This Privacy Policy was posted on April 20, 2018 and is effective for new and existing users of sanSirro GmbH websites, applications, and offline activities, on May 20, 2018.

Other Important Notes about this policy:

  • For users based in the EEA, additional terms and conditions will apply, as set forth under the heading Country/Region-Specific Disclosures.
  • For users from Indonesia, Malaysia, Philippines, Singapore and Thailand, please click here for your language options and country-specific websites.
    Read MoreShow Less

sanSirro GmbH Privacy Policy

Effective: May 20, 2018

BY USING THE SERVICES, YOU CONSENT TO THE COLLECTION, USE AND TRANSFER OF YOUR PERSONAL DATA FOR PROCESSING IN THE UNITED STATES AS DESCRIBED IN THIS PRIVACY POLICY. END USERS FROM OUTSIDE THE US ARE ENCOURAGED TO
Read More

sanSirro GmbH Services, and all associated Services and systems, including registration, is housed on servers in the United States. If you are located outside of the United States, please be aware that information we collect (including cookies and device data) will be processed and stored in the United States, a jurisdiction in which the data protection and privacy laws and principles, including your data subject rights, may not offer the same level of protection as those in the country/region where you reside or are a citizen. By using our Services and providing information to us, you consent to the transfer to and processing of the information in the United States and, unless otherwise stated in this Privacy Policy, we use this consent as the legal ground for that data transfer. When collecting your Personal Data on our Fitness and Wellness services, you may be asked for your explicit consent to this data transfer as part of account creation.

Please read this Privacy Policy carefully, as your access to and use of the Services signifies that you have read, understand and agree to all terms within this Privacy Policy. If you do not agree with any part of this Privacy Policy or our Terms, please do not access or continue to use any of the Services or otherwise submit your Personal Data.

Note to Residents of the European Union: In order to comply with the requirements of the European General Data Protection Regulation (GDPR) for our European consumers and users, this Privacy Policy outlines the legal basis on which we process your Personal Data and provides other information required by the GDPR. Further country/region specific information for our European consumers and users is outlined in the Country/Region-Specific Disclosures section.

Who We Are

We also provide certain services related to volunteer action and grants through the WeWill.city website.

Information About Your Personal Data

This Privacy Policy relates to data about you, your devices, and your interaction with our Services.

"Personal Data" is information that can be used to identify you, directly or indirectly, alone or together with other information. This includes things such as your full name, email address, phone number, precise location, device IDs, certain cookie and network identifiers, and "Fitness and Wellness Data."

sanSirro GmbH collects, uses, discloses and processes Personal Data as outlined in this Privacy Policy, including to operate and improve the Services and our business; for advertising and marketing; and to provide you with innovative fitness and wellness services, as further described in this Privacy Policy.

We may create de-identified or anonymous data from Personal Data by excluding data components (such as your name, email address, or linkable tracking ID) that makes the data personally identifiable to you, through obfuscation, or through other means. Our use of anonymized and de-identified data is not subject to this Privacy Policy.

How We Collect and Use Personal Data

We collect your Personal Data in a number of ways and for various purposes, including:

  1. When you register for an account or interact with our Services.
    Read More

    We collect Personal Data when you use or interact with our Services, including when you register with us, browse our products online, obtain coaching and training services, make purchases from us (including processing of payment), and when you ask us to customize apparel, products, or Services. This Personal Data may include name, address, phone number, username and password, email address, date of birth, payment information and Location Data. "Location Data" means either approximate location or, with your consent, precise location. We use this data to create your account, enable your activity within our Services, and to provide the services generally, including to develop, enhance, and improve our Services and your experience. We also use this data for internal purposes related to certain research, analytics, innovation, testing, monitoring, customer communication, risk management, and administrative purposes.

  2. When you input Fitness and Wellness Data within our Services or use our Services that collect or infer such data from mobile device sensors.
    Read More

    "Fitness and Wellness Data" includes data you provide related to your lifestyle (e.g., sleeping habits), life events, dietary restrictions, fitness goals, height, weight, measurements, fitness level, heart rate, sleep data, BMI, biometric data, and similar types of data relating to physiological condition, and activity. We collect this data in order to provide the Services and to tailor features, products, advertising, and services to your interests and goals, including providing meal suggestions, workout plans, training- and coaching-related services, and product recommendations (e.g., custom products).

  3. When you use or interact with a wearable or other connected device.
    Read More

    We also collect Personal Data, including Fitness and Wellness Data, when you use a device that is connected to the Internet, such as heart rate monitors, activity trackers, and other devices or wearables that are not personal computers or mobile phones or tablets. When you use a wearable or connected device or product, we may also collect certain information about the device or product such as serial number, Bluetooth address, UPC, or other device- or purchase-related information.

    Note on Apple HealthKit Data
    Read More
    You can choose to connect and share your information with HealthKit and your HealthKit information with sanSirro GmbH. The information you provide to HealthKit is then governed by the Apple Terms and Conditions and Privacy Policy. The unique information you choose to send from HealthKit is not used by sanSirro GmbH for marketing and advertising or transferred by sanSirro GmbH to third parties for marketing and advertising.
  4. When you give us permission to collect Location Data.
    Read More
    We may collect precise Location Data as part of the functionality of our Services, such as to provide route maps, route tracking, geographically relevant Services, offers, or ads, weather information, and to conduct analytics to improve the Services. We may collect precise Location Data in several ways, such as through your wireless carrier, based on WiFi access point location, via Bluetooth beacons, through a connected device, or directly from the device on which you use the Services. If you choose to purchase apparel or products with specially embedded hardware to track the movement or location of the apparel or product, these technologies may also enable collection of precise Location Data. If you are accessing the Services through one of our mobile applications, the way we collect precise Location Data will differ depending on your mobile device's operating system. In all events, we do not collect precise Location Data, unless you have "allowed" its collection. If you decline to allow Location Data collection in the app, we will not collect your precise Location Data unless you manually enter it in.
  5. When you communicate with us or sign up for promotional materials.
    Read More

    We collect Personal Data when you communicate with us or sign up to receive promotional materials or information via email, push notifications, or text messages - including email address, mobile number, WeChat ID, etc.

    If you consent to such messages, we may use your Personal Data and other information to communicate with you about the sanSirro GmbH products or Services you have purchased or used; provide you with promotional messages and personalized advertising; to notify you of other products; to notify you of contests, challenges, sweepstakes, and other promotions ("Promotions"); to notify you of Services we think may be of interest to you; and, for other marketing purposes. You can manage your communication preferences by registering for and logging into your account.

    Please note that regardless of your email settings, we may send you notifications pertaining to the performance of our Services, such as revision of our Terms or this Privacy Policy or other formal communications relating to products or Services you have purchased or use.

    We may use your Personal Data to respond to your requests for technical support, online services, product information or to any other communication you initiate. This includes accessing your account to address technical support requests. We may also use your Personal Data to address your requests, inquiries, and complaints.

  6. When you participate in special activities, offers, or programs.
    Read More

    We may request or otherwise collect Personal Data, including Fitness and Wellness Data when you participate in Promotions, when you participate in surveys, or when you participate in research activities or initiatives, including for academic, commercial, wellness-related and community planning (e.g., bike trail) analysis, and research study purposes ("Research"). This includes Personal Data, such as name, address, email address, telephone number and age and other information that may be appropriate in order to participate. If you win a Promotion, we also may need to collect certain tax information, waivers and releases, depending on the prize.

    We may also launch surveys that ask you to answer questions about a range of topics from Personal Data to brand and product preferences. Promotions or surveys may be run by an sanSirro GmbH service provider or co-branded with one of our business partners. In such instances, Personal Data may be collected directly by and/or shared with sanSirro GmbH, the service provider, and/or business partner, including for marketing purposes. Each Promotion or survey that treats your Personal Data in a way that differs from this Privacy Policy will state the privacy policy governing that collection of information in connection with that Promotion or survey.

  7. When you engage with our online communities or advertising.
    Read More
    We may collect your Personal Data when you engage with our online communities. This includes when you click on advertisements, interact with our social media pages, submit content, leave reviews, or otherwise enter information into comment fields, blogs, message boards, events, and other community forums sponsored by or affiliated with sanSirro GmbH. Please note that our community forums are public, so we recommend that you exercise care in deciding what information and content you wish to disclose.
  8. When you access third party products and services.
    Read More
    We may allow you to register and pay for third-party products and services or otherwise interact with another website, mobile application, or Internet location (collectively "Third Party Sites") through our Services, and we may collect Personal Data that you share with Third Party Sites through our Services. When we do so, we will inform you of the further details of how we use your Personal Data.
  9. When you connect with us through social media.
    Read More
    You may choose to enable, log into, or sign on to the Services through various social media or social networking services, such as Facebook, WeChat, or Twitter ("Social Networking Service" or "SNS"). When you connect using your SNS accounts, we may collect Personal Data that you have provided to that SNS. For example, when you log in with your Facebook credentials, with your consent, we may collect Personal Data from your Facebook profile that is permitted under Facebook's Terms of Use - such as your email address, profile picture, and friend list. We use this data to provide, enhance, and personalize the Services (e.g., to help connect you with or suggest friends within our Services). If you do not want to provide us with this data, you need to adjust the privacy settings on your SNS account.
  10. When we collect data from third parties or publicly-available sources.
    Read More
    We may obtain certain data about you from third party sources to help us provide and improve the Services and for marketing and advertising. We may combine your Personal Data with data we obtain from our Services, other users, or third parties to enhance your experience and improve the Services, such as providing you with a single point of sign on for our Services and/or building an account dashboard letting you understand how to access and control all the Services you use from a single page.
  11. When we leverage and/or collect cookies, device IDs, Location, data from the environment, and other tracking technologies.
    Read More
    We may collect certain Personal Data using cookies and other technologies such as web beacons, device IDs, advertising IDs, geolocation, HTML5 local storage, Flash cookies, and IP addresses. We specifically use browser cookies for different purposes, including cookies that are strictly necessary for functionality and cookies that are used for personalization, performance/analytics, and advertising. Our Cookie and Device ID Use section contains more information and options to control or opt-out of certain data collection or uses.
  12. When we track you in Store.
    Read More
    For certain sanSirro GmbH owned or operated stores and outlets, we use video cameras and WiFi sensors and cameras for in-store analytics. Specifically, these technologies are used to determine the number of unique visitors, in-store traffic patterns, and shelf interest. Video image data is not permanently stored. Although we may use a third party vendor to perform these services, in-store image and WiFi data are not shared with any other third parties for their own purposes and are not used to personally identify you except for fraud and loss prevention and to prevent or investigate instances of suspected wrongdoing or potential criminal activity as permitted by law.
  13. When we aggregate or centralize data.
    Read More
    We aggregate and centralize Personal Data and Fitness and Wellness Data for purposes of analytics, innovation, and to provide enhanced services to our customers and end-users.
  14. When we link you to friends across platforms.
    Read More
    Some of our services consist of social sharing and communication with others. We use your Personal Data to enable sharing as described in the service, including to enable you to find and link to friends on other sanSirro GmbH platforms.
  15. When you take fitness tests or assessments; share content or achievements; or invite friends.
    Read More
    We use video data you provide to us and phone sensor data in order to estimate joint flexibility measurement, angles of motion, real-time fitness potential, and to assess your physical movement. We use this data to provide instructional videos, instructional feedback, coaching, and training services. With your permission, we access your contacts and calendar to enable you to share content or achievements, including videos, with friends or other members, and to invite friends to use the Services.
  16. When we provide you geographically relevant Services, offers, or advertising.
    Read More
    Where you have provided consent to process your precise Location Data, we may use such data to provide you with Services, offers or advertising that are relevant to your location.
  17. When you ask us to customize apparel, products, or Services.
    Read More
    We use photos, videos, or other data you provide to us to customize apparel, products, or Services.
  18. When we comply with Legal Requirements or Obligations, Law Enforcement, and for Public Safety Purposes ( Country/Region-Specific Disclosures may apply).
    Read More
    We may use Personal Data in order to comply with laws, regulations, court orders, or other legal obligations or to assist in an investigation, to protect and defend our rights and property, or the rights or safety of third parties, to enforce our Terms of Use, this Privacy Policy, or agreements with third parties, or for crime-prevention purposes.
  19. When you participate in our Wewill.City initiatives.
    Read More
    Giving back to our communities is a core part of the sanSirro GmbH ethos. Our WeWill.City initiative started as a United States initiative in 2017. The only personal data collected for volunteering is your email address and name. When you participate, your data is not disclosed for purposes of advertising or marketing.
    Read More

    At this time, WeWill.City only operates in the United States. For grant applications, additional categories of information about you or the organization requesting the grant may be required or collected, including but not limited to additional contact information (e.g., name, phone number, email and street address), financial information (e.g., taxpayer identification number, budget information), and track record data.

    We provide your Personal Data-your name and email address-to Volunteer Organizations and entities that coordinate Volunteer Activities or volunteer participation with Volunteer Organizations. The site may share, or prompt you to share, information with our volunteer partners. If you provide information to one of our volunteer partners, the collection, use, and sharing of your information will be governed by that organization's privacy policy. We currently work with VolunteerMatch to provide volunteer opportunities. Its privacy policy can be found here.

    Personal Data Used for Grant Purposes. If you or your organization is applying for a grant, we may share the information provided with third parties to process the grant request, to vet the individuals or entities involved, and to make any determination or evaluation that is either necessary or helpful in order to respond to or act upon the grant request.

    Personal Data Not Used for Marketing or Advertising. The WeWill.City service does not use your Personal Data for marketing or advertising purposes. If in the future we wish to use your Personal Data for marketing or advertising purposes, we will first obtain your explicit consent.

How We Disclose Personal Data

We may disclose your Personal Data for the purposes as described in the prior section of this Privacy Policy, in the Country/Region-Specific Disclosures section, and in the following ways:

  1. To Affiliates and Partners
    Read More

    With companies or ventures that are owned or controlled by sanSirro GmbH, and internally within sanSirro GmbH, in order to provide and improve Services, for marketing purposes, and for advertising.

  2. To Service Providers and Vendors.
    Read More
    With business partners, marketing partners, and vendors to provide, improve, and personalize the Services.
  3. To Social Network Providers.
    Read More
    With social network providers when we use social network widgets, buttons, or plug-ins in our Services.
  4. To other Users/sanSirro GmbH Registered Users.
    Read More
    With other users in the context of specific Services that are social in nature. In these cases, we disclose social data and certain Fitness and Wellness Data by default because the service being provided is one of social interaction. Additionally, any information you post or disclose in our community forums (for example, Facebook, WeChat, YouTube, Twitter, or other sponsored pages on the MyFitnessPal Blog) is public.
  5. For Advertising and Marketing.
    Read More

    With advertising and marketing partners for advertising and marketing purposes on sanSirro GmbH's behalf and on behalf of third parties, including Facebook, Baidu, and WeChat.

    In addition, with your consent, we may share your precise Location Data with Third Parties for on and off platform personalization and curated marketing and advertising purposes.

  6. For Certain Analytics and Improvement
    Read More
    With certain companies for purposes of analytics and improvement of the Services.
  7. For Interest-Based Advertising.
    Read More
    With companies involved in interest-based advertising, including web, mobile app and other advertising. This advertising consists of sanSirro GmbH and third party ads that are personalized and displayed on our sites and apps and through other channels. Advertising also includes personalized ads from the sanSirro GmbH family of companies displayed on Third Party Sites and apps and through other channels. For more information on how data is disclosed for advertising see Interest-Based Advertising .
  8. For Legal Compliance, Law Enforcement, and Public Safety Purposes (Country/Region-Specific Disclosures may apply).
    Read More
    With law enforcement, government or regulatory bodies, lawful authorities, or other authorized third parties in order to comply with laws, regulations, court orders, or other legal obligations or to assist in an investigation, to protect and defend our rights and property, or the rights or safety of third parties, to enforce our Terms of Use, this Privacy Policy, or agreements with third parties, or for crime-prevention purposes.
  9. In the event of an actual or contemplated sale. (Country/Region-Specific Disclosures may apply).
    Read More

    With prospective or actual purchasers, investors, or successor entities in connection with a contemplated reorganization or an actual reorganization of our business, in connection with financing, a sale, or other transaction involving the disposal of all or part of our business or assets, including for the purpose of permitting the due diligence required to decide whether to proceed with a transaction, pursuant to assurances of sufficient data handling practices and safeguards.

    Residents of the European Economic Area. Our disclosure is limited to situations where we are permitted to do so under applicable European and national data protection laws and regulations.

A list of types of companies with whom we share data is available here.

This section addresses the legal basis for processing your data if you reside outside the United States (within the United States, you typically provide consent when you receive notice of this Privacy Policy in a website link or mobile app). Some processing is addressed in multiple sections because more than one legal basis may apply depending on the circumstances or service.

For the purposes of applicable data protection laws, sanSirro GmbH, Inc. is the controller of the Personal Data you provide to us ("Data Controller"). As a Data Controller, we process the Personal Data we maintain about you in accordance with this Privacy Policy. If you have any questions or concerns regarding the processing of your Personal Data, or if you have questions regarding this Privacy Policy, please see our Country/Region-Specific Disclosures for appropriate contact information.

Note for Residents of the European Union: For more information on the Legal Basis for processing see the EEA Country/Region-Specific Disclosures.

We collect and process your Personal Data for a variety of purposes outlined in this Privacy Policy. In certain cases, separate consent is not required, including:

  1. For the performance of a contract
    Read More
    To perform our contractual obligations to you, including account registration, fulfilling orders or purchases you have made (including processing of payment), contacting you in relation to any issues with your order, in relation to the provision of the Services, including when you use or interact with a wearable or other connected device and in relation to location-based Services (including to provide you geographically relevant Services), to connect you with friends across platforms, when you take fitness tests or assessments, share content or achievements, or invite friends, when you ask us to customize apparel, products, or Services, where we need to provide your Personal Data to companies or ventures that are owned or controlled by sanSirro GmbH and to our service providers, where we need to collect Personal Data from third party sources and when you access third party products and services, where we collect data from third parties or publicly-available sources, or to aggregate and centralize data for the performance of the Services
  2. To meet legal obligations
    Read More
    To comply with laws, regulations, court orders, or other legal obligations or to assist in an investigation.
  3. For Legitimate Interests
    Read More

    To operate our business and provide the Services, other than in performing our contractual obligations to you for sanSirro GmbH's "legitimate interests" for the purposes of applicable law - except where overridden by the interests or fundamental rights and freedoms that require protection of Personal Data.

    For example, the following areas include processing covered by Legitimate Interests, subject to applicable law:

    • Communication. To communicate with you regarding the Services, including to provide you important notices regarding changes to our and also to address your requests, inquiries, and complaints. We may send strictly necessary communications, including emails, even if you have opted out of receiving other sanSirro GmbH emails or communications. These types of communications do not require consent. We also process your Personal Data for our legitimate interests when you communicate with us, including when you sign up for promotional materials and we have not asked you for your consent in that regard.
    • Respond to Your Requests. To respond to your requests for technical support, online services, product information or to any other communication you initiate. This includes accessing your account to address technical support requests.
    • Promotional Messages. We process your non-sensitive Personal Data to provide you with promotional messages and personalized marketing, including: when you communicate with us or sign up for promotional materials; when you participate in special activities, offers, or programs; when you engage with our online communities or advertising; to provide you geographically relevant Services, offers, or advertising; when we aggregate and centralize data; and when we share Personal Data with companies or ventures that are owned or controlled by sanSirro GmbH and with our service providers and vendors.
    • Surveys. To send you surveys in connection with our Services, unless commercial in nature. In those cases, a survey request may be sent to you if you have given us your consent to receive marketing from us.
    • Compliance with Law and Public Safety . To assist in the investigation of suspected illegal or wrongful activity, including in-store tracking and sharing information with other entities for fraud, loss, and crime prevention purposes. To protect and defend our rights and property, or the rights or safety of third parties.
    • Improvement and Development. To develop, provide, enhance, and improve our Services and your experience, including to enable you to use the full range of our Services (e.g., processing of non-sensitive Personal Data related to your use or interaction with a wearable or other connected device; in-store tracking; when you access third party products and services; when we collect, use, or otherwise leverage cookies, device IDs, Location Data, data from the environment, and other tracking technologies; when you connect with us through social media; when we collect data from third parties or publicly-available sources; when we aggregate and centralize data; and when we share Personal Data with companies or ventures that are owned or controlled by sanSirro GmbH and with our service providers and vendors). For internal purposes related to certain research, analytics, innovation, testing, monitoring, customer communication, risk management, and administrative purposes.
    • Enforcing Terms and Notice. To enforce our Terms or this Privacy Policy, or agreements with third parties.
    • Merger or Acquisition. (Country/Region-Specific Disclosures may apply). To support a contemplated reorganization or an actual reorganization of our business, in connection with financing, a sale, or other transaction involving the disposal of all or part of our business or assets, including for the purpose of permitting the due diligence required to decide whether to proceed with a transaction.

Consent as a Basis for Processing

In some cases, we will ask for your consent to process your Personal Data. You may indicate your consent in a number of ways, including, as permitted by law, ticking a box (or equivalent action) to indicate your consent when (i) providing us with your Personal Data through our Services or a form (including enrolling in Promotions); or (ii) registering or creating an account with us. Due to different countries' laws governing consent for the collection and use of Personal Data, the requirements for consent will differ across regions. We may request your consent for a number of activities including:

  1. sanSirro GmbH Marketing and Communication.
    Read More
    We may ask for your consent to contact you by telephone, SMS/text message, WeChat, and/or email about other offers, products, Promotions, events, or services that we think may be of interest to you and for other marketing purposes.
  2. Sharing with Third Party Services.
    Read More
    We may also ask for your consent to share your Personal Data with certain Third Party business partners in order to offer certain goods, services, or programs. To withdraw consent, please go to the preferences of the specific third party service or app.
  3. Third Party Marketing.
    Read More
    We may ask for your consent to provide Personal Data to allow third parties to contact you regarding their products, services, Promotions, or offers. Typically this is in conjunction with a sweepstakes or challenge (your consent for third party marketing is generally not a pre-requisite to participation. To withdraw consent, please go to the preferences of the specific third party
  4. Collecting Mobile Device IDs, Advertising IDs, and Data from Sensors.
    Read More
    When you use our mobile apps we may ask for your consent to collect these (this consent may be captured at the operating system level). To change your consent status for this data please go to the preferences of the specific service or app. If you choose not to provide this information, certain Services features may be unavailable or not function properly.
  5. Processing Sensitive Personal Data.
    Read More
    We may request your consent to process sensitive Personal Data. Certain Websites or Mobile Apps may require this data to provide the Services, including when you use or interact with a wearable or other connected device, and when you take fitness tests or assessments. If you choose not to provide sensitive Personal Data (for example, specific kinds of Fitness and Wellness Data), certain features or Services may be unavailable or not function properly.
  6. Collecting and Sharing Location Data.
    Read More

    We may request your consent to collect your precise Location Data. Our Services may require this data to provide the Services. If you choose not to provide this information, certain Services features may be unavailable or not function properly. Location Data may be used to display your live location and movement and may also recognize when you have entered an sanSirro GmbH store or sanSirro GmbH section and to provide you with tailored information, advertising about products and services.

    In addition, we may request your consent to share your precise Location Data with Third Parties for on and off platform personalization and curated marketing and advertising purposes.

  7. Research.
    Read More
    We may request your consent to use your Personal Data for Research purposes. We may also request your consent to contact you to determine your interest to participate in certain Research initiatives and to share identifying results. For market research, we may ask questions on behalf of business partners and share your response with business partners.
  8. Advertising.
    Read More
    We use cookies, pixels (including email pixels), mobile device and advertising IDs, Location Data, Fitness and Wellness Data, app or service usage data and data from sensors for purposes of interest-based and cross-app, cross-device advertising. The consent for which may be managed at the operating system level.
  9. Transfer of Data.
    Read More
    We transfer data to the United States and to other countries for processing. We may request your consent for this transfer or the transfer, in other cases, may be justified by a legal basis other than consent.
  10. Automated Processing.
    Read More

    We may use some automated processing to provide our Services and to make recommendations in the context of specific services. This processing is strictly necessary for providing certain Services (and, in some cases, is the service itself) and is not covered by consent. Other automated processing is not significant either due to the nature of the data or the decisions being made or recommended, and so consent is not required. However, for automated processing that is significant and related to sensitive Personal Data, prior to sharing or using such data, we will first seek your consent.

    For the subset of automated processing included in ad profiling for ad targeting, you can change your consent status (for website services) by turning advertising cookies off as outlined in in our Cookie and Device ID Use section. For mobile apps, you can change your consent status by activating your Limit Ad Tracking or equivalent setting as described in our Cookie and Device ID Use section.

  11. To Enable Social Sharing and Connect with Us on Social Media.
    Read More

    Some of our services consist of social sharing and communication with others. If you sign up for these services, we may ask for your consent to use your information to enable sharing as described in the service.

    We may also ask for your consent when you connect with us through Social Media.

  12. Promotions.
    Read More
    We may ask you for permission to use your Personal Data and Fitness and Wellness Data for special offers, events, sweepstakes, and other Promotions. We may use the Personal Data we collect during Promotions, to administer the Promotion, verify identity and age, and to communicate with you about the Promotion.

Social Sharing Settings

Within our Services there are four sharing settings: Private, Share with Friends, MyFitnessPal Members Only (only available within MyFitnessPal), and Public. sanSirro GmbH apps are designed for your wellness and fitness benefit. As such, you are able to control what Personal Data you share and with whom you share it. We encourage you to adjust the sharing settings to best meet your objectives and sharing comfort level. In the interest of safeguarding your Personal Data, we have outlined some initial default sharing settings.

Default Sharing Settings

  • "Physical Stats" are set as Private. "Private" means not shared with friends or other members. You can change this default status for some of your physical stats. Information that is "Private" by default includes, for example, your height, weight, BMI, and heart rate.
  • "Activity Stats" are set as Share with Friends. "Share with Friends" means visible to your friends, but not shared with other members. You can change this default status if you want. Information that is set as "Share with Friends" by default includes, for example, your workouts, steps, routes, friends challenges, and friendships.
  • Community Social Data is set as Public. "Public" means visible to all others using the service. For example social posts where you have set your account up as "Follow" (in app and on the websites), community forums, public challenges (challenges set up by sanSirro GmbH), and photos.
  • Lookup Information is set as Public. We believe that social motivation helps you achieve your goals faster and allowing your friends to be able to find you is crucial to this experience. Therefore, your first and last name, location, gender, username, main fitness activity, and profile picture are set as Public. If you set your entire account as Private, your lookup data will no longer be available for your friends to find you (unless you otherwise indicate that desire within the Services).

Changing Your Sharing Preferences

Details on how to update your sharing preferences and the default settings for our Services are outlined within the sharing standard.

Note: When you share information from our Services externally with a SNS, the information you post is governed by their privacy policy and settings.

Interest-Based Advertising

Interest-based advertising is advertising that is targeted to you based on your web browsing and app usage over time and across websites or apps. Our advertising practices also include the creation and use of "audience segments." You have the option to restrict the use of information for interest-based advertising and to opt-out of receiving interest-based ads. Depending on where you access our website from, you may also be asked to consent to our use of cookies, including advertising cookies. Additional information on Audience Segments and our choices for interest- based advertising is found below.

  • Audience Segments
    Read More

    We disclose various types of information for purposes of interest-based advertising, including for third party, interest-based advertising. This processing includes the use of Personal Data to create de-identified audience segments. These audience segments are then made available for interest-based advertising, including for third party advertising, on sanSirro GmbH online properties. The audience segments are based on website visits, app usage data, Fitness and Wellness Data, online and offline purchasing behaviours, interaction with our ads or marketing emails, similar types of information, and in some cases, data from third parties. The segments, prior to being used, are de-identified so that they will not identify you personally.

    United States Note: The audience segments are made available for interest-based advertising for third party advertising on sanSirro GmbH online properties and on and within third party websites and apps. We use one or more safe haven entities and partners to de-identify segments before sharing these segments for third party advertising displayed on online properties operated by entities other than sanSirro GmbH. We use a third party to match de-identified segments to targeting IDs that are then used on third party sites.

  • Interest-Based Advertising Opt Outs, Choices, and Control
    Read More

    For all of the interest-based advertising described above, including segments, you have the choice to not have your data used to target and serve you interest-based advertising-including third party advertising-regardless of where such ads might be served. These opt-outs require that strictly necessary cookies are not blocked by the settings in your web browser. We support the Self-Regulatory Principles for Online Behavioral Advertising of the Digital Advertising Alliance in the US, the Canadian Digital Advertising Alliance in Canada, and the European Digital Advertising Alliance in the EU. If you live in the United States, Canada, or the European Union, you can visit Ad Choices (US), Your Ad Choices (Canada), or Your Online Choices (EU) to find a convenient place to opt-out of interest-based advertising with participating entities for each region. These websites also provide detailed information about how interest-based advertising works. Opting out does not mean that you will no longer receive advertising from us, or when you use the Internet. It just means that the data collected from our website will not be used for interest-based advertising and that the advertising you see displayed on websites will not be customized to your interests.

    Mobile Apps. You may opt out of interest-based advertising on mobile devices by activating the "Limit Ad Tracking" or equivalent feature offered by your mobile platform. It will transmit a signal to us and to third-parties that indicates your data should not be used for interest-based advertising.

    Our Cookie and Device ID Use section provides additional options for controlling the use of particular kinds of cookies, including advertising cookies. You may use our "advertising cookies" toggle in these settings to prohibit the collection and use of Personal Data in cookies for interest-based advertising.

You may at any time withdraw your consent with future effect and without affecting the lawfulness of processing of your Personal Data based on the consent you provided before you withdrew it, and exercise other controls regarding website and online data collection, interest-based advertising, your communication settings, and app preferences. Depending on the Service, collection and use of Personal Data may be required for the Services to work.

We provide you several ways to manage your preferences:

  • Cookie Use and Controls
    Read More

    Cookies serve a wide variety of purposes. Cookies are pieces of data stored in your web browser that are transmitted to websites to remember your browser over time and distinguish it from other users. Cookies are used to remember your shopping cart and personalize your web experience and for security, analytics, marketing, and interest-based advertising. Our cookies are placed and read by our web servers, while other cookies are placed and read by other companies' web servers. Information on specific cookies is found on our website via the AdChoices link. You can block and control cookies using the information noted in this section. If you block all cookies, certain functionality on our website will not work.

    One way to think about cookies is based on their function. The following settings will control our use of browser cookies, the use of IP address for tracking, and the collection and use of data for cookie-based, interest-based advertising.

    • [ IN ] Required Cookies. These strictly necessary cookies are used for core functionality, and recognize when you are signed in, remember things such as shopping carts and text entered, are necessary for security, and enforce your privacy preferences. Without these cookies, some functionality on our websites will fail. You can block these cookies in your browser preferences.
    • [ IN / OUT ] Functional Cookies. These cookies help to improve the sites by allowing us to understand how the site is used and how the site performs. These cookies include analytics and measurement.
    • [ IN / OUT ] Advertising Cookies. These cookies help us and other parties personalize ads that are shown to you on our sites and Services, as well as on other sites. If enabled, these cookies will allow third parties engaged in interest-based advertising on our site to recognize your browser software on other sites too.
  • IP Address Use
    Read More

    An IP address refers to an identifier assigned by a network to a computer, mobile device, Internet of Things (IoT) device, or routing device. IP addresses, for purposes of this Privacy Policy, include "public" IP addresses, such as the IP address for a home router that is visible to the Internet, as well as "local" IP addresses, which are IP addresses assigned to computers and mobile devices "behind" a router (such as a home router). Our advertising and analytics partners may use IP addresses to group or correlate devices for purposes of analytics, security and anti-fraud purposes, interest-based advertising, ad targeting, ad attribution, and limiting ad frequency.

    You can choose not to have IP address used for purposes of advertising or analytics by using the cookie controls for "Advertising Cookies," and "Performance/Analytics," above.

  • Web Pixels or Beacons Use
    Read More
    Pixels are extremely small image files that, when loaded by your web browser, cause the browser to make a network request to the party corresponding to the pixel. If that party's cookies are currently stored in your browser, those cookies will be transmitted with the request. Beacons can be used on web pages for advertising or to confirm the opening of a marketing email. When used in conjunction with cookies for interest-based-advertising, the cookie controls above can be used to control the purpose for which they are used.
  • HTML5 Local Storage
    Read More
    HTML5 Local Storage in the browser is different from cookies, but can be used for the same purpose (to pair a tracking ID to a particular web server with your web browser so that the web server can identify your web browser over time). You can control the purpose for which HTML5 Local Storage is used by using the cookie controls outlined above.
  • Flash Cookie Use
    Read More
    Flash cookies are "local shared objects" used by Flash player to store data, similar to cookies. Although Flash content is declining in use, we may still use Flash on our sites. If you have Flash installed, and wish to delete, block, or manage Flash cookies, please use the Flash settings panel made available by Adobe.
  • Social Network Interaction and Widgets
    Read More
    Social network widgets, buttons, and plug-ins on our websites passively transmit data regarding a social network's members to that social network, even when a button is not clicked. These technologies may allow a social network (such as Facebook, Twitter or YouTube) to personally identify its members and to know the web pages its members have visited. This is true wherever social network buttons are embedded, regardless of whether a button is "clicked" or "pressed." If you belong to a social network or use these categories of web services, you should review the privacy policies of those services to understand the nature of the data that they collect and what, if any, options the service offers to control how data is collected and used. If you disable advertising cookies, the passive tracking associated with these buttons will be blocked on our sites.
  • Mobile Device Advertising IDs, Location, Sensor Data, and In-Range Device Data Use
    Read More

    Our mobile apps and our Services may transmit Device IDs, Location Data, and data from sensors to us and our partners, including our advertising partners.

    Device IDs include IDs associated with your mobile device carrier such as IMEI, MEID, IMSI; platform-specific IDs such as Android ID, Google AID, and Apple's IDFA; and IDs that are part of your device hardware, such as WiFi MAC address, and serial number. Exactly which Device IDs are transmitted can depend on your mobile device platform and the version of your operating system.

    Location Data. Our apps and Services transmit precise Location Data. Location Data may be obtained from GPS services, cell tower triangulation, or known location of nearby WiFi access points.

    Sensor and In-Range Device Data. Our apps and Services may also collect Device IDs and network addresses (including IP addresses, MAC addresses, and SSIDs) from other, in-range or networked devices and WiFi Access Points. Our apps and Services may also collect information about altitude, air pressure, change in position.

    How We Use Mobile Device Data. We may use Device IDs, coarse location and Location Data, and data from sensors, including the local network, (together with app usage data and Fitness and Wellness Data) for strictly necessary purposes; improving our apps and analytics; personalization and preferences; and cross-app, cross-device, interest-based advertising.

  • Withdraw Your Consent for Use of Your Mobile Device IDs and Location Data for Analytics and Advertising
    Read More
    Activating the "Limit Ad Tracking," "Opt out of Ads Personalization," or equivalent setting from your mobile device will transmit a signal to us and any third parties that we use (the signal will apply to all of our mobile apps running on that device). When that signal is received by sanSirro GmbH or third parties, it communicates your choice to not have device IDs or Location Data used for purposes of advertising or analytics. We honor the signal and require that our third party advertising and analytics partners do the same.
    To the extent our mobile apps personalize functionality for you, you can change these settings within the app, or reset to defaults by deleting and reinstalling the app.
  • Other Ways to Manage Your Location Services
    Read More
    You can also turn off the transmission of precise Location Data by turning off those services using your mobile device's built-in settings. Turning off location may cause some of our Services not to work.
  • Change Consent Settings for Communication Preferences
    Read More

    Consent for Email Communication: After signing up for email communications, you can choose to unsubscribe using the unsubscribe link in any commercial email we send. If you use more than one Service, then unsubscribing from the emails relating to that Service will not stop you from receiving emails from other Services. Please note that if you unsubscribe from "all emails" this means "all emails other than strictly necessary emails." You will still receive email communications from us if they are strictly necessary to provide the sanSirro GmbH service or to confirm or validate a transaction, recover accounts, etc.


    Opt-In Mobile Text Messages: You can opt-in to receive promotional, marketing, and special offer text messages from sanSirro GmbH. Text messages are auto-dialed and consent to text messages is not required for any purchase or service. You can opt-out of marketing by sending STOP to the number following the directions sent back to you when you sign up.



    Mobile Push Notifications: You can manage the type of push notifications you receive from sanSirro GmbH by modifying the settings within the sanSirro GmbH Service. For more information on how to update your push notification settings for our Services please visit here. You may also set your mobile device settings to not allow push notifications from us.

Transfers of Your Personal Data to Other Countries

The Personal Data sanSirro GmbH processes, and all associated Services and systems, including registration, is housed on servers in the United States. If you are located outside of the United States, please be aware that Personal Data we collect will be processed and stored in the United States (the data protection and privacy laws in the United States may offer a lower level of protections than in your country/region).

By using our Services and submitting your Personal Data, you agree to the transfer, storage, and/or processing of your Personal Data in the United States. Where and as required, we will seek your explicit consent as outlined in this Privacy Policy.

Data Retention

We will retain your Personal Data for as long as you maintain an account or as otherwise necessary to provide you the Services. We will also retain your Personal Data as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

Where we no longer need to process your Personal Data for the purposes set out in this Privacy Policy, we will delete your Personal Data from our systems.

Where permissible, we will also delete your Personal Data upon your request. Information on how to make a deletion request can be found here.

If you have questions about our data retention practices, please contact us through our Support Team.

Security

We implement appropriate technical and organizational safeguards to protect against unauthorized or unlawful processing of Personal Data and against accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Personal Data. Please be advised, however, that we cannot fully eliminate security risks associated with the storage and transmission of Personal Data.

Links to Other Websites. Please note that this Privacy Policy does not apply to the practices of companies that we do not own or control or to people that we do not employ or manage. Our Services may provide a link or otherwise provide access to Third Party Sites. We provide these links merely for your convenience. We have no control over, do not review, and are not responsible for Third Party Sites, their content, or any goods or services available through the Third Party Sites. Our Privacy Policy does not apply to Third Party Sites, and any data you provide to Third Party Sites, you provide at your own risk. We encourage you to review the privacy policies of any Third Party Sites with that you interact with.

Children

We do not knowingly collect Personal Data online from children under 13 (note that the minimum age may vary based on country/region, and on local law). If you become aware that a child has provided us with Personal Data without parental consent, please contact us through our Support Team. If we become aware that a child under 13 has provided us with Personal Data without parental consent, we will take steps to remove the data and cancel the child's account.

How to Contact Us

If you have any questions, comments, or concerns about how we handle your Personal Data, then you may contact us through our Support Team or write to us at:

sanSirro GmbH, Inc.
Stangersdorf Gewerbegebiet 110
A-8403
Lebring, Austria

You can also go to our Country/Region-Specific Disclosures to find a contact for the Data Protection Officer in your region, if applicable.

Country/Region-Specific Disclosures

  1. Residents of Australia

    Read More

    sanSirro GmbH takes steps to keep your Personal Data accurate and up to date. If you reside in Australia, you may request access to or correction of the Personal Data that we have collected about you. To access your Personal Data, please contact us through our Support Team or at the address listed above. We may charge for this service and will respond to reasonable requests as soon as practicable, and in any event, within the time limits prescribed by law.

    If you have any complaints regarding how we handle your Personal Data, please contact our Support Team or write to us at the address above with a detailed description of the complaint. UA responds to complaints as soon as practicable, and in any event, within the time limits prescribed by law.

  2. Residents of China

    Read More
    1. How To Contact Us
      2. If you have any questions, comments, or concerns about how we handle your Personal Data, please contact our Support Team, or write or call us at:

    2. Data Transfer
      3. Principally, Personal Data collected in China will be stored within China. However, we provide Services through resources and servers located globally (including the United States), which means your Personal Data may be transferred to or accessed within another country/region outside of China. The data protection and privacy laws and principles in those countries/regions may not offer the same level of protection as those in China. Under those circumstances, sanSirro GmbH will continue to protect your Personal Data in a manner consistent with what is expected under Chinese law (e.g., we will obtain your consent to transfer your Personal Data, or de-identify the Personal Data before transfer).
    3. Withholding information
      4. You may choose not to provide sanSirro GmbH with your Personal Data. However, if you choose not to provide your Personal Data, you may not be able to enjoy the full range of Services.

  3. Residents of the European Economic Area

    Read More
    1. If you elect not to provide personal data
      2. You may choose not to provide sanSirro GmbH with your Personal Data. However, if you choose not to provide your Personal Data, you may not be able to enjoy the full range of Services.
    2. How to exercise your rights
      3. sanSirro GmbH takes steps to keep your Personal Data accurate and up to date. If you reside in the European Economic Area, you have certain rights to the Personal Data that we have collected about you. To exercise your rights to your Personal Data, please contact us through our Support Team or at the address listed below. Subject to applicable law and in exceptional circumstances only, we may charge for this service and we will respond to reasonable requests as soon as practicable, and in any event, within the time limits prescribed by law.

      You have the following rights:
      • Right of access to your Personal Data (Art. 15 GDPR): You have the right to ask us for confirmation on whether we are processing your Personal Data, and access to the Personal Data and related information on that processing (e.g., the purposes of the processing, or the categories of Personal Data involved).
      • Right to correction (Art. 16 GDPR): You have the right to have your Personal Data corrected, as permitted by law.
      • Right to erasure (Art. 17 GDPR): You have the right to ask us to delete your Personal Data, as permitted by law. This right may be exercised among other things: (i) when your Personal Data is no longer necessary for the purposes for which it was collected or otherwise processed; (ii) when you withdraw consent on which processing is based according to Art. 6 (1) (a) or Art. 9 (2) (a) GDPR and where there is no other legal ground for processing; (iii) when you object to processing pursuant to Art. 21 (1) GDPR and there are no overriding legitimate grounds for the processing, or when you object to the processing pursuant to Art. 21 (2) GDPR; or, (iv) when your Personal Data has been unlawfully processed.
      • Right to restriction of processing (Art. 18 GDPR): You have the right to request the limiting of our processing under limited circumstances, including: when the accuracy of your Personal Data is contested; when the processing is unlawful and you oppose the erasure of your Personal Data and request the restriction of the use of your Personal Data instead; or when you have objected to processing pursuant to Art. 21 (1) GDPR pending the verification whether the legitimate grounds of sanSirro GmbH override your grounds.
      • Right to data portability (Art. 20 GDPR): You have the right to receive the Personal Data that you have provided to us, in a structured, commonly used and machine-readable format, and you have the right to transmit that information to another controller, including to have it transmitted directly, where technically feasible.
      • Right to object (Art. 21 GDPR): You have the right to object to our processing of your Personal Data, as permitted by law. This right is limited to processing based on Art. 6 (1) (e) or (f) GDPR, and includes profiling based on those provisions, and processing for direct marketing purposes. After which, we will no longer process your Personal Data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.
    3. How we may disclose your Personal Data

      The GDPR and national laws of European Union member states implementing the Regulation permit the sharing of Personal Data relating to users who are residents of the European Economic Area with third parties only under certain circumstances. If you reside in the European Economic Area, we will only share your Personal Data as described in our Privacy Policy under the heading "How We Disclose Personal Data" if we are permitted to do so under applicable European and national data protection laws and regulations.

    4. Health Data

      Some Fitness and Wellness Data that we collect -namely, the amount of hours an Athlete sleeps and his or her heart rate measurements-may be considered personal health data under the GDPR and its interpretation by the European data protection supervisory authorities if recorded over a longer period of time. We use Athlete sleep data to help you track your sleep patterns over time, coach you on improving your sleep habits, and help you better understand how your sleep may be impacting your performance as you strive to meet your fitness and wellness objectives. Two types of heart rate measurements may be captured via certain devices that integrate and operate with our Services - your resting heart rate (RHR) and the heart rates you generate during your workouts. This heart rate data is designed to provide you with additional information that you can incorporate into your evaluation of your progress toward your fitness and wellness objectives; it should not, however, be considered professional medical advice and is not intended to be used for diagnostic purposes.

    5. sanSirro GmbH Privacy Shield Statements

      6. sanSirro GmbH Inc. has self-certified that it complies with the EU-U.S. Privacy Shield Framework ("Privacy Shield") and the Swiss-U.S.- Privacy Shield regarding the collection, use, and retention of Personal Data from European Union member states and Switzerland.

      sanSirro GmbH Inc.'s Privacy Shield certifications do not extend to the sanSirro GmbH connected fitness apps (e.g., the certifications do not cover data collected using any of the MapMyFitness, UA Record, Endomondo, or MyFitnessPal apps). We have implemented other mechanisms to legitimize transfers of Personal Data from the sanSirro GmbH apps to the United States.

      For EU and Swiss Personal Data received in the United States under the Privacy Shield, sanSirro GmbH has certified that it adheres to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability. If there is any conflict between the standards of this Privacy Policy and the Privacy Shield Principles, the Privacy Shield Principles govern. To learn more about the Privacy Shield program, please visit the US Department of Commerce Privacy Shield website. To view our certification page, please visit the Privacy Shield List.

      Under the Onward Transfer Principle, we may remain liable for the processing of European Personal Data that we transfer to our third party agents or service providers. In some instances, we may also be required to disclose Personal Data to comply with valid requests from public authorities, including for national security or law enforcement purposes.

      In compliance with the Privacy Shield, sanSirro GmbH commits to resolve your complaints concerning data privacy and our collection or use of your Personal Data. We welcome you to bring any concerns directly to us through our Support Team. Eligible unresolved privacy complaints related to violations of the Privacy Shield Principles can be reported to JAMS, an alternative dispute resolution provider located in the United States and Canada. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed by sanSirro GmbH, please visit https://www.jamsadr.com/eu-us-privacy-shield for information on how to file a complaint with JAMS.

      Note that if your complaint is not resolved through either a direct interaction with sanSirro GmbH, or JAMS, under limited circumstances, a binding arbitration option may be available before a Privacy Shield Panel.

      For the purposes of enforcing compliance with the Privacy Shield, sanSirro GmbH is subject to the investigatory and enforcement powers of the United States Federal Trade Commission.

    6. Marketing communications

      7. Where we are legally required to do so, we ask you for your prior consent before providing you with promotional materials or information. When required by local law, when marketing consent is obtained, we use the double-opt-in method (confirmation of your email address by email before sending you promotional messages) in order to verify your consent. You may revoke your consent at any time (this will not affect the processing of your Personal Data undertaken until the revocation). If you want to stop receiving promotional materials, etc., you can do so at any time as outlined in the Change Consent Settings for Communication Preferences section.

    7. Additional use of Personal Data

      8. Additional use of your Personal Data that is not described in this Privacy Policy will only take place as required by statute or when we have obtained your consent.

    8. Legal Basis for Processing under the GDPR
      9. In this section we provide information on the legal basis for our processing of your Personal Data as required by Art. 13 and 14 of the GDPR:
      • When you register for an account or interact with our Services, such processing is necessary for the performance of our Services, Art. 6 (1) (b) GDPR.
      • When you input Fitness and Wellness Data within our Services: For sensitive data (including health data and biometric data) as defined in the GDPR, we process such data on the basis of your prior consent, Art. 9(2)(a) GDPR.
      • When you use or interact with a wearable or other connected device.
        • For sensitive data (including health data and biometric data) as defined in the GDPR, we process such data on the basis of your prior consent, Art. 9(2)(a) GDPR.
        • For non-sensitive Personal Data which we need in order to perform the Services, such processing is necessary for the performance of our Services, Art. 6 (1) (b) GDPR.
        • With regard to other non-sensitive Personal Data, we process such data on the basis of our legitimate interest, Art. 6 (1) (f) GDPR, and our legitimate interest is to enhance our Services.
      • When we collect precise Location Data following your prior consent, we process such data on the basis of your prior consent, Art. 6(1)(a) GDPR. In other cases where we process your Location Data without consent, for example in order to provide our Services, such processing is necessary for the performance of our Services, Art. 6 (1) (b) GDPR.
      • When you communicate with us or sign up for promotional materials, we process such data on the basis of our legitimate interest, Art. 6 (1) (f) GDPR, and our legitimate interest is to provide you with our promotional messages. Where we are required under applicable local law to obtain your consent for sending you marketing information, the legal basis is your consent, Art. 6(1)(a) GDPR.
      • When you participate in special activities, offers, or programs.
        • For sensitive data (health data) (including health data or biometric data) as defined in the GDPR, we process such data on the basis of your prior consent, Art. 9(2)(a) GDPR.
        • For non-sensitive Personal Data, we process such data on the basis of our legitimate interest, Art. 6 (1) (f) GDPR, and our legitimate interest is to provide you with our promotional messages or to allow you to participate in our special activities, offers or programs.
      • When you engage with our online communities or advertising and we actively collect your Personal Data in this context, we process such data on the basis of our legitimate interest, Art. 6 (1) (f) GDPR, and our legitimate interest is to provide you with our promotional messages.
      • When you access third party products and services and we obtain Personal Data about you from such third party sources:
        • For Personal Data that we need in order to perform the Services (e.g. if you pay for third party products through our Services), (e.g. if you pay for third party products through our Services), such processing is necessary for the performance of our Services, Art. 6 (1) (b) GDPR.
        • With regard to other Personal Data, we process such data on the basis of our legitimate interest, Art. 6 (1) (f) GDPR, and our legitimate interest is to enhance your experience and to improve our Services.
      • When you connect with us through social media:
        • Where we collect your consent in such case, for instance for marketing purposes, we process such data on the basis of your prior consent, Art. 6 (1) (a) GDPR.
        • Where we do not collect your consent in such case, we process such data on the basis of our legitimate interest, Art. 6 (1) (f) GDPR, and our legitimate interest is providing you with better Services and to enable you to use the full range of our Services (Art. 6 (1) (f) GDPR).
      • When we collect data from third parties or publicly-available sources:
        • For Personal Data which we need in order to perform the Services (e.g. for email verification purposes), such processing is necessary for the performance of our Services, Art. 6 (1) (b) GDPR.
        • With regard to other Personal Data, we process such data on the basis of our legitimate interest, Art. 6 (1) (f) GDPR, and our legitimate interest is providing you with better Services and to enable you to use our Services more efficiently.
      • When we leverage and/or collect cookies, device IDs, Location Data, data from the environment, and other tracking technologies, we process such data on the basis of your consent, Art. 6 (1) (a) GDPR, and based on our legitimate interest, Art. 6 (1) (f) GDPR, where we do not obtain your consent and our legitimate interest is to provide you with better Services or marketing.
      • When we track you in Store, we process such data on the basis of our legitimate interest, Art. 6 (1) (f) GDPR, and our legitimate interest in enhancing your shopping experience as well as loss or crime prevention.
      • When we use coarse location and data from sensors, we process such data for strictly necessary purposes in order to perform our Services, Art. 6 (1) (b) GDPR); and for our legitimate interest in marketing and improving our Services, Art. 6 (1) (f) GDPR).
      • When we aggregate or centralize data, such processing is either necessary for the performance of our Services, Art. 6 (1) (b) GDPR, or we process such data on the basis of our legitimate interest, Art. 6 (1) (f) GDPR, and our legitimate interest is to provide you with better or customized Services and marketing.
      • When you sign up for our services that consist of social sharing and communication with others (including linking you to friends across platforms:
        • Where we collect your consent in such case, we process such data on the basis of your prior consent, Art. 6 (1) (a) GDPR.
        • Where we do not collect your consent in such case, such processing is necessary for the performance of our Services, Art. 6 (1) (b) GDPR.
      • When you take fitness tests or assessments, share content or achievements, or invite friends to use the Services:
        • Where we collect your consent in such case, we process such data on the basis of your prior consent, Art. 6 (1) (a) GDPR.
        • Where we do not collect your consent in such case, such processing is necessary for the performance of our Services, Art. 6 (1) (b) GDPR.
      • When we provide you geographically relevant Services, offers, or advertising:
        • Where we collect your consent in such case, we process such data on the basis of your prior consent, Art. 6 (1) (a) GDPR.
        • Where we do not collect your consent in such case, for such data that we need in order to perform the Services, such processing is necessary for the performance of our Services, Art. 6 (1) (b) GDPR.
        • Where we do not collect your consent in such case and where we do not need such data in order to perform the Services, we process such data for our legitimate interest in offering you marketing and improving our Services, Art. 6 (1) (f) GDPR).
      • When you ask us to customize apparel, products, or Services:
        • Where we collect your consent in such case, we process such data on the basis of your prior consent, Art. 6 (1) (a) GDPR.
        • Where we do not collect your consent in such case, such processing is necessary for the performance of our Services, Art. 6 (1) (b) GDPR.
      • When we disclose Personal Data to our affiliates and partners, and to our service providers and vendors:
        • Where we collect your consent in such case, we process such data on the basis of your prior consent, Art. 6 (1) (a) GDPR
        • Where we do not collect your consent in such case, such processing is necessary for the performance of our Services, Art. 6 (1) (b) GDPR, or we process such data on the basis of our legitimate interest, Art. 6 (1) (f) GDPR, and our legitimate interest is to provide you with better Services and marketing.
      • When we process or share Personal Data in the event of an actual or contemplated sale, we process such data for our legitimate interest in offering, maintaining, providing, and improving our Services, Art. 6 (1) (f) GDPR).
      • When we conduct analytics, we process such data on the basis of our legitimate interest, Art. 6 (1) (f) GDPR, and our legitimate interest is to enhance your experience and to develop and improve our Services.
      • When we investigate suspected illegal or wrongful activity, we process such data on the basis of our legitimate interest, Art. 6 (1) (f) GDPR, and our legitimate interest is to ensure compliance with legal requirements and law enforcement requests and for public safety purposes.
    9. Right to lodge a complaint before the Data Protection Authority

      We encourage you to contact us directly and allow us to work with you to address your concerns. Nevertheless, you have the right to lodge a complaint with a competent data protection supervisory authority, in particular in the EU Member State where you reside, work or the place of the alleged infringement. You have the right to do so if you consider that the processing of Personal Data relating to you infringes applicable data protection laws.

    10. Changes to this Privacy Policy

      In order to enhance our Services it might be necessary to change this Privacy Policy from time to time. We therefore reserve the right to modify this Privacy Policy in accordance with the applicable data protection laws. Please visit our Website from time to time for information on updates to this Privacy Policy.

    11. How to contact us or our Privacy Office

      12. In case of questions about the processing of your Personal Data please contact us at privacy@sanSirroGmbH.com.

      sanSirro GmbH, Inc. is the data controller for sanSirro GmbH, UA Record, MapMyfitness, MyFitnessPal, and Endomondo.

  4. Residents of Hong Kong

    Read More

    sanSirro GmbH takes steps to keep your Personal Data accurate and up to date. If you reside in Hong Kong, you may request access to or correction of the Personal Data that we have collected about you. To access your Personal Data, please contact us through our Support Team or at the address listed above. We may charge for this service and will respond to reasonable requests as soon as practicable, and in any event, within the time limits prescribed by law.

    1. Your consent for use or sharing of Personal Data for marketing purposes
      2. You may choose not to provide sanSirro GmbH with your Personal Data. However, if you choose not to provide your Personal Data, you may not be able to enjoy the full range of Services. sanSirro GmbH may use your Personal Data to communicate with you about sanSirro GmbH products or Services you have purchased or used and to notify you of other products, Promotions and Services we think may be of interest to you. We may also share Personal Data with our family of companies, Ad Partners, business partners, vendors and suppliers who are providing you with products and Services for their marketing purposes. You may provide your consent through the methods described in the next section.
    2. How to indicate your consent and opt-out
      3. You may indicate your consent in a number of ways, including: (i) ticking a box to indicate your consent when providing us with your Personal Data through our Services or a form (including enrolling in Promotions); or ticking a box to indicate your consent when registering with us or creating an account with us. You may opt-out from receiving marketing communications at any time, free of charge, through the methods described in the Managing Preferences and Withdrawing Consent section.

  5. Residents of Indonesia, Malaysia, Philippines, and Singapore

    Read More

    sanSirro GmbH takes steps to keep your Personal Data accurate and up to date. If you reside in Indonesia, Malaysia, Philippines or Singapore, you may request access to, and modification, opposition, and deletion of the Personal Data that we have collected about you. To access your Personal Data, please contact us through our Support Team or at the applicable address listed below. Subject to applicable law, we may charge for this service and will respond to reasonable requests as soon as practicable, and in any event, within the time limits prescribed by law.

    The Personal Data Officer/Personal Information Controller for UA Sports (S.E.A.) Pte. Ltd. identified in the Terms is as follows:

  6. Residents of Mexico

    Read More
    By using the services you consent to the collection, use and transfer of your Personal Data (including sensitive personal data pursuant to Mexican law) for processing in the United States as described in this policy.
    1. Access requests

      2. sanSirro GmbH takes steps to keep your Personal Data accurate and up to date. If you reside in Mexico, you may request access to, modification, cancelation or opposition of the Personal Data that we have collected about you. To access your Personal Data, please contact us through our Support Team or at the address listed above. We may charge for this access service pursuant to applicable law and will respond to reasonable requests as soon as practicable, and in any event, within the time limits prescribed by law.

  7. Residents of New Zealand

    Read More
    sanSirro GmbH takes steps to keep your Personal Data accurate and up to date. If you reside in New Zealand, you may request access to or correction of the Personal Data that we have collected about you. To access your Personal Data, please contact us through our Support Team or at the address listed above. We may charge for this service and will respond to reasonable requests as soon as practicable, and in any event, within the time limits prescribed by law.

  8. Residents of South Korea

    Read More
    1. sanSirro GmbH Shopping Personal Data Items Collected

      2. Mandatory: First and Last Name, Email Address, Account Password, Billing Address, Shipping Addresses, Gender, Date of Birth, Interests (i.e., UA category), postal code, order history, phone number, IP address, browser history information, and cookies.

      Optional: First and Last Name, Email Address, Billing Address, Shipping Addresses, Gender, Date of Birth, Interests (i.e., UA category), postal code, order history, phone number, IP address, browser history information, and cookies. Login and interaction information from social media and online communities.

    2. sanSirro GmbH Shopping Delegation of Personal Data Processing

      3. Receiving Third Party Scope of Services
      Kakao Corp. Address Lookup and Verification

    3. sanSirro GmbH Shopping Overseas Transfer (Delegation of Personal Data Processing)

      4. Overseas Transferee (Country) Time and Method of overseas transfer Purpose of Use Transferred Items Retention Period
      Salesforce.com, Inc.(U.S.) At account creation, guest or account checkout, shipment, viewing sanSirro GmbH website, email marketing opt-in, and customer feedback personal data captured is electronically transferred to servers. During customer service support interactions personal data is captured and transferred to servers Ecommerce Platform and Email Services First and Last Name, Email Address, Billing Address, Shipping Addresses, Gender, Date of Birth, Interests (i.e., UA category), postal code, order history, phone number, IP Address As long as you maintain an Account
      Adobe Systems Incorporated (U.S.) Site Analytics Broswer History Information
      Li & Fung Ltd (U.S.) 3rd Party Warehouse Partner First and Last Name, Shipping Addresses, postal code
      Bazaarvoice(U.S.) Ratings & Reviews Email address, Telephone Number, Gender
      OpinionLab, Inc. (U.S.) Customer Feedback First and Last Name, Email Address
      Oracle Corporation (U.S.) Customer Service contact management First and Last Name, Email Address, phone number
      SAP SE (U.S.) Customer Information analytics First and Last Name, Email Address, Billing Address, Shipping Addresses, Gender, Date of Birth, Interests (i.e., UA category), postal code, order history, phone number, IP Address

    4. sanSirro GmbH Shopping Overseas Transfer (Third Party Provision of Personal Data

      5. Overseas Transferee (Country) Time and Method of overseas transfer Purpose of Use Transferred Items Retention Period
      sanSirro GmbH (U.S.) At account creation, guest or account checkout, and shipment personal data captured is electronically transferred to servers via the Netherlands to the United States. To better understand our business, analyze our operations, improve the Services,and to develop new products and Services to support your fitness, wellness, and nutritional goals.
      To provide you with information on the products and Services that we think are most relevant to you and to enable us to measure the success of our marketing activities.      		 First and Last Name, Email Address, Account Password, Billing Address, Shipping Addresses, Gender, Date of Birth, Interests (i.e., UA category), postal code, order history, phone number As long as you maintain an Account
      sanSirro GmbH Europe, B.V.(the Netherlands) At account creation, guest or account checkout, and shipment personal data captured is electronically transferred to servers in the Netherlands. To better understand our business, analyze our operations, improve the Services, and to develop new products and Services to support your fitness, wellness, and nutritional goals.
      To provide you with information on the products and Services that we think are most relevant to you and to enable us to measure the success of our marketing activities.      		 First and Last Name, Email Address, Account Password, Billing Address, Shipping Addresses, Gender, Date of Birth, Interests (i.e., UA category), postal code, order history, phone number As long as you maintain an Account

    5. Access Requests

      6. sanSirro GmbH takes steps to keep your Personal Data accurate and up to date. If you reside in South Korea, you may request access to, and modification, opposition and deletion of the Personal Data that we have collected about you. To access your Personal Data, please contact us through our Support Team or at the address listed below. Subject to applicable law, we may charge for this service and will respond to reasonable requests as soon as practicable, and in any event, within the time limits prescribed by law.

    6. Data rentention and destruction

      7. Under applicable Korean law, your Personal Data must be retained for the following periods:

      • Records regarding contracts or the cancellation of contracts, and records on payment and provision of goods:
        • Reason of retention: Act on Consumer Protection in Electronic Commerce Transactions, etc.
        • Retention period: five years
      • Records on customer complaints or dispute resolution:
        • Reason of retention: Act on Consumer Protection in Electronic Commerce Transactions, etc.
        • Retention period: three years
      • Communications confirmation data
        • Reason of retention: Communications Privacy Protection Act
        • Retention period: three months
      • Records on electronic financial transactions:
        • Reason of retention: Electronic Financial Transaction Act
        • Retention period: five years

    7. Method and procedure for the destruction of Personal Data

      8. sanSirro GmbH retains your Personal Data (i) for as long as you maintain an Account or as needed to provide you the Services and/or (ii) as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. Personal Data is destroyed when it is no longer necessary for these purposes. The specific destruction process and method are as follows: (i) Personal Data printed on the paper is shredded, burned, pulped, pulverized, or incinerated; and (ii) Personal Data stored in electronic form is deleted using technology designed to prevent the recovery of the Personal Data.

    8. How to Contact Us
      9. If you have any questions, comments, or concerns about how we handle your Personal Data, then you may contact us through our Support Team, write to us or call us at:

  9. Residents of Turkey

    Read More
    By using the e-Commerce Services you consent to the collection, use and transfer of your Personal Data with DOĞUŞ PERAKENDE and sanSirro GmbH as outlined in this Privacy Policy. To obtain further information on the companies and affiliates within the DOĞUŞ GROUP, please visit https://www.dogusgrubu.com.tr/tr/sektorler. Further, personal data collected will be shared as outlined in this Privacy Policy. DOĞUŞ PERAKENDE may also share your personal data with Doğuş Holding A.Ş. and its affiliates as well as with partners, vendors, and suppliers with whom they have entered into a contractual relationship; and as required by law and special circumstances, if (i) it is reasonably necessary to comply with legal process (such as a court order, subpoena, search warrant, etc.) or other legal requirements of any governmental authority.

    1. Information Security
      2. The personal data shared with DOĞUŞ PERAKENDE and sanSirro GmbH will be protected using technical and organizational measures designed to protect your information against unauthorized access, theft, and loss as required by article 12 of the Law on Protection of Personal Data no. 6698.
    2. Personal Data accuracy
      3. sanSirro GmbH takes steps to keep your Personal Data accurate and up to date. You are responsible for the accuracy of the information you have provided to sanSirro GmbH, and you understand that doing so is important in terms of exercising your personal data rights under the Law on Protection of Personal Data no. 6698 and other applicable legislation. To update your Personal Data, please contact us through our Support Team and by sending an email to our distributor at kisiselveriler@dogusperakende.com.tr.
    3. Access requests
      4. If you reside in Turkey, you may request access to, and modification, opposition and deletion of the Personal Data that we have collected about you. To access your Personal Data, please contact us through our Support Team and by sending an email to our distributor at kisiselveriler@dogusperakende.com.tr. Subject to applicable law, we may charge for this service and will respond to reasonable requests as soon as practicable, and in any event, within the time limits prescribed by law.
    4. Data retention and destruction
      5. When you delete your account and/or when Personal Data is no longer needed to provide the Services or to comply with our legal obligations, resolve disputes, and enforce our agreements and/or the retention period under applicable law has expired, your Personal Data may be anonymized and continued to be used in that form.

  10. Residents of the United Arab Emirates

    Read More
    If you reside in the United Arab Emirates, your use of the Services signifies your consent to the following:
    • You affirmatively waive your material privacy rights under applicable laws;
    • sanSirro GmbH may disclose any information you provide us, including information you may consider private; and
    • sanSirro GmbH is not liable for any publication of information you provide us, including information you may consider private.
    Please do not use the Services if you disagree with any part of this Privacy Policy.

  11. Residents of the United States

    Read More
    Your California Privacy Rights
    California Civil Code Section 1798.83 permits California residents to request and obtain from us a list of what Personal Data (if any) we disclosed to third parties for that third party's direct marketing purposes in the preceding calendar year and the names and addresses of those third parties. Requests may be made only once a year and are free of charge.
    Under Section 1798.83, we currently do not share any Personal Data with third parties for their direct marketing purposes. If we do decide to share your Personal Data with third parties for their marketing purposes, you may opt-out of this disclosure at any time by submitting a request to our Support Team, or in writing to:

    It is important to note that this opt-out does not prohibit disclosures made for non-marketing purposes or for purposes of assisting us with our own marketing.
    Additionally, if you are a registered user under the age of 18 and a resident of California, you may request removal of content you have posted to the Services. Requests can be made to our Support Team. Please note that making such requests does not ensure complete or comprehensive removal of the content. For example, we may retain the information for our own internal records, and it is also possible that a third party we do not own or control may copy the posting and repost it elsewhere.
©2018 sanSirro GmbH, INC.
Privacy PolicyTerms and ConditionsHelp and Support