Thank you for your interest in Hoplit Habits our iOS and Android mobile application (hereinafter “APP”). At Hoplit, the protection of your personal data during the collection, processing and use of our APP is an important concern for us.
Before using the APP, please read this Privacy Policy carefully. This Privacy Policy sits in line with Belgium`s Data Protection Act (“DPA”), the General Data Protection Regulation (“GDPR”) and only as described in this Privacy Policy. Please direct any questions, comments, or concerns about privacy and how we handle your personal data directly to us using the contact details provided below.
What is Personal Data?
"Personal data" means any information relating to an identified or identifiable natural person (hereinafter "data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, IP address, Device IP, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
The Controller
The responsible entity within the meaning of the DPA and the GDPR is:
Hoplit
Hundelgemsesteenweg 149
9050 Gent, Belgium
E-Mail: Support@hoplit.io
Instagram: https://www.instagram.com/hoplit.app/?hl=nl
Facebook: https://www.facebook.com/Hoplit-104468309008616
Collection and processing of data
Only data that is required to fulfil the functionality of the APP will be collected. The data is only collected and processed for a specific purpose. To help you enjoying our APP, we or rather Google and Apple on our behalf collect some basic technical data as you use our APP, for example access logs, as well as information from third parties.
The only way for us to collect personal data that directly identifies you such as your name or email address is if you contact us. If you do the data, you provide will be stored so that your message can be answered. This is done in accordance with our legitimate interest to process your request Art. 6 (1) f) GDPR. Your data provided will not be used for any other purposes.
Installation of our APP
The App can be downloaded from the "Google Playstore" and "Apple App Store". Downloading the App may require prior registration with the respective App store and/or installation of the respective App store software.
a) App installation via the Google Playstore
You can use the Google service "Google Play" of Google Inc, 1600 Amphitheatre Parkway Mountain View, CA 94043, US, if you are resident outside the EU and Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland if you are a resident within the EU, to install the App. As far as we are aware, Google collects and processes the following data: License check, network access, network connection, WLAN connections, and location information.
It cannot be ruled out that Google also transmits the information to a server in a third country. We cannot influence which personal data Google processes with your registration and the provision of downloads in the respective App store and App store software. The responsible party in this respect is solely Google as the operator of the Google Play Store.
b) App installation via the Apple App Store
You can use the Apple App service "App Store" a service of Apple Inc., 1 Infinite Loop, Cupertino, CA 95014, US, if you are resident outside the EU and Apple Distribution International Ltd, Hollyhill Industrial Estate, Hollyhill Ln, Knocknaheeney, Cork, Ireland, if you are a resident within the EU, to install the App. As far as we are aware, Apple collects and processes the following data: device identifiers, IP addresses, and location information.
It cannot be excluded that Apple also transmits the information to a server in a third country. This could in particular be Apple Inc. One Apple Park Way, Cupertino, California, USA, 95014. We cannot influence which personal data Apple processes with your registration and the provision of downloads in the respective App store and App store software. The responsible party in this respect is solely Apple as the operator of the Apple App Store.
Device information
We collect information from and about the device(s) you use to access our APP, including hardware and software information such as IP address, device ID and type, device-specific and APP settings and properties, APP crashes, advertising IDs (AAID), information about your wireless and mobile network connection such as your service provider and signal strength; information about device sensors such as accelerometer, gyroscope, and compass.
Third Party Services
a) Firebase
The APP uses the Firebase tool, which is part of the Firebase platform of Google Inc, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA, to obtain statistics on how the APP is used, in particular active user numbers, session length, stability rating and storage time. Answers logs the use of the APP, and we evaluate user behavior and user activity in general, i.e., not on a personal basis.
For this purpose, the following data is transferred to the Analytics Engine: name and AppStore ID, build version, individual device installation key (Advertising ID, and Android ID), timestamp, device model, device name, device operating system name and version numbers, whether a device has the status "root", and APP activities.
The legal basis for this data processing is our legitimate interest Art. 6 (1) f) GDPR. The data collected via Google will be deleted after 6 months at the latest. You can select in the settings under data services whether or not you want to send data to Google.
b) Google Analytics for Firebase
The App uses the web analytics service Google Analytics for Firebase, which uses tracking technologies to track your use of the App. Goolge Analytics is a web analytics service provided by Google.
In this respect, information is generated about, among other things, the number of users and their sessions, the session duration, the operating system used by the users, their device model, the region from which the app is accessed, the first start of the app, the app execution and any app updates.
In order to provide the relevant data for analysis, Firebase Analytics uses the mobile device's advertising ID, an app instance ID (a randomly generated number that identifies a single app installation), and the IP address, which is shortened (IP masking) before being processed on Google's servers (which may be located outside the EU/EEA) to generate the usage analysis. You can object to the use of Firebase Analytics at any time by disabling the sending of usage statistics in the settings: Settings > Google > Ads > Reset Advertising ID.
The information thus generated about your use of the app is transmitted to a Google server and stored there. It cannot be ruled out that data will be transmitted to the USA and that government agencies may be able to access this data.
Furthermore, it cannot be ruled out that this data will be processed by Google for its own purposes, such as profiling user behavior, or linking the data with other data, such as with an existing Google account. We have no influence on these data processing operations.
c) Google Admob
Our App is build using the Freemium Model. As such, the APP uses the Google Admob service to display ads. Ads are personalized based on the device you are using. You can disable this via the settings on your device. Google may use the advertising ID of your device, as well as cookies and/or similar technologies, to collect personal data for the purpose of generating and displaying personalized advertising. More detailed information about what data Google collects and how it is processed can be found here and how to opt-out of personalized ads see here.
Advertising
Advertisers and third parties also may collect information about your activity on our APP, on devices associated with you, and on third-party sites and applications using tracking technologies. Tracking data collected by these advertisers and third parties is used to decide which ads you see both on our APP and on third-party sites and applications.
You can opt out on the Digital Advertising Alliance (DAA) if you wish not to receive targeted advertising. You may also be able to choose to control targeted advertising on other websites and platforms that you visit. In addition, you may also choose to control targeted advertising you receive within applications by using the settings and controls on your devices.
When you contact us
If you contact us, we will receive your email address and may store your IP address and the information you give us so that we can process your request. We store correspondence with you for up to 10 years after your account is deleted. This is done in accordance with our legitimate interest to process your request Art. 6 (1) f) GDPR. Your data provided will not be used for any other purposes.
Creating an account and a profile
A user profile will be created for you based on the information you provide during the sign up. Your Email, Full Name, Date of birth and non-personal information including Daily tasks/habits you choose etc. You have the option of adjusting, changing, or deleting the information in your profile to edit within the app or by contacting our team.
Facebook and Google Connect are offered as an option to register. When registering via Facebook, or Google you agree to Facebook or Google `s terms and conditions and also consent to certain data from your Facebook or Google profile being transferred to our database.
The data processing carried out in this context is necessary to provide our service on the basis of the requests made by you. The data processing is also based on a legitimate interest, as our interest in providing users with a platform for exchanging information with other users does not conflict with any overriding interest or right of yours. It should be noted that the majority of the data you provide is voluntary.
Starting the App
Every time you start the App, your data is synchronized, and your device communicates with our server through a signed token. The transmission takes place automatically and is a prerequisite for the secure functioning of the APP and is therefore mandatory.
Purchases
When you or subscribe, we may collect the following data from you to process the desired order:
How we share information and data
We share some user information with service providers and partners who help us operate the Services, and in some cases with legal authorities.
We use third parties to help us operate and improve our services. These third parties assist us with various tasks, including data hosting and maintenance, analytics, customer support, marketing, advertising, and security measures.
We may also share information with partners who distribute our services and assist us with advertising. For example, we may share limited information about you in hashed, non-human readable form with advertising partners.
We follow a rigorous vetting process before engaging a service provider or working with a partner. All our service providers and partners should commit to strict confidentiality.We may transfer your data if we are involved in whole or in part in a merger, sale, acquisition, divestiture, restructuring, reorganization, dissolution, bankruptcy or other change of ownership or control.
We may disclose your information if reasonably necessary:
We may also disclose data:
We may ask for your consent to share your information with third parties. In any such case, we will make clear why we want to share the information.
Uninstall
You can stop the collection of information by the APP by uninstalling it using the standard uninstall procedure for your device. When you uninstall the APP from your mobile device, the unique identifier associated with your device will still be stored. If you reinstall the APP on the same mobile device, we may again associate that identifier with your previous transactions and activities.
Storage period
Unless a more specific retention period is stated within this privacy policy, we will retain your personal data until the purpose for processing it no longer applies. If you assert a legitimate request for deletion or revoke your consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g., retention periods under tax or commercial law); in the latter case, the data will be deleted once these reasons no longer apply.
Note on data transfer to the USA
Our main operations are based in Belgium and your personal information is generally processed, stored and used in global data centers of Google Firebase (US-Central). Among other things, tools from companies based in the USA are integrated in our APP. If these tools are active, your personal data may be transferred to the US servers of the respective companies. We would like to point out that the USA is not a safe third country in the sense of EU data protection law. US companies are obliged to hand over personal data to security authorities without you as a data subject being able to take legal action against this. It can therefore not be ruled out that US authorities (e.g., intelligence services) process, evaluate and permanently store your data located on US servers for monitoring purposes. We have no influence on these processing activities.
Data Breaches/Notification
Databases or data sets that include Personal Data may be breached inadvertently or through wrongful intrusion. Upon becoming aware of a data breach, we will notify all affected individuals whose Personal Data may have been compromised, and the notice will be accompanied by a description of action being taken to reconcile any damage as a result of the data breach. Notices will be provided as expeditiously as possible after which the breach was discovered.
Accountability
In certain countries, including in the European Union, you have a right to lodge a complaint with the appropriate data protection authority if you have concerns about how we process information. The data protection authority you can lodge a complaint with notably may be that of your habitual residence, where you work or where we are established. We would, however, appreciate the chance to deal with your concerns before you approach any data protection authority, so please contact us in the first instance.
Your rights
Please contact us at any time with questions and suggestions regarding data protection and to enforce your rights as a data subject. These rights are standardized in Art. 15 - 22 GDPR. This includes:
To assert these rights, please contact us.
When you send a data subject access request
The legal basis for the processing of your personal data in the context of handling your data subject access request is our legal obligation Art. 6 (1) c) GDPR and the legal basis for the subsequent documentation of the data subject access request is both our legitimate interest Art. 6 (1) f) GDPR and our legal obligation Art. 6 (1) c) GDPR.
The purpose of processing your personal data in the context of processing data when you send a data subject access request is to respond to your request. The subsequent documentation of the data subject access request serves to fulfil the legally required accountability.
Your personal data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. In the case of the processing of a data subject access request, this is three years after the end of the respective process.
You have the possibility at any time to object to the processing of your personal data in the context of the processing of a data subject access request for the future. In this case, however, we will not be able to further process your request. The documentation of the legally compliant processing of the respective data subject access request is mandatory. Consequently, there is no possibility for you to object.
Legal Bases for Processing (Article 6 GDPR)
The processing of your personal data may be based on the following legal grounds:
Revocation of your consent to data processing
Many data processing operations are only possible with your express consent. You can revoke consent you have already given at any time. The legality of the data processing carried out until the revocation remains unaffected by the revocation.
Direct Marketing Purposes
When using our Services, we reserve the right to regularly send you e-mail offers via SendinBlue. We do not need to obtain your separate consent for this. In this respect, the data processing is carried out solely on the basis of our legitimate interest in personalized direct advertising. If you have initially objected to the use of your e-mail address for this purpose, we will not send you any e-mails.
You are entitled to object to the use of your e-mail address for the aforementioned advertising purpose at any time with effect for the future by notifying the responsible person named at the beginning. After receipt of your objection, the use of your e-mail address for advertising purposes will cease immediately. If you wish to object to the data analysis for statistical evaluation purposes, you must unsubscribe from the marketing.
Push Notifications
To ensure the full functionality of the App, we ask for your permission to access the Push notifications feature of your device. If you have enabled push notifications in the settings of your device, we can send you messages directly to your device and inform you about news, updates, and changes to our services. You can adjust or stop receiving push messages at any time via the device settings of your device.
Authorizations and Access
We may request access or permission to certain functions from your mobile device in particular, Internet permission and Notifications. The legal basis for data processing is our legitimate interest and the provision of contractual or pre-contractual measures. You can deactivate push notifications or any other given permissions at any time via Settings/Messages (iOS) or Settings/Notifications/ (Android).
Automated decision-making
We do not use automated decision-making or profiling.
Updating your information
If you believe that the information, we hold about you is inaccurate or that we are no longer entitled to use it and want to request its rectification, deletion, or object to its processing, please do so within your user account or contact us. For your protection and the protection of all of our users, we may ask you to provide proof of identity before we can answer the above requests.
Keep in mind, we may reject requests for certain reasons, including if the request is unlawful or if it may infringe on trade secrets or intellectual property or the privacy of another user. Also, we may not be able to accommodate certain requests to object to the processing of personal information, notably where such requests would not allow us to provide our service to you anymore.
Changes
Because we’re always looking for new and innovative ways to improve our website and services, this policy may change over time. We will notify you before any material changes take effect so that you have time to review the changes.
Who should I contact for more information?
If you have any questions or comments about our Privacy Policy or wish to exercise your rights under applicable laws, please contact us using the following contact details:
Hoplit
E-Mail: Support@hoplit.io
Instagram: https://www.instagram.com/hoplit.app/?hl=nl
Facebook: https://www.facebook.com/Hoplit-104468309008616
This Privacy Policy was last updated on Friday, 02 September 2022
Creating the best possible products to help people develop themselves.
Build lasting habits, set clear goals and live the life you dream about.