Terms & Privacy

Thank you for your interest in our mobile app. The protection of your personal data is of the utmost importance to us. We would therefore like to take this opportunity to inform you about data protection at TheSignsCO, L.L.C. (hereinafter "TheSignsCO, L.L.C."). This privacy policy relates exclusively to the use of the Signs app.

We undertake to treat the information provided by you at all times with the greatest care, the greatest sense of responsibility and in compliance with the applicable data protection regulations.

Responsible person

Responsible person within the meaning of the General Data Protection Regulation and other applicable data protection laws and regulations is:


TheSignsCO, L.L.C.

The state of Delaware is located at 16192 Coastal Highway, Lewes, Delaware 19958, County of Susses.


If you have any questions regarding the processing of your personal data or would like to exercise your rights in terms of the General Data Protection Regulation, please contact us.

Your rights

You have the following rights in relation to us regarding personal data relating to you:

  • Right of access,
  • Right to rectification or erasure,
  • Right to restriction of processing,
  • Right to object to processing,
  • Right to data portability.

You also have the right to lodge a complaint about our processing of your personal data. To exercise your rights regarding the personal data concerning you, please contact us using [Insert e-mail address].

Storage and use of personal data when using the Signs app

Data collection on user behaviour when using the app for the first time

When the app is used for the first time ("onboarding", completed with acceptance of our Terms and Conditions and our Privacy Policy), data on user behaviour is collected for static evaluations (legal basis is Art. 6 para. 1 lit. f GDPR). For these analyses, the following data is transmitted in encrypted form to our servers.

  • IP address,
  • the end device used,
  • operating system used, as well as its version number and the language set,
  • Date and time as well as the time zone as set in the device,
  • Version number of the app,
  • Your randomly generated user ID,
  • Your performed action.

An abbreviated IP address is created for anonymisation, which is carried out automatically immediately after transmission to TheSignsCO, L.L.C., so that it is no longer possible to draw conclusions about your person. The full IP address transmitted to us is deleted during this process. This process takes place immediately after receipt of the data on the TheSignsCO, L.L.C. server (usually within one second). The shortened IP address is used to determine an approximate location ("IP geolocation", maximum first 3 digits of the postcode). This usually happens within a few seconds, in exceptional cases within a maximum of one hour. Afterwards, the shortened IP address is also automatically deleted.

Stored data

When you use the Signs app on your end device, the data you enter is stored on our servers in encrypted form.

Collected data

When you set up the Signs app, the data inserted is transferred to the TheSignsCO, L.L.C.. Depending on the scope of the data you insert, these may include, but are not limited to:

  • General data (First and Last name, phone number, date of birth, wakeup and bed time, email, Weight, Hight, Gender, National ID number, and Insurance number(s)),
  • Medications and Medication Schedule (drug names, dosage form, dosage, times of intake),
  • Information about your relative (First & Last name, National ID numbers, insurance number(s), Relationship Status).
  • Appointment Data (Booked appointments including date and time, Name of your Doctor, Name of the Hospital or Clinic).

Data transmission to/from used services

Your IP address is transmitted with every active internet connection. Without this, data transmission is technically not possible.

Data collection in the Google Play Store or Apple App Store

When you download the app, the required information is transferred to the Play Store or App Store, i.e. in particular the user name, e-mail address and customer number of your store account, the time of the download, payment information and the individual device identification number. 

We have no influence on this data collection and are not responsible for it. For more information on this data transfer, please contact your store provider directly.

TheSignsCO, L.L.C. does not receive any information about your App Store or Google Play account, nor does it receive any payment data.

Use of the available health care providers function 

When you perform a search on available health care providers, the following data is transmitted:

  • Domain name,
  • the IP address of the requesting computer (stored for up to 24 hours to protect against data scraping),
  • the access date or time,
  • the client's file request (file name and URL),
  • the HTTP response code,
  • the website or application from which you are accessing the service,
  • the number of bytes transferred during the connection.

Data transmission to TheSignsCo, L.L.C

After onboarding, the Signs app sends its technical data, data on user behaviour and the user's data concerned to the TheSignsCO, L.L.C. servers for each user action. This is always done in encrypted form and only in accordance with your express consent. The purpose of this transmission is the anonymisation of the transmitted data as described below. Only after this anonymisation will the data be used for analyses.

Push notification

If you use the Signs app via a push-enabled device, you can consent to the "push notification" option. This allows us to send you notifications as needed: e.g. information about updates, useful tips. For secure assignment of the messages to your end device, only a unique connection number randomly generated from your device ID (so-called push token) is transmitted to  TheSignsCO, L.L.C.. The identity of the end device and the user is therefore not known to us.

Data transmission in the context of contact requests

In the context of contact enquiries via the app, you transmit the following to us

  • Your full name,
  • your e-mail address,
  • the app version number,
  • the operating system with version number,
  • the language in which the Signs app is used,
  • the time of the query.

Without this data, a contact request in the Signs app and the processing of your request is not possible. We use the data to process your query and thus answer your questions and solve your problems. If you contact us by e-mail or telephone, we will only receive the data that you transmit to us.

Release of data to third parties

The user has the possibility to share the health care providers’ details by active release. The responsibility for sharing and allowing access to the data lies solely with the user.

If you us our services to contact our selected health care providers directly,we will process your personal data exclusively for the purpose of connecting you to the relevant service provider. The legal basis for this is Art. 6 Para. 1 b) GDPR, in order to fulfil the corresponding contract or on the basis of Art. 6 Para. 1 f) GDPR in the legitimate interest of answering to answer questions addressed to us. We delete this data when we no longer legal obligation or when it is no longer required for the assertion, exercise or defence of claims, assertion, exercise or defence of legal claims within the framework of the regular data retention requirements. 

Deletion of data

The data we process will be deleted or its processing restricted in accordance with Articles 17 and 18 of the GDPR. Unless expressly stated within the scope of this privacy policy, the data stored by us will be deleted as soon as it is no longer required for its intended purpose and the deletion does not conflict with any statutory retention obligations. If the data is not deleted because it is required for other and legally permissible purposes, its processing will be restricted. I.e. the data is blocked and not processed for other purposes. This applies, for example, to data that must be retained for reasons of commercial or tax law.

Disclosure and transmission of data

If, in the course of our processing, we disclose data to other persons and companies (order processors or third parties), transmit it to them or otherwise grant them access to the data, this will only be done on the basis of a legal permission (e.g. if a transmission of the data to third parties, such as to payment service providers, is necessary for the performance of the contract pursuant to Art. 6 (1) (b) GDPR), you have consented, a legal obligation provides for this or on the basis of our legitimate interests (e.g. when using agents). e.g. when using agents, hosting providers, tax, business and legal advisors, customer care, accounting, billing and similar services that allow us to efficiently and effectively fulfil our contractual obligations, administrative tasks and duties).If we commission third parties to process data on the basis of a so-called "processing agreement", this is done on the basis of Art. 28 GDPR.

Also, our application is using a number of Google`s Firebase features including SMS Authentication, Google Analytics, Firebase Crashlytics and Firebase Performance Monitoring. The information which you supply to in such cases is not within our control and is subject to Google`s Firebase Privacy Policy .

We may transfer (assign) our obligations and rights under this policy to a third party (this may happen, for example, if we sell our business).  If this occurs you will be informed by us in writing.  Your rights under this policy will not be affected and our obligations under this policy will be transferred to the third party who will remain bound by them.

Security measures

We take appropriate technical and organisational measures to ensure a level of protection appropriate to the risk in accordance with Article 32 of the GDPR, taking into account the state of the art, the costs of implementation and the nature, scope, circumstances and purposes of the processing, as well as the varying likelihood and severity of the risk to the rights and freedoms of natural persons;

The measures include, in particular, ensuring the confidentiality, integrity and availability of data by controlling physical access to the data, as well as access to, input, disclosure, ensuring availability and segregation of the data. We also have procedures in place to ensure the exercise of data subjects' rights, deletion of data and response to data compromise. 

Furthermore, we already take the protection of personal data into account during the development and selection of hardware, software and procedures, in accordance with the principle of data protection through technology design and through data protection-friendly default settings (Art. 25 GDPR).

The security measures include in particular the encrypted transmission of data between your device and our server.

Relevant legal basis

In accordance with Article 13 of the GDPR, we inform you of the legal basis for our data processing. If the legal basis is not mentioned in the privacy policy, the following applies: The legal basis for obtaining consent is Art. 6(1)(a) and Art. 7 GDPR, the legal basis for processing for the performance of our services and implementation of contractual measures and answering queries is Art. 6(1)(b) GDPR, the legal basis for processing for the performance of our legal obligations is Art. 6(1)(c) GDPR, and the legal basis for processing for the protection of our legitimate interests is Art. 6(1)(f) GDPR. In the event that vital interests of the data subject or another natural person require the processing of personal data, the legal basis is Art. 6 (1) (d) GDPR.

Your rights as a data subject

Withdrawal of your consent - As a data subject, you have the right to withdraw your consent once given to TheSignsCO, L.L.C. at any time in accordance with Art. 7 (3) of the GDPR. This means that we may no longer process your personal data. After revocation of consent, processing that was lawful in the past remains lawful.

Objection - Insofar as your personal data is processed on the basis of legitimate interests pursuant to Art. 6 (1) f) GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR, if there are reasons for doing so which arise from your particular situation. This is the case if the processing is not necessary, in particular, for the performance of a contract with you, which is shown in each case in the following description of the functions. When exercising such an objection, we ask you to explain the reasons why we should not process your personal data as we have done. 

In the event of your justified objection, we will review the merits of the case and either cease processing the data, amend it or show you our compelling legitimate grounds for continuing to process it.

You can lodge your objection by post or by sending a simple e-mail. Of course, you can also object to the processing of your personal data for the purposes of advertising and data analysis at any time. We will also inform you of how you can object at the time of use. 

Information - In accordance with Art. 15 of the GDPR, you can obtain information about your personal data processed by TheSignsCo free of charge upon request. The information will inform you about:

  • the purposes of processing,
  • the category of personal data,
  • the categories of recipients to whom the data has been or will be disclosed,
  • the intended storage period,
  • the existence of a right to rectification, erasure, restriction of processing or objection,
  • the existence of a right of appeal
  • the origin of your data, if it has not been collected by us, any existing automated decision-making including profiling.

Correction - In accordance with Article 16 of the GDPR, you can request correction if we store your personal data incorrectly or incompletely.

Erasure - Pursuant to Art. 17 GDPR, you may request the erasure of your personal data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the assertion, exercise or defence of legal claims. 

Restriction - Pursuant to Art. 18 GDPR, you have the right to request the restriction of the processing of your personal data, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you object to its erasure and we no longer require the data, but you need it for the assertion, exercise or defence of legal claims or you have objected to the processing pursuant to Art. 21 GDPR.

Data portability - In accordance with Art. 20 GDPR, you will receive your personal data that you have provided to us in a structured, common and machine-readable format. You may request their transfer to another controller, provided that this is technically possible for us.

Complaint - You are entitled to complain to a supervisory authority under Article 77 of the GDPR if you consider that the processing of your personal data infringes the GDPR. As a rule, you can contact the supervisory authority at your usual place of residence, place of work or the place of an alleged breach.

Economic Analyses

In order to run our business economically, to identify market trends, customer and user wishes, we analyse the data available to us on business transactions, contracts, enquiries, etc. In doing so, we process inventory data, communication data, contract data, payment data, usage data, metadata on the basis of the above stated regulations, whereby the persons concerned include customers, interested parties, business partners, visitors and users of the online offer. The analyses are carried out for the purposes of business management evaluations, marketing and market research. 

In doing so, we may take into account the profiles of registered users with details, for example, of their purchasing transactions. The analyses serve us to increase user-friendliness, to optimise our offer and business efficiency and are not disclosed externally, unless they are anonymous analyses with summarised values.

If these analyses or profiles are personal, they will be deleted or made anonymous upon termination by the user, otherwise after two years from conclusion of the contract. In all other respects, the macroeconomic analyses and general trend determinations are prepared anonymously wherever possible.

Direct marketing

From time to time we may use the personal information we collect from you to identify particular products offers which we believe may be of interest to you. We may contact you to let you know about these products and services and how they may benefit you.

You may give us your consent in a number of ways including by selecting a box on a form where we seek your permission to send you marketing information, or sometimes your consent is implied from your interactions or relationship with us. Where your consent is implied, it is on the basis that you would have a reasonable expectation of receiving a marketing communication based on your interactions or relationship with us.

Direct Marketing from generally takes the form of e-mail but may also include other less traditional or emerging channels. Every directly addressed marketing form sent or made by us or on our behalf should include a means by which customers may unsubscribe (or opt out) of receiving similar marketing in the future. You can ask us to remove or amend any previous consent you provided by contacting us.


This Privacy Policy and our commitment to protecting the privacy of your personal data can result in changes to this Privacy Policy. Please regularly review this Privacy Policy to keep up to date with any changes.

Queries and Complaints 

Any comments or queries on this policy should be directed to us using the following contact details.


TheSignsCO, L.L.C.

The state of Delaware is located at 16192 Coastal Highway, Lewes, Delaware 19958, County of Susses.