Privacy Policy

Auf Deutsch anzeigen

Summary:

This app is able to provide useful information about your smartphone usage and your personality
by actively tracking sensors and providing questionnaires. User data is stored and processed
pseudonymously by Technische Universität Berlin and partners, solely for research purposes. We do
not share your data with third parties. You can drop out by sending us a message via the
feedback button in the app and/or uninstalling the app.

Full content:

1. Introduction

The general goal of this app is to support in answering research questions, relating to, e.g., the
relationship between smartphone data and the personality of the user. All data that is collected
with the app is collected for research purposes only.

2. Data collection

There are four types of data that are collected. We give detailed information about the data in the
following subsections.

2.1 Device data

We collect data about your Android version and your device.

We do this to identify
potential problems with specific devices or Android system versions and to be able to improve
our app.

2.2 Questionnaire data

In order to use all features of the app, you will enter some general information, e.g., age,
gender, highest completed level of education, if you use another phone, where you heard about
the app.

The app contains questionnaires about personality. We might offer some studies that will look
for participants that commit to filling out specific questionnaires for a specific time period.
Details about such studies will be shown in the app. Additional questionnaires might be added in
the future.

If you use the feedback button in the app, you will have the option to enter your email address.
Please note that if you do not enter your email address here, we will not be able to reply to your
feedback.

2.3 Smartphone data

Depending on your Android version, you will be asked by the Android system to grant certain
permissions to our app. In order to use all features of the app, certain permission have to be
granted to the app. When the app is started for the first time, you will see the tile layout. The tiles
visualize the data that is collected by the app. In order to collect and visualize your data, you
have to give some permissions. By tapping on the tile, you can give the permission and start
using the tile.
For some of the data, no extra permission is required and any app on the Android
system can access it (e.g., taken steps, phone unlock events).

In the following, we list the data the app collects from the smartphone. Please note that data that
potentially contains personalized information (user identifier, names of Wifi
networks, contact names or numbers, Bluetooth device addresses) is only stored in hashed form,
see Section 4 and Section 5.
By uninstalling the app, no more data is collected or transferred to
our servers.

• location (the location of your device as indicated by the Android system)
• activity (for example “stationary” or “in a car”, as given by the Android system)
• calls metadata (times and duration of calls)
• steps taken
• music metadata (track, artist, album; if provided by your music player app)
• phone unlock events
• app usage statistics
• app internet data traffic statistics (how many bytes of traffic which app caused)
• battery events
• light sensor ranges
• Wifi events
• Bluetooth events
• metadata of pictures taken (date and pixel size, not the content)
• accelerometer data
• notification metadata (number of notifications by app, not the content)

In the future, this might be extended to include, e.g.:

• settings you set in the app, for example future gamification-related settings

2.4 App usage statistics

Statistics regarding the usage of our app is collected by Google Firebase.
Please refer to
https://firebase.google.com/terms/crashlytics
for their terms and conditions and privacy policy.

The app usage statistics will help
us with improving the app and the user experience.

3. Data storage

The data mentioned in 2.1, 2.2, and 2.3 is transferred to and stored on servers
managed by the TYDR development team of Technische
Universität Berlin. The servers are located in Germany.

You can contact us via the feedback button. If you have questions regarding data protection, data
collection, data usage, or data deletion, please make sure to enter a valid email address in the
feedback form, so we can answer you. For study participants: You can request to withdraw from the
study up to two weeks after the defined ending time of the study. We will then delete your data.
Please make sure to uninstall the app in order to stop the data collection and transfer processes.
Regular users (non-study-participants): You are able to withdraw from using the app for the past two
weeks. Use the feedback button to request the deletion of your data. While you have the app
installed, data is collected and transferred. If you no longer wish to use the app, please make sure to
uninstall it – this will stop all future data collection.

If you want to make use of your GDPR rights, you can use the feedback form to contact us
and request the deletion of all your data. Furthermore, you can export all your
data at any time. For this, in the sidebar menu, tap on: “About” -> “Export all data”.

4. Security and privacy precautions

Whenever we do not need clear text data, we store a salted hash of that data.
This means that the clear text data is irreversibly turned into a meaningless and
unreadable sequence of letters and digits, before it is stored and processed by TYDR.
For example:
We collect data about your phone calls but do not need the names or phone numbers.
We store the data in such a way that we will not be able to see the phone number you called.
To achieve this, we store only a salted hash of those data points. For this purpose, we utilize a
secure state-of-the-art cryptographic hash function (SHA-256).
The calculation of the hash is done on the device before storing or sending the data.

Where possible, we only store metadata, for example for pictures and notifications.
We never store nor transfer pictures or the content of notifications. We only store
metadata like the resolution or date of a picture or the date and app name of a notification.

The data transfer from your phone to the servers managed by the TYDR development team
of Technische Universität Berlin is secured via HTTPS.

5. Data usage

We use the collected data for the described research goal. For the data analysis, we use salted and
hashed pseudonymous identifiers. No analysis that will make individual users personally identifiable
will be made. We aim at publishing our research results in journals, conferences, and workshops. For
this purpose, the data will be processed by us and by our research partners.

6. User agreement

In order to use this app, you agree to the described data collection, storage, and usage. While you
have the app installed, data is collected and transferred. By uninstalling the app, no more data is
collected or transferred to our servers.

Imprint

Service-centric Networking
Technische Universität Berlin
Telekom Innovation Laboratories
Ernst-Reuter-Platz 7
10587 Berlin
Germany

Contact person: Felix Beierle

This work has received funding from project DYNAMIC
(grant No 01IS12056), which is funded as part of the Software
Campus initiative by the German Federal Ministry of Education and Research (BMBF).
www.tydr.de
www.dynamic-project.de

Additional funding was received by the Digital Society Initiative (DSI)
of the University of Zürich.
https://www.dsi.uzh.ch/en.html