Privacy Policy for the Memoro App

Introduction

We are delighted about your interest in our app. Data protection has a particularly high priority for the management of Memoro GmbH. This privacy policy aims to inform you about the type, scope and purpose of the collection and use of personal data when using our app.

1. Responsible Party

The responsible party within the meaning of the General Data Protection Regulation (GDPR) is:

Memoro GmbH Reichenaustraße 11a 78464 Konstanz Phone: 0049 176 444 343 85 Email: [email protected]

2. Definitions

This privacy policy is based on the terms used by the European legislator for the adoption of the General Data Protection Regulation (GDPR). Our privacy policy should be easy to read and understand, for the public as well as for our customers and business partners. To ensure this, we would like to explain the terms used beforehand:

  • Personal data: Any information relating to an identified or identifiable natural person.
  • Data subject: Any identified or identifiable natural person whose personal data is processed by the controller.
  • Processing: Any operation or set of operations performed on personal data, whether or not by automated means.
  • Restriction of processing: The marking of stored personal data with the aim of limiting its processing in the future.
  • Profiling: Any automated processing of personal data to evaluate certain personal aspects relating to a natural person.
  • Pseudonymization: The processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information.
  • Controller: The natural or legal person, who alone or jointly with others determines the purposes and means of the processing of personal data.
  • Processor: A natural or legal person who processes personal data on behalf of the controller.
  • Recipient: A natural or legal person to whom personal data is disclosed.
  • Third party: A natural or legal person other than the data subject, controller, processor and persons authorized to process personal data under the direct authority of the controller or processor.
  • Consent: Any freely given, specific, informed and unambiguous indication of the data subject's wishes by which they signify agreement to the processing of personal data relating to them.

3. Purposes of Data Processing

3.1. Processing of Voice Recordings, Transcriptions and Summaries

  • Purpose of Data Processing: The processing of your voice recordings is for the purpose of transcription and subsequent creation of summaries. This data processing is exclusively for your personal use, and the results will only be made available to you.
  • Type of Data Processed:
  • Voice recordings
  • Transcriptions of voice recordings
  • Summaries of transcriptions
  • Note on Recording Others: Please note that recording voice recordings of other persons without their express consent violates the GDPR. You are obliged to ensure that all recorded persons have given their consent for the processing of the voice recordings. It is your responsibility to obtain and prove this consent.

3.2. Processing of Usage Data

  • Purpose of Data Processing: Usage data is collected to improve the functionality and user-friendliness of our app.
  • Type of Data Processed:
  • IP address of the mobile device
  • Device type
  • Unique device identification
  • Mobile device operating system
  • Type of mobile internet browser
  • Unique device identifiers
  • Diagnostic data

4. Legal Bases for Processing

  • Art. 6 I lit. a GDPR serves as the legal basis for processing operations for which we obtain consent for a specific processing purpose.
  • If the processing of personal data is necessary for the performance of a contract to which the data subject is a party, as is the case, for example, with processing operations necessary for the supply of goods or the provision of any other service or consideration, the processing is based on Art. 6 I lit. b GDPR. The same applies to such processing operations which are necessary for carrying out pre-contractual measures.
  • If our company is subject to a legal obligation by which the processing of personal data is required, such as for the fulfillment of tax obligations, the processing is based on Art. 6 I lit. c GDPR.
  • In rare cases, the processing of personal data may be necessary to protect the vital interests of the data subject or of another natural person. This would be the case, for example, if a visitor were injured in our company and his/her name, age, health insurance data or other vital information would have to be passed on to a doctor, hospital or other third party. Then the processing would be based on Art. 6 I lit. d GDPR.
  • Finally, processing operations could be based on Art. 6 I lit. f GDPR. This legal basis is used for processing operations which are not covered by any of the aforementioned legal grounds, if processing is necessary for the purposes of the legitimate interests pursued by our company or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject. Such processing operations are particularly permissible because they have been specifically mentioned by the European legislator. The legislator took the view that a legitimate interest could be assumed if the data subject is a client of the controller (Recital 47 Sentence 2 GDPR).
  • If special categories of personal data as defined in Article 9 GDPR are processed, the processing is also based on your explicit consent pursuant to Article 9 paragraph 2 letter a GDPR.

5. Data Security

We use encryption technologies to protect your data during transmission. The stored data is protected by restricted access rights, so that only you can access your personal data.

6. Duration of Storage

The criterion for the duration of the storage of personal data is the respective statutory retention period. After the expiry of that period, the corresponding data is routinely deleted, as long as it is no longer necessary for the fulfillment of a contract or the initiation of a contract.

  • Usage Data: This data will be kept for a maximum of 26 months after collection, unless it is no longer needed for analytical purposes or to improve the services.
  • Voice Recordings, Transcriptions and Summaries: This data will be kept for the duration of the usage relationship and will be deleted at the latest 6 months after the end of the usage relationship.
  • Diagnostic Data and Error Reports: This data will be kept for a maximum of 90 days after collection, unless it is no longer needed for error analysis or to improve the services.

7. Statutory or Contractual Requirements for the Provision of Personal Data

We inform you that the provision of personal data is partly required by law (e.g. tax regulations) or can also result from contractual provisions (e.g. information on the contractual partner). Sometimes, in order to conclude a contract, it may be necessary for a data subject to provide us with personal data, which must subsequently be processed by us. The data subject is, for example, obliged to provide us with personal data when our company signs a contract with him/her. Failure to provide the personal data would have the consequence that the contract with the data subject could not be concluded. Before providing personal data by the data subject, the data subject must contact one of our employees. Our employee will inform the data subject on a case-by-case basis whether the provision of the personal data is required by law or contract or is necessary for the conclusion of the contract, whether there is an obligation to provide the personal data, and the consequences of not providing the personal data.

8. Service Providers

We employ third-party companies and individuals to support our app ("Service Providers"), to provide services on our behalf, to perform service-related services or to assist us in analyzing how our app is used.

These third parties have access to your personal data only to perform these tasks on our behalf and are obligated not to disclose or use it for other purposes.

9. Use of Cloud Services

We use the services of Google Cloud, Microsoft Azure, and Firebase to make our data processing efficient and secure. These service providers are GDPR compliant, and the data is stored in data centers within the European Union. These service providers act as processors in accordance with Art. 28 GDPR, and we have concluded corresponding data processing agreements to ensure the protection of your data.

The processing of your data by these cloud service providers is carried out exclusively on our instructions and within the framework of applicable data protection laws. We have implemented technical and organizational measures to ensure the security of your data.

  • Google Cloud Provider: Google Ireland Limited Address: Gordon House, Barrow Street, Dublin 4, Ireland Privacy Information: Google Cloud Privacy

  • Microsoft Azure Provider: Microsoft Ireland Operations, Ltd. Address: One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland Privacy Information: Microsoft Azure Privacy

  • Firebase Provider: Google Ireland Limited Address: Gordon House, Barrow Street, Dublin 4, Ireland Privacy Information: Firebase Privacy

9.1. Firebase Services

We use the services of Firebase to support various functions of our app. These services include, but are not limited to:

  • Firebase Analytics: For analyzing user behavior in our app
  • Firebase Cloud Messaging: For sending push notifications
  • Firebase Realtime Database: For storing and synchronizing data in real-time
  • Firebase Storage: For securely storing media and files
  • Firebase Crashlytics: For detecting and analyzing app crashes and errors

9.2. Azure Services

We use the services of Microsoft Azure to support various functions of our app. These services include, but are not limited to:

  • Azure OpenAI: For utilizing AI services and machine learning
  • Azure Speech: For speech recognition and synthesis

10. Use of Google Analytics

Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the collected data to monitor and analyze the use of our app. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads in its own advertising network.

For more information about Google's privacy practices, please visit the Google Privacy & Terms web page: Google Privacy & Terms

We also recommend that you review Google's privacy safeguards for protecting your data: Google Analytics Safeguarding Your Data.

Further information and the applicable data protection provisions of Google can be accessed at Google Privacy and Google Analytics Terms.

11. Existence of Automated Decision-Making

As a responsible company, we refrain from any automatic decision-making or profiling.

12. Rights of the Data Subject

You have the right:

  • to obtain information about the personal data stored about you (Article 15 GDPR),
  • to rectification of inaccurate data (Article 16 GDPR),
  • to erasure (Article 17 GDPR),
  • to restriction of processing (Article 18 GDPR),
  • to data portability (Article 20 GDPR),
  • to object to the processing (Article 21 GDPR),
  • to withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal (Article 7 paragraph 3 GDPR),
  • to lodge a complaint with a supervisory authority (Article 77 GDPR).

Withdrawal of Consent:

You can withdraw your consent to the processing of your personal data at any time. The withdrawal can be made in writing or by email to the contact details provided above. Your data will be deleted immediately after the withdrawal, unless there are legal retention obligations that prevent this.

13. Changes to the Privacy Policy

We reserve the right to update this privacy policy as needed. We will inform you of any significant changes through a notification in the app.

Hintergrundmuster

Download Memoro for free

Download