Data Privacy Statement

Below, you find information on the way we handle user data, when we collect them and how you can influence both processes for your data. We collect data when users log into their accounts and when they use our services either via our Website or via Mobile App. We also collect data when visitors use our Website. This data privacy statement applies both to the use of our Website offerings (www.SPOYU.com) and the use of our Apps (SPOYU for iOS or android).

You entrusted us with your data. We will go through any length to earn your trust and keep them secure by safeguarding your data from any unauthorized use.

In case you have questions about this Data Privacy Statement or take issue with any aspects of it please contact us. You find the respective contact information above the first lines of this statement.

CONSENT AND RIGHT OF RESCISSION

Consent

By registering with SPOYU the user consents to the collection, processing and use of personal data by the HaPaRo GmbH or third parties acting according to this Data Privacy Statement in the name and on behalf of the HaPaRo GmbH. The HaPaRo GmbH creates a record of the user consent; the user may access this record at any time.

Withdrawal of Consent

At any time, the user has the right to withdraw his/her consent to the use of his/her personal data; the use of personal user data by the HaPaRo GmbH is described in detail below. The user also has the right to object to the use of his/her anonymized data or data, which are processed under an alias.

The user may effectively rescind his/her consent to the use of his/her data by email.

This email shall be sent to info@spoyu.com. The user may also send his/her withdrawal (rescission) of consent by regular (snail) mail to the HaPaRo GmbH, Sindelsdorfer Strasse 80A, D-82377 Penzberg (Bavaria, Germany).

Collection and Use of Data

1.1 Data Collection via Website

Every time the user accesses our Website or uses Website functions, a record of this activity is created and stored on the server.

These are the collected data:

Name of the web page or file, the data or information provided by the user (e. g. query parameters in the URL)

Referring URL, i.e. the web page from which our Website or a file was accessed

Access date and time

Access status (page transmitted, page not found etc.)

Browser type and operating system

The IP address of the user computer

In case of a registered user, also the user’s SPOYU log-in data

We store these data exclusively for the purposes of ensuring and optimizing the system security; these data are deleted or anonymized as soon as they are no longer needed for this purpose.

No linkage to personal data is established. Unless required by applicable law, your data shall not be transmitted to third parties for commercial or non-commercial purposes without your explicit prior consent.

1.2 Collection of Data for the Delivery of Services Subject to Registration

The HaPaRo GmbH needs personal user data to process user requests and deliver the services, which are described in detail in the Company’s General Terms and Conditions. The user provides these data for example as part of the registration process.

Personal data are all data, which reveal information about a person or a definable natural entity (corporation).

Registration for Unpaid Services

When registering for unpaid services the HaPaRo GmbH will ask you for certain required information; the registration cannot be completed without entering these requested data. These data enable the HaPaRo GmbH to provide the services described in the Company’s General Terms and Conditions; these required data are

First and last name

Email address

Residential address

Date of birth

Gender

and at least one favorite type of sport

At the same time, we collect and save your computer’s IP address.

It is up to the user to decide on the information, which will be revealed to other users.

In the settings on the profile page, users are able to ensure that other users only see their adopted user names but not their proper legal names.

Your email address shall not be revealed to other members. Users contact each other via site-specific email account or chat-services.

Registration via Facebook Account (Facebook Connect)

In case you decide to register with the HaPaRo GmbH via your Facebook account (http://www.Facebook.com; ‘Register via Facebook’), you implicitly give us permission to copy the required data from your Facebook account. In the Facebook Connect process, we will copy the following of your Facebook account data:

First Name

Last Name

Email address

Profile photo/image

Residential Address

Gender

We do not store the displayed profile photo/image on our server.

Please be aware that we will establish a direct connection to Facebook while you register via Facebook Connect. The HaPaRo GmbH has no influence on the scope of available data via the Facebook Connect function.

You find further information on registering via your Facebook account here: https://www.facebook.com/full_data_use_policy

Registration via Twitter Account (Twitter Connect)

If you decide to register with the HaPaRo GmbH via the Twitter Connect function of the Twitter social network site (‘Registration via Twitter’) we will collect and save the data, which you entered to register with Twitter. The data comprise your

Email address

First and last name

Gender

Date of birth

You further give us permission to copy the personal data, which the social network site Twitter shares via its Twitter Connect function according to your account settings. Please be aware that we will establish a direct connection to twitter while you register via Twitter Connect. We have no influence on the scope of the data, which Twitter shares via the Twitter Connect function; please use the Twitter Data Privacy Statement http://twitter.com/privacy to obtain information on the scope of data shared via Twitter Connect.

Miscellaneous Information (Profile)

Users may volunteer to enter additional information such as information on hobbies, preferences and other information, which is relevant for finding suitable training partners; users may also upload photos of themselves. This information is the basis of SPOYU user profiles.

It is up to the user to decide on the information, which will be revealed to other users.

Paid Services

In the process of subscribing to paid SPOYU services you will be asked to provide banking or credit card information. These data will be encrypted using SSL (secure socket layer) technology before they are transmitted as payment requests to financial institutions. We do not store these data.

1.3 Data Collection and Use via App

General Information

The data of Mobile SPOYU App users are collected and used for the same purpose and in the same way as described above for data collected via our web pages (see sections 1.1 and 1.2).

In addition, the App installation includes definite device code for verification and analytical purposes and for the prevention of misuse.

Site Transmission

The Mobile SPOYU App provides the ‘Radar’ function, which reveals the presence of other nearby users or friends. This involves the transmission of the user’s location data. These location data are used exclusively to enable search functions. The location data are neither stored nor used for any other or further purposes.

Users are able to log into their profile page and change the settings so that their presence is not ‘on the Radar’ of other users. Moreover, users can easily select profile settings, which disable the exact determination of the user’s whereabouts by way of GPS/WLAN position finding.

Third Party Content

Integrated in the Mobile SPOYU App and particularly in SPOYU Radar may be YouTube videos, Google maps, RSS feeds and graphics from other websites to name just a few examples. Prerequisite to this is always that the providers of such external content recognize the user’s IP address. Without this IP address, these providers are unable to send their data streams to the browser of the Mobile App user. The IP address is therefore essential for the display of such content. We try hard to use only content from providers which use the IP address solely for the delivery of the requested content. However, we cannot prevent third party providers from storing the user’s IP address for statistical purposes. Once we become aware of such use of IP addresses we inform our users about it.

The Use of Crashlytics

The Crashlytics Service is integrated in our Mobile SPOYU App to analyze crashes and to optimize our software. The service is offered by Crashlytics Inc., One Kendall Square, Suite B3201, Cambridge, MA 02141, USA. This service does not involve the transmission of personal user data. The service merely provides crash reports with exact references to code sequences and device information. These analytical data are meant to facilitate maintenance work and consequently the App stability.

You find more information on this service in the Data Privacy Statement of the Crashlytics Company: (http://try.crashlytics.com/terms/privacy-policy.pdf)

1.4 Designation of Data (Earmarking of Data for a Specific Purpose)

The main purpose of collecting personal user data is to provide the user with safe, flawless, efficient and personalized SPOYU services.

Personal data are collected with the following objectives:

1.  To provide services as agreed in the General Terms and Conditions

2. To prevent, discover and investigate prohibited or illegal activities and to enforce the SPOYU General Terms and Conditions of Use as well as this Data Privacy Statement

3. To ensure the operating integrity and the technical quality of the SPOYU products and services

4. To contact the user to the extent necessary for the delivery of the services; advertisements and news shall be emailed to users only to the extent that this is lawful and/or explicitly agreed to by the user.

With the exception of the cases mentioned in this Data Privacy Statement, the collected data shall not be sold or passed on to third parties unless we are obligated to do so by applicable law.

Data Privacy Pertaining to Children

We shall not knowingly collect data from children under the age of 13. We recommend that parents and guardians assume an active role and show interest in the online activities of their children.

Links to Other Websites

This Data Privacy Statement shall apply to our own Internet presence and our own Apps exclusively. The pages of our Website may contain links to third party web pages. Our Data Privacy Statement shall not extend to third party web pages. Whenever you leave our Website and go to a third party website we recommend the careful examination of the third party’s data privacy guidelines before providing personal data.

We do not assume responsibility for third party web content, which our users access via SPOYU web pages.

Newsletter and Emails

Our newsletters inform our users about us and our offers. Users who like to receive our newsletter must provide a valid email address and allow us to confirm that the requesting party is the owner of this email address or alternatively, that the owner of the provided email address consented to receiving our newsletter. We do not collect further data. We collect these data for the sole purpose of adding them to our newsletter distribution list; the data shall not be given or sold to third parties. As part of the newsletter sign-up, we also store the user’s IP address and the sign-up date. The registration of the sign-up data serves the sole purpose of excluding that third parties misuse an email address and sign up for receiving the newsletter without the legitimate user’s knowledge and consent. At any time, the user has the right to withdraw his/her consent to storing the sign-up data and to their use for the purpose of emailing the newsletter. The withdrawal of consent can be executed using a link provided in the newsletter, via the user’s profile settings or by mail/email to the contact addresses below.

Right to be Informed about Stored Personal Data and Request to Delete Personal Data

Of course, every user is entitled at all times to be informed about the data we store about him/her. We provide this information in writing and free of charge. For security and evidentiary purposes we ask our users to send such requests for personal data disclosure in writing and with a handwritten signature to us at this address: HaPaRo GmbH, Sindelsdorfer Strasse 80A, 82377 Penzberg (Bavaria, Germany). You will then receive the stored set of data. If you like to delete your data you may do so by deleting your profile at www.spoyu.com/XXXXXXX. Alternatively, you may write an email to our customer service at info@spoyu.com

Amendments to this Data Privacy Statement

We will disclose all amendments to this Data Privacy Statement with the amendment date on our Website. In the event that we should make considerable changes to this Data Privacy Statement, we may also inform all users by alternative means (e. g. by informing users by email and/or displaying the information on our home page).

Contacts

We always like to hear from you and value your opinion. If you like to comment on our Data Privacy Statement, take issue with it or have any questions please drop us an email at info@spoyu.com or write to us at the following address (authority in charge according to the BDSG [German Federal Data Protection Act]):

HaPaRo GmbH

Sindelsdorfer Strasse 80A

D-82377 Penzberg (Bavaria, Germany)

Telephone +49 (0) 8856 83 08 99-0

info@haparo.com

When you contact us (e. g. by email or by filling out our web form) we will store your request data so that we can respond to your request appropriately and engage in follow-up correspondence.

[Version as of August 20, 2014]