EMBRACE NOW PRIVACY POLICY

Welcome to Embrace NOW. With our Native App and our website (hereinafter collectively referred to as the "App"), we provide you with an application that you can download to your mobile device. The App sees itself as a social media app for consumers with the aim of sharing dreams with the community as well as bringing soulmates together and into personal contact. Data protection is a particularly high priority for us and we want you to feel safe while using our app.

In the following, we provide information about the collection of personal data when using our app as well as the type, scope and purpose of the information we collect, use and process. We reserve the right to change the privacy policy at any time with effect for the future. The current version of the data protection declaration can be accessed in our app at any time.

1. name and address of the person responsible

We have appointed as our representative within the European Union in accordance with Art. 27 (1), 3 (2) GDPR:

Fux Legal, Krausnickstrasse 10, 10115 Berlin, Germany, info@fux-legal.de

Contact details:

E-mail:  service@embracenow.com

2. data subject rights

You have the following rights in relation to us in respect of personal data relating to you:

a.       Right to information

You also have the right to obtain from us, at any time and free of charge, information about the personal data we hold about you and a copy of that information. You also have a right of access regarding the following information:

Furthermore, you have the right to be informed whether personal data have been transferred to a third country or to an international organisation. If this is the case, you also have the right to obtain information about the appropriate safeguards in connection with the transfer.

b.  Right to rectification

You have the right to request the immediate correction and/or completion of inaccurate or incomplete personal data concerning you. We must carry out the rectification without delay.

c.  Right to restriction of processing

You have the right to request us to restrict processing if one of the following conditions is met:

If the processing of personal data relating to you has been restricted, this data - apart from being stored - may only be used with your consent or for asserting your rights, exercise or defence of legal claims or to protect the rights of another natural or legal person or on grounds of an important public interest of the Union or of a Member State.

If the restriction of processing has been restricted in accordance with the above conditions, you will be informed by us before the restriction is lifted.

d.  Right to erasure

You have the right to request that we erase the personal data concerning you without undue delay, provided that one of the following reasons applies and to the extent that the processing is not necessary:

If the personal data have been made public by us and we as a controller are obliged to erase the personal data pursuant to Article 17(1) of the GDPR, we shall, taking into account the available technology and the cost of implementation, implement reasonable measures, including those of a technical nature, to inform other data controllers processing the published personal data that the data subject has requested from those other data controllers to erase all links to or copies or replications of the personal data, unless the processing is necessary.

The right to erasure does not exist insofar as the processing is necessary:

e.  Right to information

If you have asserted the right to rectification, erasure or restriction of processing against us, we are obliged to inform all recipients to whom the personal data concerning you has been disclosed of this rectification or erasure of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort.

You have the right to be informed about these recipients.

f.   Right to data portability

You have the right to receive the personal data concerning you, which you have provided to us, in a structured, common and machine-readable format. You also have the right to transfer this data to another controller without hindrance from us, provided that the processing is based on consent pursuant to Art. 6(1)(a) DSGVO or Art. 9(2)(a) DSGVO or on a contract pursuant to Art. 6(1)(b) DSGVO and the processing is carried out with the aid of automated procedures, unless the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us.

Furthermore, when exercising your right to data portability pursuant to Article 20(1) of the GDPR, you have the right to have the personal data transferred directly from us to another controller, insofar as this is technically feasible and insofar as this does not adversely affect the rights and freedoms of other persons.

The right to data portability does not apply to processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

g.  Right to object

You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Article 6(1)(e) or (f) DSGVO. This also applies to profiling based on these provisions.

We will no longer process the personal data in the event of the objection, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

You have the right to object, on grounds relating to your particular situation, to the processing of your personal data which is carried out by us for scientific or historical research purposes or for statistical purposes pursuant to Article 89(1) DSGVO, unless such processing is necessary for the performance of a task carried out in the public interest.

You may contact us at any time to exercise your right to object. You are also free to exercise your right to object by means of automated procedures using technical specifications in connection with the use of information society services, notwithstanding Directive 2002/58/EC.

h.  Right to withdraw consent under data protection law

You have the right to withdraw your consent to the processing of personal data at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.

i.   Right to automated decisions in individual cases including profiling

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you, unless the decision is necessary for the conclusion or performance of an agreement between you and us.

we take reasonable steps to safeguard your rights and freedoms as well as your legitimate interests, including at least the right to obtain the intervention of a person on our part, to express our own point of view and to contest the decision.

j. Existence of automated decision making

We do not carry out any automated decision making or profiling.

k.  Right to complain to a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, workplace or the place of the alleged infringement, if you consider that the processing of personal data concerning you infringes the GDPR. The supervisory authority to which the complaint has been lodged will inform the complainant of the status and outcome of the complaint, including the possibility of a judicial remedy under Article 78 GDPR. The supervisory authority responsible for us is the Brandenburg State Commissioner for Data Protection and for the Right to Inspect Files, Stahnsdorfer Damm 77, 14532 Kleinmachnow Stahnsdorfer Damm 77, 14532 Kleinmachnow.

3. data processing when downloading the app

If you download our app from an app store, the information required for this purpose will be transferred to the respective operator of the app store (e.g. Apple or Google), i.e. in particular user name, e-mail address and user ID of your app store operator, time of download, payment information and the individual device identification number. This data collection and processing is carried out by the respective app store operator, over which we have no influence. Further information on the providers and their data processing can be found in the respective privacy policy.

4 Access data in server log files and databases

When using the app proactively, when registering, when logging in and when requesting a new password, we store the access data generated in the process in so-called server log files and partly in databases. This includes the date and time of the access, the amount of data transferred, the location and the IP address.

The legal basis for the temporary storage of your data and the log files is Art. 6 para. 1 lit. b DSGVO.

This data is evaluated exclusively to ensure the permanent and trouble-free operation of the app and to guarantee the proper functionality of the app as well as for transmission to law enforcement authorities in the event of a cyber attack and to ensure the security of our information technology systems. An evaluation of your data for marketing purposes does not take place in this context.

The collection of data for the provision of the app and the storage of the data in log files is absolutely necessary for the operation of our app. Consequently, there is no possibility to object.

5. data processing for the operation of the app

If you open a user account via the app, we process the data required for this purpose and for the operation of the app, such as the selected user name, email address, soul picture, gender, date of birth, location, IP address, login data, chat content and such data and files that were stored in the user profile.

The legal basis for the processing of personal data is Art. 6 para. 1 lit. b DSGVO.

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. This is the case for the data collected during the registration process when the user account is deleted.

6. Data processing when using social or single sign-on procedures

In order to facilitate the registration process for our users, they are offered the option of opening an account via an existing account with a third-party provider. If a user decides to use this registration method, he or she will be forwarded directly to the selected third-party provider in a first step. There, the user is requested by the respective third-party provider to enter the access data in order to log in or register with the respective service. If the user is already logged in to the third party provider with the end device at this time, this request for registration is skipped. You can recognise the login options in the app by the integrated logos of the respective third-party provider. We currently offer the option of registering via an existing account with the following third-party providers:

If you use the option to register via a third-party provider, the app communicates with the server of the respective provider, whereby the data required to open the account and stored with the third-party provider is read and linked to the account.

The legal basis for this data processing is Art. 6 para. 1 lit. b DSGVO.

7. Data processing for proximity search

In order to be able to offer our users the most relevant recommendations for Soulmates and to improve the functionalities of our app, we process the location data of the respective user on the basis of Art. 6 para. 1 lit. a DSGVO. If the user consents to this processing by activating the location service, the location data collected in this way (longitude and latitude) or the desired location selected by the user is periodically transmitted to our servers and processed there.

Users can object to this data processing at any time in the future by deactivating this location service in the settings of their end device. For the smooth or unrestricted operation of the app, the collection of the current location data by activating the location service is absolutely necessary. Deactivating the location service may therefore restrict or completely disable the functionality of the app.

8. Google Firebase

In order to provide our app together with all functionalities, in particular the login and the push message feature, we use the technology of Google Firebase, a service of Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, (hereinafter referred to as "Firebase"). Firebase is part of the Google Cloud Platform and offers numerous services for developers. A list of these can be found here: https://firebase.google.com/terms/. The user data relevant for logging in and for the push messages are transmitted to Firebase and processed on its servers.

The data is processed on the basis of Art. 6 para. 1 lit. b DGSGVO, as the functions can only be guaranteed via Firebase.

The data processed by Firebase may be processed via servers outside of Europe, e.g. from the USA. We have concluded a contract with Firebase for commissioned data processing in accordance with Art. 28 DSGVO. In this contract, Firebase undertakes to protect the data of our users, to process it on our behalf in accordance with their data protection regulations and, in particular, not to pass it on to third parties.

Further information on data protection in connection with Google Firebase can be found at: https://www.firebase.com/terms/privacy-policy.html.  

9. Data security

We secure our app and other systems through numerous technical and organisational measures against loss, destruction, access, modification or distribution of your data by unauthorised persons. To this end, we continuously update the firewalls we use, the encryption procedures and our security systems. Despite regular checks, complete protection against all risks is nevertheless not possible and cannot be guaranteed by us.

10. Data deletion

Your personal data will be deleted or blocked as soon as the purpose of the storage no longer applies or you revoke your consent. In addition, data may be stored if this has been provided for by the European or national legislator in Union regulations, laws or other provisions to which the person responsible is subject. If the purpose of storage no longer applies, if you revoke your consent or if a storage period prescribed by the European Directive and Regulation Maker or another competent legislator expires, the personal data will be routinely blocked or deleted in accordance with the statutory provisions, unless there is a necessity for further storage of the data for the conclusion or performance of a contract.

11. Legal or contractual requirements to provide the personal data; necessity for the conclusion of the contract; obligation of the data subject to provide the personal data; possible consequences of failure to provide the personal data

We inform you that the provision of personal data is sometimes required by law (e.g. tax regulations) or may also result from contractual regulations (e.g. information on the contractual partner). Sometimes, in order to conclude a contract, it may be necessary for you to provide us with personal data that must subsequently be processed by us. For example, you are obliged to provide us with your personal data if you conclude a contract with us. Failure to provide your personal data would mean that the contract with you could not be concluded.

STAND: June 2021