Last Updated: 7/1/2020


Simplified Explanation on Data Collection

Under recent legislation concerning data privacy (General Data Protection Regulation), many types of data have been requalified as Personal Data to catch up with the nature of the digital age. Thus, the legal language used in Terms of Use & Privacy Policy has got stricter and may create an impression that companies are collecting unnecessarily big amounts of Personal Data despite that they are collecting the same data as before but this data is now qualified as personal. Therefore, we need your clearly expressed Consent that we may process this data.

Here are general clarifying statements briefly outlining App Toro´s attitude towards data collection. For full legal language coverage please check Terms of Use & Privacy Policy below.

  • If you are using the App without making purchases, you are an anonymous user to us and we collect only technical information necessary for running and improving the app (iOS version, device model, app usage, crash reports, device time zone) – some of this data has been requalified as Personal Data as well.
  • When you are purchasing services, we need to identify your Apple ID
  • We don´t share any information concerning you or your device with any 3rd parties unless it is necessary for running the App, delivering services, our own internal marketing activities or fulfilling legal obligations.
    • Technical 3rd parties are f.e. Apple (app), Amazon Web Services (servers), Graylog (logs), etc.
  • We don´t have access to files on your device


  1. The Provider provides this Privacy Policy (hereinafter as “Privacy Policy”) to help the Customer to understand, what information the Provider collects, how the Provider uses the information and the choices the Provider offers, including how to access and update collected information. The Provider may update this Privacy Policy from time to time, so please check them back periodically. This Privacy Policy applies to the Application Services, Beta Services and any other related services.
  2. This Privacy Policy particularly explains and regulates (i) a definition of how the Provider uses the personal data that the Customer shares with the Provider and what the Provider learns about the Customer, (ii) what of the personal data, if any, the Provider may share, (iii) the conditions the Provider uses to protect the Customer’s information, if it must be shared, and (iv) other things the Customer should know about the protection and processing of the personal data and the Provider.
  3. Under recent legislation concerning data privacy (General Data Protection Regulation), many types of data have been designated as personal data to catch up with the nature of the digital age. Personal data means any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name and surname, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. When the Customer installs or downloads the App, the Provider may collect a variety of non-personal data of technical nature (version of the operating system, device model, device language, time zone, etc.). This data allows the Provider f.e. to improve the App´s performance and resolve potential technical issues. The Provider may collect also other kinds of data that are considered Personal Data e.g.: contact information (e-mail address and other information supplied to the Provider in accordance with his support service), device information (unique device identifier), etc. (hereinafter collectively as “Personal Data”), etc. These are used primarily for delivery of Services purchased via the App and optimization of the Provider´s internal marketing activities – sending commercial or informative communication related to the Provider’s services (never third-party marketing campaigns).
  4. The Provider uses the Personal Data (i) to provide the Application Services, (ii) to maintain and/or (iii) to develop the Application Services. In cases prescribed by law, the Provider requires the Customer’s consent for processing the Personal Data.
  5. The Personal Data are proceeded both in an automated and a manual way and are stored for as long as is necessary to provide the Customer with the App (for the duration of the Customer’s use of the App) and for a reasonable period of time after the last use of the App, not exceeding five years.
  6. The Provider provides the Personal Data that he collects to trusted partners (hereinafter also as “Processors”) to process them for the Provider based on his instructions and in compliance with this Privacy Policy (f.e. Apple). The Provider uses only Processors providing sufficient guarantees to implement appropriate technical and organizational measures in such a manner that processing will meet the requirements of the Customer’s protection right. Personal Data is shared with the above specified third parties in an anonymized form. The Provider does not share Personal Data with third parties for marketing purposes.
  7. The Customer hereby further agrees not to use the Application Services to send sensitive data about him or a third person where unauthorized disclosure could cause material or immaterial damage, severe harm or impact to the Provider, any data subjects and/or thirds parties. Sensitive data includes, but is not limited to: health data, genetic data, biometric data, data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, data concerning sexual orientation. The Customer hereby further agrees to not use Services for personally identifiable information knowingly collected from children under the age of 13 from online services designated for children.
  8. The App is not designated for children. By downloading or installing the App, the Customer declares that he is older than 13 years old and is solely responsible for any damage or loss that the Provider may suffer because of his untruthful declaration.
  9. Access to the Personal Data. The Customer has the right to obtain from the Provider confirmation as to whether or not the Personal Data concerning him are being processed, and where that is the case, access to the Personal Data and the following information: the purposes of the processing, the categories of the Personal Data concerned the recipient to whom Personal Data has been or will be disclosed; the envisaged period for which the Personal Data will be stored (if not possible the criteria used to determine that period), the existence of automated decision-making, including profiling, and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the Personal Data subject.

The Customer has the right to request from the Provider rectification or erasure of the Personal Data (right to be forgotten) or restriction of processing of the Personal Data concerning the Customer or to object to such processing. The Customer has also the right to lodge a complaint with the supervisory authority (in European Union) and the right to Personal Data portability.

Right to rectification. The Customer shall have the right to obtain from the Provider without undue delay the rectification of inaccurate Personal Data concerning him or her. Taking into account the purposes of the processing, the data subject shall have the right to have incomplete Personal Data completed, including by means of providing a supplementary statement.

Right to be forgotten. The Customer shall have the right to obtain from the Provider the erasure of the Personal Data concerning him without undue delay and the Provider shall have the obligation to erase the Personal Data without undue delay where one of the following grounds applies: (i) the Personal Data are no longer necessary in relation to the purposes for which they were collected or otherwise processed, (ii) the Personal Data has been unlawfully processed, (iii) the Personal Data have to be erased for compliance with a legal obligation in the European Union or Member State law to which the Provider is subject, (iv) the Customer withdraws consent on which the processing is based and there is no other legal ground for the processing, and/or (v) the Customer objects to the processing and there are no overriding legitimate grounds for the processing.

The Provider will not erase the Personal Data, if the processing of the Personal Data is necessary for (i) the exercising the right of freedom of expression and information, (ii) the compliance with a legal obligation which requires processing by the European Union or Member State law to which the Provider is subject, (iii) the performance of a task carried out in the public interest or in the exercise of official authority vested in the Provider, (iv) the reasons of public interest in the area of public health, (v) the archiving purposes in the public interest, scientific or historical research purposes or statistical purpose in so far as the right to be forgotten is likely to render impossible or seriously impair the achievement of the objectives of that processing, or (vi) the establishment, exercise or defense of legal claims.

Right to the Personal Data portability. The Customer shall have the right to receive the Personal Data concerning him, and which the Customer has provided to the Provider, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the Provider to which the Personal Data has been provided. In exercising the Customer’s right to the Personal Data portability, the Customer shall have the right to have the Personal Data transmitted directly from one controller to another, where technically feasible.

  1. The Customer hereby agrees to comply with all applicable Privacy Policy and the Personal Data protection regulations. The Provider may ask the Customer to verify the Customer’s identity before action to the Customer’s request.
  2. If You have any requests or questions concerning the Privacy Policy or the Personal Data protection/processing, please contact us at any time via e-mail

Unable to find an answer?

Looking for anything specific article which resides in general queries? Just browse the various relevant folders and categories and then you will find the desired article.

Contact Us