Checocheco
FeaturesBlog
DE Get the app

This is an English convenience translation. In the event of any discrepancy, the German version is legally binding.

Privacy Policy for the Checo app

  • Owner
  • ZAFE GmbH
  • Gaisbergstraße 61
  • 5020 Salzburg
  • Austria

  • Email: datenschutz@zafe.at

Privacy Policy

General information

ZAFE GmbH ("we", "us", "our") respects the protection of your personal data. This Privacy Policy informs you about which personal data is collected from you when you use our app Checo ("app"), how we use and share your personal data and how your personal data is protected. This Privacy Policy is provided for your information. Should we require your consent for the collection and processing of your data, we will ask you for it explicitly, separately from this Privacy Policy.

The controller within the meaning of data protection law is:

  • Owner
  • ZAFE GmbH
  • Gaisbergstraße 61
  • 5020 Salzburg
  • Austria

If you have any questions about this Privacy Policy, you can contact us at any time by email (datenschutz@zafe.at).

What personal data do we collect about you and why?

We collect and process personal data from you when you use our app. The data collected serves to enable you to use the app, to improve it and to provide certain features. Below you will find an overview of the personal data we collect and the purposes for which it is used:

Account registration:

When you register for an account in our app, we collect and process the following personal data:

  • Name: We need your name in order to identify you in the app.
  • Email address: Your email address is used to communicate with you and to send you important information about the app.
  • Password: Your password is stored in encrypted form and is used to authenticate your account.
  • Profile picture: You can upload a profile picture to personalise your account.
  • Country and language: We record your country and language settings in order to adapt the app to your preferences.
  • Technical data: We record information about your smartphone and your internet connection in order to run the app correctly and to ensure an optimal user experience.
  • This personal data is processed on the basis of your consent and/or for the performance of our contract with you.
Use of the app:

When you use the app, we collect and process the following personal data:

  • Shopping data: We record information about your purchases in order to give you an overview of your spending and shopping habits.
  • Location data (optional): If you activate the feature for displaying local offers and stores, we record your location data in order to provide you with relevant information.
  • Technical data: We record information about your smartphone and your internet connection in order to run the app correctly and to ensure an optimal user experience.
  • This personal data is processed on the basis of your consent and/or for the performance of our contract with you.
  • Loyalty cards (optional): If you use the feature for storing your loyalty cards in the app, we collect and process the following personal data:
  • Loyalty card information: We record the information from your loyalty cards in order to enable you to manage your loyalty cards conveniently and digitally. This personal data is processed on the basis of your consent.
Contacting us:

If you have questions or concerns and contact us, we collect and process the following personal data:

  • Name: We need your name in order to address you.
  • Email address: Your email address is used to communicate with you and to answer your enquiries.

This personal data is processed in order to handle your enquiries and is based on our legitimate interest in offering you effective customer service.

How do we protect your personal data?

We take appropriate technical and organisational measures to ensure the security of your personal data and to protect it against unauthorised access, loss or theft. These measures include, among others, the use of firewalls, encryption technologies and access controls.

With whom do we share your personal data?

We only share your personal data with third parties where this is necessary to fulfil the purposes stated in this Privacy Policy. This may include the following recipients:

On our website we use Firebase, which includes a web hosting and cloud service, among other things. The service provider is the American company Google Inc. For the European area, the company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services.

Google also processes data about you in the USA, among other places. Google is an active participant in the EU-US Data Privacy Framework, which governs the correct and secure transfer of personal data of EU citizens to the USA. You can find more information about this at https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en.

In addition, Google uses what are known as standard contractual clauses (Art. 46(2) and (3) GDPR). Standard Contractual Clauses (SCC) are model templates provided by the EU Commission and are intended to ensure that your data also complies with European data protection standards when it is transferred to and stored in third countries (such as the USA). Through the EU-US Data Privacy Framework and the standard contractual clauses, Google undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here, among other places: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

Google provides a data processing agreement pursuant to Art. 28 GDPR, which serves as the data protection basis for our customer relationship with Google. In terms of content, it refers to the EU standard contractual clauses. You can find the data processing terms here: https://business.safety.google/intl/en/adsprocessorterms/

  • Legal requirements: We may disclose your personal data if we are legally obliged to do so or if we assume in good faith that disclosure is necessary to comply with our legal obligations, to protect our rights or to ensure the safety of other persons.
How long do we store your personal data?

We store your personal data only for as long as is necessary to fulfil the purposes stated in this Privacy Policy or as required by law. As soon as your personal data is no longer needed, it is deleted or anonymised.

What rights do you have regarding your personal data?

You have the right to information about the personal data we store about you as well as the right to rectification, erasure or restriction of the processing of this data. You can also request a copy of your personal data in order to transfer it to another controller. In addition, you can withdraw your consent to the processing of your personal data at any time, insofar as the processing is based on your consent. Please note, however, that a withdrawal of consent does not affect the lawfulness of the processing carried out before the withdrawal.

To exercise your rights or if you have questions or complaints regarding the processing of your personal data, you can contact us at any time. You can find the contact details at the beginning of this Privacy Policy.

Changes to this Privacy Policy

We reserve the right to change or update this Privacy Policy at any time in order to adapt it to changed legal requirements or technical changes. The respective current version of the Privacy Policy is published on our website. Please review the Privacy Policy regularly to stay up to date.

Severability clause

Should individual provisions of this Privacy Policy be invalid or unenforceable, the remaining provisions shall remain unaffected. In place of the invalid or unenforceable provisions, an effective and enforceable provision that comes closest to the purpose of the original provision shall be deemed agreed.

BlogPrivacy PolicyTerms of UseLegal Notice

© 2026 ZAFE GmbH