Privacy Policy

Welcome to STAmina Apnea Trainer. We know that the handling of your personal data is important to you. For this reason, we take the greatest possible care when handling your personal data and thus ensure a high level of data security. We respect the personal rights of our users and are aware of the importance of protecting the personal data we receive from you.

This Privacy Policy contains information about our data protection practices and measures as well as the rights to which you are entitled within the framework of Latvia`s Personal Data Processing Law (“PDPL”) and the General Data Protection Regulation (“GDPR”).

The Controller

The controller within the meaning of the PDPL and the GDPR for the processing of personal data is:

Squarecrowd Apps LLC
Hanzas st. 4 - 57,
Riga, LV-1010, Latvia
Web: www.getstamina.app
E-mail: hello@squarecrowdapps.com

If you have any questions about the processing of your personal data, as well as your rights regarding data protection, please contact us.

Where this privacy policy Applies

This privacy policy applies to the STAmina Apnea Trainer App (“the App”). When designing the App, we have made sure that as little as possible information that directly identifies you is collected.

As however some countries including the European Union, have a broad definition of personal data this policy covers it. In this sense we would need to first of all explore the definition of personal data.

"Personal data" means any information relating to an identified or identifiable natural person (hereinafter "data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (e.g., cookie) or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

However, we reserve the right to put this data to additional uses to the extent permitted or required by law or necessary to support legal or criminal investigations. In this case, we will inform you again about this further data processing to the extent required by law and obtain your consent.

Legal bases for processing

The processing of your personal data may be based on the following legal grounds:

  • consent serves as our legal basis for processing operations where we obtain your consent for a specific processing purpose (Art. 6 (1) a) GDPR).
  • contract, insofar as the processing of personal data is necessary for the performance of a contract, e.g., if you use the App (Art. 6 (1) b) GDPR). The same applies to such processing operations that are necessary for the performance of pre-contractual measures, for example in the case of enquiries about the App.
  • legal obligation, insofar as we are subject to a legal obligation that requires the processing of personal data, such as for the fulfilment of tax obligations (Art. 6 (1) c) GDPR).
  • legitimate interest, applies on the basis of our legitimate interests, e.g., when using service providers as part of the App (Art. 6 (1) f) GDPR). Our interest is directed towards the use of a user-friendly, appealing, and secure presentation as well as optimization of the App, which serves our business interests as well as meeting your expectations.
Installation of the App

The App can be downloaded from the "Google Playstore" and "Apple App Store". Downloading the App may require prior registration with the respective App store and/or installation of the respective App store software.

a) App installation via the Google Playstore

You can use the Google service "Google Play" of Google Inc, 1600 Amphitheatre Parkway Mountain View, CA 94043, US, if you are resident outside the EU and Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland if you are a resident within the EU, to install the App. As far as we are aware, Google collects and processes the following data:

  • License check,
  • network access,
  • network connection,
  • WLAN connections, and
  • location information.

It cannot be ruled out that Google also transmits the information to a server in a third country. We cannot influence which personal data Google processes with your registration and the provision of downloads in the respective App store and App store software. The responsible party in this respect is solely Google as the operator of the Google Play Store.

b) App installation via the Apple App Store

You can use the Apple App service "App Store" a service of Apple Inc., 1 Infinite Loop, Cupertino, CA 95014, US, if you are resident outside the EU and Apple Distribution International Ltd, Hollyhill Industrial Estate, Hollyhill Ln, Knocknaheeney, Cork, Ireland, if you are a resident within the EU, to install the App. As far as we are aware, Apple collects and processes the following data:

  • device identifiers,
  • IP addresses, and
  • location information.

It cannot be excluded that Apple also transmits the information to a server in a third country. This could in particular be Apple Inc. One Apple Park Way, Cupertino, California, USA, 95014. We cannot influence which personal data Apple processes with your registration and the provision of downloads in the respective App store and App store software. The responsible party in this respect is solely Apple as the operator of the Apple App Store.

Anonymous Device information

We collect information from and about the device(s) you use to access the App, including hardware and software information such as IP address, device ID and type, device-specific and App settings and properties, App crashes, information about your wireless and mobile network connection such as your service provider and signal strength.

Registration and data storage

When you start the App for the first time, you have the option to register. The following information is requested for this purpose:

  • your full name,
  • your email address, and
  • your password.

Alternatively, you can create an account using either Apple, Facebook or Google Connect. When registering via connect functions of third-party providers, you agree to the respective terms and conditions of these third-party providers and consent to certain data from your respective profile of being transferred to us.

As a registered user, your user-generated content (e.g., Exercises and Workout log) is stored using the database service from: MongoDB, Inc. 3 Shelbourne Building, Crampton Avenue Ballsbridge, Dublin 4, Ireland. You can read MongoDB's Data Processing Agreement at the following link: https://www.mongodb.com/legal/dpa You can read MongoDB's data protection declaration at the following link: https://www.mongodb.com/legal/privacy-policy/

If you are not registering, your user-generated content (e.g., Exercises and Workout log and your user profile) is stored on your device.

Starting the App

If you are a registered user, every time you start the App, your data is synchronized, and your device communicates with our server through a signed token. The data is in particular, your device and your registration information. The transmission takes place automatically and is a prerequisite for the secure functioning of the App and is therefore mandatory.

Push Notifications

To ensure the full functionality of the App, you can manually and explicitly schedule Push notifications. If you have enabled push notifications in the settings of your device, we can send you messages directly to your device. You can adjust or stop receiving push messages or any other given permissions at any time via the device settings of your device.

Authorizations and Access

We may request access or permission to certain functions from your mobile device in particular,

  • Bluetooth access and on older Android devices the Location permission to let the App read HR / SpO2 from compatible sensors,
  • Camera permission - let you scan QR codes of shared exercises
  • Storage (if you have not registered)

The legal basis for data processing is our legitimate interest and the provision of contractual or pre-contractual measures. You can deactivate push notifications or any other given permissions at any time via Settings/Messages (iOS) or Settings/Notifications/ (Android).

When you contact us

If you contact us, your transmitted personal data will be automatically stored for the purpose of processing the request or contacting you. We delete the data accruing in this context after the storage is no longer necessary for the processing of your request or restrict the processing if there are legal retention obligations.

Purchases

When you order a feature in the App or subscribe, we may collect the following data from you to process the desired order:

  • IOS or Android user ID
  • Email address
  • Payment confirmation from the payment data collected by the Apple or Google depending on the payment method; and
  • Device IP and device serial number to link the story history to the device.
How we use information?

The main reason we use your data is to deliver and improve our services as follows:

  • provide you with customer support and respond to your requests,
  • complete your transactions,
  • communicate with you about our services,
  • analyze your profile, activity on the service,
  • communicate with you,
  • to improve our services and develop new ones,
  • conduct research and analysis of users’ behavior to improve our services and content (for instance, we may decide to change the look and feel or even substantially modify a given feature based on users’ behavior),
  • develop new features and services,
  • to prevent, detect and fight fraud or other illegal or unauthorized activities,
  • address ongoing or alleged misbehavior,
  • perform data analysis to better understand and design countermeasures against fraudulent activities,
  • retain data related to fraudulent activities to prevent against recurrences,
  • to ensure legal compliance,
  • assist law enforcement, and
  • enforce or exercise our rights.
How do we use your data to improve the STAmina Apnea Trainer App?

We analyze the use of the App anonymously in order to better understand and optimize the behavior when using our services.

For that purpose, we use Visual Studio App Center (Microsoft). With the App Center we receive crash and diagnostic data as well as evaluations about the usage within the App. In addition to the actual error report, this includes the country code, language used, manufacturer, version of the operating system of the mobile device, the installed version of the app as well as the date and time of the event that occurred (error or crash of the App). This data is used exclusively to analyze any problems or crashes that may have occurred with the app. Detailed information can be found at: https://docs.microsoft.com/de-de/appcenter/sdk/data-collected#diagnostics

The app uses the Firebase tool, which is part of the Firebase platform of Google Inc, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA, to obtain statistics on how the App is used, in particular active user numbers, session length, stability rating and storage time. Answers logs the use of the app and we evaluate user behaviour and user activity in general, i.e. not on a personal basis.

For this purpose, the following data is transferred to the Analytics Engine: name and AppStore ID, build version, individual device installation key, timestamp, device model, device name, device operating system name and version numbers, the language and country settings of the device (iOS), the number of CPU cores on the device (iOS), whether a device has the status "jailbreak" (iOS) or "root " (Android), app lifecycle events (iOS) and app activities (Android); The legal basis for this data processing is our legitimate interest.

The app also uses the tool Crashlytics, which is part of the platform Firebase of Google Inc to log crashes of the app. No personal data is transmitted. Only real-time crash reports with precise details of code locations and device information are sent, which is intended to simplify maintenance and improve the resulting stability of the app.

How long do we store your data?

We keep your personal data only as long as we need it for legitimate business purposes and as permitted by Applicable law. To protect the safety and security of our users on and off our services, we implement a safety retention window of three months following account deletion. During this period, account information will be retained although the account will of course not be visible on the services anymore.

In practice, we delete or anonymize your data upon deletion of your account (following the safety retention window), unless:

  • we must keep it to comply with Applicable law (for instance, some “traffic data” is kept for one year to comply with statutory data retention obligations),
  • we must keep it to evidence our compliance with Applicable law (for instance, records of consents to our Terms, Privacy Policy and other similar consents),
  • there is an outstanding issue, claim or dispute requiring us to keep the relevant information until it is resolved, or
  • the information must be kept for our legitimate business interests, such as fraud prevention and enhancing users’ safety and security. For example, information may need to be kept preventing a user who was banned for unsafe behavior or security incidents from opening a new account.

Keep in mind that even though our systems are designed to carry out data deletion processes according to the above standards, we cannot promise that all data will be deleted within a specific time-frame due to technical constraints.

How do we protect your data?

We work hard to protect you from unauthorized access to or alteration, disclosure, or destruction of your personal data. As with all online technology, we take steps to secure your data, however we do not promise, and you should not expect, that your personal data will always remain secure.

We regularly monitor our systems for possible vulnerabilities and attacks and regularly review our information collection, storage, and processing practices to update our physical, technical, and organizational security measures.

We may suspend your use of all or part of the services without notice if we suspect or detect any breach of security. If you believe that your account or information is no longer secure, please notify us immediately.

How we share your data?

We may disclose your personal data to third parties:

  • for the purposes of providing services that you request from us, fulfilling our obligations arising from any contracts entered into between you and us, processing payments in connection therewith or otherwise in connection with your use of the App,
  • in the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets, or
  • if we or substantially all of our shares or assets are acquired by a third party, in which case Personal Data held by us about our customers will be one of the transferred assets.

We may also disclose your personal data to a governmental or regulatory body, law enforcement, or other authorities, in order to enforce our terms of use for the App, to cooperate with any direction, request or order from such parties or to report any suspected unlawful activity.

How can I update my data?

If you believe that the information, we hold about you is inaccurate or that we are no longer entitled to use it and want to request its rectification, deletion, or object to its processing, please do so in your account or by contacting us. For your protection and the protection of all of our users, we may ask you to provide proof of identity before we can answer the above requests.

Keep in mind, we may reject requests for certain reasons, including if the request is unlawful or if it may infringe on trade secrets or intellectual property or the privacy of another user. Also, we may not be able to accommodate certain requests to object to the processing of personal data, notably where such requests would not allow us to provide our service to you anymore.

Obligation to provide personal data

You are not obliged to provide us with personal data. However, depending on the individual case, the provision of certain personal data may be necessary for the provision of the above services. If you do not provide us with this personal data, we may not be able to provide the service.

Uninstall

You can stop all information collection by the App by uninstalling it using the standard uninstall process for your device. If you uninstall the App from your mobile device, the unique identifier associated with your device will continue to be stored. If you re-install the App on the same mobile device, we will be able to re-associate this identifier to your previous transactions and activities.

Accountability

In certain countries, including in the European Union, you have a right to lodge a complaint with the appropriate data protection authority if you have concerns about how we process your personal information. The data protection authority you can lodge a complaint with notably may be that of your habitual residence, where you work or where we are established.

Automated individual decision-making including profiling

We do not make automated decisions in individual cases, including profiling.

Accuracy

It is important that the data we hold about you is accurate and current, therefore please keep us informed of any changes to your personal data.

What are your rights?

You have a number of ‘Data Subject Rights’ below is some information on what they are and how you can exercise them.

Accuracy

It is important that the data we hold about you is accurate and current, therefore please keep us informed of any changes to your personal data.

What are your rights?

You have a number of ‘Data Subject Rights’ below is some information on what they are and how you can exercise them.

  • information about the processing of your personal data.
  • obtain access to the personal data held about you.
  • ask for incorrect, inaccurate or incomplete personal data to be corrected.
  • request that personal data be erased when it’s no longer needed or if processing it is unlawful.
  • object to the processing of your personal data for marketing purposes or on grounds relating to your particular situation.
  • request the restriction of the processing of your personal data in specific cases.
  • receive your personal data in a machine-readable format and send it to another controller (‘data portability’).
  • request that decisions based on automated processing concerning you or significantly affecting you and based on your personal data are made by natural persons, not only by computers.
  • You also have the right in this case to express your point of view and to contest the decision
  • Where the processing of your personal information is based on consent, you have the right to withdraw that consent without detriment at any time through our contact form.

The above rights may be limited in some circumstances, for example, if fulfilling your request would reveal personal information about another person, if you ask us to delete information which we are required to have by law, or if we have compelling legitimate interests to keep it.

We will let you know if that is the case and will then only use your information for these purposes. You may also be unable to continue using our services if you want us to stop processing your personal information./p>

We encourage you to get in touch if you have any concerns with how we collect or use your personal information. You do however also have the right to lodge a complaint directly with the supervisory authority responsible for you or the supervisory authority responsible for us which is the Data State Inspectorate (DSI), their contact details can be found on their website (www.dvi.gov.lv).

Note on data transfer to the USA

Amongst other things, tools from companies based in the USA are integrated in the App. If these tools are active, your personal data may be transferred to the US servers of the respective companies. We would like to point out that the USA is not a safe third country in the sense of Latvia or EU data protection law. US companies are obliged to hand over personal data to security authorities without you as a data subject being able to take legal action against this. It can therefore not be ruled out that US authorities (e.g., intelligence services) process, evaluate and permanently store your data located on US servers for monitoring purposes. We have no influence on these processing activities.

Data Breaches/Notification

Databases or data sets that include Personal Data may be breached inadvertently or through wrongful intrusion. Upon becoming aware of a data breach, we will notify all affected individuals whose Personal Data may have been compromised, and the notice will be accompanied by a description of action being taken to reconcile any damage as a result of the data breach. Notices will be provided as expeditiously as possible after which the breach was discovered.

Children’s Privacy

Our services are restricted to users who are 18 years of age or older. We do not permit users under the age of 18 on our platform and we do not knowingly collect personal information from anyone under the age of 18. If you suspect that a user is under the age of 18, please contact us.

Changes

Because we’re always looking for new and innovative ways to improve our App, this policy may change over time. We will notify you before any material changes take effect so that you have time to review the changes.

Queries and Complaints

Any comments or queries on this policy should be directed to us using the following contact details:

Squarecrowd Apps LLC
Hanzas st. 4 - 57,
Riga, LV-1010, Latvia
Web: www.getstamina.app
E-mail: hello@squarecrowdapps.com

If you believe that we have not complied with this policy or acted otherwise than in accordance with data protection law, then you should notify us. You can also make a referral to, or lodge a complaint with, the DSI.