With this data protection notice we inform you about our handling of your personal data and about your rights according to the European Data Protection Regulation (GDPR). Divs Neuroinformatics d.o.o. (hereinafter referred to as „we“ or „us“) is responsible for data processing for Moveo product.
If you have any questions or comments about this information, or if you wish to contact us
about asserting your rights, please send your request to:
Divs Neuroinformatics d.o.o.
Jurija Gagarina 14j
11070, Belgrade, Serbia
E-mail: support@moveohealth.ai
The term „personal data“ under data protection law refers to all information that relates to an identified or identifiable individual. We process personal data in compliance with the relevant data protection regulations, in particular the GDPR and the BDSG. Data processing by us only takes place on the basis of a legal permission. We process personal data only with your consent, Art. 6 Para. 1 lit. a GDPR, for the performance of a contract to which you are a party, or at your request for the performance of pre-contractual measures, Art. 6 Para. 1 lit. b GDPR, for the performance of a legal obligation, Art. 6 Para. 1 lit. c GDPR, or if the processing is necessary to protect our legitimate interests or the legitimate interests of a third party, unless your interests or fundamental rights and freedoms which require the protection of personal data override, Art. 6 Para. 1 lit. f GDPR.
Unless otherwise stated in the following notes, we only store the data for as long as is necessary to achieve the processing purpose or to fulfil our contractual or legal obligations. Such statutory retention obligations may arise in particular from commercial or tax law regulations. From the end of the calendar year in which the data was collected. In addition, we will retain data in connection with consents requiring proof, as well as with complaints and claims for the duration of the statutory limitation periods. We will delete data stored for advertising purposes if you object to processing for this purpose.
We use processors as part of the processing of your data. Processing operations carried out by such processors include, for example, hosting, maintenance and support of IT systems, customer and order management, order processing, accounting and billing, marketing activities or file and data carrier destruction. A processor is a natural or legal person, public authority, agency or other body that processes personal data on behalf of the data controller. Processors do not use the data for their own purposes, but carry out the data processing exclusively for the data controller and are contractually obliged to guarantee appropriate technical and organisational measures for data protection. In addition, we may transfer your personal data to bodies such as postal and delivery services, the company‘s bank, tax advisors/auditors or the tax authorities. Further recipients may result from the following information.
Visiting our website may involve the transfer of certain personal data to third countries,
i.e. countries in which the GDPR is not applicable law. Such a transfer takes place in a
permissible manner if the European Commission has determined that an adequate level of data protection
is required in such a third country. If such an adequacy decision by the European Commission does not exist,
a transfer of personal data to a third country will only take place if appropriate safeguards are in
place in accordance with Article 46 of the GDPR or if one of the conditions of Article 49 of the GDPR is met.
Unless otherwise stated below, we use the EU standard contractual clauses for the transfer of personal
data to processors in third countries as appropriate safeguards.
If you exercise your rights in accordance with Articles 15 to 22 of the GDPR, we will process the personal data provided for the purpose of implementing these rights by us and to be able to provide evidence thereof. We will only process data stored for the purpose of providing information and preparing it for this purpose and for the purpose of data protection control and otherwise restrict processing in accordance with Art. 18 GDPR. These processing operations are based on the legal basis of Art. 6 Para. 1 lit. c GDPR in conjunction with. Art. 15 to 22 GDPR and § 34 Para. 2 BDSG.
As a data subject, you have the right to assert your data subject rights against us.
In particular, you have the following rights:
In accordance with Art. 21 Para. 1 GDPR, you have the right to object to processing based on the legal basis of Art. 6 Para. 1 lit. e or lit. f GDPR on grounds relating to your particular situation. If we process personal data about you for the purpose of direct marketing, you may object to such processing pursuant to Article 21 Para. 2 and 3 of the GDPR.
When you use the website, we collect information that you provide yourself. In addition, during your visit to the website, certain information about your use of the website is automatically collected by us. In data protection law, the IP address is also generally considered to be personal data. An IP address is assigned to every device connected to the Internet by the Internet provider so that it can send and receive data.
During the purely informative use of our website, general information that your browser transmits to our server is initially stored automatically (i.e. not via registration). This includes by default: browser type / version, operating system used, requested page, the previously visited page (referrer URL), IP address, date and time of the server request and HTTP status code. The processing is carried out to protect our legitimate interests and is based on the legal basis of Art. 6 Para. 1 lit. f GDPR. This processing serves the technical administration and security of the website. The stored data is deleted after seven days unless there is a justified suspicion of unlawful use based on concrete indications and further examination and processing of the information is necessary for this reason. We are not able to identify you as a data subject on the basis of the stored information. Articles 15 to 22 of the GDPR therefore do not apply pursuant to Article 11 Para. 2 of the GDPR, unless you provide additional information that enables us to identify you in order to exercise your rights set out in these articles.
We use cookies and similar technologies („cookies“) on our website. Cookies are small text files that are stored by
your browser when you visit a website. This identifies the browser used and can be recognised by web servers. You
have full control over the use of cookies through your browser. You can delete the cookies in the security settings
of your browser at any time. You can object to the use of cookies through your browser settings in principle or for
specific cases.
The use of cookies is partly technically necessary for the operation of our website and thus permissible
without the consent of the user. In addition, we may use cookies to offer special functions and content as
well as for analysis and marketing purposes. These may also include cookies from third-party providers
(so-called third party cookies). We only use such technically unnecessary cookies with your consent in accordance
with Section 15 Para. 3 TMG or Article 6 Para. 1 lit. a GDPR. Information on the purposes, providers, technologies
used, stored data and the storage period of individual cookies can be found in the settings of our Consent Management Tool.
The Consent Management Tool/Cookie Banner enables the users of our website to give consent to certain data processing processes, to revoke a given consent or to object to data processing. In addition, the Consent Management Tool helps us to provide proof of your declarations. For this purpose, log data on your declarations are processed. The processing of this data is necessary in order to be able to prove that consent has been given. The legal basis is Art. 6 Para. 1 lit. c GDPR in conjunction with. Art. 7 Para. 1 GDPR. Further information can be found in the settings of the Consent Management Tool.
Our website may contain a contact form that you can use to send us messages. Alternatively, you can send us a message via the contact email. We process the data for the purpose of answering your inquiry. If your request is directed towards the conclusion or performance of a contract with us, Art. 6 Para. 1 lit. b GDPR is the legal basis for data processing. Otherwise, we process the data on the basis of our legitimate interest in contacting inquiring persons. The legal basis for the data processing is then Art. 6 Para. 1 lit. f GDPR.
We use services and content provided by third parties on our website (hereinafter collectively referred to as „content“).
For such integration, processing of your IP address is technically necessary so that the content can be sent to your
browser. Your IP address is therefore transmitted to the respective third-party providers. This data processing is
carried out in each case to protect our legitimate interests in the optimization and economic operation of our
website and is based on the
Legal basis of Art. 6 para. 1 lit. f GDPR. You can object to this data processing at any time via the settings of
the browser used or certain browser extensions. One such extension is the Matrix-based firewall uMatrix for the
browsers Firefox and Google Chrome. Please note that this may result in functional restrictions on the website.
We have integrated content from the following services provided by third parties into our website:
„YouTube“ of Google Ireland Limited (Ireland/EU) for the display of videos.
„Vimeo“ of Vimeo Inc. (USA) to display videos.
When you use the app, we collect information that you provide yourself. We also collect certain
information automatically when you use the app.
In data protection law, online identifiers such as the IP address or a device ID are also considered personal data.
However, we are regularly not in a position to identify you directly as a data subject on the basis of such
online identifiers. Therefore, pursuant to Article 11 Para. 2 of the GDPR, Articles 15 to 22 of the GDPR do
not apply to the processing of such data by us, unless you provide additional information that enables us to
identify you in order to exercise your rights set out in these articles.
When you use the app, we collect information that you provide yourself. We also collect certain information
automatically when you use the app.
In data protection law, online identifiers such as the IP address or a device ID are also considered personal data.
However, we are regularly not in a position to identify you directly as a data subject on the basis of such online
identifiers. Therefore, pursuant to Article 11 Para. 2 of the GDPR, Articles 15 to 22 of the GDPR do not apply to
the processing of such data by us, unless you provide additional information that enables us to identify you in
order to exercise your rights set out in these articles.
When you use our app, we process the following data, among others:
Registration is required in order to use the app. The required information can be seen in the registration input mask.
The provision of the information marked as mandatory is mandatory so that the registration can be completed. The data
provided will be processed for the purpose of providing the service.
You can register and sign in to the Moveo App using „Sign in with Apple“. „Sign in with Apple“ is a service provided by
Apple Inc. One Apple Park Way, Cupertino, California, USA, 95014. This links your Apple ID and the Moveo App. You have
the option to share your email address or hide your email address in your iPhone‘s settings. If you select
„Share Email Address“, we will receive the email address and your name associated with your Apple ID. Hide Email
Address, an email relay service from Apple, lets you create a unique, random email address that forwards email to
your private email address. This allows you to receive messages from the app without sharing your private email
address with us. We do not share any data with Apple, by connecting to Apple your IP address is transferred to Apple.
The controller of personal data for individuals, within the European Economic Area, is Apple Distribution
International ltd, Hollyhill Industrial Estate, Hollyhill Cork, Republic of Ireland. In the event that personal
data is processed outside the European Union area, the provider has undertaken to comply with EU data protection
standards. For more information on any data processing by Apple, please refer to Apple‘s privacy policy.
The processing is based on the legal basis of Article 6 Para. 1 lit. b GDPR.
We use the Google Firebase development platform of the provider Google Ireland Limited (Google Ireland) for our apps.
Google Firebase is a platform for developing apps for mobile devices and websites. Google Firebase provides
features such as analytics, databases, messaging, and crash reporting, as well as the technical infrastructure
to run the app, through a software development kit (SDK).
Depending on the respective function, online identifiers such as the IP address used and the Firebase installation
IDs are processed for this purpose. In addition, some functions use further information about the end device used.
Furthermore, individual functions process additional personal data such as. Further information on the functions of
Google Firebase, the data processed in each case and the respective storage period can be found at
https://firebase.google.com/support/privacy. The data is transmitted to Google Ireland and processed on our behalf.
Furthermore, the data processing is carried out to protect our legitimate interest in managing and controlling
our app on the basis of a developer platform. The legal basis for the processing of personal data in this case is
Art. 6 Para. 1 lit. f GDPR
The personal data processed to provide the features of Google Firebase may also be transferred to third countries
where the GDPR is not applicable law, if Google Ireland or Google‘s Irelands sub-processors maintain facilities
in that third country. The legal basis for this transfer is the standard contractual clauses for the transfer
of personal data to processors in third countries. We have also concluded these as so-called model contractual
clauses with Google LLC. You can access the model contractual clauses here https://firebase.google.com/terms/firebase-mcc
We use the Mixpanel development platform of the provider Mixpanel’s EU Data Protection Representative is MIXPANEL S.L.
Mixpanel is a platform for developing apps for mobile devices and websites. Mixpanel provides
features such as analytics and crash reporting through a software development kit (SDK).
Depending on the respective function, online identifiers such as the IP address used and the Mixpanel
IDs are processed for this purpose. In addition, some functions use further information about the end device used.
Furthermore, individual functions process additional personal data. Further information on the functions of
Mixpanel, the data processed in each case and the respective storage period can be
found at https://mixpanel.com/legal/privacy-policy. The data is transmitted to Mixpanel and processed on our behalf.
Furthermore, the data processing is carried out to protect our legitimate interest in managing and
controlling our app on the basis of a developer platform. The legal basis for the processing of
personal data in this case is Art. 6 Para. 1 lit. f GDPR
We analyse the use of our app in order to better adapt it to the wishes of our users and to ensure the
stability and reliability of our app.
In particular, we analyze how often the app is opened, when exercise are done and is the result received properly.
We also analyze what content user choose to browse.
We use the Google Analytics for Firebase service of the provider Google Ireland Limited
(Google Ireland) in our app.
The Google Analytics for Firebase service is a feature of the Google Firebase development platform. Google
Analytics is an analytics service that allows us to collect and analyze data about the behavior of users of
our app in order to compile reports about the activities within our app. This involves processing personal
data in the form of online identifiers, IP addresses, device identifiers and information about interaction
with our App. For more information on Google Analytics data collection, please visit
https://support.google.com/firebase/answer/6318039. The data is transferred to Google Ireland and
processed on our behalf.
The legal basis for data processing in connection with the Google Analytics service is therefore
Article 6 Para. 1 lit. f GDPR. The processing is carried out to protect our legitimate interest in
obtaining information about the use of our app and, on this basis, to be able to adapt our app to the use.
Google Analytics retains certain data associated with an advertising identifier for 60 days and retains
aggregate reporting without automatic expiration. Storage of user-level data, including conversions,
is set to up to 14 months. For all other event data, storage is set at 14 months.
The personal data processed to provide the Google Analytics features may also be transferred to third
countries where the GDPR is not applicable law, if Google Ireland or Google‘s Ireland sub-processors maintain
facilities in that third country. The legal basis for this transfer is the standard contractual clauses for
the transfer of personal data to processors in third countries. We have also concluded these as so-called
model contractual clauses with Google LLC. You can access the model contractual clauses here
https://firebase.google.com/terms/firebase-mcc
We use the service Firebase Crashlytics of the provider Google Ireland Limited (Google Ireland) in our app.
The Firebase Crashlytics service is a feature of the Google Firebase development platform.
Firebase Crashlytics is a crash reporting service that helps us improve the stability and
reliability of our app. For this purpose, various data are summarized in crash reports and
sent to us. This data is stored for a maximum of 90 days. The data is transmitted to Google
Ireland and processed on our behalf.
The legal basis for the processing of personal data in this case is Art. 6 Para. 1 lit. f GDPR.
The process serves our legitimate interest in obtaining information about the stability and
reliability of our app and to be able to make appropriate changes to the app on this basis.
Crash reports are only sent with your explicit consent. When using iOS apps, you can give consent
in the app settings or after a crash. For Android apps, you have the option to generally consent
to the sending of crash notifications to Google and app developers when setting up the mobile device.
You can revoke your consent at any time by deactivating the „Crash reports“ function in the settings
of the iOS apps (in the magazine apps, the entry is located in the „Communication“ menu item).
For Android apps, deactivation is basically carried out in the Android settings. To do this, open the
Settings app, select the item „Google“ and there, in the three-point menu at the top right, the menu
item „Usage & Diagnostics“. Here you can deactivate the sending of the corresponding data.
We use the Mixpanel service in our app. Information on the contact details of Mixpanel and the contact
details of Mixpanel‘s data protection officer can be found inMixpanel‘s data policy at
https://mixpanel.com/legal/privacy-policy
Mixpanel is a service that allows us to analyze the usage activities of the end users of our app.
The purpose of this analysis is to improve the user experience by adjusting the design of our offer.
The collected data is also used to analyze the performance of marketing campaigns and to create performance
reports. We process the following data for this purpose:
If you send us a message via the contact email provided or by email directly, we will process the data submitted for the purpose of responding to your request. We process this data based on our legitimate interest to get in touch with inquiring persons. The legal basis for the data processing is Art. 6 Para. 1 lit. f GDPR.
If you contact our company as a customer or interested party, we process your data to the extent necessary to establish or implement the contractual relationship. This regularly includes the processing of personal master, contract and payment data provided to us as well as contact and communication data of our contact persons at commercial customers and business partners. The legal basis for this processing is Art. 6 Para. 1 lit. b GDPR. We also process customer and prospective customer data for evaluation and marketing purposes. This processing is carried out on the legal basis of Art. 6 Para. 1 lit. f GDPR and serves our interest to further develop our offer and to inform you specifically about our offers. Further data processing may take place if you have consented, Art. 6 Para. 1 lit. a GDPR or if this is necessary for the fulfilment of a legal obligation, Art. 6 Para. 1 lit. c GDPR).
July 2023