Privacy policy app

BeFaster.fit is a fitness and running app with game-like elements.
The BeFaster.fit App is a product of BeFaster.fit Limited (hereinafter referred to as “we” or “us”). We make the App available to you. By using the App, Smart Contracts or the Website, you agree to be bound by these Terms of Use and all of the terms and conditions incorporated herein by reference (collectively, the “Terms”).

PLEASE READ THESE TERMS CAREFULLY BEFORE USING THE APP, THE SMART CONTRACTS, OR THE SITE. THESE TERMS GOVERN YOUR USE OF THE APP, THE SMART CONTRACTS, AND THE SITE, UNLESS WE HAVE EXECUTED A SEPARATE WRITTEN AGREEMENT WITH YOU FOR THAT PURPOSE. WE ARE ONLY WILLING TO MAKE THE APP, THE SMART CONTRACTS, AND THE SITE AVAILABLE TO YOU IF YOU ACCEPT ALL OF THESE TERMS. BY USING THE APP, THE SMART CONTRACTS, THE SITE, OR ANY PART OF THEM, OR BY CLICKING “I ACCEPT” BELOW OR INDICATING YOUR ACCEPTANCE IN AN ADJOINING BOX, YOU ARE CONFIRMING THAT YOU UNDERSTAND AND AGREE TO BE BOUND BY ALL OF THESE TERMS. IF YOU ARE ACCEPTING THESE TERMS ON BEHALF OF A COMPANY OR OTHER LEGAL ENTITY, YOU REPRESENT THAT YOU HAVE THE LEGAL AUTHORITY TO ACCEPT THESE TERMS ON THAT ENTITY’S BEHALF, IN WHICH CASE “YOU” WILL MEAN THAT ENTITY. IF YOU DO NOT HAVE SUCH AUTHORITY, OR IF YOU DO NOT ACCEPT ALL OF THESE TERMS, THEN WE ARE UNWILLING TO MAKE THE APP, THE SMART CONTRACTS, OR THE SITE AVAILABLE TO YOU. IF YOU DO NOT AGREE TO THESE TERMS, YOU MAY NOT ACCESS OR USE THE APP, THE SMART CONTRACTS, OR THE SITE.

A. What information do we collect?

1. SUMMARY

BeFaster.fit collects information to provide you with the best experience when using our product and to successfully manage it. You provide some of your data directly to us, such as when you participate in a survey, contact us, or subscribe to a newsletter. We collect some of your data by recording your interactions with our website or mobile application; technologies such as cookies are examples of this.

2. LEARN MORE

We collect personal data such as your email addresses. These are used for the login procedure to the app. We do not collect personal data such as names, phone numbers, addresses. The collection of the date of birth, your country of origin, weight and gender is possible if you want to use some provided features. These are not essential for the main function of the app, so you can choose not to disclose them. If you choose not to provide this data, you will not be able to use the additional features provided. The data we collect depends on the context of your interactions with BeFaster.fit and your choices (including your privacy settings). The data we collect may include the following:

Device and Usage Information. We may collect information about your device and how you and your device interact with our mobile application. For example, we may collect your interactions on our App, your feature usage patterns, location data, and your interactions with us. We may also collect data about your device and the network you use to connect to our App; this may include data such as your IP address, browser type, operating system, and referring URLs.

 

B. What do we use your information for?

1. SUMMARY

We use the data we collect to make our products available for you, to improve them and to maximize your experiences. We may also use the data to provide security updates, and give you information about our products. We may also use the data to improve the relevance and security, respond to user enquiries, send you periodic marketing communications about our products, and improve the relevance of our advertising.

2. LEARN MORE

Technical support. We use data to diagnose problems, and to provide customer care and other support services.

Improving our products. We use data to constantly improve our products, including system administration, system security, and adding new features or capabilities.

Business Operations. We use data to develop aggregate analyses and business intelligence that enable us to operate, protect, make informed decisions, and report on the performance of our business.

Promotions. We may use your data to administer contests, promotions, surveys, or other site features.

Generally. We use data to respond to your enquiries and requests relating to our products and to provide us with information and access to resources that you have requested from us. We also use data for general business purposes, including, to improve our customer service, to help us improve the content and functionality of our products, to enforce our Terms of Use, and to generally manage our business.

 

C. How do we protect your information?

We implement a variety of security measures to maintain the safety of your personal information when you enter, submit, or access your personal information. We offer the use of a secure server. All supplied sensitive information is transmitted via Secure Socket Layer (SSL) technology and then encrypted into our gateway providers database only to be accessible by those authorized with special access rights to such systems, and are required to keep the information confidential. We further confirm that we will not pass on or sell the data collected from you to third parties for marketing purposes or similar.

 

D. How do we ensure that our processing systems remain confidential, resilient, and available?

1. SUMMARY
We employ a variety of measures to ensure that our processing systems remain confidential, resilient, and available. Specifically, we have implemented processes to ensure high availability, business continuity, and rapid disaster recovery. We are committed to maintaining strict physical and logical access controls and regularly conduct penetration testing to identify and remediate potential vulnerabilities.

2. MORE LEARNING.
High Availability. Every part of the game uses properly provisioned, redundant servers in case of failure. We take servers out of service as part of regular maintenance without affecting availability.
Physical access controls. BeFaster.fit is hosted on Amazon Web Services. AWS data centers have a layered security model that includes extensive protections such as customized electronic access cards, alarms, vehicle access barriers, perimeter fencing, metal detectors, and biometrics. According to the AWS security whitepaper, “AWS data centers are state of the art and use innovative architectural and technical approaches. Amazon has many years of experience in designing, building and operating large data centers. This experience has been applied to the AWS platform and infrastructure. AWS data centers are housed in unobtrusive facilities. Physical access is tightly controlled at both perimeter and building entrances by professional security personnel using video surveillance, intrusion detection systems, and other electronic means. Authorized employees must go through two-factor authentication at least twice to gain access to data center floors. All visitors and contractors must show identification, are signed in, and are escorted by authorized personnel at all times.” BeFaster.fit – Employees do not have physical access to AWS data centers, servers, network equipment or storage.
Logical Access Controls. BeFaster.fit is the assigned administrator of its infrastructure on AWS, and only designated authorized members of the BeFaster.fit – operations team have access to configure infrastructure as needed behind a virtual private network with two-factor authentication. Individual servers require specific private keys that are stored in a secure and encrypted location.5.

E. Do we use cookies?

1. SUMMARY

Yes. Cookies are small files that a site or its service provider transfers to your computers hard drive through your Web browser (if you allow) that enables the sites or service providers systems to recognize your browser and capture and remember certain information. You can choose to disable cookies, but if you do, your ability to use or access certain parts of the Game or of our website may be affected.

2. LEARN MORE

We use cookies and other similar identifiers to understand and save your preferences for future visits, to advertise to you on other sites, and to compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future.

You may refuse to accept cookies by activating the setting on your browser that allows you to refuse the setting of cookies. You can find information on popular browsers and how to adjust your cookie preferences at the following websites:

Microsoft Internet Explorer

Mozilla Firefox

Google Chrome

Apple Safari

 

However, if you choose to disable cookies, you may be unable to access certain parts of our site. A banner asking you to accept our cookies policy will be displayed upon the first visit to our website (or the first visit after you delete your cookies). Unless you have adjusted your browser setting so that it will refuse cookies and/or you have not accepted our cookies policy, our system will issue cookies when you log on to our site.

Our web pages may contain electronic images known as web beacons (also called single-pixel gifs) that we use to help deliver cookies on our websites, and to count users who have visited those websites. We may also include web beacons in our promotional email messages or newsletters, to determine whether and when you open and act on them.

In addition to placing web beacons on our own websites, we sometimes work with other companies to place our web beacons on their websites or in their advertisements. This helps us to develop statistics on how often clicking on an advertisement on a BeFaster.fit website results in a purchase or other action on the advertiser’s website.

Finally, our App may contain web beacons or similar technologies from third-party analytics providers that help us compile aggregated statistics about the effectiveness of our promotional campaigns or other operations. These technologies enable the analytics providers to set or read their own cookies or other identifiers on your device, through which they can collect information about your online activities across applications, websites or other products.

 

E. Do we share any information with third parties?

1. SUMMARY

We share your information with your consent or when necessary to provide you with our products. We also share your information with vendors working on our behalf when required by law or to respond to legal process, to protect our customers, to protect lives, to maintain the security and integrity of our products, and to protect our rights or property.

2. MORE LEARNING

We share your information with your consent or when necessary to provide the products to you. We also share information with vendors or agents who work on our behalf for the purposes described in this policy. For example, companies that we have contracted to provide cloud hosting services, off-site backup, and customer support may need access to your data to provide these functions. In such cases, these companies are required to comply with our privacy and security requirements and may not use the data they receive from us for any other purpose. If you have any questions or concerns about this handling, please feel free to contact us at info@befaster.fit.

We may use aggregated non-personal information for marketing, promotional and analytical purposes and may share it with third parties. We do not sell or trade your information to third parties.

 F. Third Party Links

Occasionally, at our discretion, we may include or offer third party products or services on our products. If you access other websites using the links provided, the operators of these websites may collect information from you that will be used by them in accordance with their privacy policies. These third party sites have separate and independent privacy policies. We, therefore, have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.

G. Data Retention

1. SUMMARY

We may retain your information as long as you continue to use our products or for as long as is necessary to fulfill the purposes outlined in this Policy.

2. LEARN MORE

We will retain your data for as long as necessary to make our products available to you, or for other essential purposes such as complying with our legal obligations, resolving disputes, and enforcing our agreements. Because these needs can vary for different types of data, actual retention periods can vary significantly. The criteria we use to determine the retention periods include:

How long is the data needed to make the products available to you and/or operate them? This includes such things such as maintaining and improving the performance of the products, keeping our systems secure, and maintaining appropriate business and financial records. This is the general rule that establishes the baseline for most data retention periods.

Has the user provided consent for a longer retention period? If so, we will retain the data in accordance with your consent.

Is BeFaster.fit subject to a legal, contractual, or similar obligation to retain the data? Examples can include mandatory data retention laws in the applicable jurisdiction, government orders to preserve data relevant to an investigation, or data that must be retained for the purposes of litigation.

 

H. Changes to our Privacy Policy

We will update this privacy statement when necessary to reflect customer feedback and changes to our Appe. When we post changes to this statement, we will revise the “last updated” date at the top of the statement. If there are material changes to the statement or in how BeFaster.fit will use your data, we will notify you either by prominently posting a notice of such changes before they take effect or by sending you a notification directly. We encourage you to periodically review this privacy statement to learn how BeFaster.fit is protecting your information.

I. How to Contact Us

If you have a technical or support question, please send us an email at support at support@befaster.fit .

 

Table of Contents

BEFASTER.FIT Privacy Policy   1

  1. Privacy policy summary 1

A.1.1                Collection, Use, and Disclosure of Data  1

A.1.2                Privacy settings  1

A.1.3                Tracking  1

A.1.4                communication  1

A.1.5                General  1

  1. Privacy Policy 1

B.1                  Allgemeines 2

B.1.1                Responsible Party  2

B.1.2                Applicable Law   2

B.1.3                Content  2

B.1.4                Contact  2

B.1.5                Data Protection Officer  2

B.1.6                Language  2

B.2                  WHICH DATA BEFASTER.FIT COLLECTS AND HOW WE USE IT 2

B.2.1                INFORMATION YOU PROVIDE US  2

B.2.2                AUTOMATICALLY COLLECTED DATA  2

B.2.3                FITNESS AND HEALTH DATA  3

B.2.4                DATA FROM SOCIAL NETWORKS AND CONTACTS  3

B.2.5                PAYMENT DATA  3

B.2.6                TECHNICAL ANALYSIS OF USAGE  3

B.2.7                OTHER DATA  3

B.3                  HOW BEFASTER.FIT USES THE INFORMATION AND DATA 3

B.3.1                PROVISION OF OUR SERVICES AND PRODUCTS  3

B.3.1.1                     RECORDING AND ANALYZING YOUR ACTIVITIES AND PERFORMANCE  3

B.3.1.2                     INTERACTION WITH OTHER USERS  4

B.3.1.3                     SHARING YOUR RESULTS  4

B.3.1.4                     DATA PROCESSING FOR ANTI-CHEATING  4

B.3.1.5                     YOUR REFERRAL CODE  4

B.3.1.6                     COMMUNICATION WITH YOU  4

B.3.1.7                     YOUR STATISTICS  4

B.3.1.8                     CUSTOMER SUPPORT  5

B.3.2                PROVISION AND USE OF AI FUNCTIONS  5

B.3.3                BUSINESS ANALYSES  5

B.4                  DATA TRANSFER – ONLY WHEN IT’S ABSOLUTELY NECESSARY 5

B.4.1                SERVICE PROVIDERS  5

B.4.2                PUBLICLY VIEWABLE INFORMATION OUTSIDE THE APP  5

B.4.3                PUBLICLY VIEWABLE INFORMATION INSIDE THE APP  5

B.4.3.1                     WHY SOME USERS NEED TO SEE CERTAIN DATA ABOUT YOU  6

B.4.3.2                     WHICH DATA WILL BE VISIBLE TO OTHER USERS  6

B.4.3.3                     HOW OTHER USERS CAN SEE AND FIND YOU  6

B.4.4                AFFILIATED COMPANIES AND ACQUIRERS OF OUR COMPANY OR OUR ASSETS  6

B.4.5                COOPERATION WITH LAW ENFORCEMENT AND REGULATORY AUTHORITIES (INCLUDING COURTS) 6

B.4.6                CONTRACTUAL DISPUTES AND/OR COMPLIANCE WITH LAWS  6

B.5                  BEFASTER.FIT IS AD-FREE 6

B.6                  INFORMATION WE DO NOT HAVE ACCESS TO  7

B.6.1                NO ACCESS TO YOUR GOOGLE ACCOUNT PASSWORD  7

B.6.2                NO ACCESS TO YOUR HOT WALLET ACCESS CREDENTIALS  7

B.7                  YOUR DATA IN YOUR HAND – MANAGEMENT AND RIGHTS 7

B.7.1                ADJUSTING NOTIFICATION AND EMAIL SETTINGS  7

B.7.2                UPDATING ACCOUNT INFORMATION  7

B.7.3                DELETING DATA AND ACCOUNTS  7

B.7.4                HOW WE PROTECT INFORMATION  7

B.7.5                AUTOMATED DECISION-MAKING AND PROFILING  7

B.8                  PROTECTION OF CHILDREN’S PRIVACY 8

  1. YOUR RIGHTS AND HOW TO EXERCISE THEM 8

C.1.1                ACCESS TO YOUR DATA  8

C.1.2                RIGHT TO RECTIFICATION, TRANSFER, RESTRICTION, AND DELETION  8

C.1.2.1                     UPDATE, RECTIFY, OR RESTRICT YOUR DATA  8

C.1.2.2                     RIGHT TO RESTRICT PROCESSING UNDER ARTICLE 18 GDPR  8

C.1.2.3                     DELETE YOUR ACCOUNT UNDER ARTICLE 17 GDPR  9

C.1.3                RIGHT TO OBJECT UNDER ARTICLE 21 GDPR  9

C.1.4                RIGHT TO WITHDRAW CONSENT UNDER ARTICLE 7 GDPR  9

C.1.5                RIGHT TO COMPLAIN  9

  1. LEGAL BASES 9

D.1                  PROVIDING BEFASTER.FIT SERVICES AND FEATURES AS CONTRACTUAL FULFILLMENT 10

D.2                  DATA COLLECTION WITH YOUR CONSENT UNDER ART. 9 GDPR 10

D.3                  PROMOTING LEGITIMATE INTERESTS UNDER ART. 6 (1) (F) GDPR 10

D.4                  LEGAL OBLIGATIONS CONCERNING THE ESTABLISHMENT, EXERCISE, OR DEFENSE OF LEGAL CLAIMS 11

D.5                  PERFORMING A TASK IN THE PUBLIC INTEREST 11

  1. FURTHER INFORMATION 12

E.1          TECHNICAL AND ORGANIZATIONAL MEASURES (TOM) 12

E.2          PROCEDURE FOR NOTIFYING DATA BREACHES 12

E.3          sTORAGE OF INFORMATION AND RETENTION PERIOD 12

E.4          USERS IN THE USA 12

  1. UPDATES TO THE PRIVACY POLICY 13
  2. ANNEX 13

G.1                  ANNEX 1 – INFORMATION FOR RESIDENTS OF TURKEY ACCORDING TO THE TURKISH PERSONAL DATA PROTECTION LAW NO. 6698 (“TPDPL”) 13

G.1.1                REMINDER REGARDING THE CONTROLLER  13

G.1.2                INFORMATION ABOUT THE DATA PROTECTION OFFICER  13

G.1.3                METHODS AND LEGAL BASES FOR DATA COLLECTION  13

G.1.4                YOUR RIGHTS  13

G.1.5                CONTACT INFORMATION OF THE LOCAL DATA PROTECTION AUTHORITY IN TURKEY  13

G.2                  ANNEX 2 – INFORMATION ABOUT THE PROCESSING OF PERSONAL DATA UNDER THE KOREAN PERSONAL INFORMATION PROTECTION ACT (“PIPA”) 14

G.3                  ANNEX 3 – INFORMATION ON THE PROCESSING OF PERSONAL DATA UNDER THE BRAZILIAN GENERAL DATA PROTECTION LAW (LEI GERAL DE PROTEÇÃO DE DADOS, “LGPD”) 14

G.3.1                LEGAL BASES  14

G.3.2                TYPES OF PROCESSING ACTIVITIES WE CONDUCT  14

G.3.3                LOCATION OF PROCESSING  14

G.3.4                CONTACT / DATA PROTECTION OFFICER  14

G.3.5                RESPONSIBILITY FOR DATA PROCESSING  14

G.3.6                YOUR RIGHTS  14

G.4                  ANNEX 4 – INFORMATION ON THE PROCESSING OF PERSONAL DATA UNDER THE DATA PRIVACY ACT OF THE REPUBLIC OF THE PHILIPPINES OF 2012 15

G.5                  G.5 ANNEX 5 – INFORMATION ON THE PROCESSING OF PERSONAL DATA UNDER THE PERUVIAN DATA PROTECTION LAW (“PDPL”) 15

 

 

 

 

BEFASTER.FIT Privacy Policy

Effective Date: October 4, 2024

Your privacy is very important to us. Before we dive into the details, here’s a quick summary of our key privacy practices at a glance. Simply click on the link to read the full section.

Read the full privacy policy here.

 

A.      Privacy policy summary

A.1.1             Collection, Use, and Disclosure of Data

 

  • Do we sell your personal information for monetary values? No
  • Do we sell aggregated information for monetary values? No
  • Do we share your personal information with third parties that are not service providers? Yes, with your consent
  • Do we share your personal information for targeted advertising? No
  • Do we use sensitive data categories such as health data? Yes, with your consent
  • Do we provide additional privacy protections for minors (users under 18)? Yes
  • Do we delete your personal information when you request the deletion of your account? Yes
  • Do we retain your data after you request the deletion of your account? No

A.1.2            Privacy settings

  • Do you have control over who sees your activities and content? Yes
  • Do you have control over who sees your location-based activities? Yes
  • Are the privacy settings for all your activities and profile set to public by default (set to “Everyone”)? No, only partially as a summary
  • Can you download and delete your personal information? Yes

A.1.3            Tracking

  • Do we track your device location when you are not using our app? No
  • Do we track your device location while you use BeFaster.fit services? Yes, with your consent
  • Do we use non-essential cookies? No
  • Do we track your browsing activities on other websites? No
  • Can we listen to you through your device microphone? No

A.1.4            communication

  • Do we inform you in advance if we make significant changes and updates to our privacy policy? Yes
  • Do we send marketing communications to you? No
  • Do we send you push notifications on mobile devices? Yes, with your consent

A.1.5            General

B.       Privacy Policy

 

We are always committed to providing you with the best possible service, and your privacy is very important to us at BeFaster.fit.
The following privacy provisions:

  • Clearly explain what data we collect and how we process it
  • Give you more control over your data
  • Outline all the details regarding your rights as a BeFaster.fit user.

B.1          Allgemeines

B.1.1             Responsible Party

BeFaster.fit Limited, C 95624, 4. Vincenzo Dimech Road, Floriana FRN 1504, Malta (see imprint). We process your personal data as the responsible party when you use our “app” (see our app here) or website (together with the app, “products”) or otherwise interact with us.

B.1.2            Applicable Law

Your personal data will be processed in accordance with the locally applicable data protection laws, such as the EU General Data Protection Regulation (“GDPR”) or the Maltese Data Protection Act (Chapter 586), as far as applicable.

B.1.3            Content

This privacy policy (hereinafter referred to as the “Privacy Policy”) provides you with information about us, the manner, scope, and purpose of processing your personal data, such as its collection and use, and gives you insights into data processing related to the use of our products. Please note that the processing of personal data of business partners and applicants is not subject to this Privacy Policy.

B.1.4            Contact

Our general contact point for any questions, requests, and concerns regarding the processing of personal data is the email address: accountmanagement@befaster.fit. Additionally, you can also contact us at the postal address provided above, attention of the Data Protection Officer.

B.1.5            Data Protection Officer

Our Data Protection Officer is responsible for all questions regarding your data, its security, and its protection. Frank Schulze has been appointed as the Data Protection Officer by Board Resolution dated August 1, 2022. If you have questions regarding the processing and deletion of your personal data, you can contact him at any time at the email address accountmanagement@befaster.fit.

B.1.6            Language

This policy has been written in English. It is only available on the website in English but can be automatically translated by your web browser. In case a translated version contradicts the English version, the English version prevails.

B.2         WHICH DATA BEFASTER.FIT COLLECTS AND HOW WE USE IT

At BeFaster.fit, we place great importance on providing you with an optimal and personalized fitness experience. To achieve this, we collect and process various types of personal data. Below, you will learn what data we collect, how we use it, and which categories of information play a role.

B.2.1            INFORMATION YOU PROVIDE US

We collect a range of personal data directly from you when you use our product. This includes:

  • Identity Data: This includes information that uniquely identifies you, such as your nickname, Google email address, and age. This data allows us to create and securely use a BeFaster.fit account.
  • Contact Data: Information such as your email address is used to securely log you into and identify you within the product.
  • Profile and Activity Data: This data includes your type of activity, date and time of the activity, your results, speed, and distance. This information helps us deliver the right BeFaster.fit experience to you.

B.2.2           AUTOMATICALLY COLLECTED DATA

In addition to the information you provide, we automatically collect certain technical data as soon as you use our services. This includes:

  • Device Information: We collect information about the device you use to access BeFaster.fit, such as your IP address, device identifiers, and operating system. This data helps us ensure the stability and security of our services.
  • Location Data: To provide you with accurate GPS activity tracking and route mapping, we collect your device’s location data. We only collect this data if you have consented to it in your device’s privacy settings. You can easily withdraw your consent at any time.
  • Usage Data: This includes information on how you use our services, which pages you visit, which features you use, and how long you are active in the app. This helps us improve the app for you and others.

B.2.3           FITNESS AND HEALTH DATA

To provide you with a comprehensive fitness profile, we collect various health and activity data when you use our app. This includes:

  • Activity Data: We capture data on your physical activities, such as steps, distance, and calories burned in conjunction with GPS locations. This information helps us enable fitness tracking for you and run internal security mechanisms to prevent cheating, ensuring fairness and security for all users of the app.
  • Health Data: We collect certain health data, such as heart rate, step frequency, and weight. This data is considered sensitive personal data, and you must provide us with your consent for its collection. If you agree, we also collect sensitive data. This data allows us to give you personalized insights into your fitness and health. You can set limits on whether and to what extent we may process this information at any time.

For more information on the legal basis (Art. 6(1)(a) and Art. 9 GDPR), please refer to the section on legal bases.

B.2.4           DATA FROM SOCIAL NETWORKS AND CONTACTS

You can currently create your BeFaster.fit account exclusively via a Google account login process, allowing us to obtain certain information from this platform, such as your name, email address, and profile picture. This data enables you to register and log in, thus allowing access to all BeFaster.fit services. The option to connect with other third-party providers and platforms will be expanded in the future.

B.2.5           PAYMENT DATA

If you utilize paid features or subscriptions, we collect payment information to securely process transactions. This includes data such as credit card information, which is processed through external, PCI-compliant payment providers. BeFaster.fit itself does not store complete credit card data.

B.2.6           TECHNICAL ANALYSIS OF USAGE

We use certain analytical methods to improve your user experience. These technologies collect information about your use of our platform, such as your preferences, visit times, and interaction with various content. This helps us make our app even better and more engaging by understanding, evaluating, and assessing user behavior.

B.2.7            OTHER DATA

We may collect information about you from service providers or directly from you, for example, when we gather your feedback through surveys.
We may also gather information about you from other BeFaster.fit users, such as when they send you VPAID to your internal BeFaster.fit wallet or add your profile to their favorites.

B.3         HOW BEFASTER.FIT USES THE INFORMATION AND DATA

Below, we thoroughly explain how we utilize the collected data and information.

 

B.3.1            PROVISION OF OUR SERVICES AND PRODUCTS

Your data is primarily used to fully utilize the BeFaster.fit app.

 

B.3.1.1             RECORDING AND ANALYZING YOUR ACTIVITIES AND PERFORMANCE

We capture and analyze your sports activities, including general run sessions and challenge runs. The results obtained are used for statistical overviews that allow you to track your sports performance. They are also used to classify your fitness level and to set and fulfill your main quest. Furthermore, the results help us properly manage your progress and achievements within the quest system and the distribution of VPAID. Finally, your athletic performance is a key criterion for your leaderboard position.

 

B.3.1.2            INTERACTION WITH OTHER USERS

We use personal information, particularly your name, profile picture, athlete ID, and content you wish to share (such as creating challenges), to enable you to compete against other users. This also includes the profile feature, where other users can view parts of your statistics to decide whether to accept you as a challenge opponent.

 

B.3.1.3            SHARING YOUR RESULTS

If you wish to share your sports performance and BeFaster.fit successes with others, we support you in doing so. We provide your running results and success notifications in branded design. You can decide whether to post results with your running route on a map provided by Google Maps or with a photo without the running route. Please note that public posting on social media of specific running routes with locatable geographical information carries a certain risk, and you may want to refrain from doing so, especially if it involves the same running route regularly. Ultimately, it is up to you whether, what, and when you share, but we encourage you to be mindful of your personal data and social media usage. You can also post your performance or achievements with a live-captured photo or an image from your gallery. This option does not allow for third-party localization. To access this feature, you must grant us permission. Please note that we do not store your images or social media posts. The access you grant to your camera or gallery only applies at the time of sharing the social media post, and you can revoke this permission at any time.

 

B.3.1.4            DATA PROCESSING FOR ANTI-CHEATING

We utilize methods such as machine learning or artificial intelligence, including analytical systems, to detect cheating. As an essential component of the BeFaster.fit app, fairness is ensured through systems that analyze your athletic behavior, identify it, and detect and prevent anomalies. To operate these systems, we require various personal data, such as your step frequency, GPS data, and heart rate.

 

B.3.1.5            YOUR REFERRAL CODE

When you create your user profile, we provide you with a personal referral code that is permanently linked to your account and cannot be changed. You can find comprehensive information about this [here](https://befaster.fit/referral/). This referral code entitles you to a share of the revenue when other users sign up using your code and generate revenue from their activities. The code is visible in your profile and is stored by us for attribution purposes. Furthermore, the code is part of the brand corporate design and is visible on your social media posts and in your invitation messages to friends. This aspect is not editable and is a fixed component of the business model for acquiring new users.

 

B.3.1.6            COMMUNICATION WITH YOU

We use your email address to contact you regarding our services, such as informing you about essential changes to our terms. For this processing purpose, we share personal data with processors, in this case, our messaging service providers and CRM providers.

 

B.3.1.7             YOUR STATISTICS

Your running activity and some of your results are an integral part of certain product features whose disclosure is necessary and cannot be hidden. This includes, in particular, your fitness level, which is displayed in the arch around your profile picture, and a summary of your performance, including your total kilometers run, the time taken, average speed, elevation gained, and your leaderboard league and division.

 

B.3.1.8            CUSTOMER SUPPORT

We process personal data to respond to your inquiries about our products and address questions and concerns that reach us through various communication channels. This includes responses to inquiries regarding data protection and app usage. Your requests to our customer service are analyzed to ensure we can continue providing you with valuable service in the future.

B.3.2           PROVISION AND USE OF AI FUNCTIONS

In relation to our products and their functions that utilize machine learning or artificial intelligence, we use some personal data to improve the quality, reliability, and/or accuracy of our AI features and to maintain a smooth anti-cheating model. To achieve this, we create, develop, train, test, improve, and maintain AI and ML models operated by BeFaster.fit or our service providers. We use aggregated information free from identifiable features to train the AI functions, relate personal data mathematically, and ensure fairness as a fundamental principle of our services. With your privacy settings and sharing permissions, we may also use personal information such as health and location information for measuring your runs against anti-cheating standards.

B.3.3           BUSINESS ANALYSES

We need to know how we are performing as a company. This is in the interest of our shareholders, management, employees, partners, and users. We create data models for various analytical purposes and analyze how our products perform in different markets, which product features are popular, what has worked and what hasn’t regarding our marketing and advertising campaigns, our product designs and sales strategies, our website design, and the overall user experience to establish, implement, and evaluate our business strategy.

This includes, for example, analyzing data to understand how users navigate our website and use the app to improve our user experience design, ensuring that our app and website continue to provide you with enjoyment and encourage you to keep using or visiting them. For this purpose, we may collect personal data by using technologies such as cookies, pixels, and tags to capture device information. Whenever cookies are used, you will be informed about it through a cookie banner and must provide consent in the form of an opt-in in accordance with Art. 7 GDPR. For more information about the cookies we use, the personal data they collect, and how to disable them, please refer to our cookie policy.

The legal basis for these processing activities is our legitimate interest.

The data categories processed for this purpose include identity data, location data, purchase data, profile information, device information, browsing information, activity data, correspondence, and, in the future, preference data. For this processing purpose, we share personal data with processors, in this case, analysis service providers and cloud service providers.

B.4         DATA TRANSFER – ONLY WHEN IT’S ABSOLUTELY NECESSARY

We guarantee that we will never sell your personal data or aggregated information to third parties. Your personal data will only be shared with third parties if it is necessary for the operation of our product and the provision of all services.

B.4.1            SERVICE PROVIDERS

We may share your information with third parties that provide services for BeFaster.fit, such as support, improvement, marketing, and securing services, as well as processing payments or orders. These service providers only have access to information necessary to perform these limited functions on our behalf and to protect your information. We may also engage service providers to collect information about your usage of the services over time to support BeFaster.fit in monitoring and developing the product in the interest of users and operations.

B.4.2           PUBLICLY VIEWABLE INFORMATION OUTSIDE THE APP

The public visibility of your data outside the app can be divided into two categories:

  • Social Media: Here you decide what you post and when you post it. Who can see this data depends on your privacy settings. If you choose to post, we refer to this provision.
  • Public World Wide Web: Outside the BeFaster.fit app, no one has access to your data. None of your data appears anywhere outside the user circle of the app. They are neither searchable nor viewable through search engines.

B.4.3           PUBLICLY VIEWABLE INFORMATION INSIDE THE APP

In accordance with the data minimization principle of the GDPR, we not only collect the minimum amount of data from you as a user but also limit the amount of data that can be viewed. The extent of full access to your profile, achievements, results, statistics, and accomplishments is subject to your privacy and data protection settings, which will be added after the completion of the beta test.

B.4.3.1            WHY SOME USERS NEED TO SEE CERTAIN DATA ABOUT YOU

As BeFaster.fit is a competitive sports app, it is unavoidable that some of your data is made accessible to other users in compressed form. The reason is that everyone must have the opportunity to make an informed decision about whether they want to compete against you. The public viewing of your data in compressed form is minimized and extends only so far as to allow other members, as potential competitors, to assess against whom they might compete and whether their fitness level can match yours. This data compression is an integral part of our service, ensuring not only security but also fairness and promoting the aspect of sports motivation.

B.4.3.2           WHICH DATA WILL BE VISIBLE TO OTHER USERS

Other app users can see your nickname, profile picture, whether or not you have a VIP package, your leaderboard position, your fitness level, and a summary of your athletic performance. The summary is exclusively an overview and refers to a specific time period. This summary includes:

  • Total kilometers
  • Total time
  • Total altitude
  • Average speed
  • Total challenges completed

B.4.3.3           HOW OTHER USERS CAN SEE AND FIND YOU

Your profile can only be found within the app via a search function with your player ID.
Your profile is visible to other BeFaster.fit users:

  • In the current leaderboard
  • In the qualification list for the next event
  • In the challenges if you participate in them

B.4.4           AFFILIATED COMPANIES AND ACQUIRERS OF OUR COMPANY OR OUR ASSETS

We may share your information with our subsidiaries if they exist; these are obligated to handle your personal information in accordance with their own privacy policies. If BeFaster.fit is involved in a merger, acquisition offer, insolvency, restructuring, liquidation, or other similar transactions, we may share or transfer your information in connection with such a transaction.

B.4.5           COOPERATION WITH LAW ENFORCEMENT AND REGULATORY AUTHORITIES (INCLUDING COURTS)

If we are legally required to provide your personal data for reasons of national and public security, crime prevention, investigation and prosecution of offenses, anti-money laundering, conducting legal proceedings, protecting the rights and freedoms of others, and enforcing civil claims, we will provide the requested information as soon as we are sure that the request is legally justified. We may not be able to inform you about this if it violates the law.
The legal basis for these processing activities is our respective legal obligation, the necessity to protect vital interests of individuals, or the necessity in the public interest.
The categories of data processed for this purpose depend on the respective request/obligation and may include all categories of personal data that we process. In any case, we will limit the amount of personal data processed for this purpose to the minimum necessary.

B.4.6           CONTRACTUAL DISPUTES AND/OR COMPLIANCE WITH LAWS

We must retain evidence in case of contractual disputes or to defend ourselves in case of investigations or disputes and complaints regarding compliance with data protection regulations, including the handling of data protection requests. In addition, we may need to process certain information that may also contain personal data to comply with legal retention periods.
The legal basis for these processing activities is our respective legal obligation or our legitimate interest.
The categories of data processed for this purpose depend on the respective obligation and situation and may include all categories of personal data that we process. In any case, we will limit the amount of personal data processed for this purpose to the minimum necessary.
For this processing purpose, we share personal data with authorities, including courts, with our legal counsel and tax advisors, and with processors, in this case, with cloud service providers and messaging service providers.

B.5         BEFASTER.FIT IS AD-FREE

You will not receive any advertising from third parties forced upon you! You will not receive promotional emails. You won’t have to watch advertising videos, and you will not see any external advertisements in the app!

B.6         INFORMATION WE DO NOT HAVE ACCESS TO

Not all the information you have and use is accessed, reviewed, or stored by us. Please handle your access credentials carefully, as we cannot assist you with their recovery.

B.6.1            NO ACCESS TO YOUR GOOGLE ACCOUNT PASSWORD

We do not have access to your Google Account password. If you forget it, you cannot request recovery through BeFaster.fit. BeFaster.fit does not have a separate password for your account; it grants you access when you authenticate with Google.

B.6.2           NO ACCESS TO YOUR HOT WALLET ACCESS CREDENTIALS

To use BeFaster.fit properly, you need to link your BeFaster.fit account with a hot wallet, such as MetaMask, TrustWallet, or others. You can unlink and exchange this connection at any time. We establish the connection through an API interface and can mirror these hot wallets in the BeFaster.fit app. We do not have access to your access credentials, passwords, private keys, secret phrases, or mnemonic phrases. We do not see them and therefore do not store them. Please independently educate yourself on the proper storage and security of this critically important data, as losing it will result in a permanent loss of access to your hot wallet, and we cannot assist with recovery. If you permanently lose access to your hot wallet, it means the loss of your assets.

B.7          YOUR DATA IN YOUR HAND – MANAGEMENT AND RIGHTS

In this section, we inform you about the possibility of managing your data and what your rights are in the area of data protection law.

B.7.1            ADJUSTING NOTIFICATION AND EMAIL SETTINGS

One thing is clear: we will definitely not bombard you with marketing, especially not with marketing from third parties. However, we may ask for your opinions, criticism, and suggestions for improvement in the future. BeFaster.fit is for everyone and can therefore be co-developed by you as a user. We will notify you of new functions and features. If you do not wish to receive these notifications, you can adjust your data settings accordingly and turn off these messages.

B.7.2            UPDATING ACCOUNT INFORMATION

You can correct, supplement, or update your profile or account information at any time by adjusting this information in your account settings. This allows you to rectify incorrect personal information in your account within the app. If there are any details you cannot correct through the app, please contact us at support@befaster.fit .

B.7.3            DELETING DATA AND ACCOUNTS

Under the account management menu, you can request the deletion of your account and all associated data. Account Management

A step-by-step guide can be found in the section regarding the exercise of your rights. To delete your account, please follow these instructions. Once you have submitted a request for account deletion, we will permanently and irrevocably delete your personal information from our systems, including backups. After deletion, your data, including your account, activities, and rankings, unclaimed rewards, and your BeFasterFriends, cannot be restored. The deletion of all personal information and system logs will occur within 30 days of receiving your request.

Please note that we have no control over content such as posts you have created on BeFaster.fit that you shared directly or publicly with others, or that others may have copied. In other words, content or information may still be available even if you have deleted your account or specific information from your own profile.

It is not possible to delete individual pieces of information. If you request deletion, everything will be removed.

B.7.4            HOW WE PROTECT INFORMATION

BeFaster.fit takes measures to ensure that your information is secure and treated in accordance with the provisions of this privacy policy. We maintain administrative, technical, and physical security precautions appropriate to the sensitivity of your information, designed to protect against unauthorized use, disclosure, or access to personal information.

For the protection of your Google Account credentials, we refer you to Google’s security instructions.

B.7.5            AUTOMATED DECISION-MAKING AND PROFILING

To ensure security and fairness in using the app, we utilize machine learning that analyzes and evaluates you and your sporting behavior to determine whether you are indeed you or whether your sporting performance was actually achieved by someone else, or whether you are attempting to cheat the app by using unauthorized means of transportation such as any kind of passenger transport, scooters, bicycles, skateboards, horses, rollerblades, etc. If our anti-cheating system detects an unauthorized anomaly, your sporting activity will be terminated, and you will be notified. In accordance with Article 22 of the GDPR, we inform you that we use biometric data, your sporting activities, geolocation data, and health data for profiling. The specifics of how and to what extent mathematical considerations are applied is part of our trade secret and cannot be detailed here while safeguarding our legitimate interests.

If you do not agree to the use of your data for anti-cheating profiling and ensuring comprehensive fairness, we ask you to refrain from using the app.

If you believe your sporting activity has been wrongfully challenged, we expressly request your cooperation in reporting this issue. This will help improve the system and avoid errors. We will conduct a manual review and adjust the system if it reacted incorrectly. You can report a misclassification within the app by going to your settings -> Report a Problem and following the instructions. Alternatively, you can simply send an email to support@befaster.fit . Please describe the circumstances as accurately as possible.

B.8         PROTECTION OF CHILDREN’S PRIVACY

BeFaster.fit is not intended for individuals under 18 years of age and cannot be properly used by persons under 18 in financial matters, as it requires a hot wallet connection that can only be established by adults. If you are under 18 years old, you are not allowed to use the services. We encourage you to follow our social media and wait for the launch of BeFaster.fit Kids. BeFaster.fit Kids is specifically designed for individuals under 18 years of age and is subject to special factual and legal regulations. The processing of children’s data is carried out in accordance with the provisions of Article 8 of the GDPR, which excludes usage and also the approval of parents does not remedy the fact that children cannot use BeFaster.fit.

 

C.   YOUR RIGHTS AND HOW TO EXERCISE THEM

There are extensive data protection laws that grant you various rights, particularly Articles 15 – 22 of the GDPR. These may vary depending on the jurisdiction (see special regulations in the annex).

C.1.1             ACCESS TO YOUR DATA

You have the right to know what personal information we collect, use, share, or otherwise process, and to request access to it. You can access many of your information by logging into your account. If you need further access or would like to receive a summary of this data as an extract, please contact us at accountmanagement@befaster.fit  .

C.1.2            RIGHT TO RECTIFICATION, TRANSFER, RESTRICTION, AND DELETION

You have the right to correct, transfer (Article 20 GDPR), restrict (Article 18 GDPR), or delete (Article 17 GDPR) personal information. You can request that we correct (rectify) your personal information on your behalf if it is incorrect, or restrict or delete it. Please note that these requests are subject to certain limitations; we may retain personal information within the legally permissible framework, for example, for tax or other retention purposes, to process transactions, and to facilitate customer inquiries, as well as for certain other business purposes described in this privacy policy.

C.1.2.1             UPDATE, RECTIFY, OR RESTRICT YOUR DATA

You can correct or restrict many of your information by logging into your BeFaster.fit account. You can edit your profile, correct, supplement, or update account information at any time. Please contact accountmanagement@befaster.fit if you need further assistance.

C.1.2.2            RIGHT TO RESTRICT PROCESSING UNDER ARTICLE 18 GDPR

In the following cases, you have the right to request the restriction of the processing of your personal data from us:

  • The personal data is no longer necessary for the purpose for which it was collected or processed.
  • You have withdrawn your consent on which the processing is based, and there is no other legal basis for processing.

You have objected to the processing, and there are no overriding legitimate grounds for processing.

  • The processing is unlawful.
  • The personal data must be deleted to comply with a legal obligation under European Union law or the law of a member state to which BeFaster.fit is subject.

C.1.2.3            DELETE YOUR ACCOUNT UNDER ARTICLE 17 GDPR

If you want to delete your account, please follow these steps:

  • Go to https://befaster.fit/account-management or to our website and click on Account Management in the footer.
  • Click on Delete my Account.
  • Fill out the requested form, naming the account that should be deleted.
  • Confirm the registration.
  • Open your Google emails.
  • Check if you have received a verification email.
  • Click on the verification link.

If you need help, please contact us at accountmanagement@befaster.fit . As a security measure, we will send you an email so you can confirm your deletion request, and we will delete your personal data only after this confirmation. Please note that data may still be stored on your mobile device even after your account has been deleted. Unless an exception applies, we will delete your personal information as soon as we receive and verify your deletion request, and instruct our service providers to delete your personal information as well. After verifying your deletion request, all your data will be deleted within 30 days. We emphasize here that all files will be permanently and irretrievably deleted. This includes all personal data, including your account, GPS data, system logs, activities, your ranking in leaderboards, unclaimed rewards, and your BeFasterFriends.

C.1.3            RIGHT TO OBJECT UNDER ARTICLE 21 GDPR

If we process your information based on our legitimate interests or our contractual relationship, you can object to this processing under certain circumstances. In such cases, we will stop processing your information unless there are compelling legal grounds to continue processing or it is required for legal reasons.

C.1.4            RIGHT TO WITHDRAW CONSENT UNDER ARTICLE 7 GDPR

If we rely on your consent for certain processing operations (e.g., for the processing of health data or your GPS data), you have the right to withdraw this consent at any time by updating the permissions granted within the app. Please note that health-related data may still be displayed for past activities in accordance with the previously granted consent. We may continue to process your information after you have withdrawn your consent if there is a separate legal basis for doing so (for example, to comply with a court order) or if the withdrawal of your consent was limited to certain processing activities. If you withdraw your previously granted consent, it may be that you can no longer use some services of the app.

C.1.5            RIGHT TO COMPLAIN

You have the right to express concerns about our use of your information (without prejudice to any other rights you may have) and to contact us at support@befaster.fit regarding this. With respect to your right to complain, you may also report your concerns to the relevant local data protection authority.

D.   LEGAL BASES

According to data protection laws, companies must have a legal basis for collecting, using, disclosing, and otherwise processing information about you. While some of your rights generally apply, certain rights depend on the legal bases we rely on for processing data. Below is an explanation of which legal bases apply to the collection and utilization of specific data, which are categorized into four main categories.

  1. Legal Basis: Our Mutual Contract : This basis refers to the necessity of fulfilling the agreements we have made with you (see the Terms of Use). This includes the processing of data necessary for providing the core functionalities of BeFaster.fit.
  2. Legal Basis: Your Consent (under Art. 9 GDPR): We ask for your consent to process certain data. You have the right to withdraw your consent at any time. This particularly relates to the processing of sensitive data, such as health data and geolocation, which is necessary for providing you with our services.
  3. Legal Basis: Our Legitimate Interest (under Art. 6(1)(f) GDPR): We process your data to safeguard our legitimate interests, such as ensuring fairness in the use of BeFaster.fit features, continually improving our services, and protecting our platform from abuse.
  4. Legal Basis: Legal Obligation : We process data to comply with legal obligations, such as cooperating with law enforcement authorities or protecting the data of minors. This processing may also be necessary for asserting or defending legal claims.

 

D.1          PROVIDING BEFASTER.FIT SERVICES AND FEATURES AS CONTRACTUAL FULFILLMENT

As described in Section B, many core functions of BeFaster.fit cannot be provided and the terms of use cannot be implemented without processing data for the following purposes:

  • Opening the account.
  • Conducting running sessions in Free Run.
  • Participating in challenges and interacting with others.
  • Participating in quests.
  • Participating in leaderboards.
  • Managing and evaluating your sports performance.
  • Providing and utilizing AI models and machine learning.
  • Communicating with you as a user.

The legal basis for these processing activities is the necessity to fulfill our contract with you. This processing under this legal basis concerns the following data categories:

  1. Identifiers such as your username, user ID, IP address, email address, and other similar identifiers.
  2. Payment information via Google.
  3. Age provided by you.
  4. Commercial information such as proof of your VIP membership purchase.
  5. Information about internet or other electronic activities, such as session logs.

D.2         DATA COLLECTION WITH YOUR CONSENT UNDER ART. 9 GDPR

We ask for your consent to process your information for specific purposes, and you have the right to withdraw your consent at any time. Please note that withdrawing your consent does not affect the legality of processing based on consent before withdrawal. We ask for your consent to:

  • Access your geolocation when recording GPS-based activities and to allow anti-cheating features.
  • Record your activities.
  • Collect or derive health data, which may include information derived from heart rate or other indicators. We use your health data to provide you with statistics and visualizations and to ensure that anti-cheating functions operate correctly.
  • Collect and process information about third-party products and services, such as Google Fit, or devices and applications (e.g., running watches) you connect to BeFaster.fit.
  • Access photos if you wish to post your performance or your BeFaster.fit achievements.

The legal basis for these processing activities is your consent to use the data. These are sensitive data that are partly necessary to provide our service, such as your geolocation data and the recording and processing of your biometric activity, as these are fundamental for categorization processes for various app services, which in turn are part of our mutual contract. This processing under this legal basis concerns the following data categories:

  1. Identifiers such as your nickname, user ID, IP address, email address, and other similar identifiers.
  2. Geolocation data, such as the physical location, direction, and speed of your recorded activity.
  3. Biometric information, such as movement data, as long as they contain identifying information.
  4. Electronic, visual, and similar information, such as photos.
  5. Health data, such as your heart rate.

D.3         PROMOTING LEGITIMATE INTERESTS UNDER ART. 6 (1) (F) GDPR

We process your data for our legitimate interests and those of other BeFaster.fit users. We implement appropriate security measures to protect your privacy, rights, and interests. We collect such data for the following purposes:

  • To ensure fairness in using BeFaster.fit features and enable competitions among users.
  • To individually customize the services and introduce new features. We may use your user ID, location data, and activity data when we inform you about new features.
  • To maintain our business by measuring and continuously improving our services to provide our members and partners with innovative and tailored services.
  • To secure and protect the services by using information to prevent or detect violations of our terms of use, fraud or abuse, and other harmful or illegal behavior. For this purpose, we may also share information with third parties, including law enforcement authorities.
  • Your referral code will be included in all shares on social media to increase general brand awareness, ensure further company growth, and provide you with a monetary advantage as you help us with your shares.

The legal basis for these processing activities is our legitimate interest as per Art. 6 (1) (f) GDPR, which particularly concerns the maintenance and facilitation of the BeFaster.fit rules (see terms of use), which in turn is part of the mutual contract. Moreover, our legitimate interest lies in a structured and economically healthy continuation and expansion of the company, based on the analysis of generated and suitable user data. This processing under this legal basis concerns the following data categories:

  1. Identifiers such as your correct nickname, user ID, IP address, email address, referral code, and other similar identifiers.
  2. Payment information.
  3. The age you provided.
  4. Economic information, such as proof of your VIP membership purchase.
  5. Information about activities, such as session logs.
  6. Insights derived from the above information to create a profile reflecting your preferences, characteristics, behaviors, skills, and aptitudes, such as your personal performance.

D.4         LEGAL OBLIGATIONS CONCERNING THE ESTABLISHMENT, EXERCISE, OR DEFENSE OF LEGAL CLAIMS

We process data where we are legally required to do so, for example, when we respond to a valid and binding legal process from a law enforcement agency. We may also collect and process personal information, such as your date of birth, to comply with regulations requiring us to take additional protective measures for children.

Furthermore, we may need to assert, exercise, or defend civil or criminal claims related to actual or potential legal disputes, including to protect BeFaster.fit services, our property, or other legal rights, including those of our members or partners.

The following are some examples of laws from Malta and other EU Member States that require us to respond to inquiries regarding the processing of personal information:

  • Regulatory Affairs: Compliance with legal obligations to cooperate with supervisory authorities, such as the Data Protection Commission, under the GDPR and the Data Protection Act (Chapter 586 of the Laws of Malta), as well as the relevant supervisory authorities under the Digital Services Act.
  • Criminal Matters: Implementing requests from Maltese law enforcement agencies to transmit data in connection with an investigation (e.g., under the Criminal Code (Chapter 9 of the Laws of Malta) iVb Data Protection Act (Chapter 586 of the Laws of Malta) and Art. 10 GDPR, or taking measures to provide information to law enforcement authorities when necessary.
  • Consumer Protection and Competition Matters: Fulfilling our obligations under consumer protection law, e.g., under the Consumer Affairs Act (Chapter 378 of the Laws of Malta) and the Malta Competition and Consumer Affairs Authority Act (Chapter 510 of the Laws of Malta), e.g., when the Maltese Competition and Consumer Protection Commission requests information, and to comply with our obligations under the Digital Services Act.
  • Corporate and Tax Matters: Fulfilling our obligations under corporate law and tax laws, e.g., the Malta Companies Act (Chapter 386 of the Laws of Malta) and the Income Tax Act (Chapter 123 of the Laws of Malta).
  • Information Security Issues: Implementing appropriate technical and organizational security measures, e.g., under the GDPR, particularly Art. 32 GDPR, and the Data Protection Act (Chapter 586 of the Laws of Malta).

The legal basis for these processing activities is legitimate interest and our legal obligation. This processing under this legal basis concerns the following data categories:

  1. Identifiers such as your nickname, user ID, IP address, email address, and other similar identifiers.
  2. Payment information.
  3. The age you provided.
  4. Commercial information such as proof of your VIP membership purchase.
  5. Information about internet or other electronic activities, such as session logs.

D.5         PERFORMING A TASK IN THE PUBLIC INTEREST

Where provided for by EU law or the law of an EU Member State, we may process your data to fulfill a task in the public interest. This may include protection against harm and research for social benefit. You have the right to object to the processing of your personal information and to request a corresponding restriction when we process information on this legal basis.

The legal basis for these processing activities is legitimate interest and our legal obligation. This processing under this legal basis concerns the following data categories:

  • Identifiers such as your nickname, user ID, IP address, email address, and other similar identifiers.
  • Payment information.
  • The age you provided.
  • Commercial information such as proof of your VIP membership purchase.
  • Information about internet or other electronic activities, such as session logs.

E.      FURTHER INFORMATION

E.1           TECHNICAL AND ORGANIZATIONAL MEASURES (TOM)

We implement a variety of security measures to maintain the safety of your personal information when you enter, submit, or access your personal information. In accordance with Art. 32 of the GDPR, we implement protection and TOM in the following ways:

  • We offer the use of a secure server – we are using AWS Web Services.
  • We employ encryption technologies to protect your personal data both during transmission and at rest. In particular, we use SSL/TLS encryption to ensure that all sensitive information is transmitted securely between you and our servers.
  • Access to personal data is restricted to those employees who need this data to fulfill their tasks (‘Need-to-Know Principle’). Each access is protected by multi-factor authentication procedures, including password protection and two-factor authentication (2FA).
  • We only collect and process the personal data necessary for the respective purpose, in accordance with the principle of data minimization, as per Art. 5 (1) lit. c of the GDPR.
  • To ensure the availability of your data even in the event of hardware failures or other incidents, we create regular backups stored in secure data centers. These backups allow us to restore data in the event of a physical or technical incident.
  • We regularly conduct security audits and penetration tests to identify and address potential vulnerabilities in our systems.
  • To enhance security and prevent security incidents, we use a system for logging and monitoring access to personal data. This allows us to quickly detect unauthorized access and take appropriate countermeasures.
  • All employees who work with personal data receive regular training on data protection, security, and the safe handling of IT systems to ensure that they understand and comply with applicable data protection regulations. This training occurs at least once a year and whenever updates or changes are made.
  • We have implemented an incident management system that enables us to respond quickly in the event of data loss or a security incident. This includes a procedure for notifying affected individuals and authorities in accordance with legal requirements.

E.2          PROCEDURE FOR NOTIFYING DATA BREACHES

If a data breach occurs despite all security and precautionary measures, we will notify the relevant supervisory authority within 72 hours in accordance with Art. 33 of the GDPR. According to the internal security protocol, the report will be made by the management and the data protection officer in compliance with the formal requirements of the relevant supervisory authority. If the data breach also affects users, you will be promptly informed via email.

E.3          sTORAGE OF INFORMATION AND RETENTION PERIOD

We store information as long as necessary to provide you and others with the services and to comply with legal obligations regarding the further retention of said information. Information about your account is generally retained until it is no longer needed to provide the services or until your account is deleted or becomes inactive. In making these decisions, we consider the scope, nature, and sensitivity of the personal information, the purposes for which the information is processed, whether we can achieve these purposes through other means, and the applicable legal provisions.

After you delete your account, it may take up to 30 days to remove all your personal information and system logs from our systems.

E.4          USERS IN THE USA

If you are a US citizen, you unfortunately cannot use BeFaster.fit. Once we expand into the US market, we will announce this through our social media channels. Please also refrain from attempting any technical solutions, hacks, or other means to obtain the app.

 

F.       UPDATES TO THE PRIVACY POLICY

BeFaster.fit reserves the right to modify this Privacy Policy at any time. If we make changes to this privacy statement, we will post the revised privacy statement along with its effective date on this website. If we make changes that we deem to be material, we will provide prominent, advance notice. If you object to any changes to this Privacy Policy, you should stop using the Services and delete your account.

G.     ANNEX

In some jurisdictions, there are special regulations to which we refer here.

G.1          ANNEX 1 – INFORMATION FOR RESIDENTS OF TURKEY ACCORDING TO THE TURKISH PERSONAL DATA PROTECTION LAW NO. 6698 (“TPDPL”)

If you are a resident of Turkey, this section applies to you in addition to our Privacy Policy.

G.1.1             REMINDER REGARDING THE CONTROLLER

We hereby state that there is no Turkish BeFaster.fit branch. Furthermore, we declare that BeFaster.fit Limited, 4 Vincenzo Dimech Road, Floriana FRN 1504, Malta, registered under number C 95624, is considered the controller under this Privacy Policy. BeFaster.fit Limited thus acts as the collector, gatherer, and processor of the data.

G.1.2            INFORMATION ABOUT THE DATA PROTECTION OFFICER

Since the term “Data Protection Officer” is not defined in the TPDPL, it does not apply in Turkey. However, you can contact us via email at the accountmanagement@befaster.fit.

G.1.3            METHODS AND LEGAL BASES FOR DATA COLLECTION

We are only allowed to collect and further process your personal data if we have a legal basis for processing in accordance with Articles 5 and 6 of the TPDPL (including the necessity of processing personal data of the parties to a contract, provided that it is directly related to the establishment or fulfillment of the contract, and the necessity of processing personal data for the pursuit of the legitimate interests of the controller, provided that this processing does not violate the fundamental rights and freedoms of the data subject). We collect personal data, in accordance with the TPDPL, wholly or partially through automated means/methods that are part of the data collection system.

G.1.4            YOUR RIGHTS

Except for the circumstances specified in Article 28 of the TPDPL titled “Exceptions,” you, as the data subject, have the following rights under Article 11 of the TPDPL when you contact BeFaster.fit:

  • to learn whether your personal data is processed or not – this partially corresponds to the right of access, as described in the Privacy Policy, and can be enforced accordingly;
  • if your personal data is processed, to obtain information about this processing – this partially corresponds to the right of access, as described in the Privacy Policy, and can be enforced accordingly;
  • to learn the purpose of processing your personal data and whether they are used for the intended purposes – this partially corresponds to the right of access, as described in the Privacy Policy, and can be enforced accordingly;
  • to know to whom your personal data is disclosed both domestically and abroad – this partially corresponds to the right of access, as described in the Privacy Policy, and can be enforced accordingly;
  • to request the rectification of incomplete or inaccurate personal data – this corresponds to the right to rectification, as described in the Privacy Policy, and can be enforced accordingly;
  • to request the deletion or destruction of your personal data in accordance with the provisions of the law and its regulations – this corresponds to the right to deletion, as described in the Privacy Policy, and can be enforced accordingly;
  • to request notification of the operations carried out pursuant to the last two points – you will always receive this information when you have requested rectification or deletion;
  • to object to the solely automated processing of your personal data that has adverse effects on you – this partially corresponds to the right to object, as described in the Privacy Policy, and can be enforced accordingly;
  • to demand compensation for damages incurred due to the unlawful processing of your personal data.

G.1.5            CONTACT INFORMATION OF THE LOCAL DATA PROTECTION AUTHORITY IN TURKEY

Kişisel Verileri Koruma Kurumu, Nasuh Akar Mahallesi, 1407. Sok. No: 4,, 06520 Çankaya / Ankara

 

G.2         ANNEX 2 – INFORMATION ABOUT THE PROCESSING OF PERSONAL DATA UNDER THE KOREAN PERSONAL INFORMATION PROTECTION ACT (“PIPA”)

If you are a resident of the Republic of Korea, this section applies to you in addition to our Privacy Policy. According to the PIPA, we must delete all personal data, i.e., your user account, if you are inactive for more than 1 year. We consider you active if you log into our products, open them, or record or import an activity. The deletion of personal data at BeFaster.fit is done by completely removing the personal reference or by completely deleting the relevant data from all our systems.

Your Rights: In addition to the rights described under Your Rights Regarding Personal Data, you are entitled to demand compensation for damages incurred due to a violation of the PIPA by BeFaster.fit.

G.3         ANNEX 3 – INFORMATION ON THE PROCESSING OF PERSONAL DATA UNDER THE BRAZILIAN GENERAL DATA PROTECTION LAW (LEI GERAL DE PROTEÇÃO DE DADOS, “LGPD”)

Whenever personal data is processed to enable our app, website, or other services in Brazil, or if you are located in Brazil at the time your personal data is collected, the LGPD applies. Overall, the provisions of the LGPD are very similar to those of the GDPR. However, there are minor deviations and additions that are explained in this annex. Consequently, this annex serves as a supplement to the information in our Privacy Policy and applies where the LGPD is relevant.

G.3.1            LEGAL BASES

The LGPD recognizes the exercise of rights in judicial, administrative, or arbitration proceedings and the protection of credit as legitimate legal bases for data processing. Please note that we may also process your personal data in addition to the legal bases mentioned in the processing purpose and legal basis for data processing sections of the Privacy Policy, if necessary for the exercise of our rights in judicial, administrative, or arbitration proceedings involving you and us or for the protection of credit, as applicable.

G.3.2           TYPES OF PROCESSING ACTIVITIES WE CONDUCT

For the purposes mentioned in the processing purpose and legal basis for data processing sections of the Privacy Policy, we perform all necessary processing activities. These include: collection, storage, sorting, querying, matching, displaying, extracting, and arranging. We may also access, view, and evaluate your personal data, for instance, to assess your success in a particular challenge, in connection with support services, or to ensure compliance with our terms of use. Furthermore, we may anonymize personal data and, upon your request, delete, block, or correct it.

G.3.3           LOCATION OF PROCESSING

Your personal data will be processed outside of Brazilian territory and therefore transmitted there. Since we do not have data centers or other data processing facilities in Brazil, this is necessary for all purposes described in the processing purpose and legal basis for data processing sections of the Privacy Policy.

G.3.4           CONTACT / DATA PROTECTION OFFICER

If you have any questions about data protection, the handling of your personal data, or your rights as a data subject, you can contact us at any time by sending an email to the address provided in the Privacy Policy or by writing to our mailing address. Our Data Protection Officer, Frank Schulze, and the team will attend to your inquiry.

G.3.5           RESPONSIBILITY FOR DATA PROCESSING

BeFaster.fit is responsible for all processing activities conducted under our Privacy Policy. BeFaster.fit is also responsible when certain processing activities are carried out by contractors of BeFaster.fit on behalf of BeFaster.fit. These contractors are referred to as data processors and are contractually obligated to process your personal data strictly according to our instructions. They must ensure strict data security standards, may not share your data without our instruction, and are required to cease processing personal data immediately upon termination of the contract.

If you connect with the service of one of our partners and export personal data from our app to these services, the respective partner offering the service will be responsible for data processing from the point of export.

G.3.6           YOUR RIGHTS

Regarding your data processed by BeFaster.fit under the LGPD, you have the following rights, which you can enforce as described in the Privacy Policy or as indicated below:

  • Confirmation of the existence of processing – this partially corresponds to the right to information as described in the Privacy Policy and can be enforced accordingly;
  • Access to personal data – this partially corresponds to the right to information as described in the Privacy Policy and can be enforced accordingly;
  • Correction of incomplete, incorrect, or outdated personal data – this corresponds to the right to correction as described in the Privacy Policy and can be enforced accordingly;
  • Anonymization, blocking, or deletion of unnecessary or excessive personal data or of personal data that has not been processed in accordance with the provisions of the LGPD;
  • Portability of personal data to another service provider or product provider, upon express request, in accordance with the regulations of the national authority and maintaining business and operational secrets – this corresponds to the right to data portability as described in the Privacy Policy and can be enforced accordingly;
  • Deletion of personal data that has been processed without any legal basis other than your consent;
  • Information about public and private entities with which we have shared personal data;
  • Information about the possibility of refusing consent to data processing and the consequences of such refusal;
  • Withdrawal of consent for the processing of personal data.

Please note that the rights listed are not absolute rights. In individual cases, the exercise of these rights may conflict with the rights or obligations of BeFaster.fit or third parties.

G.4         ANNEX 4 – INFORMATION ON THE PROCESSING OF PERSONAL DATA UNDER THE DATA PRIVACY ACT OF THE REPUBLIC OF THE PHILIPPINES OF 2012

If you are a resident of the Republic of the Philippines, this section applies to you as a supplement to our Privacy Policy.

In addition to the rights described under Your Rights Regarding Personal Data, you are entitled to seek compensation for damages caused by the processing of inaccurate, incomplete, outdated, incorrect, unlawfully obtained data, or the unauthorized use of personal data by BeFaster.fit.

G.5         G.5 ANNEX 5 – INFORMATION ON THE PROCESSING OF PERSONAL DATA UNDER THE PERUVIAN DATA PROTECTION LAW (“PDPL”)

If you are a resident of Peru, please be aware that at the time of publishing this Privacy Policy, we do not have a valid registration with the Peruvian authority. Once we receive the registration code, we will publish it and announce this fact through our social media channels. Until this occurs, we kindly ask you as a Peruvian citizen to refrain from creating a BeFaster.fit account.