Privacy statement for
TANITA App Universe
TABLE OF CONTENTS
This Table of Contents provides an overview of the sections included in this privacy statement for the TANITA App Universe.
- What does this privacy statement cover?
- Who is responsible for using your data?
- When do we use your data?
- What data we use and why
- Retention period
- With whom do we share your data?
- International data transfers
- Security of your personal data
- Cookies and similar technologies
- Data subject rights
- No automated decision-making
- Changes
- Questions and contact
WHAT DOES THIS PRIVACY STATEMENT COVER?
This is the privacy statement of TANITA Europe B.V. (“TANITA”). TANITA maintains a strict privacy policy. We take privacy extremely seriously and treat your personal data with the utmost care and confidentiality. This privacy statement explains how we process the personal data of users of the TANITA App Universe. Personal data is any information relating to you, either directly or indirectly, such as your name or email address. For ease of reading, we will often simply refer to the 'use' of your 'data'.
A consumer (the “Member”) can undergo a body composition analysis at an Institute that offers measurements on a TANITA product that is connected with the TANITA App Universe (“Connected TANITA Product”). By using the TANITA App Universe, measurement data can be recorded over time, presented in clear visual overviews, and used to track progress against (and achievement of) the Member’s goals (if set). A profile is created for each Member that uses a Connected TANITA Product and consents to record the measurements in the TANITA App Universe. A single measurement can be shared with a Member either by email or by scanning a QR code. Depending on the TANITA App Universe version taken out by the Institute, the Member may also be able to access his/her measurements, goals and related visualisations through their own Member login.
Each Institute will have at least one administrative user (the “Admin”). The Admin can add other persons working for the Institute as staff members (“Staff Members”). An Admin and Staff Members can perform measurements for the Members of that Institute and view the measurement results of those Members. In addition, the Admin and Staff Members can also keep track of their own measurements in their personal profile section, similar to regular Members.
WHO IS RESPONSIBLE FOR USING YOUR DATA?
TANITA, whose registered office is in Amsterdam and its principal place of business at Hoogoorddreef 56 E (1101 BE) Amsterdam, is in its capacity of data controller either separately or with an involved institute using a Connected TANITA Product (the “Institute” and jointly with TANITA “we” or “us”) jointly responsible for the use of your data, as set out in this privacy statement. TANITA is the developer and provider of the TANITA App Universe and therefore responsible for the proper performance of the TANITA App Universe and for the storage and security of your data entered into the TANITA App Universe on its servers. The Institute is responsible for the proper entry of your data and for the access to and the storage and security of your data on the devices on which the Institute has installed the TANITA App Universe.
WHEN DO WE USE YOUR DATA?
In this privacy statement, we explain how we handle the data that are processed:
I. when you or the Institute create and use a Member profile in the TANITA App Universe;
II. when you take a measurement at an Institute ;
III. when you have an Admin or Staff Member role in the TANITA App Universe;
IV. When you consent to receiving direct marketing information.
Below, you will find – for each situation – information on what data we use, why we use it (for what purposes) and what our legal basis is for doing so.
WHAT DATA WE USE AND WHY
I. When you create and use a Member profile in the TANITA App Universe
By creating a Member profile in the TANITA App Universe, you and/or the Institute are able to sign up to and use the TANITA App Universe. Your profile in the TANITA App Universe contains the information required to carry out and track measurements. You can either download, sign up to the TANITA App Universe and create a Member profile yourself or have the Institute create a Member profile for you. If the Institute offers the Essential version of the TANITA App Universe, you can view your measurements, goals and trends/analyses at any time by downloading the TANITA App Universe yourself, creating a profile and accepting the Institute’s invitation to join. If the Institute offers the Basic version of the TANITA App Universe, it is not possible to view your measurements yourself in the TANITA App Universe. In such cases, you can only view your measurements on-site at the Institute. You can also ask the Institute to share a single measurement with you via email or by sharing a QR code linked to your measurement.
What data do we use (or might we use, if provided)?
· Personal details: first name, last name, sex, date of birth, age, email address, phone number, password;
· Location details: street, house number, zip code, city;
· Name of the institution joined, if any;
· Data related to the use of the TANITA App Universe (such as date and time stamp)
· Application settings: language, measurement system.
What purposes do we use your data for, and what is the legal basis for this?
We use your data to:
1. provide access to the TANITA App Universe;
2. establish the relationship between a Member (including Admin members and Staff Members) and an Institution;
3. ensure secure access to the TANITA App Universe and to protect against unauthorised access and use of the TANITA App Universe and/or your profile;
4. provide information about the working of the TANITA App Universe and about updates, new features and related activities of the TANITA App Universe. Please note that these messages aim to support you with the use of the TANITA App Universe. We will only send marketing message relating to our products and services if you have consented thereto (see under IV);
5. manage and maintain the TANITA App Universe;
TANITA and the concerned Institute process your personal data for the aforementioned purposes based on the legitimate interest of TANITA and/or the concerned Institute in ensuring the security of your profile and protecting the special personal data it contains. TANITA and the concerned Institute may also use your personal data to send you important information about the TANITA App Universe, such as security updates or significant changes to the privacy policy of TANITA and/or the Institute.
II. When you take a measurement at an Institute using a Connected TANITA Product
Through the TANITA App Universe, an Institute can perform a professional body composition measurement for its Members (including its Admin members and Staff Members). When a measurement is taken, the TANITA App Universe records the measurement data and translates the results into clear and understandable outcomes. The TANITA App Universe can show the results per measurement, compare them with any goals that have been set, display trends based on previous measurements, and present this information in an accessible report. This allows Members and professionals to gain insight into their current physical condition and changes over time.
What data do we use (or might we use, if provided)?
· Personal details: first name, last name, email, sex, date of birth, age, height, activity level, weight of clothing;
· Goals (if any set);
· Number of measurements (if any taken);
· Date of measurement (if any taken)
· Measurement data;
· Notes;
· Body measurements and body composition details in relation to:
o goals (if any) | categorized as weight and fat, muscles and function, hydration and structure, metabolic factors, longevity and prevention;
o current status | categorized in weight and fat, segmented analysis fat, physique rating, body fat distribution, muscle mass, segmented analysis muscle, leg muscle score / body water and bone mass, body composition, metabolic factors, aging factors, segmented analysis phase angle;
o trends | images visualizing the results in various categories and of multiple measurements during a period of time. Weight, BMI, Fat, muscle mass, leg muscle score, TBW, ECW, ICW, bone mass, metabolic age, BMR, visceral fat, phase angle, sarcopenia, ECW/ICW, protein.
What purposes do we use your data for, and what is the legal basis for this?
We use your data to:
1. record measurement data when you use a Connected TANITA Product;
2. set and monitor body composition goals;
3. generate reports with the results of the measurement and generate graphs and visual analyses of the measurements, trends and (where applicable) in relation to the goals over time.
Both TANITA and the Institute do this based on the explicit consent that you have given to them. You can withdraw your consent at any time. If you do so, you will no longer be able to use the TANITA App Universe and your personal data –
except for the personal data as set out under I above – will be deleted.
Upon your request TANITA and/or the Institute may further process and analyze the aforementioned data of you, but the TANITA App Universe will not be used for this purpose. Subsequently, such further processing and analysis of your data will require your separate explicit consent.
III. When you have an Admin or Staff Member account in the TANITA App Universe
Each Institute using the TANITA App Universe has at least one Admin. The Admin can add other professionals affiliated with the Institute and assign them a role as a second Admin or Staff Member. This is done by creating an account and sending them an invite by email to verify his/her Admin or Staff Member account. To accept this role, the invited Staff Member must first create a standard Member profile.
What data do we use (or might we use, if provided)?
The following data is used:
· First name;
· Last name;
· Email address;
· Role;
· Name of the Institute for which the Admin or Staff Member account is created;
· Data related to the use of the TANITA App Universe (such as date and time stamp);
· Application settings: language, measurement system.
What purposes do we use your data for, and what is the legal basis for this?
We use your data to:
1. establish the relationship between an Admin and/or Staff Member and a specific Institute;
2. process, manage and support the roles of Admins and Staff Members within the TANITA App Universe. This includes enabling the concerned Institute to assign roles and permissions within the Institute.
3. allow Admins to add, manage and remove Staff Members;
4. ensure that only authorised Staff Members have access to the TANITA App Universe and the relevant Member data.
Both TANITA and the concerned Institute have a legitimate interest in processing the aforementioned personal data to enable, manage and support professional use of the TANITA App Universe. This includes ensuring secure access, managing user roles and permissions, maintaining the reliability and integrity of the TANITA App Universe, and supporting the day‑to‑day operation of the TANITA App Universe for professional customers.
Furthermore, the concerned Institute has a legitimate interest in processing the aforementioned personal data to organise its internal operations, manage access for authorised Staff Members, and to ensure that only the appropriate and therefore duly appointed professionals affiliated with the concerned Institute can use the TANITA App Universe and access Member data. This processing is necessary to provide professional services, to safeguard Member information, and to ensure the effective and secure use of the TANITA App Universe within the Institute.
IV. When you consent to receiving direct marketing information
TANITA would like to keep you informed about its (newest) products and services for home and professional use. This helps you to be on top of latest developments in TANITA products and services. TANITA will only send such messages after you have given consent thereto.
What data does TANITA use (or might TANITA use, if provided)?
· Personal details: first name, last name, sex, date of birth, email address, phone number;
· Location details: street, house number, zip code, city;
· Application settings: language.
What purposes does TANITA use your data for, and what is the legal basis for this?
TANITA uses your personal data to send you direct marketing information and newsletters from TANITA about our (newest) products, services and apps. TANITA processes your personal data for this purpose based on the consent that you have given to TANITA. You can withdraw your consent at any time. If you do so, you will no longer receive any direct marketing information from TANITA and it will not affect the use of the TANITA App Universe for other purposes.
RETENTION PERIOD
Our guiding principle when retaining data is that we do not keep it for longer than is necessary for its intended purpose. Below is an overview of the retention periods we generally apply.
We may retain data for longer where we have a legitimate interest in doing so, for example, if legal proceedings are ongoing or have been announced and we need to be able to defend ourselves.
Use of the TANITA App Universe (as set out under sub I, II, and III)
Inactive profile
Personal data related to the use of the TANITA App Universe (as set out under sub I, II and III above) is kept as long as the profile is considered active. Your profile is considered inactive if, for a period of one year, no measurement has been performed for you and (for the Essential version and higher) you have not logged into your profile. Once your profile becomes inactive your personal data stored in it will be deleted, unless you reactivate your profile by taking a measurement or logging into your profile.
Termination of use of the TANITA App Universe by the Institute
In addition, all profiles and related personal data associated with an Institute, will be deleted once the concerned Institute has decided to no longer work with the TANITA App Universe.
Deletion of personal data by the Institute
Please note that the Institute may also decide to delete a Member, Staff Member or Admin profile earlier than the usual retention period. This might happen, for example, if a member no longer uses any services from the Institute, or if a professional is no longer connected to the Institute. In such cases, your profile and personal data may be removed sooner, as the Insitute choose to do so.
Deletion of personal data upon your request
You can delete your profile and your personal data stored in it at any time before this period ends via the profile settings in the TANITA App Universe or by contacting TANITA’s support via the contact details provided under “Questions and Contact”. [DB1] [CM2]
When you consent to receiving direct marketing information (as set out under IV)
TANITA uses your personal data for direct marketing only as long as you have given your consent. If you withdraw your consent, your profile is deleted (as set out above) or if you choose to delete your profile, TANITA will stop using your personal data for direct marketing.
You can withdraw your consent at any time, without affecting your use of the TANITA App Universe for other purposes.
WITH WHOM DO WE SHARE YOUR DATA?
We may need to share your data with third parties. We only share personal data where this is necessary to support the purposes described above or where we are legally obliged to do so.
The following parties may process your personal data in specific situations:
- Service providers acting as processors, who support us in operating and maintaining the TANITA App Universe. These parties process personal data only on our instructions and include parties such as:
- app developers, for the development, maintenance and technical support of the TANITA App Universe;
- cloud service providers, for secure storage and processing of data;
- hosting providers, for hosting the TANITA App Universe and related systems;
- email service providers, for sending service‑related and, where applicable, marketing communications.
- Advisors and other expert service providers that we engage to help us comply with our legal obligations and to protect or enforce our rights. This may include parties that provide legal advice, cybersecurity services, or perform security tests such as penetration tests.
- Relevant government authorities and regulators, such as the Dutch Data Protection Authority (Autoriteit Persoonsgegevens), where we are legally required to share your data with them.
All processors are contractually bound to process personal data in a secure and confidential manner and only for the purposes instructed by us.
INTERNATIONAL DATA TRANSFERS
Your personal data is processed and stored exclusively within the European Economic Area (EEA). We do not transfer your personal data to countries outside the EEA.
The personal data that TANITA processes and stores in the TANITA App Universe is only processed and kept within the European Economic Area (EEA). TANITA makes sure that it does not transfer any personal data outside the EEA. However, TANITA cannot control where the Institute processes the data. The Institute may choose to process data outside the EEA. In its arrangements with the Institute, TANITA will make clear that the Institute must handle personal data in a GDPR compliant way and, if personal data is shared or processed outside the EEA, the Institute must take the necessary steps to meet the requirements set out in the GDPR.
SECURITY OF YOUR PERSONAL DATA
We take the security of your personal data very seriously. We have taken technical and organizational measures to protect personal data against unauthorized access, (cyber)crime, loss, destruction or other unlawful use. These measures meet at least the general security standards that apply to organizations like ours. We regularly review our security measures and adjust them where necessary.
If we use third‑party service providers, such as IT suppliers, we make clear agreements with them about appropriate security measures.
We ensure that the professionals affiliated to TANITA and the concerned Institute only have access to personal data when this is strictly necessary for their work. Everyone who has access to personal data and who is not already bound by a legal or professional duty of confidentiality is required to keep this data confidential.
COOKIES AND SIMILAR TECHNOLOGIES
The TANITA App Universe itself does not use cookies in the traditional sense. TANITA uses similar technologies that are strictly necessary to allow you to log in securely and to ensure the proper functioning of the TANITA App Universe. TANITA does not use tracking technologies, analytics cookies or advertising identifiers.
Please find an overview below of technologies used in the TANITA App Universe that may process personal data:
|
Description/name technology |
Personal data processed |
Purposes |
Retention period |
|
Access tokens and refresh tokens issued by our authentication server |
Authentication tokens are linked to a user account and may contain or reference: o A user identifier (e.g. subject / user ID) o Basic authentication-related claims |
Authentication and session management
|
Access tokens: short-lived and expire automatically after 30 minutes. |
|
Server-side diagnostics/telemetry via Azure Application Insights |
o IP address o Device/browser metadata (where applicable) o Request logs, timestamps, and error diagnostics |
Application monitoring, error detection, and performance improvement. No use for advertising or behavioral tracking.
|
30 days |
If you wish to manage your profile, you will be redirected to auth.app.tanita.eu. The following cookies are used on that website.
|
Description/name technology |
Personal data processed |
Purposes |
Retention period |
|
.AspNetCore.Antiforgery.RtGCWVXC8-4 |
none |
To protect the application against Cross-Site Request Forgery (CSRF) attacks. It stores an anti-forgery token that is validated on form submissions and sensitive requests. |
Session |
|
.AspNetCore.Identity.Application |
Email address of the user and the role of the user |
To handle user authentication. It stores an encrypted authentication ticket that allows the application to recognize a user as logged in across requests. |
Session |
DATA SUBJECT RIGHTS
|
Right of access and/or rectification |
By submitting a request, you can ask TANITA what personal data TANITA processes about you, what the purpose of processing is, how TANITA obtained this data and how long TANITA will keep it for. You may also ask TANITA to complete or correct your data. |
|
Right to restriction of processing |
If you believe that the data TANITA holds about you is inaccurate or is being processed unlawfully or is no longer necessary, or if you object to the processing as described below, you have the right to request that TANITA temporarily stops processing your data (or process it only in limited cases) . |
|
Right to erasure |
In certain cases, you may request that TANITA deletes your data. TANITA will always comply with such a request if the processing of your data is based solely on consent. In all other cases, TANITA will assess whether there are reasons preventing complete or partial erasure, such as statutory retention obligations. |
|
Right to data portability |
If TANITA processes your data solely on the basis of your consent or within the framework of a contract concluded with you, you have the right to ask TANITA to transfer that data to you or a third party you designate. In the case of a contract with you, such a transfer is only possible if the contract has been terminated. Please note that data which TANITA processes on other grounds, such as a legal obligation or legitimate interest, is not eligible for transfer. |
|
Right to object |
If TANITA processes your data on the basis of TANITA's legitimate interests, you may request that TANITA ceases doing so. TANITA will then assess whether it can comply with your request. |
|
Right to withdraw your consent |
If TANITA processes data on the basis of your consent, you have the right to withdraw your consent at any time. Withdrawing your consent does not affect the lawfulness of the processing of your data prior to the withdrawal of your consent. |
|
Right to lodge a complaint with the Data Protection Authority
|
If you believe that TANITA is processing your data in breach of the GDPR, you have the right to lodge a complaint with the Data Protection Authority. Please refer to the Data Protection Authority’s website for details on the formalities involved in lodging such a complaint. |
Exercising your rights
You can exercise your privacy rights through the profile management section of the TANITA App Universe, provided this option is available for your specific request. For all requests, you can contact TANITA directly by using the contact details listed under “Questions and Contact”.
If you exercise one of the aforementioned rights, TANITA will inform the concerned Institute(s) thereof and will keep you updated on the response of the concerned Institute(s). The aforementioned does not affect your right to exercise these rights towards the concerned Institute(s) yourself.
NO AUTOMATED DECISION-MAKING
TANITA does not use automated decision-making.
CHANGES
This privacy policy of TANITA may be amended from time to time in response to new developments. The most up-to-date version of the policy can be found at https://tanita.eu/privacy-policy-tanita-app-universe. TANITA recommends that you regularly check this policy so that you are aware of any changes. TANITA will always notify you of any significant changes. The privacy policy always includes the date of the most recent update.
QUESTIONS AND CONTACT
If you have any questions or comments about the processing of your personal data, this privacy statement, or if you would like to exercise your rights as described above, you can contact TANITA using the contact details below:
Email: info@tanita.eu
Postal address: Hoogoorddreef 56E
1101 BE Amsterdam
The Netherlands
You can also use the contact form on TANITA’s website. TANITA will respond as soon as possible.
The current version of this privacy statement was published on 8 May 2026.