Privacy Policy
1. Introduction
Welcome to CarboPlanner ("we," "us," or "our"). We are committed to protecting your personal information and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website, mobile application, or services (collectively, the "Services"). By accessing or using our Services, you agree to the terms of this Privacy Policy.
2. Who We Are
CarboPlanner is a platform dedicated to providing personalized nutrition and performance plans to help you achieve your health and fitness goals. Our services include customized meal planning, activity tracking, and expert advice to optimize your well-being.
3. Information We Collect
We collect personal data from various categories of individuals, including:
- Users and prospective users of our Services.
- Business partners, such as suppliers and affiliates.
- Our employees and contractors.
Information You Provide to Us:
- Personal Details: Name, email address, date of birth, gender, address, and contact information.
- Health and Fitness Data: Weight, height, dietary preferences, fitness goals, activity levels, and other health-related information you choose to provide.
- Account Information: Username, password, and other credentials used to access our Services.
- Communication Data: Information you provide when you contact us for support or with inquiries.
Information We Collect Automatically:
- Technical Data: IP address, browser type, operating system, device information, and unique device identifiers.
- Usage Data: Pages visited, links clicked, features used, and other activities on our Services.
- Cookies and Similar Technologies: We use cookies to enhance your experience. Please refer to our Cookie Policy for more details.
4. How We Use Your Information
We process your personal data for the following purposes:
- Provision of Services: To create and manage your account, provide personalized nutrition and fitness plans, and offer customer support.
- Improvement of Services: To analyze usage trends and improve the functionality and user experience of our Services.
- Communication: To send you updates, newsletters, promotional materials, and other information that may be of interest to you.
- Legal Obligations: To comply with legal requirements, enforce our Terms of Service, and protect our rights and the rights of others.
- Security: To detect, prevent, and address fraud, security breaches, or other technical issues.
Aggregated and Anonymized Data Usage
We may convert your personal data into aggregated and anonymized data that cannot be used to identify you. This anonymized data is used for research, statistical analysis, and to improve our Services.
5. Legal Basis for Processing
Under the General Data Protection Regulation (GDPR), we process your personal data based on the following legal grounds:
- Consent: We rely on your consent when you sign up for marketing communications or when you provide us with sensitive personal data, such as health information.
- Contractual Necessity: Processing is necessary to perform the contract between you and us, enabling us to provide you with our Services.
- Legitimate Interests: We process your data for our legitimate interests in improving our Services, enhancing security, and providing a better user experience—provided that these interests are not overridden by your rights and interests.
- Legal Obligations: We may process your data to comply with applicable laws, regulations, and legal processes.
6. Information Sharing
We may share your information with:
- Service Providers: Third-party vendors who assist in providing our Services, such as hosting providers, payment processors, and analytics services.
- Business Partners: With your consent, we may share information with partners who offer products or services that complement our own.
- Legal Authorities: If required by law, or to protect the rights, property, or safety of CarboPlanner, our users, or others.
- Corporate Transactions: In the event of a merger, acquisition, or sale of assets, your information may be transferred to the succeeding entity.
We do not sell or rent your personal data to third parties for their marketing purposes without your explicit consent.
7. Your Rights
Under the General Data Protection Regulation (GDPR), you have the following rights regarding your personal data:
- Access: You have the right to request access to the personal data we hold about you.
- Rectification: You can request correction of any inaccurate or incomplete data.
- Erasure: You have the right to request the deletion of your personal data under certain conditions.
- Restriction of Processing: You can ask us to suspend the processing of your personal data in specific situations.
- Data Portability: You have the right to obtain a copy of your data in a structured, commonly used, and machine-readable format.
- Objection: You can object to the processing of your data for direct marketing and other purposes based on legitimate interests.
- Withdrawal of Consent: If we process your data based on consent, you can withdraw it at any time.
To exercise any of these rights, please contact us at kontakt@carboplanner.com.
8. Cookies
We use cookies and similar tracking technologies to collect and use personal information about you. For more information about the types of cookies we use, why we use them, and how you can control cookies, please see our Cookie Policy.
9. Security
We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. However, no internet-based service can be 100% secure, and we cannot guarantee absolute security.
We retain your personal data only for as long as necessary to fulfill the purposes for which we collected it, including:
- Account Information: Retained as long as your account is active. If you deactivate your account, we will retain your data for a period of 12 months in case you decide to reactivate, unless you request deletion.
- Legal Obligations: Certain data may be retained for longer periods to comply with legal obligations, resolve disputes, or enforce our agreements.
- Marketing Communications: If you have consented to receive marketing communications, we will retain your contact information until you unsubscribe or withdraw your consent.
When we have no ongoing legitimate business need to process your personal data, we will either delete or anonymize it.
10. Data Breach Protocol
In the event of a data breach involving personal data as defined by Article 4 of the General Data Protection Regulation (GDPR), CarboPlanner will take immediate and appropriate actions to mitigate the impact and ensure compliance with relevant regulations.
- Identification and Containment: Upon discovering a data breach, we will promptly assess the situation to identify the nature and scope of the breach. We will implement containment measures to prevent further unauthorized access or data loss.
- Assessment of Risk: We will evaluate the potential consequences of the breach, including risks to individuals’ rights and freedoms. This assessment will help us determine the necessary response.
- Notification:
- Regulatory Authorities: If the breach is likely to result in a risk to the rights and freedoms of individuals, we will notify the relevant data protection authority within 72 hours of becoming aware of the breach, as required by GDPR.
- Affected Individuals: If the breach poses a high risk to the affected individuals, we will inform them directly, providing details of the nature of the breach, potential consequences, and measures taken to address it.
- Documentation: We will document the breach, including its effects and the remedial actions taken, to comply with accountability requirements under the GDPR.
- Review and Improve: After managing the breach, we will conduct a thorough review of our security measures and response procedures to identify areas for improvement and to prevent future incidents.
11. International Data Transfers
Your personal data will not be transferred outside of EU/EEA.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any significant changes by posting the new Privacy Policy on this page and updating the "Last Updated" date above.
13. Contact Us
If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at:
- Email: kontakt@carboplanner.com
- Address: CarboPlanner ApS | Cortex Park 26 Odense M, 5230 Denmark
14. Regulatory Authority
If you are a resident of the European Economic Area (EEA) and believe that we have not complied with applicable data protection laws, you have the right to file a complaint with your local Data Protection Authority.
16. Third-Party Links
Our Services may contain links to third-party websites or services. We are not responsible for the privacy practices of such third parties. We encourage you to read the privacy policies of every website you visit.
17. Your Responsibilities
You are responsible for ensuring that any personal data you provide to us is accurate and up-to-date. Please notify us of any changes to your information.
By using our Services, you acknowledge that you have read and understood this Privacy Policy and agree to its terms.
Last updated: 10. October 2024