Privacy statement for using the Menthal-App
Für die deutsche Version, bitte hier klicken.
1. Information regarding the collection of personal data
(1) We provide you with a mobile app
("Menthal app") that you can download on your mobile device.
Hereinafter we inform you about the collection of personal data when
using our Menthal app. Personal data is all the data that can be
personally related to you, i.e. name, address, e-mail addresses, user
(2) Responsible according to art. 4 paragraph 7 EU-General Data
Protection Regulation (DSGVO/GDPR) is
Murmuras UG (limited liability)
Represented by managers Ionut Andone, Konrad Blaszkiewicz, Qais Kasem,
Meckenheimer Allee 73
53115 Bonn, Germany
Our data protection officers can be reached at:
Contact person: Dr. Dennis Werner
58507 Lüdenscheid, Germany
Tel: 0049 2351-66854-37
Or by post under our post address by mentioning “data protection
2. Processing of personal data when using our Menthal app
The Menthal app supports “digital diets” and allows you to participate in a study about smartphone usage, which is provided by Murmuras. A sustainable digital lifestyle is promoted as our app supports its users to improve their behavior. The app provides information about users' smartphone usage and surveys this data on behalf of the comprehensive study.
Personal data is used exclusively for study purposes.
Especially the use for personalized advertising, personal credit scoring
or other automated decisions about individual participants is excluded.
(1) Usage levels
The data collected is used to help users shape their digital behavior.
Besides, Murmuras processes your data for its own statistics and
In case of inquiries from other researchers, the provider also checks this data to determine whether the participant can also be a subject for these further studies. In this case, the participant may receive a separate invitation to participate in this study.
Murmuras manages the data internally as far as possible pseudonymized.
Despite this precaution, it is treated at all times as if it were
(2) Analysis period
The Menthal app collects three kinds of data:
It regularly records the location of the participant, also in the background. This results
for example, in deriving later the daily action radius of the
participant. It evaluates, for example, how much time the
participant spends at home or if they are often away from home.
It records the mobile behavior of the participant. In particular,
it records from when to when they use the phone (phone session)
and from when to when they use which app (app session). From this,
it can later be deduced, for example, how long the participant
was online in total and which apps they used particularly
frequently. Personal data from e-mails, SMS or messenger services
are not tracked. Furthermore, directory data like names or phone
numbers are not tracked as well.
It collects questionnaires as part of the study. At the beginning,
during and at the end of the study, the supplier addresses common
factors amongst all participants (onboarding questions). These
include, for example, demographic information such as age, gender
and marital status or personality traits such as introversion and
The legal basis for the processing of your personal data is art. 6 (1)
(a) GDPR (Consent).
When you download the Menthal app, the required information is
transferred to the App Store, in particular your account username, email
address and client number of your account, time of download, payment
information and unique device code. We have no influence on this data
collection and are not responsible for it. We only process the data as
far as it is necessary for the downloading of the mobile app to your
mobile end device.
The supplier of the App Store (here Google Play Store) can be reached at
the following contact details: Google Inc., 1600 Amphitheater Parkway,
Mountainview, California 94043, USA;
Google has submitted to the EU-US Privacy Shield:
You can also download the Menthal app for free via our website directly
to your mobile end device. Upon download, we will process further data
(4) Google Firebase products
We use the following Google Firebase products for the Menthal app:
Crashlytics and Firebase Cloud Messaging. Within the range of products,
different data categories are sometimes processed for different
Firebase Crashlytics: With Crashlytics data while operating the app,
including the type of operating system used, information on
malfunctions during operation (type of malfunction, time of the
malfunction, duration of the malfunction, use of the app at the time
of the malfunction) and device information are being processed.
Based on this data, we can get an overview of various malfunctions
or issues occurring while operating the app and analyze them based
on their relevance for use in order to ensure efficient
troubleshooting and ensure the stability of the app. The data
processing is based on art. 6 (1) sentence 1 letter f GDPR. We have
a legitimate interest to identify and fix stability problems that
affect the quality of the app. This also increases the
user-friendliness of the app for our customers.
Firebase Cloud Messaging: Firebase Cloud Messaging enables us to
inform users with targeted and contextual messages about our offer
and to encourage them to use the app. Information on the subject,
type of message and time of sending the message as well as data
regarding whether and when a message was received and read is also
processed. Some of this data is also used in the analysis. Cloud
messaging is only used if you have given your consent (art. 6 (1)
sentence 1 letter a GDPR).
You can contact the provider of Google Firebase products under the
following contact details: Google LLC (1600 Amphitheatre Parkway,
Mountain View, CA 94043, USA) - use of Google Firebase.
3. Rights of subjects
Upon request and in accordance with legal requirements, we will provide
you free of charge with information regarding the status of the personal
data collected about you as well as that of the further processing of
these data. For example, we may correct, block or delete your personal
information partially or entirely in accordance with the legal
(1) Right of access by the data subject (article 15 GDPR)
The right to information gives you access to the data or data categories
that concern you and some other important criteria, such as the
processing purposes or the duration of the storage. Please note that
under certain circumstances your right to information may be restricted
in accordance with the legal provisions (e.g. art. 34 Federal Data
(2) Right to corrections (art. 16 GDPR)
Should the data concerning you be incorrect - or no longer correct -,
you may request a correction under the provisions of art. 16 GDPR. If
your data is incomplete, you may request a completion.
(3) Right to erasure (art. 17 GDPR)
You may request the deletion of your personal data under the conditions
of art. 17 GDPR. Your claim for deletion may be restricted for example
by the fact that we still need the data to fulfill statutory retention
requirements. If we have made your personal data public, you may also be
entitled to a "right to be forgotten". You may require proportionate
action in order for us to inform the persons responsible regarding your
request for erasure. Please note that under certain circumstances your
right to erasure may be restricted in accordance with the statutory
provisions (e.g. art. 35 Federal Data Protection Act).
(4) Right to restriction of processing (art. 18 GDPR)
Under the provisions of art. 18 GDPR, you may request the restriction of
processing. We shall mark your stored personal data with the purpose of
limiting its future processing. On the basis of this right you may, for
example, exercise other rights in the review phase.
(5) Right to information (art. 19 GDPR)
In case of rights exercising, we shall inform all recipients of the
correction, deletion or limitation of data processing under the
provisions of art. 19 GDPR. Upon request, we will inform you regarding
(6) Right to data portability (art. 20 GDPR)
Under the provisions of art. 20 GDPR, you are entitled to receive from
us the respective personal data in a common, machine-readable format. In
addition, you can request a direct forwarding to another responsible
person, provided that this is technically feasible.
(7) Right to object (art. 21 GDPR)
In an extraordinary situation, you are entitled to object to the
further processing of your personal data in accordance with art. 6
paragraph 1, point e) or f) GDPR. We will cease the data processing
provided that a statutory exception does not apply. Should that be the
case, we may continue the data processing, if e.g. there are compelling
protection-worthy reasons that outweigh your interests, rights and
freedoms, or in order to assert, exercise or defend legal claims.
(8) Right of complaint
You may also address a complaint to the statutory authority. The
statutory authority for us is:
The Federal Commission for Data Protection and Freedom of Information
Tel.: +49 211 38424-0
Fax: +49 211 38424-10
Murmuras UG, based in Bonn, Germany ("provider"), offers the Menthal
app for analyzing mobile communications behavior for the user of the app
("participant"), as well as for running a comprehensive study on smartphone behavior which is operated by Murmuras.
The data is processed on German servers and is subject to European law (GDPR).
Uncommunicated use or even the transfer of data to third parties is
excluded. Likewise, the data is used exclusively for studies and will
not be used against the user (e.g. through target advertising).
2. Range of functions
The Menthal app allows users to analyze their smartphone behavior.
To this end, the users install the Menthal
app on their mobile phone.
The Menthal app collects three types of data:
It regularly records the location of the participant. This can help,
for example, to derive later the daily radius of action of the
participant. For example, how long the participant spends at home or
whether they are often away from home is evaluated.
It collects the participant's mobile phone behavior. In
particular, it records from when to when they use the phone (phone
session) and from when to when they use which app (app session).
From this it can later be derived, for example, how long the
participant was online in total and which apps they used
particularly often. Personal data from e-mails, SMS or messenger
services are not tracked. Furthermore, directory data like names
or phone numbers are not tracked as well.
It collects questionnaires as part of the study. At the beginning,
during and at the end of the study, the provider collects common
factors (onboarding questions) from all participants. This includes,
for example, demographic information such as age, gender and marital
status or personality traits such as introversion and openness.
The Menthal app is limited to the collection of behavioral data and
questionnaires. However, personal content from emails, SMS or chat
messengers is not recorded. Neither names nor telephone numbers from
the address book are being forwarded.
For the purpose of the study, the researcher has access to the entire
range of the data collected. The provider also processes
the data for their own statistics and publications. In case of inquiries from other researchers, the provider also checks this data to determine whether the participant can also be a subject for these further studies. In this case, the participant may receive a separate invitation to participate in this study.
The participant can gain insight into an analysis of his phone-related
behavior (digital lifestyle). Thus, the participant remains the master
of his own data.
The app is free to use. The participant is responsible for his hardware
(phone), software (e.g. operation system) and the data transfer (e.g.
mobile data) and bears the corresponding costs.
3. Registration and access data
The Menthal app can be used by downloading the app and registering there. Participants
register by using an email address. The participant makes sure that no
conclusion about the natural person can be drawn from the email address.
For this purpose, a generic email address is recommended to be used by the
Users of the Menthal app need to be at least 16 years old. Users outside the European Union are required to follow the relevant domestic laws according to the minimum age for giving valid consent for processing personal data and are only allowed to use the app if doing so.
4. Rights of use
The provider grants the participant the non-exclusive, revocable,
non-sublicensable and non-transferable right to use the Murmuras
platform including all digital content contained therein in accordance
The granting of the above-mentioned rights of use is subject to the
its content are terminated.
In the event of a reasonable assumption that the participant violates
their use (e.g. through malware), the provider may, at their own
discretion and without prior notice, block the access of a user to
the Menthal app including all its functions and block content, in
whole or in part.
The provider assumes no commitment of complete availability of the
Murmuras platform. Warranty rights are excluded for the app that can be
used free of charge, unless the provider has caused defects
intentionally or through gross negligence.
The provider is always liable for intent, gross negligence, for injury
to life, limb or health, according to the Product Liability Law and for
guarantees expressly granted by the provider.
The liability of the provider is otherwise excluded insofar as this is
legally permissible. Statutory mandatory rights of the researcher remain
unaffected. For damages caused by minor negligence on the part of the
provider, the provider is only responsible should a breach of an
essential contractual obligation occur. The amount of this compensation
is limited to the foreseeable damage. Significant contractual
obligations in this sense are those obligations whose fulfillment the
researchers can trust and do so on a regular basis and whose fulfillment
is essential for the achievement of the purpose of the contract.
7. Data protection
The provider takes the protection of personal data seriously and
observes the legal requirements of the GDPR and other data protection
regulations. There is a focus on the principles of "privacy by design"
and "privacy by default". Details can be found in the data protection
declarations of participants.
8. Additional provisions
in whole or in part or not enforceable, the effectiveness of the
remaining provisions remains unaffected. The ineffective provision is
considered to be replaced by an effective provision that comes closest
to the purpose of the ineffective provision. The same applies to any
loopholes in the regulations.
The law of the Federal Republic of Germany applies.
Click here to opt-out of Google Analytics