With this privacy policy, nookyyy.com (hereinafter referred to as “we” or “us“) informs you about the processing of your personal data (hereinafter also referred to as “data“) when visiting our website https://nookyyy.com and using our services.
Furthermore, you will receive information about your rights. Data protection is of great importance to us and we naturally comply with the applicable data protection regulations, especially the European General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG). Our website and our services are not intended for children under 16 years of age.
If you do not understand the terms we use in this privacy policy, our explanations under “Help with Data Protection Terms” may help you. However, if you have any questions about data protection, please feel free to contact us (informally) using the contact details provided below.
Responsible for data processing is:
TOS Marketing & Event UG, Dorfstraße 1, 24245 Kirchbarkau, Germany, Tel. +49 04302 969455, info@nookyyy.com
Data Protection Officer is:
TOS Marketing & Event UG, Dorfstraße 1, 24245 Kirchbarkau, Germany, info@nookyyy.com
I. Data Processing During Your Visit to Our Website
In connection with your visit to our website, we process personal data from you. This is done for the purposes and to the extent described below. We only pass on your data as described below.
During your visit to our website, we automatically collect and process data from you to provide our website and the services offered through it.
To provide our website, we collect and process the following data from you:
- Date and time of your access
- The address of the website from which you came to us
- The websites you visit with us
- Information about your internet browser (browser type and version)
- The operating system of the device with which you access our website and services
- Your Internet service provider
These information are stored by us in log files for security reasons and deleted after 30 days. The data in the log files are stored separately from other data from you.
Longer storage only occurs in individual cases (e.g., in cases of suspicion of abuse or fraud). In these cases, the respective log files are stored until the matter is clarified and subsequent necessary measures are completed.
To provide you with our website and the services offered through it, we use service providers who process your data specified in this privacy policy exclusively on our behalf and according to our instructions (so-called processors according to Article 28 GDPR) and have taken appropriate technical and organizational measures to protect your rights. These include:
- For the hosting of the domain & website including related services:
- Host Europe GmbH
Hansestrasse 111
51149 Cologne
Germany - STRATO AG
Pascalstraße 10
10587 Berlin
Germany
The legal basis for processing your data to provide our website and services is Article 6 (1) sentence 1 letter f) GDPR. We have a legitimate interest in processing your data so that we can offer you our website and the services provided through it in a technically flawless, secure, and optimized manner according to your needs. The data of the server log files are stored separately from other data.
During your visit to our website, we also collect and use data from you so that you can use our website and services more comfortably and to measure and improve the effectiveness of our marketing activities. We also use so-called cookies and cookie-like technologies such as pixel tags (i.e., small transparent graphics, also known as web beacons). Cookies are small text files that are stored on your device via your internet browser. You can learn more about the term and function of cookies and other data protection and technical terms below under “Help with Data Protection Terms.”
Furthermore, you can also generally deactivate the use of cookies in your browser settings. However, without the use of cookies, some functions of this website may not or not as comfortably work as usual.
More about the use of cookies can be found in this privacy policy at the respective place related to the use of cookies. You can also find more information about cookies and the individual providers on the websites http://www.meine-cookies.org and http://www.youronlinechoices.com, and in particular, object to the use-based online advertising at http://www.youronlinechoices.com/de/praferenzmanagement/.
You have the opportunity to contact us in various ways. This includes, in particular, contacting us via the forms on our website and by email. The data processing that takes place when you contact us can, depending on the content of your message, serve different purposes. As a rule, we store and process the data provided to handle the matter for which you contacted us. In this case, your data may also be stored and processed in a customer management system.
Something different only applies if the content of your contact directly serves to carry out a contractual relationship between us. In these cases, we base the processing of your data on Article 6 (1) sentence 1 letter b) GDPR.
Your data stored in connection with the contact will be deleted as soon as they are no longer required and as far as they are not subject to any legal retention obligations. The review of whether storage is necessary takes place at least annually.
On our website, we use spam checking at several points, which should protect us from unwanted automated entries by third parties and the corresponding spam volume. In particular, you will be asked to enter a letter or number sequence in a field (so-called captchas). In this context, your IP address is processed.
We use the service “Friendly Captcha” (Friendly Captcha GmbH, Am Anger 3-5, 82237 Woerthsee, Germany) for this purpose. Friendly Captcha provides a 100% GDPR-compliant anti-spam bot service. You can view the privacy policy applicable to this web service at https://friendlycaptcha.com/de/privacy/gdpr/.
The legal basis for processing your data is Article 6 (1) sentence 1 letter f) GDPR. We have a legitimate interest in operating effective spam prevention, as manually sorting out spam contributions can be associated with very high effort and costs. If you do not agree with this, unfortunately, you cannot use the comment function.
We have integrated content from third parties at some points on our website. This includes, for example, videos, map services, images, fonts, advertising, or ref-links. In connection with the integration of this content, it is technically necessary that we communicate your IP address to the providing third parties so that they can display the content to you. We do not store your IP address for integrating third-party content. The third-party providers can track your surfing behavior with your IP address, the use of cookies, and other technologies (e.g., pixel tags, i.e., invisible graphics) and process further technical information (including browser type/version, operating system used, the page you visited previously, the hostname of the accessing device, and the time as well as other information on the use of our online offer) in addition to your IP address.
The legal basis for processing your data is Article 6 (1) sentence 1 letter f) GDPR. We have a legitimate interest in optimizing our website and improving our offer to you by also integrating third-party content.
A more detailed description of whom we embed content from and how your data is processed in the process can be found below in the respective description of the embedded content.
- YouTube (Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA). Privacy Policy: https://policies.google.com/privacy
An opt-out is possible at: https://adssettings.google.com/authenticated - Google Maps (Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA). Privacy Policy: https://policies.google.com/privacy
An opt-out is possible at: https://adssettings.google.com/authenticated - Vimeo (Vimeo Inc., 555 West 18th Street New York, New York 10011, USA) Privacy Policy: https://vimeo.com/privacy
- Twitch Interactive, Inc. (Twitch Interactive, Inc., c/o Corporation Service Company, 2710 Gateway Oaks Drive, Suite 150N, CA 95833, USA) Privacy Policy: https://www.twitch.tv/p/legal/privacy-policy/
- Amazon (Amazon Europe Core S.à r.l. (Société à responsabilité limitée), 5 Rue Plaetis, L-2338 Luxembourg) Privacy Policy: https://www.amazon.de/gp/help/customer/display.html/ref=footer_privacy?ie=UTF8&nodeId=201909010
You have the opportunity to create and use a user account, for example, to redeem points (“Cookies”) or to use the forum. During registration, your Twitch.tv login indicates which data you must transmit to us (this is done automatically via your Twitch.tv login) to complete the registration. Other details are optional and serve to improve the usage and offer you additional features.
The legal basis for processing your data in the context of registration and use of the user account is Article 6 Paragraph 1 Sentence 1 Letter f) of the GDPR. We have a legitimate interest in processing your data so that we can enable you to use the user account and the additional functions associated with it.
You can have your user account, including your data, deleted at any time by an admin (contact via email or contact form).
If you decide to redeem a prize (“win” against “cookies” in the “Cookie Shop”), we also process your data to be able to handle the order and shipping.
In this process, we process your name and your address and contact details. The legal basis for this is to fulfill the contract between us or to carry out pre-contractual measures (Article 6 Paragraph 1 Sentence 1 Letter b) of the GDPR). The data is passed on to third parties for shipping to the shipping service provider.
Your data stored in connection with the registration and use of your user account will be deleted within 14 days after you have informed us of your desire to delete your customer account. Excluded from this are data that must be retained for commercial or tax reasons. We store this data based on Article 6 Paragraph 1 Sentence 1 Letter c) of the GDPR and delete it at the end of the statutory retention period.
During your visit to our website, we automatically collect and process data to understand the behavior of visitors to our website, in order to optimize our website and adapt it to visitor interests.
The legal basis for processing your data is Article 6 Paragraph 1 Sentence 1 Letter f) of the GDPR. We have a legitimate interest in conducting web analysis on a pseudonymized basis to better understand our users, to optimize our website accordingly, and to determine whether the internet advertising we have placed achieves the results we desire. You can object to the use of these services by opting out. However, please note that you may not be able to use all the functions of our website as a result.
Google Analytics (with anonymization function)
On this website, we use the web analytics service Google Analytics (with anonymization function) from Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA. The purpose of the Google Analytics component is to analyze the use of our website by visitors. Google provides us with reports as our processor according to Article 28 of the GDPR, with which we can display and evaluate the activities on our web pages.
A Google Analytics cookie is stored on the device with which you visit our website. By calling up individual pages of this website, the internet browser on your device is automatically prompted by the Google Analytics component to transmit data to Google for online analysis purposes. In this technical process, Google becomes aware of personal data about you, in particular, information about browser type/version, used operating system, the page you previously visited, the hostname of the accessing device, IP address, and the time of the request, which Google uses, among other things, to trace the origin of visitors and clicks. However, these data are not merged with other data about you. In addition, we use the function where the IP address of your internet connection is automatically shortened and thus anonymized by Google when accessing our website from a member state of the European Union or another contracting state of the Agreement on the European Economic Area. In the exceptional case where data is processed outside the EEA, where there is no level of data protection equivalent to European standards, this is done on the basis of the EU-US Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI
You can object to the use of the cookie either by configuring your internet browser so that cookies are generally not stored, or you can click here:
Alternatively, you can also use the browser add-on that you can download and install here: https://tools.google.com/dlpage/gaoptout
The installation of the browser add-on constitutes an objection. If your device is later deleted, formatted, or reinstalled, you must reinstall the browser add-on.
You can access further information and Google’s current privacy policy at https://www.google.de/intl/de/policies/privacy/ and http://www.google.com/analytics/terms/de.html. Google Analytics is explained in more detail under this link: https://www.google.com/intl/de_de/analytics/
We have configured Google Analytics so that the data underlying the reports are deleted no later than 26 months.
We collect and process data on our website to be able to show you more relevant advertising on this and other websites (Re-Marketing/Re-Targeting) and to measure the success of our advertising campaigns. In doing so, we work with providers who help us understand whether users reach us via certain advertising measures (so-called Conversion Tracking). In this context, pseudonymized usage profiles are also created. The legal basis for processing your data is Article 6 Paragraph 1 Sentence 1 Letter f) of the GDPR. We have a legitimate economic interest in presenting interest-based ads to our website users and measuring the success of placed advertising.
You can object to the use of these services by opting out. However, please note that you may not be able to use all the features of our website as a result.
a) Google Marketing Services
We use marketing services from Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA on these websites.
The services used include:
AdWords: The use of Google’s AdWords service allows us to do Conversion Tracking, i.e., to determine whether you have reached our website via a Google ad. On this basis, it is not possible for us to identify you. Only statistics are created.
Double-Click: The use of Google’s Double-Click service allows us to present relevant advertisements to the user. Cookies are used, which enable the identification of the user’s browser. This way, it can be tracked which ads were displayed to the user and which ads they have accessed.
AdSense: The use of Google’s AdSense service allows us to display third-party advertisements on our pages. Cookies and pixel tags are used to evaluate visitor behavior and place ads that are as interest-based as possible.
Google Re-Marketing: The use of Google’s Re-Marketing function allows us to show interest-based advertisements to the user within the Google advertising network, related to content that the user has previously accessed on our website. This can also be done across devices.
Google Tag Manager: The use of Google’s Tag Manager service allows us only to integrate the listed services by implementing the other cookies/tags.
Firebase: The use of Google’s Firebase service allows us to analyze user groups and send push notifications, during which only anonymized data is transmitted to Firebase. You can get more information here: https://www.firebase.com/terms/privacy-policy.html
As part of the mentioned services, Google uses cookies and cookie-like technologies such as pixel tags (i.e., small transparent graphics, also known as web beacons) and processes personal data from you, especially information about browser type/version, used operating system, the previously visited page, the hostname of the accessing device, IP address, and the time of the request, as well as offers, search terms, and content that you were interested in. This data is transmitted to Google. Usage profiles are created on a pseudonymized basis. This means that it is not possible for us to identify you based on this. You can find more information about this at https://policies.google.com/technologies/types
The cookies are automatically deleted after 30 days. You can object to or adjust the use of interest-based advertising here: https://www.google.com/ads/preferences/?hl=de
Insofar as data is processed outside the EEA, where there is no level of data protection equivalent to European standards, this is done on the basis of the EU-US Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI
Further information and the applicable data protection regulations of Google can be retrieved at https://policies.google.com/privacy. The functioning of the Google marketing services is explained in more detail under this link: https://policies.google.com/technologies/ads
b) Facebook Pixel
On this website, we use the so-called “Facebook Pixel” from Facebook (for EU: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; International: Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA). This is a small, invisible pixel that establishes a connection to Facebook servers when visiting our website. Personal data such as IP address and additional information such as browser type/version, operating system used, the page you visited previously, the hostname of the accessing device, IP address, and the time of the request can also be transmitted. This allows Facebook to identify the users of our website and display targeted advertising to users who are interested in our website. Furthermore, with the help of the Facebook Pixel, we can understand whether our Facebook ads are effective.
Insofar as data is processed outside the EEA, where there is no level of data protection equivalent to European standards, this is done on the basis of the EU-US Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC
You can find Facebook’s privacy policy here: https://www.facebook.com/policy.php – You can object to the collection by the Facebook Pixel and use of your data here: https://www.facebook.com/settings?tab=ads.
We use so-called “Social Plugins” from various social networks (hereinafter referred to as “Plugin Providers”) on our website. A social network is an online social meeting place operated on the internet, allowing users to communicate with each other and interact in virtual space. The legal basis for processing your data is Article 6 Paragraph 1 Sentence 1 Letter f) of the GDPR. We are interested in providing you with the most comfortable and optimized offer on our website by integrating Social Plugins and the analyses that are simultaneously possible, and in operating it economically.
When you access a page of our website that contains such a Social Plugin, a direct connection is established to the systems of the Social Plugin Providers via your internet browser. The content of the Social Plugin is transmitted directly to your internet browser by the respective Social Plugin Provider and integrated into our website. At the same time, the Social Plugins transmit the information to the respective Social Plugin Providers that you have accessed the corresponding page of our online presence. This applies regardless of whether you have created a profile with the Social Plugin Provider, logged in to the Social Plugin Provider, or actively used a Social Plugin (e.g., by clicking the “Like” button or submitting a comment).
If a Social Plugin is actively used, the corresponding information is transmitted directly from your internet browser to the respective Social Plugin Provider and stored there. As soon as you are logged in to one of the Social Plugin Providers at the same time, they can assign your visit to our website to your account there. We have no influence on the type and extent of the data collected and transmitted. You can find details about the scope and purpose of data collection, processing, and use in the privacy notices of the Social Plugin Providers. There you can also view your rights and settings options for protecting your privacy.
If you do not agree that the Social Plugin Providers assign the data collected during your visit to our website to your account [or “account”], we ask you to log out of the Social Plugin Providers before visiting our website.
a) Facebook
The social plugins of the social network Facebook are operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (www.facebook.com), and Facebook Ireland Limited, Hanover Reach, 5-7 Hanover Quay, Dublin 2, Ireland (www.facebook.de) (“Facebook”). An overview of Facebook’s plugins can be found here: http://developers.facebook.com/docs/plugins; information about data protection at Facebook can be found here: www.facebook.com/policy.php
Insofar as data is processed outside the EEA, where there is no level of data protection equivalent to European standards, this is done on the basis of the EU-US Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000Gny
wAAC.
If you wish to object to Facebook’s data collection for the future, you can do so here: https://www.facebook.com/settings?tab=ads
b) Instagram
Plugins from Instagram are operated by Instagram LLC., 1601 Willow Road, Menlo Park, CA 94025, USA (“Instagram”). An overview of Instagram’s plugins can be found here: http://blog.instagram.com/post/36222022872/introducing-instagram-badges; information about data protection at Instagram can be found here: https://help.instagram.com/155833707900388/
c) Twitter
The social plugins of Twitter are operated by Twitter Inc., 1355 Market St, Suite 900, San Francisco, CA 94103, USA (“Twitter”). An overview of Twitter’s plugins can be found here: https://twitter.com/about/resources/buttons; information about data protection at Twitter can be found here: twitter.com/privacy.
Insofar as data is processed outside the EEA, where there is no level of data protection equivalent to European standards, this is done on the basis of the EU-US Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO
If you wish to object to Twitter’s data collection for the future, you can set an opt-out cookie here: https://twitter.com/personalization
- Other Website Services & Plugins
Comments and Contributions
When users leave comments or other contributions, their IP addresses are stored based on our legitimate interests as defined in Art. 6 Para. 1 lit. f. GDPR for 7 days. This is for our security, in case someone leaves illegal content in comments and contributions (insults, forbidden political propaganda, etc.). In this case, we can be prosecuted for the comment or contribution and are therefore interested in the identity of the author.
Comment Subscriptions
Users can subscribe to follow-up comments with their consent according to Art. 6 Para. 1 lit. a GDPR. Users will receive a confirmation email to verify that they are the owner of the entered email address. Users can cancel ongoing comment subscriptions at any time. The confirmation email will include instructions on how to revoke consent.
Akismet Anti-Spam Check
Our online offer uses the service “Akismet”, provided by Automattic Inc., 60 29th Street #343, San Francisco, CA 94110, USA. The use is based on our legitimate interests in the sense of Art. 6 Para. 1 lit. f) GDPR. With the help of this service, comments from real people are distinguished from spam comments. All comment details are sent to a server in the USA, where they are analyzed and stored for comparison purposes for four days. If a comment has been classified as spam, the data will be stored beyond this time. These details include the name entered, the email address, the IP address, the comment content, the referrer, details of the browser used as well as the computer system and the time of entry.
Automattic is certified under the Privacy Shield Agreement, thereby guaranteeing compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000CbqcAAC&status=Active).
More information on the collection and use of data by Akismet can be found in Automattic’s privacy policy: https://automattic.com/privacy/.
Users are welcome to use pseudonyms or refrain from entering their name or email address. You can completely prevent the transfer of data by not using our comment system. That would be a pity, but unfortunately, we see no other alternatives that work just as effectively.
Retrieval of Profile Pictures from Gravatar
We use the service Gravatar from Automattic Inc., 60 29th Street #343, San Francisco, CA 94110, USA, within our online offer and especially in the blog.
Gravatar is a service where users can register and store profile pictures and their email addresses. When users leave posts or comments with their respective email address on other online presences (especially in blogs), their profile pictures can be displayed next to the posts or comments. For this purpose, the email address provided by the users is encrypted and transmitted to Gravatar for the purpose of checking whether a profile is stored for it. This is the only purpose of transmitting the email address, and it is not used for other purposes but is deleted afterward.
The use of Gravatar is based on our legitimate interests as defined in Art.
6 Para. 1 lit. f) GDPR, as we offer the authors of posts and comments the opportunity to personalize their contributions with a profile picture.
Automattic is certified under the Privacy Shield Agreement, thereby guaranteeing compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000CbqcAAC&status=Active).
By displaying the images, Gravatar learns the IP address of the users, as this is necessary for communication between a browser and an online service. More information on the collection and use of data by Gravatar can be found in Automattic’s privacy policy: https://automattic.com/privacy/.
If users do not want a user image linked to their email address at Gravatar to appear in the comments, they should use an email address to comment that is not registered with Gravatar. We also point out that it is also possible to use an anonymous or no email address if users do not wish their own email address to be sent to Gravatar. Users can completely prevent the transfer of data by not using our comment system.
Jetpack (WordPress Stats)
Based on our legitimate interests (i.e., interest in the analysis, optimization, and economic operation of our online offering as defined in Art. 6 Para. 1 lit. f. GDPR), we use the plugin Jetpack (here the subfunction “WordPress Stats”), which is a tool for the statistical evaluation of visitor access, provided by Automattic Inc., 60 29th Street #343, San Francisco, CA 94110, USA. Jetpack uses so-called “cookies”, text files that are stored on your computer and that allow an analysis of your use of the website.
Automattic is certified under the Privacy Shield Agreement and thereby offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000CbqcAAC&status=Active).
The information generated by the cookie about your use of this online offering is stored on a server in the USA. Usage profiles of the users can be created from the processed data, but these are only used for analysis and not for advertising purposes. Further information can be found in Automattic’s privacy policies: https://automattic.com/privacy/ and information about Jetpack cookies: https://jetpack.com/support/cookies/.
- Participation in a Competition
On our website, you can regularly participate in competitions.
When participating in the competition, the data we request (name, first name, email address) as well as the time and date of your participation are transmitted to us, stored, and processed. Your data is used exclusively for conducting the competition and is not shared with third parties.
The legal basis for processing your data in the context of participating in competitions is your consent (Article 6 Paragraph 1 Sentence 1 Letter a) of the GDPR).
Your data will be stored until the competition is completed. Afterward, your data will be deleted within 7 days.
In the course of data processing, we also use service providers who process your personal data exclusively on our behalf in accordance with Art. 28 GDPR and according to our instructions, and who have taken appropriate technical and organizational measures to protect your rights. This particularly includes the following:
- TOS Marketing & Event UG, Dorfstraße 1, 24245 Kirchbarkau (Merchandise from nookyyy in case of winning/a draw).
Insofar as data is transferred outside the EEA, where there may not be a comparable standard of data protection to that of the European Union, this is done based on appropriate guarantees according to Articles 44 to 49 of the GDPR.
- II. Data Processing in the Context of Our Online Presences
In addition to the website, we are also represented on online platforms and social networks. If communication with you takes place within these platforms and networks, the terms and conditions and data protection guidelines of the respective provider apply. These can be found on the website of the respective provider. We are present on the following platforms:
- Facebook: http://www.facebook.com/nookyyy
- Twitter: https://twitter.com/nookyyy
- Twitch: https://twitch.tv/nookyyy
- Youtube: https://www.youtube.com/c/nookyyy
- Instagram: https://www.instagram.com/nookyyyfps
- Steam: https://steamcommunity.com/id/nookyyyy
If you communicate with us via these online presences, we process the data contained in your messages and posts depending on the contents and the purposes of the communication either on the basis of Article 6 Paragraph 1 Sentence 1 Letter b) of the GDPR or Article 6 Paragraph 1 Sentence 1 Letter f) of the GDPR. Your data will be deleted, as far as the online presence allows, once they are no longer required for the respective purpose.
- III. Routine Deletion and Blocking of Data
We generally store your data only for the period necessary to achieve the storage purpose or as provided by the European Directive and Regulation Giver or another legislator in laws or regulations to which we are subject. In Germany, this includes in particular a duty to retain for 6 years according to § 257 Para. 1 of the Commercial Code (in particular commercial books, inventories, opening balances, annual financial statements, commercial letters, accounting vouchers) and for 10 years according to § 147 Para. 1 of the Tax Code (in particular books, records, management reports, accounting vouchers, commercial and business letters, documents relevant for taxation). If the storage purpose ceases to apply or if a legally prescribed storage period expires, your personal data will be routinely blocked or deleted in accordance with legal requirements. Please also note the specific information on individual storage and deletion periods in this data protection declaration.
- IV. Your Rights
As a person affected by data processing (Article 4 No. 1 of the GDPR), you have numerous rights against us, which we would like to inform you about below. Further details can also be found in Articles 15 to 21 of the GDPR and §§ 32 to 37 of the BDSG (in the version applicable from May 25, 2018).
To assert your rights, please contact the following address (you can also contact us informally):
E-Mail: info@nookyyy.com
You have the right to obtain information from us about whether and what data we process about you. This includes, among other things, information about how long and for what purpose we process the data, where it comes from, and to which recipients or categories of recipients we pass it on. You can also obtain a copy of this data from us.
You have the right to have us correct data about you that is incorrect or no longer accurate without delay. You can also request the completion of your incomplete personal data. If required by law, we will also inform third parties about this correction if we have passed on your data to them.
You have the right to demand the immediate deletion of your personal data from us if one of the following reasons applies:
- Your data is no longer necessary for the purposes for which they were collected or otherwise processed, or the purpose has been achieved;
- You revoke your consent and there is no other legal basis for the processing;
- You object to the processing and there are no overriding legitimate reasons for the processing; in the case of using personal data for direct marketing, a simple objection to the processing is sufficient;
- Your personal data has been processed unlawfully;
- the deletion of your personal data is necessary to fulfill a legal obligation under Union or Member State law to which we are subject.
Please note that your right to deletion can be limited by legal regulations. This includes in particular the restrictions listed in Article 17 of the GDPR and § 35 of the Federal Data Protection Act (in the version applicable from May 25, 2018).
You have the right to demand that we restrict the processing of your personal data if one of the following conditions is met:
- You dispute the accuracy of your personal data, for a period that enables us to verify the accuracy of the personal data;
- the processing is unlawful and you refuse the deletion of the personal data and instead request the restriction of the use of your personal data;
- we no longer need your personal data for processing purposes, but you need them for the assertion, exercise, or defense of legal claims; or
- you have objected to processing as long as it has not yet been determined whether our legitimate reasons outweigh yours.
If you have obtained a restriction of processing according to the aforementioned list, we will inform you before the restriction is lifted.
You can revoke consents given to us at any time with effect for the future. This revocation can be made informally to the above contact addresses. This also applies to consents that you gave us before the GDPR (i.e., before May 25, 2018). If you revoke your consent, the legality of the data processing that took place until then is not affected. As a rule, the consequence of a revocation is that you can no longer use our service, for which we asked for your consent, in full or at all.
You have the right to receive personal data concerning you, which you have provided to us, in a structured, common, and machine-readable format and to transmit this data to others. Details and limitations can be found in Article 20 of the GDPR. The exercise of this right does not affect your right to deletion.
If you believe that the processing of your data by us violates applicable data protection law, you have the right to complain to one of the responsible supervisory authorities, i.e., in particular, the Hamburg Commissioner for Data Protection and Freedom of Information or the respective supervisory authority in the Member State of your place of residence, your workplace, or the place of the suspected data protection violation.
V. Help with Data Protection Terms
We use some terms in this privacy policy that are also used by the legislator, especially in the European General Data Protection Regulation (GDPR). As it is important to us that this privacy policy is understandable for you, we explain some important terms in alphabetical order below:
Data Processor: This is a natural or legal person, authority, institution, or other body that processes personal data on behalf of the controller.
Data Subject: This is any identified or identifiable natural person whose personal data is processed by the controller.
Browser: This is a program for displaying websites on the internet, such as Mozilla Firefox or Google Chrome programs.
Cookies: These are small text files containing a characteristic string (cookie ID) that are stored on your device (e.g., smartphone or computer) via an internet browser when you do not prevent this through technical settings. Cookies enable visited internet pages and servers to distinguish your individual browser from other internet browsers. A specific internet browser can thus be recognized and identified via the unique cookie ID. This makes it possible to make it easier for you to use our website, as you only have to enter certain data once, for example. Where possible, we use cookies that are deleted again when you close your browser (so-called session cookies). In addition, we also use cookies that are stored on your computer for a longer period (so-called persistent cookies). In addition to the option of configuring your browser so that it does not accept cookies, you can delete already set cookies at any time via an internet browser or other programs. Please note, however, that not using cookies may mean that not all functions of our website or services can be fully used.
Third Party: This is a natural or legal person, authority, institution, or other body (other than the data subject), the controller, the processor, and the persons who are authorized to process the personal data under the direct responsibility of the controller or processor.
Restriction of Processing: This is a marking of stored personal data in such a way that their future processing (for example, with regard to certain processing purposes) is restricted.
Consent: This is any expression of will voluntarily given by the data subject for the specific case in an informed and unambiguous manner in the form of a declaration or other clear affirmative action by which the data subject indicates agreement to the processing of personal data concerning them.
Recipient: This is a natural or legal person, authority, institution, or other body to which personal data are disclosed, whether or not it is a third party.
IP Address: This is an address that is assigned to your device (e.g., smartphone or computer) on the internet so that your device can be addressed and reached there.
Pixel Tags (Web Beacons): These are small, usually invisible graphics that are integrated into websites and other services to perform statistical evaluations, usually for marketing purposes.
Personal Data: These are all information relating to an identified or identifiable natural person (also called “data subject”). An identifiable natural person is considered to be one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or one or more special characteristics expressing the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
Here is the translation of the provided text into HTML format with the appropriate tags:
Profiling: This is a type of automated processing of personal data that consists in using these personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning work performance, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements of that natural person.
Pseudonymization: This is the processing of personal data in a manner where the personal data can no longer be attributed to a specific data subject without the use of additional information. This is particularly the case when the additional information is kept separately and technical and organizational measures have been taken to ensure that the personal data cannot be attributed to an identified or identifiable natural person without unreasonable effort.
Processing: This is any operation or set of operations performed on personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.
Controller or Processor: These are the natural or legal persons, authorities, institutions, or other bodies that, alone or jointly with others, determine the purposes and means of processing personal data.
- VI. Security
We implement technical and organizational security measures to protect your personal data against misuse, loss, destruction, or access by unauthorized persons. Our security measures are in accordance with the state of the art.
- VII. Validity and Amendments to the Privacy Policy
The privacy policy is currently valid and dated October 21, 2019.
Due to the further development of our website or the implementation of new technologies, it may become necessary to change this privacy policy. We reserve the right to make corresponding changes at any time.