Privacy Policy

*Read in German

*Read in Croatian

*Read in Serbian

Personal data are information that reveal or may reveal the identity of a user. We adhere to the principles of data minimization and data avoidance. Wherever possible, the collection of personal data is avoided.

Personal data are used exclusively for the purpose of concluding contracts, creating content, and implementing or processing contractual relationships (Art. 6(1)(b) DSGVO).
Furthermore, personal data will be processed if we have received your consent (Art. 6(1)(a) DSGVO) or if processing is justified by our overriding legitimate interest in the smooth conduct of our business (Art. 6(1)(f) DSGVO).

For the processing of your data, we may sometimes use carefully selected external service providers. Apart from our processors, we generally do not pass personal data on to third parties.
For the purpose of payment processing, the payment data required for this will be transmitted to payment service providers.

Your personal data will be processed exclusively within the EU unless otherwise stated below.
If processing takes place in the USA, please note that the USA has been assessed by the European Court as a country with an inadequate level of data protection according to EU standards. In particular, there is a risk that your data may be processed by US authorities for monitoring and surveillance purposes, possibly without any legal remedy.

Data processing and/or transfer may also take place outside the European Union, Andorra, Argentina, Canada (only for commercial organizations), the Faroe Islands, Guernsey, Israel, the Isle of Man, Jersey, New Zealand, Switzerland, Uruguay, Japan, and the United Kingdom, provided this follows from the clauses below. Only for the countries listed above, except EU countries already classified as safe, there is an adequacy decision by the European Commission regarding data transfer (Art. 45 DSGVO). Therefore, data transfer to other countries is not expressly permitted.
If data transfer is nevertheless necessary, the processor must ensure that personal data will be protected by the recipient. This can be achieved through standard data protection clauses (Art. 46 DSGVO), binding corporate rules, compliance with approved codes of conduct, or certification of data processing operations.
The European Commission’s standard contractual clauses can be found here:
https://eur-lex.europa.eu/eli/dec_impl/2021/914

When visiting the website and application, general technical data are collected. These include the IP address used, time and duration of the visit, browser type or device type, and sometimes the referring website. These data are necessary to display the website and are stored in log files. They may also be used and stored for statistical analysis of our website and application. These data are not stored together with your other personal data.

Registration is required for full use of our application’s functions. Registration data are collected via your inputs and used for the specified purpose in accordance with your consent (Art. 6(1)(a) DSGVO).

With your consent after downloading the application, we obtain access to the following types of data:

End device
Type of end device
Time zone
Country of origin
Microphone

These data are required to categorize users and application functions. They are also necessary to prevent misuse.

After the purpose for which the data were collected expires, we will store your personal data only as long as required by legal regulations (especially tax laws).

You have the right to request confirmation as to whether personal data concerning you are being processed. If this is the case, you have the right to information about these personal data and further information detailed in Art. 15 DSGVO.

You have the right to request the immediate correction of inaccurate personal data and, according to Art. 16 DSGVO, completion of incomplete personal data.

You have the right to request the immediate deletion of your personal data. We are obliged to delete them immediately, especially if one of the following reasons applies:

Your personal data are no longer necessary for the purposes for which they were collected or processed.
You withdraw your consent and there is no other legal basis for processing.
Your data have been processed unlawfully.

The right to deletion does not exist if your personal data are necessary for the establishment, exercise, or defense of legal claims.

You have the right to request restriction of processing if:

You contest the accuracy of personal data for a period enabling verification.
Processing is unlawful and you oppose erasure and request restriction instead.
The controller no longer needs the data but you require them for legal claims.
You have objected to processing and it is not yet determined whether our legitimate grounds override yours.

You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to request transfer to another controller if processing is based on consent or contract and carried out by automated means.

If processing is based on your consent, you may withdraw it at any time.

Exercising your rights is free of charge. You also have the right to lodge a complaint with a supervisory authority.

All data on our website and in our application are protected by technical and organizational measures against loss, destruction, unauthorized access, modification, and distribution.

We use cookies and sessions to operate the website. No personal data are transmitted without your consent, and cookies are used only if technically necessary or based on legitimate interest (Art. 6(1)(f) DSGVO) or your consent.

With your explicit consent, we use cookies for personalization, advertising, social media functions, and traffic analysis. We may share this information with partners who may combine it with other data.

First-party cookies
Domain – Name – Duration

Third-party cookies
Domain – Name – Duration

If you subscribe to our newsletter, we use the necessary data to send it based on your consent (Art. 6(1)(a) DSGVO).

If you top up your account, we may send information about similar products or services to your email address. You may object at any time.
You can unsubscribe at any time via contact or a link in the newsletter.

If we receive your email in connection with a purchase, we may send similar offers. You can object at any time.

We use social networks to present and communicate our company. These platforms may process data outside the EU and create usage profiles.

We process your data only for communication and optimizing our presence, based on legitimate interest or your consent.

We use Google Analytics to analyze usage. Cookies are used, and data may be transferred to the USA. IP anonymization is activated. Processing is based on your consent.

Profiles and links to third-party social networks.

Login using your Apple account.

Login using your Google account.

Used to manage website tags.

Online payments via PayPal.

Payments via Google Pay.

Communication via Twilio.

Website functionality and CDN via Cloudflare.

Error monitoring via Sentry.

Email sending via Postmark.

App analytics and notifications via Google Firebase.

Real-time functionality via Pusher.

If you have any questions about data protection, please contact:

Lighthouse GmbH
Schwanthalerstraße 100
80336 Munich

Email: datenschutz@cosmiqo.life