Privacy statement for using the Menthal-App


Für die deutsche Version, bitte hier klicken.

1. Information regarding the collection of personal data

(1) We provide you with a mobile app ("Menthal app") that you can download on your mobile device. Hereinafter we inform you about the collection of personal data when using our Menthal app. Personal data is all the data that can be personally related to you, i.e. name, address, e-mail addresses, user behavior.

(2) Responsible according to art. 4 paragraph 7 EU-General Data Protection Regulation (DSGVO/GDPR) is

Murmuras GmbH

Represented by managers Ionut Andone, Qais Kasem, Alexander Markowetz

Meckenheimer Allee 73

53115 Bonn, Germany

info@murmuras.com

Our data protection officers can be reached at:

JURANDO GmbH

Contact person: Dr. Dennis Werner

Rathausplatz 21

58507 Lüdenscheid, Germany

Tel: 0049 2351-66854-37

Fax: 02351-66854-44

E-Mail: datenschutzbeauftragter@jurando.de

Or by post under our post address by mentioning “data protection officers”.

2. Processing of personal data when using our Menthal app

The Menthal app supports “digital diets” and allows you to participate in a study about smartphone usage, which is provided by Murmuras. A sustainable digital lifestyle is promoted as our app supports its users to improve their behavior. The app provides information about users' smartphone usage and surveys this data on behalf of the comprehensive study.

Personal data is used exclusively for study purposes. Especially the use for personalized advertising, personal credit scoring or other automated decisions about individual participants is excluded.

(1) Usage levels

The data collected is used to help users shape their digital behavior. Besides, Murmuras processes your data for its own statistics and publications. In case of inquiries from other researchers, the provider also checks this data to determine whether the participant can also be a subject for these further studies. In this case, the participant may receive a separate invitation to participate in this study.

Murmuras manages the data internally as far as possible pseudonymized. Despite this precaution, it is treated at all times as if it were directly personal.

(2) Analysis period

The Menthal app collects three kinds of data:

  1. It regularly records the location of the participant, also in the background. This results for example, in deriving later the daily action radius of the participant. It evaluates, for example, how much time the participant spends at home or if they are often away from home.

  2. It records the mobile behavior of the participant. In particular, it records from when to when they use the phone (phone session) and from when to when they use which app (app session). From this, it can later be deduced, for example, how long the participant was online in total and which apps they used particularly frequently. Personal data from e-mails, SMS or messenger services are not tracked. Furthermore, directory data like names or phone numbers are not tracked as well.

  3. It collects questionnaires as part of the study. At the beginning, during and at the end of the study, the supplier addresses common factors amongst all participants (onboarding questions). These include, for example, demographic information such as age, gender and marital status or personality traits such as introversion and openness.

The legal basis for the processing of your personal data is art. 6 (1) (a) GDPR (Consent).

See our Terms of Use for more details.

(3) App-Store

When you download the Menthal app, the required information is transferred to the App Store, in particular your account username, email address and client number of your account, time of download, payment information and unique device code. We have no influence on this data collection and are not responsible for it. We only process the data as far as it is necessary for the downloading of the mobile app to your mobile end device.

The supplier of the App Store (here Google Play Store) can be reached at the following contact details: Google Inc., 1600 Amphitheater Parkway, Mountainview, California 94043, USA; https://www.google.com/policies/privacy/partners/?hl=en.

Google has submitted to the EU-US Privacy Shield: https://www.privacyshield.gov/EU-US Framework.

You can also download the Menthal app for free via our website directly to your mobile end device. Upon download, we will process further data via the website and inform you about that in the privacy policy of our website.

(4) Google Firebase products

We use the following Google Firebase products for the Menthal app: Crashlytics and Firebase Cloud Messaging. Within the range of products, different data categories are sometimes processed for different purposes:

  • Firebase Crashlytics: With Crashlytics data while operating the app, including the type of operating system used, information on malfunctions during operation (type of malfunction, time of the malfunction, duration of the malfunction, use of the app at the time of the malfunction) and device information are being processed. Based on this data, we can get an overview of various malfunctions or issues occurring while operating the app and analyze them based on their relevance for use in order to ensure efficient troubleshooting and ensure the stability of the app. The data processing is based on art. 6 (1) sentence 1 letter f GDPR. We have a legitimate interest to identify and fix stability problems that affect the quality of the app. This also increases the user-friendliness of the app for our customers.

  • Firebase Cloud Messaging: Firebase Cloud Messaging enables us to inform users with targeted and contextual messages about our offer and to encourage them to use the app. Information on the subject, type of message and time of sending the message as well as data regarding whether and when a message was received and read is also processed. Some of this data is also used in the analysis. Cloud messaging is only used if you have given your consent (art. 6 (1) sentence 1 letter a GDPR).

You can contact the provider of Google Firebase products under the following contact details: Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) - use of Google Firebase.

3. Rights of subjects

Upon request and in accordance with legal requirements, we will provide you free of charge with information regarding the status of the personal data collected about you as well as that of the further processing of these data. For example, we may correct, block or delete your personal information partially or entirely in accordance with the legal requirements:

(1) Right of access by the data subject (article 15 GDPR)

The right to information gives you access to the data or data categories that concern you and some other important criteria, such as the processing purposes or the duration of the storage. Please note that under certain circumstances your right to information may be restricted in accordance with the legal provisions (e.g. art. 34 Federal Data Protection Act).

(2) Right to corrections (art. 16 GDPR)

Should the data concerning you be incorrect - or no longer correct -, you may request a correction under the provisions of art. 16 GDPR. If your data is incomplete, you may request a completion.

(3) Right to erasure (art. 17 GDPR)

You may request the deletion of your personal data under the conditions of art. 17 GDPR. Your claim for deletion may be restricted for example by the fact that we still need the data to fulfill statutory retention requirements. If we have made your personal data public, you may also be entitled to a "right to be forgotten". You may require proportionate action in order for us to inform the persons responsible regarding your request for erasure. Please note that under certain circumstances your right to erasure may be restricted in accordance with the statutory provisions (e.g. art. 35 Federal Data Protection Act).

(4) Right to restriction of processing (art. 18 GDPR)

Under the provisions of art. 18 GDPR, you may request the restriction of processing. We shall mark your stored personal data with the purpose of limiting its future processing. On the basis of this right you may, for example, exercise other rights in the review phase.

(5) Right to information (art. 19 GDPR)

In case of rights exercising, we shall inform all recipients of the correction, deletion or limitation of data processing under the provisions of art. 19 GDPR. Upon request, we will inform you regarding those recipients.

(6) Right to data portability (art. 20 GDPR)

Under the provisions of art. 20 GDPR, you are entitled to receive from us the respective personal data in a common, machine-readable format. In addition, you can request a direct forwarding to another responsible person, provided that this is technically feasible.

(7) Right to object (art. 21 GDPR)

In an extraordinary situation, you are entitled to object to the further processing of your personal data in accordance with art. 6 paragraph 1, point e) or f) GDPR. We will cease the data processing provided that a statutory exception does not apply. Should that be the case, we may continue the data processing, if e.g. there are compelling protection-worthy reasons that outweigh your interests, rights and freedoms, or in order to assert, exercise or defend legal claims.

(8) Right of complaint

You may also address a complaint to the statutory authority. The statutory authority for us is:

The Federal Commission for Data Protection and Freedom of Information Nordrhein-Westfalen

Kavalleriestr. 2-4

40213 Düsseldorf

Tel.: +49 211 38424-0

Fax: +49 211 38424-10

E-Mail: poststelle@ldi.nrw.de

Terms of use of the Menthal-App for participants

1. General

Murmuras GmbH, based in Bonn, Germany ("provider"), offers the Menthal app for analyzing mobile communications behavior for the user of the app ("participant"), as well as for running a comprehensive study on smartphone behavior which is operated by Murmuras. The data is processed on German servers and is subject to European law (GDPR). Uncommunicated use or even the transfer of data to third parties is excluded. Likewise, the data is used exclusively for studies and will not be used against the user (e.g. through target advertising).

2. Range of functions

The Menthal app allows users to analyze their smartphone behavior. To this end, the users install the Menthal app on their mobile phone.

The Menthal app collects three types of data:

  1. It regularly records the location of the participant. This can help, for example, to derive later the daily radius of action of the participant. For example, how long the participant spends at home or whether they are often away from home is evaluated.

  2. It collects the participant's mobile phone behavior. In particular, it records from when to when they use the phone (phone session) and from when to when they use which app (app session). From this it can later be derived, for example, how long the participant was online in total and which apps they used particularly often. Personal data from e-mails, SMS or messenger services are not tracked. Furthermore, directory data like names or phone numbers are not tracked as well.

  3. It collects questionnaires as part of the study. At the beginning, during and at the end of the study, the provider collects common factors (onboarding questions) from all participants. This includes, for example, demographic information such as age, gender and marital status or personality traits such as introversion and openness.

The Menthal app is limited to the collection of behavioral data and questionnaires. However, personal content from emails, SMS or chat messengers is not recorded. Neither names nor telephone numbers from the address book are being forwarded.

For the purpose of the study, the researcher has access to the entire range of the data collected. The provider also processes the data for their own statistics and publications. In case of inquiries from other researchers, the provider also checks this data to determine whether the participant can also be a subject for these further studies. In this case, the participant may receive a separate invitation to participate in this study.

The participant can gain insight into an analysis of his phone-related behavior (digital lifestyle). Thus, the participant remains the master of his own data.

The app is free to use. The participant is responsible for his hardware (phone), software (e.g. operation system) and the data transfer (e.g. mobile data) and bears the corresponding costs.

3. Registration and access data

The Menthal app can be used by downloading the app and registering there. Participants register by using an email address. The participant makes sure that no conclusion about the natural person can be drawn from the email address. For this purpose, a generic email address is recommended to be used by the participant.

Users of the Menthal app need to be at least 16 years old. Users outside the European Union are required to follow the relevant domestic laws according to the minimum age for giving valid consent for processing personal data and are only allowed to use the app if doing so.

4. Rights of use

The provider grants the participant the non-exclusive, revocable, non-sublicensable and non-transferable right to use the Murmuras platform including all digital content contained therein in accordance with these terms of use for private purposes free of charge.

The granting of the above-mentioned rights of use is subject to the condition of compliance with these terms of use. If the user violates these terms of use, the rights to use the Menthal app including its content are terminated.

In the event of a reasonable assumption that the participant violates these terms of use or causes damage to the Menthal app through their use (e.g. through malware), the provider may, at their own discretion and without prior notice, block the access of a user to the Menthal app including all its functions and block content, in whole or in part.

5. Warranty

The provider assumes no commitment of complete availability of the Murmuras platform. Warranty rights are excluded for the app that can be used free of charge, unless the provider has caused defects intentionally or through gross negligence.

6. Liability

The provider is always liable for intent, gross negligence, for injury to life, limb or health, according to the Product Liability Law and for guarantees expressly granted by the provider.

The liability of the provider is otherwise excluded insofar as this is legally permissible. Statutory mandatory rights of the researcher remain unaffected. For damages caused by minor negligence on the part of the provider, the provider is only responsible should a breach of an essential contractual obligation occur. The amount of this compensation is limited to the foreseeable damage. Significant contractual obligations in this sense are those obligations whose fulfillment the researchers can trust and do so on a regular basis and whose fulfillment is essential for the achievement of the purpose of the contract.

7. Data protection

The provider takes the protection of personal data seriously and observes the legal requirements of the GDPR and other data protection regulations. There is a focus on the principles of "privacy by design" and "privacy by default". Details can be found in the data protection declarations of participants.

8. Additional provisions

Should individual provisions of these terms of use be or become invalid in whole or in part or not enforceable, the effectiveness of the remaining provisions remains unaffected. The ineffective provision is considered to be replaced by an effective provision that comes closest to the purpose of the ineffective provision. The same applies to any loopholes in the regulations.

The law of the Federal Republic of Germany applies.

Click here to opt-out of Google Analytics