Privacy Policy of Grindosaur.com

Last updated: 22. Mai, 2019

The protection of your personal data is very important to us. Therefore, dealing with your personal data is strictly confidential and bound by European and German data protection legislations. Thus, we would like to tell you in this privacy policy how we handle the data we receive, and which security measures are taken on our part to protect your data.

1. General information

1.1 The usage of this site is usually possible without providing personal data. If personal data is compiled, such as names, addresses or email addresses, it always happens on a voluntary basis and is used to fulfill our contractual agreements with the people concerned. This data won’t be shared with third party organizations without your explicit permission. However, some data might be compiled indirectly through different means. This includes the usage of cookies which are discussed subsequently. Please note, that you will be informed accordingly.

1.2 The sites operator may change this privacy policy from time to time without an announcement to be in accordance with the European and German legislation and latest jurisdiction. Please check this privacy policy frequently to stay informed about our measures to protect your data and its usage.

2. Scope of this privacy policy

2.1 The European General Data Protection Regulation (GDPR), the Bundesdatenschutzgesetz (BDSG) and the Telemediengesetz (TMG) address the protection of personal data. This includes data which can be associated with your person (e.g. your name, telephone number or email address). Information that cannot be used to identify your personality (e.g. contents you share on this website) are not protected by these laws.

3. Elicitation and usage of personal data

3.1 Upon arrival and further visit we are saving following data by default:

  • your ip address
  • the website you came from (referrer)
  • the sites you have visited during your session
  • the date and duration of your visit
  • your browser
  • your browsers settings
  • your operating system

This data is solely used to ensure that our website is operating properly and without malfunctions. Furthermore, it helps us to troubleshoot and to fight of bots and ensure a secure browsing experience while you stay. This data is deleted automatically after 30 days.

3.2 Aforementioned, this site uses cookies to determine the user’s preferences and to ensure a more pleasant stay. This includes for example the avoidance of repetitively inputting your data.

3.3 Please note that we only save and store personal data (e.g. your name and e-mail address) if you are submitting them yourself. This primarily happens through the usage of our contact form or registration service which are located on our website. These services require certain information to be used to their fullest functionality.

3.4 Mandatory information in line with Art. 13 GDPR:
We are obliged to provide you with information regarding data protection laws in cases of initial contact based on Art. 12, 13 GDPR: If initial contact is established by you, your personal data is processed only if a legitimate interest in processing personal data is existent (Art. 6 para. 1 lit. f. GDPR), if you consented to the processing of your personal data (Art. 6 para. 1 lit. a. GDPR), if the processing of this personal data is relevant and required for the initiation, reasoning, inert configuration or change in regard of a legal relationship (Art. 6 para. 1 lit. d. GDPR) or if another legal norm permits the processing of personal data. This data will remain on our servers until you request its deletion, revoke your consent of its storage or the reason of its storage is obsolete (e.g. in cases of resolved matters). Mandatory provisions of the law are excluded in these cases, especially cases of safe-keeping in regards of tax and commercial retention periods.

4. Disclosure to third parties

4.1 Aforementioned, compiled private data will not be shared with third party organizations without your explicit permission. However, in exceptional cases, such as legal obligations to hand over information to a court, we will share compiled information about certain individuals after receiving an adjudication order.

4.2 Your personal data will be saved and processed in the Federal Republic of Germany only. There will be no personal data transmissions to European or extra-European foreign countries.

5. Cookies

5.1 This website utilizes cookies. Cookies are text documents which are commonly stored on your computer and saved through your browser. They do not damage your computer, nor do they contain viruses. They are solely used to make our website more user friendly, effective and secure to browse.

5.2 Most of our used cookies are so-called session-cookies. These will be deleted after you have left our website. Other cookies will remain on your device until a certain amount of time has passed or until you delete them manually. These cookies are called persistent-cookies and allow us to identify your browser upon your next visit and to simplify your navigation on our site.

5.3 If you worry about cookies or do not want them to be stored on your device, simply use the help function of your browser and change your settings to either disallow every new incoming cookie or to be informed about a soon to be set cookie. The latter will give you the choice to either allow or disallow the cookie to be set. Please note that some interesting site features will not or might work differently than they usually do or are expected to. Therefore, we advise you to allow cookies to be set on your device.

6. Security

In cases that users send personal data to us, Grindosaur.com offers the possibility of encrypted data transmissions. This encryption offers protection for confidentiality between our users and our webserver and helps the prevention of abusage of personal data e.g. interception or manipulation. This is achieved by the usage of encryption technology called SSL (Secure Socket Layer). This technology is recognized for its reliability and widely used across the internet.

Based on Art. 32 GDPR, Grindosaur.com chooses in consideration of the currently available technology, its implementation costs and type, scope, circumstances and the purpose of the data processing as well as the seriousness of the risks for the rights and liberties of the individual suitable technological and organizational measures to ensure a reasonable level of protection of personal data. These measures include safe-guarding the confidentiality, integrity and availability of data through our system. Furthermore, grindosaur.com implemented processes that allow us to respond to users in concern about their data subject rights (more information about these rights can be found in section 9. Rights of the data subject). Additionally, principles of data protection and pre-configuration of settings are considered while developing software and internal procedures or choosing hardware for this project (Art. 25 GDPR).

One of these security measures is the encrypted transmission of data between your browser and our server during your login procedure.

7. Google Analytics

This website uses Google Analytics, a website analysis service by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics utilizes cookies. These are text documents which are commonly stored on your computer and provide an analysis of your usage of this website. The information gathered through cookies is generally saved on Googles servers in the USA.

The storage of Google Analytics cookies is based on Art. 6 paragraph 1 lit. f. GDPR. The sites operator has a legitimate interest in analyzing its user’s behavior to improve and expand upon offered services.

7.1 IP anonymization

We use the function ‘Activation of IP Anonymization’ on our website. This assures that your IP address is shortened by Google in member states of the European Union or other contracting states of the European Economic Zone. Only in exceptional cases will your full IP address be transferred to the Google servers in the USA and shortened there. In commission of the provider Google will use this data to analyze your usage of this website, compile reports on your website activity and furthermore supply other information about your website and internet usage to the provider of this website. The IP address relayed by Google Analytics will not be merged with other Google data.

7.2 Browser Plugin

Due to certain browser adjustments it is possible to prevent the storage of cookies; However, consider that you might not be able to use this site to its full extent. Additionally, you can prevent the data collection of personal data (e.g. IP addresses) and your browsing behavior through cookies that are sent to Google via the usage of a browser extension. This extension is provided by Google and may be downloaded from the following source: https://tools.google.com/dlpage/gaoptout?hl=en.

7.3 Objecting the data gathering process

You as an individual can prevent the collection of your data through Google Analytics by clicking on the following link. The link will create an opt-out-cookie which will prevent the data acquisition through Google Analytics during future visits of this website: deactivate Google Analytics.

For more information on how Google Analytics handles user data, please refer to the Google Privacy Policy: https://support.google.com/analytics/answer/6004245?hl=en.

7.4 (Commissioned) data processing

Bound by the German data protection legislation we entered into a contract with Google in regard of Google Analytics data processing and hereby declare that we follow the German data protection legislation and implemented its regulations in accordance.

7.5 Google Web Fonts

This website uses Google Web Fonts for a consistent presentation. However, no connection between this website and Googles servers is created as the fonts reside on our own servers.

8. Online presence in social media

We utilize social media to inform and interact with customers, members and anyone who is interested in our services. We would like to point out that data that is provided by both parties on the respective platform might be processed outside of the European Union. This might cause risks for the user as rights of said user might be harder to enforce on these platforms. US-American providers that are certified by Privacy-Shield declare that they comply with European data protection laws and will act accordingly.

Furthermore, the data of the users are usually processed for market research and advertising purposes. Thus, e.g. user profiles are created from the user behavior and the resulting interests of the users. The usage profiles may in turn be used to e.g. Place advertisements inside and outside the platforms that are allegedly in line with users interests. For these purposes, cookies are usually stored on the computers of the users, in which the user behavior and the interests of the users are stored. Furthermore, in the usage profiles, data can also be stored independently of the devices used by the users (if the users are members of the respective platforms and logged in to them). The processing of personal data of users is based on our legitimate interests in an effective information of users and communication with users in accordance with. Art. 6 para. 1 lit. f. GDPR. If the users are asked by the respective providers for a consent to the data processing (that is, they declare their agreement, for example, by ticking a check box or confirming a button), the legal basis of the processing is Art. 6 para. 1 lit. a., Art. 7 GDPR.

If you are interested in how these providers process your data and how you can object this data processing (through opt-out), see our listing down below. In concern about disclosure and enforcement of your personal rights in regard of your personal data we advise contacting these providers directly as they are the only ones with direct access to this data and are therefore the only ones capable of acting in regard of your personal rights. If additional help is needed, please inform us accordingly.

9. Rights of the data subject

Grindosaur.com would like to make sure you are fully aware of all your data protection rights. Every user is entitled to the following:

9.1 The right to access

You have the right to request Grindosaur.com for copies of your personal data. We may charge you a small fee for this service.

9.2 The right of rectification

You have the right to request that Grindosaur.com correct any information you believe is inaccurate. You also have the right to request Grindosaur.com to complete the information you believe is incomplete.

9.3 The right to erasure

You have the right to request that Grindosaur.com erase your personal data, under certain conditions.

9.4 The right to restrict processing

You have the right to request that Grindosaur.com restrict the processing of your personal data, under certain conditions. In regard of Google Analytics, please see section 7. Google Analytics.

9.5 The right to object processing

You have the right to object to Grindosaur.com processing of your personal data, under certain conditions.

9.6 The right of data portability

You have the right to request that Grindosaur.com transfers the data that we have collected to another organization, or directly to you, under certain conditions.

If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us at our email: info@grindosaur.com.