DO YOU HAVE QUESTIONS? WE WILL ADVISE YOU FREE OF CHARGE! +49 6184 9314-0 📞

🧾 KLARNA AND PAYPAL - 100% SECURE PAYMENT

FREE SHIPPING AND RETURNS 🚚

RIVON App Privacy Policy

I. Name and Address of the Controller

The controller, within the meaning of the General Data Protection Regulation and other national data protection laws of the member states, as well as other data protection provisions, is:
 
D-Parts GmbH
Birkenweiher Str. 16
63505 Langenselbold 
Germany
Tel.: 06184-93140
E-mail: datenschutz@d-parts.de
Website: www.d-parts.de

II. General Information on Data Processing

1. Scope of Processing of Personal Data

We generally collect and use our users' personal data only to the extent necessary to provide the following services, products, and the associated mobile application "RIVON". The collection and use of our users' personal data usually only takes place with the user's consent. An exception applies in cases where prior consent cannot be obtained for factual reasons and the processing of the data is permitted by law. 

2. Legal Basis for Processing Personal Data

Insofar as we obtain the consent of the data subject for processing operations of personal data, Art. 6 para. 1 lit. a of the EU General Data Protection Regulation (GDPR) serves as the legal basis for processing personal data.
 
For the processing of personal data required for the performance of a contract to which the data subject is a party, Art. 6 para. 1 lit. b GDPR serves as the legal basis. This also applies to processing operations that are necessary for carrying out pre-contractual measures.
 
Insofar as the processing of personal data is necessary for compliance with a legal obligation to which our company is subject, Art. 6 para. 1 lit. c GDPR serves as the legal basis.
 
If the processing is necessary for the purposes of the legitimate interests pursued by our company or by a third party, and such interests are not overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, Art. 6 para. 1 lit. f GDPR serves as the legal basis for the processing. 

3. Data Deletion and Storage Period

The personal data of the data subject will be deleted or blocked as soon as the purpose of storage ceases to apply. Storage may also take place if this has been provided for by the European or national legislator in Union regulations, laws, or other provisions to which the controller is subject. The data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or performance of a contract.

III. Provision of the Service and Creation of Log Files

1. Description and Scope of Data Processing

When using our mobile application "RIVON" and associated "devices" which have a human-machine interface and communicate wirelessly via Bluetooth, data and information are automatically provided by us to computer systems. 
The following data is collected:
When using the "RIVON" mobile application, you can enter the following personal information, which is stored securely on the smartphone:
  1. Device Information: When using our products, device information such as the MAC address of the devices, public IP address in pseudonymized form, firmware version, and update information are automatically processed.
    1. Gender
    2. Date of birth
    3. Height
    4. Weight
    5. Stride length
    6. Daily step goal
    7. Physiological cycle data

The data is used to provide accurate fitness data and to provide features of the "Wearable Devices". The data is transmitted to the "Wearable Devices" via a secure Bluetooth connection and is not shared with any of our servers or third parties.


When using the "RIVON" mobile application in conjunction with "Wearable Devices", the following fitness data may be processed:

    1. Steps
    2. Distance
    3. Calories
    4. Metabolic equivalent
    5. Daily step goal
    6. Sleep
    7. Heart rate
    8. Blood pressure
    9. Blood oxygen
    10. Sports activities

The data is transmitted to/from the "Wearable Devices" and the connected smartphone via a secure Bluetooth connection and is not sent to our servers or to third parties.

When using the weather function within the "RIVON" mobile application, the location (city) you enter into the mobile application is sent to Yahoo's weather service. Please refer to Verizon Media's privacy policy to understand how they process your data: https://www.verizonmedia.com/policies/ie/de/verizonmedia/privacy/index.html

If you use the route function within the "RIVON" mobile application, your current location (approximate/exact position) is sent to the Google Maps service to visually display the map of your route. Please refer to Google's privacy policy to understand how Google processes your data: https://policies.google.com/privacy?hl=de. You can change your location access when you first launch the app, as well as at any time in your smartphone's settings, and determine whether the mobile application is allowed to use your location in the background.

2. Legal Basis for Data Processing 

The legal basis for the temporary storage of data is Art. 6 para. 1 lit. f GDPR. 

3. Purpose of Data Processing

• Provision of services: Device information to provide you with our products and services that you have requested.
• Improvement of our services: We process your device information to ensure the functionality of our products, to develop and improve our products and services, and to analyze the effectiveness of our activities.

For the use of all services: The temporary storage of the IP address by the system is necessary to enable the delivery of the website to the user's computer. For this, the user's IP address must remain stored for the duration of the session. 
 
These purposes also represent our legitimate interest in data processing pursuant to Art. 6 para. 1 lit. f GDPR.

4. Duration of Storage

We process your personal data for the minimum period required for the purposes listed in this privacy policy, unless there is a specific legal requirement for us to store the data for a longer period. We determine the appropriate retention period based on the quantity, origin and sensitivity of your personal data, and at the end of the retention period we destroy your personal data. If we are unable to do so for technical reasons, we will ensure that appropriate measures are in place to prevent further use of your personal data.

5. Option to Object and Remove

The collection of data for the provision of the website and the storage of data in log files is absolutely necessary for the operation of the website. Consequently, there is no possibility for the user to object. 

IV. Use of Cookies

1. Description and Scope of Data Processing

When accessing websites via the "RIVON" app, cookies are used. Please refer to the privacy policy on the respective website. Cookies are text files that are stored in the internet browser or by the internet browser on the user's computer system. If a user calls up a website, a cookie can be stored on the user's operating system. This cookie contains a characteristic string of characters that enables unique identification of the browser when the website is called up again.
 
We use cookies to make our website more user-friendly. Some elements of our website require that the calling browser can be identified even after a page change. 
The following data is stored and transmitted in the cookies:
  1. Session ID
  2. Language ID
  3. Currency ID
  4. Cookie Consent

2. Legal Basis for Data Processing 

The legal basis for the processing of personal data using cookies is Art. 6 para. 1 lit. f GDPR.

3. Purpose of Data Processing

The purpose of using technically necessary cookies is to simplify the use of websites for users. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary that the browser is recognized again after a page change.
We need cookies for the following applications:
  1. Session ID (to recognize the website visitor until the browser is closed)
  2. Status of the info banner regarding consent to the use of cookies
The user data collected through technically necessary cookies is not used to create user profiles.
 
These purposes also represent our legitimate interest in the processing of personal data pursuant to Art. 6 para. 1 lit. f GDPR. 

4. Duration of Storage, Option to Object and Remove

Cookies are stored on the user's computer and transmitted from there to our site. Therefore, as a user, you have full control over the use of cookies. By changing the settings in your internet browser, you can disable or restrict the transmission of cookies. Cookies that have already been stored can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to fully use all functions of the website.

V. Web Analysis Service Matomo

1. Description and Scope of Data Processing

Our website uses Matomo (formerly Piwik), an open-source software for the statistical analysis of visitor access. Matomo uses cookies that are stored on your computer and enable an anonymized analysis of your use of the website. It is not possible to draw conclusions about a specific person, as your IP address is anonymized immediately after processing and before storage.

2. Legal Basis for Data Processing 

The legal basis for the processing of personal data using cookies is Art. 6 para. 1 lit. f GDPR.

3. Purpose of Data Processing

The use of Matomo serves the purpose of improving the quality of our website and its content. This tells us how the website is used and allows us to continuously optimize our offerings.

4. Duration of Storage, Option to Object and Remove

The cookies used by Matomo are stored on the user's computer and transmitted from there to our site. Therefore, as a user, you also have full control over the use of cookies. Cookies that have already been stored can be deleted at any time. This can also be done automatically.
You can object to the storage and evaluation of this data by Matomo at any time. In this case, a so-called opt-out cookie will be permanently stored in your browser, which causes Matomo to not collect any data for storage and evaluation. However, if you delete this cookie intentionally or unintentionally, the objection to data storage and evaluation will also be removed and can be changed as follows.

 

You have the option to prevent actions you take here from being analyzed and linked. This will protect your privacy, but will also prevent the owner from learning from your actions and improving usability for you and other users.

 

Alternatively, most modern browsers have a so-called "Do Not Track" option, which allows them to tell websites not to track your user activities. Matomo respects this option.

VI. Rights of the Data Subject

If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis the controller:

1. Right of Access

You can request confirmation from the controller as to whether personal data concerning you is being processed by us. 
 
If such processing exists, you can request the following information from the controller:
  1. the purposes for which the personal data are processed;
  2. the categories of personal data concerned;
  3. the recipients or categories of recipients to whom the personal data concerning you have been or will be disclosed;
  4. the planned duration of the storage of the personal data concerning you or, if specific information on this is not possible, criteria for determining the storage period;
  5. the existence of a right to rectification or erasure of the personal data concerning you, a right to restriction of processing by the controller, or a right to object to such processing;
  6. the existence of a right to lodge a complaint with a supervisory authority;
  7. any available information as to their source where the personal data are not collected from the data subject;
  8. the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.
You have the right to request information as to whether the personal data concerning you is transferred to a third country or to an international organization. In this context, you can request to be informed about the appropriate safeguards pursuant to Art. 46 GDPR in connection with the transfer.

2. Right to Rectification 

You have a right to rectification and/or completion vis-à-vis the controller, insofar as the processed personal data concerning you is inaccurate or incomplete. The controller must make the rectification without undue delay.

3. Right to Restriction of Processing

Under the following conditions, you can request the restriction of the processing of personal data concerning you:
  1. if you contest the accuracy of the personal data concerning you for a period enabling the controller to verify the accuracy of the personal data;
  2. the processing is unlawful and you oppose the erasure of the personal data and request instead the restriction of their use;
  3. the controller no longer needs the personal data for the purposes of the processing, but you require them for the establishment, exercise or defense of legal claims, or
  4. if you have objected to processing pursuant to Article 21(1) GDPR pending the verification whether the legitimate grounds of the controller override your grounds.
If the processing of your personal data has been restricted, such data may, with the exception of storage, only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.
If the restriction of processing has been restricted according to the above conditions, you will be informed by the controller before the restriction is lifted.

4. Right to erasure

a) Obligation to erase

You can demand from the controller that your personal data is erased without undue delay, and the controller is obliged to erase this data without undue delay, if one of the following reasons applies:
  1. The personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed.
  2. You withdraw your consent on which the processing was based in accordance with Art. 6 para. 1 lit. a or Art. 9 para. 2 lit. a GDPR, and there is no other legal basis for the processing.
  3. You object to the processing in accordance with Art. 21 para. 1 GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing in accordance with Art. 21 para. 2 GDPR.
  4. The personal data concerning you has been unlawfully processed.
  5. The erasure of the personal data concerning you is necessary for compliance with a legal obligation under Union law or Member State law to which the controller is subject.
  6. The personal data concerning you has been collected in relation to the offer of information society services referred to in Art. 8 para. 1 GDPR.

b) Information to third parties

If the controller has made the personal data concerning you public and is obliged to erase them pursuant to Art. 17 para. 1 GDPR, the controller shall, taking account of available technology and the cost of implementation, take reasonable steps, including technical measures, to inform controllers who are processing the personal data that you, as the data subject, have requested the erasure by such controllers of any links to, or copy or replication of, those personal data.

c) Exceptions

The right to erasure does not apply to the extent that processing is necessary
  1. for exercising the right of freedom of expression and information;
  2. for compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
  3. for reasons of public interest in the area of public health in accordance with Art. 9 para. 2 lit. h and i and Art. 9 para. 3 GDPR;
  4. for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Art. 89 para. 1 GDPR in so far as the right referred to in section a) is likely to render impossible or seriously impair the achievement of the objectives of that processing; or
  5. for the establishment, exercise or defence of legal claims.

5. Right to information

If you have asserted the right to rectification, erasure or restriction of processing against the controller, the controller is obliged to communicate this rectification or erasure of data or restriction of processing to all recipients to whom the personal data concerning you have been disclosed, unless this proves impossible or involves disproportionate effort.
 
You have the right to be informed about these recipients by the controller.

6. Right to data portability

You have the right to receive the personal data concerning you, which you have provided to the controller, in a structured, commonly used and machine-readable format. You also have the right to transmit this data to another controller without hindrance from the controller to whom the personal data has been provided, provided that
  1. the processing is based on consent pursuant to Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR or on a contract pursuant to Art. 6 para. 1 lit. b GDPR and
  2. the processing is carried out by automated means.
In exercising this right, you also have the right to have the personal data concerning you transmitted directly from one controller to another, where technically feasible. This must not adversely affect the rights and freedoms of other persons.
 
The right to data portability does not apply to processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

7. Right to object

You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on Art. 6 para. 1 lit. e or f GDPR, including profiling based on these provisions.
 
The controller shall no longer process the personal data concerning you unless the controller demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.
 
Where personal data are processed for direct marketing purposes, you have the right to object at any time to processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing.
 
If you object to the processing for direct marketing purposes, the personal data concerning you will no longer be processed for these purposes.
 
In the context of the use of information society services, and notwithstanding Directive 2002/58/EC, you may exercise your right to object by automated means using technical specifications.

8. Right to withdraw consent under data protection law

You have the right to withdraw your declaration of consent under data protection law at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

9. Automated individual decision-making, including profiling

You have the right not to be subject to a decision based solely on automated processing – including profiling – which produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision
  1. is necessary for entering into, or performance of, a contract between you and the controller,
  2. is authorised by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests, or
  3. is based on your explicit consent.
However, these decisions shall not be based on special categories of personal data referred to in Art. 9 para. 1 GDPR, unless Art. 9 para. 2 lit. a or g applies and suitable measures to safeguard your rights and freedoms and legitimate interests are in place.
 
In the cases referred to in (1) and (3), the controller shall implement suitable measures to safeguard your rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the controller, to express his or her point of view and to contest the decision.

10. Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR.
 
The supervisory authority with which the complaint has been lodged shall inform the complainant on the progress and the outcome of the complaint including the possibility of a judicial remedy pursuant to Art. 78 GDPR.

Submit Withdrawal Request

Please fill out the following form to submit your withdrawal request.

EU Widerrufsbutton logo Learn more about EU Withdrawal Button

© 2026 Fontastic, by D-parts GmbH

  • American Express
  • Apple Pay
  • EPS
  • Google Pay
  • Klarna
  • Maestro
  • Mastercard
  • PayPal
  • Shop Pay
  • Union Pay
  • Visa

Login

Forgot your password?

Don't have an account yet?
Create account