OvuFriend Privacy Policy

• Your data and privacy are very important to us! We are very happy that you are reading this. We created this document to describe the process of collecting and processing your personal data through https://ovufriend.com services, owned by OvuFriend sp. z o.o. and we hope that we did it in an understandable way. Here you will learn the rules and purposes of data processing and we will explain to you how we respect your rights and how you can claim them.

  If you want to know more or need more information, please contact us, we are here for you - contact@ovufriend.com

• Who is the data controller of your personal data?
• The data controller of your personal data is OvuFriend sp. z o.o. with its registered office in Warsaw, ul. Złota 61/100, 00-819 Warsaw, entered into the Register of Entrepreneurs of the National Court Register kept by the District Court for the Capital City of Warsaw, Poland. Warsaw, XII Commercial Division under KRS number 0000428408, REGON 146224025, NIP 5272680862, with a share capital of 5 000 PLN („Administrator” or „OvuFriend”).

• How to contact us?
• For all matters relating to the processing of your personal data, you can contact us:
  • by sending an email to: dpo@ovufriend.com
  • by writing to the address: Złota 61/100, 00-819 Warszawa.

  We suggest you contact us by e-mail. This will help you get an answer to your question faster.

• For what purpose and on what legal basis do we process certain categories of personal data?
• As used in this Privacy Policy, “personal data” means any information which, either alone or in combination with other information we hold about you, identifies you as an individual, including, for example, your name, postal address, email address and telephone number. An identifiable person is a person who can be identified, directly or indirectly, in particular by an identifier such as name, identification number, location data, online identifier or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of the individual („Personal Data”).

  Personal Data collected through OvuFriend are divided into the following categories:

  1. Personal data that you provide on OvuFriend as a registered User, including during Registration, as well as during the completion of your Profile.

     The processing of your selected data is necessary to perform the agreement between you and OvuFriend („Agreement”), which is concluded by your acceptance of the Terms of Service of OvuFriend.

     To register in OvuFriend you must provide the data necessary to create an account and handle your Profile (e-mail address and password). They are used only to provide you with access to your account in OvuFriend with the exclusion of third parties. Please remember that in accordance with the Terms of Service, the email address provided by you for the purposes of Registration should be anonymous, i.e. it should not allow you to determine your identity by fulfilling at least the following conditions: (i) your username does not allow you to determine your name, (ii) address in a popular commercial domain (yahoo.com, gmail.com etc.).

     In addition to the account access data, for the purpose of the full implementation of the service, during the registration process we will ask you to provide us with initial data which will help us to start your account for you and allow us to start tracking your menstrual cycles, pregnancy or health. These include, for example: your age, the number of months of trying to get pregnant, the date your last menstrual period started (pregnancy planning stage), age, weight, height etc.
     Providing the above mentioned data by you is always voluntary, but necessary to register on the Service. Processing of the aforementioned data is carried out on the basis of your explicit consent, expressed during registration in the Service.

     In order to fully execute the agreement while using the Services as a logged-in User, you may supplement additional information concerning fertility, pregnancy or your health.

     This is important - at no stage of using the Services we will not ask you and we do not want you to enter such data as: your name and surname or your home address. We do not need this information to provide you with access to our service. In addition, content you post in OvuFriend Community and make it available to other users (such as Chart Gallery, Forum or Journal entries shared with others) should not contain any personal information of a personal nature and should be posted anonymously, i.e., without you providing any information that would enable other to identify you.

     The data you provide on the Service as a registered User are processed:

     • in order to provide you with high quality services related to running and servicing the Cycle Calendar or Pregnancy Calendar,
     • for analytical and statistical purposes - we would like the services provided by OvuFriend to be tailored to your needs as much as possible, therefore we analyze your activity in order to introduce new solutions that will meet your expectations;
     • for research and development purposes - anonymous health data concerning the cycle or pregnancy may be used in cooperation between OvuFriend and clinical or academic researchers. According to the vision of the founders of the Services, OvuFriend uses science and advanced algorithms to help women understand their fertility. OvuFriend is currently implementing a research and development project entitled: „Developing new global solutions in the area of machine learning supporting family planning and overcoming the problem of infertility” co-financed by the National Centre for Research and Development. Before OvuFriend uses any data for scientific research, it is transformed into anonymous data by removing all information that could be used to identify individuals;
     • for marketing purposes of the Service and other entities;

     The legal basis for processing of the above mentioned data is the legal basis for the processing of the above mentioned data. Personal data are Article 6(1)(b) of RODO [processing is necessary for the execution of a contract to which the data subject is a party] and Article 9(2)(a) of RODO [express consent to processing special categories of personal data].

     Note that not all OvuFriend account types and features are available in all locations, so some of the examples below may not apply where you live.

  2. Personal data provided in contact forms.

     If you notice a problem with our service and send a request to the support team or by any other means of communication with the Administrator, we will store the communication history and information you provide during the communication (e.g. email address). We do this to answer your questions and provide assistance.

     The information provided by you in the contact forms is processed:

     • in order to handle the inquiry sent by the form provided;
     • for analytical and statistical purposes;

     The legal basis for processing is Article. Article 6(1)(b) of RODO - the necessity of processing to perform the contract and Article 6(1)(f) of RODO - the Administrator's legitimate interest.

  3. Data provided for the execution of payments for the use of Premium services;

     The processing of data provided by you during the payment for the use of Premium services is necessary in order to perform the contract and to enable you to use additional services offered by OvuFriend and to archive documents confirming the performance of our obligations under the Agreement.

     The legal basis for the processing in this case is Article 6(1)(b) of RODO - the processing is necessary to perform the contract and Article 6(1)(c) of RODO - the processing is necessary to fulfil the legal obligation imposed on the Administrator.

  4. Data remembered automatically when using OvuFriend.

     Data remembered automatically when using OvuFriend as a registered or unregistered User (i.e. when you do not have an account in OvuFriend), the following data will be remembered in our system logs: Your IP address, the address of the page that redirected you to our Services (e.g. when you click on a link linking to us), the addresses of the subpages you view during your visit to our site, the type of browser you use and its display settings, the type of operating system you use, the date and duration of your visit.

     The information collected in the logs is processed primarily for statistical purposes and in order to improve the services provided by OvuFriend, improve its functionality and adjust its functionality to your needs.

     The legal basis for the processing is Article 6(1)(f) RODO - legitimate interest of the Administrator.

• Who do we share your personal data with?

• Your personal data may be disclosed to the Administrator's partners, with whom the Administrator cooperates, including in particular entities responsible for servicing the IT systems of the Services, entities providing marketing services and preparing analyses and statistics. If you decide to use a paid subscription, your data can be accessed, in particular, by a payment service provider - PayPal and other entities processing on the basis of agreements concluded with us, such as accounting companies.

  Since some of the IT solutions we use are offered by entities outside the European Economic Area (EEA), mainly by US companies, in certain cases we transfer your personal data outside the EEA, however, ensuring an adequate level of protection. In particular, when transferring your data to the US, we cooperate with entities that participate in the EU-US Privacy Shield Program (Privacy Shield). Here you can check whether a US entity participates in this program: https://www.privacyshield.gov/list.

  We may also be required to provide your data to the competent authorities or third parties if their request for such information has a legal basis.

  We ensure that all entities to which we entrust the processing of personal data apply appropriate measures to protect and secure personal data.

• What rights do you have?

• You have the following rights relating to the processing of your personal data:

  • the right to confirm the processing of your personal data,
  • the right to withdraw consent to the processing of data,
  • the right to access your personal data,
  • the right to request the correction of your personal data,
  • the right to request the deletion of your personal data (”right to be forgotten”),
  • the right to demand a restriction on the processing of your personal data,
  • the right to object to the processing of your data due to your specific situation - in cases where we process your data on the basis of our legitimate interest,
  • the right to transfer your personal data, i.e. The right to receive your personal data from us, in a structured, commonly used and machine-readable IT format. You can send this data to another data controller or request that we send your data to another controller. However, we will only do so if such transmission is technically possible. You have the right to transfer your personal data only in respect of the data that we process on the basis of a contract with you or on the basis of your consent.

  To use these rights, please contact us.

  We discuss in more detail the categories of your rights below:

  The right to confirm the processing of your personal data
  You have the right to obtain confirmation from us as to whether your personal data is being processed and, if so, you are entitled to access your data and obtain information regarding the processing of your data.

  The right to request the rectification of your personal data
  You may request that we correct your personal data immediately if you feel that it is incorrect or out of date. You may also ask us to complete it if you believe that your data is, due to the purpose for which we are processing the data, incomplete.

  The right to request that your personal data be deleted (”right to be forgotten”)
  You have the ”right to be forgotten”. This means that you can request us to delete your personal data and we will delete your data immediately if, among other things:

  1. personal data are no longer necessary for the purposes for which we have the right to process them,
  2. if we process the data on the basis of your consent and you have revoked your consent,
  3. that has happened, despite our best efforts to properly protect your data and process it in accordance with the applicable regulations, that they are being processed illegally,
  4. the obligation to delete the data results from the purpose of fulfilling our legal obligation under European Union or International law.

  The right to demand a restriction of the processing of your personal data
  You may request that we restrict the processing of your data if:

  1. you dispute the correctness of your personal data - for a period of time allowing us to verify the correctness of the data,
  2. the processing of your data is, in your opinion, illegal, but you object to its deletion, demanding instead a restriction of its use,
  3. we no longer need your personal data for the purpose of processing, but you do need it to establish, assert or defend your claims,
  4. you have objected to our processing of your data - until such time as it has been established whether the legitimate reasons on our part take precedence over those of your objection.

  You have the right to lodge a complaint to the authority
  You have the right to lodge a complaint against our actions or omissions with the supervisory authority which is for us from 25 May 2018. President of the Office for Personal Data Protection.

• How long do we process your personal data?

• Your data, which you have provided during registration in OvuFriend or which are later completed in your Profile, shall be processed as long as we are bound by the Agreement, which is concluded by your acceptance of the Terms of Service. After the termination of the contract, we store your data for the period of time during which you could assert claims against us for non-performance or improper performance of the contract and during which we could assert such claims against you.

  If we process other of your data with your permission, we process your data until you revoke your permission or prohibit us from processing them. However, you have the right to withdraw your permission at any time without affecting the lawfulness of the processing that was carried out on the basis of your permission before it was withdrawn.

  The data contained in the payment transaction documentation are processed by us for a period of five years from the end of the tax year to which the document relates.

• How do OvuFriend stores personal data?

• If you have an account at OvuFriend, your personal account profile data is stored separately from the data obtained during the Cycle Calendar and service settings, so we can guarantee a very high level of privacy of information about cycles, pregnancy or health. The password is stored in a one-way function that hashes data and cannot be read by us.

  The data is transferred between the device and OvuFriend servers using an encrypted HTTPS protocol. HTTPS is a technology used to create secure connections for the web browser, and the fact of using it to secure the current connection is indicated by a padlock icon.

• Privacy Policy Changes
• The Administrator may at any time change the Privacy Policy by informing the User about the changes by e-mail or in any other way as part of the use of the Service (e.g. the message displayed when logging in to the Service).