Privacy Policy for the ginlo App (Beta)

Table of contents

  1. What is the purpose of this privacy policy?
  2. Who is responsible for my data and who can I contact?
  3. What data is required for registration?
  4. Does the app need access to my address book?
  5. What other data is stored when using ginlo?
  6. What is encrypted?
  7. How and where is my data stored and encrypted?
  8. What else do I need to know about encryption?
  9. What permissions does the ginlo app need and for what?
  10. What data of mine can other ginlo users see?
  11. Will my data passed be on?
  12. Will my user behavior be analyzed and evaluated?
  13. Will I receive advertising?
  14. When and how is my data deleted?
  15. On what legal basis is my data processed?
  16. What are my rights?

1 What is the purpose of this privacy policy?

With this Privacy Policy, we, Brabbler Secure Message and Data Exchange Aktiengesellschaft, Ria-Burkei-Straße 26, 81249 Munich/Germany, explain which personal data we collect and how we use it when you use the ginlo app, and what rights you are entitled to under the General Data Protection Regulation (GDPR) with regard to your data.

In a nutshell: Here you will learn which data we, Brabbler AG, collect when you use the ginlo app, and which rights you have.

2 Who is responsible for my data and who can I contact?

2.1 Party responsible

The data controller responsible for the data processing in terms of the data protection law is:
Brabbler Secure Message and Data Exchange Aktiengesellschaft
Ria-Burkei-Straße 26
81249 Munich/Germany
Phone: +49 89 95 45 94 7-0
E-mail: privacy@ginlo.net

2.2 Data protection officer

You can reach our data protection officer at:
Brabbler Secure Message and Data Exchange Aktiengesellschaft
- Data protection officer -
Ria-Burkei-Straße 26
81249 Munich/Germany
E-mail: dpo@ginlo.net

Heading 3

In a nutshell: Brabbler AG is the party responsible. You can reach our data protection officer at dpo@ginlo.net.

3 What data is required for registration?

3.1 To be able to use ginlo, you need to create a ginlo user account. For this, we need your mobile number.

3.2 By obtaining your mobile number, we can ensure that every ginlo user account is associated with a real person. ginlo stands for encrypted and confidential communication, but we do not want to be a platform for abuse (e.g. spam) or illegal activity. Your mobile number is used as a unique ID and username. You can use it to log in to the ginlo app, e.g. if you change your smartphone.

3.3 During registration, you also specify a display name of your choice. This name will be shown to other ginlo users you’re in touch with. Details can be found in section 10.

3.4 If you use ginlo during one of our beta programs, we also need a valid e-mail address from you. We use it to add you as a user to the test environment of your app store or to send you the download link of the app. In addition, we use the e-mail address to send you information about app updates during a beta program and ask you to participate in ginlo surveys. If we’re unable to accept you in the respective beta program, we’ll delete your e-mail address within one week. If we accept you, we’ll delete it once the respective beta program is over.

In a nutshell: During registration, we ask you for your mobile number. This is for your own security and prevents abuse. During a beta program, we also need your e-mail address to provide you with the app and accompanying information.

4 Does the app need access to my address book?

4.1 For the ginlo app to show you which of your contacts are ginlo users as well, the app needs access to your device’s address book. The mobile numbers of your contacts stored in your address book will be retrieved, hashed, and transferred to our servers. Hashing is a form of one-way encryption used to pseudonymize mobile numbers. By matching the pseudonymized mobile numbers it is possible to display the contacts in your address book as ginlo users whose mobile numbers are assigned to a ginlo user account.

4.2 The mobile numbers in your address book are thus never transmitted to us in plain text or stored in plain text on our servers. Data other than your contacts’ mobile numbers won’t be retrieved.

4.3 Your address book is accessed continuously, for example, when you add a new contact to your address book. Thus, the list of your ginlo contacts stays up-to-date..

4.4 If you don’t want to allow the ginlo app to access your device’s address book, you won’t be able to find other ginlo users. However, you can still be found by other ginlo users who can then get in touch with you.

In a nutshell: The ginlo app retrieves the hashed, i.e. pseudonymized mobile numbers from your device's address book to be able to show you which of your contacts are ginlo users as well. These mobile numbers are never transmitted to us in plain text or stored in plain text on our servers You can also use ginlo with certain limitations if you don’t allow the app to access your address book.

5 What other data is stored when using ginlo?

The operation of a service such as ginlo necessarily generates a range of data. Information on this data will be provided below:

5.1 Encrypted content, e.g. the ginlo messages you send and receive. This data is already encrypted on your device and is also stored on our servers in an encrypted state so that we do not have access to this data. Details on the encryption can be found in sections 6 and 7 below. We use this data in accordance with this privacy policy to provide the ginlo service.

5.2 Metadata such as message send times or message recipient IDs, device and connection data such as the device ID and operating system version. We use this data in accordance with this privacy policy to provide the ginlo service and to manage your devices.

5.3 The app will send an error log in the background, e.g. when the software crashes or in case of a server error. We use this data in accordance with this privacy policy to continuously improve the ginlo app and support troubleshooting. The error log doesn’t contain any user content or user IDs that allow us to identify you as a person.

5.4 In addition, you can send us an app log manually at any time, e.g. to help us find the cause of an error you have reported. This app log is sent from the e-mail address set up on your device and can thus be assigned to you personally. We use this data in accordance with this privacy policy to continuously improve the ginlo app and to fix bugs.

In a nutshell: We store encrypted content (e.g. sent messages), metadata (e.g. the time a message is sent), device data (e.g. the operating system version), app logs as well as error logs.

6 What is encrypted?

6.1 We developed ginlo to enable the secure exchange of messages and other content. This is why we always encrypt all content in a manner that no one other than the intended users can view the data.

6.2 However, we cannot encrypt the following data, or can only encrypt it during transport between your device and our servers, which means that we would be able to access this data in plain text:

a General data: We would be able to determine with which other ginlo users you are connected, i.e. you are able to exchange messages.

b Regarding ginlo messages: We would be able to determine the time and communication partner of a message exchange but not the content (subject, message text, attachments). We require this data for the synchronization on various devices and for the structured display of conversations.

c Regarding your device: We record the device ID, operating system version and device model. This data is required to manage your devices. The device ID is needed for delivering messages to your device (so-called push messages). This is not the same as the IMEI or MAC address of your device.

In a nutshell: We always encrypt all content (e.g. message and file content), but certain additional information is not encrypted for technical reasons (e.g. the time a message is sent).

7 How and where is my data stored and encrypted?

7.1 Messages, shared files, and other content in ginlo are transmitted and stored in an encrypted format. They can only be decrypted and read using your secret private key. This applies to content stored on our servers and to content (temporarily) stored locally on your device.

7.2 Encryption and decryption is performed on your device or on the device of the recipient (end-to-end encryption). We have no possibility of accessing your encrypted data in clear text.

7.3 We use various encryption algorithms for encryption. For the encryption of files and of content stored on your devices, we use AES256, and for messages we use the libsodium library. Your data is stored on our servers in an encrypted format. Our servers act as an external storage space with which we can enable a synchronization with all of your devices.

7.4 All data is stored exclusively on servers in Germany, which are operated by service providers based in Germany.

In a nutshell: ginlo provides secure end-to-end encryption. We ourselves have no possibility of accessing your encrypted data in clear text. Your data is stored exclusively in Germany.

8 What else do I need to know about encryption?

8.1 The ginlo app generates an individual private key for each ginlo user when they register. This key is stored on your device.

8.2 Your content can only be decrypted with your private key. You do not need to memorize the private key (a very long number) because it is stored in the ginlo app on your device.

8.3 We do not have access to your private key. If you lose the private key, your content stored in ginlo will no longer be readable. This is why we highly recommend that you keep the recovery code you receive during registration in a safe place outside your smartphone. With this code, you can restore your private key to a new device, e.g. if you lose your current one.

In a nutshell: Your content can only be accessed using your private key, which is stored on your device. We urgently recommend that you keep the recovery code from your registration in a safe place. Otherwise, you will no longer have access to your data if you lose your device.

9 What permissions does the ginlo app need and for what?

9.1 In-app purchases: Completion and management of paid subscriptions, if you decide to use a paid service later on (contract management).

9.2 Photos (optional): Sending of photos and videos via ginlo

9.3 Camera (optional): Direct recording of photos and videos in ginlo and subsequent sending of this content

9.4 Microphone (optional): Direct recording of videos and voice messages in ginlo and subsequent sending of this content

9.5 Address book (optional): Transfer of hashed, i.e. pseudonymized mobile numbers from the local address book of your device to our servers to identify ginlo users among your contacts (for details, please see section 4).

9.6 Notifications (optional): Notification of the user, e.g. on new messages

In a nutshell: For you to use the full feature scope of the ginlo app, certain permissions are needed on your device. You can deny optional permissions if you don’t want to use the corresponding features.

10 What data of mine can other ginlo users see?

10.1 ginlo users with whom you’re already in touch via a one-to-one conversation, can see the following data of yours:

  • In the conversation overview: Your name if it is stored in that user’s device address book; your display name if your name is not stored in the device address book
  • In the contact picker: Your name if it is stored in that user’s device address book; your display name and your mobile number if your name is not stored in the device address book

10.2 If you participate in a group conversation, your mobile number and your display name can be viewed by all other participants in the group. If you leave the group conversation, this data will no longer be visible in the group.

In a nutshell: ginlo users with whom you’re already in touch via a one-to-one conversation, can see your mobile number and your display name. Your mobile number and your display name are also visible in the group conversations you participate in.

11 Will my data be passed on?

11.1  We may use technical service providers, e.g. for hosting (server operation; currently PlusServer and ProfitBricks) or to send newsletters (currently Newsletter2Go).

11.2 We only release data to public agencies (law enforcement agencies, for example) if we are required to do so by law. If law enforcement agencies request data from us, we will inform you of this fact unless we are prohibited from doing so. We will also resist legally questionable requests for information, even in a court of law if necessary.

11.3 In addition, we may distribute your data to third parties (e.g. to a court) to the extent necessary to assert, enforce or defend a right.

11.4 Because sensitive data is encrypted when using ginlo and only you can decrypt it, this information will never reach third parties in plain text.

In a nutshell: We, too, sometimes need to use service providers, such as for hosting (server operation). We only release data to public agencies if we are required to do so by law. However, since your data is encrypted, sensitive content can never be accessed by third parties in plain text.

12 Will my user behavior be analyzed and evaluated?

12.1 We do not record your usage behavior and do not have tracking technologies of third parties integrated in our app.
12.2 However, we are able to anonymously evaluate data found on our servers. For example, we can determine on what type of device the ginlo app is most frequently installed, or how many ginlo contacts a ginlo user has on average. This data is never associated with you personally.
12.3 We do not store the IP addresses of devices that connect to our servers. The IP address is a code that your Internet access provider permanently or temporarily assigns to your device.

In a nutshell: No. We made a conscious decision to not evaluate the use of our app. We only maintain anonymous statistics. We never store the IP address.

13 Will I receive advertising?

We finance our operation through user fees and not through advertising. We do not create usage profiles for targeted advertising. We never distribute your data to third parties for advertising purposes or send you advertising from other companies.

In a nutshell: We finance our operation exclusively through usage fees and not through advertising. Your data will never be distributed to third parties for advertising purposes.

14 When and how is my data deleted?

We only store your data for as long as necessary to provide the ginlo service. If you are in one of our free beta programs, we delete your data immediately when you cancel. Data stored locally on your device is deleted when you uninstall the ginlo app. Data stored by you outside of the ginlo app is, of course, not deleted.

In a nutshell: We always only store your data for as long as necessary to provide the ginlo service. Data stored locally on your device is deleted when you delete the ginlo app

15 On what legal basis is my data processed?

15.1 We process your data to fulfill the contract of use with you. In this respect, the legal basis is Art. 6(1) lit. b GDPR.

15.2 Insofar as we use metadata, error logs, and app logs to improve our service, this is based on your and our legitimate interest in further developing ginlo (Art. 6(1) lit. f GDPR).

15.3 The legal basis for the disclosure of data to public authorities according to section 11.2 is the applicable legal obligations (Art. 6(1) lit. c GDPR). For the disclosure to a court, it is our interest in asserting, enforcing, or defending a right (Art. 6(1) lit. f GDPR).

In a nutshell: Your personal data will be processed in accordance with the General Data Protection Regulation.

16 What are my rights?

You have certain rights with regard to your personal data in accordance with the GDPR, including the right to information about the data stored about you. For details on your rights, please see “Your rights under the General Data Protection Regulation (GDPR)”.

Version: October 2018

In a nutshell: The GDPR grants you certain rights which will will be explained here.