after installing and opening it, a link between the app and the user account stored on your mobile device (Google Play for Android / Apple App Store for Apple devices) is required. Through this link, we receive your account ID, email address, user name at Google or Apple, and — if provided by you — your phone number and profile picture. There is no further transfer of your access data such as passwords. These data are needed for authentication and identification. The legal basis is Article 6(1)(b) GDPR.

II. In-app purchase

If you make an in-app purchase on an Apple device, the transaction and payment are handled exclusively between you and the Apple App Store under its terms and privacy policies: https://www.apple.com/legal/internet-services/itunes/de/terms.html and https://www.apple.com/legal/privacy/de-ww/.

If you make an in-app purchase on an Android device in the Google Play Store, the transaction and payment are handled exclusively between you and the Google Play Store under its terms and privacy policies: https://play.google.com/intl/de_de/about/play-terms.html and https://www.google.de/intl/de/policies/privacy/.

The legal basis is Article 6(1)(b) GDPR.

Subscription management (RevenueCat)

To manage in-app subscriptions we use RevenueCat, Inc., 1032 E Brandon Blvd #3003, Brandon, FL 33511, USA. RevenueCat processes technical information (e.g., an anonymous app user ID, purchase and subscription status, and device-related information) to correctly assign and provide subscriptions. Processing is carried out for contract performance under Article 6(1)(b) GDPR. It is not used for advertising or tracking purposes. A transfer of data to the USA cannot be ruled out; this is based on appropriate safeguards under Article 46 GDPR (e.g., EU Standard Contractual Clauses).

III. Firebase, Google Analytics, and App Analytics

Our app uses Google Firebase (more information: https://firebase.google.com/docs) and Google Analytics for Mobile Apps (more information: https://developers.google.com/analytics/solutions/mobile). User data are transmitted to Google in anonymized form. We use Firebase and Google Analytics to analyze and improve app usage. In special cases where personal data are transferred to the USA, Google is certified under the EU-US Privacy Shield. We also use "App Analytics", an analytics service by Apple Inc. This tool processes data about downloads and app usage. We do not receive personal data about you from Apple Inc. The legal basis for this processing is our legitimate interests under Article 6(1)(f) GDPR.

IV. Disclosure of personal data

We disclose your personal data to third parties:

• if this is necessary for the purposes described above,
• at the request of a national authority,
• on the basis of a court decision,
• if required by law,
• to defend ourselves against claims or allegations by third parties,
• to exercise and protect KGE’s rights and security,
• if you have expressly consented beforehand.

We try to inform you about legal requests regarding your data when appropriate, unless prohibited by law or court order or in an emergency. We may challenge requests if they are excessive, vague, or inadequate. For certain technical processes, KGE uses external service providers who receive access to personal data as required to perform their tasks. These providers are carefully selected, meet high data protection standards, are bound to confidentiality, and process data only on KGE’s instructions.

V. How long we store data

We store your personal data as long as you have an account with us. Beyond that, we store personal data only if required by law or otherwise necessary.

D. What rights do I have in relation to my personal data?

You have the right to information about the personal data stored by us and, if legal requirements are met, the right to correction, deletion, and restriction of processing. You also have the right to receive the personal data you provided in a structured, common, and machine-readable format and to transfer it to another controller. Where technically possible, you can request that we transmit the data directly to another controller. If processing is based on legitimate interests under Article 6(1)(f) GDPR, you have the right to object under the conditions described in Article 21 GDPR. You can also lodge a complaint with the competent supervisory authority.