In the following, we provide information about the collection of personal data when using our mobile app (hereinafter "App"). Personal data refers to any information that can be related to a specific natural person, such as their name or IP address.
The controller within the meaning of Art. 4 (7) EU General Data Protection Regulation (GDPR) is ZamZam UG (Haftungsbeschränkt)
Eifflerstraße 43
22769 Hamburg
Germany
Email: info@zamzam.health.
We are legally represented by Max Mustermann.
The following legal bases are relevant for data processing:
If data is transferred to service providers or third parties outside the EEA, the transfer is ensured by adequate safeguards (e.g., EU-U.S. Data Privacy Framework or standard contractual clauses).
Data will be deleted as soon as they are no longer needed for their intended purpose and no legal retention obligations exist.
Data subjects have the following rights with regard to their personal data:
Data subjects can contact us using the contact details provided above. They also have the right to file a complaint with a supervisory authority, which can be found at https://www.bfdi.bund.de/DE/Service/Anschriften/Europa/Europa-node.html.
Customers, prospective customers, or third parties must provide personal data necessary for establishing, executing, and terminating business relationships. Without this data, we may be unable to provide services or fulfill contractual obligations.
We do not use fully automated decision-making processes in accordance with Article 22 GDPR to establish or implement the business relationship.
When contacting us (e.g., by email or phone), the provided data (e.g., names, email addresses) will be stored to respond to inquiries. The legal basis for this is our legitimate interest to address inquiries (Art. 6 para. 1 s. 1 lit. f GDPR). We will delete or restrict the data when no longer necessary, or if there are legal retention obligations.
When downloading the app from Apple's App Store or Google's Play Store, user information such as name, email, customer number, time of download, and device identification number are transmitted. We do not influence this data collection and process it only as necessary to enable the download.
Our app is hosted by AWS SARL Luxembourg, which processes personal data such as content, usage data, and contact details. The legal basis for processing is Art. 6 para. 1 s. 1 lit. f GDPR.
When using the app, we collect data to ensure functionality, stability, and security, including IP address, operating system details, and time zone. The legal basis for processing is our legitimate interest (Art. 6 para. 1 s. 1 lit. f GDPR).
The app may request access to certain functions or data on the device (e.g., camera, microphone, location). By granting access, users consent to data processing under Art. 6 para. 1 s. 1 lit. a GDPR. Consent can be revoked at any time through the device settings.
Data is processed to provide app functions. The legal basis for processing is the user agreement. The data processed includes the device’s Universal Unique Identifier (UUID).
Users can create a user account in the app. We process the data required to fulfill the respective user contract. Data will be deleted upon account deletion. Users from 16 years and older can upload a profile picture, which is processed based on consent (Art. 6 para. 1 lit. a GDPR). Consent can be revoked at any time.
Firebase Cloud Messaging is used to communicate with users. The legal basis for processing is Art. 6 para. 1 s. 1 lit. a GDPR. Users can revoke their consent at any time. Data processing is detailed in Google's privacy policy: here.
We use Adjust for analytics purposes. The legal basis for processing is Art. 6 para. 1 s. 1 lit. a GDPR. Users can revoke their consent at any time. More details can be found in Adjust's privacy policy: here.
We use Mixpanel for analytics. The legal basis for processing is Art. 6 para. 1 s. 1 lit. a GDPR. Users can revoke their consent at any time. More details can be found in Mixpanel's privacy policy: here.
Users can log in using their Apple account via single sign-on. The legal basis for processing is consent (Art. 6 para. 1 s. 1 lit. a GDPR). More details are available in Apple's privacy policy: here.
Users can log in using their Google account via single sign-on. The legal basis for processing is consent (Art. 6 para. 1 s. 1 lit. a GDPR). More details are available in Google's privacy policy: here.
We reserve the right to modify this Privacy Policy at any time in compliance with legal requirements. The date of the last update will be displayed at the end of the policy.