Privacy Policy
Last changed 04.12.2023
Last changed 04.12.2023
- In the context of providing the Mirrolizer App, Vertify GmbH (“we”) process personal data within the meaning of the EU General Data Protection Regulation (“GDPR“), the Austrian Data Protection Act (“DSG”) and the Telecommunications Act 2021 (“TKG 2021”) also in the role of a data controller. With this privacy policy we inform you about the data processing and your rights as a data subject. You will find our contact details at the end of this privacy policy.
Due to the ongoing development of our Mirrolizer app or possible legal changes, it may become necessary to adapt this privacy policy. The version published on mirrolizer.com/privacy-policy shall apply.
GENERAL DESCRIPTION OF THE CATEGORIES OF DATA SUBJECTS
When providing the Mirrolizer app, we process personal data of app users, i.e., people who download the app and use it on their mobile device.
PROCESSING ACTIVITIES
2.1 Mirrolizer App Services
We do not process any personal data of users for the services of the Mirrolizer app. In order to use the app, it is not necessary to create an account in the app, to give us your name or contact details or to provide us with any other personal data.
The camera feed processed with the Mirrolizer app are processed on your smartphone without exception. We do not record any photos and videos; this is technically impossible.
2.2 Data processing for the technical provision and further development of the Mirrolizer App
2.2.1 Subject and purpose of data processing, storage period
For the technical provision, further development and troubleshooting of the Mirrolizer app, we use individual services of Google Firebase, Google LLC. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA).
The following services are used:
a) Firebase Core (Installation):
This is a basic module that processes data depending on the scope and purpose of the other Google Firebase services (see b) and c)).
In principle, the following personal data may be processed:
- Firebase installation ID (FID)
- IP address
- OS version
- device’s name
- device’s model name
- device’s resolution
This data is processed exclusively for the purpose of other Google Firebase services.
Storage duration: depending on use in one of the other Google Firebase services consulted
b) Firebase Crashlytics
For the purpose of troubleshooting within the Mirrolizer app, problems/crashes of the app are detected and documented in order to be able to implement troubleshooting for new releases.
The following personal data are processed for this purpose:
- Crashlytics Installation UUIDs (generated by the FID)
- Crash traces
- Minidump of formatted data with:
- RFC-4122 UUID
- Timestamp of when the crash occurred
- App’s bundle identifier and full version number
- Device’s operating system name and version number
- Boolean indicating whether the device was jailbroken/rooted
- Device’s model name, CPU architecture, amount of RAM and disk space
- Uint64 instruction pointer of every frame of every currently running thread
- If available in the runtime, the plain-text method or function name containing each instruction pointer.
- If an exception was thrown, the plain-text class name and message value of the exception
- If a fatal signal was raised, its name and integer code
- For each binary image loaded into the application, its name, UUID, byte size, and the uint64 base address at which it was loaded into RAM
- Boolean indicating whether or not the app was in the background at the time it crashed
- Integer value indicating the rotation of the screen at the time of crash
- Boolean indicating whether the device’s proximity sensor was triggered
Storage period: 90 days from data collection
c) Firebase Performance Monitoring
The following data is processed for the purpose of identifying performance problems in the Mirrolizer app, such as excessive processing times for videos, and to be able to implement optimisation for new releases:
- Firebase installation IDs
- App version
- IP address
- Device type
- Country code
- Language code
- Radio/Network information (for example, WiFi, LTE, 3G)
- Internet provider
- OS version
- App package name
- App foreground or background state
- App orientation
- RAM and disk size
- CPU usage
- Frames per second of camera processing
Storage period: IP- and installation-related events 30 days from data collection, all other data 90 days from data collection
Firebase Performance Monitoring uses an additional tool, Firebase Remote Config. This is a support tool for Firebase Performance Monitoring to control the enormous number of events. The following data is also processed for this purpose:
- Firebase installation IDs
- Country code
- Language code
- Time zone
- Platform version
- OS version
- Firebase Android App ID
- App package name
- Version of the Remote Config SDK used by the app
d) Firebase authentication
- Authentication SDK version
- Device metadata: OS version, name, model, brand, and form factor
- IP addresses
Storage period: Logged IP addresses will be automatically deleted after few weeks.
e) Cloud Firestore
- Firebase anonymous Authentication ID
- App Store / Play Store receipt for in-app purchases
- Whether the pro version is activated
f) Firebase Analytics
To gain a deeper understanding of how users engage with our app and to enhance its alignment with their needs in further updates, the following personal data are processed:
- Duration of stay per screen
- Device resolution
- FPS
- Whether the pro version is activated
The use of Crashlytics, Performance Monitoring, and Analytics can be deactivated at any time in the app settings. This does not affect the functionality of the Mirrolizer app.
Storage period: Data processed in the Firebase Remote Config Service will only be deleted at the user’s request.
g) Revenue Cat
When you make a purchase within Mirrolizer, we collect transaction data via RevenueCat. This is primarily done so that you can use the purchased products/services on all your devices (Android, iOS), and we also create anonymized statistics from it. See Privacy Policy of RevenueCat
2.2.2 Recipients
The data is processed by Google LLC. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) and made available to us for the above-mentioned purposes. The data is thus forwarded to Google LLC in the USA.
This recipient is based in the USA. Since the European Commission has not generally decided that the USA provide an adequate level of data protection, we have concluded standard contractual clauses for the transfer of personal data to third countries with the recipient.
2.2.3 Legal basis
The legal basis for the processing of our users’ data is our legitimate interest pursuant to Article 6(1)(f) GDPR. Our legitimate interest is the analysis of usage behaviour, the improvement and further development of the app’s functionalities and quality as well as the troubleshooting of the Mirrolizer app.
3. RECIPIENT OF PERSONAL DATA
Insofar as we transfer personal data to third parties in connection with the individual processing activities, we refer to section 2 above.
4. YOUR RIGHTS
You have the following rights in relation to the processing of your personal data:
Right to withdraw consent
If we process data relating to you on the basis of your consent (Art 6(1)(a) GDPR), you are entitled to withdraw your consent at any time. As of receipt of your revocation, we will no longer process the data; however, the withdrawal of consent will not affect the lawfulness of the processing carried out up to the time of withdrawal.
Right of access
You can request access to the data processed about you, in particular the origin and categories of the data processed, the storage period, the recipients and the purpose of the processing. Upon request, we will provide you with a copy of the personal data we process about you. We would like to point out that no information is to be provided if this would adversely affect business or trade secrets of the person responsible or third parties.
Right to rectification
If we process data about you that is inaccurate or incomplete, you may request that it be corrected or completed.
Right to erasure
You have the right to obtain the erasure of personal data relating to you under certain conditions. We would like to point out that a right to erasure pursuant to Article 17 of the GDPR does not exist in particular if we have to process the data in order to comply with a legal obligation or in order to be able to establish, exercise or defend legal claims.
Right to restriction of processing
If it is unclear whether the data processed about you is inaccurate, incomplete or being processed unlawfully, you may request that we restrict the use of your personal data.
Right to object to processing
Insofar as we process your personal data on the basis of legitimate interests (Art 6(1)(f) DGPR), you have the right to object on grounds relating to your particular situation. In this case, we will no longer process your data unless there are compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to establish, exercise or defend legal claims.
Right to data portability
Where we process personal data about you that you have provided to us, you may, in certain circumstances, request that this data be transferred to you in a machine-readable format. You may also instruct us to transfer this data directly to a third party of your choice, where this is technically feasible.
Right to complain
Although we make every effort to protect the privacy and integrity of your personal data, disagreements about the way we use your personal data cannot be ruled out. If you believe that the processing of your personal data infringes the GDPR, you are of course welcome to contact us at any time using the contact details below. You are also entitled to lodge a complaint with the Austrian Data Protection Authority.
5. CONTACT DETAILS OF THE DATA CONTROLLER
The data controller for the data processing activities described in this privacy policy is:
Vertify GmbH
Europastraße 1
7540 Güssing
Austria
For all your data protection concerns, in particular to exercise your rights, please contact us in writing (by e-mail) at dataprotection@vertifymed.com.
6. FURTHER INFORMATION
Please note that there may be other data processing activities in connection with the use of the Mirrolizer App for which third parties are responsible.
For detailed information on how these possible recipients process your personal data, please contact them as their respective controllers.