Community
Games
Grindosaur
© 2020 - Grindosaur.com

Privacy Policy of Grindosaur.com

Last updated: 4 October, 2020

The protection of your data is of the utmost importance to us. Therefore, dealing with your information is strictly confidential and bound by European and German data protection legislation. Thus, we would like to tell you in this privacy policy how we handle the data we receive, and which security measures are taken on our part to protect your data.

1. General information

1.1 The usage of this site is usually possible without providing personal data. If personal data is compiled, such as names, addresses, or e-mail addresses, it always happens voluntarily and is used to fulfill our contractual agreements with the people concerned. This data will not be shared with third-party organizations without your explicit permission. However, some data might be compiled indirectly through different means. This collection of data happens through the usage of cookies, which are discussed subsequently. Please note that you will be informed accordingly.

1.2 The site's operator may change this privacy policy from time to time without an announcement to be in accordance with the European and German legislation and latest jurisdiction. Please check this privacy policy frequently to stay informed about our measures to protect your data and its usage.

2. Scope of this privacy policy

2.1 The European General Data Protection Regulation (GDPR), the Bundesdatenschutzgesetz (BDSG) and the Telemediengesetz (TMG) address the protection of personal data. This protection encompasses data that can be associated with your person (e.g., your name, telephone number, or e-mail address). These laws do not protect information that cannot be used to identify your identity (e.g., contents you share on this website).

3. Elicitation and usage of personal data

3.1 Upon arrival and further visit, we are saving the following data by default:

  • your IP address
  • the website you came from (referrer)
  • the sites you have visited during your session
  • the date and duration of your visit
  • your browser
  • your browsers settings
  • your operating system

This data is solely used to ensure that our website is operating correctly and without malfunctions. Furthermore, it helps us to troubleshoot and to fight bots and provide a secure browsing experience while you stay. This data is deleted automatically after 30 days.

3.2 Aforementioned, this site uses cookies to determine the user's preferences and to ensure a more pleasant stay. This includes, for example, the avoidance of repetitively inputting your data.

3.3 Please note that we only save and store personal data (e.g., your name and e-mail address) if you submit this data yourself. This submission primarily happens through our contact form or registration service. These services require specific information to be used to their fullest functionality.

3.4 Mandatory information in line with Art. 13 GDPR:

In initial contact cases, we are obliged by Art. 12, 13 GDPR to provide you with the following information: If you contact us, we will only process your data

  • if there is a justified interest in processing (Art. 6 para. 1 lit. f GDPR); and
  • if you have consented to the processing of your data (Art. 6 para. 1 lit. a GDPR); and
  • if the processing is necessary for the initiation, establishment, content, or modification of a legal relationship between you and us (Art. 6 para. 1 lit. b GDPR); or
  • if another legal norm permits processing.

This data will remain on our servers until you request its deletion, revoke your consent of its storage, or the reason for its storage becomes obsolete (e.g., in cases of resolved matters). Mandatory legal provisions remain unaffected in these cases, especially in cases of safekeeping in regards to tax and commercial retention periods.

4. Disclosure to third parties

4.1 Aforementioned, compiled private data (such as names and addresses) will not be shared with third-party organizations without your explicit permission. However, in exceptional cases, such as legal obligations to hand over information to a court, we will share compiled information about specific individuals after receiving an adjudication order.

4.2 Your data will only be saved and used in the Federal Republic of Germany. A transfer to non-European countries will only take place if necessary for the fulfillment of a contract or if the service providers engaged by us carry out such processing. However, this presupposes that the EU Commission has decided on an appropriate level of protection for the country concerned or that we have concluded contracts in accordance with the EU data protection laws that adequately protect and guarantee your rights and freedoms.

5. Cookies

5.1 This website utilizes cookies. Cookies are text documents that are commonly stored on your computer and saved through your browser. They do not damage your computer, nor do they contain viruses. They are solely used to make our website more user friendly and secure to browse.

5.2 Most of our used cookies are so-called session cookies. These will be deleted after you leave our website. Other cookies will remain on your device until a certain amount of time has passed or until you delete them manually. These cookies are called persistent-cookies and allow us to identify your browser upon your next visit and simplify your navigation on our site.

5.3 If you worry about cookies or do not want them to be stored on your device, simply use your browser's help function and change your settings to either disallow every new incoming cookie or be informed about a soon to be set cookie. The latter will give you a choice to either allow or disallow the cookie to be set. Please note that some exciting site features will not or might work differently than they usually do or are expected to when disallowing cookies. Therefore, we advise you to allow cookies to be set on your device.

6. Security

In cases that users send personal data to us, Grindosaur.com offers the possibility of encrypted data transmissions. This encryption provides protection for confidentiality between our users and our web server and helps prevent the abusage of personal data, e.g., interception or manipulation. This protection is achieved by the usage of encryption technology called SSL (Secure Socket Layer). This technology is recognized for its reliability and widely used across the internet.

Based on Art. 32 GDPR, Grindosaur.com chooses in consideration of the currently available technology, its implementation costs and type, scope, circumstances and the purpose of the data processing as well as the seriousness of the risks for the rights and liberties of the individual, suitable technological and organizational measures to ensure a reasonable level of protection of personal data. These measures include safeguarding the confidentiality, integrity, and availability of data through our system. Furthermore, Grindosaur.com implemented processes that allow us to respond to users in concern about their data subject rights (more information about these rights can be found in section 11: 'Rights of the data subject'). Additionally, principles of data protection and pre-configuration of settings are considered while developing software and internal procedures or choosing hardware for this project (Art. 25 GDPR).

One of these security measures is the encrypted transmission of data between your browser and our server during your login procedure.

7. Google Analytics

This website uses Google Analytics, a website analysis service by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics utilizes cookies. These are text documents that are commonly stored on your computer and provide an analysis of your usage of this website. The information gathered through cookies is generally saved on Google's servers in the USA.

Google Analytics cookies are stored based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in analyzing user behavior to optimize his website and its advertising.

7.1 IP anonymization

We use the function 'Activation of IP Anonymization' on our website. This function assures that Google shortens your IP address in member states of the European Union or other contracting states of the European Economic Zone. Only in exceptional cases will your full IP address be transferred to Google's servers in the USA and shortened there. In the commission of the provider, Google will use this data to analyze your usage of this website, compile reports on your website activity, and supply other information about your website and internet usage to the provider of this website. The IP address relayed by Google Analytics will not be merged with other Google data.

7.2 Browser Plugin

Due to certain browser adjustments, it is possible to prevent the storage of cookies; however, consider that you might not be able to use this website to its full extent. Additionally, you can prevent the data collection of personal data (e.g., IP addresses) and your browsing behavior through cookies that are sent to Google via the usage of a browser extension. This extension is provided by Google and may be downloaded from the following source: https://tools.google.com/dlpage/gaoptout?hl=en.

7.3 Objecting the data gathering process

As an individual, you can prevent the collection of your data through Google Analytics by clicking on the following link. The link will create an opt-out cookie that will prevent the data acquisition through Google Analytics during future visits of this website: deactivate Google Analytics.

For more information on how Google Analytics handles user data, please refer to the Google Privacy Policy: https://support.google.com/analytics/answer/6004245?hl=en.

7.4 (Commissioned) data processing

Bound by the German data protection legislation, we entered into a contract with Google in regards to Google Analytics' data processing. As a result of this, we declare that we follow the German data protection legislation and implement its regulations accordingly.

7.5 Demographics in Google Analytics

This website uses the 'demographic parameters' function of Google Analytics. This function generates reports providing information on the age, gender, and interests of website visitors. The sources of this information are interest-related advertising services by Google and visitor data obtained from third-party providers. This data cannot be assigned to a specific person. You can deactivate this function at any time via the ad settings in your Google account. Furthermore, you can prohibit the collection of your data by Google Analytics, as shown in section 7.3: 'Objecting the data gathering process.'

7.6 Google Web Fonts

This website uses Google Web Fonts for a consistent presentation. However, no connection between this website and Google's servers exists as the fonts reside on our servers.

8. Google Adsense (personalized & non-personalized)

Based on our legitimate interests (e.g., the interest in the analysis, optimization and economic operation of our online offer within the scope of Art. 6 para. 1 lit. f GDPR), we use the ad embedding service Google AdSense provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Currently, we utilize Google AdSense's service in both the 'personalized' and 'non-personalized' mode. Personalized ads (formerly known as interest-based adverts) are based on previously collected or historical data that determines or influences any given user's ad selection, including a user's previous search queries, activities, visits to sites, or apps, demographic information, or locations. Furthermore, this would include demographic targeting, interest category targeting, and general remarketing. Contrary to the personalized ads, the non-personalized ads are not based on your previous use patterns and interests but on your location, the contents of the website you are visiting, or the search terms you were using to find said online offer (e.g., this website). Additionally, Google AdSense will not generate a user profile for you while using this type of advertisement. To learn more about the distinct differences between personalized targeting (which is often referred to as 'remarketing') and targeting that has not been customized by Google AdSense, please click on the following link: https://support.google.com/adsense/answer/9007336.

Non-personalized ads are served in

  • countries of the European Economic Area (EEA),
  • the United Kingdom,
  • and the state of California (United States of America).

Please keep in mind that even using the 'non-personalized' mode of Google AdSense might result in the archiving of cookies by Google. According to Google, these cookies are used to combat fraud and misuse. Additionally, these cookies will remain on your device until you delete them manually.

Furthermore, it is essential to note that the 'EU-U.S. Privacy Shield Framework' certified Google. This Privacy Shield accord was executed between the European Union and the United States to ensure that European Data Protection Standards are observed in conjunction with data processing in the United States. Every company certified by the 'EU-U.S. Privacy Shield Framework' tries to comply with these data protection standards.

More information regarding Google's data usage for marketing purposes can be found here: https://policies.google.com/technologies/ads.

Additionally, you have the option to adjust your advertising settings freely in your Google user account. To do so, please click on the following link: https://adssettings.google.com/authenticated.

9. Affiliate partner programs

We are, based on our legitimate interests (i.e., interest in the economic operation of our online offer within the scope of Art. 6 para. 1 lit. f GDPR), participants in partner programs to earn a commission by placing links and other advertisements. The respective partner can trace the origin of the orders via user-independent identifiers. Among other things, the partner can recognize that you have clicked the partner link on this website. If applicable, the partner may then use their cookies on their website within their area of responsibility to collect and compile data; we have no access to this gathered data.

10. Online presence in social media

We utilize social media to inform and interact with customers, members, and anyone interested in our services. In doing so, we would like to point out that user data may be processed outside the European Union. This might cause risks for the users as their rights might be harder to enforce on these platforms. However, US-American providers certified by the 'EU-U.S. Privacy Shield Framework' declare that they comply with European data protection laws and act accordingly.

Furthermore, this aforementioned compiled user data is usually processed for market research and advertising purposes by these platforms. We would like to note that user profiles can be created from a user's behavior and subsequently determine a user's interests. These user profiles can then be used to place advertisements within and outside the platforms that apparently correspond to the interests of the user in question. This practice is called 'remarketing' and utilizes cookies that get stored on a user's device, in which the behavior and interests of a user are stored. Furthermore, this data may also be stored in the user's profile regardless of the devices used (especially if the user is a member of the respective platform and is logged in to it).

The processing of our users' personal data is based on our legitimate interests in an attempt to effectively communicate with our users in accordance with Art. 6 para. 1 lit. f GDPR. If users are asked by the respective provider to give their consent to data processing (i.e., to give their consent, e.g., by ticking a checkbox or clicking a button), the legal basis for processing is Art. 6 para. 1 lit. a, and Art. 7 GDPR.

If you are interested in how these providers process your data and how you can object this data processing (through opt-out), see our listing down below. In concern about disclosure and enforcement of your rights regarding your data, we advise you to contact these providers directly as they are the only ones with direct access to your data and are, therefore, the only ones capable of acting in regard to your rights. If additional help is needed, please inform us accordingly.

11. Rights of the data subject

Grindosaur.com would like to make sure you are fully aware of all your data protection rights. Every user is entitled to the following:

11.1 The right to access

You have the right to request Grindosaur.com for copies of your data. We may charge you a small fee for this service.

11.2 The right of rectification

You have the right to request that Grindosaur.com corrects any information you believe is inaccurate. You also have the right to request Grindosaur.com to complete the information you think is incomplete.

11.3 The right to erasure

You have the right to request that Grindosaur.com erases your data under certain conditions.

11.4 The right to restrict processing

You have the right to request that Grindosaur.com restrict the processing of your data under certain conditions. Regarding Google Analytics, please see section 7. Google Analytics.

11.5 The right to object processing

You have the right to object to Grindosaur.com processing your data under certain conditions.

11.6 The right of data portability

You have the right to request that Grindosaur.com transfers the data that we have collected to another organization, or directly to you, under certain conditions.

If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us at our e-mail: info@grindosaur.com.