Data Privacy

Privacy Policy according to Art. 13 GDPR

 

As the operator of this website, we take the protection of your personal data very seriously, treat it confidentially, and comply with current data protection regulations and this privacy policy. Below, we inform you in accordance with Article 13 of the EU General Data Protection Regulation (GDPR) about the processing of your personal data (hereinafter referred to as “data”).

 

  1. Definitions

 

The following privacy policy is based on the terminology used by the European legislator when adopting the GDPR. To ensure easy readability and understanding, we would like to explain the terms used in advance. In this privacy policy, we use, among other things, the following terms:

 

  1. Personal Data

 

Personal data means any information relating to an identified or identifiable natural person (hereinafter referred to as the “data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or one or more specific factors that express the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

 

  1. Data Subject (User)

 

Data subject is any identified or identifiable natural person whose personal data is processed by the controller responsible for processing.

 

  1. Processing

 

Processing is any operation or set of operations which is performed on personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure, or destruction.

 

  1. Restriction of Processing

 

Restriction of processing is the marking of stored personal data with the aim of limiting their processing in the future.

 

  1. Profiling

 

Profiling is any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.

 

  1. Pseudonymization

 

Pseudonymization is the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.

 

  1. Controller or Data Controller

 

Controller or data controller is the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

 

  1. Processor

 

Processor is a natural or legal person, public authority, agency, or other body which processes personal data on behalf of the controller.

 

  1. Recipient

 

Recipient is a natural or legal person, public authority, agency, or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients.

 

  1. Third Party

 

Third party is a natural or legal person, public authority, agency, or body other than the data subject, controller, processor, and persons who, under the direct authority of the controller or processor, are authorized to process personal data.

 

  1. Consent

 

Consent is any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

 

  1. Controller

 

WeLEON Entertainment GmbH

Gertkenstr. 9

49134 Rulle/Wallenhorst

Legal Representative: Werner Leonard

Tel.: +49 5407 8985539

Email: datenschutz@weleon.de

 

  1. General Information on Data Processing

 

  1. a) Scope of Data Processing

 

We generally process personal data of our users only to the extent necessary to provide a functioning website, as well as our content and services. The processing of personal data of our users is regularly done only with the user’s consent. An exception applies in cases where prior consent cannot be obtained for factual reasons, and the processing of the data is permitted by statutory provisions.

 

  1. b) Legal Basis for Data Processing

 

If we obtain the data subject’s consent for the processing of personal data, Article 6(1)(a) GDPR serves as the legal basis for processing.

For the processing of personal data necessary for the performance of a contract to which the data subject is a party, Article 6(1)(b) GDPR serves as the legal basis. This also applies to processing operations required to carry out pre-contractual measures.

If the processing of personal data is necessary for compliance with a legal obligation to which our company is subject, Article 6(1)(c) GDPR serves as the legal basis.

In cases where vital interests of the data subject or another natural person require the processing of personal data, Article 6(1)(d) GDPR serves as the legal basis.

If processing is necessary for the purposes of the legitimate interests pursued by our company or by a third party, and the interests, fundamental rights, and freedoms of the data subject do not outweigh the former interests, Article 6(1)(f) GDPR serves as the legal basis for processing.

 

  1. c) Data Retention Period

 

We process your data only as long as it is necessary to fulfill the contract, maintain our relationship, or comply with applicable legal requirements.

Different retention periods apply to business records. For data with tax relevance, a retention period of 10 years usually applies according to the Fiscal Code, while other data is retained for 6 years according to the Commercial Code.

As long as you do not object, we will use your data within the scope of our trusted business relationship for mutual benefit.

If you wish to delete your data, we will do so immediately, provided that legal retention obligations do not prevent deletion.

 

  1. SSL Encryption

 

This website uses SSL encryption (Secure Socket Layer) to transmit data from your browser to our server and to servers that provide files that we embed on our website. You can recognize the presence of SSL encryption by the preceding text “https” before the address of the website you are accessing in your browser.

 

  1. Provision of the Website and Creation of Log Files

 

  1. a) Description and Scope of Data Processing

 

Every time you visit our website, our system automatically collects data and information from the computer system of the accessing device. The following data is collected:

 

  • Browser type and version
  • User’s operating system
  • User’s internet service provider
  • User’s IP address
  • Date and time of access
  • Websites from which the user’s system reaches our website
  • Websites accessed by the user’s system via our website

 

The data is also stored in the log files of our system. This data is not stored together with other personal data of the user.

 

  1. b) Legal Basis for Data Processing

 

The legal basis for the temporary storage of data and log files is Article 6(1)(f) GDPR.

 

  1. c) Purpose of Data Processing

 

The temporary storage of

 

 the IP address by the system is necessary to enable delivery of the website to the user’s computer. For this purpose, the user’s IP address must remain stored for the duration of the session.

The data is stored in log files to ensure the functionality of the website. In addition, the data is used to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context.

Our legitimate interest in data processing pursuant to Article 6(1)(f) GDPR also lies in these purposes.

 

  1. d) Data Retention Period

 

The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. In the case of the collection of data for the provision of the website, this is the case when the respective session is ended.

In the case of data storage in log files, this is the case after seven days at the latest. Further storage is possible. In this case, the IP addresses of the users are deleted or anonymized, so that an assignment of the calling client is no longer possible.

  1. e) Objection and Removal Option

 

The collection of data for the provision of the website and the storage of data in log files is essential for the operation of the website. Consequently, there is no possibility for the user to object.

 

  1. Use of Cookies

 

  1. a) Description and Scope of Data Processing

 

Our website uses cookies. Cookies are text files that are stored in the internet browser or by the internet browser on the user’s computer system. When a user visits a website, a cookie may be stored on the user’s operating system. This cookie contains a characteristic string that allows the browser to be uniquely identified when the website is revisited.

We use cookies to make our website more user-friendly. Some elements of our website require that the accessing browser can still be identified after a page change.

The following data is stored and transmitted in the cookies:

  • Session ID

 

  1. b) Legal Basis for Data Processing

 

The legal basis for the processing of personal data using cookies is Article 6(1)(f) GDPR.

 

  1. c) Purpose of Data Processing

 

The purpose of using technically necessary cookies is to simplify the use of websites for users. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary that the browser is recognized even after a page change.

We need cookies for the following applications:

  • Adoption of language settings

The user data collected through technically necessary cookies will not be used to create user profiles.

Our legitimate interest in data processing pursuant to Article 6(1)(f) GDPR also lies in these purposes.

 

  1. d) Data Retention Period, Objection, and Removal Option

 

Cookies are stored on the user’s computer and transmitted to our site. Therefore, you as a user have full control over the use of cookies. You can deactivate or restrict the transmission of cookies by changing the settings in your internet browser. Cookies that have already been stored can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it is possible that not all functions of the website can be used in full.

 

  1. Newsletter

 

  1. a) Description and Scope of Data Processing

On our website, it is possible to subscribe to a free newsletter. When signing up for the newsletter, data from the input mask is transmitted to us. This includes:

  • First name, last name
  • Email address
  • Postal code
  • Country
  • Birthday

In addition, the following data is collected during registration:

  • IP address
  • Computer system used for registration
  • Date and time of registration

For the processing of data, your consent is obtained during the registration process, and reference is made to this privacy policy.

 

  1. b) Legal Basis for Data Processing

The legal basis for processing the data after the user subscribes to the newsletter, provided the user’s consent is given, is Article 6(1)(a) of the EU General Data Protection Regulation (EU GDPR).

 

  1. c) Purpose of Processing

The collection of the user’s email address is for the purpose of delivering the newsletter.

 

  1. d) Duration of Storage

The data is deleted as soon as it is no longer necessary for achieving the purpose for which it was collected. The user’s email address is therefore stored as long as the newsletter subscription is active. Other personally identifiable data collected during the registration process is usually deleted after a period of seven days.

 

  1. e) Objection and Removal Options

The newsletter subscription can be canceled by the user at any time. For this purpose, there is a corresponding link in every newsletter. This also allows for the withdrawal of consent for the storage of personally identifiable data collected during the registration process.

 

  1. f) Sending via Klick-Tipp

Our newsletters are sent using the mailing service provider KLICK-TIPP LIMITED (15 Cambridge Court, 210 Shepherd’s Bush Road, London W6 7NJ, United Kingdom). The privacy policy of the mailing service provider can be viewed at https://www.klick-tipp.com/datenschutzerklärung. The mailing service provider is used on the basis of our legitimate interests pursuant to Article 6(1)(f) of the EU GDPR and a data processing agreement pursuant to Article 28(3)(1) of the EU GDPR.

 

The mailing service provider may use the recipients’ data in pseudonymous form, i.e., without assigning it to a user, to optimize or improve its own services, such as the technical optimization of sending and displaying newsletters or for statistical purposes. However, the mailing service provider does not use the data of our newsletter recipients to contact them directly or to share the data with third parties.

 

  1. Newsletter Tracking
  2. a) Scope of Data Processing

The newsletters we send contain so-called tracking pixels. These are miniature graphics embedded in emails sent in HTML format to enable log file recording and log file analysis. This allows for statistical analysis of the success or failure of online marketing campaigns. Using the embedded tracking pixel, it can be determined whether and when an email was opened by a recipient and which links contained in the email were clicked by the recipient. Personal data is not passed on to third parties.

 

  1. b) Legal Basis for Data Processing

The legal basis for processing the data is Article 6(1)(a) and Article 6(1)(f) of the EU GDPR.

 

  1. c) Purpose of Data Processing

The collection and analysis of the relevant data serve to optimize newsletter delivery and tailor the content of future newsletters to the interests of the recipients.

 

  1. d) Duration of Storage

The data is deleted as soon as it is no longer necessary for achieving the purpose for which it was collected or if the consent given is revoked.

 

  1. e) Objection and Removal Options

Affected individuals are entitled to revoke their separate consent given through the double opt-in process at any time. After revocation, the personal data of the newsletter recipients will be deleted by the data controller. Unsubscribing from the newsletter is automatically considered as a revocation.

 

  1. Contact Form and Email Contact
  2. a) Description and Scope of Data Processing

Our website features a contact form that can be used for electronic communication. If a user chooses to use this option, the data entered into the input form will be transmitted to us and stored. This data includes:

  • First name, last name
  • Email address

At the time of sending the message, the following data is also collected:

  • IP address
  • Computer system used for submission
  • Date and time of transmission

Consent is obtained for data processing during the submission process, and reference is made to this privacy policy. Alternatively, contact can be made through the provided email address. In this case, the personally identifiable data of the user transmitted via email will be stored. In this context, the data is not disclosed to third parties and is solely used for processing the conversation.

 

  1. b) Legal Basis for Data Processing

The legal basis for processing the data, provided the user’s consent is given, is Article 6(1)(a) of the EU GDPR. If the email contact aims at the conclusion of a contract, an additional legal basis for processing is Article 6(1)(b) of the EU GDPR.

 

  1. c) Purpose of Data Processing

The processing of personally identifiable data from the input form serves solely for processing the contact. In the case of contact via email, this also constitutes the necessary legitimate interest in processing the data. The other personally identifiable data processed during the submission process serves to prevent misuse of the contact form and to ensure the security of our information technology systems.

 

  1. d) Duration of Storage

The data is deleted as soon as it is no longer necessary for achieving the purpose for which it was collected. For the personally identifiable data from the input form of the contact form and those sent via email, this is the case when the respective conversation with the user has ended. The conversation is deemed to have ended when it can be inferred from the circumstances that the relevant matter has been finally clarified. The personally identifiable data additionally collected during the submission process will be deleted no later than seven days after submission.

 

  1. e) Objection and Removal Options

The user has the option to revoke their consent to the processing of personally identifiable data at any time. If the user contacts us via email, they can object to the storage of their personally identifiable data at any time. In such a case, the conversation cannot be continued. All personally identifiable data that has been stored in the course of contact will be deleted in this case.

 

  1. Guestbook
  2. a) Scope of Data Processing

We offer users on our website the option to leave entries in our guestbook. If a user leaves an entry in our guestbook with prior consent, in addition to the comment left, information about the time of comment submission, as well as the first name and the first letter of the last name of the user, will be published. Additionally, the user’s IP address is logged. There is no disclosure of personally identifiable data to third parties unless such disclosure is required by law or serves legal defense.

 

  1. b) Legal Basis for Data Processing

The legal basis for processing the data is Article 6(1)(a) and Article 6(1)(f) of the EU GDPR.

 

  1. c) Purpose of Data Processing

The guestbook function allows users to leave opinions, criticisms, and comments. The storage of collected data and the IP address serves for security reasons and in the event that a user’s comment violates the rights of third parties or contains unlawful content.

 

  1. d) Dauer der Speicherung

Die Daten werden gelöscht, sobald sie für die Erreichung des Zweckes ihrer Erhebung nicht mehr erforderlich sind.

  1. e) Widerspruchs- und Beseitigungsmöglichkeit

Nutzer haben jederzeit die Möglichkeit, eigene Kommentare und damit ihre dazugehörigen Daten entweder selbst zu entfernen, oder uns mit der Entfernung zu beauftragen.

  1. Google Analytics
  2. a) Umfang der Datenverarbeitung

Wir nutzen auf unserer Webseite Google Analytics, einen Webanalysedienst der Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. Google Analytics verwendet sogenannte „Cookies“ (Textdateien) die auf dem Rechner des Nutzers gespeichert werden die durch diese Cookies erzeugten Informationen (Zeit, Ort und Häufigkeit des Webseitenbesuchs) werden in der Regel an einen Server von Google in den USA übertragen und dort gespeichert. Google wird diese Informationen benutzen, um die Webseiten Nutzung auszuwerten, Reports über die Aktivitäten auf der Webseite zusammenzustellen und um weitere mit der Webseitennutzung der Internet Nutzung verbundene Dienstleistungen gegenüber dem Webseitenbetreiber zu erbringen.

Wir nutzen Google Analytics mit der Code-Erweiterung „anonymizeIp“. So wird die IP-Adresse des Nutzers innerhalb der Mitgliedstaaten der Europäischen Union oder in anderen Vertragsstaaten des Abkommens über den europäischen Wirtschaftsraum vor Übermittlung an Google gekürzt und dadurch anonymisiert. Nur in Ausnahmefällen wird die volle IP-Adresse an einen Server von Google in den USA übertragen und dort gekürzt. Für diese Ausnahmefälle, in denen personenbezogene Daten in die USA übertragen werden, hat sich Google dem EU-US Privacy Shield unterworfen, https://www.privacyshield.gov/EU-US-Framework.

Die im Rahmen von Google Analytics von Ihrem Browser übermittelte IP-Adresse wird nicht mit anderen Daten von Google zusammengeführt.

  1. b) Rechtsgrundlage für die Datenverarbeitung

Rechtsgrundlage für die Verarbeitung personenbezogener Daten des Nutzers ist Art. 6 Abs. 1 lit. f EU-DSGVO.

  1. c) Zweck der Datenverarbeitung

Die Verarbeitung der personenbezogenen Daten der Nutzer ermöglicht uns eine Analyse der Benutzung unserer Webseite. Durch diese Auswertung sind wir in der Lage den Inhalt unserer Webseite und deren Nutzerfreundlichkeit stetig zu verbessern. Hierin Zwecken liegt auch unser berechtigtes Interesse in der Verarbeitung der Daten nach Art. 6 Abs. 1 lit. f EU-DSGVO. Durch die Anonymisierung der IP-Adresse wird dem Interesse der Nutzer an deren Schutz personenbezogener Daten hinreichend Rechnung getragen.

  1. d) Dauer der Speicherung

Standardmäßig werden Sitzungen nach 30 Minuten ohne Aktivität und Kampagnen nach sechs Monaten beendet. Das Zeitlimit für Kampagnen kann maximal zwei Jahre betragen.

  1. e) Widerspruchs- und Beseitigungsmöglichkeit

Cookies werden auf dem Rechner des Nutzers gespeichert und von diesem an unserer Seite übermittelt. Daher haben Sie als Nutzer auch die volle Kontrolle über die Verwendung von Cookies. Durch eine Änderung der Einstellungen in Ihrem Internetbrowser können Sie die Übertragung von Cookies deaktivieren oder einschränken. Bereits gespeicherte Cookies können jederzeit gelöscht werden. Dies kann auch automatisiert erfolgen. Werden Cookies für unsere Website deaktiviert, können möglicherweise nicht mehr alle Funktionen der Website vollumfänglich genutzt werden.

Nutzer können ferner die Erfassung durch Google Analytics verhindern, indem Sie auf folgenden Link klicken: [ga-optout text=”Disable Google Analytics”]

Es wird ein Opt-Out-Cookie gesetzt, das die zukünftige Erfassung Ihrer Daten beim Besuch dieser Website verhindert. Löscht der Nutzer den entsprechenden Cookie zwischenzeitlich vom eigenen System, so muss er den Opt-Out-Cookie erneut setzten.

Nähere Informationen zu Nutzungsbedingungen und Datenschutz finden Sie unter http://www.google.com/analytics/terms/de.html bzw. unter https://www.google.de/intl/de/policies/.

  1. AWIN
  2. a) Umfang der Datenverarbeitung

Wir verwenden auf unserer Webseite der Service AWIN. Dabei handelt es sich um einen Online-Dienst, der die Vermittlung von Werbung auf Drittseiten ermöglicht. Anbieter ist die AWIN AG, Eichhornstraße 3, 10785 Berlin.

AWIN setzt auf dem Computersystem des Nutzers ein Cookie (siehe oben), wodurch der AWIN AG Analyse der Benutzung unserer Webseite ermöglicht wird. Bei jedem Aufruf einer Einzelseite unserer Webseite wird der Internet Browser auf dem Computersystem des Nutzers durch AWIN automatisch veranlasst, Daten zum Zwecke der Online-Werbung und der Abrechnung von Provisionen an die AWIN AG zu übermitteln. Hierdurch erhält die AWIN AG Kenntnis über personenbezogene Daten, wie der IP-Adresse der Nutzer, die der AWIN AG unter anderem dazu dienen, die Herkunft der Besucher und Klicks nachzuvollziehen und in der Folge Provisionsabrechnungen zu ermöglichen.

Weitere Informationen zur dem Service der AWIN AG sind unter https://www.awin.com/de/rechtliches/privacy-policy abrufbar.

  1. b) Rechtsgrundlage für die Datenverarbeitung

Rechtsgrundlage für die Verarbeitung personenbezogener Daten des Nutzers ist Art. 6 Abs. 1 lit. f EU-DSGVO.

  1. c) Zweck der Datenverarbeitung

AWIN dient der Einbindung von Werbeanzeigen auf unserer Webseite.

  1. d) Widerspruchs- und Beseitigungsmöglichkeit

Nutzer können die Setzung von Cookies durch unsere Webseite, wie oben bereits dargestellt, jederzeit mittels einer entsprechenden Einstellung des verwendeten Internetbrowsers verhindern und damit der Setzung von Cookies dauerhaft widersprechen. Hierdurch würde auch verhindert, dass Google ein Cookie auf dem Computersystem des Nutzers setzt. Zudem können bereits gesetzte dies jederzeit über den Internetbrowser oder andere Softwareprogramme gelöscht werden.

  1. All In One WP Security & Firewall
  2. a) Umfang der Datenverarbeitung

Wir verwenden auf unserer Webseite das WordPress-Plugin All In One WP Security & Firewall. Hierdurch erhalten wir eine Übersicht über die Besuche unserer auf WordPress aufgebauten Webseite.

All In One WP Security & Firewall setzt ein Cookie (siehe oben) auf dem Computersystem des Nutzers. Bei jedem Aufruf einer Einzelseite unserer Webseite wird der Internet Browser auf dem Computersystem des Nutzers durch All In One WP Security & Firewall automatisch veranlasst, Daten zu Analysezwecken in unserer Datenbank zu sichern eine Weitergabe der Daten an tipsandtricks-hq erfolgt nicht. Die so gewonnenen Daten dienen der Analyse des Nutzerverhaltens auf unserer Webseite und damit einhergehenden Sicherheitsmaßnahmen.

Die geltenden Datenschutzbestimmungen von All In One WP Security & Firewall sind unter https://www.tipsandtricks-hq.com/privacy-policy abrufbar.

  1. b) Rechtsgrundlage für die Datenverarbeitung

Rechtsgrundlage ist Art. 6 Abs. 1 lit. f EU-DSGVO.

  1. c) Zweck der Datenverarbeitung

Die von All In One WP Security & Firewall ermittelten Daten dienen der Optimierung unserer Webseite. All In One WP Security & Firewall beinhaltet außerdem Sicherheitsfunktionen, dass unsere Webseite besser gegen Brute-Force-Attacken geschützt ist.

  1. d) Widerspruchs- und Beseitigungsmöglichkeit

Nutzer können die Setzung von Cookies durch unsere Webseite, wie oben bereits dargestellt, jederzeit mittels einer entsprechenden Einstellung des verwendeten Internetbrowsers verhindern und damit der Setzung von Cookies dauerhaft widersprechen. Hierdurch würde auch verhindert, dass Google ein Cookie auf dem Computersystem des Nutzers setzt. Zudem können bereits gesetzte dies jederzeit über den Internetbrowser oder andere Softwareprogramme gelöscht werden.

  1. Social-Media-Buttons mit „Shariff“
  2. a) Umfang der Datenverarbeitung

Wir verwenden auf unserer Webseite Shariff. Shariff stellt datenschutzkonforme Social-Media-Buttons zur Verfügung. Von der GitHub, Inc. (88 Colin P. Kelly Junior Street, San Francisco, CA 94107, USA) für die deutsche Computerzeitschrift c‘t entwickelt.

Üblicherweise übertragen die von den sozialen Netzwerken bereitgestellten Button-Lösungen bereits dann personenbezogene Daten an das jeweilige soziale Netzwerk, wenn ein Nutzer eine Webseite besucht, in welche ein Social-Media-Button integriert wurde. Durch die Nutzung der Shariff-Komponente werden erst dann personenbezogene Daten an soziale Netzwerke übermittelt, wenn der Nutzer einer Webseite aktiv einen der Social-Media-Buttons betätigt.

  1. b) Rechtsgrundlage für die Datenverarbeitung

Rechtsgrundlage für die Verarbeitung personenbezogener Daten des Nutzers ist Art. 6 Abs. 1 lit. a EU-DSGVO.

  1. c) Zweck der Datenverarbeitung

Der Einsatz der Shariff-Komponente hat den Zweck, die personenbezogenen Daten der Nutzer unserer Webseite zu schützen und uns gleichzeitig zu ermöglichen, eine Button-Lösung für soziale Netzwerke auf dieser Webseite zu integrieren.

  1. d) Widerspruchs- und Beseitigungsmöglichkeit

Klickt der Nutzer keinen der Social-Media-Buttons aktiv, findet keinerlei Austausch mit den sozialen Netzwerken statt.

  1. YouTube / Vimeo
  2. a) Umfang der Datenverarbeitung

Auf unserer Webseite setzen wir YouTube- und Vimeo Videos ein. Betreiber der entsprechenden Plugins sind die YouTube, LLC (901 Cherry Ave., San Bruno, CA 94066, USA) und die Vimeo, Inc.( White Plains, New York, USA) . Wenn der Nutzer eine Seite mit einem YouTube oder Vimeo Video besucht, wird eine Verbindung zu Servern des Anbieters hergestellt. Dabei wird diesem mitgeteilt, welche Webseite der Nutzer besucht.

Ist der Nutzer mit seinem Account beim jeweiligen Anbieter eingeloggt, kann dieser dessen Nutzerverhalten persönlich zuordnen.

Wird ein Video gestartet, setzt der Anbieter Cookies (siehe oben) ein, welche Informationen über das Nutzerverhalten sammeln.

Weitere Informationen sind unter https://www.google.de/intl/de/policies/privacy/ und https://vimeo.com/privacy abrufbar.

  1. b) Rechtsgrundlage für die Datenverarbeitung

Rechtsgrundlage ist Art. 6 Abs. 1 lit. f EU-DSGVO.

  1. c) Widerspruchs- und Beseitigungsmöglichkeit

Nutzer können die Setzung von Cookies, wie oben bereits dargestellt, jederzeit mittels einer entsprechenden Einstellung des verwendeten Internetbrowsers verhindern und damit der Setzung von Cookies dauerhaft widersprechen. Hierdurch würde auch verhindert, dass Google ein Cookie auf dem Computersystem des Nutzers setzt. Zudem können bereits gesetzte dies jederzeit über den Internetbrowser oder andere Softwareprogramme gelöscht werden.

  1. SoundCloud
  2. a) Umfang der Datenverarbeitung

Auf unseren Seiten können Plugins des sozialen Netzwerks SoundCloud (SoundCloud Limited, Berners House, 47-48 Berners Street, London W1T 3NF, Großbritannien.) integriert sein. Die SoundCloud- Plugins erkennen Sie an dem SoundCloud-Logo auf den betroffenen Seiten.

Wenn Sie unsere Seiten besuchen, wird nach Aktivierung des Plugins eine direkte Verbindung zwischen Ihrem Browser und dem SoundCloud-Server hergestellt. SoundCloud erhält dadurch die Information, dass Sie mit Ihrer IP-Adresse unsere Seite besucht haben. Wenn Sie den “Like-Button” oder “Share- Button” anklicken während Sie in Ihrem SoundCloud- Benutzerkonto eingeloggt sind, können Sie die Inhalte unserer Seiten mit Ihrem SoundCloud-Profil verlinken und/oder teilen. Dadurch kann SoundCloud Ihrem Benutzerkonto den Besuch unserer Seiten zuordnen. Wir weisen darauf hin, dass wir als Anbieter der Seiten keine Kenntnis vom Inhalt der übermittelten Daten sowie deren Nutzung durch SoundCloud erhalten. Weitere Informationen hierzu finden Sie in der Datenschutzerklärung von SoundCloud unter https://soundcloud.com/pages/privacy

  1. b) Rechtsgrundlage für die Datenverarbeitung

Rechtsgrundlage ist Art. 6 Abs. 1 lit. f EU-DSGVO.

  1. c) Widerspruchs- und Beseitigungsmöglichkeit

Wenn Sie nicht wünschen, dass Soundcloud den Besuch unserer Seiten Ihrem SoundCloud- Benutzerkonto zuordnet, loggen Sie sich bitte aus Ihrem SoundCloud-Benutzerkonto aus bevor Sie Inhalte des SoundCloud-Plugins aktivieren.

  1. Ihre Rechte als betroffene Person

Gemäß der EU-DSGVO haben Sie folgende Rechte:

  1. a) Auskunftsrecht

Sie können von dem Verantwortlichen eine Bestätigung darüber verlangen, ob personenbezogene Daten, die Sie betreffen, von uns verarbeitet werden.

Liegt eine solche Verarbeitung vor, können Sie von dem Verantwortlichen über folgende Informationen Auskunft verlangen:

(1) die Zwecke, zu denen die personenbezogenen Daten verarbeitet werden;

(2) die Kategorien von personenbezogenen Daten, welche verarbeitet werden;

(3) die Empfänger bzw. die Kategorien von Empfängern, gegenüber denen die Sie betreffenden personenbezogenen Daten offengelegt wurden oder noch offengelegt werden;

(4) die geplante Dauer der Speicherung der Sie betreffenden personenbezogenen Daten oder, falls konkrete Angaben hierzu nicht möglich sind, Kriterien für die Festlegung der Speicherdauer;

(5) das Bestehen eines Rechts auf Berichtigung oder Löschung der Sie betreffenden personenbezogenen Daten, eines Rechts auf Einschränkung der Verarbeitung durch den Verantwortlichen oder eines Widerspruchsrechts gegen diese Verarbeitung;

(6) das Bestehen eines Beschwerderechts bei einer Aufsichtsbehörde;

 

 

(7) all available information about the origin of the data if the personal data is not collected from the data subject;

(8) the existence of automated decision-making, including profiling, in accordance with Article 22(1) and (4) of the EU General Data Protection Regulation (EU GDPR), and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.

 

You have the right to request information as to whether personal data concerning you is transferred to a third country or to an international organization. In this context, you can request to be informed about the appropriate safeguards pursuant to Article 46 of the EU GDPR in connection with the transfer.

  1. b) Right to rectification of your data

You have the right to have your personal data corrected or completed by the controller if the processed personal data concerning you is inaccurate or incomplete. The controller shall make the correction without delay.

  1. c) Right to restriction of processing of your data

Under the following conditions, you can request the restriction of the processing of your personal data:

(1) if you dispute the accuracy of the personal data concerning you for a period that allows the controller to verify the accuracy of the personal data;

(2) the processing is unlawful, and you oppose the deletion of the personal data and instead request the restriction of their use;

(3) the controller no longer needs the personal data for the purposes of the processing, but you need them for the establishment, exercise, or defense of legal claims, or

(4) if you have objected to the processing pursuant to Article 21(1) of the EU GDPR, and it has not yet been determined whether the legitimate grounds of the controller override your grounds.

 

If the processing of your personal data has been restricted under the above conditions, these data may only be processed with your consent or for the establishment, exercise, or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or a Member State. If the restriction of processing has been restricted under the above conditions, you will be informed by the controller before the restriction is lifted.

  1. d) Right to erasure of your data
  2. aa) Obligation to delete

You can request the controller to delete your personal data concerning you without delay, and the controller is obliged to delete this data without delay if one of the following reasons applies:

(1) The personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed.

(2) You withdraw your consent on which the processing according to Article 6(1)(a) or Article 9(2)(a) of the EU GDPR is based, and there is no other legal basis for the processing.

(3) You object to the processing pursuant to Article 21(1) of the EU GDPR, and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Article 21(2) of the EU GDPR.

(4) The personal data concerning you have been unlawfully processed.

(5) Deletion of the personal data concerning you is necessary to fulfill a legal obligation under Union law or the law of the Member States to which the controller is subject.

(6) The personal data concerning you have been collected in relation to the offer of information society services pursuant to Article 8(1) of the EU GDPR.

  1. bb) Information to third parties

If the controller has made the personal data concerning you public and is obliged to delete them pursuant to Article 17(1) of the EU GDPR, the controller shall take appropriate measures, including technical measures, taking into account the available technology and implementation costs, to inform data controllers processing the personal data that you, as the data subject, have requested the deletion of all links to this personal data or of copies or replications of this personal data.

  1. cc) Exceptions

The right to erasure does not exist to the extent that processing is necessary

(1) to exercise the right to freedom of expression and information;

(2) to fulfill a legal obligation that requires processing under Union or Member State law to which the controller is subject or to perform a task carried out in the public interest or in the exercise of official authority vested in the controller;

(3) for reasons of public interest in the area of public health pursuant to Article 9(2)(h) and (i) and Article 9(3) of the EU GDPR;

(4) for archiving purposes in the public interest, scientific or historical research purposes, or statistical purposes pursuant to Article 89(1) of the EU GDPR, to the extent that the right referred to in paragraph a) is likely to render impossible or seriously impair the achievement of the objectives of that processing, or

(5) for the establishment, exercise, or defense of legal claims.

  1. e) Right to information

If you have exercised your right to rectification, erasure, or restriction of processing with the controller, the controller is obliged to notify all recipients to whom the personal data concerning you have been disclosed of this rectification, erasure, or restriction of processing, unless this proves impossible or involves a disproportionate effort. You have the right to be informed about these recipients vis-à-vis the controller.

  1. f) Right to data portability

You have the right to receive the personal data concerning you that you have provided to the controller in a structured, commonly used, and machine-readable format. You also have the right to transmit this data to another controller without hindrance from the controller to whom the personal data was provided, provided that

(1) the processing is based on consent pursuant to Article 6(1)(a) of the EU GDPR or Article 9(2)(a) of the EU GDPR or on a contract pursuant to Article 6(1)(b) of the EU GDPR and

(2) the processing is carried out by automated means.

 

In exercising this right, you also have the right to have your personal data concerning you transmitted directly from one controller to another, where technically feasible. This must not adversely affect the rights and freedoms of others. The right to data portability does not apply to processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

  1. g) Right to object

You have the right to object, on grounds relating to your particular situation, at any time, to processing of personal data concerning you which is based on Article 6(1)(e) or (f) of the EU GDPR, including profiling based on those provisions. The controller shall no longer process the personal data concerning you unless they demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms, or for the establishment, exercise, or defense of legal claims.

Where personal data concerning you are processed for direct marketing purposes, you have the right to object at any time to processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing.

If you object to processing for direct marketing purposes, the personal data concerning you shall no longer be processed for such purposes.

You have the option to exercise your right to object in relation to the use of information society services, notwithstanding Directive 2002/58/EC, by automated means using technical specifications.

  1. h) Right to withdraw consent under data protection law

You have the

 

 right to withdraw your data protection consent at any time. Withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

  1. i) Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement, if you consider that the processing of personal data concerning you infringes the EU GDPR. The supervisory authority with which the complaint has been lodged shall inform the complainant about the progress and the outcome of the complaint, including the possibility of a judicial remedy pursuant to Article 78 of the EU GDPR.

The competence of the supervisory authority is determined by your place of residence. You can find a list of supervisory authorities here: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html

Data protection declaration in accordance with Article 13 of the EU GDPR

We, as the operator of this website, take the protection of your personal data very seriously, treat it confidentially, and in accordance with the current legal data protection regulations and this data protection declaration. Below, we inform you in accordance with Article 13 of the EU General Data Protection Regulation (EU GDPR) about the processing of your personal data (hereinafter referred to as “data”).

  1. Definition

The following data protection declaration is based on the terminology used by the European legislator and regulator when adopting the EU GDPR. In order to ensure easy readability and comprehension, we would like to explain the terms used in advance.

In this data protection declaration, we use, among others, the following terms:

  1. Personal data

Personal data means any information relating to an identified or identifiable natural person (hereinafter referred to as the “data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

  1. Data subject (user)

Data subject is any identified or identifiable natural person whose personal data is processed by the controller.

  1. Processing

Processing is any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure, or destruction.

  1. Restriction of processing

Restriction of processing is the marking of stored personal data with the aim of limiting their processing in the future.

  1. Profiling

Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.

  1. Pseudonymization

Pseudonymization is the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.

  1. Controller or controller for the processing

Controller or controller for the processing is the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

 

  1. h) Processor

Processor is a natural or legal person, authority, agency, institution, or other body that processes personal data on behalf of the controller.

 

  1. i) Recipient

Recipient is a natural or legal person, authority, agency, institution, or other body to whom personal data is disclosed, whether or not it is a third party. However, authorities that may receive personal data in the context of a specific investigation under Union law or the law of the Member States are not considered recipients.

 

  1. j) Third party

Third party is a natural or legal person, authority, agency, institution, or other body other than the data subject, the controller, the processor, and the persons who, under the direct authority of the controller or processor, are authorized to process personal data.

 

  1. k) Consent

Consent is any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

 

  1. Controller for Data Processing

WeLEON Entertainment GmbH

Gertkenstr. 9

49134 Rulle/Wallenhorst

Legal Representative: Werner Leonard

Tel.: +49 5407 8985539

Email: datenschutz@weleon.de

 

  1. General Information on Data Processing
  2. a) Scope of Data Processing

We generally process personal data of our users only to the extent necessary for providing a functioning website, as well as our content and services. The processing of personal data of our users is usually based on the user’s consent. An exception applies in cases where obtaining prior consent is not possible for factual reasons and the processing of data is permitted by legal regulations.

 

  1. b) Legal Basis for Data Processing

When we obtain the consent of the data subject for processing personal data, Article 6(1)(a) of the EU General Data Protection Regulation (EU GDPR) serves as the legal basis.

For the processing of personal data necessary for the performance of a contract to which the data subject is a party, Article 6(1)(b) of the EU GDPR serves as the legal basis. This also applies to processing operations required to carry out pre-contractual measures. If processing of personal data is necessary to fulfill a legal obligation to which our company is subject, Article 6(1)(c) of the EU GDPR serves as the legal basis.

In the event that vital interests of the data subject or another natural person require the processing of personal data, Article 6(1)(d) of the EU GDPR serves as the legal basis. If the processing is necessary to protect a legitimate interest of our company or a third party, and the interests, fundamental rights, and freedoms of the data subject do not outweigh the first-mentioned interest, Article 6(1)(f) of the EU GDPR serves as the legal basis for the processing.

 

  1. c) Duration of Data Processing

We process your data only as long as it is necessary to fulfill the contract, maintain our relationship, or comply with applicable legal requirements.

Different retention periods apply to business records. For data with tax relevance, the German Fiscal Code generally prescribes a retention period of 10 years, and for other data, the Commercial Code prescribes 6 years.

As long as you do not object, we will use your data in the context of our trusting business relationship for mutual benefit.

If you wish to delete your data, we will do so immediately, unless legal retention obligations oppose it.

 

  1. SSL Encryption

This website uses SSL encryption (Secure Socket Layer) for the transmission of data from your browser to our server and to servers that provide files that we integrate into our website. You can recognize the presence of SSL encryption by the prefix “https” before the address of the website you are visiting in your browser.

 

  1. Provision of the Website and Creation of Log Files
  2. a) Description and Scope of Data Processing

Each time you visit our website, our system automatically collects data and information from the system of the calling device. The following data is collected:

  • Type and version of the browser
  • User’s operating system
  • Internet service provider of the user
  • User’s IP address
  • Date and time of access
  • Websites from which the user’s system reaches our website
  • Websites accessed by the user’s system via our website

This data is also stored in the log files of our system. This data is not stored together with other personal data of the user.

 

  1. b) Legal Basis for Data Processing

The legal basis for the temporary storage of data and log files is Article 6(1)(f) of the EU GDPR.

 

  1. c) Purpose of Data Processing

The temporary storage of the IP address by the system is necessary to enable the website to be delivered to the user’s computer. For this purpose, the user’s IP address must remain stored for the duration of the session.

The storage in log files is done to ensure the functionality of the website. In addition, the data serves us to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context.

These purposes also constitute our legitimate interest in data processing pursuant to Article 6(1)(f) of the EU GDPR.

 

  1. d) Duration of Data Processing

The data is deleted as soon as it is no longer required to achieve the purpose of its collection. In the case of data collected for the provision of the website, this is the case when the respective session is ended.

In the case of data stored in log files, this is the case after a maximum of seven days. Further storage is possible. In this case, the IP addresses of users are deleted or anonymized, so that an assignment of the calling client is no longer possible.

 

  1. e) Objection and Removal Option

The collection of data for the provision of the website and the storage of data in log files is essential for the operation of the website. There is consequently no option for the user to object.

 

  1. Use of Cookies
  2. a) Description and Scope of Data Processing

Our website uses cookies. Cookies are text files that are stored in the internet browser or by the internet browser on the user’s computer system. When a user calls up a website, a cookie can be stored on the user’s operating system. This cookie contains a characteristic string of characters that enables the browser to be uniquely identified when the website is called up again. We use cookies to make our website more user-friendly. Some elements of our website require that the calling browser can be identified even after a page change. We also use cookies on our website that allow us to analyze the user’s surfing behavior.

The data collected in this way is pseudonymized by technical precautions. Therefore, it is no longer possible to assign the data to the calling user. The data is not stored together with other personal data of the user.

When accessing our website, users are informed by an info banner about the use of cookies for analytical purposes and referred to this privacy policy. In this context, there is also a note on how the storage of cookies can be prevented in the browser settings.

 

  1. b) Legal Basis for Data Processing

The legal basis for the processing of personal data using cookies is Article 6(1)(f) of the EU GDPR.

 

  1. c) Purpose of Data Processing

The purpose of using technically necessary cookies is to simplify the use of websites for users. Some functions of our website

 

 cannot be offered without the use of cookies. For these, it is necessary that the browser can be recognized even after a page change. The user data collected through technically necessary cookies is not used to create user profiles.

The use of analysis cookies is for the purpose of improving the quality of our website and its content. Through the analysis cookies, we learn how the website is used and can thus continuously optimize our offering.

These purposes also constitute our legitimate interest in the processing of personal data pursuant to Article 6(1)(f) of the EU GDPR.

 

  1. d) Duration of Storage, Objection, and Removal Option

Cookies are stored on the user’s computer and transmitted by the user to our site. Therefore, you as a user also have full control over the use of cookies. You can disable or restrict the transmission of cookies by changing the settings in your internet browser. Cookies that have already been stored can be deleted at any time. This can also be done automatically. If cookies are disabled for our website, it may not be possible to use all the functions of the website to their full extent.

 

  1. Newsletter
  2. a) Description and Scope of Data Processing

On our website, there is the possibility to subscribe to a free newsletter. When registering for the newsletter, the data from the input mask is transmitted to us. This includes:

  • First name, last name
  • Email address
  • Postal code
  • Country
  • Birthday

In addition, the following data is collected during registration:

  • IP address
  • Computer system used for registration
  • Date and time of registration

Your consent is obtained for the processing of the data as part of the registration process, and reference is made to this privacy policy.

 

  1. b) Legal Basis for Data Processing

The legal basis for the processing of data after registration for the newsletter by the user is Article 6(1)(a) of the EU GDPR when the user has given their consent.

 

  1. c) Purpose of Data Processing

The collection of the user’s email address serves to deliver the newsletter.

 

  1. d) Duration of Storage

The data is deleted as soon as it is no longer required for the purpose of its collection. The user’s email address is therefore stored for as long as the newsletter subscription is active. The other personal data collected during the registration process is usually deleted after a period of seven days.

 

  1. e) Objection and Removal Option

The newsletter subscription can be canceled by the user at any time. For this purpose, there is a corresponding link in each newsletter. This also allows for a revocation of the consent to the storage of the personal data collected during the registration process.

 

  1. f) Sending via Klick-Tipp

The sending of our newsletters is carried out by the service provider KLICK-TIPP LIMITED (15 Cambridge Court, 210 Shepherd’s Bush Road, London W6 7NJ, United Kingdom). The data protection regulations of the service provider can be viewed at https://www.klick-tipp.com/datenschutzerklärung. The service provider is used on the basis of our legitimate interests pursuant to Article 6(1)(f) of the GDPR and an order processing contract pursuant to Article 28(3)(1) of the GDPR.

The service provider may use the data of recipients in pseudonymous form, i.e., without assignment to a user, to optimize or improve its own services, e.g., for the technical optimization of sending and displaying newsletters or for statistical purposes. The service provider does not use the data of our newsletter recipients to write to them itself or to pass the data on to third parties.

 

  1. Newsletter Tracking
  2. a) Scope of Data Processing

The newsletters we send contain so-called tracking pixels. These are miniature graphics embedded in the emails sent in HTML format to enable log file recording and analysis. This allows for a statistical evaluation of the success or failure of online marketing campaigns. Using the embedded tracking pixel, it is possible to determine whether and when an email was opened by a data subject and which links contained in the email were accessed by the data subject. Personal data is not disclosed to third parties.

 

  1. b) Legal Basis for Data Processing

The legal basis for data processing is Article 6(1)(a) of the EU General Data Protection Regulation (EU GDPR) and Article 6(1)(f) of the EU GDPR.

 

  1. c) Purpose of Data Processing

The collection and analysis of this data is aimed at optimizing newsletter delivery and tailoring the content of future newsletters to the interests of the data subjects.

 

  1. d) Duration of Data Storage

The data is deleted as soon as it is no longer required for the purpose of its collection or if the consent given is revoked.

 

  1. e) Objection and Removal Option

Data subjects have the right to revoke their separate consent given through the double opt-in process at any time. After revocation, the personal data related to tracking will be deleted by the data controller. Unsubscribing from the newsletter will automatically be considered as a revocation.

 

  1. Contact Form and Email Contact
  2. a) Description and Scope of Data Processing

Our website includes a contact form that can be used for electronic communication. If a user chooses this option, the data entered in the input mask is transmitted to us and stored. This data includes:

  • First name, last name
  • Email address

At the time of sending the message, the following data is also collected:

  • IP address
  • Computer system used for registration
  • Date and time of transmission

Consent is obtained for processing the data as part of the submission process, with reference to this privacy policy. Alternatively, contact can be made through the provided email address. In this case, the user’s personal data transmitted by email will be stored. In this context, there is no disclosure of the data to third parties, and the data is used solely for processing the conversation.

 

  1. b) Legal Basis for Data Processing

The legal basis for data processing with user consent is Article 6(1)(a) of the EU GDPR. If the email contact aims to conclude a contract, an additional legal basis for data processing is Article 6(1)(b) of the EU GDPR.

 

  1. c) Purpose of Data Processing

The processing of personal data from the input mask is solely for processing the contact request. Email contact also serves the necessary legitimate interest in processing the data.

 

  1. d) Duration of Data Storage

The data is deleted as soon as it is no longer required for the purpose of its collection. This is the case when the respective conversation with the user is terminated. The conversation is considered terminated when it can be inferred from the circumstances that the matter in question has been conclusively clarified. Additionally collected personal data during the transmission will be deleted no later than seven days after the message was sent.

 

  1. e) Objection and Removal Option

Users have the option to revoke their consent to the processing of personal data at any time. If a user contacts us by email, they can object to the storage of their personal data at any time. In this case, the conversation cannot be continued. In such cases, all personal data stored as part of the contact will be deleted.

 

  1. Guestbook
  2. a) Scope of Data Processing

We offer users the opportunity to leave entries in our guestbook on our website. When a user leaves an entry in our guestbook with prior consent, the comment left, as well as information about the time of comment submission, and the first name and first letter of the last name of the user, are published. In addition, the IP address of the user is logged. There is no disclosure of personal data to third parties unless such disclosure is legally required or serves legal defense.

 

  1. b) Legal Basis for Data Processing

The legal basis for data processing is Article 6(1)(a) of the EU GDPR and Article 6(1)(f) of the EU GDPR.

 

  1. c) Purpose of Data Processing

The guestbook function allows users to leave opinions, feedback, and comments. The storage of the data collected, including the IP address, is for security reasons and in case the user violates the rights of third parties or posts unlawful content.

 

  1. d) Duration of Data Storage

The data is deleted as soon as it is no longer required for the purpose of its collection.

 

  1. e) Objection and Removal Option

Users have the option to remove their own comments and the associated data themselves or request us to remove it.

  1. Google Analytics
  2. a) Scope of Data Processing

We use Google Analytics, a web analytics service provided by Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA, on our website. Google Analytics uses so-called “cookies” (text files) that are stored on the user’s computer. The information generated by these cookies (time, location, and frequency of website visits) is usually transmitted to a Google server in the USA and stored there. Google will use this information to evaluate website usage, compile reports on website activity, and provide other services related to website and internet usage to the website operator. We use Google Analytics with the “anonymizeIp” code extension, which shortens the user’s IP address within the member states of the European Union or other contracting states of the European Economic Area before it is transmitted to Google, thus anonymizing it. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there. For these exceptional cases where personal data is transferred to the USA, Google has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework. The IP address transmitted to Google Analytics by your browser is not merged with other Google data.

 

  1. b) Legal Basis for Data Processing

The legal basis for processing personal data of the user is Article 6(1)(f) of the EU General Data Protection Regulation (EU GDPR).

 

  1. c) Purpose of Data Processing

The processing of users’ personal data allows us to analyze the usage of our website. This analysis enables us to continuously improve the content and user-friendliness of our website. Our legitimate interest in processing the data pursuant to Article 6(1)(f) of the EU GDPR also lies in these purposes. The anonymization of the IP address takes into account the users’ interest in protecting their personal data.

 

  1. d) Duration of Data Storage

Sessions are terminated after 30 minutes of inactivity, and campaigns are terminated after six months by default. The time limit for campaigns can be a maximum of two years.

 

  1. e) Objection and Removal Option

Cookies are stored on the user’s computer and transmitted to our site by the user. Therefore, as a user, you have full control over the use of cookies. By changing the settings in your internet browser, you can deactivate or restrict the transmission of cookies. Already stored cookies can be deleted at any time, either manually or automatically. If cookies are deactivated for our website, some functions of the website may not be fully available. Users can also prevent the collection of data by Google Analytics by clicking on the following link: [ga-optout text=”Disable Google Analytics”]. An opt-out cookie will be set, which prevents the future collection of your data when visiting this website. If the user deletes the corresponding cookie from their system in the meantime, they must set the opt-out cookie again. Further information on terms of use and data protection can be found at http://www.google.com/analytics/terms/de.html or at https://www.google.de/intl/de/policies/.

 

  1. AWIN
  2. a) Scope of Data Processing

We use the AWIN service on our website. This is an online service that enables the placement of advertisements on third-party websites. The provider is AWIN AG, Eichhornstraße 3, 10785 Berlin. AWIN places a cookie (see above) on the user’s computer system, allowing AWIN AG to analyze the use of our website. Each time an individual page of our website is accessed, the user’s internet browser is automatically prompted by AWIN to transmit data to AWIN AG for the purpose of online advertising and commission settlement. This allows AWIN AG to gain knowledge of personal data, such as the user’s IP address, which is used, among other things, to trace the origin of visitors and clicks and subsequently enable commission settlements. Further information about AWIN AG’s service can be found at https://www.awin.com/de/rechtliches/privacy-policy.

 

  1. b) Legal Basis for Data Processing

The legal basis for processing the user’s personal data is Article 6(1)(f) of the EU GDPR.

 

  1. c) Purpose of Data Processing

AWIN is used to integrate advertisements on our website.

 

  1. d) Objection and Removal Option

Users can prevent the setting of cookies by our website, as described above, at any time by adjusting the settings of the internet browser used and thus permanently object to the setting of cookies. This would also prevent Google from setting a cookie on the user’s computer system. Cookies already set can be deleted at any time via an internet browser or other software programs.

 

  1. All In One WP Security & Firewall
  2. a) Scope of Data Processing

We use the WordPress plugin All In One WP Security & Firewall on our website. This provides us with an overview of visits to our website, which is built on WordPress. All In One WP Security & Firewall places a cookie (see above) on the user’s computer system. Each time an individual page of our website is accessed, the user’s internet browser is automatically prompted by All In One WP Security & Firewall to store data for analysis purposes in our database. No data is passed on to tipsandtricks-hq. The data obtained in this way is used for the analysis of user behavior on our website and for associated security measures.

 

  1. Social-Media Buttons with “Shariff”
  2. a) Scope of Data Processing

We use Shariff on our website. Shariff provides data protection-compliant social media buttons developed by GitHub, Inc. (88 Colin P. Kelly Junior Street, San Francisco, CA 94107, USA) for the German computer magazine c’t. Typically, the button solutions provided by social networks already transmit personal data to the respective social network when a user visits a website with an integrated social media button. By using the Shariff component, personal data is only transmitted to social networks when the user actively clicks on one of the social media buttons.

 

  1. b) Legal Basis for Data Processing

The legal basis for processing the user’s personal data is Article 6(1)(a) of the EU General Data Protection Regulation (EU GDPR).

 

  1. c) Purpose of Data Processing

The use of the Shariff component aims to protect the personal data of users of our website while allowing us to integrate a button solution for social networks on this website.

 

  1. d) Objection and Removal Option

If the user does not actively click on any of the social media buttons, no exchange with the social networks takes place.

 

  1. YouTube / Vimeo
  2. a) Scope of Data Processing

We use YouTube and Vimeo videos on our website. The operators of the respective plugins are YouTube, LLC (901 Cherry Ave., San Bruno, CA 94066, USA) and Vimeo, Inc. (White Plains, New York, USA). When a user visits a page with a YouTube or Vimeo video, a connection is made to the provider’s servers. The provider is informed about which website the user has visited. If the user is logged into their account with the respective provider, the provider can associate their user behavior with them. When a video is started, the provider uses cookies (see above) to collect information about user behavior. Additional information can be found at https://www.google.de/intl/de/policies/privacy/ and https://vimeo.com/privacy.

 

  1. b) Legal Basis for Data Processing

The legal basis is Article 6(1)(f) of the EU General Data Protection Regulation (EU GDPR).

 

  1. c) Objection and Removal Option

Users can prevent the setting of cookies, as described above, at any time by adjusting the settings of the internet browser used and thus permanently object to the setting of cookies. This would also prevent Google from setting a cookie on the user’s computer system. Cookies already set can be deleted at any time via an internet browser or other software programs.

 

  1. SoundCloud
  2. a) Scope of Data Processing

Our pages may include plugins from the social network SoundCloud (SoundCloud Limited, Berners House, 47-48 Berners Street, London W1T 3NF, United Kingdom). You can recognize the SoundCloud plugins by the SoundCloud logo on the affected pages. When you visit our pages, a direct connection is established between your browser and the SoundCloud server after activating the plugin. SoundCloud receives information that you have visited our site with your IP address. If you click the “Like” button or “Share” button while logged into your SoundCloud account, you can link and/or share the content of our pages with your SoundCloud profile. SoundCloud can associate the visit to our pages with your user account. We would like to point out that, as the provider of these pages, we have no knowledge of the content of the transmitted data or its use by SoundCloud. Further information can be found in SoundCloud’s privacy policy at https://soundcloud.com/pages/privacy.

 

  1. b) Legal Basis for Data Processing

The legal basis is Article 6(1)(f) of the EU General Data Protection Regulation (EU GDPR).

 

  1. c) Objection and Removal Option

If you do not wish SoundCloud to associate your visit to our pages with your SoundCloud user account, please log out of your SoundCloud user account before activating the SoundCloud plugin.

 

  1. Your Rights as a Data Subject

According to the EU GDPR, you have the following rights:

  1. a) Right to Information

You can request confirmation from the data controller as to whether personal data concerning you is being processed by us. If such processing is taking place, you can request the following information from the data controller:

(1) The purposes for which the personal data is processed.

(2) The categories of personal data that are being processed.

(3) The recipients or categories of recipients to whom the personal data concerning you has been or will be disclosed.

(4) The planned duration of the storage of the personal data concerning you, or if specific information about this is not possible, criteria for determining the storage period.

(5) The existence of a right to rectify or erase the personal data concerning you, a right to restrict processing by the controller, or a right to object to such processing.

(6) The existence of a right to lodge a complaint with a supervisory authority.

(7) All available information on the source of the data if the personal data is not collected from the data subject.

(8) The existence of automated decision-making, including profiling, in accordance with Article 22(1) and (4) of the EU GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.

You have the right to request information as to whether the personal data concerning you is transferred to a third country or to an international organization. In this context, you can request to be informed about the appropriate safeguards pursuant to Article 46 of the EU GDPR in connection with the transfer.

 

  1. b) Right to Rectification of Your Data

You have the right to have inaccurate or incomplete personal data concerning you corrected and/or completed by the data controller without undue delay.

 

Continuing with the translation:

 

  1. c) Right to Restrict Processing of Your Data

Under the following conditions, you can request the restriction of the processing of your personal data:

(1) If you dispute the accuracy of your personal data for a period that allows the controller to verify the accuracy of the personal data.

(2) The processing is unlawful, and you oppose the deletion of the personal data and instead request the restriction of its use.

(3) The controller no longer needs the personal data for the purposes of processing, but you require it for the establishment, exercise, or defense of legal claims.

(4) If you have objected to processing in accordance with Article 21(1) of the EU GDPR, and it is not yet clear whether the legitimate grounds of the controller override your reasons.

 

If the processing of your personal data has been restricted under the conditions mentioned above, such data, except for storage, may only be processed with your consent or for the establishment, exercise, or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of substantial public interest of the Union or a Member State. If the restriction of processing has been restricted under the above-mentioned conditions, you will be informed by the controller before the restriction is lifted.

 

  1. d) Right to Erasure of Your Data
  2. aa) Obligation to Erase

You can request the data controller to erase your personal data without undue delay, and the controller is obligated to erase this data without undue delay if one of the following reasons applies:

(1) The personal data concerning you is no longer necessary for the purposes for which it was collected or otherwise processed.

(2) You withdraw your consent on which the processing pursuant to Article 6(1)(a) or Article 9(2)(a) of the EU GDPR is based, and there is no other legal ground for the processing.

(3) You object to the processing pursuant to Article 21(1) of the EU GDPR, and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Article 21(2) of the EU GDPR.

(4) The personal data concerning you has been unlawfully processed.

(5) The erasure of the personal data concerning you is required to fulfill a legal obligation under Union law or the law of the Member States to which the controller is subject.

(6) The personal data concerning you has been collected in relation to the offer of information society services referred to in Article 8(1) of the EU GDPR.

 

  1. bb) Information to Third Parties

If the data controller has made the personal data concerning you public and is obligated to erase it pursuant to Article 17(1) of the EU GDPR, the controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform other controllers processing the personal data that you have requested erasure by such controllers of any links to, or copy or replication of, those personal data.

 

  1. cc) Exceptions

The right to erasure does not exist to the extent that processing is necessary:

(1) For exercising the right of freedom of expression and information.

(2) For compliance with a legal obligation that requires processing under Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

(3) For reasons of public interest in the area of public health pursuant to Article 9(2)(h) and (i) as well as Article 9(3) of the EU GDPR.

(4) For archiving purposes in the public interest, scientific or historical research purposes, or statistical purposes pursuant to Article 89(1) of the EU GDPR, to the extent that the right referred to in section a) is likely to render impossible or seriously impair the achievement of the objectives of that processing, or

(5) For the establishment, exercise, or defense of legal claims.

 

  1. e) Right to Notification

If you have exercised your right to rectification, erasure, or restriction of processing with the data controller, the controller is obliged to communicate this rectification or erasure of the data or restriction of processing to each recipient to whom the personal data concerning you has been disclosed, unless this proves impossible or involves disproportionate effort. You have the right to be informed about these recipients by the controller.

 

  1. f) Right to Data Portability

You have the right to receive the personal data concerning you, which you have provided to the controller, in a structured, commonly used, and machine-readable format. You also have the right to transmit this data to another controller without hindrance from the controller to which the personal data was provided, where:

(1) The processing is based on consent pursuant to Article 6(1)(a) of the EU GDPR or Article 9(2)(a) of the EU GDPR or on a contract pursuant to Article 6(1)(b) of the EU GDPR, and

(2) The processing is carried out by automated means.

 

In exercising this right, you also have the right to have your personal data transmitted directly from one controller to another, where technically feasible. This shall not adversely affect the freedoms and rights of others.

 

The right to data portability does not apply to processing of personal data that is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

 

  1. g) Right to Object

You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on Article 6(1)(e) or (f) of the EU GDPR, including profiling based on those provisions.

 

The controller shall no longer process the personal data concerning you unless the controller demonstrates compelling legitimate grounds for the processing which override your interests, rights, and freedoms or for the establishment, exercise, or defense of legal claims.

 

If personal data concerning you is processed for direct marketing purposes, you have the right to object at any time to processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing.

 

If you object to processing for direct marketing purposes, the personal data concerning you shall no longer be processed for such purposes.

 

You have the option, in the context of the use of information society services, notwithstanding Directive 2002/58/EC, to exercise your right to object by automated means using technical specifications.

 

  1. h) Right to Withdraw Consent for Data Protection

You have the right to withdraw your data protection consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

 

  1. i) Right to Lodge a Complaint with the Data Protection Supervisory Authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, your place of work, or the place of the alleged infringement if you believe that the processing of personal data concerning you violates the EU GDPR. The supervisory authority with which the complaint has been lodged shall inform the complainant of the progress and the outcome of the complaint, including the possibility of a judicial remedy under Article 78 of the EU GDPR.

 

The jurisdiction of the supervisory authority is determined by your place of residence. A list of supervisory authorities can be found here: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html

 

If you believe that your personal data is being processed in violation of the EU GDPR, you have the right to file a complaint with the relevant supervisory authority in your jurisdiction. They will investigate your complaint and inform you of the outcome. If you are not satisfied with the response from the supervisory authority, you also have the right to seek judicial remedies in accordance with Article 78 of the EU GDPR.