Version: 1.0.0 (18-Oct-2016)
This is the privacy policy for all user of the “myWorkouts” Android app.
This policy can change any time but will be announced in updated versions of the app.
No use or sale of personal data without the consent of the user
The data stored in myWorkouts is and remains private. Only after active consent of the user or explicit sharing (“sharing”, “publishing”), certain data can be viewed by others.
If the app or the app’s manufacturer is sold, then the stored data will only be made available to the new owner after the user has given his active consent. If he has not actively done this, the data does not actually exist for the buyer.
Protection as good as possible - no guarantee for this
The stored data and the transport of the data between devices is protected as best as possible or appropriate according to current technical knowledge and recognized procedures. Should the data reach the hands of third parties by correspondingly large criminal energy, this is to be regarded as “force majeure” and the manufacturer of the app can only be held responsible for the resulting damage if gross negligence or intent is proven.
Data can be used for anonymous evaluations
With a correspondingly large amount of data, these can be used for evaluations, marketing purposes and for the improvement of the offer. In doing so, it is guaranteed that no conclusions can be drawn about individual persons, their movements, performances, habits or characteristics, ie. Privacy is always maintained. Of course, all persons who have access to the data are subject to absolute discretion, or the data are anonymised for evaluation beforehand.
Collection of anonymous user data to optimize the app
In order to find out which features of the app are more or less used or how certain functions are executed, the app gathers usage data moderately. These data are never evaluated on a personal level, but only in bulk and anonymously. The data collection is used exclusively for the optimization of the offer and the determination of the quantity with regard to use.
Stored data are mostly protected by Android
The app stores settings (e.g., size, weight, date of birth, pulse zones) on the device. The usual protection mechanisms of Android are used, so that these data can not be tapped by other apps or persons. No further encryption takes place.
It also saves all workout data in a database on the device. This is also protected with Android protection mechanisms against insight or manipulation of other apps.
The app also stores so-called access tokens, which can be considered as limited valid technical passwords. These are used for synchronization, but this feature must be enabled actively by the user.
Exceptions - caution, access by third party
There are some features of the app that export data. For example, GPS data of a workout is exported to the SD card as a “GPX file”. It is possible to store all workouts in an unencrypted file on the SD card, for example, to transport data to a new device. In these cases, other apps might read or even send these files. This is not very likely, but it is quite possible. As a user, however, you do not have to perform these functions, and the synchronization can be used for secure transmission to other devices (extra feature, not included in the standard version).
When a user activates synchronization, the workout data is stored on a server in Europe, and all changes, including the user’s various devices, are kept synchronized. The server is protected against access by third parties using the usual technical means. However, no guarantee can be given that this data is always 100% safe at all times. The manufacturer of the app is liable for damages only in case of gross negligence or intent.
In order for the services of the app to function properly, the app requests some rights from the Android operating system. Here you find the rights and for what purpose they are used exclusively:
If the user activates recording of the GPS position when executing a workout, the geo-coordinates of the position of the device are requested and recorded at set time intervals of GPS-sensors. myWorkouts requests for exact location, meaning position is determined by GPS.
Is used for following features:
Used to receive data via external sensors (e.g., a heart-rate belt).
Used for …
Most user (99,9%) use the standard flavour of myWorkouts (org.myworkouts), so this is only for users of other flavours (myWorkouts next, org.myworkouts.next). In case of doubt, have a look at menu “Info / About” and see which flavour you’re using.
The myWorkouts variant “next”, which is not officially published and still under development, need additional some privileges.