Privacy policy Lingvano App

1. General

(1) In the following, we inform you about the collection of personal data when using our app “Lingvano”. 

(2) Details about the processing of your data within the general Lingvano website can be found at https://www.lingvano.com/asl/privacy-policy-web/. Please also note our our General Terms and Conditions (GTC) .

(3) As part of our “Lingvano” platform, which is available both as a web app (via your internet browser) and as mobile apps (iOS and Android), we enable you to easily learn various sign languages (hereinafter collectively “App” or “Service”). When you use the App, we process personal data about you. Personal data means any information relating to an identified or identifiable natural person. Because protecting your privacy when using the App is important to us, we would like to inform you with the following information about which personal data we process when you use the App and how we handle this data.

(4) You can access this privacy policy at any time under the menu item “Settings” within the App.

2. Controller

(1) Controller according to Section 4 no 7 EU General Data Protection Regulation (GDPR) is 

Lingvano GmbH (“Lingvano“, “we” or “us”)
Sieveringer Straße 72
1190 Vienna
Austria

(2) If you have any questions regarding data protection, please contact us via Support Ticket (available in the App under Help / “Submit a ticket”).

3. Information about the processing of your data

3.1. Information collected during download

When downloading the App, certain required information is transmitted to the app store selected by you (e.g. Google Play or Apple App Store), in particular the user name, the e-mail address, the customer number of your account, the time of the download, payment information and the individual device identification number may be processed. The processing of this data is carried out exclusively by the respective app store and is beyond our control.

3.2. Information that is collected automatically

(1) As part of your use of the App, we automatically collect certain data that is required to use the App. This includes:

  • IP address
  • Date and time of the request
  • Time zone difference from Greenwich Mean Time (GMT)
  • Content of the request (actual page)
  • User ID
  • E-mail address
  • Access status/HTTP status code
  • Data volume transferred in each case
  • Web page from which the request comes
  • App version

(2) This data is automatically transmitted to us in order to (i) provide you with the Service and related features; (ii) improve the features and functionality of the App; and (iii) prevent and remedy misuse and malfunctions. 

(3) This data processing is justified by the fact that (i) the processing is necessary for the performance of the contract between you as the data subject and us pursuant to Art 6 (1) (b) GDPR for the use of the App, and/or (ii) we have a legitimate interest pursuant to Art 6 (1) (f) GDPR in ensuring the functionality and error-free operation of the App, to increase the security and stability of the App and to be able to detect and pursue attacks on the services and misuse, as well as to be able to offer a service that is in line with the market and interests.

(4) This data is stored for 15 days and then deleted.

3.3. Cookies

(1) In addition to the previously mentioned data, cookies are stored on your computer when you use the web app (via your Internet browser). Cookies are small text files that are stored on your hard drive assigned to the browser you are using and through which the entity that sets the cookie (in this case by us) receives certain information. Cookies cannot execute programs or transfer viruses to your computer. They serve to make the Internet offer as a whole more user-friendly and effective.

(2) Use of cookies:
(a) This website uses the following types of cookies, the scope and functionality of which are explained below:

  • Transient cookies (see b)
  •  Persistent cookies (see c)

(b) Transient cookies are automatically deleted when you close the browser. These include in particular the session cookies. These store a so-called session ID, with which various requests of your browser can be assigned to the common session. This allows your computer to be recognized when you return to our website. The session cookies are deleted when you log out or close the browser.

(c) Persistent cookies are automatically deleted after a specified period of time, which may differ depending on the cookie. You can delete the cookies in the security settings of your browser at any time.

(3) You can configure your browser settings according to your preferences and, for example, refuse to accept third-party cookies or all cookies. Please note that you may not be able to use all functions of this website.

(4) For more information on the cookies used on this website, please refer to the cookie settings accessible from each (sub-)page of this website at the bottom under the “Cookie Policy” tab or here. 

(5) The processing of cookie data is carried out with regard to necessary and useful cookies on the basis of a legitimate interest pursuant to Art 6 (1) (f) GDPR, namely to ensure the functionality and security of this website. 

(6) With regard to analysis, reporting and marketing cookies (“non-essential cookies”), the processing is based on your consent within the cookie settings at the beginning of your visit to this website. You can adjust this consent at any time within the cookie settings, which are accessible from every (sub-)page of this website at the bottom under the tab “Cookie Policy” or here, and thus also revoke your consent at any time with effect for the future.

3.3.1. Google Adwords Conversion

(1) We use the offer of Google Adwords to draw attention to our attractive offers with the help of advertising media (so-called Google Adwords) on external websites. We can determine how successful the individual advertising measures are in relation to the data of the advertising campaigns. In this way, we pursue the interest of displaying advertising that is of interest to you, making our website more interesting for you and achieving a fair calculation of advertising costs.

(2) These advertisements are delivered by Google via so-called “ad servers”. For this purpose, we use ad server cookies, which can be used to measure certain parameters for measuring success, such as the display of ads or clicks by users. If you access our website via a Google ad, Google Adwords will store a cookie on your device. These cookies usually lose their validity after 30 days and are not intended to identify you personally. The unique cookie ID, number of ad impressions per placement (frequency), last impression (relevant for post-view conversions) and opt-out information (marking that the user no longer wishes to be addressed) are usually stored as analysis values for this cookie.

(3) These cookies enable Google to recognize your internet browser. If a user visits certain pages of the website of an Adwords customer and the cookie stored on his computer has not yet expired, Google and the customer can recognize that the user clicked on the ad and was redirected to this page. A different cookie is assigned to each Adwords customer. Cookies can therefore not be tracked via the websites of Adwords customers. We ourselves do not collect and process any personal data in the aforementioned advertising measures. We only receive statistical evaluations from Google. Based on these evaluations, we can see which of the advertising measures used are particularly effective. We do not receive any further data from the use of the advertising media; in particular, we cannot identify users on the basis of this information.

(4) Due to the marketing tools used, your browser automatically establishes a direct connection with Google’s server. We have no influence on the scope and further use of the data collected by Google through the use of this tool and therefore inform you according to our state of knowledge: Through the integration of AdWords Conversion, Google receives the information that you have called up the corresponding part of our website or clicked on an ad from us. If you are registered with a Google service, Google can assign the visit to your account. Even if you are not registered with Google or have not logged in, there is the possibility that the provider learns of your IP address and stores it.

(5) You can prevent participation in this tracking process in various ways: a) by adjusting your browser software settings accordingly, in particular the suppression of third-party cookies will result in you not receiving ads from third-party providers; b) by disabling cookies for conversion tracking by setting your browser to block cookies from the domain “www.googleadservices.com”, https://www.google.de/settings/ads, deleting this setting when you delete your cookies; c) by disabling the interest-based ads of the providers that are part of the self-regulatory campaign “About Ads” via the link http://www.aboutads.info/choices, deleting this setting when you delete your cookies; d) by permanently disabling them in your Firefox, Internetexplorer or Google Chrome browsers at the link http://www.google.com/settings/ads/plugin. We would like to point out that in this case you may not be able to use all functions of this offer to their full extent.

(6) More information about Google’s privacy practices can be found here: http://www.google.com/intl/de/policies/privacy and https://services.google.com/sitestats/de.html. Alternatively, you can visit the Network Advertising Initiative (NAI) website at http://www.networkadvertising.org. 

(7) This processing is based on your consent within the cookie settings at the beginning of your visit to this website. You can adjust this consent at any time within the cookie settings, which are accessible from every (sub-)page of this website at the bottom under the tab “Cookie Policy” or here, and thus also revoke your consent at any time with effect for the future.

3.3.2. Facebook Pixel

(1) Our website also uses a visitor action pixel from Facebook for statistical purposes. The provider is Meta Platforms Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland. The visitor action pixel makes it possible to track the behavior of users, for example when they were redirected to this website after clicking on an ad placed on Facebook’s offer. This is used to evaluate advertisements for statistical purposes and for the purpose of continuous improvement of existing and future advertising activities. As a result, it is transmitted to the Facebook server that you have visited this website. Subsequently, Facebook may associate this information with an existing personal user account on Facebook. However, the data collected in this way does not allow us to draw any conclusions about the user’s identity. 

(2) For more information, please see Facebook’s privacy policy. To prevent Facebook from associating your visit to this website with your Facebook account, please log out of your Facebook account. You can also completely prevent the loading of Facebook plugins with add-ons for your browser, e.g. with the “Facebook Blocker” (http://webgraph.com/resources/facebookblocker/). 

(3) This processing is based on your consent within the cookie settings at the beginning of your visit to this website. You can adjust this consent at any time within the cookie settings, which are accessible from each (sub-)page of this website at the bottom under the tab “Cookie Policy” or here, and thus also revoke your consent at any time with effect for the future.

3.3.3. Microsoft Bing Ads

(1) Our site also uses the conversion tracking of Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. If you have reached our website via a Microsoft Bing ad, a cookie is set on your device. This makes it possible to determine whether someone has clicked on an ad, been redirected to our website and reached a previously determined target page. We ourselves do not collect or process any personal data in the aforementioned advertising measures. We only receive statistical evaluations from Microsoft. These evaluations enable us to identify which of the advertising measures used are particularly effective. We do not receive any further data from the use of the advertising media; in particular, we cannot identify users on the basis of this information.

(2) To prevent this, you can generally reject the setting of a cookie required for this (see above). In addition, you can prevent the collection and processing of your data by Microsoft by objecting at https://account.microsoft.com/privacy/ad-settings/signedout?lang=en. Further information on data protection can be found at https://privacy.microsoft.com/en-us/privacystatement.

(3) This processing is based on your consent within the cookie settings at the beginning of your visit to this website. You can adjust this consent at any time within the cookie settings, which are accessible from each (sub-)page of this website at the bottom under the tab “Cookie Policy” or here, and thus also revoke your consent at any time with effect for the future.

3.3.4. Bing Universal Event Tracking (UET)

(1) Our website also uses technologies from Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA with which data is collected and stored from Bing Ads and from which usage profiles are created using pseudonyms. This enables us to track activities on our website of users who have reached our website via ads from Bing Ads. In this case, a cookie is set. By means of the Bing UET tag integrated on our website, some non-personal data about the use of our website can be evaluated, such as the length of stay, which areas were called up and via which ad you arrived at our website. Personal data is not collected.

(2) The data is also transferred to Microsoft servers in the USA and stored for a maximum of 180 days. 

(3) You can generally prevent this processing by disabling the setting of cookies.  So-called cross-device tracking, which tracks your usage behavior across several of your devices and can thus be used to display personalized advertising on or in Microsoft websites and apps, can be deactivated at http://choice.microsoft.com/en/opt-out. You can find more information about this at https://help.bingads.microsoft.com/#apex/3/en/53056/2 and in Microsoft’s privacy policy (https://privacy.microsoft.com/en/privacystatement).

(4) This processing is based on your consent within the cookie settings at the beginning of your visit to this website. You can adjust this consent at any time within the cookie settings, which are accessible from each (sub-)page of this website at the bottom under the tab “Cookie Policy” or here, and thus also revoke your consent at any time with effect for the future.

3.3.5. ActiveCampaign

(1) Our website also uses the ActiveCampaign tracking tool from the US provider ActiveCampaign, 1 N Dearborn Street, 5th floor, Chicago, IL 60602, USA for statistical analysis purposes. For more information, please visit https://www.activecampaign.com/legal/privacy-policy.

(2) This processing is based on your consent within the cookie settings at the beginning of your visit to this website. You can adjust this consent at any time within the cookie settings, which are accessible from each (sub-)page of this website at the bottom under the tab “Cookie Policy” or here, and thus also revoke your consent at any time with effect for the future.

3.3.6. Mixpanel

(1) Our website also uses the Mixpanel tracking tool from the US provider Mixpanel, One Front Street, 28th Floor, San Francisco, CA 94111, USA for statistical analysis purposes. You can find more information at https://mixpanel.com/legal/privacy-policy

(2) This processing is based on your consent within the cookie settings at the beginning of your visit to this website. You can adjust this consent at any time within the cookie settings, which are accessible from each (sub-)page of this website at the bottom under the tab “Cookie Policy” or here, and thus also revoke your consent at any time with effect for the future.

3.4. Creation of a user account (registration) and login

(1) When you create a user account or register, we use your access data (name, e-mail address and password) to create a user account, to grant you access to your user account and to manage it (“Mandatory Data“). If you do not provide this data, you will not be able to create a user account. For registration via third party providers see below section 3.5.

(2) If you purchase a license for a paid premium contract, we store the necessary subscription information (type, duration, costs, etc.), payments made as well as cancellations (“Premium Data“). 

(3) We use the Mandatory Data to authenticate you when you log in, to provide you with your individual user account including learning progress and to follow up on requests to reset your password. We process and use the information you provide during registration or login to (i) verify your eligibility to manage the user account; (ii) enforce our GTC and any rights and obligations associated therewith; and (iii) contact you to send you technical or legal notices, updates, security messages, or other messages relating to, for example, the management of the User Account.

(4) This data processing is justified by the fact that (i) the processing is necessary for the performance of the contract between you as the data subject and us pursuant to Art 6 (1) (b) GDPR for the use of the App, and/or (ii) we have a legitimate interest pursuant to Art 6 (1) (f) GDPR in ensuring the functionality and error-free operation of the App.

(5) This data is generally stored for the duration of the existence of your user account and then deleted. For the termination of your user account see below section 5. We store Premium Data together with the related and necessary Mandatory Data for 10 years after the end of the respective subscription year in accordance with Austrian tax and company law requirements (UGB / BAO).

3.5. Third party login

(1) You can also register and sign in to our Service via 3rd party (“Sign in with Facebook”, “Sign in with Google”, “Sign in with Apple”), depending on availability, if you wish to do so and have made the appropriate settings with the third-party services. 

(2) “Google Sign-In” or “Sign in with Google” is a service provided by Google (“Google”). This links your Google account with our Service and we receive your name and email address from Google. For more information on the processing of your data by Google, please visit https://policies.google.com/privacy?hl=en

(3) “Sign in with Facebook” is a service provided by Meta (“Facebook”). This links your Facebook account to our Service and we receive your name and email address from Facebook. For more information about this and the privacy settings, please refer to the privacy notices and terms of use of Facebook.

(4) “Sign in with Apple” is a service provided by Apple (“Apple”). This links your Apple account with our Service, generates an ID from Apple and makes this available to us along with your name and email address. You can find information on the processing of your data by Apple at https://www.apple.com/privacy/. You can determine the form and scope of the data transfer by Apple by making the appropriate settings directly at Apple.

(5) The processing of your data within the scope of registration via 3rd party is based on your consent according to Art 6 (1) (a) GDPR as well as your legal relationship with the respective provider and the settings made within the scope of the possibilities there. The use of these services is voluntary, you can alternatively also create an account directly with us and thus avoid such processing.

3.6. Use of the App

(1) Within the App you can enter, manage and edit various information, tasks and activities. This information includes, for example, the selected sign language as well as data about the completed modules, lessons and tests as well as the available certificates (“Usage Data“). 

(2) The App also requires the following permissions:

  • Internet access: This is required to transmit your entries and store them on our servers.
  • Camera access: This is required so that you can practice using the mirror function. In the course of this function, no recordings are saved, but the camera function is only used for the live display of your own movements. Access is on a voluntary basis. However, the mirror function cannot be used without camera access.

(3) The processing and use of Usage Data is carried out for the provision of the service. This data processing is justified by the fact that the processing is necessary for the performance of the contract between you as the data subject and us pursuant to Art 6 (1) (b) GDPR for the use of the App.

(4) This data is stored for the duration of the existence of your user account and then deleted. For the termination of your user account see under point 5.

3.7. Newsletter and tracking

(1) If you have agreed to receive information and advertising messages (“newsletter”), for example in the course of registration, the necessary data, such as your e-mail address, will be processed for the purpose of sending these messages. 

(2) Our newsletters contain so-called tracking pixels. These are miniature graphics that are embedded in emails to enable log file recording and log file analysis. This allows a statistical evaluation of the success or failure of online marketing campaigns. Based on the embedded pixel, we may see if and when an e-mail was opened by a data subject, and which links contained in the e-mail were called up by the data subject. This allows us to optimize the sending of the newsletter and to better adapt the content of future newsletters to the interests of the data subject. 

(3) By expressly consenting to receive newsletters, you consent to the processing of your contact data for this purpose and to this extent, as well as to the sending of promotional messages in accordance with Art 6 (1) (a) GDPR and Section 174 Austrian Telecommunications Act 2021 (TKG 2021). 

(4) Processing will take place until you revoke your consent. In any case, you can refuse further messages via the “Unsubscribe” link in every message as well as via Support Ticket (Available in the App under Help / “Submit a ticket”), subject “Unsubscribe newsletter”.

4. Data sharing and transfers

4.1. General

In addition to the cases explicitly mentioned in this data protection declaration, your personal data will only be passed on without your express prior consent if this is permitted or required by law. This may be the case, for example, if the processing is necessary to protect the vital interests of the user or another natural person.

4.2. Payment processors and distributors

(1) If you purchase the license for a premium account within the scope of the mobile apps, the respective app store is the contractual partner within the scope of the license agreement. Your data required to process the purchase contract will be transmitted to the respective app store for this purpose. You can find more information on data protection and payment and contract processing at the respective provider itself in our GTC and at:

(a) Google Play Store: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (or the Google company specified in the purchase process).
https://policies.google.com/privacy 
https://play.google.com/intl/en_us/about/play-terms/index.html

(b) Apple App Store: Apple Distribution International Limited, with registered office at Hollyhill Industrial Estate, Hollyhill, Cork, Republic of Ireland (or the Apple company specified in the purchase process).
https://www.apple.com/privacy/
https://www.apple.com/legal/

(2) If you purchase the license for a Premium Account within the web app in your internet browser, the contractual partner regarding the license agreement is the respective contracting company of Paddle (“Paddle“) specified in the purchase process. Your data required to process the purchase contract will be transmitted to Paddle for this purpose. You can find more information about this, data protection and payment and contract processing at Paddle in our GTC and at https://www.paddle.com/legal/privacy and https://www.paddle.com/legal/terms

4.3. Defense and assertion of legal claims

(1) If it is necessary to clarify illegal or abusive use of the App or for legal prosecution, personal data will be forwarded to law enforcement agencies or other authorities and, if necessary, to injured third parties, insurance companies or legal advisors. However, this only happens if there are indications of unlawful or abusive behavior. A transfer may also take place if this serves the enforcement of terms of use or other legal claims. We are also legally obligated to provide information to certain public authorities upon request. These are courts, law enforcement agencies, administrative authorities for the prosecution of administrative offenses and the tax authorities.

(2) Any disclosure of the personal data is justified by the fact that (i) the processing is necessary for compliance with a legal obligation to which we are subject pursuant to Art 6 (1) (c) GDPR in conjunction with national legal requirements to disclose data to authorities or courts, and/or (ii) we have a legitimate interest pursuant to Art 6 (1) (f) GDPR in disclosing the data to the aforementioned third parties if there are indications of abusive behavior or in order to enforce our terms of use, other conditions or legal claims.

4.4. Service providers

(1) We use the following third-party companies and external service providers to provide our Service:

  • Cloudflare (Cloudflare, Inc., 101 Townsend St, San Francisco, CA 94107, USA): 
    CDN (Content Delivery Network), Security, Firewall, Web Traffic Statistics. For more information on data protection, please visit https://www.cloudflare.com/privacypolicy/.  
  • Fastly (Fastly, Inc., 475 Brannan St., Suite 300 San Francisco, CA 94107, USA): 
    CDN (Content Delivery Network), statistics. For more information on data protection, please visit https://www.fastly.com/de/privacy/
  • Sentry (Functional Software, Inc. d/b/a Sentry, 45 Fremont Street, 8th Floor, San Francisco, CA 94105, USA): 
    Error recording, reporting and management. For more information on data privacy, please visit https://sentry.io/privacy/
  • Expo (650 Industries, Inc, 624 University Ave # 1 Palo Alto, CA, 94301-2019 United States): 
    OTA App Updates. For more information on data privacy, please visit https://expo.dev/privacy
  • Freshdesk (Freshworks Inc., 16192 Coastal Highway, Lewes, Delaware 19958, USA): 
    User Support. For more information on data protection, please visit https://www.freshworks.com/privacy/
  • Revenuecat (RevenueCat, Inc., 1032 E BRANDON BLVD #3003 BRANDON, FL 33511, USA): 
    Apple/Google subscription management. For more information on data protection, please visit https://www.revenuecat.com/privacy/
  • OneSignal (OneSignal, Inc., 201 S B Street, San Mateo, CA 94401, USA): 
    Push Notifications. For more information on data privacy, please visit https://onesignal.com/privacy_policy
  • LogRocket (LogRocket, Inc., 87 Summer St, Boston, MA 02110, USA): 
    Anonymized tracking of app activities. For more information on data privacy, please visit https://logrocket.com/privacy/
  • make (Celonis, Inc., One World Trade Center, 87th Floor, New York, NY, 10007, USA): 
    automation workflows. For more information on data privacy, please visit https://www.make.com/en/privacy-notice

(2) These service providers act as processors Art 4 no 8 GDPR and process data exclusively on our behalf and based on our explicit instructions. Processors have been carefully selected in accordance with Art 28 of the GDPR, are regularly audited and are accordingly contractually bound.

(3) In principle, data is only processed on servers within the European Union. Only if it is technically unavoidable will the data that is absolutely necessary for this purpose be transferred to third countries and only if an appropriate level of data protection is guaranteed, for example standard contractual clauses have been concluded, binding internal data protection regulations or other suitable guarantees exist or users have consented to this transfer.

4.5. Changes in the corporate structure

(1) As our business evolves, we may change the structure of our business by changing its legal form, establishing, buying or selling subsidiaries, divisions or components. In such transactions, customer information may be transferred along with the part of the company being transferred. For any transfer of personal information to third parties to the extent described above, we will ensure that it is done in accordance with this Privacy Policy and applicable data protection law.

(2) Any disclosure of personal data is justified by the fact that we have a legitimate interest pursuant to Art 6 (1) (f) GDPR to adapt our corporate form to the economic and legal circumstances as necessary.

5. Storage periods and account duration

(1) In addition to the storage or retention periods specified in detail in the explanations of the individual processing purposes, data will generally not be retained for longer than is necessary for the fulfillment of our contractual or legal obligations or for the assertion, exercise or defense of legal claims, in particular for the defense against any liability claims.

(2) To terminate your user account, simply uninstalling the App is not sufficient, but the account must be terminated as described in the GTC

6. Rights

(1) As a data subject, you have in principle the right to information at any time about your processed personal data, its origin and recipient and the purpose of data processing, as well as the right to rectification, data transmission, restriction of processing and blocking or deletion of incorrect or inadmissibly processed data.

(2) You also have the right to object to the processing of your personal data if grounds for doing so arise from your particular situation. Regardless of this, you can object to the processing for direct marketing purposes at any time and without reason.

(3) You also have the right at any time to revoke any consent you have given for the processing of your personal data with effect for the future. 

(4) Please direct any inquiries regarding the exercise of your above rights, as well as any revocation of your consent, to Lingvano via Support Ticket (Available in the App under Help / “Submit a Ticket”).

(5) If you believe that the processing of your personal data violates applicable data protection law or that your data protection rights have been violated in any other way, you have the right to lodge a complaint with the competent supervisory authority. In Austria, this is the data protection authority.  

7. Changes

(1) This privacy policy may be changed and updated regularly. If this is necessary, you will be asked again, for example via the cookie banner or comparable technologies, to take note or give your consent.

Version: August 2023