Privacy Policy
Ezfit s.r.o. ("Ezfit", "us", "we" or "our") operates the https://ezfit.app website, and iOS and Android Apps (collectively the "Service")
This privacy policy has been compiled to better serve those who are concerned with how their Personally Identifiable Information (PII) is being used online. PII, as described in US privacy law and information security, is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. Please read our privacy policy carefully to get a clear understanding of how we collect, use, protect or otherwise handle your Personally Identifiable Information in accordance with our website.
What personal information do we collect from the people that visit our website or app?
When registering into our app/site, as appropriate, you may be asked to enter your Name, email, mailing address or Facebook or Google account, Age, Height, Weight, Fitness Goal, Level of Fitness, Gender, etc. or other details to help us improve your workout experience.
How do we use your information?
We need to collect data for various purposes:
- To provide and maintain our Service
- To allow you to participate in interactive features of our Service when you choose to do so
- To provide customer support
- To gather analysis or valuable information so that we can improve our Service
- To monitor the usage of our Service
- To notify you about changes to our Service
- To detect, prevent and address technical issues
- To provide you with news, offers and general information about other goods, services and events which we offer that are similar to those that you have already purchased or enquired about unless you have opted not to receive such information.
Legal Basis for Processing Personal Data Under General Data Protection Regulation
If you are from the European Economic Area (EEA), Ezfit s.r.o. legal basis for collecting and using the personal information described in this Privacy Policy depends on the Personal Data we collect and the specific context in which we collect it.
Ezfit s.r.o. may process your Personal Data because:
- We need to perform a contract with you
- You have given us permission to do so
- The processing is in our legitimate interests and it's not overridden by your rights
- For payment processing purposes
- To comply with the law
Retention of Data
We retain your Personal Data only for as long as is necessary for the purposes set out in this document. We retain and use your Personal Data to the extent needed to comply with legal obligations (e.g. if we need to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.
Ezfit will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter time duration, except the case, when this data is used to strengthen the security or in order to improve the functionality of the Service, or we are legally obligated to retain this data for longer time periods.
Data Transfer
Your information, including Personal Data, may be transferred to (or maintained on) computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction. Your consent to this Privacy Policy represents your agreement to that transfer. Ezfit will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Data will take place to an organisation or a country unless there are adequate controls and security of your data.
Data Disclosure
If Ezfit is involved in a merge, acquisition or sale, your Data may be transferred. We would provide notice before your Personal Data is transferred.
Under certain circumstances, Ezfit may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).
Ezfit may disclose your Personal Data in the good faith belief that such action is necessary to:
- comply with a legal obligation
- protect and defend the rights or property
- prevent or investigate possible misconduct in connection with the Service
- protect personal safety of users of the Service or the public
- protect against legal liability
Security Of Data
We are committed to protecting our user’s personal data. We implement appropriate measures to help protect the security of your personal data; however, please note that no system is ever completely secure. We have implemented various policies including pseudonymisation, encryption, access, and retention policies to guard against unauthorised access and unnecessary retention of personal data in our systems.
Your Rights Under General Data Protection Regulation
If you are a resident of the European Economic Area, you have certain data protection rights. Ezfit allows you to correct, delete, or limit the use of your Personal Data.
If you wish to be informed what Personal Data we hold, to be removed from our systems, or edit some data please contact us via email.
In certain circumstances, your rights are:
- Whenever made possible, you can access, update or request deletion of your Personal Data via email.
- You have the right to request that we restrict the processing of your personal information.
- You have the right to have your information rectified if that information is inaccurate or incomplete.
- You have the right to object to our processing of your Personal Data.
- You have the right to be provided with a copy of the information we have on you in a structured, machine-readable and commonly used format.
- You also have the right to withdraw your consent at any time where Ezfit relied on your consent to process your personal information.
- You have the right to complain if you believe we are incorrectly handling your data.
- We may need to verify your identity before responding to such requests.
- You have the right to complain to a Data Protection Authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority in the European Economic Area (EEA).
Service Providers
We may use 3rd party companies and individuals to improve our Service ("Service Providers"), to provide the Service on our behalf, to perform Service-related services or to assist us in analysing how our Service is used. These 3rd parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.
Analytics
We may use third-party Service Providers to monitor and analyse the use of our Service.
- Google Analytics, Firebase Analytics, Smartlook, Facebook Analytics and Attribution Partners
- These services are analytics services that track and report website and app traffic. These services use the data collected to track and monitor the use of our Service. This data is shared with other services within their company. They may use the collected data to contextualise and personalise the ads of its own advertising network.
- You can opt-out of having made your activity on the Service available to Google Analytics by installing the Google Analytics opt-out browser add-on All others will honour "Do Not Track" headers from browsers such as Firefox, and Brave.
- For more information on the privacy practices of these companies, please visit the links below:
https://policies.google.com/privacy
https://firebase.google.com/support/privacy/
Cookies
We have a legitimate interest in improving our Service. Cookies are small files generated automatically by your browser and stored on your device when using the Service. Cookies do not contain any malware. Cookies contain information downloaded by the specific device, but direct knowledge of your identity is not received. One purpose of cookies is to make it more convenient for you to use our Service. When you use our Service again at a later time, the cookie automatically recognizes your previous visit to the website, also you don’t have to type same input over and over.
We also use temporary cookies, which stay on your device for a shorter time duration. These cookies are automatically deleted when you log off. One other reason to use cookies is to get statistics on the use of our Service and to evaluate them so we can optimize your experience and display information customized for you. Cookies are automatically removed after a predefined period. Most browsers accept cookies automatically.
You can disable cookies on your browser or choose to be notified when a new cookie is created. Please note that disabling cookies may mean that not all functionalities of the Service will remain available.
Third-Party Vendors
Ezfit relies on several standard services and infrastructure in order to operate. We have ensured that they are all GDPR compliant themselves.
We rely on services such as: Cloud services, Transactional email providers, Mobile ad attribution partners, Ad platforms and so on. In order to provide our service.
The main vendors we use are:
Google Cloud Services
Service: Cloud Service Provider
Location: USA
Privacy Policy
Google Analytics, Firebase Analytics & Login
Service: Analytics
Location: USA
Privacy Policy
Data Breach
When a data breach occurs, we will notify you via email within 72 hours.
We also agree to the Individual Redress Principle which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.
Payments
We provide paid products and services within the Service. In that case, we use third-party services for payment processing. We do not collect your payment card details. That information is provided directly to our third-party payment processors. These payment processors comply to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of payment information.
The processors we work with are:
- App Store In-App Purchases
Privacy Policy: https://www.apple.com/legal/privacy/en-ww/ - Google Play In-App Billing
Privacy Policy: https://play.google.com/intl/en-US_us/about/play-terms.html
Links To Other Sites
Service may contain links to sites that are not influenced by us. If you click on a third party link, we strongly advise you to review the Privacy Policy of the site you are visiting.
Children Online Privacy Protection
When it comes to the collection of personal information from children under the age of 16 years old, the Children's Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children's privacy and safety online.
We do not specifically market to children under the age of 16 years old. And use of our app is not supported by our user interface.
California Online Privacy Protection Act
CalOPPA is the first state law in the nation to require commercial websites and online services to post a privacy policy. The law's reach stretches well beyond California to require any person or company in the United States (and conceivably the world) that operates websites collecting Personally Identifiable Information from California consumers to post a conspicuous privacy policy on its website stating exactly the information being collected and those individuals or companies with whom it is being shared. – See more at: http://consumercal.org/california-online-privacy-protection-act-caloppa/#sthash.0FdRbT51.dpuf
According to CalOPPA, we agree to the following:
- Users can visit our site anonymously.
- Once this privacy policy is created, we will add a link to it on our home page or as a minimum, on the first significant page after entering our website.
- Our Privacy Policy link includes the word “Privacy” and can easily be found on the page specified above.
Changes To This Privacy Policy
You will be notified of any Privacy Policy changes via email or within our Service.
CAN SPAM Act
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
We collect your email address in order to:
- Send information, respond to inquiries, and/or other requests or questions
- Process orders and to send information and updates pertaining to orders.
- Send you additional information related to your product and/or service
- Market to our mailing list or continue to send emails to our clients after the original transaction has occurred.
To be in accordance with CANSPAM, we agree to the following:
- Not use false or misleading subjects or email addresses.
- Identify the message as an advertisement in some reasonable way.
- Monitor third-party email marketing services for compliance, if one is used.
- Honor opt-out/unsubscribe requests quickly.
- Allow users to unsubscribe by following the instructions at the bottom of each email.