Privacy Policy
Icon For Printer Print Page
Updated: July 2020

Privacy Policy

Latest Changes:

  • July 15, 2020: Adding Giphy, Inc. as service provider for searching for and sending animated gif messages in the integrated chat feature.

onebytezero GmbH
(hereafter “onebytezero”, “we” or “us”)

Due to the General Data Protection Regulation (GDPR) of the European Union becoming effective on May 25, 2018, we inform you with the following statement about which personal data is collected, processed, used and protected by us.

1/ (General) data collection and data processing during your visit to our website and use of our services

In the case of internet access to our website or our services, your internet browser automatically supplies data, such as the URL of the referring web page, browser type, browser version, date and time of your access, amount of data sent, your IP address, the file you requested and other similar data and information to our web server.

When using this general data and information, we draw no conclusions about the person involved with this access. Rather, this information is needed to (1) correctly deliver the contents of our website, (2) to optimize the contents of our website, (3) to ensure the continued functioning of our information technology systems and the technology of our website, and (4) to provide the information necessary for prosecution to law enforcement agencies in the case of a cyberattack. This anonymously collected data is statistically evaluated and used to improve data protection and data security and in order to ultimately ensure an optimal level of protection for the personal data we process. The anonymous data of the server log files are stored separately from all personal data provided by an affected person.

2/ Contact possibility

Due to legal regulations, our website contains information that enables quick electronic contact to our company as well as direct communication with us, which also includes a general address of the so-called electronic mail (e-mail address). If you contact us by e-mail or via a contact form, the personal data you provide (such as personal data and contact details) will be automatically saved. Such personal data transmitted by you to us on a voluntary basis will be stored to process your request or to contact you.

3/ Live Chat

The live chat is provided by Crisp IM SARL ( The use of the live chat is subject to the terms and conditions (available at and the privacy policy (available at of Crisp IM SARL.

4/ Cookies

Our website uses cookies. Cookies are text files that are stored on a computer system via an Internet browser.

Many websites and servers use cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a string through which Internet pages and servers can be assigned to the specific Internet browser in which the cookie was stored. This allows the visited websites and servers to distinguish the individual browser of the affected person from other Internet browsers that contain other cookies. A particular Internet browser can be recognized and identified by the unique cookie ID. By using cookies, we can provide users of this website with more user-friendly services that would not be possible without cookies.

By using cookies the information and offers on our website can be optimized for the user. Cookies allow us, as already mentioned, to recognize the users of our website. The purpose of this recognition is to make it easier for users to use our website. For example, the user of an internet page using cookies does not have to re-enter his credentials every time he visits the internet site because this is done by the cookie and the cookie stored on the user’s computer system.

You can prevent the setting of cookies through our website at any time by means of an appropriate setting of the Internet browser used and thus permanently deny the use and storage of cookies. Furthermore, already set cookies can be deleted at any time via an internet browser or other software programs. This is possible in all common internet browsers. If the data subject deactivates the setting of cookies in the Internet browser used, not all functions of our website may be fully usable.

5/ Use of Google Analytics

Our website uses Google Analytics, a web analytics service provided by Google Inc. (“Google”). We have concluded an appropriate contract data processing contract with the provider.

Google Analytics uses so-called “cookies”, text files that are stored on your computer and that allow an analysis of the use of the website by you. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. You can prevent this by setting up your browser so that no cookies are stored or by allowing only essential cookies when asked for your consent.

The data processing takes place on the basis of the legal regulations of the § 96 Abs 3 TKG as well as the art 6 Abs 1 a) (consent) and/or f (legitimate interest) of the GDPR.

Our concern in the sense of the GDPR (legitimate interest) is the improvement of our offer and our website. Since the privacy of our users is important to us, the user data is pseudonymized.

By activating IP anonymization on this website, however, your IP address will be shortened by Google beforehand within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the US and shortened there.

On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage to the website operator. The pseudonymized IP address provided by Google Analytics within the scope of Google Analytics will not be merged with other data provided by Google.

You can prevent the storage of cookies by setting your browser software accordingly or by allowing only essential cookies when asked for your consent; however, please note that in this case, you may not be able to use all the functions of this website to the full extent. In addition, you may prevent the collection by Google of the data generated by the cookie and related to your use of the website (including your IP address) as well as the processing of this data by Google by using the link below -able browser plugin download and install

6/ Use of the Facebook Pixel

The Site uses the Facebook Pixel service of Facebook Inc. (“Facebook”). The service allows us to follow the actions of users after they are redirected by clicking on a Facebook advertisement. We are thus able to record the efficacy of Facebook advertisements for statistical and market research purposes. The collected data are saved and processed by Facebook. Facebook is able to connect the data with your Facebook account and use the data for their own advertising purposes. For more information regarding Facebook Conversion Tracking, please visit Facebook’s website, and pages that describe Facebook Conversion Tracking and Custom Audience Pixels, such as, where you can also revoke permission for this service. You may also opt out of Facebook tracking by allowing only essential cookies when asked for your consent.

7/ Use of Google AdWords Retargeting-Technology

We use Google AdWords Remarketing technology to to provide relevant and targeted advertisements through retargeting.AdWords remarketing will display relevant ads tailored to you based on what parts of the our website you have viewed by placing a cookie on your computer or device. Google AdWords Remarketing allows us to tailor our marketing to better suit your needs and only display ads that are relevant to you. If you do not wish to participate in our Google AdWords Remarketing, you can opt out by visiting Google’s Ads Preferences Manager or by allowing only essential cookies when asked for your consent.

8/ Use of Giphy Service

Using the integrated chat feature you can access the Giphy Service to send and view animated gif messages. Use of this feature is subject to the terms and conditions (available at and the privacy policy (available at of Giphy, Inc.

9/ Subscription to our newsletter

On our website and through our services, users are given the opportunity to subscribe to our newsletter. When ordering the newsletter via our website, the e-mail address, first name and last name are sent to us.

We inform our customers at regular intervals by means of a newsletter about offers of the company. The newsletter of our company can only be received by you if (1) you have a valid e-mail address and (2) you have registered for receiving the newsletter. For legal reasons, a confirmation e-mail will be sent to the e-mail address registered by you for the newsletter dispatch in a double-opt-in procedure. This confirmation e-mail is used to check whether the owner of the e-mail address originally authorized the receipt of the newsletter.

When subscribing to the newsletter, we also store the IP address of the computer system used by the person at the time of registration as assigned by the Internet Service Provider (ISP), as well as the date and time of registration. The collection of this data is necessary in order to be able to understand the (possible) misuse of the data subject’s e-mail address at a later date and therefore serves as a legal safeguard for the data controller.

The personal data collected in the context of registering for the newsletter will be used exclusively to send our newsletter. In addition, subscribers of the newsletter could be informed by e-mail if this is necessary for the operation of the newsletter service. There is no transfer of the personal data collected in the context of the newsletter service to third parties. Subscription to our newsletter may be terminated by you at any time. The consent to the storage of personal data, which you have given us for the newsletter, can be revoked at any time. For the purpose of revoking the consent, there is a corresponding link in each newsletter. It is also possible to unsubscribe from the newsletter at any time in our mobile application in the menu item “Account” or by informing us in a different way.

10/ YouTube embeddings

There are embeddings of YouTube videos on our website that have an enhanced privacy mode enabled, so YouTube does not store information about visitors to our website unless the visitor watches a video. If you would like to view the videos from us via a link on our website, a connection to the servers of YouTube (Google Inc.) will be established and shared with the servers which page of our website you visited. If you are logged in to your YouTube account at the same time, YouTube can direct your surfing behavior to your personal profile. By activating one of the YouTube videos and will create different cookies for the collection of user preferences, advertising etc. Additional privacy information is available directly on the YouTube website.

11/ Registration for our services

Parts and basic functions of our services can be used without registering with an e-mail address. In these cases, only the entry of a first name is required. If you do not specify an e-mail address, an anonymous user account will be created and processed by us. At any time you have the opportunity to register with an e-mail address and password. To complete the registration, we will send you an e-mail confirming your address. In this case, the e-mail address will be used to send you important information about your account. This includes actions such as forgot password and expiration of purchased subscriptions. An automatic registration for our newsletter does not take place.

By submitting the e-mail address, the user agrees that we will inform him about specific activities on our IT platform, such as the resetting of a password or the expiration of a subscription, via this e-mail address.

12/ Processing data connected to your goals

When using our services, users me be able to create individual goals. To provide our reminder services, automated coaching messages and to calculate your progress we automatically process all data connected to this goal on our servers and on client devices. This includes, but is not limited to, the type of goal, length of goal duration and individual activities connected to this goal.

13/ Access control and request limits

When you use our services, in addition to the goal data you supply, we also record information about the frequency of your access and important changes to your user account. This data is used to monitor, for example, brute force attacks, DoS attacks and to enforce rate limits we set for API access. Important changes to your account include, but are not limited to, changing the e-mail address, changing the password, and registering for the newsletter.

14/ Use of reminders, chat messages & community news via push notifications

If you use the reminder feature of our services, you want to be notified about new chat messages, or you want to receive community news, you must agree to the use of push messages. For this purpose, the application-specific device ID assigned by your device is transmitted to us and processed. You can revoke this consent at any time in the account settings.

15/ Participation in chats & other communication channels

As part of our range of services, users of our services have the opportunity to communicate with each other via our IT platform, sharing their questions and experience, and motivating each other.

The communication on our IT platform aims to support each other and to receive concrete suggestions on various topics around our range of services. Communication within our services is visible to all users and therefore publicly available. What is posted and published on the public part of our services can be viewed by all participants using the service or chat.

When using our services and the communication channels within them, we will process your name and, if provided by you, your profile picture; the name and the profile picture appear with all publications of the respective person and are visible to all participants.

If you make personal information “public” on our services to other users or us, you agree that your personal information will be stored, disclosed and used. This includes any personal information that you provide to us voluntarily and that is considered sensitive under applicable law.

16/ Participation in challenges

You can participate in challenges through our services. All participants of a challenge work on the same goal given by the provider of the challenge. By participating in a challenge, your name, profile picture, and individual progress will be posted within this challenge and made available to users of our services. Your performance, calculated on the basis of your target achievement rate, will be listed in a publicly accessible leaderboard.

17/ Participation in groups

You can join groups through our services. All participants in a group can publish their individual goals within the group. By participating in a group, the name, profile picture, shared goals including name, comments and progress are published and made available to users of our services and the group.

18/ Participation in coaching

You can connect to a coach through our services. By accepting an invitation, your name, profile picture and e-mail address will be shared with the coach. In addition, you allow the creation, editing and monitoring of goals for you by this coach. As part of a coaching relationship, you can also be assigned to a group or challenge. Within this group or challenge, your name, profile picture, and shared goals, including name, comments, and progress, will be published and made available to users of our services and the group. You can revoke a coaching relationship at any time.

19/ Purposes of data processing

We will process your personal information for the following purposes:

  • to make this website available to you and to further improve and develop this website;
  • to provide you with our services and to further improve and develop these services
  • to respond to your request;
  • to enable you to communicate with other users within our services;
  • to be able to handle any existing contractual relationship with you;
  • to send you our newsletter – if you have subscribed to it.

Your personal data is provided voluntarily or might be required to execute a respective contractual relationship (use of our services, etc.). We collect your personal data only to the extent necessary for the use of our services. If you do not provide us with your personal data, we can not offer you our services (in full) or enter into any contractual relationship with you.

20/ Legal basis of data processing

Article 6 (1) (a) GDPR serves our company as the legal basis for data processing operations, in which we obtain consent for a specific processing purpose.
Is the processing of personal data necessary to fulfill a contract of which you are a party, as is the case, for example, in data processing operations that are required for the provision of a service (settlement of a purchase contract for goods offered by us, participation in a contract, or use of our services), the processing is based on Art 6 para 1 lit b GDPR. The same applies to data processing operations that are necessary to carry out pre-contractual measures, such as in cases of inquiries about our products or services offered by us.

If our company is subject to a legal obligation which requires the processing of personal data, such as the fulfillment of tax obligations, the processing is based on Article 6 (a) (c) GDPR.

In the end, processing operations could be based on Art. 6 para 1 lit. f GDPR. On this legal basis, data processing operations that are not covered by any of the above legal bases are required if the processing is necessary to safeguard a legitimate interest of our company or a third party, unless the interests, fundamental rights and fundamental freedoms of the data subject prevail. Such processing operations are particularly permitted because they have been specifically mentioned by the European legislator. In that regard, it is considered that a legitimate interest could be assumed if the data subject is a customer of the controller (recital 47, second sentence, GDPR). The transmission of direct mail to our customers is based on this legal basis.

21/ Withdrawal of granted consent

You are entitled to withdraw your consent to data processing at any time; the withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

22/ Transmission of your personal data

For the above purposes, we will transfer your personal data to IT service providers and service providers we use. Some recipients are located outside your country or process your personal information there. The data protection level in other countries may not be the same as your country’s. Your personal information obtained when you use our services will be transferred to and stored in the United States. We base ourselves on the legal transfer of personal data to different legal bases, and if applicable, the model contract clauses approved by the EU Commission.

In addition, we are entitled to disclose your personal information if we believe it is appropriate and necessary to comply with laws, regulations and legal procedures or comply with regulatory requests to protect the safety of individuals, to counter fraud, or to resolve security or technology issues or to protect our rights and property or the rights and property of users of our services.

23/ Duration of storage

Usage data, as well as personal data disclosed by users of our services on our IT platform, is stored by us for the duration of the use of the respective services. The personal master data and contact details of our customers will be stored for a period of 7 years after termination of the respective contractual relationship. General non-personal information collected during the visit to our website will be stored for a period of 14 months. A longer storage period will only be used if necessary to investigate detected attacks on our website.

24/ Your rights in connection with personal data

You are, among other things, entitled (under the conditions of applicable law),

  • to check if and what personal data we have stored and to obtain copies of this data;
  • to request the correction, addition or deletion of your personal data that is incorrect or improperly processed;
  • to require us to limit the processing of your personal data, and
  • in certain circumstances, to object to the processing of your personal data or to withdraw the prior consent for processing;
  • to require data portability;
  • to know the identity of third parties to whom your personal data is transmitted to and
  • to file a complaint with the responsible authority.

25/ Our contact information

If you have any questions or concerns regarding the processing of your personal data, please contact us:

onebytezero GmbH
Villefortgasse 13, A-8010 Graz

We use cookies on our website. Some of them are necessary while others help us to improve our online offering. You can accept the cookies that are not necessary by clicking on the "Accept all Cookies" button. It does help us!

Some of the data collected on this website is processed in the USA by Google or Facebook: By accepting all cookies, you also consent in accordance with article 49 (a) GDPR that your data will be processed in the USA. According to EU standards, the USA is assessed by the European Court of Justice as a country with an inadequate level of data protection. In particular, there is a risk that your data may be processed by US authorities for control and monitoring purposes, possibly even without the possibility of redress. If you click on "Accept Essential Cookies", the data collection and transmission described above will not take place.

Read our privacy statement

Accept all Cookies Accept Essential Cookies