Below, we inform you about the nature, scope, and purpose of processing your personal data in connection with our app „MikeLoop“ (including its variant for educational institutions called „MikeLoop EDU 2023“) and our websites „soundigits.de“, „soundigits.com“, „sounddigits.de“, „sounddigits.com“, „mikeloop.app“ und „mikeloop.de“. Personal data is any information related to an identified or identifiable natural person.

1. Controller

The controller under the EU General Data Protection Regulation (GDPR) is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data. For the personal data processed when visiting our websites and using our app, the controller under the GDPR is: soundigits UG (haftungsbeschränkt), Köpenicker Straße 124, 10179 Berlin, Germany (hereinafter "we").

2. When you visit one of our websites

When you visit one of our websites, our server collects the following information from your device: URL of the requested document, the previously visited website (referrer), user agent (browser type and browser version, operating system), IP address, time and size of the transmitted document.

We collect and process this data to ensure the smooth operation of our website and to detect, prevent and pursue abuse of our services. In addition, we use the collected data for statistical purposes, for example to evaluate which devices and browsers are used to access our offer, in order to continuously adapt and improve our offer based on the needs of the users. This data processing is based on our legitimate interest according to Article 6 paragraph 1 letter f GDPR.

We delete all personal data mentioned above 90 days after their collection.

3. Data Processor

In order to operate our websites and app, and receive, store, and send emails, we use services provided by all-inkl.com (René Münnich, Hauptstraße 68, 02742 Friedersdorf, Germany) as a data processor according to Article 28 of the GDPR.

4. Getting the app

You cannot directly obtain our app from us, but rather only through the app store of Apple. The contract and privacy policy of Apple apply to the acquisition of our app through the Apple app store.

5. Using our app

When you use our app, your device transmits the following information to our server: device type, operating system version, IP address, and - if you use a paid version of our app - the receipt file as proof of payment of in-app purchases. We collect and process this data to ensure the smooth operation of the app and to detect, defend against, and investigate abuse of our services. We also use the collected data for statistical purposes, such as evaluating which devices and operating systems our app is used with, in order to continuously adapt and improve our offer to the needs of our users.

If we process the receipt file for payment verification, this is done as part of contract fulfillment in accordance with Article 6 Paragraph 1 Letter b GDPR. We keep it stored until you inform us that you no longer want to use the paid version of the app.

The processing of the other categories of data is based on our legitimate interest according to Article 6 Paragraph 1 Letter f GDPR. The personal data collected based on our legitimate interest will be deleted 90 days after collection.

For the use of the app, your device must grant the app access to certain functions:

• Internet access: Internet access is required so that the app can retrieve and provide media content and updates provided by our server.
• Microphone and/or audio input: If you want to process audio data with our app, this can be done either through the built-in microphone or via an external audio interface, whichever you prefer; you must allow access to these inputs. Recorded and fed-in data is stored only on your device storage unless you consciously transmit it to our server (e.g. as an attachment to a support request).
• Device storage: Access to your device storage is only required so that you can save and retrieve media content created with our app. Media content created by you will not be transmitted to us or third parties.

6. Newsletter

When you sign up for our newsletter, we process your email address to send you the desired information. This processing is based on your consent according to Article 6 paragraph 1 letter a GDPR. We keep your email address stored until you unsubscribe from the newsletter.

7. Contact us

If you contact us via email, we will store your message along with the sender information (name, email address, and any other information added by your email program and the transmitting servers).

The legal basis for this data processing is our legitimate interest in responding to your message and being able to respond to any follow-up questions you may have (Article 6(1) letter f GDPR). We will delete the data collected with your message no later than twelve months after the last communication with you regarding your matter, subject to the regulations in the following paragraph.

The mail servers used by us work with TLS and SSL, so the transmission between your and our mail server is encrypted if your email provider supports at least one of these encryption techniques.

8. Your rights

With regards to the personal data we process about you, you have the following rights:

You have the right to demand confirmation from us as to whether we are processing personal data concerning you. If this is the case, we will provide you with the personal data stored about you and further information in accordance with Article 15(1) and (2) of the GDPR.

You have the right to have incorrect personal data concerning you corrected immediately. Considering the purposes of the processing, you also have the right to require the completion of incomplete personal data, including by means of a supplementary statement.

You may request from us the immediate deletion of the personal data concerning you in accordance with the provisions of Article 17(1) of the GDPR, to the extent that their processing is not required under Article 17(3) of the GDPR.

You may request from us the restriction of the processing of your data if one of the conditions set out in Article 18(1) of the GDPR is met. You may in particular request a restriction instead of a deletion.

We will communicate any correction or deletion of your personal data and a restriction of the processing to all recipients to whom we have disclosed your personal data, unless this proves impossible or involves disproportionate effort. We will also inform you of these recipients if you request this.

You have the right to receive the personal data that you have provided to us in a structured, commonly used and machine-readable format, and you may request that we transmit these data to another controller without hindrance, to the extent that this is technically feasible.

If a data processing is based on your consent, you have the right to revoke your consent at any time. The revocation of consent does not affect the legality of the data processing carried out until your revocation.

RIGHT OF OBJECTION: YOU CAN OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA AT ANY TIME FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION; this right of objection applies to data processing based on Article 6 paragraph 1 letter f GDPR for the protection of our or a third party's legitimate interests, unless your interests or fundamental rights and freedoms that require the protection of personal data predominate. If you exercise your right of objection, we will no longer process the data concerned, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is necessary for the establishment, exercise or defense of legal claims.

IN CASE WE PROCESS PERSONAL DATA FOR DIRECT MARKETING (E.G. NEWSLETTERS), YOU CAN OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA FOR SUCH MARKETING AT ANY TIME, WITH THE CONSEQUENCE THAT WE WILL NO LONGER PROCESS YOUR DATA FOR THESE PURPOSES.

If you believe that the processing of your personal data violates the GDPR, you may file a complaint with a supervisory authority, in particular in the Member State of your place of residence, your place of work or the place of the alleged infringement. This does not exclude other administrative or judicial remedies.