8fit processes your data to help you improve your health, while taking care of the security of your data.
As a data controller, 8fit is committed to giving the utmost attention to the security and protection of your privacy. It is an affiliated company of its parent company WITHINGS, who shares the same obligations as 8fit to your privacy. 8fit processes your personal data in compliance with applicable privacy and personal data laws according to the European General Data Protection Regulation (GDPR).
The data below will be collected by 8fit:
Identity data is data which can directly identify you, such as your advertising identifier, age, email address, gender, location, name, profile photo, timezone, and username.
Activity data is data used to improve fitness and health management. It contains health data, which is a special category of data in meaning of the GDPR. As you perform or log activities (articles, meals, meditations, weigh-ins, workouts) in our Services, we track when you performed those activities, duration, estimated calories burned, and estimated distance, as relevant. You have the option of sharing your workout and meal data collected by our Services into Apple Health Kit. This only happens if you explicitly opt-in to allow this data sharing. In addition, you have the option of sharing your data from Apple’s CoreMotion and / or Google’s Google Fit applications to our Services to sync your steps taken, and the time of the steps taken. This only happens if you explicitly opt-in to allow this data sharing.
Technical data is necessary to provide use of and maintain reliability of the Services, such as IP address, cellular carrier, device ID, advertising ID, instance ID (of your app), information about your device and operating system, language, app version, technical debug information, and technical logs.
Behavior data is data that contains additionally to the technical data information about your usage behavior and your interaction within the software application, such as clicks on buttons/links/advertising, viewed elements, usage time and duration, first start, last activity, and the conclusion of predefined events.
When you create an 8fit account, you provide certain identity data. Your 8fit account is a core component of the Services, as it allows you to access and control your personal data. When creating an 8fit account, you also have the option of connecting your account with Apple, Facebook, or Google for log in, in which your identity data will also be shared. This only happens if you explicitly opt-in to allow this data sharing.
When you use our Services, your activity data and technical data is collected to help you monitor your health, and to ensure reliability of the Services. Additionally, technical and behavior data is collected to improve our Services and to measure performance, create usage profiles, display personalized advertising and measure the effectiveness of marketing campaigns, if you have given your consent.
When you choose to share your data with other applications, we exchange data with partners via an API (Application Programming Interface). You may discontinue this connection at any time by logging in and managing the sharing preferences under your 8fit account. On the mobile application, navigate to the Profile tab -> Settings -> Account -> Integrations.
When you contact our customer support, your personal data under your 8fit account are available to our teams to help resolve your problem.
The data collected through the Services of 8fit is processed by 8fit for the following specific purposes. Different purposes may apply simultaneously.
Providing Services. Personal data processed by 8fit are stored on your 8fit account and accessible on the application. Personal data may be indicated as raw data (number of steps, weight, etc.), or as a result of specific processing (personalized recommendations, workout and meal plans).
Accounts. Use of our Services requires the creation of an 8fit account. This account also allows you to manage your content, preferences, and personal data. Communicating with you. When you contact customer support (firstname.lastname@example.org) to solve a problem that you have reported, our team members may be required to process your personal data to help you.
Marketing, research and recommendations. Your personal data may be used to help us communicate with you, for example to offer you surveys, contests, coupons or events in which you are free to participate. We may provide you with information about our Services, such as alerts, changes, new features, sales offers from us or our partners, or to announce new services to you. You may be invited to participate in the research by receiving questionnaires. 8fit is constantly improving the accuracy of its Services thanks to its community of participants, always ensuring that your consent is obtained. You can manage your notification preferences by clicking on the unsubscribe link at the bottom of the emails you receive or by contacting customer support (email@example.com).
Improving our Services. We may use your aggregated personal data, including behavior data, to improve our Services, customer support, and to correct or modify software settings. In addition, your health data might be anonymised, i.e not allowing to identify an individual or to be linked to an account to conduct studies and analyses in the field of health.
Performance measurement, usage profiles, personalized advertising, effectiveness of marketing campaigns: Your technical and behavior data may be used to measure the performance of our software applications, e.g. how often and how long you use the application, to create user profiles, e.g. which features do you like and which advertising you have clicked, to display personalized advertising and measure the effectiveness of marketing campaigns, e.g. which ways you got to our Services and measure conversions and leads.
8fit processes your personal data on the following legal basis:
Contract: We process your data on basis of the user agreement for our Services, e.g. the creation of the user account, providing the Services, the support and communication, which does not include the processing of health data. Legal basis is Art. 6 (1) (b) GDPR.
Consent: The most data we process with your given consent, e.g. for processing health data, sharing activity data, marketing activities, measure performance, create usage profiles, display personalized advertising, measure the effectiveness of marketing campaigns. Legal basis is Art. 6 (1) (a) GDPR, and also Art. 9 (2) (a) GDPR, if health data is processed.
Legitimate Interests: Some data we process to fulfill our legitimate interests, e.g. for improving our Services. Legal basis is Art. 6 (1) (f) GDPR.
Your personal data will not be distributed, communicated, exchanged or transferred to third parties, on any medium whatsoever. Only WITHINGS who has purchased the shares for 8fit and its rights and obligations is allowed to process your personal data, assuming that WITHINGS is bound by the same obligation to protect your data.
Transfer of personal data. Our Services are provided by hosts located in US East (N. Virginia) by AWS.
Mandatory disclosure. We may be compelled by the law to disclose your personal data to some authorities or other third parties, such as the law enforcement or legal authorities. In this case, we challenge such requests for disclosure and only provide the minimum amount of information permissible when responding to a request for disclosure.
We make every effort to ensure the security of your personal data.
How do we ensure the respect of children's privacy? 8fit's Services are made for the general public. 8fit does not collect information from children under the age of 16 without the prior consent of their parents or legal guardians.
How do we ensure the quality of your data? We recommend you regularly log on your 8fit account and confirm that your personal data are accurate and up-to-date. If you have a doubt on the accuracy of data, please inform us and we will implement means to correct or erase inaccurate data.
What action do we take to protect your personal data? The protection of your privacy and security is crucial in the way we create and supply our Services. We apply our Policy through a selection of appropriate activities such as the proactive management of risks. We take appropriate measures to guarantee online safety, physical safety, and remove risks of data loss. We limit the access to our database to employees that have a justified need to access this information.
How can I stop marketing e-mails? You can unsubscribe from marketing and ask that we stop processing your data for marketing means. We will still be able to send you security critical alerts.
What are your rights? You have a right of access, rectification and erasure or restriction of processing on each of your personal data. Also, you have the right to withdraw your given consent and to object to specific processing.
Right to object. You have the right to object processing on grounds relating to your particular situation. 8fit do not longer process the data unless 8fit demonstrates compelling legitimate grounds for the processing. If 8fit processes data for direct marketing purposes, e.g. marketing e-mails, you have the right to object such processing at any time.
Right to withdraw your consent. You have the right to withdraw your given consent at any time. Then, we do not process your data based on your consent anymore. Your withdrawal does not affect the lawfulness of processing based on consent before your withdrawal. Your consent for the processing of technical and behavior data, which you give in our consent banner, you can withdraw easily in this banner.
Where can I enforce my rights? If you wish to exercise your rights or object to a processing operation carried out by 8fit, the requests must be sent to firstname.lastname@example.org with proof of identity.
Complaint before supervisory authority. In the event of a dispute, you also have the right to file a complaint with the supervisory authority responsible for us, which is the Berlin Commissioner for Data Protection and Freedom of Information (Berliner Beauftragte für Datenschutz und Informationsfreiheit), Friedrichstraße 219, 10969 Berlin.
Modification of the present Policy. 8fit may modify the present Policy. If the present Policy had to be largely modified, 8fit would publish a notice on this page and send email to its users.
In order for you to use our Services, your data is stored until you request its deletion. For your information, account deletion will result in the deletion of your data.
If you wish to delete your data and your account, on the mobile application, navigate to the Profile tab -> Settings -> Account -> Delete my account or, contact customer support (email@example.com).
In the event of a deletion request, all your data will be permanently deleted within 30 days of your request.
However, if you have deleted your account and wish to use our Services again, simply create a new account.
We are proud of the trust that you share with us and with WITHINGS.
Last modified date: April 2022