The following information applies for your use of the Mobile App, in principle regardless of the platform the respective app runs on, meaning whether it runs on iOS, Android, Alexa or Google Home.

4. Collection of Personal Data When Using the Mobile App
1. By downloading the Mobile App the necessary information is transmitted to the respective app store provider, i.e. user name, e-mail address and customer number of your account, time of download, payment information and the individual device identifier. We have no influence on and are not responsible for said data transfer. We only process this data as far as it’s necessary for the download of the Mobile App onto your mobile device.
2. When using the Mobile App we collect the following types of personal data technically necessary to provide the Mobile App’s functions and ensure their stability and security (legal basis is our legitimate interest in providing a stabile app according to art. 6 para 1 S. 1 lit. f GDPR):
• IP address;
• Date and time of the request;
• Time zone difference to Greenwich Mean Time (GMT);
• Content of the request (concrete web page);
• Access status/HTTP status code;
• Respectively transmitted data volume;
• Operation [m5] System (OS) of the used device and its surface[FS6];
• Type designation of the used device;
• Language and regional settings of the device.
3. In addition to the previously mentioned data we store cookies on your device when you use our Mobile App that relate to the Mobile App. Cookies cannot execute programs or transmit virus onto your mobile device. They are used to make mobile apps in general more user-friendly and more efficient. This app uses the following types of cookies whose extent and functionality are explained in the following––
   1. Transient cookies: These cookies are automatically deleted when you close the Mobile App. This applies i.e. to session cookies that store a so-called Session ID with which several requests from your browser can be assigned to the same session. In doing so, your computer can be recognized when you return to the Website. Session cookies are deleted when you close the browser.
   2. Persistent cookies: These cookies are automatically deleted after a predefined time that can vary from cookie to cookie. You can delete cookies in your browser’s settings at any time.
   You can configure your mobile OS and the Mobile App according to your liking, e.g. deny the acceptance of third-party cookies or of cookies altogether. In such a case you might not be able to use all functions of the Website though.
4. For advertising purposes we use the so-called “Advertising Identifier” on iOS devices and the “Google Advertising ID” on Android devices (commonly referred to as “Identifier”). This Identifier is a unique but not personal and not permanent identifier for a specific device provided by iOS or Android respectively. The data collected through the Identifier is not connected to any other device-based information. We use the Identifier to provide personalized ads to you and analyze your use. If you activate the option [FS7] “no ad tracking” under iOS under “Data Protection” – “Ads”, or […] under Android, we can only perform the following measures:
   • Measure your interaction with banners ads by counting the number of displays of a banner without a click on it (“frequency capping”),
   • Click rate, and
   • Unique users; and
   • Perform security measures, fraud protection and error correction.
   In your device settings, you can at any time delete the Identifier (“Remove Ad ID“ under [FS8] iOS, and „[…]“ under Android). In this case a new Identifier is created that is not merged with previously collected data. We inform you that when you limit the use of the Identifier, you might not be able to use all functions of the Mobile App.
5. In order to deploy push notifications (for goals, breaking news and other important events), an anonymous device ID (push notification token) is stored on our servers along with your app settings associated with said ID. Upon your request, said associated settings can be deleted, upon which the notification service will not work anymore.
5. Adjust
   1. The Mobile App uses the service “Adjust” (https://www.adjust.com/) in order to measure and optimize the reach and effectivity of marketing measure, banner ads etc. (tracking). For this, we collect the following data categories that are processed by adjust GmbH, Saarbrücker Straße 37A, 10405 Berlin, Germany––
      • Anonymized (hashed) IP address;
      • Mobile identifiers such as the ID for Advertising for iOS (IDFA), and Google Advertising ID;
      • Installation and first opening of the Mobile App on the device;
      • Your interaction with the Mobile App (e.g. in-app purchases and registration);
      • Information on which banner ads you have seen, and which ones you tapped on.
      The mentioned data is in principle and, notwithstanding your request for deletion, stored indefinitely.
   2. The data mentioned in para 1 might be transferred to the USA and processed there by adjust to allow statistics on the performance on our marketing measures. The collected data is not merged with other data that allows identifying your personally. In principle, adjust does not pass on any of your data to third parties, however might be obliged by law or forced to by authorities in the USA to do so, and will in that case comply.
   3. Adjust has committed to the EU-US Privacy Shield. More information on what data adjust collects and processes is available here: https://www.adjust.com/privacy-policy/
   4. The legal basis for the use of this service is our legitimate interest in measuring the performance of our ads according to art. 6 para 1 lit. f GDPR.
   5. If you do not want to be tracked by Adjust, you can opt out by clicking on the following link: https://www.adjust.com/opt-out/
6. Google Firebase
   1. In the Mobile App we use Firebase (https://www.firebase.com/), a framework maintained by the Google subsidiary Firebase residing in San Francisco, CA, USA, through which we track and administer the following real-time functions––
      1. Tracking of user behavior through Google Analytics (cp. para 2) for Firebase;
      2. Tracking of app crashes and their reasons through Firebase Crashlytics (cp. para 3);
      3. Push notifications through Firebase Cloud Messaging (cp. in para 4);
      4. Configuration of app settings through Firebase Remote Config (cp. para 5); and
      5. Internet searches through Google Search with Firebase App Indexing (cp. para 6).
      For all mentioned Firebase services, only anonymized or pseudonymized user data is transmitted to Firebase (Google). Firebase’s privacy policy is available under https://www.firebase.com/terms/privacy-policy.html.
   2. The Mobile App uses the web analysis service Google Analytics that tracks your use of the Mobile App through cookies or a comparable technology. The information generated through your cookie or the comparable technology is usually transmitted to a Google server in the USA and stored there. As we anonymize IP addresses in the Mobile App, your IP address is shortened by Google within the European Union or in a member state of the Treaty on the European Economic Area, by way of exception (e.g. in case of technical failure of servers within the EU) is in full transmitted to Google servers in the USA and shortened there. We use the information prepared by Google to interpret your use of the Mobile App for its optimization and further development.
   3. We use Firebase Crashlytics to track app crashes as they occur, and to prevent future ones. In case of an app crash, a report is created that contains the type and OS of the device, your last activities in the app, and your geolocation in pseudonymous form, and that is sent to Google. Information on the functionality of Crashlytics is available under https://firebase.google.com/products/crashlytics/
   4. The Mobile App uses Firebase Cloud Messaging to send messages to its users. To do so, it sends a previously generated anonymous device ID (token) to Google so that we can identify app users and send messages to them. Information on the functionality of Cloud Messaging is available under https://firebase.google.com/products/cloud-messaging/
   5. The Mobile App uses Firebase Remote Config to allow us to alter the app on the devices it is installed on without you having to completely reinstall the app in the respective app store. To do so, your device information, your language and country and regional settings are transmitted to Google in the USA and processed there. Information on the functionality of Remote Config is available under https://firebase.google.com/products/remote-config/
   6. Through Firebase App Indexing we provide the option to perform the common Google web search from within the Mobile App. The terms and conditions for the usual Google web search apply (https://policies.google.com/privacy?hl=de&gl=de).
   7. The legal basis for the use of Firebase is our legitimate interest in maintaining the Mobile App stable and evaluate its performance according to art. 6 para 1 lit. f GDPR.
   8. If you do not want the data categories mentioned in this section, you may not use the Mobile App.
7. Ad Network AddApptr
   1. In the Mobile App we display ads from several advertizing networks that are selected and provided by AddApptr (https://www.addapptr.com/), Alsterufer 4, 20354 Hamburg, Germany. To do so, we collect the following data categories processes by AddApptr––
      • Mobile identifiers such as the ID for Advertising for iOS (IDFA) or the Google Advertising ID;
      • IP address;
      • Geolocation.
      The mentioned data is in principle, notwithstanding your request for deletion, stored indefinitely.
   2. The data mentioned in para 1 is pseudonymized and transmitted to one or several ad network providers in order to display ads that are relevant to you. The mentioned data is, depending on the display network, either only processed within the EU or, if and insofar as networks are used that store and process data outside of the EU, protected by the respective network provider’s commitment to the EU-US Privacy Shield or to an equivalent treaty, e.g. EU Standard Contractual Clauses, that ensure a GDPR-equivalent data protection level.
   3. The legal basis for the use of said service is our legitimate interest in financial remuneration for providing the Mobile App to you for free according to art. 6 para 1 lit. f GDPR.
   4. If you do not want the data mentioned in para 1 to be tracked, you may not use the Mobile App.
8. Twitter
   
   Twitter is integrated in our products. When a user sees any Twitter-content or Twitter-proucts, that is integrated through "Twitter for websites" into other websites, it is possible that Twitter tracks this visit, including the exact web page, IP address, type of browser, operating system, as well as information on cookies. This information helps Twitter improve their products and services, for example, it can help Twitter find the best suggestion or matching advertisements. To protect the privacy of a user, Twitter never connects the browser history, which is tracked through "Twitter for websites", with a name, a mail-address, a phone number or with a Twitter account. Twitter deletes, hides or aggregates the data after a maximum of 30 days, as it is stated in their policy. Inside Twitter's Privacy Policy one can also find details on which information is tracked and used. Also, one can find the possibility to object, restrict or withdraw consent. (https://twitter.com/en/privacy)
9. IAB Europe Transparency & Consent Framework
   
   TorAlarm participates in the IAB Europe Transparency & Consent Framework and complies with its Specifications and Policies and uses the Consent Management Platform with the identification number 300.