Privacy Policy (Datenschutzerklärung)

1. Data Protection Overview

Last updated:

The protection of your personal data is our highest priority. This privacy policy informs you about data processing in our offline-first application FoodEcho according to Art. 13, 14 GDPR.

Version: 1.0.0
Last content change:

2. Controller according to Art. 4(7) GDPR

Klasen und Schmitt GbR
Saarbrücker Straße 2
54439 Saarburg
Deutschland
Email: foodecho [at] gmx [dot] de

A Data Protection Officer is not required under Art. 37 GDPR due to company size and type.

3. Processing of Health Data

FoodEcho processes special categories of personal data according to Art. 9 GDPR (health data). Processing occurs exclusively:

  • Locally on your device
  • Without transmission to our servers
  • Without cloud synchronization
  • Without third-party access

The legal basis for processing is Art. 9(2)(a) GDPR (explicit consent).

4. Required App Permissions

According to § 13 TMG and Art. 13 GDPR, we inform you about the required app permissions:

  • Storage access: Required to save your health and nutrition data locally

We explicitly do not request:

  • Camera access
  • Location data
  • Contact information
  • Network access

5. Local Data Storage

The following data categories are stored exclusively on your device:

  • Nutrition data
  • Symptoms
  • Medications
  • Calendar entries
  • Bowel movements
  • Personal notes

Storage Duration:

  • Data remains stored until you delete it yourself
  • All local data is automatically deleted upon app uninstallation
  • No automatic deletion by us

6. Technical Security Measures

To protect your health data according to Art. 32 GDPR, we implement:

  • Local-only storage architecture
  • Encryption of data at rest
  • No network transmission capabilities
  • Regular security updates

7. Your Rights

Under GDPR, you have the following rights:

  • Right to access (Art. 15 GDPR) - View all your data directly in the app
  • Right to rectification (Art. 16 GDPR) - Edit your data anytime
  • Right to erasure (Art. 17 GDPR) - Delete your data directly
  • Right to data portability (Art. 20 GDPR) - Export your data

Since all data is stored locally, you have direct control over these rights through the app's functionality.

8. App Store Information

When downloading through the Apple App Store:

  • Apple processes installation and account data
  • Apple's privacy policy applies to the download process
  • We receive no personal data from Apple

Apple's privacy policy: https://www.apple.com/legal/privacy/

9. Changes to this Policy

We reserve the right to update this privacy policy to reflect:

  • App changes
  • Legal requirements
  • Security improvements

Changes will be communicated through the app and our website.

10. Contact for Privacy Concerns

For privacy-related questions or concerns:

Email: foodecho [at] gmx [dot] de
Postal Address: Saarbrücker Straße 2, 54439 Saarburg, Deutschland