1. General information
1.1 The usage of this site is usually possible without providing personal data. If personal data is compiled, such as names, addresses, or e-mail addresses, it always happens voluntarily and is used to fulfill our contractual agreements with the people concerned. This data will not be shared with third-party organizations without your explicit permission. However, some data might be compiled indirectly through different means. This collection of data happens through the usage of cookies, which are discussed subsequently. Please note that you will be informed accordingly.
2.1 The European General Data Protection Regulation (GDPR), the Bundesdatenschutzgesetz (BDSG) and the Telemediengesetz (TMG) address the protection of personal data. This protection encompasses data that can be associated with your person (e.g., your name, telephone number, or e-mail address). These laws do not protect information that cannot be used to identify your identity (e.g., contents you share on this website).
3. Elicitation and usage of personal data
3.1 Upon arrival and further visit, we are saving the following data by default:
- your IP address
- the website you came from (referrer)
- the sites you have visited during your session
- the date and duration of your visit
- your browser
- your browsers settings
- your operating system
This data is solely used to ensure that our website is operating correctly and without malfunctions. Furthermore, it helps us to troubleshoot and to fight bots and provide a secure browsing experience while you stay. This data is deleted automatically after 60 days.
3.3 Please note that we only save and store personal data (e.g., your name and e-mail address) if you submit this data yourself. This submission primarily happens through our contact form or registration service. These services require specific information to be used to their fullest functionality.
3.4 Mandatory information in line with Art. 13 GDPR:
In initial contact cases, we are obliged by Art. 12, 13 GDPR to provide you with the following information: If you contact us, we will only process your data
- if there is a justified interest in processing (Art. 6 para. 1 lit. f GDPR); and
- if you have consented to the processing of your data (Art. 6 para. 1 lit. a GDPR); and
- if the processing is necessary for the initiation, establishment, content, or modification of a legal relationship between you and us (Art. 6 para. 1 lit. b GDPR); or
- if another legal norm permits processing.
This data will remain on our servers until you request its deletion, revoke your consent of its storage, or the reason for its storage becomes obsolete (e.g., in cases of resolved matters). Mandatory legal provisions remain unaffected in these cases, especially in cases of safekeeping in regards to tax and commercial retention periods.
4. User account creation
The user can register an account to access additional features offered by this site. The data submitted by the user during the registration process is used only for this particular service for which the user has registered. Moreover, the data requested during registration is mandatory and must be provided in full. Otherwise, the registration will be rejected.
Furthermore, the data entered during registration is processed to establish a contractual agreement between the user and the site's operator and, if necessary, for initiating further contracts, based on Art. 6 para. 1 lit. b GDPR.
Note that we will store the data collected during registration for as long as the user is registered on this website. If the user chooses to delete their account or the site's operator has to terminate the user's account due to a contractual breach, the user's data will be deleted. Legal retention periods remain unaffected.
For significant changes or additions made to this online offer that exceeds the registration's agreement's initial scope, the site's operator will use the user's provided e-mail address to inform about the occurring changes.
5. Disclosure to third parties and transfer abroad
5.1 Aforementioned, compiled private data (such as names and addresses) will not be shared with third-party organizations without your explicit permission. However, in exceptional cases, such as legal obligations to hand over information to a court, we will share compiled information about specific individuals after receiving an adjudication order.
5.2 Your data will only be saved and used in the Federal Republic of Germany. A transfer to non-European countries will only take place if necessary for the fulfillment of a contract or if the service providers engaged by us carry out such processing. However, this presupposes that the EU Commission has decided on an appropriate level of protection for the country concerned or that we have concluded contracts in accordance with the EU data protection laws that adequately protect and guarantee your rights and freedoms.
5.3 We have integrated tools and software developed by companies based in the US into our website. If active, these tools may transfer your data to the respective companies' servers located in the US. We want to point out that the US is not considered a safe third country in the sense of EU data protection laws, as US companies are obliged to hand over personal data to security authorities without you as a data subject being able to take legal action against this. Therefore, it cannot be ruled out that US authorities (e.g., intelligence services) process, evaluate, and permanently store your data located on US servers for monitoring purposes. Note that we do not have any power over nor can we influence these processing activities.
6. Consenting to data usage
6.1 Our scripts will show you a consent form on your first visit and every succeeding one after 30 days, asking for permissions regarding tracking and analyzing your usage behavior of this website, as well as the compiling of personal data for advertising purposes. By clicking "Accept" on the corresponding form, you give your consent to this site's operator to process and use personal data to consult, advertise, conduct market research, or design the services according to your needs. However, as a user, you can object to the compiling and use of personal data by clicking the "Reject" button.
7.1 This website utilizes cookies. Cookies are text documents that are commonly stored on your computer and saved through your browser. They do not damage your computer, nor do they contain viruses. They are solely used to make our website more user friendly and secure to browse.
7.2 Most of our used cookies are so-called session cookies. These will be deleted after you leave our website. Other cookies will remain on your device until a certain amount of time has passed or until you delete them manually. These cookies are called persistent-cookies and allow us to identify your browser upon your next visit and simplify your navigation on our site.
7.3 If you worry about cookies or do not want them to be stored on your device, simply use your browser's help function and change your settings to either disallow every new incoming cookie or be informed about a soon to be set cookie. The latter will give you a choice to either allow or disallow the cookie to be set. Please note that some exciting site features will not or might work differently than they usually do or are expected to when disallowing cookies. Therefore, we advise you to allow cookies to be set on your device.
In cases that users send personal data to us, Grindosaur.com offers the possibility of encrypted data transmissions. This encryption provides protection for confidentiality between our users and our web server and helps prevent the abusage of personal data, e.g., interception or manipulation. This protection is achieved by the usage of encryption technology called SSL (Secure Socket Layer). This technology is recognized for its reliability and widely used across the internet.
Based on Art. 32 GDPR, Grindosaur.com chooses in consideration of the currently available technology, its implementation costs and type, scope, circumstances and the purpose of the data processing as well as the seriousness of the risks for the rights and liberties of the individual, suitable technological and organizational measures to ensure a reasonable level of protection of personal data. These measures include safeguarding the confidentiality, integrity, and availability of data through our system. Furthermore, Grindosaur.com implemented processes that allow us to respond to users in concern about their data subject rights (more information about these rights can be found in section 11: 'Rights of the data subject'). Additionally, principles of data protection and pre-configuration of settings are considered while developing software and internal procedures or choosing hardware for this project (Art. 25 GDPR).
One of these security measures is the encrypted transmission of data between your browser and our server during your login procedure.
9. Google services
9.1 Google Analytics
This website uses Google Analytics, a website analysis service by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Google Analytics utilizes cookies. These are text documents that are commonly stored on your computer and provide an analysis of your usage of this website. The information gathered through cookies is generally saved on Google's servers in the USA.
Google Analytics cookies are stored based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in analyzing user behavior to optimize his website and its advertising.
9.1.1 IP anonymization
We use the function 'Activation of IP Anonymization' on our website. This function assures that Google shortens your IP address in member states of the European Union or other contracting states of the European Economic Zone. Only in exceptional cases will your full IP address be transferred to Google's servers in the USA and shortened there. In the commission of the provider, Google will use this data to analyze your usage of this website, compile reports on your website activity, and supply other information about your website and internet usage to the provider of this website. The IP address relayed by Google Analytics will not be merged with other Google data.
9.1.2 Browser Plugin
Due to certain browser adjustments, it is possible to prevent the storage of cookies; however, consider that you might not be able to use this website to its full extent. Additionally, you can prevent the data collection of personal data (e.g., IP addresses) and your browsing behavior through cookies that are sent to Google via the usage of a browser extension. This extension is provided by Google and may be downloaded from the following source: https://tools.google.com/dlpage/gaoptout?hl=en.
9.1.3 Objecting the data gathering process
As an individual, you can prevent the collection of your data through Google Analytics by clicking on the following link. The link will create an opt-out cookie that will prevent the data acquisition through Google Analytics during future visits of this website: deactivate Google Analytics.
9.1.4 (Commissioned) data processing
Bound by the German data protection legislation, we entered into a contract with Google in regards to Google Analytics' data processing. As a result of this, we declare that we follow the German data protection legislation and implement its regulations accordingly.
9.1.5 Demographics in Google Analytics
This website uses the 'demographic parameters' function of Google Analytics. This function generates reports providing information on the age, gender, and interests of website visitors. The sources of this information are interest-related advertising services by Google and visitor data obtained from third-party providers. This data cannot be assigned to a specific person. You can deactivate this function at any time via the ad settings in your Google account. Furthermore, you can prohibit the collection of your data by Google Analytics, as shown in section 9.3: 'Objecting the data gathering process.'
9.2 Google AdSense (personalized & non-personalized)
Based on our legitimate interests (e.g., the interest in the analysis, optimization and economic operation of our online offer within the scope of Art. 6 para. 1 lit. f GDPR), we use the ad embedding service Google AdSense provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Currently, we utilize Google AdSense's service in both the 'personalized' and 'non-personalized' mode. Personalized ads (formerly known as interest-based adverts) are based on previously collected or historical data that determines or influences any given user's ad selection, including a user's previous search queries, activities, visits to sites, or apps, demographic information, or locations. Furthermore, this would include demographic targeting, interest category targeting, and general remarketing. Contrary to the personalized ads, the non-personalized ads are not based on your previous use patterns and interests but on your location, the contents of the website you are visiting, or the search terms you were using to find said online offer (e.g., this website). Additionally, Google AdSense will not generate a user profile for you while using this type of advertisement. To learn more about the distinct differences between personalized targeting (which is often referred to as 'remarketing') and targeting that has not been customized by Google AdSense, please click on the following link: https://support.google.com/adsense/answer/9007336.
Non-personalized ads are served in
- the state of California (United States of America).
Please keep in mind that even using the 'non-personalized' mode of Google AdSense might result in the archiving of cookies by Google. According to Google, these cookies are used to combat fraud and misuse. Additionally, these cookies will remain on your device until you delete them manually.
More information regarding Google's data usage for marketing purposes can be found here: https://policies.google.com/technologies/ads.
Additionally, you have the option to adjust your advertising settings freely in your Google user account. To do so, please click on the following link: https://adssettings.google.com/authenticated.
9.3 Google reCAPTCHA (v3)
This website uses Google reCAPTCHA (hereinafter "reCAPTCHA"). The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
The purpose of reCAPTCHA (Google's product name incorporating an acronym standing for "Completely Automated Public Turing test to tell Computers and Humans Apart") is to verify whether a human or an automated program (usually refered to as a bot, crawler or spider) browses our website or makes data entries on our contact and registration forms. For this purpose, reCAPTCHA analyzes the behavior of the user based on various characteristics discussed subsequently. This examination starts automatically as soon as the user enters the website and accepts cookie usage. For the analysis, reCAPTCHA evaluates different information such as the IP address, time spent on the website, or mouse movements/touch interactions made by the user, to name a few. The data collected during this analysis is forwarded to Google's servers for examination and will return an indicator of how likely the user is human or not.
This process runs entirely in the background without interfering with the user's browsing experience. Website visitors are not made aware that an analysis is taking place in the background.
This data processing is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in protecting his web offer from spam, automated spying, and abusive ad clicks (ad fraud) made by robots.
9.4 Google Web Fonts
This website utilizes free web fonts provided by Google for a consistent presentation.
If you choose not to accept cookies from our web offer, no connection between this website and Google's font servers is established as the font files reside on our server and are served by it. However, when you allow us to utilize cookies on our website, Google reCAPTCHA (v3) will download and use a Roboto font file from Google's servers. This font file also resides on our server and is used for a consistent presentation of our content but is not actively utilized by Google's scripts. We do not know precisely why the script downloads a font file already present, but we wanted to inform you accordingly about this circumstance.
10. Affiliate partner programs
We are, based on our legitimate interests (i.e., interest in the economic operation of our online offer within the scope of Art. 6 para. 1 lit. f GDPR), participants in partner programs to earn a commission by placing links and other advertisements. The respective partner can trace the origin of the orders via user-independent identifiers. Among other things, the partner can recognize that you have clicked the partner link on this website. If applicable, the partner may then use their cookies on their website within their area of responsibility to collect and compile data; we have no access to this gathered data.
11. Online presence in social media
We utilize social media to inform and interact with customers, members, and anyone interested in our services. In doing so, we would like to point out that user data may be processed outside the European Union. This might cause risks for the users as their rights might be harder to enforce on these platforms.
Furthermore, this aforementioned compiled user data is usually processed for market research and advertising purposes by these platforms. We would like to note that user profiles can be created from a user's behavior and subsequently determine a user's interests. These user profiles can then be used to place advertisements within and outside the platforms that apparently correspond to the interests of the user in question. This practice is called 'remarketing' and utilizes cookies that get stored on a user's device, in which the behavior and interests of a user are stored. Furthermore, this data may also be stored in the user's profile regardless of the devices used (especially if the user is a member of the respective platform and is logged in to it).
The processing of our users' personal data is based on our legitimate interests in an attempt to effectively communicate with our users in accordance with Art. 6 para. 1 lit. f GDPR. If users are asked by the respective provider to give their consent to data processing (i.e., to give their consent, e.g., by ticking a checkbox or clicking a button), the legal basis for processing is Art. 6 para. 1 lit. a, and Art. 7 GDPR.
If you are interested in how these providers process your data and how you can object this data processing (through opt-out), see our listing down below. In concern about disclosure and enforcement of your rights regarding your data, we advise you to contact these providers directly as they are the only ones with direct access to your data and are, therefore, the only ones capable of acting in regard to your rights. If additional help is needed, please inform us accordingly.
We utilize the services of Cloudflare Inc, 101 Townsend St., San Francisco, CA 94107, USA (from now on "Cloudflare").
If you are interested in the cookies used by Cloudflare's services, please read the following document listing all of Cloudflare's cookies in use: https://support.cloudflare.com/hc/en-us/articles/200170156-Understanding-the-Cloudflare-Cookies.
The use of Cloudflare is based on our legitimate interest in providing our website as error-free and secure as possible (Art. 6 para. 1 lit. f GDPR).
The data transfer to the United States of America is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.cloudflare.com/cloudflare_customer_DPAv3.pdf.
More information about Cloudflare's security measures and data protection efforts can be found here: https://www.cloudflare.com/privacypolicy/.
13. Disclosure of personal information
On request, we will inform you about whether and which personal data we store about you. Furthermore, we constantly strive to ensure that your data is correct and up to date. If, however, incorrect information has been stored, please contact us to correct it immediately. Additionally, this site's operator would like to inform you that there is currently no possibility to independently query or export this data from the system. But he would also like to point out that there will be a technical solution for this problem in the future.
On further notice: If you make a request, we have one month to respond to you. If you would like to exercise any of your rights, please contact us at our e-mail: [email protected]