Privacy and data protection terms
Effective date: May 17, 2023
The privacy and data protection terms were originally composed in German language. This is the English translation. In case of a mistakenly difference by translation the German Datenschutzerklärung is the prioritized document.
Tredict sees the protection of your data as one of the main features of our application and service. We explicitly have:
- No tracking scripts and no tracking cookies
- No scripts that analyze your user behavior
- No advertising
- No sale of your data
- No marketing bombardment
We attach particular importance to data security and data protection.
Your data belongs to you and is only used by Tredict to provide the application functionality.
You have full control at all times and full access to all of your data that is stored with us. Your account can be canceled at any time and deleted without a trace.
Our business model your payment for a full access fee.
Specific data can only be made available to third parties if:
- You make a payment to us
- You connect Tredict to a push service of your activity sensor and devices
- You have activated the map service
- You have activated the weather service
You can find more about this in this data protection declaration.
If you have any questions about data protection, do not hesitate to contact us after reading the data protection declaration.
The legal basis for data protection can be found in the German Federal Data Protection Act (BDSG), the German Telemedia Act (TMG) and the EU General Data Protection Regulation (GDPR), which Tredict expressly follows.
Telefon: +49 40 28578495
Data collection and storage of personal data
When you register your Tredict account, the following data is recorded and saved:
Name, email address, password (encrypted), gender and year of birth
Body-related data, health data and equipment
Tredict offers you the possibility to create body-related data, such as weight, height, maximum heart rate and health data, like sleep and heart rate variability as well as disease progress. You can also create equipment and assign it to these activities. This data is only used to display and optimize your training planning.
Some health data such as weight, sleep or heart rate variability can be automatically transferred from your fitness tracker or watch manufacturer to Tredict if you have connected Tredict to the manufacturer's interface. The automatic transmission of these metrics can be specifically activated or deactivated in the service settings of Tredict.
Tredict saves the data of your uploaded and created activities in order to generate training courses, fitness metrics and statistical evaluations for you.
The scope of this data depends on the configuration and the possibilities of your activity sensor and generally, but not necessarily, has the following data fields: Duration, distance, speed, altitude, heart rate, wattage, geo-coordinates, cadence, ground contact time, temperature and other fields. Please also inform yourself at the manufacturer of your activity sensor, which data is transmitted.
Tredict aggregates your provided data from activities and body data in order to create further values, such as efficiency values and fitness values. The goal is to improve your training planning and to be able to provide statistics and trend information.
Tredict only uses your provided data to ensure the functionality of the application. Your data will not be passed on to third parties or withdrawn from the application context.
Tredict saves a so-called session cookie when you register or log in to Tredict. This cookie is necessary to determine your login status and to know whether you are authorized to access the protected area of the Tredict application.
This cookie is a host-only cookie and can only be read by and through the Tredict website and therefore not used for tracking.
Tredict does not save any other cookies, not even from third parties. In particular, no tracking or analysis cookies are saved.
Your account can be canceled at any time and deleted without a trace. To do this, go to the account settings. Your data stored at Tredict will be deleted immediately from the databases. It can take up to a month for the process to remove the data from all backups. As a rule, however, it takes 2 weeks.
When you contact Tredict, for example by email, your details will be saved for the purpose of processing the request and in the event that follow-up questions arise.
Integration of third-party services and content
Tredict uses the map services from OpenStreetMap (OSM) and its derivatives. The provider is the Open Street Map Foundation (OSMF), 132 Maney Hill Road, Sutton Coldfield, West Midlands, B72 1JU, United Kingdom. When a request is made to OpenStreetMap, the coordinates of the requesting activity for which the map material is intended are transmitted indirectly. However, Openstreetmap generally does not save any user data. More information can be found at: https://openstreetmap.org/
You can deactivate the map service in the settings.
Tredict uses the Visual Crossing weather API for its weather data. The provider is Visual Crossing, 11654 Plaza America Drive, Suite 285, Reston, VA 20190, USA. When requesting Visual Crossing, the median coordinates and the time of the requesting activity are transmitted. Further information can be found in the data protection regulations: https://www.visualcrossing.com/privacy/
You can deactivate the weather service in the settings.
Tredict uses the OpenWeatherMap weather API for its weather data. The provider is Openweather Ltd, 30 St Mary’s Axe, The City Of London, London, Greater London, EC3A 8BF, United Kingdom. When requesting OpenWeatherMap, the median coordinates and the time of the requesting activity are transmitted. Further information can be found in the data protection regulations: https://openweather.co.uk/privacy-policy
You can deactivate the weather service in the settings.
The Paddle.com iFrame will only loads when you initiate a purchase in the account settings.
Transactional email messages are sent via the email service provider Postmark. AC PM LLC, 1 N Dearborn Street, Suite 500, Chicago, IL 60602 Since normal email messages are per se unencrypted, Postmark also has access to the content of the message. The transmission of an email to Postmark is TLS encrypted. A Data Processing Addendum (DPA) in the sense of the GDPR is available to Tredict and Postmark. Postmark has a GDPR-compliant set of rules: https://postmarkapp.com/eu-privacy
Tredict's dedicated servers are leased from the data center service provider Hetzner Online GmbH, Gunzenhausen, Germany. Tredict uses the network- and hardware-related services of the service provider. The server locations are in Germany. The security of the data center is checked at regular intervals by TÜV Rheinland. A contract for order processing within the meaning of the GDPR is available to Tredict and Hetzner Online.
Additional servers for better redundancy are rented from netcup GmbH, Karlsruhe, Germany. Tredict uses the network and hardware-related services of the service provider. The server location is in Austria. Tredict and Netcup have an order processing contract within the meaning of the GDPR.
Further information on data protection
Server log files
Tredict does not save server log files that contain user related data. Furthermore, no user related data is stored in error log files.
For security reasons and to protect the transmission of confidential content, this website uses an encrypted TLS connection only.
All data processed by and through Tredict's systems is stored at file system level with AES256 encryption.
Revocation of your consent to data processing
Many data processing operations are only possible with your express consent. You can revoke your consent at any time by deleting your account. Furthermore, you can have your data corrected or changed at any time.
Right to lodge a complaint with the competent supervisory authority
In the event of violations of the GDPR, those affected have the right to lodge a complaint with Supervisory authority, in particular in the member state of their habitual residence, their place of work or the location of the alleged violation. The right to lodge a complaint exists without prejudice to anything else administrative or judicial remedies.
Right to data portability
You have the right to receive data that we have based on your consent or in the performance of a contract automated processing, to be able to download from the Tredict website at any time or to be sent by us in another technically feasible way.
Note: The following passages only belongs to you, if you would like to coach athletes over the Tredict platform. Otherwise they are ignorable.
Tredict provides the ability for a coach to manage their athlete’s training profile. This includes the ability to access the athlete's training profile and data and communicate with the athlete. Once an athlete account is associated with a coach, the coach can access personal and sensitive information about an athlete. Noting that an association requires acceptance by both the coach and athlete. It is important that you are aware of your privacy and security obligations to the athletes data. If you are accessing data related to a user who resides in the European Union, you may also be subject to the General Data Protection Regulation (GDPR).
As such, before you connect to an athlete's account, you agree to maintain and undertake certain privacy obligations and data usage restrictions.
By accessing athlete's data and using the Tredict coach access, you acknowledge that you have read, and agree to abide by this agreement.
You will have access to personal and sensitive user data. You have obligations regarding privacy and security of this data.
You will not share any user data without their express consent.
You will not transfer data into any another system, platform, application, or third party without the athlete's express consent.
You will not transfer any European Union athlete's data outside the European Union unless in compliance with the GDPR.
You are solely responsible for maintaining any relevant privacy of user data. Should an athlete allow you to transfer, copy or download any of their data you accept sole responsibility for maintaining the relevant privacy requirements so the the athlete can access, rectify and delete data held or controlled by you.
You will honour any athlete's request to access, rectify or delete their personal data you may hold or control. This may include, but is not limited to, data you have downloaded or exported, screenshots, and emails.
You agree to ensuring that any data is encrypted and transmitted over a secure, encrypted channel (e.g., HTTPS). Where technically feasible, any Tredict athlete's data you hold at rest should also be encrypted.
You must notify Tredict of any security breach, involving athlete's data obtained via Tredict, within the meaning of the GDPR, within 24 hours any such security incident.
You agree to respect athlete's privacy. You may use and retain data only so long as necessary for the purpose you originally obtained it. It is essential that you do not disclose data or use it for, another user or any other third party without a lawful basis.
Now have fun doing sports! Do not hesitate to contact us if you have any questions, including the cooking of Spaghetti Bolognese.