Over the past fortnight, everyone and their mother has been sharing pictures online of what they might look like in 20 years’ time with the help of FaceApp.
Reading 4000 words on a laptop screen is arduous; on a smartphone screen it is gruelling. In a way, I can’t really blame people who skim read terms and conditions and click ‘I agree’ in their haste to join in the fun that everyone else seems to be having. I have done the same in the past.
Last week I bought a Garmin VivoActive3 sports watch. Procrastinating about having to read those long documents rendered the sports watch an expensive shiny bracelet for a whole week.
Why not all of the companies you work with?
The legal ground for processing your email address for this purpose is based on Garmin’s legitimate interest in protecting the security of your account.
Phrases like ‘legal ground’ ‘processing’ and ‘legitimate interest’ reassure me that this company has got the language of compliance and privacy right.
Your activity data is set to “Private” by default.
Good! This is how it should be.
If you reside in the European Economic Area, U.K. or in Switzerland, the legal ground for this processing is your explicit consent, which you can withdraw at any time within your Garmin account.
Special considerations are made for people residing in the EU in accordance with the GDPR, which I like.
You may withdraw your consent [to receive marketing emails] at any time by changing your preferences in your Garmin account or through the unsubscribe link at the bottom of our marketing emails.
This is good to know
If you choose to upload activity data (such as steps, distance, pace, activity time, calories burned, heart rate, sleep, menstrual cycle information, hydration, music played, etc.) from your Garmin device to your Garmin account and you choose to participate in Insights, then you will be presented with an Insights section in your Garmin account in which you will be provided with recommendations and motivational messages, information…
Some of this information is hyper-personal. How do I stop the watch from recording certain activities in the first place?
If you choose to enable your Garmin account to access accounts you have with other app providers, such as your MyFitnessPal, Strava or TrainingPeaks account…
Good to see they have anticipated how users are likely to use a Garmin product and with which third-party apps.
If you choose to authorize Garmin to permit a third party, such as your wellness program provider, or an app, such as MyFitnessPal, Strava, or TrainingPeaks, to access your activity data in your Garmin account, then we will share such data with the third party. We will not do this without your explicit consent. You can choose to stop sharing data with the third-party app, platform or service provider at any time within your Garmin account.
From time to time, we share or sell activity data in a de-identified and aggregated manner with or to companies that provide Garmin and our customers with content or features for the purpose of enhancing the quality of the content or features they provide, and with or to other third parties for research or other purposes.
What is de-identified data? How is it de-identified? Could I be re-identified? Can I be compensated if data about me is sold? I don’t like this.
We may also transfer your personal data to an affiliate, a subsidiary or a third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of Garmin’s business, assets or stock…
This is what makes me very uncomfortable. I may be perfectly happy with company A’s processing of my data, but if it is taken over by company B and I’m not happy, there’s nothing I can do.
…your personal data will be collected and stored on Garmin International Inc.’s servers in the U.S. Personal data regarding individuals who reside in a country in the European Economic Area ("EEA"), the United Kingdom ("U.K.") or Switzerland is controlled by Garmin Würzburg GmbH and processed on its behalf by Garmin International, Inc., Garmin Services, Inc., and Garmin AT, Inc.
So my data is still processed in the US like all other users but because I live in the UK it goes through German intermediary? What is the benefit of it?
If you have a complaint about our Privacy Shield compliance, please contact us at firstname.lastname@example.org. You can also refer a complaint to our chosen independent dispute resolution body, JAMS, and in certain circumstances, invoke the Privacy Shield arbitration process.
I’m informed of the controller of my data and other residents of the EEA, UK and Switzerland resides in Germany and I’m given their postal and email address so that if I want to I can exercise my right to restrict the processing of my data.
These are my final thoughts. I would like to see a section dedicated to data deletion and see how that can be done across different types of data. And these end user agreements across the board should be much easier to read on a tablet or smarphone.
Ultimately, I agreed to this document, despite the fact that there are some parts I am unhappy with. The user consent process, as it is designed, leaves me with the two stark options. Sign up and shut up or leave it alone. There is currently no room for flexibility but in the very near future there will need to be more consideration given to customers’ wishes with the use of their data instead of the present option of take it or leave it.