Domonkos Áron E. V. ("we", "us", "our") respects your privacy and is committed to protecting personal data of End Users who use our applications and services ("you", "your"). This Privacy Policy describes how we collect, use, disclose, retain, and protect personal data when we interact with Garmin APIs / Garmin Connect (the "API") or otherwise process End User data. This policy is intended to comply with applicable data protection laws and the Garmin Connect Developer Program Agreement.
1. Definitions
End User Personal Data: Personal data about End Users collected or received via the API or via our Applications, including fitness, health, activity, location, and derived data.
Processing: Any operation performed on personal data — collection, storage, modification, disclosure, deletion, etc.
Applicable Data Protection Laws: Any privacy laws to which we are subject (for example: GDPR, national data protection statutes).
Third Country / International Transfer: Transfer of personal data to a country outside the European Economic Area (EEA) or other jurisdictions with different adequacy status.
2. What Data We Collect & Use
We may collect, receive, or otherwise process the following categories of End User Personal Data via the API or our applications:
Heart rate, health, physiological, and sensor data (if permitted by the End User)
Location data (if available / necessary for features)
Derived or aggregated data (eg. averages, trends)
User identifiers and device identifiers
Any other data exposed by the Garmin API and consented to by the End User
We use this data for purposes including (but not limited to):
Displaying, formatting and visualizing data in our Applications
Analytics, insights and trend computations
Providing product features (eg. workout summaries, recommendations)
Account sync, export and user support
Security, abuse detection and compliance
Other purposes disclosed at or before collection
We will not use End User Personal Data in ways inconsistent with this Privacy Policy or without the End User’s consent (or other lawful basis). We do not sell End User Personal Data received via the Garmin API.
3. Consent, Notice & Lawful Basis
We provide clear and conspicuous notice to End Users about the categories of data we collect, processing purposes, sharing, and their rights before data collection.
We obtain any consent required under Applicable Data Protection Laws — or rely on another lawful basis where appropriate (eg. contract performance, legitimate interest).
End Users may withdraw consent where lawfully allowed; after withdrawal we will cease processing unless another lawful basis applies.
4. Disclosure & Transfer of Data
We may disclose End User Personal Data to subprocessors and third parties only for purposes compatible with this Policy and under appropriate contractual safeguards.
Transfers to jurisdictions without an adequacy decision will be protected by appropriate safeguards (eg. Standard Contractual Clauses, Binding Corporate Rules).
We may share aggregated or anonymized data for research and business purposes.
5. Security & Data Protection
We maintain technical and organizational measures to protect End User Personal Data, such as:
Encryption in transit (TLS/HTTPS) and, where appropriate, at rest
Access controls, authentication, and role-based permissions
Security monitoring, audits and vulnerability testing
Incident detection and response procedures
Data minimization and pseudonymization when feasible
In the event of a Personal Data Breach we will comply with legal obligations (eg. GDPR) and notify affected End Users and supervisory authorities as required. We will also notify Garmin (eg. via security@garmin.com or Garmin’s designated contact) promptly — and in accordance with any Garmin Developer Program obligations (typically within 24 hours of awareness where specified).
6. Retention & Deletion
We retain End User Personal Data only as long as necessary for the purposes for which it was collected, or to satisfy legal obligations. End Users may request deletion or anonymization and we will comply unless retention is required by law.
7. End User Rights
Where applicable under local law, End Users have rights including access, rectification, erasure, restriction, objection, portability, and withdrawal of consent. To exercise these rights, End Users may contact us as detailed below. We will respond within the timeframes required by law.
8. Children & Minors
We do not knowingly collect personal data from children without parental consent. If we become aware that a minor has provided personal data without required consent, we will take steps to remove such data in accordance with legal obligations.
9. Changes to This Policy
We may update this Privacy Policy from time to time. The "Effective date" at the top will be updated. Where required, we will notify users of material changes (for example by email or in-app notification).
10. Contact & Complaints
If you have questions, concerns, or wish to exercise your rights, contact us:
If you believe we have violated applicable law, you may also lodge a complaint with your local data protection authority (for example, in Hungary: Nemzeti Adatvédelmi és Információszabadság Hatóság).
11. Garmin-specific Disclosures & Commitments
Notice & Consent to Garmin Transfer: Our application will provide clear notice that End User data may be transferred to Garmin and link to Garmin Connect’s privacy notice. We will obtain express consent from End Users for that transfer where required.
Controller Role & Rights Handling: We act as an independent controller for personal data we collect or process. We will respond to End User rights requests concerning data we control.
No Unauthorized Modification: We will not modify Garmin-provided personal data except for formatting necessary for presentation.
Audit, Cooperation & Reporting: We will cooperate with Garmin and provide information necessary for Garmin to verify compliance with Developer Program obligations. We will notify Garmin promptly of regulatory investigations that concern our use of the API or End User data.
International Transfers: For transfers from the EEA/UK to third countries, we will utilize lawful transfer mechanisms such as Standard Contractual Clauses when required.
Security & Incident Reporting: We commit to Garmin’s Minimum Security Requirements and will report security incidents affecting data or systems interfacing with Garmin as required.
