The protection of your personal data is of particular concern to us at La La Love. Therefore, we comply with the legal requirements when we collect and process your personal data. Below you will find extensive information about the scope and purpose of collecting data.
In principle, our website can be used without providing personal data. The use of individual services and offers [in short ‘La La Love Apps’]) on our website and in our apps can entail divergent regulations which in this case are explained separately below. The legal basis for data protection can be found in the General Data Protection Regulation (GDPR).
When you access our website or Apps, some information, such as IP address, is transferred. You are also providing information about the end device used (computer, smartphone, tablet etc.), the browser used (Internet Explorer, Safari, Firefox etc.), time of visit to the website, the so-called referrer and volume of data transferred.
We cannot use this data to identify an individual user. We only use this information to determine how attractive our offers are and to improve their performance or content, if necessary, and make their design even more appealing to you.
Please bear in mind, however, that in the case of a static IP address, personal identification is possible by RIPE query in individual cases, although we do not perform this. Nevertheless, this website is accessible for both static and dynamic IP addresses assigned.
We only collect personal data if you provide it to us, for example when you contact us, in particular by registering a La La Love account, placing an order, requesting information or publishing personal data in our La La Love Apps in your profile or in the feed.
We use the personal data you provide only to the extent that your data is necessary for rendering or processing our services.
We store your data for as long as is necessary to achieve the intended purpose or until you delete your account or for as long as legal retention periods require data to be stored. Your data is subsequently deleted in accordance with legal requirements or processing is restricted.
In the case of use purely for information, i.e. if you do not register or send us information another way, we only collect personal data which your browser transfers to our servers. If you want to view our website, we collect the following data, which we require for technical purposes in order to show you our content and guarantee stability and security (legal basis is a legitimate interest pursuant to Article 6 (1) (f) GDPR).
In the context of the balance of interests in accordance with Article 6 (1) (f) GDPR, we have considered and weighed up our interest in website provision and your interest in data protection compliant processing of your personal data. As the data below is technically required for the provision of our service in order to offer you our website and also guarantee stability and security, in particular protection against misuse, we have reached the conclusion that, with a state-of-the-art oriented data security guarantee, this data can be processed whereby appropriate consideration will be given to your interest in data protection compliant processing.
Data | Purpose of processing | Storage period |
---|---|---|
Operating system used | Ensure evaluation by device and optimized display of the website | Indefinite |
Information about the browser type and version used | Evaluation of the browser used to optimize our websites for it | Indefinite |
IP address | Presentation of the website on the respective device Investigation and prevention of fraud Proof of user’s consent to receiving the newsletter | |
Date and time of visit | Presentation of the website on the respective device Investigation and prevention of fraud Proof of user’s consent to receiving the newsletter | |
If applicable, manufacturer and model of the smartphone, tablet or other device | Evaluation of device manufacturers and types of mobile end devices for statistical purposes | Indefinite |
The collection of data for website provision and the storage of data in log files is imperative for website operation. Consequently, users may not object to this.
Using our login system, you can create a La La Love account for yourself that you can use to log in to all of our services. In the process, we use cookies – small files – on your browser in order to identify you. All data that you save to your account is stored at a La La Love GmbH database at Lothstrasse 5, 80335 Munich. Some of our services are only accessible if you have set up your La La Love account. We will request the following data when registering (some of it is required). In addition, you must take note of our Data Protection Statement, as well as accept our General Terms and Conditions of Business and Withdrawal Policy.
Data | Purpose of processing | Legal basis of processing | Storage period |
---|---|---|---|
First name | Direct address & presentation | Performing the contractual relationship | Up to 30 days after deletion of the customer account |
Last name | Direct address & presentation | Performing the contractual relationship | Up to 30 days after deletion of the customer account |
Email address | Customer account identification | Performing the contractual relationship | Up to 30 days after deletion of the customer account |
Password | Customer account identification | Performing the contractual relationship | Up to 30 days after deletion of the customer account |
IP address at login | Data transfer at registration to web server | Performing the contractual relationship | Indefinite |
Gender* | Suitable user experience | Consent | Up to 30 days after deletion of the customer account |
Coach personalization* | Suitable user experience | Consent | Up to 30 days after deletion of the customer account |
Profile photo* | Direct address & presentation | Consent | Up to 30 days after deletion of the customer account |
* Optional information
Name of provider | Provider type | Data transfer to third party country | Third party country | Guarantees in acc. with Art. 44 ff GDPR |
---|---|---|---|---|
Amazon Web Services | Order processor | No | - | - |
You need a La La Love account in order to use our La La Love Apps. The data collected for this purpose has already been explained above. To provide you with the best La La Love experience possible, our approach is partly based on publishing specific information relating to our users within the La La Love community, i.e. even your information. We are going to introduce our program to you in more detail below so that you can decide for yourself whether and which data you want to publish. This introduction includes the following data in particular which is visible to other users:
Data | Purpose of processing | Storage period |
---|---|---|
Profile | Presentation and interaction in the community | Up to 30 days after deletion of the customer account |
Name of provider | Provider type | Data transfer to third party country | Third party country | Guarantees in acc. with Art. 44 ff GDPR |
---|---|---|---|---|
Amazon Web Services | Order processor | No | - | - |
Within the framework of our La La Love Apps it is improtant to meassure the distance between you and your match. For this purpose, we need access to location data. This data allows us to calculate distances covered at the relevant time and thereby correctly determine the end for predefined distances or determine distances covered.
Data | Purpose of processing | Legal basis of processing | Storage period |
---|---|---|---|
Location data | Determination of position Location-based information | Consent | Up to 30 days after deletion of the customer account |
Match city | Interaction in the community | Consent | Up to 30 days after deletion of the customer account |
Name of provider | Provider type | Data transfer to third party country | Third party country | Guarantees in acc. with Art. 44 ff GDPR |
---|---|---|---|---|
Amazon Web Services | Order processor | No | - | - |
We require these access options and information to ensure the technical function of our app and to provide the services offered with the app, in particular to access your camera or your photos, to determine your running distances and your activity calories or to send you push notifications to inform you about new followers or comments. During the installation procedure or before you use the app for the first time, we request permission to access individual functions and information. We will only access these functions with your approval. You can revoke access rights manually in the settings for each operating system. You can find out how this works in the manufacturer instructions for your mobile OS. However, please note that you can only use the app to a limited extent or you cannot use it at all without the relevant approval.
Before you use the app for the first time, we will request the following permissions for the purpose described below:
Permission | Purpose |
---|---|
Camera | Taking photos for profile/feed |
Photo library | Selection of photos for profile/feed |
Location tracking | Calculation of running distance, statistical analysis |
Delivery of push notifications | Receipt of push notifications |
Mobile data/WLAN (granted by the operating system) | Use of Internet and downloading of new content |
* Optional information
We require your consent if you wish to receive our push notifications on your mobile iOS device even if the app is not open. Our app only uses push notifications if you have given your explicit consent to these. You can disable push notifications in settings at any time. If you use an Android device, push notifications are permitted automatically unless you disable this in your settings.
Name of provider | Provider type | Data transfer to third party country | Third party country | Guarantees in acc. with Art. 44 ff GDPR |
---|---|---|---|---|
Amazon Web Services | Order processor | No | - | - |
Google Firebase | Order processor | Yes | USA | EU standard contractual clauses EU/US Privacy Shield |
Braze Inc. | Order processor | Yes | USA | EU standard contractual clauses EU/US Privacy Shield |
Data | Purpose of processing | Legal basis of processing | Storage period |
---|---|---|---|
Device token | Sending to your device | Consent | Until revocation of consent |
User data that are also accessible in your public profile | Direct approach | Consent | Until revocation of consent |
* Optional information
We require your consent if you wish to receive our push notifications for marketing purposes on your mobile iOS device even if the app is not open. Our app only uses push notifications for marketing purposes if you have given your explicit consent to these. You can disable push notifications in settings at any time. If you use an Android device, push notifications are permitted automatically unless you disable this in your settings.
Name of provider | Provider type | Data transfer to third party country | Third party country | Guarantees in acc. with Art. 44 ff GDPR |
---|---|---|---|---|
Amazon Web Services | Order processor | No | - | - |
Google Firebase | Order processor | Yes | USA | EU standard contractual clauses EU-US Privacy Shield |
Braze Inc. | Order processor | Yes | USA | EU standard contractual clauses EU-US Privacy Shield |
Data | Purpose of processing | Legal basis of processing | Storage period |
---|---|---|---|
Device token and other device information | Transfer to your device | Consent | Until revocation of consent |
User data | Direct approach | Consent | Until revocation of consent |
Campaign information | Direct approach | Consent | Until revocation of consent |
* Optional information
You can subscribe to our newsletter if you want to receive regular updates or information about topics and products that are referred to in the declaration of consent.
We need a valid email address for you for subscription purposes.
The provision of other separately highlighted data is voluntary and will be used in order to address you personally. This will only happen if you give separate consent.
To make doubly sure that you actually want to receive information from us, we use the double opt-in procedure. Once you have subscribed, you will receive a link by email which you can use to activate the newsletter service. In other words, we will send an email to the address given when you subscribed in which we ask for confirmation that you want to receive the newsletter. If you do not confirm your subscription, your data will not be saved in our email dispatch tool. In addition, we save your IP address and dates of newsletter subscription and confirmation. The purpose of this procedure is to verify your subscription and, where appropriate, shed light on any misuse of your personal data.
Naturally, you can unsubscribe from the newsletter at any time. The unsubscribe link can be found in the masthead of every email or in your profile settings.
Email addresses collected when registering for a La La Love account (via our app or our website) are used for direct marketing of our own and similar products and services (the La La Love Coach in particular). If you no longer wish to receive direct marketing, you can refuse to allow the use of your email address at any time. The unsubscribe link can be found in the masthead of every email or in your profile settings. Alternatively, you can send us an email to [support@lalalove.app]support@lalalove.app.
Data | Purpose of processing | Legal basis of processing | Storage period |
---|---|---|---|
Email Address | Contact for direct marketing | Possibility of direct advertising according to the Act Against Unfair Competition (UWG) | Until objection/cessation of the legal requirements |
We use cookies to improve our web service and make your use as easy as possible. Cookies are small text files which are saved on your computer when you visit our website. They facilitate the repeated allocation of your browser. Cookies save information, such as your language settings, duration of the visit to our website or the entries you made there. This means that the required data does not need to be entered again each time the service is used. Moreover, cookies help us to recognize your preferences and adjust our website to your areas of interest.
Most browsers accept cookies automatically. If you want to prevent cookies from being saved, you can select the ‘Accept no cookies’ option in your browser settings. To find out exactly how this works, you can consult your browser manufacturer’s instructions. You can delete cookies that have already been saved on your computer at any time. Please bear in mind, however, that our website service can only be used to a limited extent without cookies.
Moreover, every time our website is loaded, we record how often it is visited and clicked on by using tags on our website, so-called tracking pixels, likewise without any interference and intervention for your computer.
We use the Google Analytics service from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) to analyze our website visitors. Google uses cookies to track the use of the online product or service by users and the information is generally transferred to a Google server in the USA and stored there.
Google will use this information on our behalf to evaluate the use of our online products and services by users, to compile reports on the activities within these online products and services and to provide us with further services associated with the use of these online products and services and the use of the internet. Pseudonymous user profiles can be created from the processed data.
We use Google Analytics only with IP anonymization enabled. This means that Google will truncate the IP address of users within Member States of the European Union or in other states that are party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. The IP address transmitted by the user’s browser is not merged with other Google data. Users can prevent cookies from being stored by adjusting the settings to their browser software accordingly.
The legal basis for the use of this service is Art. 6 paragraph 1 sentence 1 letter f GDPR. Users can prevent the collection of data generated by cookies by downloading and installing the browser plug-in that is available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en. Google is certified under the Privacy Shield Agreement and thus guarantees compliance with European data protection legislation (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active)
If you do not wish to be tracked by Google Analytics in the future, you can opt out at any time by writing an email to support@lalalove.app.
Data in the context of tracking | Purpose of processing | Legal basis of processing | Storage period |
---|---|---|---|
Device-related data such as device type model, operating system, browser type and version | Improvement of website for device groups | Legitimate interest | until revocation |
Usage-related information such as geographic location, language and pages visited | Improvement and performance tracking of website | Legitimate interest | until revocation |
We use the Firebase service from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) in order to derive application behavioral analytics. We use that information to see how users interact with our website and app.
Firebase is part of the Google Cloud Platform and offers numerous services for developers. A list can be found here: https://firebase.google.com/terms/. Some Firebase services process personal data. In most cases, the personal data is limited to so-called "instance IDs", which are provided with a time stamp. These "Instance IDs" assigned by Firebase are unique and thus allow the linking of different events or processes. This data does not represent personally identifiable information for us, nor do we make any efforts to personalize it subsequently. We process these aggregated data to analyze and optimize usage behavior, for example by evaluating crash reports.
Currently, we use the following Firebase services:
Google Analytics for Firebase: Google Analytics uses the data to provide analytics and attribution information. The precise information collected can vary by the device and environment. You can find more information via this link: https://support.google.com/firebase/answer/6318039. Google Analytics retains ID-associated data for 60 days, and retains aggregate reporting and campaign data without automatic expiration, unless the Firebase customer changes their retention preference in their Analytics settings or deletes their project.For Analytics for Firebase, Google uses not only the "Instance ID" described above, but also the advertising ID of the end device. You can restrict the use of the advertising ID in the device settings of your mobile device. For Android: Settings > Google > Ads > Reset Ad ID For iOS: Settings > Privacy > Advertising > No ad tracking
Firebase Remote Config: Remote Config uses Instance IDs to select configuration values to return to end-user devices. Firebase retains Instance IDs until the Firebase customer makes an API call to delete the ID. After the call, data is removed from live and backup systems within 180 days.
Firebase Dynamic Links: Dynamic Links uses device specs on iOS to open newly-installed apps to a specific page or context. Dynamic Links only stores device specs temporarily, to provide the service.
Firebase Cloud Messaging: Firebase Cloud Messaging is used to transmit push messages or so-called in-app messages (messages that are only displayed within the respective app). A pseudonymized push reference is assigned to the mobile device, which serves as a target for the push messages or in-app messages. The push messages can be deactivated and reactivated at any time in the settings of the mobile device. Firebase Cloud Messaging uses Instance IDs to determine which devices to deliver messages to. Firebase retains Instance IDs until the Firebase customer makes an API call to delete the ID. After the call, data is removed from live and backup systems within 180 days.
Firebase will use this information on our behalf for the above mentioned reasons.
The legal basis for the use of this service is Art. 6 paragraph 1 sentence 1 letter f GDPR. Google is certified under the Privacy Shield Agreement and thus guarantees compliance with European data protection legislation https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active
When using our website and apps, data is collected and stored which is used to generate information using pseudonymous usage profiles for purposes of web analysis. These usage profiles serve to analyze visitor behavior and are evaluated to improve and design our services based on demand. In addition, we measure and analyze technical performance data (e.g. response and load times) and application data (hardware and software used) in order to improve the performance of our products. Cookies are used to do so. These are text files saved on your computer that allow us to analyze how you use our website. The pseudonymous usage profiles are not associated with personal data on the bearer of the pseudonym without the concerned party's express consent. You can object to future data collection and storage for the purpose of web analysis at any time by deactivating cookies in your browser settings. You can find the individual privacy notices for the providers here:
Name of provider | Provider type | Data transfer to third party country | Third party country | Guarantees in acc. with Art. 44 ff GDPR | Storage period |
---|---|---|---|---|---|
Sentry.io 132 Hawthorne St San Francisco, CA 94107 USA | Order processor | Yes | USA | EU Standard Contractual Clauses EU-US Privacy Shield | 6 weeks |
Affected data category | Purpose of processing | Legal basis of processing |
---|---|---|
IP address (only for troubleshooting)(not applicable for Logentries) | Improvement of website design and quality | Legitimate interest |
La La Love user ID | Improvement of website design and quality | Legitimate interest |
Device-related data such as device type, model, operating system, browser type and version | Improvement of website design and quality | Legitimate interest |
Usage-related information such as geographic location, language, pages visited | Improvement of website design and quality | Legitimate interest |
Installation UUID | Improvement of website design and quality | Legitimate interest |
Crash trace (not applicable for Logentries) | Improvement of website design and quality | Legitimate interest |
You can apply to our company using electronic means.
Obviously, we will use your information only to process your application and not pass it on to third parties.
Please note that e-mails sent without encryption are not access-protected. Unfortunately, we do not currently offer encryption for e-mail applications. However, encrypted transfer of your application is possible via our applicant portal.
You can apply to our company online via our applicant portal. Your online application will be sent directly to the HR department via an encrypted connection and obviously treated confidentially.
Your personal data will be deleted at the end of the application process, either immediately or after no more than six months, unless you have given us your explicit consent for longer storage of your data.
We only pass your personal data on to third parties if:
In the case of data transfer outside the European Union, the high European level of data protection essentially does not exist. It may be the case with a transfer that an EU Commission adequacy decision in accordance with Article 45 (1) (3) GDPR is not currently in place. This means the EU Commission has not yet decided that the level of data protection in the respective country corresponds to the level of protection in the European Union based on the GDPR. Consequently, we have put the appropriate guarantees referred to above in place. Potential risks, which cannot be ruled out completely in connection with data transfer, are in particular:
Each data subject has the right of access in accordance with Article 15 GDPR, the right to rectification in accordance with Article 16 GDPR, the right to erasure in accordance with Article 17 GDPR, the right to restriction of processing in accordance with Article 18 GDPR, the right to object in Article 21 GDPR and the right to data portability in Article 20 GDPR. The limitations according to Articles 34 and 35 BDSG apply to the right of access and to the right to erasure.
You also have the right to lodge a complaint with the competent data protection authority about our processing of your personal data.
You can withdraw your consent with us to process personal data at any time. This also applies to withdrawals of a declaration of consent that were given to us before the General Data Protection Regulation came into effect, i.e. before May 25, 2018. Please note that this withdrawal will only apply prospectively. This does not affect processing that took place prior to a withdrawal.
You have the right pursuant to Article 21 (2) GDPR to object to the processing of personal data concerning you. In the event that you object to processing for direct marketing purposes, we will no longer process your personal data for this purpose. Please note that this withdrawal will only apply prospectively. This does not affect processing that took place prior to a withdrawal.
If we process your personal data based on a balance of interests, you can object to such processing. If you exercise this right to object, please state the reasons why we should not process your data as we have described. If your objection is justified, we will review the situation and either stop or adjust data processing or explain our compelling legitimate reasons for processing to you.
Our website may contain links to the websites of other providers. Please note that this Data Privacy Statement applies only to the website of byFate. We have no influence on or control over the compliance of other providers with applicable data protection regulations.
We reserve the right to amend or adjust this Data Privacy Statement at any time subject to compliance with applicable data protection regulations.
Alternatively, you may contact our external data protection officers at any time if you have any questions regarding the collection, processing or use of your personal data or in the case of access, rectification, blocking or erasure:
Personal/Confidential
Data controller | Controller's data protection officer |
---|---|
byFate GmbH Lothstraße 5 80335 Munich Germany E-Mail: support@lalalove.app represented by Managing Director Andrej Matijczak | byFate GmbH Data Protection Officer Luisenstraße 66 80798 Munich Germany E-Mail: support@lalalove.app |