Last updated: August 2021

Privacy statement iOS App EN

This privacy statement applies to the mobile app Winkt (the “App”) and Winkt websites that can be visited through the App (the “Website”). Both together are referred to as “Services”.

1. General

With regard to the Services, Winkt is the data controller in terms of the General Data Protection Regulation (“GDPR”).

Winkt GbR c/o Latentine GmbH, Alexandrinenstraße 4, 10969 Berlin Germany, Telefon: 0175 3204967, Email: info@winkt.me

This privacy statement provides information about how we collect and process personal data in connection with our Services.

2. Data that we collect and process

 

Personal data is any information relating to an identified or identifiable natural person (data subject) by which it can be identified, directly or indirectly. This information includes name, location data, an online identifier or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of the natural person (Article 4 paragraph 1). The definition is broad and makes it quite clear that even IP addresses can also be personal data.

The data must be collected and used exclusively for the purposes stated by the company (online service).

Before you start sharing your positive emotions, it is important that you understand that by using our Services, you consent to us collecting, using, disclosing, and storing your personal information and other information, but we will never read, listen to or view the messages and content that you share privately. You can be assured that we will only use your information in the manner described in this Policy. Please also note our Terms of Use.

We do not recommend using default consent boxes with a checkmark already placed or other methods of obtaining consent by default. Consent also cannot be expressed by the user's silence or inaction. Information about how to withdraw consent to the processing of personal data should be posted in a way that the user can easily find it.

Data that we ask for: 

Location (version 1)

Help us to make Winkt better (version 2)

The video camera of device access

Access to the device gallery

Data that we store: 

Location

Phone number

Password

Picture/Photo

Username

If the user writes something about himself in profile: Date of birth (if the user adds it to profile), Messages, Comment, Likes, 

Information about your network status

process your payments

Circles which users create

Winkt ID

Data that we use

Location

Register

Account

Circles

Like of Circle

Why do we ask for geolocation?

Using geo-data in the background is necessary to receive notifications from other Winkt users about new Winkt circles within a radius of 300 meters. The user can change the action of his wink/circle to any distance from 1m to 300 maximum. If the user has reduced the distance of his circle, only those users who are within the radius set by another user can see his wink/circle. Since the application is geo-located and the contact with other winkt users is only possible by geo-location, it is necessary to determine the location of the user, as the area of the application is limited to a radius of 300 m. Outside of this radius, the user can not see the wink/circle of other winkt users. Any contact between the user and another user is only by geo location wink/circle/comments/links/reports (maximum 300 meters). If the user has registered in the winkt app and has given permission to use his geo data, none of the other users can see where he is this user, unless he himself shows himself by creating a winkt/circle/comment.

Unless otherwise specified, we retain information for as long as is necessary and relevant for us to achieve the above purposes or to ensure compliance with our legal data protection obligations. Once your account is deactivated, we will retain the minimum amount of data about you that we are required to retain by law or other legal requirements. We may store activity data anonymously in order to improve our service

a. In general, you can use the Services without providing any personal information such as e.g. your name, email address, postal address, telephone number, financial information (all such information concerning the personal or material circumstances of an identified or identifiable individual data subject together “Personal Data”). Therefore, unless otherwise provided for in this privacy policy if you do not provide us directly with Personal Data in another way or actively consent to the Use by us of certain Personal Data, we do not use your Personal Data.

b. In connection with the use of the App a random user number (hash value) is generated for you that allows us to allocate your Winkt activities to an account. The use of such a number is required for the registration of your account (as without such value we cannot connect your activities within the App to your account and therefore use of the App would not be possible). We cannot relate this number or the account to your name or other personal information of you. Furthermore, we also store data on the language in which you use the App in order to to provide to you the App and respective content in your preferred language.

c. We assign the following data to the user number and store them:

  • Data about the language in which you use the App;

  • Your interaction with the App, such as:
    - Your Winkt;
    - Your comments on other users’ posts;
    - Your answers to surveys;

  • Technical data transmitted by your mobile device, such as:
    - Your IP address;
    - The time periods in which you use the App;
    - The date of registration of your account;
    - The operating system of your device;
    - The type of device used by you;

  • Other data, if you actively provide us with such data in the App, such as name or gender, unless you contact us to delete this data;

  • Data on the approximate location where the accuracy varies with the location service used by Apple and Google (Wlan, GPS, radio cell). Apple and Google will optimize themselves which approach will yield the best results in a given situation for the user with the least strain on the battery life. Winkt has no influence over this process.

  • Contact details (e-mail address and country of residence) when you contact us.

d. We also process data on the frequency of use and user behavior in the App for the purpose of operating the App as well as statistical evaluation and improvement of the App.

3. How and for what purpose we process data, and the legal basis of such processing

a. Except in the cases mentioned below, we will only disclose personal data if and to the extent that we are required to do so by law or by a court or administrative order. The legal basis for this is Art. 6 (1) lit. c GDPR (legal obligation).

b. For the registration to Winkt and for the generation of your random user number we use the data which we received from Google through your registration to Winkt. This relies on the pre-contractual or. contractual measures between you and Winkt according to Art. 6 (1) lit. b GDPR.

c. We use your user number to connect activities in the App with your account and, thus, to enable the operation of the App, as well as for identification purposes if you assert the data protection rights to which you are entitled. To make Winkt a safe place, we take violations of the Winkt terms of use very seriously. We store a unique identifier of blocked users for a period of 18 months to ensure that these blocked users cannot open a new account on their respective mobile devices. The legal basis for such processing is Art. 6 (1) lit. f GDPR (legitimate interests; the legitimate interest in using these data results from the fact that access to the App is not possible without these data).

d. We process the above-mentioned data for the following purposes and in the following ways:

  • Language of App use: To make the App and its contents available in your preferred language; the legal basis for such processing is Art. 6 (1) lit. f GDPR (legitimate interest; the user should be shown the app in his native language in order to be able to understand the content);

  • Winkt, comments, answers to surveys: On the operation of the App, in particular on the presentation of the contents generated by you in the App; the legal basis for such processing is Art. 6 (1) lit. b GDPR (performance of a contract and pre-contractual measures);

  • Technical data: To distinguish actual App users from bots, to prevent misuse, and to block illegal content reported by other users; in anonymous form also for the purpose of statistical analysis; the legal basis for such processing is Art. 6 (1) lit. f GDPR (legitimate interests; legitimate interest in being able to distinguish users from bots, prevent misuse and block illegal content);

  • Location data: (your current location): To provide localized and location-based information in the App and thus ensure the full functionality of the App; the legal basis for such processing is Art. 6 (1) lit. b GDPR (performance of a contract and pre-contractual measures) and Art. 6 (1) lit. a GDPR (your consent or voluntary information);

  • Contact details: To reply to your request and to verify the facts in light of the rules and circumstances applicable in your country; the legal basis for such processing is Art. 6 (1) lit. f GDPR (legitimate interests; legitimate interest in us replying to your requests);

4. Use of analysis, advertising and other third-party tools

a. We use the IDFA (for iOS devices) and AAID (for Android devices) advertising identifiers (collectively the “Advertising Identifiers”). These Advertising Identifiers are non-personal, non-permanent identifiers on the mobile device. We do not combine these Advertising Identifiers with any other information relating to the device or the user’s personal data. The Advertising Identifiers collect the user number and enable us to obtain information about which route you used to connect with Winkt.

You can disable access to the Advertising Identifiers in your device’s settings by turning off ad tracking on iOS (under “Settings/Privacy/Advertising”) or resetting the AAID to Android (under “Settings/Advertising”). You can also disable the above tracking features in the “My Profile” section of the App.

The legal basis for the use of Advertising Identifiers is Art. 6 (1) lit. f GDPR (legitimate interests; we have a legitimate interest in being able to offer specific advertising).

b. We also analyze data of usage to better understand user preferences through user actions. Next to our own analytics we also use the following tools:

aa. Google Analytics

Within our app, you may be redirected to our website. In this case, we use Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help analyze how you use the Website. The information generated by the cookie about your use of the Website will normally be transmitted to and stored by Google on servers in the United States. Google will use this information on behalf of the operator of the Website for the purpose of evaluating your use of the Website, compiling reports on Website activity, and providing other services for the Website operator relating to Website activity and internet usage. You may refuse the use of cookies by selecting the appropriate settings on your browser, however, please note that if you do this you may not be able to use all functions of the Website. You can also opt out from the storage by Google of the data that is created by the cookie and is related to the use of the Website (including your IP address) and the processing of such data by Google by downloading and installing the Google Analytics opt-out browser add-on available under https://tools.google.com/dlpage/gaoptout?hl=en. For further information on Google Analytics please refer to: http://www.google.com/analytics/terms/gb.html, https://support.google.com/analytics/answer/6004245?hl=en, http://www.google.de/intl/en-GB/policies/privacy/.

Since a transfer of personal data to the U.S. takes place, further appropriate safeguards are required to ensure the level of data protection under the GDPR. To guarantee this, we have concluded standard contractual clauses with the provider in accordance with Art. 46 Para. 2 lit. c GDPR. These oblige the recipient of the data in the U.S. to process the data according to the level of protection in Europe. In cases in which this cannot be guaranteed even by this contractual extension, we endeavour to obtain additional regulations and commitments from the recipient in the U.S.

The data will be deleted as soon as it is no longer necessary for the purpose for which it was collected.

5. Contact form via Wix

If you write to us via the contact form, your details from the inquiry form or your e-mail will be stored by us for the purpose of processing the inquiry and in case you have follow-up questions. An e-mail address is required for contact purposes. Under no circumstances will we share these data without your consent. The legal basis for processing the data is our legitimate interest in replying to your request. We use the Wix tool to reply to your request. Wix processes your data on our behalf only. Your data will be deleted after the final processing of your request unless there are legal obligations to keep records. You can object to the processing of your personal data at any time in accordance with Art. 6 (1) lit. f GDPR.

6. Technical implementation of third-party software

In some cases, we use service providers who process personal data on our behalf to provide the technical platform for the Services. These service providers process corresponding data exclusively according to our specifications (order processing). The legal basis for data processing described in this section 4 is Art. 6 (1) lit. b GDPR (lawfulness of processing) and Art. 28 GDPR (processor).

7. Storage period for personal data

Unless a shorter storage period is specified in this privacy statement, we will store personal data for as long as (i) it is necessary to provide the Services to you; and/or (ii) it is necessary for view of the contractual relationship with you. Thereafter, the data will only be stored if and to the extent that we are obliged to do so by law. If we no longer need the relevant personal data for the purposes described above, these personal data will only be stored for the duration of the respective statutory retention obligations and will not be processed for other purposes.

8. Your rights

You have the following rights regarding your personal data:

Right to information

You have the right to request information about your personal data processed by us in accordance with Art. 15 GDPR.

Right to rectification

The right to immediately request the correction of incorrect or complete personal data stored by us in accordance with Art. 16 GDPR.

Right to have data erased

You have the right to have your personal data erased in accordance with Art. 17 GDPR. According to this provision, your right to have your data erased may be excluded due to a conflicting interest.

Right to restriction

You have the right to have the processing of personal data concerning you limited in accordance with Art. 18 GDPR.

Right to withdraw the given consent

You have the right to withdraw your given consent to the processing of your personal data at any time according to Art. 7 para. 3 GDPR.

Right to data portability

The right to receive your personal data that you have provided to us in a structured, current, and machine-readable format or to request its transfer to another person responsible in accordance with Art. 20 GDPR.

Right to complain to a data protection regulatory authority

The right to complain to a supervisory authority pursuant to Art. 77 GDPR. As a rule, you can contact the supervisory authority of the federal state in which we have our registered office or, if applicable, that of your usual place of work or usual residence.

Right to object

Right of objection If your personal data is processed by us on the basis of legitimate interests pursuant to Art. 6 para. 1 lit. f GDPR, you have the right to object to the processing of your personal data in accordance with Art. 21 GDPR, insofar as this is for reasons resulting from your particular situation. If the objection is directed against the processing of personal data for the purpose of direct marketing, you have a general right of objection without the requirement to indicate a special situation.

9. Contact; data protection officer

You can contact us at the e-mail address info@winkt.me stated in section 1 above and/or via the contact form in the App or on our website.

For all questions regarding data protection at Winkt you can contact Winkt’s data protection officer directly. The contact details of the data protection officer are as follows:

Winkt, Datenschutzbeauftragter, Alexandrinenstraße 4, 10969 Berlin Germany

10. Protection of personal data

We attach great importance to the protection of all personal data related to the App or its use. We have security measures in place for protection against the loss, misuse, and alteration of the data we store. Our security measures and privacy statement are regularly reviewed and, where appropriate, updated and improved. Only authorized employees have access to personal data.

We have taken additional, extensive precautions regarding the App and its use. Regardless of these precautions, the user should be aware that, regardless of any security measures, the exchange of information via the Internet can never be completely secure. We cannot guarantee the security of data transmitted via the App while it is being transmitted over the Internet.

11. Transparency report

Starting 2022, we will once a year publish a Transparency Report, which we will prepared to let you know how our moderation system and cooperation with legal authorities works, what were the biggest challenges in the last few months and what is coming in the future.

Since Winkt started we have always deeply respected our user’s right to privacy while at the same time granting the right to free uncensored speech. Additionally, for the last weeks, we have been working hard on making sure that our internal processes are in line with the new GDPR law. That is why you can be sure that this topic is especially important for us.