- Name and address of the Controller
- Name and address of the Data Protection Officer
- What data do we collect?
- What do we use your data for?
- How do we protect your data?
- Will your data be shared with third parties?
- Transfers to third countries
- What are your rights?
- When will your data be deleted?
- Provision of contractual services
- Collection of access data and log files
- Use of Google Analytics
- Online advertisement
- User surveys / User feedback
- Protection of minors
The Controller in regard to GDPR and other national data protection laws of member states as well as other data protection regulations is:
10117 Berlin, Germany
Phone: +49 (0) 30 288 768 661
General information regarding data processing
- Personal data (name and address)
- Contact data (email address and telephone number)
- Content data (text input, photographs, and videos)
- Usage data (websites visited, interest in content, and access times)
- Meta / Communication data (device ID and IP address)
No special categories of data are processed (GDPR Art. 9(1)).
Categories of data involved:
- Customer / interested parties
- Visitors and users of the online offer
- In the following, we refer to subjects as "users"
- Providing the online offer, its contents, and functions
- Provision of contractual services and customer care
- Responding to inquiries and communicating with users
- Marketing, advertising, and market research
- To prevent fraud and misuse
- For security purposes
In accordance with GDPR Article 32, we take appropriate technical measures that take technical standards, implementation costs, and the nature, scope, circumstance, and purpose of processing as well as the likelihood and severity of the risk to your rights and freedoms into consideration. Technical and organizational measures are used to ensure a level of appropriate protection to avoid any possible risks. Measures include ensuring confidentiality, integrity, and availability of data by controlling physical access to the data, as well as its access, input, disclosure, the securing of availability, and its separation. We have also set up procedures to ensure data subject rights, data deletion, and data vulnerability. In accordance with GDPR Article 25, the protection of personal data is already considered from the development phase (while selecting hardware, software and others) on.
Your data is protected electronically, technically, contractually, and administratively against misuse and loss through various measures. We use security techniques (including SSL encryption, cryptography) to protect your data against access by unauthorized third parties.
If your data is disclosed to a contracted partner or third party, then this is done under a legal contract and is protected. An example of this is providing your data to a payment service provider to complete a payment to which you have agreed. The payment service provider has a legal obligation to obtain certain data to complete the transaction pursuant to GDPR Article 6(1).
In order to be able to offer you an optimal service, we use a number of contracted service providers who work on our behalf and in accordance with GDPR Article 28.
If we process any data in a third country (outside of the European Union (EU) or the European Economic Area (EEA)), or this happens in the context of third party services, or the procurement or transmission of data to third parties, then this will only be done if it is necessary to fulfill our (pre-) contractual obligations, based on your consent, due to a legal obligation, or based on our legitimate interests. Subject to legal or contractual permissions, we only process data in a third country if certain conditions of GDPR Article 44 are met. This means that processing will be done only when certain requirements, such as meeting officially recognized EU level standards of data protection (e.g. Privacy Shield for the USA), or observing officially recognized special contractual obligations (so-called "standard contractual clauses").
You have a right to freely access your stored data as well as the right to correct, delete, or block any data. You can also object to the transference of this data at any time. Please contact us for further information or to withdraw your consent: email@example.com. You also have the right of appeal to a regulatory body.
We process inventory data (e.g. names, addresses, customer contact information), contract data (e.g. services used, payment information) for the purpose of fulfilling our contractual obligations and services in accordance with GDPR Article 6(1)(b). The entries marked as mandatory in online forms are required to complete the contract.
IP addresses are stored for registrations and logins as well as the time of such actions. Storing IP addresses is mandatory and is required to protect users from abusive or unauthorized activity by other users. This information is not shared with third parties unless it is necessary to pursue our claims or there is a legal obligation to do so pursuant to GDPR Article 6(1)(c).
This information is deleted only after expiry of statutory warranties and comparable obligations. The necessity to retain this data is reviewed every three years. In the case of statutory archiving obligations, deletion takes place after expiry of the respective legally prescribed periods (after 6 years in the case of commercial law and after 10 years in the case of tax law). Information in the customer’s account will remain in place until deletion.
When contacting us (for example by e-mail), we use the information provided by the user to process the request in accordance to GDPR Article 6(1)(b). This information may be stored in our systems.
We delete the data if it is no longer required. We review the necessity to keep the information every two years. We store user requests from users with permanent accounts and refer to the above for deletion under the "Provision of contractual services". In the case of legal archiving obligations, the deletion takes place after expiration of the respective legally prescribed periods (after 6 years in the case of commercial law and after 10 years in the case of tax law).
On the basis of our legitimate interests within GDPR Article 6(1)(f), we collect data each time the server is accessed through which this service is provided (so-called server log files). The access data includes the date and time of retrieval, page accessed, browser type and version, the user's operating system, possible error details, referrer URL (the previously visited page), User ID (internal customer number), and the requesting provider.
For security purposes, log file information is stored until it is no longer required (e.g. to verify and eradicate errors or to prevent misuse or fraud). Once its purpose is served, this information is deleted or made anonymous. Certain data may only be deleted once the case has been closed.
Cookies are small text files that are transferred from either our servers or third party web servers to the user's web browser and are stored there for later retrieval.
We use both session cookies and persistent cookies. Session cookies are stored exclusively for the duration of your session on our website and are deleted at the end of the browser session, i.e. after closing your browser. Persistent cookies remain on your computer or your device for a fixed period of time, even after you have closed your browser. The session cookies are stored on your system via your browser and enable certain settings and functionality on our website. Persistent cookies remember your data and behavior on our website and help us display relevant and meaningful information to you. Information collected in this way can be used to track your user behavior over multiple browser sessions.
We also implement the following cookies:
Analysis cookies: Analysis cookies are used to improve the quality of our website and its contents. Analysis cookies tell us how the website is used and enable us to continually optimize our services.
The legal basis for the processing of personal data using technical and analysis cookies is in our legitimate interest in accordance to GDPR Art. 6(1)(f).
If you do not want cookies to be saved on your computer, you must disable this option in your browser settings. Any saved cookies can be also be deleted in your browser settings. The exclusion of cookies can lead to limited functionality of this online offer.
For the US: http://www.aboutads.info/choices
For Europe: hhttp://www.youronlinechoices.com/uk/your-ad-choices/
We use Google Analytics, a web analysis service of Google Ireland Limited ("Google"), on the basis of our legitimate interests, i.e. the analysis, optimization, and economic operation of our online offer in accordance to GDPR Art.6(1). Cookies are used by Google. Activity on the online offer is stored in a cookie and is transmitted and stored on a Google server in the USA.
Google is certified under the Privacy Shield Agreement and thus offers a guarantee of compliance to European data protection law.
Google will use this information on our behalf to evaluate the use of our online services by users to compile reports on activities within this online service and to provide us with other services related to the use of this online service and the Internet.
The Google Analytics code "gat._anonymizeIp();" was extended to guarantee an anonymous recording of IP addresses (so-called IP masking).
The IP address transmitted by your browser as part of Google Analytics is not combined with any other Google data. You can prevent the storage of cookies by updating your browser preferences. This may prevent the website from functioning correctly.
More information can be found on this Google Website.
Opt out: You can prevent Google from collecting the data generated by the cookie relating to your website use (including your IP address) and prevent the processing of this data by downloading and installing the browser plug-in here.
In our legitimate interest pursuant to GDPR Art.6(1)(f), we promote our services among others in search engine results or on third party websites who provide advertising space for this purpose, either directly or through respective networks. By entering into respective contractual agreements, we ensure that your data, such as your IP-address, is processed in accordance with legal requirements.
If you register for our newsletter, we will inform you via e-mail with news and promotions regarding our offer. This is sent in accordance to GDPR Article 6(1)(S)(1) and can be revoked at any time or under “§ 7 Abs. 3 Nr. 2 UWG” (German law regarding unfair competition) should the conditions be fulfilled. Details on how to cancel the newsletter are also found in each newsletter.
Occasionally we may ask you to provide us with voluntary feedback regarding our games and website. This only happens with your consent and takes place in the form of surveys. After collating the results from various surveys, tests, and interviews, you may receive further invitations that correspond to your interests. We will inform you in advance about the details, in particular any collection of personal data. In this regard you can make use of your rights mentioned above. The legal basis for this is GDPR Article 6(1)(a). You can revoke your permission to process this data at any time. We co-operate with the following service providers:Survey Monkey
To conduct customer surveys we use “Survey Monkey”: Survey Monkey, Europe UC 2nd Floor, 2 Shelbourne Buildings, Shelbourne Road, Dublin, Ireland.
For usability tests or game tests we use “User Testing”: User Testing, Inc., 690 5th Street, San Francisco, CA 94107, USA.
For usability tests and game tests we use “Doodle”: Doodle AG, Werdstrasse 21, Postfach 8021 Zürich, Switzerland.
Die Datenschutzerklärung von Doodle finden Sie here.
GameDuell services are exclusively intended for adult use. We do not knowingly collect age information, nor do we knowingly collect any personal data from children under the age of 16. We advise all visitors to our website under the age of 16 not to disclose or provide any personal data to our service.
If you have any further questions, please do not hesitate to contact us. Please send an e-mail to firstname.lastname@example.org. You can also contact our external data protection officer.