Effective: May 18, 2026
In this Privacy Policy, we would like to provide you with comprehensive information regarding the collection and processing of your personal data in accordance with Articles 13 and 14 of the GDPR.
This Privacy Policy applies to all websites operated by the Data Controller (referred to as "Websites" in this Privacy Policy) that link to this Privacy Policy, specifically the Silna Arc (iOS) app.
The controller responsible for the processing of your personal data within the meaning of the General Data Protection Regulation (GDPR) and other data protection laws on the aforementioned website is
Himzo Tahić
Hohenzollerndamm 198A
10717 Berlin
Germany
Email: [email protected]
When your personal data is processed, the GDPR grants you, as a data subject, the following rights.
Right of access (Art. 15 GDPR)
You have the right to request confirmation as to whether personal data concerning you is being processed; if this is the case, you have the right to access this personal data and to the information specified in detail in Art. 15 GDPR.
Right to rectification and erasure (Art. 16 and 17 GDPR)
You have the right to request the immediate rectification of inaccurate personal data concerning you and, where applicable, the completion of incomplete personal data.
With regard to data stored exclusively locally on the end device, we would like to point out that the controller has no technical access to this data. Users can delete the local data themselves by uninstalling the app.
Right to restriction of processing (Art. 18 GDPR)
You have the right to request the restriction of processing if one of the conditions listed in Art. 18 GDPR is met, e.g., if you have objected to the processing, for the duration of any review.
Right to data portability (Art. 20 GDPR)
In certain cases, which are listed in detail in Art. 20 GDPR, you have the right to receive the personal data concerning you in a structured, commonly used, and machine-readable format or to request the transmission of this data to a third party.
Right to Object (Art. 21 GDPR)
If data is collected on the basis of Article 6(1)(f) of the EU GDPR (data processing to safeguard legitimate interests), you have the right to object to the processing at any time for reasons arising from your particular situation. We will then no longer process the personal data unless there are demonstrable compelling legitimate grounds for the processing that override the interests, rights, and freedoms of the data subject, or the processing serves to assert, exercise, or defend legal claims.
Notice regarding the right to object to direct marketing
If we use your data for the purpose of direct marketing, you have a specific right to object to this processing, the exercise of which will result in the termination of processing for the purpose of direct marketing.
Right to lodge a complaint with a supervisory authority
Pursuant to Art. 77 of the GDPR, you have the right to lodge a complaint with a supervisory authority if you believe that the processing of your personal data violates data protection regulations. This right to lodge a complaint may be exercised, in particular, with a supervisory authority in the Member State of your residence, your workplace, or the location of the alleged infringement. The competent supervisory authority for the controller is the Berlin Commissioner for Data Protection and Freedom of Information, Alt-Moabit 59-61, 10717 Berlin.
We regularly adapt and update this Privacy Policy. The current version can be found in our app. In the event of significant changes that may affect customers' rights, we will communicate the changes in advance and, if necessary, point out existing options for objection. This information will be provided in text form (e.g., via push notification).
Certain personal data is necessary for the establishment, performance, and termination of the contractual relationship and the fulfillment of the associated contractual and legal obligations. The same applies to the use of the app and its various features. Please note that processing your request or fulfilling the underlying contractual relationship is not possible without the provision of this data.
In addition, the provision of certain data is voluntary and marked accordingly. There are no negative consequences associated with the non-provision of this data.
Direct collection from you
The processing of your personal data is carried out in strict compliance with the principles of data processing set forth in Article 5 of the GDPR, specifically for a purpose determined prior to collection (so-called purpose limitation). This purpose is visible to you at all times (so-called transparency). Furthermore, only personal data necessary for the specific processing purpose is processed (so-called data minimization). Incorrect or outdated data is deleted or corrected (so-called accuracy). Personal data is otherwise deleted when it is no longer needed, unless there are legal retention obligations; in which case we will block the data for further use (so-called storage limitation – deletion/blocking). Unauthorized third parties are not granted access to your personal data (so-called integrity & confidentiality).
Disclosure of personal data by the controller
We ensure that access to your personal data is granted only to persons under the control of the controller who require it to fulfill their contractual and legal obligations and who process it exclusively on our instructions.
Data processing for the performance of a contract
We process collected data in accordance with Article 6(1)(b) of the GDPR for the purpose of fulfilling the contract.
Data Processing to Protect Legitimate Interests
In certain cases, we may also process your personal data if this is necessary to protect our legitimate interests, provided that your interest in not having the data processed does not outweigh this.
Data processing based on consent
If you have given us separate consent, the corresponding processing is carried out on the basis of Art. 6(1)(a) GDPR. Your consent may be revoked at any time without affecting the lawfulness of the processing carried out to date. If consent is revoked, we will cease the corresponding data processing.
Data processing based on a legal obligation
In certain cases, we also process personal data to fulfill a legal obligation to which we, as the data controller, are subject.
We do not use purely automated processing procedures to make decisions.
The app processes the following data exclusively locally on the user's device:
This data never leaves the user's device. The controller has no access to this data.
Information regarding physical limitations may constitute health data within the meaning of Art. 9(1) GDPR. Since this data is processed exclusively locally on the user's device and the provider has no access to this data at any time, the processing is based on the user's explicit consent (Art. 9(2)(a) GDPR), which is granted by actively entering the data into the app.
The app uses Apple's analytics service (App Analytics via App Store Connect). This collects aggregated, non-personal usage statistics, in particular:
This data is collected by Apple and made available to the provider in an anonymized, aggregated form. The provider cannot identify individual users. The legal basis is Art. 6(1)(f) GDPR (legitimate interest in improving the app). Further information on data processing by Apple can be found in Apple's Privacy Policy at https://www.apple.com/legal/privacy/.
The app can send local push notifications to the user. The Apple Push Notification Service (APNs) is used for this purpose. In doing so, a device-specific token is transmitted to Apple. The user can disable push notifications at any time in the device settings. The legal basis is the user's consent (Art. 6(1)(a) GDPR), which is obtained via the operating system's prompt.
Users can create backup copies of their device using the iOS backup function (iCloud or local backup), which may also include app data. The provider has no access to these backups and is not responsible for data security within the scope of the Apple backup function.
The subscription is concluded and managed via the Apple App Store. As part of subscription management, Apple processes personal data (payment information, Apple ID). The provider receives only the information from Apple as to whether a valid subscription exists; the user's payment data is not transmitted to the provider.
The user has the option to send feedback to the controller via email at [email protected] and optionally attach a file. The following data is processed as part of the feedback feature:
Processing is based on the user's consent (Art. 6(1)(a) GDPR), which is given by actively sending the email. The data is used exclusively to process the inquiry and is deleted upon completion of the communication, provided there are no legal retention obligations.