In the following, we, Strydal GmbH ("Strydal", "we" or "us"), explain how we treat your personal data when you visit the Strydal website www.strydal.com ("Strydal website"), use Strydal applications ("mobile apps"), and/or other related services (hereinafter collectively referred to as "Strydal services" or "services").
Responsible entity for the processing of personal data when using Strydal services:
We collect, process and use personal and non-personal data.
The term "personal data" is defined by the Federal Data Protection Act (BDSG) and the Basic Data Protection Regulation (DSGVO). You can think of your personal data as any kind of data that enables you to be identified or can be associated with you.
In contrast, "non-personal" data cannot be associated with a specific person. By removing identifiable features and making personal data anonymous, it can be transformed into non-personal data.
We collect, process and use three types of data:
As a rule, we collect, process and use the following categories of data:
Personal data is only collected by us if you provide us with such data on your own initiative by deciding to use our services. In order to use our services, you must register an account with us.
When you access our website or Strydal application(s), you automatically provide us with your IP address. We also receive information about which device (computer, smartphone, tablet, etc.) you use, which browser (Internet Explorer, Safari, Firefox, etc.) you use and when you visit the website, as well as information about the referrer (link of origin) and the volume of data transferred. We also receive information about the search engine used, including keywords used, length of stay, the number of pages called up and the last page opened before leaving the website.
The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. f DSGVO. We do not use the collected data for the purpose of drawing conclusions about your person. Nor is this data merged with other data. However, we reserve the right to check the log files subsequently if we become aware of concrete indications of illegal use.
You can create a Strydal user account with our registration system. Once you have registered, you can use your user account to log in to all Strydal services. To register, you must provide us with at least the following information:
The information you provide during registration is required to give you access to the Strydal application(s). The legal basis for the processing of your personal data is Art. 6 par. 1 sentence 1 letter b DSGVO.
The e-mail address you use will continue to be stored for a certain period of time. This storage is carried out with a view to our legitimate interests in accordance with Art. 6 Para. 1 S. 1 lit. f DSGVO, for the purpose of excluding abusive multiple registrations.
You have the possibility to provide additional information about your person, which can help us in particular to personalize our offer for you. This information includes in particular your age, gender, previous fitness level, preferences and your motivation to use Strydal application(s). You can also add a profile photo to your profile. If you do so, you will again provide us with personal information in this way.
On the basis of your information we can adapt our applications to you and make them more interesting. For example, we will then suggest those live classes that best match your preferences and the fitness levels you have indicated. Your details may also be used by us for the purposes of statistical evaluation and to improve the services we offer to our customers; in this case your data will only be processed anonymously.
The legal basis for the processing of your voluntarily provided data is your consent pursuant to Art. 6 para. 1 lit. a DSGVO or pursuant to Art. 9 para. 2 lit. a DSGVO, as far as your voluntary information concerns data concerning your health.
We also receive data (including personal data) when you communicate with us using a Strydal application or contact our support team directly by e-mail.
We process the information you provide solely for the purpose of processing your request and store it for possible follow-up questions). The legal basis for this is Art. 6 para. 1 p. 1 lit. f DSGVO. Our legitimate interest is to increase our customer satisfaction.
In order to use the services offered on Strydal by the instructors, you must first purchase a Strydal product. Credit card details are required for the necessary payment processing. The credit card details are not stored by Strydal and are forwarded directly to the payment service provider (see below).
Involvement of payment service providers
In order for you to take full advantage of 'Live Classes', we will also need different access rights for your smartphone, laptop or tablet. For example, we will need access to your camera and microphone so that the instructor can deliver his live classes, and access to your photos if you want to upload or change a profile photo. We use push messages to send you reminders of live classes. If you are using such a feature for the first time, we will ask you to grant us the necessary access rights, or we will ask you to allow us access by selecting the appropriate settings. Usually you can revoke such access rights at any time by changing the appropriate settings.
Access to the microphone and camera is necessary for the performance of the service, otherwise the instructor will not be able to see you or communicate with you. We recommend that you make sure that no sensitive data is visible in the camera's field of view, neither for the instructor nor for any third parties.
The above data processing is therefore necessary to make our application work for you in the best possible way. The legal basis for this data processing is therefore Art. 6 para. 1 lit. b DSGVO.
Another application is so-called on-demand videos. If you use this Strydal application, we will collect and evaluate the following data. When you call up the respective video via the website, log data is collected and, in addition, your User ID, the respective video ID and up to which point you have viewed the respective video. This makes it possible, for example, for us to start a video that you have not viewed completely at the point where you had already viewed it the next time you call it up. Based on this, we can also send you further recommendations that you might be interested in (certain styles or instructor). The above data processing is therefore necessary to make our application work for you in the best possible way. The legal basis for this data processing is therefore Art. 6 para. 1 lit. b DSGVO.
If you register for our free newsletter, we will use your email address to send it to you. In this way you will receive regular updates about the Strydal services. We use the so-called double opt-in procedure to subscribe to our newsletter. This means that after your registration we will send you an email to the email address you have provided, in which we ask you to confirm that you wish to receive the newsletter.
After your confirmation we will save your email address for the purpose of sending the newsletter. In addition, we store your IP address and the time of registration and confirmation in order to prove your registration and, if necessary, to clarify a possible misuse of your personal data. The legal basis is your express consent (Art. 6 para. 1 p. 1 lit. a DSGVO).
You can revoke your consent at any time with effect for the future or object to receiving further newsletters, for example via a link at the end of each newsletter.
Each time you access our website, the above-mentioned data is automatically stored in our log files. A log file automatically logs all or certain actions on a computer system. Such log files are important for process control and automation, among other things. In the field of databases, a log file records changes that affect the database of correctly executed transactions. If an error occurs (e.g. a system crash), this allows the current record to be restored. Log files are also created by web servers. Among other things, the following data are logged: the address of the accessing computer, authentication fields, date and time of access, access method, content of the HTML access, status code of the web server, and information about the browser and operating system used by the customer.
We delete your log files when they are no longer required for the purpose of achieving the purpose. In the case of the collection of personal data for the purpose of providing the website, this is the case when the respective session has ended and the personal data is no longer required for IT security purposes. Furthermore, we only store your usage data for the fulfilment of any statutory retention periods.
Types and activation/deactivation of cookies
The cookies used can be divided into the groups explained in more detail below. Apart from the so-called "functional" cookies that are technically necessary for the provision of our offer, you can activate or deactivate cookies at your discretion. For this purpose, please use the cookie settings area. There you will also find a list of all cookies used by us in detail.
(i) Technically necessary ("functional") cookies:
Some cookies are necessary to ensure some of the basic functions of our offer. They are therefore automatically saved when you access our website and cannot be deactivated. These cookies save your preferences when using our website, such as your personal cookie settings. They are also used to distribute the load on our servers, thus keeping our website available, and for security purposes.
(ii) Analysis cookies:
We use analysis cookies so that we can constantly improve our offer technically and in terms of content. These cookies enable us to collect data on how visitors use our website. This includes information on the most frequently visited pages and navigation behaviour. With the help of analysis cookies, we create anonymous usage statistics for our website. If you do not allow these cookies, we will unfortunately not be able to include your behaviour in the optimisation of our offer.
(iii) Marketing Cookies
Marketing cookies are placed on our website by selected marketing partners and social media. These third parties act as intermediaries to deliver our content, news and offers to you through their channels. These third parties also use their cookies to collect data via our website in order to compile anonymous statistics on our behalf. Cookies are also set by social media services so that you can share our content with your friends and networks. These cookies are able to track your browser usage across other websites and create a profile of your interests. This may affect content and messages that you see on other websites. If you do not allow these cookies, you will not be able to share Strydal's content with others via these third party services.
(iv) Communication & personalisation cookies
Communication & personalization cookies help us to better communicate with our users (e.g. via email or push messages) and to display individualized content to them. Depending on where you are in your use of our website, we can use these cookies to display other appropriate content.
You can also set your browser so that no cookies or only certain types of cookies are stored on your computer or so that a message always appears before a new cookie is created. Cookies already stored can also be deleted at any time using the browser settings. We would like to point out that the complete deactivation of cookies can lead to the fact that you cannot use all functions of our offer.
When operating cookies, which are technically necessary for the provision of our offer, the data processing carried out by these cookies is necessary to protect our legitimate interests in accordance with Art. 6 Para. 1 S. 1 lit. f DSGVO. The data processing by other cookies is carried out on the basis of the consent given by you for this purpose, Art. 6 para. 1 lit. a DSGVO.
We use the following social plug-ins for our website:
These plug-ins routinely collect data from you and transfer such data to the provider's servers.
In order to provide you with all the features and services of the Strydal application(s) in the most convenient way, and in order to continuously improve our services, we use third parties and partners. We also use the help of third parties to improve our website. Finally, we use various tools for our marketing.
Below is a description of the third-party services we offer and the purposes for which we do so:
All personal data that we process within the scope of this website is processed by us or our service providers. We may transfer your personal data to external service providers. These include, in particular, IT service providers for website optimization, newsletter and CRM. We have carefully selected these service providers and concluded contract processing agreements with them.
We use cloud services. This means that we transfer your data to a third party provider - the provider of cloud services - and store data on the servers of this provider. In some cases, your data may also be stored on servers outside the European Union (EU) or the European Economic Area (EEA). In some cases, your data could also be processed there. We will ensure, either through appropriate contracts, that such service providers provide the same level of protection for your data as you are entitled to within the European Union, or by using only providers that are certified in accordance with the EU-US Privacy Shield (https://www.privacyshield.gov/welcome). Both options guarantee an adequate level of data protection.
We use a number of different Google services (Google Inc., 1600 Amphitheater Pkwy, Mountain View, CA 94043, U.S.A. - hereinafter "Google") for analysis and marketing purposes. These tools are responsible in various ways for collecting and statistically analyzing your use of our services. We also use your information to display personalized advertising to you through Google services. By visiting our website or using our Strydal services, you agree that we may use your information for these purposes.
Below we explain the different services and the ways in which you can easily withdraw your consent, and we provide you with other important information.
For additional information about how Google treats the information we provide, please visit https://www.google.com/intl/de/policies/privacy/partners/.
Information generated by Google Tools is typically transferred to and stored on a Google server in the United States. Google and its subsidiaries are certified under the EU-US Privacy Shield.
You can prevent the collection and processing of information generated by the Google cookie by placing an opt-out cookie or by deactivating Google Analytics in the menu of your end device. Alternatively, you can also install a browser plug-in, which you can find here: https://tools.google.com/dlpage/gaoptout/.
DoubleClick by Google
If you do not wish to receive personalized advertisements, you can opt-out of receiving them by placing an opt-out cookie:
You can also install the browser ad-on to disable DoubleClick. You can find the browser plug-in here:
If you do not wish to receive personalised advertisements, you can opt-out of receiving them by placing an opt-out cookie:
You can also block cookies, for example by installing an appropriate browser plug-in, which is available here:
Google Dynamic Remarketing
If you do not wish to receive personalized ads, you may opt-out of receiving them by placing an opt-out cookie:
You can block personalized ads by installing the appropriate browser plug-in, which you can find here
You can also block personalized ads from Google and other advertising networks by opting out on the following page:
We use Honeybadger to analyse the stability of our Strydal application(s). Honeybadger provides real-time analysis of errors and system crashes, while supporting the maintenance of the application. During this process, none of your personal data is transferred, only crash reports containing information about your registration codes and your device, such as the type of device and the version of the operating system.
Honeybadger is certified according to the EU-US Privacy Shield. https://www.honeybadger.io/gdpr/
We use the remarketing function "Custom Audiences" from Facebook Inc. (1601 Willow Road, Menlo Park, California 94025, U.S.A.) This feature allows us to display interest-based advertisements to visitors to our website and users of our Strydal application(s) when they visit Facebook ("Facebook advertisements"), and to analyze such Facebook advertisements for statistical and market research purposes, which helps us to optimize future advertising. For this purpose we use so-called Facebook pixels (website) and Facebook SDK (Strydal application).
Such data could allow Facebook and its partners to display advertisements on or off Facebook.
In general, Facebook also stores such data on servers in the United States. Facebook is certified according to the EU-US Privacy Shield.
You can usually block the placement of cookies on your computer by selecting the appropriate settings in your browser to prevent cookies from being placed on your computer in the future and/or to delete cookies that have already been placed. If you do this, it may no longer be possible to use some of the functions on our website correctly.
You also have the ability to opt-out of third-party advertising, such as Facebook, by using an appropriate opt-out cookie from the Digital Advertising Alliance:
Alternatively, you can disable the remarketing feature "Custom Audiences" in your Facebook settings:
To do this, you must be registered with Facebook.
We use Hotjar, in order to better understand and improve the User Experience (UX) of our product. Hotjar deliveres anonymised usage reports like, for example, so-called "Heatmaps" and "Browsing recordings". During this process no personal data is transmitted.
Honeybadger is certified according to the EU-US Privacy Shield. https://www.hotjar.com/legal/compliance/gdpr-commitment/
We pass on your personal data to other third parties (instructors), who use the personal data for the execution of their services, as far as this is necessary for the execution of the contract or the provision of services, e.g. in the context of the execution of the 'Live Classes'. The instructor is given access to the available information about the participants (including name of the participant, e-mail address, gender, profile photo, training history, preferences), which the instructor requires in the course of performing the services.
Our contractual partners may use the data transmitted in this way exclusively for the purpose for which we have transmitted it.
The transmission of your personal data for these purposes is carried out for the fulfilment of the contract, art. 6 para. 1 lit. b DSGVO or due to our legitimate interest (art. 6 para. 1 lit. f DSGVO) to make our applications efficient.
Your personal data will only be transferred to third parties if we are legally obliged to do so, if the data transfer is necessary for the execution of the contract, or if you have given your consent to this data transfer.
Your personal data will be stored as long as it is necessary to achieve the defined processing purposes. If you terminate your user account, we will also delete or archive your personal data within a reasonable period of time, i.e. limit the processing. An exception is only made if we are legally obliged to archive data for a certain period of time.
Data transfers are usually subject to security gaps. It is technically impossible to protect your data 100% from access by third parties. However, we try to keep the risk as low as possible. For this reason, we use state-of-the-art measures to guarantee data security and protect your data from access by third parties. In addition, we use strong SSL or TLS encryption for all data transfers. Please make sure, however, that you do not make your registration data available to third parties.
You are free to request from us at any time and free of charge information on the personal data processed by us, the correction of errors in your personal data, the termination of the processing of your personal data, or the deletion of your personal data - unless otherwise required by mandatory legal provisions or obligations. In particular, if you are considered a "data subject" in accordance with the DSGVO guidelines, you have the right:
To exercise your rights under the DSGVO, you can always send us an e-mail or letter to
80798 Munich, Germany
Managing Director: Alexander Estner, Guilherme Coelho
Registered in the commercial register at the local court of Munich under the number HRB 245160
Tax ID: DE321748668
For all inquiries regarding the security of your data, you can contact our data protection officer at the e-mail address firstname.lastname@example.org.
Please note that any communication by e-mail may lead to security gaps. For this reason, we ask you to contact our data protection officer by post in the case of particularly sensitive data.