Personal data is processed in accordance with the GDPR. It is only processed after the user has given consent for this by accepting this privacy policy. The only exception is the case where processing of data is legally allowed without the user given consent. This can for example be the case when the processing is a legitimate interest of the data controller and this interest is not overridden by rights, interests or freedom of the user.
Any user related data is deleted shortly after the purpose for storage does not apply anymore. Data is also deleted in case a legal obligated storage period exceeds except when further storage is necessary by another legal obligation or for the performance of a contract in which the user is a participant.
Leif Both
Moritzstraße 37
44807 Bochum
Germany
Phone: +49 15206596155
E-Mail: leif.both@leifhacks-apps.com
The app requires some permissions to work properly.
A core functionality of the app is to request data via the internet. This requires the corresponding permission for internet connectivity.
The app offers the possibility to purchase a premium version of the app with additional functionalities. For this, it requires the corresponding permission for in-app purchases.
The user is able to create a support ticket via the app. In order to be notified via push notifications in case of a response to the ticket, the user can grant the corresponding permission for push notifications. If the permission is not granted, no notification is sent to the user's device.
The app provides the possibility to scan ISBN bar codes using the device's camera. This requires the corresponding permission.
The own created movie collection is stored on the device. This includes all shelves, the wish list, and all movies and series contained therein (with covers). Furthermore, labels and the like are stored locally.
If the online mode with login is used, the following user data will be stored on the device: Name, e-mail address, app-specific user ID, added friends.
The processing of the data described in 1.1 is a legitimate interest of the data controller and this interest is not overridden by the rights, interests or freedoms of the user. The personal data described in 1.2 will only be processed if the user has given his/her consent.
Storing data on the device is required so it is available permanently (e.g. after restarting the device). This is mandatory for the app to work.
All processed data is stored as long as the app is installed or the user manually removes the data via the device's storage settings.
Any processed data stored on the device can be removed anytime via the device's storage settings or by uninstalling the app.
If the online mode with login is used, data is sent to the app server and stored there.
The own created movie collection is stored on the server. This includes all shelves, the wish list, and all movies and series contained therein, including covers. Furthermore, labels and the like are stored.
The following user data is sent to the server: Name, app-specific user ID, device language, added friends.
The personal data specified in the above will only be processed if the user has given his consent.
Storage on the server is necessary so that they are available from different devices, or so that other users (if added as friends) can access them.
The collected data is stored as long as the app is installed. No later than 30 days after uninstallation, all the above data will be deleted from the server.
The data stored on the server can be deleted at any time under Help/Info → Privacy Settings → "Delete all data". Individual shelves can be set to "private" so that no other user has access to them anymore.
If the online mode with login is used, this login is done via Firebase.
The "My Movie Collection" app uses Firebase Authentication (https://firebase.google.com/docs/auth) to authenticate users. For this purpose, the login data used is sent to Firebase (example Gmail: Gmail address).
More information about Firebase and privacy can be found here:
https://firebase.google.com/support/privacy
Above mentioned personal data is only processed after the user has given consent.
The use of Firebase Authentication is necessary to ensure that only the user has access to his data and that the highest security standards apply when using login data.
Information on the duration of storage can be found on Firebase's privacy page:
https://policies.google.com/privacy
Information on possibilities of objection and removal can be found on the data protection page of Firebase:
https://policies.google.com/privacy
Search queries are used to find film or series for a specific search term or EAN.
The requests are send to external services (see below). The providers of these services store basic information like IP address or device info for each request.
Search queries are processed using the TMDB API. More information about TMDB and data protection can be found here: https://www.themoviedb.org/privacy-policy
Search requests for EANs are sent to the app server. No data beyond that specified in XI. and XII. is stored.
Above mentioned personal data is only processed after the user has given consent.
Search requests to online services are a useful way to access large databases and to use this information inside the app.
Further information on the storage time can be found on respective privacy pages.
Further information on Possibilities for Objection and Data Removal can be found on the respective privacy pages.
find further information on objection and deletion options on the respective data protection page.In the scope of in-app purchases the Google Play Store (for the Android app) or App Store (for the iOS app) are processing data. This covers especially data related to electronic payment. The data is processed locally by the app and stored on the device.
Further information on Google resp. Apple and privacy can be found here:
https://policies.google.com/privacy
https://www.apple.com/legal/privacy/
Purchase details are furthermore sent to the app server. This includes purchase id, product id, status and date of purchase but no data related to electronic payment
Processing of data is a legitimate interest of the data controller and this interest is not overridden by rights, interests or freedom of the user.
Processing of above mentioned data is responsible to verify in-app purchases as well as the determination which contents have been bought in order to provide them adequately to the customer.
Further information on the storage time can be found on the Privacy Page of Google resp. Apple:
https://policies.google.com/privacy
https://www.apple.com/legal/privacy/
The data stored on the app server is deleted in case they are not necessary for the initial purpose anymore.
The processing of above mentioned data is mandatory. Thus, there is no possibility for objection.
Push notifications are used to inform the user about answers to support tickets.
After the app’s installation a random token is generated which is uniquely identifies the current installation of the app. This token is necessary to receive push notifications or to associate other data with the device.
Push notifications are send by the app's Server to the Google Firebase servers in order to forward them to the associated device. Firebase is used as a transmitter only and cannot make any conclusions about the user. For further information about Google Firebase & Privacy please refer to:
https://policies.google.com/privacy
Token, device language and operating system (Android/iOS) are sent to the server and stored so that notifications can be delivered as desired.
Above mentioned personal data is only processed after the user has given consent.
Processing of above mentioned data is required to deliver push messages correctly.
Further information on the storage time can be found on the Privacy Page of Google:
https://policies.google.com/privacy
The user can deny the permission to send notifications.
Support tickets created by the user as well as the message history are stored on the app server. In addition, device related data is stored in case permission for this is granted by the user. This includes the used Firebase Cloud Messaging Token or purchase information. This data is not stored together with other user related data like mail address or user name.
Processing of data is a legitimate interest of the data controller and this interest is not overridden by rights, interests or freedom of the user.
The temporary storage of support tickets is required to allow replying to the requests. Device related data is required to identify potential errors and bugs. They are NOT used for marketing purposes.
The data is deleted in case they are not necessary for the initial purpose anymore.
The processing of above mentioned data is mandatory. Thus, there is no possibility for objection.
Some user interactions are processed on the app server. This contains information about consent to this privacy policy, onboarding activities or pricing page accesses. Besides the Firebase Cloud Messaging Token no personal data is processed and stored for this purpose.
Processing of data is a legitimate interest of the data controller and this interest is not overridden by rights, interests or freedom of the user.
The processing and storage of the data described above is necessary to securely prove the purchase of in-app products or the consent of the user.
The data is deleted in case they are not necessary for the initial purpose anymore.
The processing of above mentioned data is mandatory. Thus, there is no possibility for objection.
The “My DVD Collection” Server stores anonymized data about access into log files. The following data is logged:
- Date and time of the access
- On requesting this privacy policy in the browser: used browser and OS, used device
- Used IP
This data is not stored together with other user related data. The user’s IP is anonymized for long term storage.
Processing of data is a legitimate interest of the data controller and this interest is not overridden by rights, interests or freedom of the user.
The temporary storage of the full IP address for the current session is mandatory in order to deliver the requested data to the user’s device.
The log files are stored in order to ensure the functionality of the server. They are used to identify potential errors and bugs, for optimization purposes and to ensure the security of the IT system. They are NOT used for marketing purposes.
The data is deleted in case they are not necessary for the initial purpose anymore. In case of session data this is the case after the session has ended. Log files are deleted after 14 days at the latest.
The processing of above mentioned data is mandatory. Thus, there is no possibility for objection.
The “My DVD Collection” server is hosted by Netcup GmbH. The server is located in Germany. Netcup may store data about server accesses.
More information about Netcup and privacy can be found here:
https://www.netcup.de/kontakt/datenschutzerklaerung.php
Processing of data is a legitimate interest of the data controller and this interest is not overridden by rights, interests or freedom of the user.
Information on the purpose of data processing can be found on Netcup's privacy page:
https://www.netcup.de/kontakt/datenschutzerklaerung.php
You can find information about the duration of storage on Netcup's privacy page:
https://www.netcup.de/kontakt/datenschutzerklaerung.php
The processing of above mentioned data is mandatory. Thus, there is no possibility for objection.