Data protection provisions in accordance with the GDPR

We are delighted that you are interested in our company. Data protection is highly important to Hans Dinslage GmbH.

Personal data such as the name, address, or e-mail address of a data subject is always processed in compliance with the General Data Protection Regulation and in compliance with the national data protection provisions applicable for Hans Dinslage GmbH. The purpose of this Data Protection Declaration is for our company to inform the general public about the manner, scope, and purpose of the personal data that we collect, use, and process. In addition, this Data Protection Statement will explain the rights of data subjects.

Hans Dinslage GmbH, as the controller for processing, has implemented many technical and organisational measures to ensure that the personal data processed is protected to the greatest possible degree. However, online data transfers are by their nature associated with security vulnerabilities, meaning that absolute protection cannot be guaranteed.

1. The name and address of the controller responsible for processing

Controller:
Hans Dinslage GmbH
Riedlinger Straße 28
88524 Uttenweiler
Deutschland
Tel.: 0800 931 0319

E-Mail: datenschutz@sanitas-online.de

2. Contact for IT security questions:

If you have any IT security questions or would like to report something, please contact:

E-mail: datenschutz@sanitas-online.de

3. Purposes for which personal data is processed and legal basis

a) Exclusively local use of the app

If you do not register, no data is transferred to Hans Dinslage GmbH, and your data is only stored locally on your end device.

Data may be stored locally for the following data categories, depending on the functions used:
  • Name
  • Blood pressure
  • Pulse
  • Temperature
  • Weight
  • Number of steps
  • Quantity of fluids drunk
  • Duration and intensity of sleep
  • Date of birth
  • Height
  • Gender
  • Initials
The purpose of data processing is to

- support your personal health management.

The legal basis for local data processing is Article 9, Para. 2 a) in conjunction with Article 6, Para. 1, Sentence 1 a) GDPR. The data is stored until the user uninstalls the app.

b) Use of the app with registration

During the registration process after submission of your e-mail address, a check is made as to whether the e-mail address already exists in the system. The e-mail address you are using for the request is not saved at this point in time.

If you voluntarily register when using the app, the following data is stored both locally on your end device and in the Hans Dinslage cloud:
  • E-mail address
  • Password
  • Name
  • Date of birth
  • Height
  • Gender
  • Date of registration
  • IP address
The legal basis for data processing is Article 9, Para. 2 a) in conjunction with Article 6, Para. 1, Clause 1 a) GDPR.

The purpose of data processing is to support your personal training plan and monitoring as well as your health management. The IP address is required to establish communication between the location where the data is saved and the device used. The IP address is not saved, it is deleted immediately after the server request.

If you save your health data in the app after registration, the following data is saved depending on the functions used:
  • Blood pressure
  • Pulse
  • Temperature
  • Weight
  • Number of steps
  • Quantity of fluids drunk
  • Duration and intensity of sleep
  • The respective timestamp for the stored measurement
The legal basis for data processing is Article 9, Para. 2 a) in conjunction with Article 6, Para. 1, Sentence 1 a) GDPR. The purpose of data processing is to support your personal training plan and monitoring as well as your health management.

The data is stored until the user uninstalls the app and deletes the user account/profile in the Hans Dinslage cloud.

c) Use of the website

When you use the website, the browser you use on your device automatically sends information to the server. This information is stored temporarily in what is known as a log file. The following information is collected, and stored until it is automatically deleted:
  • Date and time of access
  • Name and URL of file accessed
  • Website the information was accessed from (referrer URL),
  • Browser used and, if applicable, the operating system of the computer and the name of the access provider
The legal basis is Article 6(1)(1)(f) of the GDPR and the purpose is to ensure the operational reliability of the website. The data will be stored for 3 months.

d) If you register for our newsletter

If you have explicitly consented for us to do so in accordance with Article 6, Para. 1, Clause 1 a) GDPR, we will use your email address to regularly send you our newsletter for marketing purposes. Providing us with an email address is sufficient for receiving the newsletter.

You can unsubscribe at any time, for example by using the link provided at the end of each newsletter. Alternatively, you are also welcome to email an unsubscribe request to datenschutz@sanitas-online.de at any time.

You will receive the letter only until you revoke consent.

e) When subscribing to the Lidl newsletter

If you have explicitly consented, in accordance with Article 6, Para. 1, Clause 1 a) GDPR, we will forward the data you provide during registration (your first name and surname, e-mail address, gender) to Digital International GmbH & Co. KG.
The Lidl Data Protection Statement can be found here.

You can unsubscribe at any time, for example by using the link provided at the end of each newsletter.

You will receive the letter only until you revoke consent.

f) Authorisations

The following authorisations are required, depending on the functions used:

aa) Android
  • - Read contacts
    • This authorisation is needed in order to show the name of the caller on the SAS8X display.
  • - Access phone status and identity
    • This authorisation is needed in order to show the calling phone number on the display of the SAS8X.
  • - Receive SMS
    • This authorisation is needed in order to show the receipt of an SMS on the display of the SAS8X.
  • - Change, delete, or read USB memory contents
    • This authorisation is needed in order to write log files on the smartphone. These can be made available to customer service by email in the event of an error, at the customer’s request
  • - Location
    • This authorisation is needed for Bluetooth communication. As of Android version 6.0, Google has modified the regulations for app access to the smartphone’s Bluetooth function. Due to the new regulations, apps accessing the Bluetooth function require this authorisation.
  • - Full network access
    • This authorisation is needed in order to synchronise the measurements with the cloud.
  • - Access network connections
    • This authorisation is needed for checking the internet connection.
  • - Pair with Bluetooth devices
    • This authorisation is needed for Bluetooth communication with the connected devices.
  • - Access Bluetooth settings
    • This authorisation is needed for Bluetooth communication with the connected devices.
  • - Access active apps
    • This authorisation is needed to show messages in the status bar, e.g. an active connection with a device.
  • - Deactivate idle mode
    • This authorisation is needed for Bluetooth communication. Idle mode is deactivated during synchronisation between the app and device, as switching to idle mode ends data synchronisation.
  • - Read call log
    • This authorisation is required to show incoming calls on the activity tracker.
bb) iOS
  • - Camera
    • This authorisation is needed to create a profile picture.
  • - Access Bluetooth settings
    • This authorisation is needed for Bluetooth communication with the connected devices.
  • - Mobile Data
    • This authorisation is needed in order to synchronise the measurements with the cloud.
4. Disclosure of data

Within Hans Dinslage GmbH, entities that require access to data to fulfil contractual and legal obligations receive access to the data.
Hans Dinslage GmbH’s external service providers may also receive this data. These service providers may be:
  • - Service providers for processing customer service enquiries
  • - IT service providers, hosting service providers, and service providers for operating the IT system
  • - Service providers for newsletter dispatch, following the provision of consent
  • - Lidl Digital International GmbH & Co. KG, following the provision of consent
  • - Partner platforms, following the provision of consent
5. Rights of the data subject

You have the right:
  • pursuant to Article 15 GDPR to request information about your personal data that we process. In particular, you may request information about the purposes of processing, category of personal data, categories of recipients to whom your data has been or will be disclosed, the planned duration of storage, the existence of a right to rectification, erasure, restriction of processing or objection, the right to lodge a complaint, the origin of your data if we have not collected it, and about the existence of automated decision-making including profiling, and where applicable meaningful information about the details thereof;
  • pursuant to Article 16 GDPR, immediately request the rectification of inaccurate or incomplete personal data relating to you stored by us;
  • pursuant to Article 17 GDPR, request the erasure of personal data relating to you stored by us, unless processing is required for the exercising of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of the public interest, or for the establishment, exercise, or defence of legal claims;
  • pursuant to Article 18 GDPR, to request the restriction of processing of your personal data in the event that you dispute the accuracy of the data; processing is unlawful but you decline its erasure and we no longer need the data but you require it for the establishment, exercise, or defence of legal claims; or you have submitted an objection to processing pursuant to Article 21 GDPR;
  • pursuant to Article 20 GDPR, to receive the personal data relating to you that you have provided to us in a structured, established, and machine-readable format, or to request the transfer of the same to another controller;
  • pursuant to Article 7, Para. 3 GDPR, to at any time revoke any consent you have provided to us. This will result in us no longer being permitted to continue the data processing that this consent relates to in the future, and
  • pursuant to Article 77 GDPR, to lodge a complaint to a supervisory authority. Generally, you can contact the supervisory authority for your usual place of residence or place of work or our registered headquarters for this purpose.
    The competent authority for Hans Dinslage GmbH is
    The State Commissioner for Data Protection and Freedom of Information, Königstrasse 10a
    70173 Stuttgart
6. Right to object

If your personal data is processed based on legitimate interests pursuant to Article 6, Para. 1, Clause 1, lit. f GDPR, you have the right to submit an objection to the processing of your personal data pursuant to Article 21 GDPR, provided that there are reasons to do so arising from your particular situation, or if the objection relates to direct advertising. In the latter case, you have a general right to object, which we will implement without requiring a particular situation to be stated.

If you would like to exercise your right to revoke consent or to object, it is sufficient to send an e-mail to datenschutz@sanitas-online.de to do so.

7. Obligation to make data available

In the context of using the app, you are required to make available personal data that is essential for service provision. Without this data, we are not able to provide the service.

8. Data security/website

During your visit to our website, we employ the widely used TLS process in conjunction with the relevant state of the art in the highest level of encryption supported by your browser. You can verify that information is being transmitted in encrypted format on the individual pages of our website by checking for the locked padlock/key icon in the bottom status bar of your browser.

We also use appropriate technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or full loss, destruction or unauthorised access by third parties. Our security measures are continually being improved in line with technological developments.

9. Other

This app was provided by the Google PlayStore or Apple AppStore.

We will inform you of any changes to the privacy policy.


Version 1.5.1