Privacy Policy Flatastic #

Updated: 01.10.2021

Welcome to the Privacy Policy of Flatastic. We take your right to privacy very seriously. All data you provide to us is treated very carefully.
This Privacy Policy describes which data is collected by Flatastic, how it is being used, stored and protected. This Privacy Policy applies to all of Flatastic’s websites, applications and services.
The personal data we collect, process and store will be kept by us, only as long as the respective purpose of the storage requires it.

Overview #

  1. Preamble
  2. Data Controller and Data Protection Officer
  3. General legal basis
  4. How we process the data
    1. To provide the service
    2. To provide personalized advertisements
  5. What data we process on what basis
  6. Cookies and other tracking technologies
  7. To whom we give your data
    1. Download and in-app purchase
    2. Third party solutions
    3. Third party service providers
    4. Third party contributors
    5. Transfer of Flatastic
  8. Data security
  9. What rights do you have?
  10. Changes to this Privacy Policy

Preamble #

The Flatastic application (hereinafter “application”) is a service to manage your household provided by the Flatastic GmbH (“Flatastic”, “we”, “us”, “our”).
The application consists of different modules such as but not limited to a shared shopping list, expenses management system, cleaning schedule, chat functionality, a contract and subscription management systems.
The application is intended to be used with the members of your household. Therefore the data you add, such as items, expenses or comments, are generally shared with the members of your household.

This Privacy Policy is aligned with the EU General Data Protection Regulation (“GDPR”). This Privacy Policy does not apply to data collected by third parties not affiliated with Flatastic. Please visit the Terms of Use and read this Privacy Policy carefully before using the application.

By using the Flatastic application, you agree to this Privacy Policy. If you do not agree, please do not use the site, service or application.

Data Controller and Data Protection Officer #

The data controller within the meaning of GDPR and all other data protection regulation is:

Flatastic GmbH

Nordstrasse 300

8037 Zürich

General legal basis #

Should you have given your consent to the processing of your personal data, we will process your personal data based and within the scope of this consent. A given consent can be revoked in the future at any time.
Should the processing of personal data be necessary, to fulfill a contractual obligation with you or your company, we will process your data on these bases.
Should the processing of personal data be necessary to fulfil a legal obligation or to protect a legitimate interest, which ranks higher than your fundamental rights to privacy, we will process your data on that basis.

How we process the data #

To provide the service #

First and foremost, we use the data to provide you with the best possible service. In particular, the data you provide to us will be made available to members of your household to improve your comfort. The data collected automatically is used to analyze and understand the use of the application in order to improve your experience. This data is anonymous and is aggregated to serve the legitimate interest of improving the application.

To provide personalized advertisements #

Where permitted by applicable law, we may use your contact data, location, usage and expense data to show you specific advertisements or offers in our own application that we believe may be of interest to you. For instance, based on the data you provide, we may show you advertisements for an insurance that is less expensive than your current insurance.

What data we process on what basis #

When you use our application:

  • Registration: When you create an account with us you are asked to provide your email address, a password, your name and a profile picture. This data is used so the members of your household can identify you and so you can access your account. Should you create a household, we ask you to provide the type of household e.g. shared flat, couple, family, a name and profile picture for your household, the country and city of your household. This data is used to customize your Flatastic experience. This data can be changed anytime within the application in the settings and is used to provide the service.

  • Usage: The application has different modules, which need data to be used properly. For example, but not limited to: Adding expenses with a title, items, sharers and a date or chores with a title, frequency, description, responsible persons. This data is shared only with household members. You are solely responsible for which contacts you invite to your household and which data you share with your household.
    We may add modules, which are publicly accessible. This can be a public forum, blog or chat, where you can communicate with us or other users not being part of your household. These public areas are marked specifically. We don’t recommend posting personal data in public forums. We are not responsible for the personal data you choose to submit in these blogs and other forums, so please be careful about what you disclose and do not post any data that you expect to keep private. This data is used to provide the service.

    • Payment data: We may offer the option to directly pay for the Flatastic Premium subscription products. Should you choose this option we will ask you for additional data, such as billing and contact details, credit or debit card data and for security reasons you may need to confirm your identity. This data is used to provide the service.
    • Feedback and other info: You may send us feedback directly via the feedback feature in the settings. We may ask you to fill out surveys and forms, share your ideas and suggestions with us. This data is used to improve your experience and the application (legitimate interest).
  • Automatically collected data
    When you download or use the application, data may be collected automatically. This data is not stored together with the personal data you provide. In certain circumstances, it may be linked to the identifier we assign to your profile.
    This data includes, but is not limited to, usage data, for example, actions triggered within the application or screens viewed within the application, navigation data, the type of device you are using, the App version, your rough location, and crash reports. To collect this data, we may use third-party solutions. This data is used to improve your experience and the app (legitimate interest).

When you visit our website:

  • Cookies: We use cookies to enhance your experience on our website. If you do not wish to accept cookies from us, you should instruct your browser to refuse cookies when you visit the website. In such a case, we may not be able to provide you with some of the content and services you request. The cookies serve our legitimate interest to improve the interaction with the website.

  • Analytics: When you visit the website, data is automatically collected. This visitor data includes, but is not limited to, pages visited, total time spent on the website, device type, browser version, rough location. To collect this data, we may use third-party solutions. This data is used to improve your experience and the website (legitimate interest).

Cookies and other tracking technologies #

Flatastic may use cookies, pixels, beacons or other tracking technologies on the website and in the application to help analyze the marketing campaigns, the effectiveness of our promotions, the flow within the application or on the website and to measure traffic and usage in order to improve the experience.

To whom we give your data #

WE WILL NOT PROVIDE ANY OF YOUR PERSONAL DATA TO ANY THIRD PARTY EXCEPT AS OUTLINED IN THIS POLICY OR WITH YOUR CONSENT.

Download and in-app purchase #

When you download the application and when you purchase an in-app product, such as but not limited to a monthly subscription or a yearly subscription, the necessary data for these processes is submitted to the “Apple App-Store” respectively the “Google Play Store”.
The necessary data contains but is not limited to: Your username, your email address, the time stamp of the download, the time stamp of your purchase, your payment data and the unique id of your device. We are not responsible for this processing and can not influence this process and the processing of the requested data. The responsibility lies solely with the respective App Stores.
We would like to point out that Apple Inc., 1 Infinite Loop, Cupertino, California, USA, 95014 („Apple“) and the Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA („Google“) both take strict measures to protect your personal data. You can find more information about their policies here:

https://www.apple.com/legal/privacy/en-ww/
https://policies.google.com/privacy

Third party solutions #

Google Firebase: In order to analyse and improve the usage of the applications and website, we use the technology Google Firebase provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA („Firebase“). Firebase uses whenever possible servers based in the EEA. Furthermore Google is subject to the EU-US Privacy Shield Framework (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
You can find more information about the Firebase and their Privacy Terms at:
https://firebase.google.com/support/privacy/

We use the following Services provided by Firebase:

  • Google Analytics for Firebase to analyze the usage of the application. The data collected is anonymous and aggregated
  • Firebase Cloud Messaging to send out push notifications.
  • Firebase In-App Messaging to send out In-App messages
  • Firebase Crashlytics to collect data about app crashes

Mailjet: To send transactional and onboarding emails, necessary information about the usage of the application and an occasional newsletter we use Mailjet by Pathwire, 13 rue de l'Aubrac Paris, Ile de France 75012 (“Mailjet”). Mailjet is ISO 27001 certified and GDPR compliant. You can find more information about Mailjet and their Privacy Terms at:
https://www.mailjet.com/security-privacy/

Freshdesk: To manage your requests and questions we use the Freshdesk technology by Freshworks San Mateo, CA 2950 S. Delaware Street, Suite 201 (“Freshdesk”). You can find more information about Freshdesk and their Privacy Terms at:
https://www.freshworks.com/gdpr/

Flatastic displays advertisements to users, who have not bought a premium subscription. For this we use marketplaces and integrations:

Google AdMob: Google AdMob provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("AdMob "), is used to deliver ads within the Flatastic application. The Software Development Kit (SDK) provided by AdMob has been integrated into the Flatastic application. Whenever an advertisement is displayed, the SDK loads it directly from AdMob and delivers it within the Flatastic application. To make the ad relevant to you, it can be personalised. We cannot review every advertisement that is displayed within the Flatastic application. If you do not want to see ads, buy a premium subscription.

In the future, we may use other solutions, such as, but not limited to, payment APIs.
We always evaluate the solutions we use for compliance with the GDPR and regularly update the Third Party Solutions section of the Privacy Policy.

Third party service providers #

In the future, we may offer you contracts to make your household easier and better organized, such as but not limited to internet service providers, energy and utility providers, insurance and other household related expenditures. We will not pass any of your personal data to a possible third party service provider without your explicit consent.

Third party contributors #

To develop and improve the application we may work with freelance developers, contractors or other third parties. These contributors are bound by confidentiality, will not pass on any personal data and take strict technical measures to protect your personal data.

Transfer of Flatastic #

If Flatastic or Flatastic's assets are acquired by another company, we may transfer, sell or assign data concerning your relationship with us to the other entity. That entity will assume the rights and obligations with respect to that data as described in this Privacy Policy and as required by applicable law.

Data security #

Our website and the backend of the application are hosted on Amazon Web Services. We chose to host the data within the European Economic Area (“EEA”). You can read the Amazon Web Services security policy here:
https://aws.amazon.com/security/

Despite our effort, certain data may be stored outside the EEA. We will take all steps reasonably necessary to ensure that the data is appropriately safeguarded and treated in accordance with this Privacy Policy.

We use a modern IT infrastructure with high security standards. We develop our internal processes such that appropriate data security can be ensured. All data you provide to us is stored on our secure servers. The data is transmitted over an industry standard Secure Socket Layer (SSL) connection. You are responsible for keeping the password to your user account confidential. Do not share the password with anyone.

Transmission over the Internet is not completely secure. We cannot guarantee the security of your data, even though we do our best to protect your data. Once we have received your data, strict policies and technical measures are in place to try to prevent unauthorized access.

What rights do you have? #

You have the following rights:

  • Right to information
  • Right of rectification (in case of incorrect data)
  • Right to be forgotten
  • Right to restrict processing
  • Right to data transmission
  • Right to object to processing
  • Right to lodge a complaint with the competent data protection authority

Exceptions apply to these rights. Therefore, we cannot (fully) comply with all requests to exercise these rights.

Changes to this Privacy Policy #

Flatastic may change this Privacy Policy at any time and unilaterally. We will notify you of such changes in an appropriate manner. Your continued use of the application following notice of changes to the Privacy Policy constitutes your express acceptance of such changes.