​Privacy policy for prize competition

A deal from , 5. Mar. 2017 5:57 pm

Privacy policy for prize competition

The protection of your personal data in compliance with data protection laws is extremely important to us. Below, you will find specific information about which type of personal data is processed for which purposes and on which legal basis.

1. Who is responsible for data processing?

HolidayPirates GmbH, Wallstraße 59, 10179 Berlin, Germany, is the data controller. The Data Protection Officer of HolidayPirates GmbH is Roman Maczkowsky. He can be contacted via [email protected].

2. Which categories of personal data are being processed?

We process contact data provided by contest participants as well as protocol data acquired by our IT systems during the competition. Furthermore, we process the following types of contact data provided by the winner of the competition: first name, last name, address, and email address.

2.1 Information you will provide by participating in this contest:

Email address and name

3. Where does the data come from?

The data is provided by the participants of the competition themselves.

4. For which purposes is my data being processed? What is the legal basis?

a. Art 6 para 1 b) GDPR

We process personal data required to fulfil the contractual obligations of the competition.

Data is processed for the provision of contractually guaranteed services such as giving the prize to the winner of the competition.

The legal basis is Art. 6 para. 1 b) GDPR. In order to execute and fulfill the competition contract, we will process the data that you provide us upon formation of the contract or in the course of the contractual relationship. In particular, this includes your personal data and contact information (first name, last name, date of birth, address, email address).

b. Art. 6 para 1 a) GDPR

If you have given us your consent to process your data, we will do so for the purposes listed in the consent form. You may revoke your consent at any time.

c. Art. 6 para 1 f) GDPR

We process your data in order to protect our own legitimate interests or those of third parties. This applies in particular to internal communication between affiliated companies and data required for certain administrative purposes.

5. Will data be transferred?

Employees within our group of companies will be granted access to your data if they need it to fulfill the contractual or legal obligations. Moreover, the following service providers may also access your data for the purposes listed below:

Gleam

  • Address & place of jurisdiction: Crowd9 PTY LTD, 16 Jacaranda Crescent, Mornington, VIC 3931, Australia,
  • GDPR Compliance: https://gleam.io/privacy
  • Purpose: Fulfil campaign obligations created by HolidayPirates GmbH, detect fraudulent activity in campaigns and invalidate entries, and send out campaign emails
  • Disclosed Data: Email address, Name, cookie ID, IP address, general location, browser Identification


Adjust GmbH (Apps)

  • Address: adjust GmbH, Saarbrücker Str. 37A, 10405 Berlin, Germany
  • GDPR Compliance: https://www.adjust.com/gdpr/
  • Purpose:
    • Identify mobile application behaviour to prepare targeted marketing decisions and efficiently execute and optimise mobile campaigns for social networks and other websites
  • All pseudonymised data:
    • Pseudonymous cookie ID, ad ID and device ID used by a particular person, events in the mobile app related to the use of the mobile app by a specific user (in particular login and successful completion of the transaction), but no payment and financial data
    • Content of the advertisement to be delivered to a particular user and, as appropriate, classified advertising group to which that person belongs

We collect information on your activity in our app, including service-related, diagnostic, and performance information. This includes information about your activity (for instance how you use our services, your service settings, how you interact with others using our services, and the time, frequency, and duration of your activities and interactions), log files, and diagnostics, crash, website, and performance logs and reports. If you did not disable tracking in the App (in "Usage And Log Information"), some pseudonymous data will be sent to Adjust GmbH, Facebook Inc. and Google Ireland Limited. Data processing according to Art. 6. (1) f GDPR is justified by our economic interest in optimizing existing products and services as well as providing technical functionality.

For details please see our Data Protection Regulation. (and here add the link to our general data protection declaration)

6. What are my rights?

In accordance with the GDPR, you have the following rights:

  • right of access (Art. 15 GDPR)
  • right to rectification (Art. 16 GDPR)
  • right to object (Art. 21 GDPR)
  • right to erasure (Art. 17 GDPR)
  • right to restriction of processing (Art. 18 GDPR)
  • right to data portability (Art. 20 GDPR)

Where we cite our legitimate interest (Art. 6 para 1 f) GDPR) as the legal basis, you have a right to objection pursuant to Art. 21 GDPR.

According to Art. 21 GDPR you have the right

to object to your personal data being processed at any time. We will then no longer process your personal data for direct marketing purposes or related profiling.

After your objection we will not process your personal data for any other purposes, either - unless we are able to demonstrate that there are reasons to do so that clearly outweigh your interests, rights and freedoms, or unless processing your personal data serves to assert, exercise or defend legal claims (cf. Art. 21 para. 1, para. 6 GDPR, so-called "limited right of objection"). In these cases, you are required to explain the reasons for your objection.

7. Do I have the right to complain?

Yes, you may address your complaint either to us or the relevant data protection authority.

Transparency is very important to us. Please do not hesitate to contact us if you have any further questions.

8. For how long will my data be stored?

We process and store your personal data for the period of the existing contract. We regularly delete data that is no longer required for contractual or legal purposes. However, we need to take into account legal retention periods (in particular § 257 HGB and § 147 AO), which can be up to 10 years.

When data is stored for the purpose of ensuring enforcement of legal claims, the limitation periods can be up to 30 years, but the regular limitation period is three years.

If your data is used for advertising purposes, we will only process the data until you object to its use or revoke your consent or until usage is no longer permitted by law.

9. Do I have to give you my data?

In the course of the contractual relationship of the competition, you are required to provide your personal data that is either necessary for the execution and fulfillment of the contract or legally required in this context. Failure to make this data available would result in failure to conclude the contract with you.

​Privacy policy for prize competition