Privacy Policy EN
Data protection declaration according to the GDPR
The protection of personal data is important to us. Therefore, the processing of personal data is carried out in accordance with the applicable European and national legislation.
Of course, you can revoke your declaration(s) of consent at any time with effect for the future. Please contact the person responsible for this in accordance with § 1.
The following declaration gives an overview of what kind of data is collected, how this data is used and passed on, what security measures we take to protect your data and how you receive information about the information given to us.
Legal basis for the processing of personal data
Insofar as we obtain the consent of the data subject for the processing of personal data, Art. 6 Abs. 1 p. 1 lit. a) EU General Data Protection Regulation (GDPR) as the legal basis.
In the processing of personal data necessary for the performance of a contract to which the data subject is a party, Art. 6 Abs. 1 p. lit. b) GDPR as the legal basis. This also applies to processing operations that are necessary for the implementation of pre-contractual measures.
Insofar as processing of personal data is necessary to fulfill a legal obligation to which we are subject, Art. 6 Abs. 1 p. 1 lit. c) GDPR as the legal basis.
If the processing is necessary to safeguard a legitimate interest of our company or a third party and the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 Abs. 1 p. 1 lit. f) GDPR as the legal basis for the processing.
Data deletion and storage period
The personal data of the data subject will be deleted or blocked as soon as the purpose of the storage no longer applies. Storage can also take place if this was provided for by the European or national legislator in EU regulations, laws or other regulations to which we are subject. A blocking or deletion of the data takes place even if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or fulfillment of a contract.
§ 1 The controller and the data protection officer
(1) Name and address of the person responsible
The person responsible within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is:
PLAYGROUND
Rua Vale Stº António 75B.
1170-377 Lisboa
Portugal
E-mail: xxxxxxxxx
Phone: xxxxxxxxx
Web: xxxxxxxxx
(2) Name and address of the data protection officer
The data protection officer of the controller is:
Lorem Ipsum
Privacy & privacy
Portugal
E-mail: xxxxxxxxx
Phone: xxxxxxxxx
§ 2 Definitions
The data protection declaration is based on the terms used by the European legislator for the adoption of the EU General Data Protection Regulation (hereinafter referred to as “GDPR”). The data protection declaration should be easy to read and understand. To ensure this, the following are the most important terms:
a. Personal data is all information relating to an identified or identifiable natural person (hereinafter referred to as the data subject). An identifiable natural person is one who can be identified directly or indirectly, in particular by association with an identifier such as a name, an identification number, location data, an online identifier or one or more special characteristics that are an expression of the physical, physiological, genetic, psychological, economic, cultural or social identity of this natural person.
b. An affected person is every identified or identifiable natural person whose personal data is processed by the party responsible for the processing.
c. Processing is each procedure carried out with or without the help of automated procedures, or each such series of procedures in connection with personal data such as levying, recording, organization, filing, storage, adjustment or change, reading, querying, use, publication through transfer, distribution, or another form of provision, comparison or joining, limitation, deletion, or destruction.
d. Profiling is every type of automated processing of personal data that consists of this personal data being used to evaluate certain personal aspects that relate to a natural person, in particular analyzing or predicting aspects as regards work performance, economic situation, health status, personal preferences, interests, reliability, behavior, residence, or change of location of this natural person.
e. Pseudonymization is the processing of personal data in a manner in which the personal data, without the supplementing of additional information, can no longer be assigned to a specific person in question, insofar as this additional information is stored separately and is subject to technical and organizational measures that guarantee that the personal data cannot be attributed to an identified or identifiable natural person.
f. Controller or controller is the natural or legal person, public authority, agency or other body which alone or jointly with others decides on the purposes and means of processing personal data. Where the purposes and means of such processing are determined by Union law or the law of the Member States, the controller or the specific criteria for his designation may be provided for in Union law or the law of the Member States.
g. The data processor is a natural or legal person, authority, body, or another position that processes the personal data on behalf of the responsible party.
h. Recipient is a natural or legal person, public authority, agency or other body to whom personal data are disclosed, whether it is a third party or not. However, authorities that may receive personal data under Union law or the law of the Member States in the context of a specific investigation mandate shall not be considered recipients.
i. A third party is a natural or legal person, authority, body, or other position apart from the person in question, the responsible party, the processor, and the people who are authorized under the immediate responsibility of the responsible party or the processor to process the personal data.
j. Consent is the declaration of consent given by the person in question voluntarily for the case in question in informed fashion and without misunderstanding in the form of a declaration or an otherwise clearly confirmed treatment with which the person in question gives to understand that he or she is in agreement with the processing of the personal data in question.
§ 3 Provision of the website and creation of log files
(1) When using the website for informational purposes only, i.e. if you do not register or otherwise provide us with information, we automatically collect the following data and information from the computer system of the calling computer every time you visit the website:
a. The IP address of the user
b. Information about the browser type and the version used
c. The user’s operating system
d. The user’s Internet service provider
e. Date and time of access
f. Websites from which the user’s system reaches the website
g. Websites accessed by the user’s system via our website
h. Content of the views (specific pages)
i. Amount of data transferred in each case
j. The data is also stored in the log files of our system. This data is not stored together with other personal data of the user.
(2) The legal basis for the temporary storage of the log files is Art. 6 Abs. 1 p. lit. f) GDPR.
(3) The temporary storage of the IP address by the system is necessary in order to
to enable delivery of the website to the user’s computer. For this purpose, the IP address of the user must be stored for the duration of the session.
to optimize the content of our website as well as the advertising for it
to ensure the functionality of our information technology systems and the technology of our website
Provide law enforcement authorities with the information necessary for law enforcement in the event of a cyber attack
The storage in log files takes place in order to ensure the functionality of the website. In addition, the data serves us to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context.
For these purposes, our legitimate interest in data processing in accordance with Art. 6 Abs. 1 p. 1 lit. f) GDPR.
(4) The data will be deleted as soon as they are no longer necessary for the purpose of their collection – in this case at the end of the use process
In the case of storage of the data in log files, this is the case at the latest after seven days. An additional storage is possible. In this case, the IP addresses are deleted or anonymized, so that an assignment of the calling client is no longer possible.
(5) The collection of the data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website, which is why there is no possibility of objection.
§ 4 Use of cookies
(1) This website uses so-called Cookies.
Below is a list of cookies with description of which are used.
Cookies are small text files that are sent to your browser by a web server as soon as you visit a website and stored locally on your device (PC, notebook, tablet, smartphone, etc.) and stored on your computer and provide the user (i.e. us) with certain information. Cookies serve to make the website more customer-friendly and secure, in particular to collect usage-related information, e.g. Frequency of use and number of users of the pages and as well as behaviors of page use. Cookies do not cause any damage to the computer and do not contain viruses. This cookie contains a characteristic string (so-called Cookie ID), which allows a unique identification of the browser when the website is called up again.
Cookies used:
• Cookiesallowed: This cookie is set after you have given your consent to the storage of cookies so as not to ask for your consent again on future website visits.
• “localreferrer”: This cookie stores from which part of this website you have reached the currently accessed subpage.
(2) Cookies remain stored even when the browser session is terminated and can be called up again when you visit the site again. However, cookies are stored on your computer and transmitted from it to our site. Therefore, you also have full control over the use of cookies. If you do not want data collection via cookies, you can set your browser via the menu under “Settings” so that you are informed about the setting of cookies or can generally exclude the setting of cookies or delete cookies individually. However, it is pointed out that if cookies are deactivated, the functionality of this website may be limited. As far as session cookies are concerned, they will be automatically deleted anyway after leaving the website.
§ 5 Disclosure of personal data to third parties
(1) Links to external websites
This website contains links to external pages. We are responsible for our own content. We have no influence on the content on external links and are therefore not responsible for this, in particular we do not adopt their contents as our own. If you are directed to an external page, the data protection declaration provided there applies. If you notice illegal activities or content on this page, you are welcome to point this out to us. In this case, we will check the content and react accordingly (Notice and take down procedure).
(2) Use of Vimeo plugins
We use the provider Vimeo, among others, for the integration of videos. Vimeo is operated by Vimeo, LLC with headquarters in 555 West 18th Street, New York, New York 10011.
On some of our Internet pages we use plugins from the provider Vimeo. When you call up the Internet pages of our website provided with such a plugin – for example our media library – a connection to the Vimeo servers is established and the plugin is displayed. This transmits to the Vimeo server which of our Internet pages you have visited. If you are logged in as a member of Vimeo, Vimeo assigns this information to your personal user account. When using the plugin, e.g. Clicking on the start button of a video will also assign this information to your user account. You can prevent this assignment by logging out of your Vimeo user account before using our website and deleting the corresponding cookies from Vimeo.
Further information on data processing and information on data protection by Vimeo can be found at https://vimeo.com/privacy
§ 6 E-Commerce
(1) If you would like to order in our webshop, it is necessary for the conclusion of the contract that you provide your personal data, which we need for the processing of your order. Mandatory information necessary for the execution of the contracts is marked separately, further information is voluntary. The data is entered into an input mask and transmitted to us and stored. The following data is collected within the framework of the web shop:
• Name
• Address (if applicable different delivery address)
• Email address
• Telephone (Optional)
• IP address
• Date and time of the order
A transfer of the data to third parties only if the transfer is necessary for the purpose of contract processing or for billing purposes or for the collection of the fee or if you have expressly consented. In this regard, we only pass on the necessary data in each case. The recipients are
• The respective delivery/shipping company (passing on name and address)
• Collection companies, if the payment has to be collected (passing on name, address, order details)
• Credit agencies for checking the creditworthiness (passing on name, address, date of birth, etc.). In this case, the transfer will only take place if we pay in advance for orders (e.g. purchase on account).
• The bank to collect the payment, insofar as the payment is made by direct debit
(2) The legal basis is Art. 6 Abs. 1 p. 1 lit. b) GDPR. With regard to voluntary data, the legal basis for the processing of the data is Art. 6 Abs. 1 p. 1 lit. a) GDPR.
(3) The mandatory information collected is necessary for the fulfillment of the contract with the user (for the purpose of sending the goods and confirming the content of the contract). We therefore use the data to answer your inquiries, to process your order, if necessary to check the creditworthiness or Recovery of a claim and for the purpose of technical administration of the websites. The voluntary information was provided to prevent abuse and, if necessary, to investigate crimes. We may also process the data you provide to inform you about other interesting products from our portfolio or to send you emails with technical information.
(4) The data will be deleted as soon as they are no longer necessary for the purpose of their collection. Due to commercial and tax law requirements, we are obliged to store your address, payment and order data for a period of ten years after the execution of the contract. However, after [two years] we restrict processing, i.e. Your data will only be used to comply with legal obligations. If there is a continuing obligation between us and the user, we store the data for the entire contract period and for a period of ten years thereafter (see above). With regard to the voluntarily provided data, we will delete the data at the end of [two] years after the execution of the contract, unless another contract is concluded with the user during this period; in this case, the data will be deleted at the expiry of [two] years after the execution of the last contract.
(5) If the data are necessary for the performance of a contract or for the implementation of pre-contractual measures, premature deletion of the data is only possible, unless contractual or legal obligations prevent deletion.
Otherwise, you are free to have the personal data provided during registration completely deleted from the data stock of the controller. The controller will provide you with information at any time on request about which personal data is stored about you. Furthermore, the controller corrects or deletes personal data at the request or notice of the data subject, unless there are statutory retention obligations to the contrary. You can write to the person responsible or the data protection officer in accordance with § 1 at any time by e-mail or post and request deletion/change of the data.
§ 7 Web analysis by Google Analytics (with pseudonymization)
We use the service of Google Inc. on our website. (Google Inc., 1600 Amphitheater Parkway Mountain View, CA 94043, USA) for the analysis of the surfing behavior of our users. The software sets a cookie on your computer (for cookies see § 4). If individual pages of our website are called up, the following data is stored:
• Two bytes of the IP address of the user’s calling system
• The accessed website
• Entry pages, exit pages,
• The time spent on the website and the cancellation rate
• The frequency of access to the website
• Country and regional origin, language, browser, operating system, screen resolution, use of Flash or Java
• search engines used and search terms used
The information generated by the cookie about the use of this website by users is usually transmitted to a Google server in the USA and stored there. This website uses Google Analytics with the extension “_anonymizeIp()”. The software is set up so that the IP addresses are not completely stored, but only in abbreviated form. In this way, an assignment of the shortened IP address to the calling computer is no longer possible. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. However, the IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.
The legal basis for the processing of personal data is Art. 6 Abs. 1 p. 1 lit. a) GDPR. For the exceptional cases in which personal data is transferred to the USA, Google has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
On our behalf, Google will use this information for the purpose of evaluating your use of the website and compiling reports on website activity. By evaluating the data obtained, we are able to compile information about the use of the individual components of our website. This helps us to constantly improve our website and its user-friendliness.
The data will be deleted as soon as it is no longer needed for our recording purposes. In our case, this is the case after 18 months.
The cookies used are stored on your computer and transmitted from it to our site. If you do not agree with the collection and evaluation of usage data, you can prevent this by setting your browser software accordingly by disabling or restricting the use of cookies. Already stored cookies can be deleted at any time. However, in this case, you may not be able to use all the functions of this website to their full extent. You can also prevent the collection of the data generated by the cookie and related to your use of the website (incl. your IP address) to Google and the processing of this data by Google by downloading and installing the browser plug-in available at the following link. The current link is: http://tools.google.com/dlpage/gaoptout? hl=en. You have the possibility to revoke your consent to the processing of personal data at any time. If you contact us by e-mail, you can object to the storage of your personal data at any time. Regarding the revocation of consent/objection to storage, we ask you to contact the person responsible in accordance with § 1 by e-mail or by post.
If you visit our website with your mobile device, you can also object to the use here by disabling Google Analytics by clicking on the following link: Disable Google Analytics. In this case, a cookie will be set in your browser, which tells Google to prevent tracking.
Responsible is Google Ireland Ltd., Gordon House, 4 Barrow Street, Dublin, Ireland, Fax: +353 (1) 436 1001. Further information can be found in the user conditions at http://www.google.com/analytics/terms/de.html, in the overview of data protection at http://www.google.com/intl/de/analytics/learn/privacy.html and in the privacy policy at http://www.google.de/intl/de/policies/privacy.
§ 8 Rights of the data subject
If personal data is processed by you, you are the data subject within the meaning of GDPR and you have the following rights vis-à-vis the person responsible:
a. Right to information,
b. Right to rectification
c. Right to restriction of processing,
d. Right to deletion
e. Right to information
f. Right to data portability.
g. Right to object to the processing
h. Right to revoke consent under data protection law
i. Right to non-application of an automated decision
j. Right to complain to a supervisory authority
Right of access
(1) You can request confirmation from the controller as to whether personal data concerning you is being processed by us. If such processing exists, you can request free information from the controller at any time about the personal data stored about you as well as about the following information:
the purposes for which the personal data are processed;
the categories of personal data that are processed;
the recipients or categories of recipients to whom the personal data concerning you have been or will be disclosed;
the planned duration of the storage of your personal data or, if specific information is not possible, criteria for determining the storage period;
the existence of a right to rectification or deletion of personal data concerning you, a right to restriction of processing by the controller or a right to object to such processing;
the existence of a right of appeal to a supervisory authority;
all available information on the origin of the data, if the personal data are not collected from the data subject;
the existence of automated decision-making, including profiling, in accordance with Art. 22 para. 1 and 4 GDPR and – at least in these cases – meaningful information about the logic involved as well as the scope and intended effects of such processing on the data subject.
(2) You have the right to request information about whether the personal data concerning you will be transferred to a third country or to an international organization. In this context, you can request the appropriate guarantees in accordance with Art. 46 GDPR in connection with the transmission.
Right to rectification
You have a right to immediate correction and/or completion vis-à-vis the controller if the processed personal data concerning you is incorrect or incomplete.
Right to the limitation of processing
(1) Under the following conditions, you can request the controller to immediately restrict the processing of your personal data:
• if you dispute the accuracy of the personal data concerning you for a period of time that allows the controller to verify the accuracy of the personal data;
• the processing is unlawful and you refuse to delete the personal data and instead request the restriction of the use of the personal data;
• the controller no longer needs the personal data for the purposes of processing, but you need them to assert, exercise or defend legal claims, or
• if you object to the processing in accordance with Art. 21 Abs. 1 GDPR and it is not yet clear whether the legitimate reasons of the person responsible outweigh your reasons.
(2) If the processing of personal data concerning you has been restricted, these data may only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of an important public interest of the Union or a Member State. If the restriction of processing has been carried out according to the above-mentioned Requirements restricted, you will be informed by the person responsible before the restriction is lifted.
Right to deletion
(1) You can request the controller to delete the personal data concerning you without delay if one of the following reasons applies:
• The personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed.
• You revoke your consent, to which the processing in accordance with Art. 6 para. 1 lit. a or Art. 9 para. 2 lit. a GDPR, and there is no other legal basis for the processing.
• They lay acc. Art. 21 Abs. 1 GDPR object to the processing and there are no overriding legitimate reasons for the processing, or you file an objection to the processing in accordance with Art. 21 Abs. 2 GDPR object to the processing.
• The personal data concerning you have been unlawfully processed.
• The deletion of your personal data is necessary to fulfill a legal obligation under Union law or the law of the Member States to which the controller is subject.
• The personal data concerning you have been collected in relation to information society services offered in accordance with Art. 8 par. 1 GDPR.
(2) If the controller has made the personal data concerning you public and he is in accordance with Art. 17 Abs. 1 GDPR, he shall take appropriate measures, including technical measures, taking into account the available technology and the implementation costs, to inform controllers who process the personal data that you, as the data subject, have requested them to delete all links to this personal data or copies or replications of this personal data.
(3) The right to erasure does not exist to the extent that the processing is necessary
• to exercise the right to freedom of expression and information;
• to fulfill a legal obligation that requires processing under the law of the Union or the Member States to which the controller is subject, or to carry out a task in the public interest or in the exercise of official authority delegated to the controller;
• for reasons of public interest in the field of public health in accordance with Art. 9 para. 2 lit. h and i and Art. 9 Abs. 3 GDPR;
• for archiving purposes in the public interest, scientific or historical research purposes or for statistical purposes in accordance with Art. 89 Abs. 1 GDPR, insofar as the law referred to in section a) is likely to render impossible or seriously impair the achievement of the objectives of this processing, or
• to assert, exercise or defend legal claims.
Right to information
If you have asserted the right to rectification, deletion or restriction of processing against the controller, the controller is obliged to notify all recipients to whom the personal data concerning you have been disclosed of this correction/deletion/restriction of processing, unless this proves impossible or involves a disproportionate effort. You have the right vis-à-vis the person responsible to be informed about these recipients.
Right to data portability
(1) You have the right to receive the personal data concerning you that you have provided to the controller in a structured, commonly used and machine-readable format. In addition, you have the right to transfer this data to another controller without hindrance by the controller to whom the personal data were provided, provided that
• the processing on a consent in accordance with Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR or on a contract in accordance with Art. 6 para. 1 lit. b GDPR and
• the processing is carried out by automated means.
(2) In exercising this right, you also have the right to have the personal data concerning you transmitted directly from one controller to another, as far as this is technically feasible. Freedoms and rights of other persons must not be affected by this.
3. The right to data portability shall not apply to the processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority delegated to the controller.
4. In order to assert the right to data portability, the data subject may at any time contact the controller.
Right of objection
(1) You have the right, for reasons arising from your particular situation, to object at any time to the processing of your personal data, which is based on Art. 6 para. 1 lit. e or f GDPR; this also applies to profiling based on these provisions.
(2) The controller will no longer process the personal data concerning you, unless he can demonstrate compelling legitimate grounds for the processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
(3) If the personal data concerning you are processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for the purpose of such advertising; this also applies to profiling insofar as it is connected with such direct marketing. If you object to the processing for direct marketing purposes, the personal data concerning you will no longer be processed for these purposes.
4. You have the possibility, in connection with the use of information society services, notwithstanding Directive 2002/58/EC, to exercise your right of objection by means of automated procedures using technical specifications.
5. In order to exercise the right to object, the data subject may contact the controller directly.
Right to revoke the declaration of consent under data protection law
You have the right to revoke your declaration of consent under data protection law at any time. The revocation of consent does not affect the legality of the processing carried out on the basis of the consent until the revocation. You can contact the person responsible for this.
Automated decision-making in individual cases including profiling
(1) You have the right not to be subject to a decision based solely on automated processing – including profiling – that has legal effect on you or similarly significantly affects you. This does not apply if the decision
• is necessary for the conclusion or performance of a contract between you and the controller,
• is permitted by Union or Member State legislation to which the controller is subject and this legislation contains appropriate measures to safeguard your rights and freedoms and your legitimate interests, or
• with your express consent.
2. However, these decisions may not be based on special categories of personal data in accordance with Art. 9 Abs. 1 GDPR, unless Art. 9 para. 2 lit. a or g GDPR applies and appropriate measures have been taken to protect the rights and freedoms as well as your legitimate interests.
(3) With regard to the cases referred to in (1) and (3), the controller shall take appropriate measures to safeguard the rights and freedoms as well as your legitimate interests, including at least the right to obtain the intervention of a person on the part of the controller, to express his or her own point of view and to contest the decision.
4. If the data subject wishes to exercise the rights concerning automated decision-making, he or she may at any time contact the controller.
Right to complain to a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to complain to a supervisory authority, in particular in the Member State of your place of residence, place of work or the place of the alleged infringement, if you believe that the processing of your personal data violates the GDPR. The supervisory authority to which the complaint was filed shall inform the complainant of the status and results of the complaint, including the possibility of a judicial remedy under Art. 78 GDPR.
§ 10 Amendments to the privacy policy
We reserve the right to amend our privacy practices and this policy to notify them, if necessary, of changes in relevant laws or to adapt regulations or to better meet your needs. Possible changes to our privacy practices will be announced accordingly here. Please note the current version date of the privacy policy.