This privacy policy has been prepared with great care, but it does not constitute individual legal advice. For a binding legal assessment, we recommend that you seek legal advice from a professional specialised in data protection law.
Privacy Policy
We want to make the topic of data protection as transparent as possible for you. We handle your data responsibly. Your personal data is processed exclusively in accordance with the applicable data protection laws, in particular the EU General Data Protection Regulation (GDPR).
Effective as of 20 December 2023
We recommend that you read the full privacy policy. Below you will find the most important points in advance.
Notice
Controller
The controller responsible for the processing of personal data in connection with this app is:
Offlinefirst LTD, Cyprus
Email: privacy@flamy.co
'%3e%3cpath%20d='M58%2021H45.1C46.2%2020.4%2046.9%2019.3%2047%2018V10C47%205.4%2035.4%203%2024%203C12.6%203%201%205.4%201%2010V18C1%2019.5%202.3%2020.9%204.7%2022C2.3%2023.1%201%2024.5%201%2026V34C1%2035.5%202.3%2036.9%204.7%2038C2.3%2039.1%201%2040.5%201%2042V50C1%2054.6%2012.6%2057%2024%2057C29.5%2057.1%2034.9%2056.4%2040.2%2055.1C41.8%2056.5%2043.6%2057.8%2045.5%2058.9C45.8%2059.1%2046.2%2059.1%2046.5%2058.9C60.8%2050.7%2061%2037.4%2061%2036.8V24C61%2022.3%2059.7%2021%2058%2021ZM24%205C36.8%205%2045%208%2045%2010C45%2012%2036.8%2015%2024%2015C11.2%2015%203%2012%203%2010C3%208%2011.2%205%2024%205ZM3%2018V13C6.8%2015.6%2015.4%2017%2024%2017C32.6%2017%2041.2%2015.6%2045%2013V18C45%2018.7%2043.7%2019.9%2040.2%2021H34C32.9%2021%2031.8%2021.6%2031.3%2022.6C28.9%2022.9%2026.5%2023%2024%2023C18.6%2023.1%2013.2%2022.4%207.9%2021C4.3%2019.9%203%2018.7%203%2018ZM7.6%2023C12.9%2024.4%2018.4%2025%2024%2025C26.4%2025%2028.7%2024.9%2031%2024.7V30.7C28.8%2030.9%2026.4%2031%2024%2031C11.2%2031%203%2028%203%2026C3%2025.3%204.2%2024.1%207.6%2023ZM3%2034V29C6.8%2031.6%2015.4%2033%2024%2033C26.4%2033%2028.8%2032.9%2031%2032.7V36.8C31%2037.4%2031.1%2038%2031.1%2038.6C28.8%2038.9%2026.4%2039%2024%2039C18.6%2039.1%2013.2%2038.4%207.9%2037C4.3%2035.9%203%2034.7%203%2034ZM7.6%2039C12.9%2040.4%2018.4%2041%2024%2041C26.6%2041%2029.1%2040.9%2031.5%2040.6C31.9%2042.6%2032.6%2044.5%2033.5%2046.4C30.3%2046.8%2027.2%2047%2024%2047C11.2%2047%203%2044%203%2042C3%2041.3%204.2%2040.1%207.6%2039ZM3%2050V45C6.8%2047.6%2015.4%2049%2024%2049C27.5%2049%2031%2048.8%2034.5%2048.3C35.6%2050.2%2036.9%2051.9%2038.5%2053.5C33.7%2054.6%2028.9%2055.1%2024%2055C11.2%2055%203%2052%203%2050ZM59%2036.8C59%2037.3%2058.8%2049.3%2046%2056.8C41.8%2054.4%2038.4%2051%2036%2046.8C36%2046.7%2035.9%2046.6%2035.9%2046.6C34.7%2044.4%2033.8%2042%2033.4%2039.5C33.4%2039.5%2033.4%2039.5%2033.4%2039.4C33.2%2038.6%2033.1%2037.7%2033.1%2036.8V24C33.1%2023.4%2033.5%2023%2034.1%2023H58.1C58.7%2023%2059.1%2023.4%2059.1%2024V36.8H59Z'%20fill='url(%23paint0_linear_3164_853)'/%3e%3cpath%20d='M55%2025C54.4%2025%2054%2025.4%2054%2026C54%2026.6%2054.4%2027%2055%2027V36.8C55%2037.2%2054.7%2046.1%2045.4%2052.5C45.1%2052.7%2045%2053%2045%2053.4C45%2053.8%2045.2%2054.1%2045.6%2054.2C45.9%2054.4%2046.3%2054.3%2046.6%2054.1C56.7%2047.2%2057%2037.2%2057%2036.8V27C57%2025.9%2056.1%2025%2055%2025Z'%20fill='%23FE7F5C'/%3e%3cpath%20d='M37%2036.8V27H48C48.6%2027%2049%2026.6%2049%2026C49%2025.4%2048.6%2025%2048%2025H37C35.9%2025%2035%2025.9%2035%2027V36.8C35.3%2040.9%2036.7%2044.8%2039.2%2048.1C39.5%2048.5%2040.1%2048.6%2040.6%2048.3C41%2048%2041.1%2047.4%2040.8%2046.9C38.6%2044%2037.3%2040.5%2037%2036.8Z'%20fill='%23FE7F5C'/%3e%3cpath%20d='M52.7%2032.2C52.3%2031.8%2051.7%2031.8%2051.3%2032.2L43.9%2039.6L42.7%2038.4C42.3%2038%2041.7%2038%2041.3%2038.4C40.9%2038.8%2040.9%2039.4%2041.3%2039.8L43.2%2041.7C43.6%2042.1%2044.2%2042.1%2044.6%2041.7L52.7%2033.6C53.1%2033.2%2053.1%2032.6%2052.7%2032.2Z'%20fill='%23FE7F5C'/%3e%3c/g%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_3164_853'%20x1='31'%20y1='31'%20x2='-3.5'%20y2='31'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%23FE7F5C'/%3e%3cstop%20offset='1'%20stop-color='%23FF6B5D'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e)
Your data is safe with us
Your personal information remains confidential unless you choose to share content voluntarily. We take appropriate technical and organisational measures to protect your personal data from misuse, loss, theft or unauthorised access.
You stay in control
You can delete your account at any time in the app. All of your personal data will then be permanently and irreversibly deleted.'/%3e%3cpath%20d='M31%2026C29.5%2026%2028.3%2027%2028%2028.5C27.8%2029.9%2028.6%2031.3%2030%2031.8V34C30%2034.6%2030.4%2035%2031%2035C31.6%2035%2032%2034.6%2032%2034V31.8C33.4%2031.3%2034.2%2029.9%2034%2028.5C33.7%2027%2032.5%2026%2031%2026ZM31%2030C30.4%2030%2030%2029.6%2030%2029C30%2028.4%2030.4%2028%2031%2028C31.6%2028%2032%2028.4%2032%2029C32%2029.6%2031.6%2030%2031%2030Z'%20fill='%23FE7F5C'/%3e%3cpath%20opacity='0.56'%20d='M38.7%2020V9.9C38.7%205.7%2035.2%202.3%2031%202.3C26.8%202.3%2023.3%205.7%2023.3%209.9V20H21V9.9C21%204.4%2025.5%200%2031%200C36.5%200%2041%204.4%2041%209.9V20H38.7Z'%20fill='%23FE7F5C'/%3e%3cdefs%3e%3cradialGradient%20id='paint0_radial_3164_983'%20cx='0'%20cy='0'%20r='1'%20gradientUnits='userSpaceOnUse'%20gradientTransform='translate(31%2028.9995)%20rotate(90)%20scale(31.015%2031.0227)'%3e%3cstop%20offset='0.453125'%20stop-color='%23FF6B5D'/%3e%3cstop%20offset='0.6848'%20stop-color='%23FE7F5C'%20stop-opacity='0.3'/%3e%3cstop%20offset='1'%20stop-color='%23FE7F5C'%20stop-opacity='0.27'/%3e%3c/radialGradient%3e%3c/defs%3e%3c/svg%3e)
Secure data transfer
If personal data is transferred to countries outside the European Union or the European Economic Area, we use recognised protection mechanisms, in particular the standard contractual clauses (SCC) provided by the EU Commission.'%3e%3cpath%20opacity='0.3'%20d='M28%2055C27.4%2055%2027%2055.4%2027%2056C27%2056.6%2027.4%2057%2028%2057H32C32.6%2057%2033%2056.6%2033%2056C33%2055.4%2032.6%2055%2032%2055H28Z'%20fill='%23F75815'/%3e%3cpath%20opacity='0.3'%20d='M19%2013C18.4%2013%2018%2013.4%2018%2014C18%2014.6%2018.4%2015%2019%2015H20C20.6%2015%2021%2014.6%2021%2014C21%2013.4%2020.6%2013%2020%2013H19Z'%20fill='%23F75815'/%3e%3cpath%20opacity='0.3'%20d='M35%2014C35%2013.4%2034.6%2013%2034%2013H24C23.4%2013%2023%2013.4%2023%2014C23%2014.6%2023.4%2015%2024%2015H34C34.6%2015%2035%2014.6%2035%2014Z'%20fill='%23F75815'/%3e%3cpath%20fill-rule='evenodd'%20clip-rule='evenodd'%20d='M35%2023C33.3%2023%2032%2024.3%2032%2026V38.8C32%2039.4%2032.2%2052.7%2046.5%2060.9C46.8%2061.1%2047.2%2061.1%2047.5%2060.9C61.8%2052.7%2062%2039.4%2062%2038.8V26C62%2024.3%2060.7%2023%2059%2023H35ZM47%2058.8C59.8%2051.2%2060%2039.3%2060%2038.8V26C60%2025.4%2059.6%2025%2059%2025H35C34.4%2025%2034%2025.4%2034%2026V38.8C34%2039.3%2034.2%2051.3%2047%2058.8Z'%20fill='%23F75815'/%3e%3cpath%20fill-rule='evenodd'%20clip-rule='evenodd'%20d='M50%2023V5C50%202.8%2048.2%201%2046%201H18C15.8%201%2014%202.8%2014%205V57C14%2059.2%2015.8%2061%2018%2061H40C40.6%2061%2041%2060.6%2041%2060C41%2059.4%2040.6%2059%2040%2059H18C16.9%2059%2016%2058.1%2016%2057V53H33C33.6%2053%2034%2052.6%2034%2052C34%2051.4%2033.6%2051%2033%2051H16V11H48V23H50ZM16%205V9H48V5C48%203.9%2047.1%203%2046%203H18C16.9%203%2016%203.9%2016%205Z'%20fill='url(%23paint0_radial_3164_904)'/%3e%3cpath%20d='M56%2027C55.4%2027%2055%2027.4%2055%2028C55%2028.6%2055.4%2029%2056%2029V38.8C56%2039.2%2055.7%2048.1%2046.4%2054.5C45.9%2054.8%2045.8%2055.4%2046.1%2055.9C46.4%2056.4%2047%2056.5%2047.5%2056.2C57.7%2049.2%2058%2039.3%2058%2038.8V29C58%2027.9%2057.1%2027%2056%2027Z'%20fill='%23F75815'/%3e%3cpath%20d='M38%2038.8V29H49C49.6%2029%2050%2028.6%2050%2028C50%2027.4%2049.6%2027%2049%2027H38C36.9%2027%2036%2027.9%2036%2029V38.8C36.3%2042.9%2037.7%2046.8%2040.2%2050.1C40.5%2050.5%2041.1%2050.6%2041.6%2050.3C42%2050%2042.1%2049.4%2041.8%2048.9C39.6%2046%2038.3%2042.5%2038%2038.8Z'%20fill='%23F75815'/%3e%3cpath%20d='M53.7%2034.2C53.3%2033.8%2052.7%2033.8%2052.3%2034.2L44.9%2041.6L43.7%2040.4C43.3%2040%2042.7%2040%2042.3%2040.4C41.9%2040.8%2041.9%2041.4%2042.3%2041.8L44.2%2043.7C44.6%2044.1%2045.2%2044.1%2045.6%2043.7L53.7%2035.6C54.1%2035.2%2054.1%2034.6%2053.7%2034.2Z'%20fill='%23F75815'/%3e%3c/g%3e%3cdefs%3e%3cradialGradient%20id='paint0_radial_3164_904'%20cx='0'%20cy='0'%20r='1'%20gradientUnits='userSpaceOnUse'%20gradientTransform='translate(41.5745%2018.5532)%20rotate(119.615)%20scale(48.8249%2042.0129)'%3e%3cstop%20offset='0.551232'%20stop-color='%23FE7F5C'/%3e%3cstop%20offset='1'%20stop-color='%23FE5C5C'/%3e%3c/radialGradient%3e%3c/defs%3e%3c/svg%3e)
Please note
By installing the app or using our services, you accept the terms of this privacy policy and the processing of your personal data.
Any questions?
If you have any questions, our support team will be happy to help. Please send your request by email to info@flamy.co
1. Information and data we collect from you
We collect personal data that you actively provide to us. When you register, we collect the following data:
- Email address
- Password
- Name
- Data relating to smoking behaviour (e.g. number of cigarettes, costs, duration of consumption, times of consumption)
During use, you can provide additional data, such as: years of smoking, cigarettes per day, price per pack (including roll-your-own tobacco or liquids), number of cigarettes per pack, time of the first and last cigarette, cravings including mood, situation, location and contact, age (date of birth), gender, profile picture.
Buddies
If you add buddies, they can see certain data about you (e.g. smoke-free days, regained lifetime, money saved, cravings overcome, craving history including mood and intensity, health-related progress, milestones, profile picture, name).
Automatically collected data
Location information
- IP address
- Time zone
- Information about the mobile network provider
- Currency, country & region
Device information
- Hardware model
- Operating system and version
- Mobile network
- Storage information
- Device identifiers
App usage data
- App version
- Error reports
- Use of specific features
- Frequency and duration of your usage
- General usage patterns
- User ID
2. How we use your personal data
We use your personal data, among other things, for the following purposes:
- Analysing and improving the app
- Operating and maintaining the app
- Personalising content and messages
- Providing the services and products you request
- Processing transactions
- Sending reminders and notifications
- Sending offers and discount codes (where permitted)
- Verifying your identity where necessary
- Sending technical notices, security alerts and support messages
- Conducting customer satisfaction surveys
- Billing and administration
- Responding to comments and enquiries
- Analysing trends, usage and behavioural patterns
- Fraud prevention
- Providing data that you have actively chosen to share
- Combining information from different sources where legally permitted
- Scientific and statistical evaluations (generally pseudonymised or anonymised)
- Any other purposes about which we inform you transparently in advance
3. Legal bases for data processing
We process your personal data on the basis of the following legal grounds under Art. 6 GDPR:
- For the performance of our contract with you or for the implementation of pre-contractual measures (Art. 6(1)(b) GDPR), e.g. to provide the app, registration, synchronisation of your data, management of your account.
- For compliance with legal obligations (Art. 6(1)(c) GDPR), e.g. commercial and tax law retention obligations in connection with payment data.
- On the basis of your consent (Art. 6(1)(a) GDPR), e.g. for certain analytics or marketing purposes, invitations of buddies or sending discount campaigns, where legally required.
- On the basis of our legitimate interests (Art. 6(1)(f) GDPR), e.g. to improve and secure the app, error analysis, abuse and fraud prevention, statistical evaluations and to provide a safe and stable service.
4. Sharing your data with third parties
We do not sell your personal data. Data is only shared with carefully selected service providers that are necessary for the operation, analysis and further development of the app and with whom we have concluded appropriate data protection agreements (e.g. data processing agreements).
5. Recipients of your data
Depending on how you use the app, your personal data may be transmitted to the following categories of recipients:
- IT and hosting service providers (e.g. for server operation and data storage).
- Providers of analytics and crash reporting services (e.g. Firebase Analytics, Firebase Crashlytics).
- Payment service providers and app store operators (e.g. Apple, Google) in connection with in-app purchases.
- Communication service providers (e.g. email providers) when we contact you.
- Service providers for the provision and delivery of images and media content (e.g. Cloudinary).
6. Data transfer to third countries
Some of our service providers (e.g. Google/Firebase, Cloudinary) are based outside the European Union or the European Economic Area. If personal data is transferred to a third country, we ensure that an adequate level of data protection is in place. This is done in particular by using standard contractual clauses of the EU Commission or comparable recognised safeguards.
7. Your consent and how to withdraw it
Where we process your data on the basis of your consent, you can withdraw this consent at any time with effect for the future. The lawfulness of the processing carried out up to the withdrawal remains unaffected. You can also request information about the personal data stored about you and request its rectification or deletion, provided that no statutory retention obligations prohibit this.
8. Your rights under the GDPR
Depending on the circumstances, you have the following rights in relation to your personal data:
- Right of access (Art. 15 GDPR): You can request information about which data we process about you.
- Right to rectification (Art. 16 GDPR): You can request the correction of inaccurate data or the completion of incomplete data.
- Right to erasure (Art. 17 GDPR): You can request the deletion of your personal data, provided that no statutory retention obligations prevent this.
- Right to restriction of processing (Art. 18 GDPR): In certain cases, you can request that the processing of your data be restricted.
- Right to data portability (Art. 20 GDPR): You can request that we provide certain data in a structured, commonly used and machine-readable format or transmit it to another controller.
- Right to object (Art. 21 GDPR): You can object at any time, on grounds relating to your particular situation, to the processing of personal data based on our legitimate interests.
- Right to lodge a complaint with a supervisory authority (Art. 77 GDPR): You have the right to lodge a complaint with a competent data protection supervisory authority if you believe that the processing of your data infringes the GDPR.
9. Data storage
As a general rule, we store your personal data for as long as your account is active. If you delete your account, your personal data will be irreversibly deleted, unless statutory retention obligations require longer storage. We reserve the right to delete inactive accounts no earlier than after 6 months of inactivity. In such cases, the personal data concerned will also be deleted, unless it must be stored for a longer period for legal reasons.
10. Provision of your data
The provision of certain data (e.g. email address, password) is necessary for registration and use of the app. Without this data, we cannot provide you with the basic functions of the app. All additional information is voluntary but may be required in order to use certain features to their full extent.
11. Deleting your data
You can delete your account at any time in the app settings. This will irreversibly delete all personal data directly associated with your account, unless statutory retention obligations require continued storage. To use the app again, you will need to register anew, unless you use an anonymous account. If you have any questions, our support team will be happy to help.
12. Source of the data
As a rule, we receive personal data directly from you when you use the app or enter information. In addition, certain data is collected automatically via your device, the operating system or through services used (e.g. Firebase Analytics, Crashlytics) in order to provide, secure and improve the app.
13. Profiling and automated decision-making
We do not use solely automated decision-making processes that produce legal effects concerning you or similarly significantly affect you (Art. 22 GDPR). However, we do use analysis and evaluation methods to display personalised content, statistics and recommendations for you. This processing is based on our legitimate interests and – where required – your consent.
14. Tracking technologies and SDKs
The app uses various software development kits (SDKs) and tracking technologies, including Firebase Analytics, Firebase Crashlytics and Firebase Dynamic Links, to analyse and improve the stability, security and usage of the app. In the web version, cookies and similar technologies may also be used, the use of which you can control via our cookie banner (Cookiebot). Where legally required, we obtain your consent before using certain tracking technologies. You can also restrict the use of specific technologies via your device settings (e.g. advertising tracking).
15. Processing by service providers
Firebase Firestore
Google LLC (USA)
Privacy PolicyData collected: user data, payment status.
Purpose: data storage, synchronisation of your data between devices, management of your account and the status of your purchases, as well as sharing your profile data with buddies. When you delete your account, this data will be deleted unless it must be retained for legal reasons.
Firebase Crashlytics
Google LLC (USA)
Privacy PolicyFirebase Crashlytics helps us analyse and fix errors in order to improve the stability of the app. Information about the device used and app usage is collected to diagnose technical issues. Before you sign in, crash reports are transmitted in anonymised form; after that, they may be linked to your user ID. Details on the storage duration can be found in the provider’s privacy policy.
Firebase Analytics
Google LLC (USA)
Privacy PolicyData collected: user ID, app version, IP address, interactions and events such as login, registration, app starts, sharing content and unlocking achievements.
Purpose: analysing app usage, measuring conversions, improving features and offerings.
Firebase Dynamic Links
Google LLC (USA)
Privacy PolicyData collected: user ID.
Purpose: creating and evaluating invitation links for buddies and other dynamic links within the app.
Cloudinary
Cloudinary Ltd. (UK)
Privacy PolicyData collected: profile pictures and other media content uploaded by you.
When you delete your account, the content stored with Cloudinary is generally deleted irreversibly, unless legal or technical reasons prevent immediate deletion.
Contact us
Controller for personal data
Please contact our Privacy Compliance Team and our EU representative (Offlinefirst LTD, CY) at privacy@flamy.co