Last updated: July, 14th 2021
First and foremost, we at UPNDO want to get you moving, healthy and having a huge positive impact in our global community.
We are in the business of corporate wellness and social impact, this means that in no case we sell your data to third parties!
UPNDO follows the strictest interpretation of the GDPR guidelines and legislation.
By using the service, you promise us that:
- contact us by email to firstname.lastname@example.org and request deletion of your account and data; and
- delete the App from your devices.
Data you give us:
You provide information about yourself when you sign up for and/or use the Service. For example: name, gender, data on physical characteristics (including height and weight), fitness activity data, email address.
Providing these data is not compulsory. But app usage will be much cooler if you do, you will enjoy a much better service!
Data provided by third parties:
Service usage relies on the connection between the App and your local Health app (either Apple Health Kit for iOS users, or Google Fit for Android users). So, when you connect UPNDO to your Health app, we will be able to collect information on your daily physical activity (e.g. Steps, Type of Activity, Duration of the Activity).
When you connect your Apple Health or Google Fit to the service there is certain data that you allow us to read. Examples of such data include Cycling duration, Flights Climbed, Steps, Type of workout.
There are other types of data we collect automatically:
- Device data: We collect data from your mobile device. Examples of such data include: type, name and model of a device, operating system.
- Usage data: We record how you interact with our Service. For example, we log your taps on certain areas of the interface, the features, and content you interact with, how long you are in the application and the UPNDO points you earn and the donations you make.
For what purposes do we process your personal data?
- To provide our Service:
- This includes enabling you to use the Service in a seamless manner and preventing or addressing Service errors or technical issues.
- To host personal data and enable our APPLICATION to operate and be distributed we use Amazon Web Services, which is a hosting and backend service.
- To monitor infrastructure and the App’s performance, we use Crashlytics, which is a monitoring service provided by Google.
- To customize your experience:
- We process your personal data to adjust the content of the Service and make offers tailored to your personal preferences.
- To manage your account and provide you with customer support:
- To communicate with you regarding your use of our Service:
- We communicate with you, for example, by email and push notifications. These may include reminders and messages encouraging you to be active and, or other information about the App. As a result, you may, for example, receive a push notification every day at a particular time reminding you to move more.
- The services that we use for this purpose may collect data concerning the date and time when the message was viewed by our App’s users, as well as when they interacted with it, such as by clicking on links included in the message.
- To research and analyze your use of the Service:
- This helps us to better understand our business, analyze our operations, maintain, improve, innovate, plan, design, and develop the App and new products.
- We use Firebase Analytics, which is an analytics service provided by Google. In order to understand Google’s use of data, consult Google’s partner policy.
- To send you marketing communications:
- We process your personal data for our marketing campaigns. We may add your email address to our marketing list. As a result, you may receive information about our services, such as for example, new challenges and suggested NPO’s according to your social causes. If you do not want to receive marketing emails from us, you can unsubscribe following instructions in the footer of the marketing emails.
- To enforce our Terms and Conditions of Use and to prevent and combat fraud:
- We use personal data to enforce our agreements and contractual commitments, to detect, prevent, and combat fraud. As a result of such processing, we may share your information with others, including law enforcement agencies (in particular, if a dispute arises in connection with our Terms and Conditions of Use).
- To comply with legal obligations:
- We may process, use, or share your data when the law requires it, in particular, if a law enforcement agency requests your data by available legal means.
How can you exercise your privacy rights?
To be in control of your personal data, you have the following rights:
- Accessing / reviewing / updating / correcting your personal data. You may review, edit, or change the personal data that you had previously provided to us in the profile section of the APPLICATION.
- You may also request a copy of your personal data collected during your use of the App at email@example.com.
- Deleting your personal data. You can request erasure of your personal data by sending us an email to firstname.lastname@example.org.When you request deletion of your personal data, we will use reasonable efforts to honor your request. In some cases, we may be legally required to keep some of the data for a certain time; in such event, we will fulfill your request after we have complied with our obligations.
- Objecting to or restricting the use of your personal data. You can ask us to stop using all or some of your personal data or limit our use thereof by requesting its erasure as described above or sending a request to email@example.com.
Additional information for EEA-based users. If you are based in the EEA, you have the following rights in addition to the above:
- The right to lodge a complaint with supervisory authority: We would love you to contact us directly, so we can address your concerns. Nevertheless, you have the right to lodge a complaint with a competent data protection supervisory authority, in particular in the EU Member State where you reside, work or where the alleged infringement has taken place.
- The right to data portability. If you wish to receive your personal data in a machine-readable format, you can do so by requesting a copy of your personal data as described above (or send respective request at firstname.lastname@example.org). The data will be made available to you in the .json file format.
International data transfers:
In particular, if we transfer personal data originating from the EEA to countries with not adequate level of data protection, we use one of the following legal bases: (i) Standard Contractual Clauses approved by the European Commission (details available here), or (ii) the EU-U.S. Privacy Shield Framework (details available here), or (iii) the European Commission adequacy decisions about certain countries (details available here).
THANKS FOR TAKING THE TIME TO READ ALL THAT LEGAL LANGUAGE. WE HOPE YOU ENJOY USING THE UPNDO!