Preamble
The protection of your privacy is not only a legal obligation for us but the core principle of this App. "SOS Calm" was consciously developed according to the "Privacy by Design" principle. In this Privacy Policy, we inform you about the most important aspects of data processing within our mobile app "SOS Calm" and the associated website (sos-calm.de).
1. Name and Address of the Data Controller
The Controller within the meaning of the General Data Protection Regulation (GDPR) and other national data protection laws is:
NO&GO Digital Labs
Owner: Nihat ÖzdemirBrüder-Grimm-Weg 6
30453 Hannover
Germany
Email: support@sos-calm.de
2. Principles of Data Processing in the App (What we DO NOT do)
We designed "SOS Calm" consistently for data minimization. This means we forgo all functions that unnecessarily collect data. Specifically:
- Local Storage: All content actively entered by you (such as diary entries, emergency contacts, or notes) is stored exclusively locally and encrypted on your device. As the provider, we do not have access to this content at any time.
- No User Accounts: The App does not require the creation of a user account. Personal registration or login is not necessary.
- No Individual Tracking: This App does not use any tracking technologies to analyze **individual** user behavior. Your use of the App is largely private. The collection of **anonymous** performance data is described under point 10.
3. Processing of Location Data (Emergency Function)
Our App offers an emergency function that displays country-specific emergency numbers. To enable this function, the App collects your current location (via GPS and other location-based technologies) with your express consent.
- Purpose of Processing: The collection of location data serves solely the purpose of determining and displaying the correct emergency numbers for your current location.
- Processing and Storage: Your location data is only processed at the moment the emergency function is used and is **not permanently stored**. The data is not passed on to our servers or third parties. Processing takes place exclusively on your end device.
- Legal Basis: The processing of your location data is based on your consent pursuant to Art. 6 para. 1 lit. a GDPR, which you provide when first starting the emergency function and which you can revoke at any time in your operating system settings.
4. Data Processing during Website Use (sos-calm.de)
When you visit our website, the server of our hosting provider (ALL-INKL.COM, Germany) automatically collects data in so-called server log files. These include your IP address, date and time of access, browser type, and the page visited. The IP address is stored for a maximum of 7 days to detect and ward off attacks and is then deleted. The legal basis for this is our legitimate interest in a secure and stable operation of our website (Art. 6 para. 1 lit. f GDPR).
5. Data Retrieval for Content and App Updates (Technically Necessary Transmission)
A minimal internet connection is absolutely necessary for two purely technical functions (updates and new content). We transparently explain what data must be technically processed for this:
- Content Updates (tab "Knowledge"): To keep the content in the "Knowledge" tab current, the App regularly checks (e.g., every 30 days) whether new articles are available on our server (sos-calm.de). This request is treated like a normal website visit and processed in the server log files as described under point 4.
- Technical App Updates (Expo OTA): We use "Over-the-Air" (OTA) updates to quickly provide bug fixes and improvements. For this, the App checks at startup whether an update is available on the servers of the provider Expo (Expo Systems Inc., USA). Your IP address is transmitted to Expo during this request. Since this is a data transfer to a third country (USA), this process is legally secured by Standard Contractual Clauses (SCCs) of the EU Commission. The processing serves our legitimate interest in maintaining App security and functionality (Art. 6 para. 1 lit. f GDPR).
6. Important Medical Disclaimer
The App "SOS Calm" is **not a certified medical device** and does not replace professional medical or psychotherapeutic advice, diagnosis, or treatment.
- No Substitute for Professional Help: The content and exercises offered in the App are for general calming and support in stress situations. They do not constitute medical or psychotherapeutic treatment.
- Consult a Physician: In case of health problems, especially psychological complaints, anxiety, panic attacks, or depression, always seek the advice of a qualified physician or psychotherapist. Do not make medical decisions based solely on the information in this App.
- Emergency Situations: In acute emergencies or if you are at risk of self-harm, immediately call emergency services or go to a hospital emergency room. Do not rely solely on the App.
By using the App, you confirm that you have read and understood this disclaimer.
7. App Provision via App Stores
You use the services of third-party providers (Apple App Store and Google Play Store) for downloading and installing the App. Data is necessarily transmitted to the respective operator (e.g., username, email address, customer number of your account, time of download, and the individual device identifier). We have no influence on this data collection and are not responsible for it. We only process the provided data to the extent necessary for downloading the App to your mobile device.
8. Data Processing for In-App Purchases and Subscriptions (Validation)
All payment transactions for in-app purchases and subscriptions are handled **exclusively** via the payment platforms of Apple (App Store) and Google (Google Play Store).
- Payment Information: We never have access to your credit card information, bank details, or other payment information. This data is processed exclusively by Apple or Google. The respective privacy policies of the store providers apply to payment transactions.
- Processing of the Transaction ID (Validation): To grant access to paid content ("Pro" section) and to manage your subscription, we process the **anonymized transaction ID (Purchase Receipt)** transmitted to us by the respective store. **This Transaction ID is technically compared via our servers with the validation services of the respective store platform (Apple or Google).** The ID is used solely to verify your payment status and enable the restoration of your purchases. It is not linked to any personal data that we may otherwise collect.
- Legal Basis: The processing of the transaction ID is necessary for the **performance of the contract** (provision of the purchased content and purchase confirmation) pursuant to Art. 6 para. 1 lit. b of the General Data Protection Regulation (GDPR).
- Subscription Management: You can manage your subscription directly through the settings of the respective store at any time. We provide a link in the App for direct management of your subscriptions (this is an Apple App Store Review requirement):
- iOS/Apple App Store: https://apps.apple.com/account/subscriptions
- Android/Google Play Store: https://play.google.com/store/account/subscriptions
9. Processing of Content from External Sources (Translations/Articles)
The App contains content such as translations in additional languages (German, Spanish, etc.) and new articles, which are stored locally on our own server (sos-calm.de). This content is downloaded to the App upon the user's request and stored locally on the device. This process is necessary to inform the user and ensure the currency of the information in the App.
- Data Processed: As described under point 4, only server log files (IP address, timestamp) are recorded. Personal identification is excluded.
- Legal Basis: Our legitimate interest in providing current content of the App, pursuant to Art. 6 para. 1 lit. f GDPR.
10. Usage Data and App Performance Analysis
For the continuous improvement of the stability and user-friendliness of our App, we use services to analyze App performance and record crash reports (so-called **Crash Reporting**).
- Data Processed: We use tools such as Firebase Crashlytics (Google, LLC, USA) for this purpose. **No personal data** (name, email address) is collected. We only receive statistical and technical information, such as device type, operating system version, the duration of use of certain App functions, and logs in the event of a crash.
- Purpose: This data is used exclusively for **technical troubleshooting** (fixing crashes) and **statistical optimization** of our App.
- Legal Basis: Processing is based on our **legitimate interest** in ensuring the technical functionality and continuous improvement of our App pursuant to Art. 6 para. 1 lit. f GDPR. * Data transfer to the USA is legally secured by Standard Contractual Clauses (SCCs) of the EU Commission.
- Right to Object/Opt-out: You have the option to deactivate the transmission of this anonymous usage and performance data at any time via the **Settings** within the App.
11. Your Rights as a Data Subject
You generally have the following rights regarding your data processed by us. Since we do not store any personal data on our servers in the App, many of these rights relate to the data you manage yourself on your device or the data collected by the App Store operators.
- Right of Access (Art. 15 GDPR): You can request information about your data processed by us at any time. Since all personal data in the App is stored locally, you can view it yourself at any time.
- Right to Rectification (Art. 16 GDPR): You can correct your local App data yourself in the App at any time.
- Right to Erasure (Art. 17 GDPR): To completely and irrevocably delete all your data stored locally in the App, please uninstall the App from your device. Requests regarding the deletion of data linked to your App Store account (e.g., purchase history) should be addressed directly to the respective operator (Apple or Google).
- Right to Withdraw Consent (Art. 7 para. 3 GDPR): You can revoke your consent to the processing of location data at any time by adjusting the corresponding permissions in your operating system settings.
- Further Rights: You also generally have the right to restriction of processing (Art. 18 GDPR), the right to data portability (Art. 20 GDPR), and the right to object (Art. 21 GDPR).
- Right to Lodge a Complaint (Art. 77 GDPR): If you believe that the processing of your data violates data protection law, you have the right to lodge a complaint with a supervisory authority.
To assert your rights regarding the data processing for which we are responsible (e.g., on the website), you can contact us at any time using the contact details mentioned in point 1.
12. Validity and Amendment of this Privacy Policy
We reserve the right to adapt this Privacy Policy so that it always complies with current legal requirements or to implement changes to our services. The new Privacy Policy will then apply to your next visit.