FUNTAPTIC PRIVACY POLICY

Last updated: October 1, 2021

This Privacy Policy explains how Funtaptic Studio SRL (hereinafter “Funtaptic”, “we” or “us”) collects, stores, uses, or otherwise processes the personal data of end users of our Services as defined below (referred to as “you” in this notice), and what rights you have if we are processing your personal data

In this notice, “Services“ refers to our Games, Websites, and any related services or properties we control; “Games” refers to our games, applications, and other products, including The Grugs game and many others; and “Websites” refers to websites and other online properties we control, including https://www.funtaptic.com. The expression “your data” is used when referring to personal data that relates to you as an identified or identifiable individual.

By accessing and using our services or otherwise providing us with your personal data, for example when contacting us, you confirm that you have read and that you understand the way we collect, process, use and disclose your personal data as described in this Privacy Policy. 

For specific processing activities, we need to obtain your consent to collect and process your personal data. When we need your consent, we will ask you, before you submit personal data or use the relevant sections of the website, to confirm electronically that you consent to the processing activity at stake, as described in this Privacy Policy, by ticking specific boxes. Your affirmative action in ticking the relevant box and your use of this website signify that you agree to the processing activity at stake as described in this Privacy Policy. Our records of your acceptance of this Privacy Policy, the date thereof, and of all future amendments to this Privacy Policy, shall be regarded as conclusive and written evidence of your consent.

We collect and process your personal data in accordance with all applicable data protection laws and regulations, including, without limitation, the General Data Protection Regulation of the European Union (GDPR).

Who controls the processing of my personal data? Who is accountable for it?

Data processing is carried out by:

  • Funtaptic Studio SRL
  • County Neamt, RO, Europe, St. Cuza Voda 4, CP 617246
  • www.Funtaptic.com
  • hello@funtaptic.com

You can contact us at any time regarding this and other questions on the subject of data protection using our contact form or via email on hello@funtaptic.com.

FUNTAPTIC WEBSITE

How do we collect your data?

Data is collected either by you providing it to us, for example, the data that you enter in our contact form. Or data that is collected automatically or with your consent by our IT systems when you visit and use our website or our . 

What do we use your data for?

Some of the data is collected in order to ensure error-free provision of the website. Other data may be used to analyse your user behaviour.

Automatic Collection of Data

Log Files and Cookies 

The processing of your personal data when you merely visit and consult the website is limited to the so-named surfing data, namely the data whose transmission to the website is implicit in the functioning of the systems in charge of the managing of the website and in the communications protocols peculiar to the Internet. Surfing data are, for example, the IP addresses of the devices you use to connect to the website and other parameters relating to your device and operating system.

In principle, surfing data, such as these above specified, and for example the number of visits and the time spent on the website, are collected and processed by us exclusively for statistical purposes and in aggregated form for purposes of measuring and enhancing the functioning of the website. Due to the nature itself of surfing data, these data may lead to identification of users if they are associated with data held by third parties; however, we do not collect surfing data in order to associate them with identified users, except where said data may be used for purposes of assessing possible responsibilities in case of information crimes realised against the website or through the website to the extent permitted by law. 

Besides, certain information is gathered on this website by means of cookies and other tracking technologies as described in our Cookies Policy. By actively closing the website Cookie Banner and by setting your cookie preferences through our tool and in your browser, you are agreeing to our use of cookies and similar technologies. If you do not agree to our use of cookies in this way, you should set your cookie preferences accordingly. You will always be able to withdraw your consent and change your cookie preferences at any time. If you disable cookies that we use, this may impact your user experience while on this website. Please refer to our Cookies Policy for further details.

Data you provide to us

Contact form or e-mail

If you send us enquiries via the contact form or e-mail, your details from the enquiry form, including the contact details you have provided there, will be stored by us for the purpose of processing the enquiry and in the event of follow-up questions. We do not pass on this data without your consent.

The processing of this data is based on the provision of a pre-contractual or contractual measure (Art. 6 (1) lit. b of the GDPR) if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the enquiries addressed to us (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR) if this has been requested.

The data you enter in the contact form will remain with us until you request us to delete it, revoke your consent to store it or the purpose for storing the data no longer applies (e.g. after we have completed processing your enquiry). Mandatory legal provisions – in particular retention periods – remain unaffected.

When you use our Social Media Pages

We also process information that you have provided to us via our company pages on the relevant social media website. Such information may be the username used, contact details or a message sent to us. We regularly process this personal data only if we have previously expressly requested you to provide us with this data, for example as part of a survey. These processing operations are carried out by us as the sole data controller.

We process this data on the basis of our legitimate interest (Art. 6 para. 1 lit. f GDPR) in contacting people who make enquiries. In addition, we may process such data for evaluation and marketing purposes. This processing is carried out on the legal basis of our legitimate interest and serves our interest in further developing our offer and informing you specifically about our offers. Further data processing may take place if you have consented or if this serves the fulfilment of a legal obligation. 

The sole controller of this processing of personal data is the relevant social media website. Further information about the processing of personal data by the relevant social media website can be found at their respective Privacy Policies when following the links below.

Contractual Relationship

In order to establish or implement the contractual relationship with our customers, it is regularly necessary to process the personal master, contract, and payment data provided to us. We also process customer and prospect data for evaluation and marketing purposes. This processing is carried out on the legal basis of our legitimate interest and serves our interest in further developing our offer and informing you specifically about Funtaptic offers. Further data processing may take place if you have consented or if this serves the fulfilment of a legal obligation.

Newsletter

On the basis of your expressly given consent, we will send you our newsletter or comparable information regularly by e-mail to your specified e-mail address.

To receive the newsletter, it is sufficient to provide your e-mail address. When you register to receive our newsletter, the data you provide will be used exclusively for this purpose. Subscribers may also be informed by e-mail of circumstances relevant to the service or registration.

For an effective registration, we require a valid e-mail address. In order to verify that a registration is actually made by the owner of an e-mail address, we use the “double-opt-in” procedure. For this purpose, we log the order for the newsletter, the sending of a confirmation e-mail and the receipt of the response requested herewith. No further data is collected. The data is used exclusively for sending the newsletter and is not passed on to third parties.

You can revoke your consent to the storage of your personal data and its use for newsletter dispatch at any time. There is a corresponding link in each newsletter. You can also unsubscribe at any time directly on this web site or inform us of your wish to do so using the contact option provided at the end of this privacy policy.

We send newsletters, e-mails and other electronic notifications with promotional information (hereinafter “newsletter”) only with the consent of the recipients or a legal permission. If the contents of the Newsletter are specifically described in the context of a registration, they are decisive for the consent of the users. In our newsletter, we tell what drives us: what topics, formats and people we encounter. We link to videos, articles and studies and occasionally invite you to events. Information on the content, the logging of your registration, the dispatch via the US provider MailChimp, a newsletter sending platform of the US provider Rocket Science Group, LLC.

The email addresses of our newsletter recipients, as well as their other data described in this notice, are stored on MailChimp’s servers in the USA. MailChimp uses this information to send and evaluate the newsletter on our behalf. Furthermore, according to its own information, MailChimp may use this data to optimise or improve its own services, e.g. for the technical optimisation of the dispatch and the presentation of the newsletters or for economic purposes in order to determine from which countries the recipients come. However, MailChimp does not use the data of our newsletter recipients to write to them itself or to pass it on to third parties.

We trust in the reliability and IT and data security of MailChimp.You can view MailChimp’s privacy policy here.

We would also like to point out that you can object to the future processing of your personal data in accordance with the legal requirements pursuant to Art. 21 of the GDPR at any time. The objection can be made in particular against the processing for purposes of direct advertising.

How your data is handled

Storage period

Unless a more specific retention period is stated within this privacy policy, your personal data will remain with us until the purpose for processing the data no longer applies. If you assert a justified request for deletion or revoke your consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g. retention periods under tax or commercial law); in the latter case, the data will be deleted once these reasons no longer apply.

Data transfer to the USA and other third countries

Among other things, we use tools from companies based in the USA or other third countries that are not secure under data protection law. If these tools are active, your personal data may be transferred to these third countries and processed there. We would like to point out that no level of data protection comparable to that in the EU can be guaranteed in these countries. For example, US companies are obliged to hand over personal data to security authorities without you as a data subject being able to take legal action against this. It can therefore not be ruled out that US authorities (e.g. intelligence services) process, evaluate and permanently store your data located on US servers for monitoring purposes. We have no influence on these processing activities.

Sharing of your data

We may share your information with organisations that help us provide the services described in this policy and who may process such data on our behalf and in accordance with this policy, to support our online offer and our services. 

Typically and unless otherwise stated in this policy, data may be shared on the basis of our contractual and pre-contractual obligations. Equally, if you have consented to it, or where there we have a legal obligation to do so or on the basis of our legitimate interests (e.g. when using agents, hosting providers, tax, business and legal advisors, customer care, accounting, billing and similar services that allow us to perform our contractual obligations, administrative tasks and duties efficiently and effectively). If we commission third parties to process data on the basis of a so-called “processing agreement”.

In relation to meta data obtained about you, we may share a cookie identifier and IP data with analytic service providers to assist us in the improvement and optimisation of our website which is subject to our Cookies Policy.

We may also disclose information in other circumstances such as when you agree to it or if the law, a Court order, a legal obligation or regulatory authority ask us to. If the purpose is the prevention of fraud or crime or if it is necessary to protect and defend our right, property or personal safety of our staff, the website and its users.

Storing your data

We store your data as long as it is needed for the respective processing purpose. Please note that numerous retention periods require that data continue to be stored. This applies in particular to retention obligations under commercial or tax law. If there are no further storage obligations, the data will be routinely deleted after the purpose has been achieved.

SSL or TLS encryption

For security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us as the website operator, this website uses SSL or TLS encryption. You can recognise an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.

What else do I need to know about data protection at Funtaptic?

We take data protection very seriously and work according to the minimal principle. The personal data we ask for, store and process in the context of our services including the website is based on the legal requirements for data management. We collect as little information as possible from website visitors. However, we would like to constantly optimise our website in order to offer you a good user experience and the greatest possible information content. For this purpose, we make use of a number of programs, which we will break down for you in detail below:

Google Analytics

This website uses functions of the web analysis service Google Analytics. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics enables the website operator to analyse the behaviour of website visitors. In doing so, the website operator receives various usage data, such as page views, length of stay, operating systems used and the origin of the user. This data may be summarised by Google in a profile that is assigned to the respective user or their end device.

Google Analytics uses technologies that enable the recognition of the user for the purpose of analysing user behaviour (e.g. cookies or device fingerprinting). The information collected by Google about the use of this website is usually transferred to a Google server in the USA and stored there.

The use of this analysis tool is based on our legitimate interest (Art. 6 para. 1 lit. f GDPR). We have a legitimate interest in analysing user behaviour in order to optimise both the website and its advertising. If a corresponding consent has been requested (e.g. consent to the storage of cookies), the processing is carried out exclusively on the basis of consent (Art. 6 para. 1 lit. a GDPR) the consent can be revoked at any time.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here

You can refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) by Google and the processing of this data by Google by downloading and installing the browser plug-in available at the following link:

Your Rights

You have the following rights with regard to the personal data concerning you:

  • Right to information,
  • Right to correction or deletion,
  • Right to restriction of processing,
  • Right to object to processing,
  • Right to data portability.

Revocation of your consent to data processing

Many data processing operations are only possible with your express consent. You can revoke consent you have already given at any time. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

Right to object to data collection in special cases and to direct marketing (Art. 21 GDPR)

If data processing is carried out on the basis of our legitimate interest (Art. 6 para. 1 lit. f GDPR), you have the right to object to the processing of your personal data at any time on grounds relating to your particular situation; this also applies to profiling based on these provisions. the respective legal basis on which processing is based can be found in this privacy policy. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is for the establishment, exercise or defence of legal claims.

If your personal data are processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to profiling insofar as it is related to such direct marketing. If you object, your personal data will subsequently no longer be used for the purpose of direct marketing (objection pursuant to Art. 21 para. 2 GDPR).

Right of appeal to the competent supervisory authority

In the event of breaches, data subjects have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, their place of work or the place of the alleged breach. The right of appeal is without prejudice to any other administrative or judicial remedy.

Right to data portability

You have the right to have data that we process automatically on the basis of your consent or in performance of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another responsible party, this will only be done insofar as it is technically feasible.

Information, deletion and correction

Within the framework of the applicable legal provisions, you have the right at any time to free information about your stored personal data, its origin and recipient and the purpose of the data processing and, if applicable, the right to correction or deletion of this data. You can contact us at any time with regard to this and any other questions you may have on the subject of personal data.

Right to restriction of processing

You have the right to request the restriction of the processing of your personal data. To do this, you can contact us at any time. The right to restriction of processing exists in the following cases:

If you dispute the accuracy of your personal data stored by us, we usually need time to check this. For the duration of the verification, you have the right to request the restriction of the processing of your personal data.

If the processing of your personal data happened/is happening unlawfully, you can request the restriction of data processing instead of erasure.

If we no longer need your personal data, but you need it to exercise, defend or assert legal claims, you have the right to request restriction of the processing of your personal data instead of erasure.

If you have lodged an objection under Article 21(1) of the GDPR, a balance must be struck between your interests and ours. As long as it has not yet been determined whose interests prevail, you have the right to demand the restriction of the processing of your personal data.

If you have restricted the processing of your personal data, this data may – apart from being stored – only be processed with your consent or for the assertion, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of an important public interest of the European Union or a Member State.

Objection to advertising e-mails

The use of contact data published within the framework of the imprint obligation for the purpose of sending advertising and information material not expressly requested is hereby objected to. The operators of the pages expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, for example by spam e-mails.

Miscellaneous and Closing

WordPress

We use WordPress to properly deliver the content on our website. WordPress is a service provided by Automattic Inc. which acts as a Content Delivery Network (CDN) on our website.

A CDN helps to deliver content from our website, in particular files such as graphics or scripts, more quickly using regionally or internationally distributed servers. When you access this content, you establish a connection to servers of Automattic Inc., San Francisco, California, US, whereby your IP address and possibly browser data such as your user agent are transmitted. This data is processed solely for the purposes stated above and to maintain the security and functionality of WordPress.

The use of the Content Delivery Network is based on our legitimate interests, i.e. interest in a secure and efficient provision as well as the optimisation of our online offer according to Art. 6 para. 1 lit. f. GDPR.

The specific storage period of the processed data cannot be influenced by us, but is determined by Automattic Inc. Further information can be found in the privacy policy of WordPress

Automated decision-making

We do not use automated decision-making or profiling.

Do Not Track

Do Not Track is a privacy preference you can set in most browsers. We support Do Not Track because we believe that you should have genuine control over how your info gets used and our website responds to Do Not Track requests.

Do Not Sell My Personal Information 

We do not sell information that directly identifies you, like your name, address or phone records. 

Accuracy

It is important that the data we hold about you is accurate and current, therefore please keep us informed of any changes to your personal data.

External Links

Our website contains links to the online offers of other providers. We hereby point out that we have no influence on the content of the linked online offers and the compliance with data protection regulations by their providers.

Changes and updates to the privacy policy

We kindly ask you to regularly inform yourself about the content of our privacy policy. We will amend the privacy policy as soon as changes to the data processing activities we carry out make this necessary. We will inform you as soon as the changes require an act of cooperation on your part (e.g., consent) or other individual notification.

Queries and Complaints 

Any comments or queries on this policy should be directed to us. If you believe that we have not complied with this policy or acted otherwise than in accordance with data protection law, then you should notify us.

FUNTAPTIC APP OR GAME

Information We Collect

To help you enjoying the our App(s), we collect some basic as you use our services, for example access logs, as well as information from third parties  If you want additional info, we go into more detail below.

If you contact us the data you provide will be stored so that your message can be forwarded to the correct contact person. This is done in accordance with Article 6 lit. f) GDPR to process your request. Your data provided will not be used for any other purposes, in particular not for advertising.

Usage Information

We collect information about your activity on our services, for instance how you use them (e.g., date and time and access, features you have been using, web page address, advertising that you click on) and how you interact with our services .

Device information

We collect information from and about the device(s) you use to access our services, including:

  • hardware and software information such as IP address, device ID and type, device-specific and apps settings and characteristics, app crashes, advertising IDs (such as Google’s AAID and Apple’s IDFA, both of which are randomly generated numbers that you can reset by going into your device’ settings), browser type, version and language, operating system, time zones, identifiers associated with cookies or other technologies that may uniquely identify your device or browser (e.g., IMEI/UDID and MAC address);
  • information on your wireless and mobile network connection, like your service provider and signal strength; information on device sensors such as accelerometers, gyroscopes and compasses.

In App Purchases 

When you order a feature or other product in the app, we may collect the following data from you to process the desired order:

  • IOS or Google user ID
  • Email address
  • Payment confirmation from the payment data collected by Google Play Services and Apple Game Center depending on the payment method;
  • Device IP and device serial number to link the story history to the device.

 

You may also be asked to enter a range of personal data as part of the account creation process. We store this data to save you from having to enter this data in the future when you place new orders. You can always view, change and delete the data in your user account. The legal basis for this is Art. 6 para. 1 lit. b GDPR.

We record your purchase data in our accounting software and the pseudonymised purchase data in a so-called data warehouse database. The purpose is to fulfil legal requirements and to control the company. The legal basis for this is Art. 6 para. 1 lit. f GDPR. In addition, in the case of accounting, Art. 6 para. 1 lit. c GDPR. Insofar as the data processing is based on Art. 6 Para. 1 lit. f GDPR, our legitimate interest lies in controlling and ensuring the profitability of our online offer.

Contacting us and customer service

When contacting us (via contact form or e-mail), the user’s details are processed for the purpose of handling the contact request and its processing pursuant to Art. 6 (1) lit. b) GDPR.

We delete the queries if they are no longer necessary. We review the necessity every two years; we store queries from customers who have a customer account permanently and refer to the customer account details for deletion. Furthermore, the legal archiving obligations apply.

Children Data

Children need particular protection when collecting and processing their personal data because they may be less aware of the risks involved. Compliance with the data protection principles and in particular fairness is central to all our processing of children’s personal data. Where we process  a child’s personal data consent from whoever holds parental responsibility for the child is obtained. Children have the same rights as adults over their personal data. These include the rights to access their personal data; request rectification; object to processing and have their personal data erased.

Unity

Our app is built using the game development platform Unity (operated by Unity Technologies, 30 3rd Street, San Francisco, CA 94103, United States). This uses software modules and libraries that come from Unity Technologies itself or third parties and become an inherent part of our Apps (called a game engine). During the execution of the app, personal data may be processed by Unity itself, including device identification numbers (so-called UDID – unique device identifiers, IP address). Data such as the device type, country of app installation, advertising ID, sensor markings (e.g. from the pressure or acceleration sensor), game identification number (app ID) and the checksum of the transmitted data are also processed.

Using Unity also means that the services  are using “Unity Analytics” and “Unity Ads”. Unity Analytics and Unity Ads collect the personal data such as IP addresses and device identification number (so-called UDID – unique device identifiers). Other data collected includes device specifications (device type, device language), usage data, information about in-app behaviour and in-app purchases, custom event data (where applicable). Through Unity Analytics and Unity Ads, we can find out which app ads are tapped or clicked on from your device, which of advertisement was watched and whether you download and use the advertised apps.

We do not have access to individual IP addresses or device numbers. You can find more information about Unity Technologies’ privacy policy here:

How We Use Information

The main reason we use your information is to deliver and improve our services. Additionally, we use this info to help keep you safe and to provide you with advertising that may be of interest to you. Read on for a more detailed explanation of the various reasons we use your information, together with practical examples.

  • To provide our services to you;
  • To create and manage our App and provide new features.
  • To improve our services and develop new ones
  • To conduct research and analysis of users’ behaviour to improve our services and content (for instance, we may decide to change the look and feel or even substantially modify a given feature based on users’ behaviour)
  • To prevent, detect and fight fraud or other illegal or unauthorized activities
  • To Address ongoing or alleged misbehaviour
  • To Perform data analysis to better understand and design countermeasures against these activities
  • To ensure legal compliance
  • To Assist law enforcement
  • To Enforce or exercise our rights.

To process your information as described above, we rely on the following legal bases:

  • Provide our service to you

Most of the time, the reason we process your information is to perform the contract that you have with us. For instance, as you go about using our service.

  • Legitimate interests

We may use your information where we have legitimate interests to do so. For instance, we analyse users’ behaviour on our services to continuously improve our offerings, we suggest offers we think might interest you, and we process information for administrative, fraud detection and other legal purposes.

  • Consent

From time to time, we may ask for your consent to use your information for certain specific reasons. You may withdraw your consent at any time by contacting us.

How We Share Information

We use third parties to help us operate and improve our services. These third parties assist us with various tasks, including data hosting and maintenance, analytics and security operations.

We may also share information with partners who distribute and assist us in advertising our services. For instance, we may share limited information on you in hashed, non-human readable form to advertising partners.

We follow a strict vetting process prior to engaging any service provider or working with any partner. All of our service providers and partners must agree to strict confidentiality obligations.

We may disclose your information if reasonably necessary: (i) to comply with a legal process, such as a court order, subpoena or search warrant, government / law enforcement investigation or other legal requirements; (ii) to assist in the prevention or detection of crime (subject in each case to applicable law); or (iii) to protect the safety of any person.

We may also share information: (i) if disclosure would mitigate our liability in an actual or threatened lawsuit; (ii) as necessary to protect our legal rights and legal rights of our users, business partners or other interested parties; (iii) to enforce our agreements with you; and (iv) to investigate, prevent, or take other action regarding illegal activity, suspected fraud or other wrongdoing.

Push notifications

The app can notify you of certain news via push notifications, even if you are not actively using the app at the time. The app only uses these push notifications if you have explicitly activated them. The legal basis is Article 6, paragraph 1(a) of the GDPR.

When you activate the push notification service, a so-called device token from Apple or a so-called registration ID from Google is assigned to your device. The sole purpose of their use by us is to provide the push services. Without a device token or registration ID, no push messages can be sent to you for technical reasons. These identifiers are only encrypted, randomly generated numbers.

Notes for Apple users:

In order to be notified of certain events and topics via push notifications, even if you are not currently using the app, you must grant the app the necessary permission. Without your consent, which you give by activating it in the settings, we cannot send you a push message. The first time you log in to the app, you will be asked if you want to allow push notifications. You can then adjust the permissions for push notifications in the iOS settings and turn push notifications on or off at any time later.

To do this, open the “Settings” app of iOS and select the menu item “Messages”. In the following menu you will find an overview of all apps that are installed on your device and that have a push notification function. Select our app here. Here you can switch the push notification function on or off. You also have the option of customising the display of push notifications in the app according to your preferences.

Notes for Android users:

On Android, all apps are set by default so that you can receive push notifications even if you do not have the app open. Unfortunately, this cannot be avoided due to Google’s technical specifications, over which we have no influence. The app will not use this permission without your permission. You will only receive push notifications if you explicitly activate this function in the app.

Within the app, you can deactivate the push services you have activated at any time. Independently of the settings in the app, you can also switch off the receipt of push notifications by calling up the app “Settings” in the main menu of your device and selecting the item “Apps” in the following menu item. There you will find an overview of all apps installed on your device. Select our app here. You can then switch the push notification function on or off by ticking “Show notifications”.

Advertising

Advertisers and third parties also may collect information about your activity on our sites and applications, on devices associated with you, and on third-party sites and applications using tracking technologies. Tracking data collected by these advertisers and third parties is used to decide which ads you see both on our sites and applications and on third-party sites and applications. You can opt out on the Digital Advertising Alliance (DAA)    if you wish not to receive targeted advertising. You may also be able to choose to control targeted advertising on other websites and platforms that you visit. In addition, you may also choose to control targeted advertising you receive within applications by using the settings and controls on your devices. 

When you use our Social Media Pages

We also process information that you have provided to us via our company pages on the relevant social media website. Such information may be the username used, contact details or a message sent to us. We regularly process this personal data only if we have previously expressly requested you to provide us with this data, for example as part of a survey. These processing operations are carried out by us as the sole data controller.

We process this data on the basis of our legitimate interest (Art. 6 para. 1 lit. f GDPR) in contacting people who make enquiries. In addition, we may process such data for evaluation and marketing purposes. This processing is carried out on the legal basis of our legitimate interest and serves our interest in further developing our offer and informing you specifically about our offers. Further data processing may take place if you have consented or if this serves the fulfilment of a legal obligation. 

The sole controller of this processing of personal data is the relevant social media website. Further information about the processing of personal data by the relevant social media website can be found at their respective Privacy Policies when following the links below.

Newsletter

On the basis of your expressly given consent, we will send you our newsletter or comparable information regularly by e-mail to your specified e-mail address.

To receive the newsletter, it is sufficient to provide your e-mail address. When you register to receive our newsletter, the data you provide will be used exclusively for this purpose. Subscribers may also be informed by e-mail of circumstances relevant to the service or registration.

For an effective registration, we require a valid e-mail address. In order to verify that a registration is actually made by the owner of an e-mail address, we use the “double-opt-in” procedure. For this purpose, we log the order for the newsletter, the sending of a confirmation e-mail and the receipt of the response requested herewith. No further data is collected. The data is used exclusively for sending the newsletter and is not passed on to third parties.

You can revoke your consent to the storage of your personal data and its use for newsletter dispatch at any time. There is a corresponding link in each newsletter. You can also unsubscribe at any time directly on this web site or inform us of your wish to do so using the contact option provided at the end of this privacy policy.

We send newsletters, e-mails and other electronic notifications with promotional information (hereinafter “newsletter”) only with the consent of the recipients or a legal permission. If the contents of the Newsletter are specifically described in the context of a registration, they are decisive for the consent of the users. In our newsletter, we tell what drives us: what topics, formats and people we encounter. We link to videos, articles and studies and occasionally invite you to events. Information on the content, the logging of your registration, the dispatch via the US provider MailChimp, a newsletter sending platform of the US provider Rocket Science Group, LLC.

The email addresses of our newsletter recipients, as well as their other data described in this notice, are stored on MailChimp’s servers in the USA. MailChimp uses this information to send and evaluate the newsletter on our behalf. Furthermore, according to its own information, MailChimp may use this data to optimise or improve its own services, e.g. for the technical optimisation of the dispatch and the presentation of the newsletters or for economic purposes in order to determine from which countries the recipients come. However, MailChimp does not use the data of our newsletter recipients to write to them itself or to pass it on to third parties.

We trust in the reliability and IT and data security of MailChimp.You can view MailChimp’s privacy policy here.

We would also like to point out that you can object to the future processing of your personal data in accordance with the legal requirements pursuant to Art. 21 of the GDPR at any time. The objection can be made in particular against the processing for purposes of direct advertising.

How your data is handled

Storage period

Unless a more specific retention period is stated within this privacy policy, your personal data will remain with us until the purpose for processing the data no longer applies. If you assert a justified request for deletion or revoke your consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g. retention periods under tax or commercial law); in the latter case, the data will be deleted once these reasons no longer apply.

Data transfer to the USA and other third countries

Among other things, we use tools from companies based in the USA or other third countries that are not secure under data protection law. If these tools are active, your personal data may be transferred to these third countries and processed there. We would like to point out that no level of data protection comparable to that in the EU can be guaranteed in these countries. For example, US companies are obliged to hand over personal data to security authorities without you as a data subject being able to take legal action against this. It can therefore not be ruled out that US authorities (e.g. intelligence services) process, evaluate and permanently store your data located on US servers for monitoring purposes. We have no influence on these processing activities.

Sharing of your data

We may share your information with organisations that help us provide the services described in this policy and who may process such data on our behalf and in accordance with this policy, to support our online offer and our services. 

Typically and unless otherwise stated in this policy, data may be shared on the basis of our contractual and pre-contractual obligations. Equally, if you have consented to it, or where there we have a legal obligation to do so or on the basis of our legitimate interests (e.g. when using agents, hosting providers, tax, business and legal advisors, customer care, accounting, billing and similar services that allow us to perform our contractual obligations, administrative tasks and duties efficiently and effectively). If we commission third parties to process data on the basis of a so-called “processing agreement”.

In relation to meta data obtained about you, we may share a cookie identifier and IP data with analytic service providers to assist us in the improvement and optimisation of our website which is subject to our Cookies Policy.

We may also disclose information in other circumstances such as when you agree to it or if the law, a Court order, a legal obligation or regulatory authority ask us to. If the purpose is the prevention of fraud or crime or if it is necessary to protect and defend our right, property or personal safety of our staff, the website and its users.

Updating your information

If you believe that the information we hold about you is inaccurate or that we are no longer entitled to use it and want to request its rectification, deletion or object to its processing, please contact us. For your protection and the protection of all of our users, we may ask you to provide proof of identity before we can answer the above requests.

Keep in mind, we may reject requests for certain reasons, including if the request is unlawful or if it may infringe on trade secrets or intellectual property or the privacy of another user. Also, we may not be able to accommodate certain requests to object to the processing of personal information, notably where such requests would not allow us to provide our service to you any more. 

Uninstall

You can stop all information collection by an app by uninstalling it using the standard uninstall process for your device. If you uninstall the app from your mobile device, the unique identifier associated with your device will continue to be stored. If you re-install the application on the same mobile device, we will be able to re-associate this identifier to your previous transactions and activities.

Accountability

In certain countries, including in the European Union, you have a right to lodge a complaint with the appropriate data protection authority if you have concerns about how we process information. The data protection authority you can lodge a complaint with notably may be that of your habitual residence, where you work or where we are established.

How We Protect Your Information

We work hard to protect you from unauthorized access to or alteration, disclosure or destruction of  information. As with all technology companies, although we take steps to secure your information, we do not promise, and you should not expect, that your personal information will always remain secure. We regularly monitor our systems for possible vulnerabilities and attacks and regularly review our information collection, storage and processing practices to update our physical, technical and organizational security measures. We may suspend your use of all or part of the services without notice if we suspect or detect any breach of security. 

Your Rights

You have the following rights with regard to the personal data concerning you:

  • Right to information,
  • Right to correction or deletion,
  • Right to restriction of processing,
  • Right to object to processing,
  • Right to data portability.

Revocation of your consent to data processing

Many data processing operations are only possible with your express consent. You can revoke consent you have already given at any time. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

Right to object to data collection in special cases and to direct marketing (Art. 21 GDPR)

If data processing is carried out on the basis of our legitimate interest (Art. 6 para. 1 lit. f GDPR), you have the right to object to the processing of your personal data at any time on grounds relating to your particular situation; this also applies to profiling based on these provisions. the respective legal basis on which processing is based can be found in this privacy policy. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is for the establishment, exercise or defence of legal claims.

If your personal data are processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to profiling insofar as it is related to such direct marketing. If you object, your personal data will subsequently no longer be used for the purpose of direct marketing (objection pursuant to Art. 21 para. 2 GDPR).

Right of appeal to the competent supervisory authority

In the event of breaches, data subjects have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, their place of work or the place of the alleged breach. The right of appeal is without prejudice to any other administrative or judicial remedy.

Right to data portability

You have the right to have data that we process automatically on the basis of your consent or in performance of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another responsible party, this will only be done insofar as it is technically feasible.

Information, deletion and correction

Within the framework of the applicable legal provisions, you have the right at any time to free information about your stored personal data, its origin and recipient and the purpose of the data processing and, if applicable, the right to correction or deletion of this data. You can contact us at any time with regard to this and any other questions you may have on the subject of personal data.

Right to restriction of processing

You have the right to request the restriction of the processing of your personal data. To do this, you can contact us at any time. The right to restriction of processing exists in the following cases:

If you dispute the accuracy of your personal data stored by us, we usually need time to check this. For the duration of the verification, you have the right to request the restriction of the processing of your personal data.

If the processing of your personal data happened/is happening unlawfully, you can request the restriction of data processing instead of erasure.

If we no longer need your personal data, but you need it to exercise, defend or assert legal claims, you have the right to request restriction of the processing of your personal data instead of erasure.

If you have lodged an objection under Article 21(1) of the GDPR, a balance must be struck between your interests and ours. As long as it has not yet been determined whose interests prevail, you have the right to demand the restriction of the processing of your personal data.

If you have restricted the processing of your personal data, this data may – apart from being stored – only be processed with your consent or for the assertion, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of an important public interest of the European Union or a Member State.

Objection to advertising e-mails

The use of contact data published within the framework of the imprint obligation for the purpose of sending advertising and information material not expressly requested is hereby objected to. The operators of the pages expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, for example by spam e-mails.

Miscellaneous and Closing

Authorisations and Access

We may request access or permission to certain functions from your mobile device,such as your permission to send notifications. 

The legal basis for data processing is our legitimate interest and the provision of contractual or pre-contractual measures. You can deactivate push notifications at any time via Settings/Messages (iOS) or Settings/Notifications/ (Android).

Push notifications for advertising purposes will only be sent to you if you have given your prior consent. The legal basis for sending promotional push notifications is consent. Deactivation is also possible via Settings/Messages (iOS) or Settings/Apps/ (Android).

Automated decision-making

We do not use automated decision-making or profiling.

Do Not Sell My Personal Information 

We do not sell information that directly identifies you, like your name, address or phone records. 

Accuracy

It is important that the data we hold about you is accurate and current, therefore please keep us informed of any changes to your personal data.

Changes and updates to the privacy policy

We kindly ask you to regularly inform yourself about the content of our privacy policy. We will amend the privacy policy as soon as changes to the data processing activities we carry out make this necessary. We will inform you as soon as the changes require an act of cooperation on your part (e.g., consent) or other individual notification.

Queries and Complaints 

Any comments or queries on this policy should be directed to us. If you believe that we have not complied with this policy or acted otherwise than in accordance with data protection law, then you should notify us.