Data Privacy HNGRY App

What does this privacy notice govern?

We attach great importance to the protection and security of your personal data. Therefore, we consider it vital to inform you in the following about which of your personal data we process for what purpose and what rights you have in respect of your personal data.

This data protection notice is subject to the DSGVO and any applicable data protection laws of Switzerland.

The HNGRY app

The HNGRY app is a shopping-list app in which you can create and edit your own shopping lists and share them with other HNGRY app users. The HNGRY app is intended to help you with your food planning. You can share the lists you created with friends and family at any time so you can better organize your shopping. The HNGRY app offers you a range of features such as the foods you buy the most frequently, the rhythm you consume them in and thus when you need to stock up on them again. Registration on the app is done via our HNGRY login or a Social Login from the providers Google, Facebook or Apple. We also offer you a guest login without any registration.

The xtraHNGRY storage

Products that you have marked as bought in your shopping list are automatically added to your storage. These are automatically assigned to the appropriate storage location you have at home and you will also receive information about how long they are likely to be fresh and in stock. If necessary, you can easily adjust the storage location and the expiration time *.

Our Smart Availability algorithm uses your usage history and smartly combines it with expert knowledge of food storage. Thanks to various sorting and filtering options *, you can find out more quickly what you still have at home, what is probably no longer in stock or edible and what you should buy again. With just one click * you can add products that need to be bought again to your shopping list.

Functions that are marked with * can only be used if you have subscribed to xtraHNGRY and are therefore subject to payment.

HNGRYnsite powered by Liebherr

The HNGRYnsite powered by Liebherr camera (hereinafter also referred to as “camera”) is a modular camera that can be integrated into all refrigerators. The camera enables you to display a current image of your visible refrigerator contents. The HNGRY app and a login to the HNGRY app is required to use the camera.

General information

What is personal data and what does processing mean?

  • “Personal data”(hereinafter also referred to as “data”) is any information that says something about a natural person. Personal data is not only information that makes a direct reference to a specific person (such as the name or e-mail address of a person), but also information with which, given appropriate additional knowledge, a reference to a specific person can be made.
  • “Processing” means any measures taken in relation to your personal data (such as the collection, recording, organisation, ordering, storage, use or deletion of data).

Who is the controller for the processing of your data?

The controller for the processing of your data is:

Liebherr-Hausgeräte GmbH
Memminger Straße 77-79
88416 Ochsenhausen
Deutschland
Telephone: +49 7352 928-0
E-mail: privacy.appliances@liebherr.com

How can you contact our data protection officer?

Our data protection officer can be reached using the following contact details:

Corporate Privacy
Liebherr-IT Services GmbH
St. Vitus 1
88457 Kirchdorf an der Iller
Deutschland
E-mail: datenschutz@liebherr.com

What rights do you have as a data subject?

Within the provisions of the legislation, as the data subject you have the right to:

  • Information about your data;
  • The correction of incorrect data and the completion of incomplete data;
  • Deletion of your data, particularly if (1) it is no longer necessary for the purposes stated in this data privacy policy, (2) you withdraw your consent and there is no other legal basis for the processing, (3) your data has been unlawfully processed or (4) you have objected to the processing and there are no overriding legitimate grounds for the processing;
  • Restriction of the processing of your data, particularly if the accuracy of the data is contested by you or the processing of your data is unlawful and instead of deletion you demand restriction of use;
  • Object to processing of your data based on legitimate interests on grounds arising from your particular situation, or, without specific justification, to processing of your data carried out for direct marketing purposes; unless it is an objection to direct marketing, we ask that you explain the reasons why we should not process your data as we may do, when you lodge an objection. In the event of your reasoned objection, we will examine the merits of the case and cease processing unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims;
  • Receive your data in a structured, commonly used and machine-readable format and the right to have your information transferred by us directly to another controller;
  • Withdraw consent, if you have given us consent for processing. Please note that the withdrawal of your consent shall not affect the legality of the processing carried out on the basis of your consent until the withdrawal.

If you seek to assert the above rights, kindly note that we may require you to provide proof to establish that you are the person who you say you are.

Furthermore, you have the right to lodge a complaint with a supervisory authority if you believe that the processing of your data infringes the GDPR.

Links to other websites

Our app may contain links to and from websites of other providers not affiliated with us (“third parties”). After clicking on the link, we no longer have any influence on the processing of any data transmitted to the third party when the link is clicked (such as the IP address or the URL on which the link is located), as the behavior of third parties is naturally beyond our control. Therefore, we cannot assume any responsibility for the processing of such data by third parties.

Links to social networks and messenger services

Our app may contain links to share content from our app on various social networks and/or messenger services. The established links do not result in any data being transmitted to providers of social networks or messenger services while you are using our app. Only when you click on one of the links to share content from our app will data (such as your IP address or the URL on which the link is located) be transmitted to the respective provider of the social network or messenger service. We have no influence on further data processing by the respective provider of the social network or messenger service.

Data processing

Download and call of the HNGRY app

When the HNGRY app is downloaded or used on your mobile device, the app transmits the following data to our web servers, which we store in so-called log files:

What data do we process and for what purpose?

We process the following data:

  • Your IP address
  • Date and time of access to the HNGRY app
  • Domain name of your internet access provider
  • The type and version of browser used by you and the operating system used by you
  • URL (address on the internet) of the website you were on at the time of the call-up
  • The files you retrieve via the respective app (type of access, name of the retrieved file, URL of the retrieved file, success of the retrieval)
  • The amount of data transferred to you when visiting the HNGRY app

We process this data in principle only for the purpose of ensuring stability as well as network and information security.

Processing for other purposes occurs only if the requisite legal conditions pursuant to Art. 6(4) GDPR have been met. In this case, we will of course comply with any information obligations pursuant to Art. 13(3) GDPR and Art. 14(4) GDPR.

On what legal basis do we process your data?

Processing for other purposes may only be considered if the necessary legal requirements pursuant to Article 6 para. 4 GDPR are met.

Registration / Authentication of the HNGRY app

We collect the following data during registration and authentication within the HNGRY app:

What data do we process and for what purpose?

During registration and use without the use of a social login, we process the following data:

  • Your unique identifier (UPN)
  • The data you provided during the registration / authentication process
  • IProtocol data such as registration date and date and time of the last successful login

During registration and use using an existing account with Apple, Facebook or Google (social login), we process the following data: Social login identifier and the social login provider

Notice:  If you register with a social login from Apple, Facebook or Google, the social login provider sends us data in addition to a so-called unique identifier (UPN), such as your first and last name (all providers), your profile picture (Facebook) and the link to your Google Plus profile (Google), if you have activated this settings by the respective social login provider. We do not process this data for any purposes.

These data are in principle processed by us solely for the purpose of registration / authentication on our HNGRY app.

Processing for other purposes occurs only if the requisite legal conditions pursuant to Art. 6(4) GDPR have been met. In this case, we will of course comply with any information obligations pursuant to Art. 13(3) GDPR and Art. 14(4) GDPR.

On what legal basis do we process your data?

The processing of your data is carried out for the performance of a contract or in order to take steps prior to entering into a contract pursuant to Article 6 para. 1 point b GDPR.

Usage of the HNGRY app / of the xtraHNGRY storage

We collect the following data during use of the HNGRY app:

What data do we process and for what purpose?

We process the following data:

  • Name of shopping lists, products/product categories
  • Content of notes and product quantity and unit information
  • Permissions for shared shopping lists
  • Log information including for adding, amending, deleting (purchasing) products, shopping lists, notes, quantity and unit information, corrections
  • Usage of the free text input in the product search box
  • Usage of the Share button is pressed, Date and time of switching to other shopping lists, Date and time of when a shopping list was exited, Date and time of the change of the sort order of a shopping list
  • Name of products entered
  • Pictures / photos of the products
    • Notice: The pictures / photos only represents personal data in connection with the metadata. In Accordance with our terms of use, you agree to transmit to the HNGRY app or take with the camera only pictures / photos of food and products that do not contain or present any personal data (e.g. name tags on food containers or pictures / photos of people) or sensitive personal images (e.g. medicines). You can find the terms of use here: https://iamhngry.com/en/terms
  • Firebase token (identifier of the app)

We collect the following additional data during use of the xtraHNGRY storage:

  • Storage profile (such as refrigerator, freezer, zero-degree zone, dry storage)
  • Purchased products of a shopping list of the HNGRY App

These data are in principle processed by us solely for the usage of the HNGRY app and / or the xtraHNGRY storage.

Processing for other purposes occurs only if the requisite legal conditions pursuant to Art. 6(4) GDPR have been met. In this case, we will of course comply with any information obligations pursuant to Art. 13(3) GDPR and Art. 14(4) GDPR.

On what legal basis do we process your data?

Processing for other purposes may only be considered if the necessary legal requirements pursuant to Article 6 para. 4 GDPR are met. In that case, we will of course comply with any information obligations pursuant to Article 13 para. 3 GDPR and Article 14 para. 4 GDPR.

Usage HNGRYnsite camera to display fridge contents & support

During the onboarding and ongoing use of the camera, information and pictures / photos are automatically sent and processed by your HNGRY app in connection with the camera to our web servers. This is necessary in order to correctly display the pictures / photos of the contents of the fridge to you and thus provide the service. In Addition, it is possible that you send us log files via e-mail for the purpose of support requests.

What data do we process and for what purpose?

We process the following data:

  • Your (external/internal) IP-adress
  • ShoppinglistID
  • CameraID
  • ImageID
  • Timestamp
  • SSID
  • LHCloudTraceID
  • Pictures / photos of the fridge content
    • Notice: The pictures / photos only represents personal data in connection with the metadata. In Accordance with our terms of use, you agree to transmit to the HNGRY app or take with the camera only pictures / photos of food and products that do not contain or present any personal data (e.g. name tags on food containers or pictures / photos of people) or sensitive personal images (e.g. medicines). You can find the terms of use here: https://iamhngry.com/en/terms

    These data are in principle processed by us solely for the purpose of providing the service and for the correct processing or answering of your support requests and error analysis/improvement of the camera. This data and the metadata without personal reference are absolutely necessary for the provision of the service.

    Processing for other purposes may only be considered if the necessary legal requirements pursuant to Article 6 para. 4 GDPR are met. In that case, we will of course comply with any information obligations pursuant to Article 13 para. 3 GDPR and Article 14 para. 4 GDPR.

    On what legal basis do we process your data?

    The processing of your data is carried out for the performance of a contract or in order to take steps prior to entering into a contract pursuant to Article 6 para. 1 point b GDPR or to protect our legitimate interests in accordance with Article 6 para. 1 point f GDPR.

    Our legitimate interests are the correct response to and processing of your support request or message.

    You have the right to object, on grounds relating to your particular situation, at any time to processing based on Article 6 para. 1 point f GDPR.

    Einsatz von Technologien & Services

    A. General information

    In providing our app, we use technologies & services. In the following notices we provide you – as a user of our app – with additional information on data processing via the use of technologies & services.

    I. What are technologies & services?

    Technologies & services can be used to determine whether there has already been communication from your end device to our app. Only the technology or service on your end device is identified. Personal data may, for example, be stored in the technologies & services if this is technically absolutely necessary, e.g. to enable a protected login.

    Technologies & services can for example be small text files that a web server or an app can store and read on your terminal equipment (computer, smartphone or similar) that you use. Technologies & services contain individual, alphanumeric character strings that enable identification of the web browser that you are using and may also contain information on user-specific settings.

    The aforementioned technologies & services and other technologies are hereinafter collectively referred to as “Technologies”.

    II. What types of technologies exist?

    We distinguish between essential technologies on the one hand and optional technologies on the other:

    • Essential technologies are those that are technically necessary for the functionality as well as for ensuring the security and stability of our app and information technology systems. We also assign to this category those technologies that store certain settings that you have made, options selected or information entered until you close your app (at the latest), in order to provide the desired function that you have requested (e.g. login status, language setting etc.). Your consent is not required to store or read essential technologies. You cannot, therefore, manage essential technologies via the settings of the consent management service that we use, but only via your app and delete technologies stored there or block storage of technologies.
    • Optional technologies are those that are not essential for functionality nor to ensure the security and stability of our app and information technology systems, but are used for analysis or marketing purposes. These technologies can, for example, be used to compile anonymous statistics and collect information on how you use our app, which enables us to analyse the use of our app and thereby optimise it. We also assign to this category those technologies that store certain settings that you have made, options selected or information entered; these remain after you have closed your app in order to provide the desired function that you have requested (e.g. login status by selecting “Remember my e-mail address”, wish list, compare list etc.) over a longer term. To store or read optional technologies, your prior consent is generally required. You can consent to the use of optional technologies and withdraw any consent that you have granted at any time with future effect via the settings of the consent management service that we use.

    Both essential and optional technologies may be so-called “session technologies” or “persistent technologies”, which differ in their intended lifetime or functional life:

    • Session technologies are stored on your terminal equipment and are automatically deleted when you close your app.
    • Persistent technologies (or permanent technologies) are stored on your terminal equipment and are not automatically deleted when you close your app, but remain on your terminal equipment for a predefined period of time.

    B. Use of technologies on our app

    I. Essential Technologies

    1. Which essential technologies are used for what purpose and for how long?

    Service

    Purpose

    Service provider

    Functional life

    Consent manangement

    Obtaining and managing consent and storing information about consent decisions.

    Liebherr-Hausgeräte GmbH

    Memminger Straße, 77-79

    88416 Ochsenhausen

    Germany

    30 days

    Language detection

    Language detection for user-specific language display of the app

    Until your app is closed

    AppsFlyer /Fraud prevention)

    For the stability and security as well as fraud prevention of our campaigns

    AppsFlyer Ltd.,

    14 Maskit St.,

    POB 12371,

    Herzliya,

    Israel

    Until the purpose is achieved

    • Consent Management

    In order for you to manage the use of optional cookies on our app, we have implemented a consent management service. Via the consent management service, the first time you access our app, you will be presented with a previously defined query (“Cookies, other technologies and miscellaneous services”), which allows you to accept or decline the use of optional cookies by clicking the appropriate button. In addition, clicking on “settings” will take you to the settings of the consent management service, where you will find inter alia a simplified cookie list, classified by type. With the consent management service, you can inter alia find out about the purposes of the cookies that we use, the data processed in each case as well as any data recipients and, in the case of optional cookies, you can give or withdraw your consent at any time by selecting or deselecting the relevant box.
    Please note that essential cookies are already stored upon accessing our app and that the relevant box is preselected. It is not possible to deselect essential cookies via the consent management service. The functionality of the consent management service itself requires the use of certain cookies.

    Information about the service provider:

    Liebherr-Hausgeräte GmbH, Memminger Straße 77-79, 88416 Ochsenhausen, Germany

    Website: https://home.liebherr.com/de/deu/de/home/startseite.html

    Privacy Policy: https://home.liebherr.com/de/deu/de/datenschutz.html – !/content=privacy

    • Language detection

    We use a session technology to enable user-specific language display of our app. In so doing, the language of your app will be detected and our app displayed for you in the same language.

    • AppsFlyer – Fraud prevention

    We use the services of the provider AppsFlyer Ltd, 14 Maskit St, Herzliya, Israel (“AppsFlyer”); parent company: AppsFlyer Inc. 111 New Montgomery St Ste 400 San Francisco, CA, 94105-3616 United States (hereinafter collectively “AppsFlyer”), with the enhancement of “IP anonymisation” (also referred to as “IP masking method”), in order to learn more about the ways in which users become aware of our app / offer through the statistical analysis of our app / offer (“AppsFlyer “Fraud prevention”).

    This involves the collection, processing and use of certain information about the devices used by users, your online usage behaviour and page content accessed. AppsFlyer uses this data on our behalf to evaluate and understand the performance of our marketing measures and channels. Furthermore, the data is used to detect and prevent cases of so-called “mobile fraud”, i.e. manipulative and fraudulent actions in connection with our marketing measures. Based on the collected and subsequently aggregated data, AppsFlyer can identify for us whether certain actions in connection with our app (e.g. download or installation) were caused by manipulation. For this purpose, we have concluded a data processing addendum with AppsFlyer in accordance with Article 28 of the GDPR and the EU standard contractual clauses. Accordingly, AppsFlyer will process the collected data (data on your terminal device or your web browser, IP addresses and your app activities) on our behalf for the purpose of evaluating your use of our app for us, compiling reports on app activities and providing us with other services related to the use of our app and internet usage. Data collected through AppsFlyer may be stored and processed in the United States or in any other country where AppsFlyer or AppsFlyer’s subcontractors maintain facilities. However, the IP masking method we use ensures that before the data is transferred to and stored on an AppsFlyer server in the US, the IP address is truncated within EU member states or other EEA contracting states, so that a full IP address is not transmitted, making it impossible or significantly more difficult to identify a person. For a data transfer to a third country, i.e. a country outside the EU or EEA, appropriate safeguards for the protection of your personal data are generally required. After the Commission Implementing Decision (EU) 2016/1250 of 12 July 2016 on the adequacy of the protection provided by the EU-US Privacy Shield was declared invalid by the European Court of Justice, the EU-US Privacy Shield can no longer be used to guarantee an adequate level of protection in the USA in line with EU standards. Consequently, in the USA there does not currently exist a level of data protection that is equivalent to that prevailing in the EU pursuant to Article 45 GDPR and we cannot provide appropriate safeguards under Article 46 GDPR to offset this shortcoming. As a result, data transfer to the USA is only permitted here with your explicit consent in accordance with Article 49 para. 1 point a GDPR. Possible risks of this data transfer are that access by state authorities, such as security agencies and/or intelligence services, cannot be excluded and your data could be processed by them – possibly without you being informed separately and without you having enforceable rights and effective legal remedies available to you – for reasons of national security, law enforcement or for other purposes in the public interest of the USA. You can object to the collection and storage of data by AppsFlyer at any time with effect for the future by following the instructions at https://www.appsflyer.com/optout. Alternatively, you can stop the use of AppsFlyer technology by sending us a message to feedback@iamhngry.com and informing us of your revocation.

    For this purpose, we have concluded a data processing addendum with AppsFlyer in accordance with Article 28 of the GDPR and the EU standard contractual clauses. Accordingly, AppsFlyer will process the collected data (data on your terminal device or your web browser, IP addresses and your app activities) on our behalf for the purpose of evaluating your use of our app for us, compiling reports on app activities and providing us with other services related to the use of our app and internet usage.

    Data collected through AppsFlyer may be stored and processed in the United States or in any other country where AppsFlyer or AppsFlyer’s subcontractors maintain facilities. However, the IP masking method we use ensures that before the data is transferred to and stored on an AppsFlyer server in the US, the IP address is truncated within EU member states or other EEA contracting states, so that a full IP address is not transmitted, making it impossible or significantly more difficult to identify a person.

    You can object to the collection and storage of data by AppsFlyer at any time with effect for the future by following the instructions at https://www.appsflyer.com/optout. Alternatively, you can stop the use of AppsFlyer technology by sending us a message to feedback@iamhngry.com and informing us of your revocation.

    Information about the service provider:

    AppsFlyer Ltd., 14 Maskit St., Herzliya, Israel

    Website: https://www.appsflyer.com/de/

    Privacy Policy: https://www.appsflyer.com/services-privacy-policy

    2. On which legal basis are essential technologies used?

    We use essential technologies for the purposes of legitimate interests in accordance with Article 6 para. 1 point f GDPR.

    Our legitimate interests are:

    • Ensuring the security and stability of our app and information technology systems, for example by protecting against attacks in the form of targeted server overloads (Denial of Service attacks) or by using optimal load distribution on servers
    • Asserting, exercising and defending legal claims
    • Providing and guaranteeing the proper functionalities of our app
    • Analysis of campaigns, measurement of download statistics and campaign effectiveness
    • Detection and prevention of mobile fraud
    1. How can I object to the use of essential technologies?

    You can exercise your right to object by means of the blocking options described below under “Deletion/Blocking of Technologies” (cf. Article 21 para. 5 GDPR), i.e. by blocking essential technologies via your app settings.

    Please note that if you delete without blocking, essential technologies will be used once again when you access our app at a later date. Please also note that deactivating or deleting or blocking essential technologies may affect the performance and functionality of our app and may cause certain features and functions to be unavailable.

    II. Optional technologies

    Using the following information, we would like to enable you to make a well-founded decision for or against the use of optional technologies and the associated data processing.

    1. Which optional technologies are used for what purpose and for how long?

    Service

    Purpose

    Service provider

    Functional life

    Google Analytics

    App analytics

    Google Ireland Limited,
    Gordon House, Barrow Street,

    Dublin 4, Ireland

    Up to two years

    Google Firebase Crashlytics

    Bug reports

    Google Ireland Limited,
    Gordon House, Barrow Street,

    Dublin 4, Ireland

    Up to two years

    AppsFlyer (Marketing & Retargeting)

    Marketing

    AppsFlyer Ltd.,

    14 Maskit St.,

    POB 12371,

    Herzliya,

    Israel

    Until the purpose is achieved

    • Google Analytics

    Subject to your consent, we use app analysis technologies in order to analyse the use of our app and thereby be able to improve it continuously. The anonymised user statistics obtained (e.g. number and origin of app visitors) enable us to optimise our app and improve its design – such as by placing frequently accessed information or topics on our app at the right location to meet demand.

    For app analysis we use “Google Analytics”, a app analysis service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter collectively “Google”), with the “IP anonymization” extension (also called “IP masking method”). To this end, we have concluded a data processing agreement with Google in accordance with Article 28 GDPR. Google will accordingly process the data collected (data about your terminal equipment or web browser, IP addresses and your app or application activities) on our behalf for the purposes of evaluating your use of our app, compiling reports on app activity and providing other services relating to app and internet usage.

    The data collected using Google Analytics may be stored and processed in the USA or any other country in which Google or sub processors of Google maintain facilities. The IP masking method that we use ensures that before the IP address is transferred to a Google server in the USA and stored there, it is shortened within EU member states or in other EEA member states so that no IP address is transferred in its entirety, thereby preventing or considerably complicating identification of a person. Only in exceptional cases will the complete, i.e. entire, IP address be transferred to a Google server in the USA and only shortened there.

    For a data transfer to a third country, i.e. a country outside the EU or EEA, appropriate safeguards for the protection of your personal data are generally required. After the Commission Implementing Decision (EU) 2016/1250 of 12 July 2016 on the adequacy of the protection provided by the EU-US Privacy Shield was declared invalid by the European Court of Justice, the EU-US Privacy Shield can no longer be used to guarantee an adequate level of protection in the USA in line with EU standards. Consequently, in the USA there does not currently exist a level of data protection that is equivalent to that prevailing in the EU pursuant to Article 45 GDPR and we cannot provide appropriate safeguards under Article 46 GDPR to offset this shortcoming. As a result, data transfer to the USA is only permitted here with your explicit consent in accordance with Article 49 para. 1 point a GDPR. Possible risks of this data transfer are that access by state authorities, such as security agencies and/or intelligence services, cannot be excluded and your data could be processed by them – possibly without you being informed separately and without you having enforceable rights and effective legal remedies available to you – for reasons of national security, law enforcement or for other purposes in the public interest of the USA.

    For a data transfer to a third country, i.e. a country outside the EU or EEA, appropriate safeguards for the protection of your personal data are generally required. After the Commission Implementing Decision (EU) 2016/1250 of 12 July 2016 on the adequacy of the protection provided by the EU-US Privacy Shield was declared invalid by the European Court of Justice, the EU-US Privacy Shield can no longer be used to guarantee an adequate level of protection in the USA in line with EU standards. Consequently, in the USA there does not currently exist a level of data protection that is equivalent to that prevailing in the EU pursuant to Article 45 GDPR and we cannot provide appropriate safeguards under Article 46 GDPR to offset this shortcoming. Consequently, in the USA there does not currently exist a level of data protection that is equivalent to that prevailing in the EU pursuant to Article 45 GDPR and we cannot provide appropriate safeguards under Article 46 GDPR to offset this shortcoming. As a result, data transfer to the USA is only permitted here with your explicit consent in accordance with Article 49 para. 1 point a GDPR. Possible risks of this data transfer are that access by state authorities, such as security agencies and/or intelligence services, cannot be excluded and your data could be processed by them – possibly without you being informed separately and without you having enforceable rights and effective legal remedies available to you – for reasons of national security, law enforcement or for other purposes in the public interest of the USA.

    Service provider information:

    Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA

    Google Ads Data Processing Terms:
    https://privacy.google.com/businesses/processorterms/

    Terms of Service for Google  Analytics:
    https://marketingplatform.google.com/about/analytics/terms/us/

    Overview of data usage in Google  Analytics:
    https://support.google.com/analytics/answer/6004245?hl=en

    Google Privacy Policy:
    https://policies.google.com/privacy

    Technical explanation of “IP Anonymization (or IP masking) in Google Analytics”:
    https://support.google.com/analytics/answer/2763052?hl=en

    Additional note:
    If you wish to deactivate Google  Analytics across all apps, you can download and install the “Google Analytics Opt-out Browser Add-on” at https://tools.google.com/dlpage/gaoptout?hl=en. This option only disables web analysis as long as you are using the app for which you have installed the add-on.

    • Google Firebase Crashlytics

      We have integrated Google Firebase Crashlytics into the HNGRY app to analyse and fix errors. The reporting serves the stability and improvement of the app. Information about the device used and the use of the HNGRY app is collected (e.g. the timestamp, when the app was started and when the crash occurred), which enables us to diagnose and solve problems. This personal data is not merged with your other profile information. The storage period of the data collected in this way can be found in the provider’s privacy policy.
      For app analysis we use “Google Firebase Crashlytics”, a app analysis service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter collectively “Google”), with the “IP anonymization” extension (also called “IP masking method”). To this end, we have concluded a data processing agreement with Google in accordance with Article 28 GDPR. Google will accordingly process the data collected (data about your terminal equipment or web browser, IP addresses and your app or application activities) on our behalf for the purposes of evaluating your use of our app, compiling reports on app activity and providing other services relating to app and internet usage.
      The data collected using Google (Firebase) Analytics may be stored and processed in the USA or any other country in which Google or sub processors of Google maintain facilities. The IP masking method that we use ensures that before the IP address is transferred to a Google server in the USA and stored there, it is shortened within EU member states or in other EEA member states so that no IP address is transferred in its entirety, thereby preventing or considerably complicating identification of a person. Only in exceptional cases will the complete, i.e. entire, IP address be transferred to a Google server in the USA and only shortened there.
      For a data transfer to a third country, i.e. a country outside the EU or EEA, appropriate safeguards for the protection of your personal data are generally required. After the Commission Implementing Decision (EU) 2016/1250 of 12 July 2016 on the adequacy of the protection provided by the EU-US Privacy Shield was declared invalid by the European Court of Justice, the EU-US Privacy Shield can no longer be used to guarantee an adequate level of protection in the USA in line with EU standards. Consequently, in the USA there does not currently exist a level of data protection that is equivalent to that prevailing in the EU pursuant to Article 45 GDPR and we cannot provide appropriate safeguards under Article 46 GDPR to offset this shortcoming. As a result, data transfer to the USA is only permitted here with your explicit consent in accordance with Article 49 para. 1 point a GDPR. Possible risks of this data transfer are that access by state authorities, such as security agencies and/or intelligence services, cannot be excluded and your data could be processed by them – possibly without you being informed separately and without you having enforceable rights and effective legal remedies available to you – for reasons of national security, law enforcement or for other purposes in the public interest of the USA.

    Information about the service provider:
    Google Ireland Limited, Gordon House, Barrow Street Dublin 4 D, Ireland
    Website:
    https://firebase.google.com
    Privacy Policy:
    https://firebase.google.com/support/privacy/

    • AppsFlyer – Marketing & Re-Targeting

    We use the services of the provider AppsFlyer Ltd, 14 Maskit St, Herzliya, Israel (“AppsFlyer”); parent company: AppsFlyer Inc. 111 New Montgomery St Ste 400 San Francisco, CA, 94105-3616 United States (hereinafter collectively “AppsFlyer”), with the enhancement of “IP anonymisation” (also referred to as “IP masking method”), to carry out further advertising of our products (“AppsFlyer  Marketing & Re-Targeting“).

    This involves the collection, processing and use of certain information about the devices used by users, your online usage behaviour and page content accessed. AppsFlyer uses this data on our behalf to evaluate and understand the performance of our marketing measures and channels. For this purpose, we have concluded a data processing addendum with AppsFlyer in accordance with Article 28 of the GDPR and the EU standard contractual clauses. Accordingly, AppsFlyer will process the collected data (data on your terminal device or your web browser, IP addresses and your app activities) on our behalf for the purpose of evaluating your use of our app for us, compiling reports on app activities and providing us with other services related to the use of our app and internet usage.

    Data collected through AppsFlyer may be stored and processed in the United States or in any other country where AppsFlyer or AppsFlyer’s subcontractors maintain facilities. However, the IP masking method we use ensures that before the data is transferred to and stored on an AppsFlyer server in the US, the IP address is truncated within EU member states or other EEA contracting states, so that a full IP address is not transmitted, making it impossible or significantly more difficult to identify a person.

    For a data transfer to a third country, i.e. a country outside the EU or EEA, appropriate safeguards for the protection of your personal data are generally required. After the Commission Implementing Decision (EU) 2016/1250 of 12 July 2016 on the adequacy of the protection provided by the EU-US Privacy Shield was declared invalid by the European Court of Justice, the EU-US Privacy Shield can no longer be used to guarantee an adequate level of protection in the USA in line with EU standards. Consequently, in the USA there does not currently exist a level of data protection that is equivalent to that prevailing in the EU pursuant to Article 45 GDPR and we cannot provide appropriate safeguards under Article 46 GDPR to offset this shortcoming. Consequently, in the USA there does not currently exist a level of data protection that is equivalent to that prevailing in the EU pursuant to Article 45 GDPR and we cannot provide appropriate safeguards under Article 46 GDPR to offset this shortcoming. As a result, data transfer to the USA is only permitted here with your explicit consent in accordance with Article 49 para. 1 point a GDPR. Possible risks of this data transfer are that access by state authorities, such as security agencies and/or intelligence services, cannot be excluded and your data could be processed by them – possibly without you being informed separately and without you having enforceable rights and effective legal remedies available to you – for reasons of national security, law enforcement or for other purposes in the public interest of the USA.

    You can object to the collection and storage of data by AppsFlyer at any time with effect for the future by following the instructions at https://www.appsflyer.com/optout. Alternatively, you can stop the use of AppsFlyer technology by sending us a message to feedback@iamhngry.com and informing us of your revocation.

    Information about the service provider:

    AppsFlyer Ltd., 14 Maskit St., Herzliya, Israel

    Website:

    https://www.appsflyer.com/de/

    Privacy policy:

    https://www.appsflyer.com/services-privacy-policy
    1. On which legal basis are optional technologies used?

    We use optional technologies on the basis of the consent pursuant to Article 6 para. 1 point a in conjunction with Article 7 GDPR.

    1. How can I withdraw the consent that I have given to the use of optional technologies?

    When you (first) access our app, we request inter alia your consent for the use of optional technologies by means of a predefined query (“Technologies & services”). You can withdraw the consent that you have given at any time with effect for the future and thereby prevent further collection of your data by deselecting optional technologies (app analysis, marketing) in the settings of the consent management service.

    If and insofar as you do not consent or withdraw consent already given (further) data collection by means of optional technologies requiring consent and the associated data processing will cease. This presents no drawbacks when using the app, unless you also deactivate the technology functions for essential technologies.

    The revocation of consent will not affect the legality of the processing carried out on the basis of the consent up to revocation.

    As an alternative to withdrawing your consent, you can also make use of the options described below under “Deletion/Blocking of Technologies” to delete or block technologies using the information provided there.

    C. Deletion/Blocking of Technologies

    Technologien werden auf Deiner Endeinrichtung gespeichert, sodass Du die Kontrolle über Technologien hast. Wenn Du nicht möchtest, dass wir Deine Endeinrichtung wiedererkennen, kannst Du jederzeit bereits auf Deiner Endeinrichtung gespeicherte Technologien – manuell oder automatisiert – deaktivieren bzw. löschen und/oder die Speicherung von Technologien für die Zukunft blockieren, indem Du in Deiner Endgeräte-Software die entsprechende Einstellung vornimmst, z.B. „keine Technologien akzeptieren“ oder Ähnliches. Die meisten Endgeräte können zudem so konfiguriert werden, dass eine Speicherung von Technologien nur akzeptiert wird, wenn Du dem gesondert im Einzelfall zustimmen. Wenn Du die Technologien unserer Dienstleister und Partner nicht akzeptieren willst, solltest Du hierzu in Deinem Endgerät die Einstellung „Technologien von Drittanbietern blockieren“ oder Ähnliches vorfinden. In der Regel wird Dir in der Menüleiste Deiner App über die Hilfe-Funktion angezeigt, wie Du bereits gespeicherte Technologien ausschalten bzw. löschen und neue Technologien abweisen kannst. Einzelheiten zu den beschriebenen Möglichkeiten entnimmst Du bitte der Anleitung Deines Endgeräte-Herstellers.

    Please note that if you delete without blocking, any essential technologies will be used the next time and we may ask you once again for your consent to optional technologies when you access our app at a later date. Please also note that deactivating or deleting or blocking essential technologies may affect the performance and functionality of our app and may cause certain features and functions to be unavailable.

    You can manage the settings for the use of optional technologies and the associated data processing at any time in the settings of the consent management service.

    Data recipients

    We may transfer your data to:

    • Other companies of the Liebherr Group, provided this is necessary to initiate, perform or terminate a contract, or for our part we have a legitimate interest in the transmission and your predominant legitimate interest is not opposed to this;
    • The social login provider of your choice
    • The providers of the functions and any other services you actively use;
    • Our service providers that we use in order to achieve the above-stated purposes;
    • The recipient or recipients you specify;
    • Courts of law, courts of arbitration, authorities or legal advisers, if this is necessary to comply with current law or for the establishment, exercise or defence of legal claims

    Data transfers to third countries

    A data transfer to entities in countries outside the European Union or the European Economic Area (so-called third countries) or to international organisations is permissible only (1) if you have given us your consent or (2) if the European Commission has decided that there is an adequate level of protection in a third country (Art. 45 GDPR). If the Commission has not taken such a decision, we can transfer your data to recipients located in a third country only if appropriate safeguards exist (e.g. standard data protection clauses adopted by the Commission or the supervisory authority under a specific procedure) and the enforcement of your rights as a data subject is guaranteed or the transfer is permissible in individual cases on the grounds of other legal bases (Art. 49 GDPR).

    Where we transfer your data to third countries, we will inform you of the respective details of the transfer at the relevant points in this data privacy policy.

    Data erasure and storage period

    We process your data, provided that this is necessary for the respective purpose, if you have not effectively objected to the processing of your data or effectively withdrawn the consent that you may have granted.

    If statutory retention obligations exist, we will have to store the data affected thereby for the duration of the retention obligation. After the expiry of the retention obligation, we will check whether there is any further necessity for processing. If there is no longer any necessity, your data will be deleted.

    Data security

    We use technical and organisational security measures to ensure that your data is protected from loss, improper changes or unauthorised access by third parties. Moreover, we ensure that, on our side, only authorised persons are granted access to your data and then only to the extent necessary for the above-mentioned purposes. The transfer of all data is encrypted.

    Date: August 2023