ADVA Soft GmbH Privacy Policy
Overview
This Privacy Policy explains how ADVA Soft GmbH collects, uses, discloses, and protects your personal information when you interact with us through various channels, including:
- Legal Obligations and Disclosures: We may disclose your personal information when required by law or when we believe it's necessary to comply with legal processes or protect our rights.
- Using Happy PlateApp: ADVA Soft GmbH gathers and processes your personal data to provide and improve our services, when you use the Happy Plate app.
- Adherence to This Policy: We are committed to using and disclosing your personal data only as described in this Privacy Policy.
- Customer Support and Feedback: We handle your data to assist you effectively, if you visit our help center or communicate with us via email or other channels.
- Third-Party Data Collection: Certain third parties may collect information about your online activities over time and across different websites or platforms when you use our services. Please review their privacy policies to understand how they handle your data.
- Visiting Website: This policy outlines how we manage and protect your information, when you browse happyplate.app when applicable.
- Communications: We ensure your personal data is handled responsibly, when we reach out to you regarding our products and services.
- Social Media Interaction: This policy details how we handle your data during engaging with you on platforms like Facebook, Twitter, Instagram, TikTok, and YouTube.
- Business Transactions: In the event of a merger, acquisition, or sale of assets, your personal data may be transferred as part of that transaction.
This Privacy Policy does not apply to:
- Third-Party Actions: We cannot control how third parties, such as social media or payment platforms, use your personal data beyond our own interactions with you.
- Non-Personal Data: Information that does not identify an individual or household is not covered by this policy.
- Company Personnel: The personal data of our employees, contractors and similar individuals is subject to separate policies.
ADVA Soft GmbH acts as a "data controller" regarding your personal data. This means we determine the purposes and means of processing your information.
Data Security
ADVA Soft GmbH implements appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include encryption, access controls, and secure data storage. Please ensure you keep your app updated to the latest version to benefit from security enhancements.
Legal Bases for Processing Your Data
ADVA Soft GmbH processes your personal data based on one or more of the following legal grounds:
- Consent: You have given us explicit permission to process your data.
- Legitimate Interests: We process data to pursue legitimate interests of our own or third parties, provided your rights and interests are not overridden. These interests include:
- Complying with legal obligations and regulations.
- Ensuring security and preventing fraud.
- Managing business operations effectively.
- Enhancing and improving our products and services.
- Engaging with customers and keeping you informed about updates, new features, and relevant content.
- Conducting research and development to improve user experience.
- Marketing and promoting our app to a wider audience.
- Contractual Necessity: Processing is necessary to fulfill our contract with you, for example, providing access to the app and customer support.
- Legal Compliance: We process data to comply with legal obligations, such as record-keeping for compliance with regulations like the GDPR or CCPA.
- Other Legal Grounds: We may process your data based on other legal bases as permitted by law.
If ADVA Soft GmbH relies on your consent to process your data, you have the right to withdraw it at any time. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
Your Privacy Rights
You have certain rights regarding your personal data, subject to applicable laws:
- Right to Be Informed: You have the right to know how we collect and use your personal data, how long we retain it, and with whom we share it.
- Right of Access: You can request confirmation of whether we process your personal data and obtain a copy of the data we hold about you.
- Right to Restrict Processing: You can request that we limit the processing of your personal data in certain situations, such as when you contest the accuracy of the data
- Right to Withdraw Consent: If we rely on your consent to process your data, you can withdraw it at any time.
- Right to Erasure (Right to Be Forgotten): You can request that we delete your personal data under certain circumstances. Note that deleting your data does not cancel any active subscriptions, which must be managed through your app store.
- Right to Rectification: You can ask us to correct any inaccuracies in your personal data or complete any incomplete data.
- Right to Data Portability: You can request a copy of your personal data in a structured, commonly used, and machine-readable format to transfer it to another service provider.
- Right to Object: You can object to the processing of your personal data when we rely on legitimate interests. You can also object to processing for direct marketing purposes.
- Right to Non-Discrimination: We will not discriminate against you for exercising any of your privacy rights.
- Rights Related to Automated Decision Making and Profiling: You have the right not to be subject to decisions based solely on automated processing that significantly affect you.
Exercising Your Rights
To exercise your rights, please contact us using one of the following methods:
- Email: Send your request to privacy@adva-soft.com.
- In-App Support: Use the support feature within the Happy Plate app.
Data Retention and International Data Transfers
ADVA Soft GmbH retains your personal data only for as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements. When data is processed for multiple purposes, it is retained until the purpose with the longest retention period expires.
Your personal data may be transferred to and processed in countries outside of your own, including those that may not have data protection laws equivalent to those in your jurisdiction. If your data is protected under the EU or UK GDPR, we will:
- Obtain Your Consent: Seek your explicit consent before transferring your data.
- Ensure Adequate Protection: Use appropriate safeguards, such as Standard Contractual
- Clauses (SCCs) approved by regulatory authorities, to ensure your data is protected.
ADVA Soft GmbH remains responsible for the protection of your personal data during transfers to third parties.
Verification of Identity, Response Time, and Right to Lodge a Complaint
To protect your privacy, we may need to verify your identity before processing your request. This may involve additional information or steps to ensure that we are communicating with the correct individual.
We aim to acknowledge your request within ten business days and provide a substantive response within one month. If we require more time, we will inform you of the reason for the delay and the expected extension period.
If you believe we have not complied with applicable data protection laws, you have the right to file a complaint with a supervisory authority in your jurisdiction.
What Personal Data Collected and How Used, Retention Periods and Data Sharing
At ADVA Soft GmbH, we collect and process personal data for various purposes. Below is a breakdown of the personal data we process, how we obtain it, the reasons for its use, the duration of retention, and potential third parties with whom we may share it:
| Category of Personal Data | How We Obtain It | Purpose of Use | Retention Period | Third Parties Involved |
|---|---|---|---|---|
| User Profile Information | Directly from users via the app | To personalize user experience and provide customer support | As long as the account is active | Internal team for support and analysis |
| Usage Data | Automatically through the app | To improve app features and performance | Retained for analysis purposes, generally not more than 24 months | Analytics providers |
| Payment Information | When processing subscriptions | To handle billing and payment transactions | Retained as required by law (typically 7 years for tax purposes) | Payment processors |
| Feedback and Support Requests | Directly from users via support channels | To address user inquiries and improve services | Retained for 12 months after resolution | Support team and relevant third-party services |
| Images or Photos of Meals | Uploaded by the app after taking the photo | To analyze meal components, provide calorie counts, and improve AI functionality | Retained temporarily for processing | Anthropic PBC, Anthropic Ireland |
Below is a detailed explanation of how we handle your information:
1. Account Registration and Authentication
Legal Basis: Performance of a contract with you.
Data Collected: Email address hashed and salted password (not accessible to us), authentication tokens, user UUID (Universally Unique Identifier).
Purpose: To create and secure your Happy Plate app account.
How Collected: Information you provide during account creation. If you use Apple Single Sign-On (SSO), we collect data from these services during registration.
Retention Period: As long as your account remains active, regardless of your subscription status.
Third Parties Involved: Google LLC (Firebase Cloud Firestore) – used for data storage and authentication.
2. Support and Assistance
Legal Basis: Performance of a contract and legitimate interests in providing effective customer service and enhancing user experience.
Data Collected:
- User Account Information: Unique ID, name (if provided), email, language preference, last activity date, last feedback date, state and country, message history with timestamps and content.
- Device/Environment Data: Device logs, hardware details, system information, app version, device identifiers, and other technical data.
- Support Ticket Information: Your support requests, email communications, timestamps, and any uploaded screenshots or recordings.
Purpose: To address your inquiries, troubleshoot issues, and improve our services.
How Collected: Direct communication through the app, email, or support channels. Some device information is collected automatically to assist in diagnosing technical issues.
Retention Period: Personal data in support requests is retained as long as the related account is active, and the support request is open. Archived support tickets are deleted within one year.
Third Parties Involved: Data may be processed using internal tools and may be stored on servers provided by our cloud service providers.
3. Personalized App Features
Legal Basis: Your consent (for optional data and integrations) and legitimate interests (for mandatory app functionality).
Data Collected:
- Personal Details: Name, date of birth, email, sex.
- User Preferences and Settings: Dashboard configuration, food logging preferences, timeline and period tracking, check-in day settings.
- App Usage Information: Interactions with the app, completion of onboarding steps, acceptance of disclaimers.
- User Goals: Health and fitness objectives you set within the app.
- Customized Programs: Calorie targets and macro programs generated based on your input.
- Body Metrics: Weight, height, body fat percentage, measurements (e.g., waist, hips, arms, legs), ratios like waist-to-height.
- Nutritional Intake: Macro and micronutrient intake, protein, carbohydrates, and fat percentages.
- Lifestyle Information: Cardio experience, exercise frequency, activity levels, strength training experience.
- Integration Data: Information from Apple Health or other third-party services, with your explicit permission.
Purpose: To offer personalized meal planning, tracking, and recommendations, enhancing your app experience and functionality.
How Collected: Information you manually enter into the app. Data accessed from third-party services like Apple Health, with your explicit consent.
Retention Period: Data is retained as long as your account exists or until you delete your entries. We may implement an automatic data deletion policy for inactive users in the future, with prior notifications.
Third Parties Involved: Google LLC (Firebase Cloud Firestore) for data storage.
4. Communications and Mailings
Legal Basis: Legitimate interests in keeping users informed and sharing relevant content.
Data Collected: Email address, subscription status (active or canceled), analytics on email interactions (opens, clicks, unsubscribes).
Purpose: To send informative communications, updates about the app, and promotional content for new products or features.
How Collected: Information you provide during registration or through account settings.
Retention Period: Data is retained as long as you remain subscribed or until you opt out of communications.
5. Analytics and Improvements
Legal Basis: Legitimate interests in improving the user experience and optimizing our services.
Data Collected: App usage data, user behavior metrics, timestamps of interactions, screen views, user actions, retention data. Data is aggregated and anonymized where possible.
Purpose: To analyze user behavior, identify trends, and make data-driven decisions for app enhancements and marketing strategies.
How Collected: Automatically collected by analytics tools like Firebase when you interact with the app.
Retention Period: Aggregated data is retained indefinitely for analysis purposes.
Third Parties Involved: Mixpanel Inc for data collection and analysis.
6. Subscription Management (when applicable)
Legal Basis: Performance of a contract with you.
Data Collected:
- Email address
- User UUID
- Country
- Affiliate code used during purchase
- Subscription status and length
- Purchase history and transaction IDs
- Location and currency
- Transaction history
Purpose: To manage user subscriptions for the app, including sign-ups, billing, renewals, cancellations, and refunds.
How Collected: Information is obtained through the App Store during your subscription transactions.
Retention Period: Subscription information is stored according to the retention policies of Apple Inc. Data in our subscription management system is retained until you delete your app account.
Third Parties Involved:
- RevenueCat, Inc. – Subscription management software provider.
- Apple Inc. (App Store) – Handles billing and transactions.
Note: We do not have access to sensitive payment information like credit card numbers, as these are managed by Apple Inc.
7. Social Media Interaction
Legal Basis: Legitimate interests in engaging with our audience and promoting our services. For the processing of your personal data by social media platforms, please refer to their respective privacy policies.
Data Collected: Usernames (which may include real names), profile pictures, profile information, social media activity, direct messages, posts where we are tagged, and any other information you choose to share. This may include app usage details, dietary preferences, success stories, photos, and, in some cases, medical history.
Purpose: To engage with users, provide support, enhance brand awareness, and interact on social media platforms.
How Collected: Direct interactions on platforms like Facebook, Instagram, Twitter, TikTok, and YouTube. Some data may also be collected and provided by these platforms.
Retention Period: Data in social media posts is retained as long as those posts exist. Messages are kept as long as stored by us.
Third Parties Involved:
- Meta Platforms, Inc. (Facebook, Instagram)
- Reddit, Inc. (Reddit)
- Google LLC (YouTube)
- X Corp (Twitter)
- TikTok Inc. (TikTok)
8. Social Media Advertising
Legal Basis: Legitimate interests in marketing and promoting our services. Meta Platforms may rely on different legal bases for processing your data, as outlined in their privacy policies.
Data Collected: Online identifiers, behavioral data, marketing-related information such as social media user IDs, demographic data, interests, and online behavior.
Purpose: To conduct advertising campaigns on social media platforms like Facebook and Instagram, promoting the app and website, increasing user engagement, conducting market research, and evaluating marketing effectiveness.
How Collected: Data is sourced from Meta Platforms, Inc. through their advertising platforms.
Retention Period: Data is retained as long as it is available through Meta Platforms.
Third Parties Involved: Meta Platforms, Inc. (Facebook, Instagram).
9. Knowledge Base Access
Legal Basis: Legitimate interests in marketing and promoting our services. Meta Platforms may rely on different legal bases for processing your data, as outlined in their privacy policies.
Data Collected: Online identifiers, behavioral data, marketing-related information such as social media user IDs, demographic data, interests, and online behavior.
Purpose: To conduct advertising campaigns on social media platforms like Facebook and Instagram, promoting the app and website, increasing user engagement, conducting market research, and evaluating marketing effectiveness.
How Collected: Data is sourced from Meta Platforms, Inc. through their advertising platforms.
Retention Period: Data is retained as long as it is available through Meta Platforms.
Third Parties Involved: Meta Platforms, Inc. (Facebook, Instagram).
9. Knowledge Base Access
Legal Basis: Legitimate interests in providing support and enhancing user experience.
Data Collected: Email addresses or user IDs, interaction data such as search queries and questions asked.
Purpose: To provide users with access to the Knowledge Base for support and information.
How Collected: Data is collected when you access the Knowledge Base through the app or website.
Retention Period: Data is retained as long as your app account is active.
10. Hosting and Backend Infrastructure
Legal Basis: Performance of a contract with you.
Data Collected: All personal data necessary for app functionality, as described in other sections.
Purpose: To securely host and maintain application data, manage backend infrastructure, and ensure optimal performance and scalability of the app.
How Collected: Data provided by users during registration and through ongoing interactions with the app
Retention Period: Data is retained as long as your app account exists.
Third Parties Involved: Google LLC (Firebase Cloud Firestore) for data hosting and backend services.
11. Cookie Consent Management and Use of Cookies
Legal Basis: We have a legal obligation to secure and document user consent for the use of cookies and tracking technologies.
Data Collected:
- Partially Anonymized IP Address: Used for geographical identification.
- Consent Timestamp: The time when you provided your consent.
- Consent Choices: Your opt-in/opt-out selections for each cookie category.
- Cookie Identifiers: Unique IDs assigned to your device.
- Page Views: Information about the pages you visit.
- Geographical Region: General location data.
Purpose: We record and retain your cookie consent preferences on our website (companyname.com) to ensure compliance with your choices and enhance your user experience.
How Collected: We collect this information through your interactions with our cookie consent banner on the website.
Retention Period: Currently, this data is retained indefinitely to comply with legal requirements and for record-keeping purposes
12. Cookies and Similar Technologies
Cookies are small files stored on your device containing device-specific information. We use cookies for various purposes:
- Session Management: To maintain your session and ensure smooth navigation across our website.
- Preference Storage: To remember your settings and preferences for future visits.
- Analytics: To understand how users interact with our website and to improve our services.
Types of Cookies:
- Session Cookies: Temporary cookies that are deleted when you close your browser.
- Persistent Cookies: Cookies that remain on your device after closing the browser but have an expiration date.
Managing Cookies
You can adjust your browser settings to refuse cookies or to alert you when cookies are being sent. Please note that disabling cookies may affect the functionality of our website. For more information on managing cookies, please visit About Cookies.
13. Meal Scanning
Legal Basis: The legal basis for processing your personal data through the meal scanning feature is your explicit consent, which you provide by opting to use this feature.
Data Collected: Images or photos of meals; metadata associated with the uploaded images, such as timestamps and geolocation data (if enabled); any personal data embedded in the inputs, including text descriptions and associated metadata; Ai-generated responses (outputs) based on your inputs.
Purpose: The primary purposes of collecting and processing this data include analyzing meal components, providing accurate calorie counts, improving user experience through tailored and responsive outputs, allowing users to interact with and receive meaningful insights from the services under this App, and enhancing the AI tool’s accuracy and functionality while adhering to applicable privacy and data protection standards.
How Collected: Data is collected when you voluntarily upload images or photos of meals or provide Inputs to the app. This data is transmitted securely to the Claude 3.5 Sonnet tool for analysis and processing. Measures are in place to ensure data security during transmission and storage.
Retention Period: Your inputs and associated outputs will be retained only as long as necessary to provide the services under this App effectively or as required by law. Images and other inputs may be stored temporarily to ensure accurate analysis and processing but are deleted after a predefined retention period unless explicitly agreed otherwise.
Third Parties Involved: Anthropic PBC and Anthropic Ireland.
Children's Privacy
Our services are not intended for individuals under the age of 14. We do not knowingly collect personal data from children under 14. If you become aware that a child has provided us with personal data, please contact us, and we will take steps to delete such information
Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of significant changes by posting the updated policy on this page and updating the "Effective Date." We encourage you to review this policy periodically.