INFORMED CONSENT FORM
This consent form provides information for potential users of application "Fitspire" owned by SFT Socfit Technologies LTD to understand how the processing of their personal data will be conducted for the purpose of this project, which is subject to the General Data Protection Regulation (GDPR). Please sign at the bottom to indicate that you have read and understood how your personal data will be processed, your related rights, and that you consent to this processing as described below.
SFT Socfit Technologies LTD, located at Ampelakion, 38B, Potamos Germasogias, Limassol 4046, Cyprus, is responsible for all your personal data collected for and during the project and for making sure all those working on the project comply with any data protection requirements for the collection, use and processing of the personal data.
SFT Socfit Technologies LTD is responsible for deciding what personal data needs to be collected during the project and how this data will be used.
SFT Socfit Technologies LTD and its representatives will take all reasonable steps to protect your privacy as is required by law, including letting you know what safeguards are taken to keep your personal data safe. Some ways in which your personal data is kept safe includes removing identifiers of your personal data or encrypting or key-coding it so that it is not identifiable, and collecting only the personal data needed. You can request this information about safeguards by using the address below to contact us.
We are conducting the processing of personal data related to this Socfit project on the basis of your consent.
We will use your personal data primarily for the purposes of this project.
PERSONAL DATA USED
In addition to the information you will directly submit to us, these are the categories of personal data we will use:
your full name
your valid e-mail
your photo from a social media (Facebook)
your Identifier for Advertisers (IDFA)
All other personal data, except for those described above, are collected by analytical services, a complete list of which you will see in paragraph “RECIPIENTS OF YOUR PERSONAL DATA”.
Through their Software Development Kit (SDK) built into our application, analytic services collect and process the following information:
We do not collect personal data listed above. From time to time, we may receive analyzes from analytics services that may contain this data. In this case, the controller of this data is analytical services.
Additionally, we gather data automatically including Personal Data when you use our Online Products, such information includes your browser type, IP address, error logs, operating system and other similar data.
The consent for your personal data processing expressed hereby covers the following operations:
Adaptation or alteration
Disclosure by transmission
Dissemination or otherwise making available
Alignment or combination
Restriction, erasure or destruction
PERSONAL DATA COLLECTION, STORAGE AND TRANSMISSION
Your data will be recorded electronically, processed, and transmitted via the network hub device through a highly secure system on the internet to a data collection center.
All the data we collect is stored in database secure servers provided by Amazon Web Services, Inc. which is located in the USA, Seattle. This data collection and storage procedure is performed on the basis of a Data Protection Agreement.
Your data will be encrypted immediately when it is transmitted. This means that your data and your identifying information will not be readable to anyone not involved in the project lead. Third parties involved in data transmission will not be able to read your data.
RECIPIENTS OF YOUR PERSONAL DATA
We will transfer your personal data with the following recipients:
Public authorities, for those situations where we will receive a lawful order to do so.
As of May 25, 2018 onwards the new EU regulation on personal data is fully in force, in particular the regulation (UE) 2016/679 of the European Parliament and Council dated 27th April, 2016 on data protection (GDPR). For this reason, it is important for you to know the following information:
Under the GDPR and its implementing laws at national level, you have the following rights, with the conditions and limitations set out the GDPR:
To request and obtain confirmation that your data is being processed, as well as access to and a copy of your personal data;
To request and obtain correction of your personal data;
To request and obtain erasure of your data or limitation of use of your data;
To obtain portability of your data;
To request and obtain restriction of your data (which means we limit the access to your dataset);
To request and be informed on transfer of your personal data
To object to processing your personal data
Where your data processing requires your consent, to withdraw your consent at any time (however without affecting the lawfulness of consent-based processing before such withdrawal).
When you withdraw your consent, we will not collect additional information related to you. We may also erase the personal data we already collected. This will happen only if its erasure does not render impossible or seriously impair the achievement of the objectives of the research project.
To exercise your rights, please use the contact information below to submit a request. When you submit a request, please indicate your name, your reasons for making the request, if necessary, and other details you think will be useful for us to comply with your request. You also have the right to contact your home data protection authority if your request is not satisfied.
We keep your data for the entire duration of the provision of services to you. Your data will be deleted if you refuse our services, if you send a request to delete your data, or if our company stops providing such services.
Your personal data might be transferred to the countries outside the European Union / European Economic Area (EU/EEA) or to the countries which have not obtained a decision from the European Commission on the adequate protection of personal data. This means that there may be risks to your personal data under this jurisdiction if the laws protecting your personal data in other countries are not so strict as in the EU/EEA. However, we adopt and implement appropriate safeguards to protect your personal data, as described in this form, namely the relevant EU Standard Clauses will be signed with the receiving party to apply to the receiving party's processing of your personal data in countries outside the EU/EEA.
If you have any concerns about how your personal data is being handled, use the address below to contact us. If you are not satisfied with our reply and how we protect your personal data, you can contact the data protection authority in your home country or in another relevant jurisdiction for this processing activity, pursuant to the conditions of Article 77 GDPR.
CONTACT INFORMATION IF YOU HAVE QUESTIONS OR CONCERNS REGARDING GDPR
Data Protection Officer