Home Pazz Booster

Data privacy statement

I Name and address of data controller

The data controller within the meaning of the General Data Protection Regulation and other national data protection laws of the Member States as well as other data protection regulations is:
Pazz GmbH
Neumarkter Str. 21
81673 Munich, Germany

II General information on data processing

1. Scope of processing of personal data

We only collect and use our users' personal data where this is necessary to provide a functional website as well as our contents and services, and to implement our corporate purpose. The collection and use of our users' personal data takes place regularly only with the user's consent. An exception applies in cases where prior consent cannot be obtained for factual reasons, and the processing of the data is permitted by law.

2. Purposes and legal basis for the processing of personal data

We only process personal data to fulfil our contractual obligations or to protect our overriding legitimate interests. Our legitimate interests are based on the implementation of our corporate purpose. Insofar as we obtain the consent of the data subject for the processing of personal data, art. 6(1)a of the EU General Data Protection Regulation (GDPR) serves as the legal basis for the processing of personal data. During the processing of personal data required for the performance of a contract to which the data subject is a party, art. 6(1)b of the GDPR serves as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures. Insofar as the processing of personal data is required to fulfil a legal obligation to which our company is subject, art. 6(1)c of the GDPR serves as the legal basis. In the event that the vital interests of the data subject or another natural person require the processing of personal data, art. 6(1)d of the GDPR serves as the legal basis. If processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the interests first mentioned, art. 6(1)f of the GDPR serves as the legal basis for processing.

3. Categories of recipients and personal data, origin of the same

We share personal data with our business partners and service providers for the implementation of our corporate purpose. We typically use the contact and address data of our customers and business partners to implement our corporate purpose. We typically receive personal data directly from the data subject or, with the consent of the data subject and in exceptional cases, from third parties.

4. Transfer to third countries

In principle, we do not pass on personal data to recipients in third countries (i.e. countries outside the EU). If a transfer to recipients in third countries takes place in the future, we ensure that, in addition to the authorisation required for the transfer, the third country recipient ensures an appropriate level of data protection (or an exception pursuant to art. 49(1) of the GDPR exists).

5. Data erasure and retention period

The personal data of the data subject will be erased or blocked as soon as the purpose of storage ceases to apply. Furthermore, data may be stored if this has been provided for by the European or national legislator in EU regulations, laws or other provisions to which the data controller is subject. Data will also be blocked or erased if a retention period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or fulfilment of a contract.

III Provision of the website and creation of log files

1. Description and scope of data processing

Every time you visit our website, our system automatically collects data and information from the computer system of the visiting computer. The following data is collected:

  • Information about the browser type and version used
  • The user’s operating system and interface
  • The user's Internet service provider
  • The IP address of the user
  • Access status/http status code
  • Date and time of access
  • Time zone difference to Greenwich Mean Time
  • Content of the request (specific website)
  • The amount of data transferred in each case
  • Websites from which the user's system accesses our website

The data is also stored in the log files of our system. This data is not stored together with other personal data of the user.

2. Legal basis for data processing

The legal basis for the temporary storage of data and log files is art. 6(1)f of the GDPR.

3. Purpose of data processing

The temporary storage of the IP address by the system is necessary to enable the website to be delivered to the user's computer. The user's IP address must remain stored for the duration of the session for this. The data is stored in log files to ensure the functionality of the website. In addition, we use the data to optimise the website and to ensure the security of our information technology systems. Data is not evaluated for marketing purposes in this context. Our legitimate interest in data processing pursuant to art. 6(1)f of the GDPR also lies in these purposes.

4. Retention period

The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. If data is collected for the provision of the website, this is the case when the respective session has ended. If data is stored in log files, this is the case after seven days at the latest. Data may be stored beyond this period. If it is, the IP addresses of the users are deleted or modified so that they can no longer be assigned to the visiting client.

5. Possibility of lodging an objection and of elimination

Recording data to provide the website and storing data in log files is essential for operating the website. The user may therefore not object to this.

IV Use of web storage

1. Description and scope of data processing

Our website uses web storage. Web storage concerns storage areas that are stored in the internet browser or by the internet browser on the user's computer system. If a user visits a website, the user's operating system/hard disk can be stored on the web storage. This web storage contains a characteristic string that uniquely identifies the browser when the website is called up again. We use web storage to make our website more user-friendly. Certain elements of our website require the visiting browser to be identified even after the user has moved to another page. Encryption and decryption strings are stored in web storage.

2. Legal basis for data processing

The legal basis for the processing of personal data using Web storage is art. 6(1)f of the GDPR.

3. Purpose of data processing

The purpose of using technically required web storage is to simplify the use of websites for users. Certain functions of our website cannot be offered without the use of web storage. To do so, it is necessary for the browser to be recognised even after the user has moved to another page. We require Web storage for the following applications:

  • User search
  • Project creation and search
  • Chat

User data collected by technically required Web storage is not used to create user profiles. For these purposes, our legitimate interest also lies in the processing of personal data in accordance with art. 6(1)f of the GDPR.

4. Retention period, possibility of lodging an objection and of elimination

Web storage is stored on the user's computer and is transmitted to our site by the user. Therefore, as a user, you also have full control over the use of your own web storage. Already saved web storage content can be deleted at any time. This can also be done automatically.

V Use of cookies

1. Description and scope of data processing

Our website uses cookies. Cookies are text files that are stored in the internet browser or by the internet browser on the user's computer system. If a user visits a website, a cookie may be stored on the user's operating system/hard disk. This cookie contains a characteristic character string that enables a unique identification of the browser when the website is called up again. We use cookies to make our website more user-friendly. Certain elements of our website require that the calling browser can be identified even after the user has moved to another page. The following data is stored and transmitted in the cookies:

  • Google Analytics User Identification Number
  • Status of acceptance of cookies and web storage

We also use cookies on our website to enable an analysis of the user's surfing behaviour. In this way, the following data can be transmitted:

  • Google Analytics User Identification Number

When accessing our website, the user is informed about the use of cookies for analytical purposes and their consent to the processing of personal data used in this context is obtained. In this context, reference is also made to this data protection declaration.

2. Legal basis for data processing

The legal basis for the processing of personal data using technically necessary cookies is art. 6(1)f of the GDPR. The legal basis for the processing of personal data using cookies for analytical purposes if the user has given their consent to this is art. 6(1)a of the GDPR.

3. Purpose of data processing

If technically necessary cookies are used:

The purpose of using technically necessary cookies is to simplify the use of websites for users. Certain functions of our website cannot be offered without the use of cookies. To do so, it is necessary for the browser to be recognised even after the user has moved to another page.

We require cookies for the following applications:

  • Determining whether cookies and web storage are accepted
  • User data collected by technically required cookies is not used to create user profiles. Analysis cookies are used to improve the quality of our website and its content. We use analysis cookies to learn how the website is used and can therefore continually optimise our offer. It is necessary to differentiate between different users in order to derive improvement possibilities for the website. No personal data is linked to the analysis. For these purposes, our legitimate interest also lies in the processing of personal data in accordance with art. 6(1)f of the GDPR.

4. Retention period, possibility of lodging an objection and of elimination

Cookies are stored on the user's computer and transmitted to our site. Therefore, as a user, you also have full control over the use of cookies. You can disable or restrict the transmission of cookies by changing the settings in your internet browser. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are disabled for our website, it may no longer be possible to fully use all functions of the website. For "persistent cookies":

Our website also uses persistent cookies. These are automatically deleted after a specified period, which may vary depending on the cookie. You can also delete these cookies at any time.

VI Use of Google Analytics

If you have given your consent, this website uses Google Analytics, a web analysis service of Google LLC. The responsible service provider in the EU is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google").

Scope of processing
Google Analytics uses cookies that enable an analysis of your use of our website. The information collected by the cookies about your use of this website is usually transferred to a Google server in the USA and stored.

We use the function User-ID. The User ID allows us to assign a unique, permanent ID to one or more sessions (and the activities within these sessions) and to analyze user behavior across devices.

We use the function 'anonymizeIP' (so-called IP-Masking): Due to the activation of IP-anonymization on this website, your IP-address will be shortened by Google within member states of the European Union or in other signatory states of the Agreement on the European Economic Area. Only in exceptional cases the full IP address will be transferred to a Google server in the USA and shortened there. The IP address transmitted by your browser within the framework of Google Analytics is not merged with other data from Google.

During your website visit the following data will be collected:

  • the pages you call up, your "click behaviour“
  • Achievement of "website goals" (conversions, e.g. newsletter registrations, downloads, purchases)
  • Your user behavior (for example clicks, dwell time, bounce rates)
  • Your approximate location (region)
  • Your IP address (in abbreviated form)
  • technical information about your browser and the end devices you use (e.g. language settings, screen resolution)
  • Your internet provider
  • the referrer URL (via which website/advertising medium you came to this website)

Purposes of processing
On behalf of the operator of this website, Google will use this information to evaluate your use of the website and to compile reports on website activity. The reports provided by Google Analytics serve to analyse the performance of our website and the success of our marketing campaigns.

Recipient
The data recipient is

  • Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland

as data processor. For this purpose we have concluded a contract with Google. Google LLC, headquartered in California, USA, and, if applicable, US authorities can access the data stored at Google.

Transfer to third countries
A transfer of data to the USA cannot be excluded.

Duration of storage
The data sent by us and linked to cookies is automatically deleted after 14 months. Data is automatically deleted once a month as soon as the storage period is reached.

You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by
a. not giving your consent to the setting of the cookie or
b. downloading and installing the browser add-on to disable Google Analytics here.

By setting your browser software accordingsly you can also prevent the storage of cookies. If your browser is set to refuse all cookies, the functionality of this and other websites may be limited.

Legal basis and right of withdrawal
Your consent is the legal basis for this data processing, art. 6(1)a GDPR. You can revoke your consent at any time with effect for the future by clicking here.

For more information about Google Analytics terms of use and Google's privacy policy, please visit analytics terms and https://policies.google.com/?hl=en.

VII Provision of XMPP/Jabber

1. Description and scope of data processing

The Extensible Messaging and Presence Protocol (XMPP) is an open standard of a communication protocol published by the Internet Engineering Task Force (IETF) as RFC 6120, 6121 and 6122. XMPP is based on the XML standard and enables the exchange of data. This website uses this standard to exchange messages between users via a Jabber server operated by this website as a base node in the XMPP network. When registering and using the XMPP service, the following data is collected:

  • User identification number
  • IP address of the user client
  • PEP account information, if configured
  • XMPP contacts (XMPP IDs) and assigned names
  • Sent messages
  • Online status (status, time of last change)
  • File uploads
  • Technical information about the client used (supported (protocol/) versions)
  • Time of last login/logout

The IP address is stored in a log file in case of incorrect login attempts. The longer-term logging of messages is enabled by default to provide the best possible user experience. A client function can be used to permanently disable message logging (MAM) so that no messages remain permanently on the server and are only temporarily stored for transmission purposes. User name, PEP account information, status, file uploads and messages are shared with other XMPP servers if the local user of our server communicates with a user of another server.

2. Legal basis for data processing

The legal basis for the storage of data is art. 6(1)b of the GDPR.

3. Purpose of data processing

The above information is used to provide the service and must be stored in order to be able to offer the service to the user.

4. Duration of storage

Log files including stored IP addresses are deleted after 14 days at the latest. File uploads will also be deleted after 14 days at the latest.

VIII Registration

1. Description and scope of data processing

On our website, we offer users the opportunity to register through the OAuth login and authentication service. During this process, a user will be separately informed of the data sent to our website by the service and will be asked to confirm this transfer beforehand. The following data will be collected during the registration process, if available: URL of the user profile of the respective service

  • Name
  • Profile
  • E-mail address
  • Date of birth

The following data is also stored at the time of registration:

  • The IP address of the user
  • Date and time of registration

The user's consent to the processing of this data is obtained during the course of the registration process.

2. Legal basis for data processing

The legal basis for the processing of data is art. 6(1)a of the GDPR if the user has given their consent.

3. Purpose of data processing

Registration is necessary if you wish to use our services. This results in a specific service contract between you and us. User registration is necessary for the fulfilment of a contract with the user or for the implementation of pre-contractual measures. A more detailed description of the contract offered on the website can be found below. Why is the data collected necessary for these contracts? If the processing of the contractual partner's personal data upon conclusion of the contract is prescribed by law for the contracts offered by you, the respective standards from which the obligation arises must be specified.

4. Retention period

The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected.

5. Possibility of lodging an objection and of elimination

As a user, you have the option to cancel your registration at any time. You can change the data stored about you at any time. By clicking the "Edit profile" button on the home page, the data shown in the "Profile", "External characteristics" and "Activity" tabs can be changed.

IX Rights of the data subject

If your personal data, you are a data subject within the meaning of the GDPR and you have the following rights with respect to the data controller:

1. Right to information

You can ask the data controller to confirm whether personal data concerning you will be processed by us. If such processing has taken place, you can request the following information from the data controller:

  1. the purposes for which the personal data is processed;
  2. the categories of personal data processed;
  3. the recipients or categories of recipients to whom the personal data concerning you has been or is still being disclosed;
  4. the planned retention period for personal data concerning you or, if specific information about this is not possible, criteria for determining the retention period;
  5. the existence of a right to have your personal data concerning you corrected or deleted, a right to have processing restricted by the data controller or a right to object to such processing;
  6. the existence of a right to lodge a complaint to a supervisory authority;
  7. all available information about the origin of the data if personal data is not collected from the data subject;
  8. the existence of automated decision-making, including profiling in accordance with article 22(1) and (4) of the GDPR and – at least in these cases – meaningful information about the logic involved and the scope and intended effects of such processing for the data subject.

You have the right to request information as to whether the personal data concerning you is transferred to a third country or to an international organisation. In this context, you may request to be informed about the appropriate guarantees pursuant to art. 46 of the GDPR in connection with the transmission.

2. Right to rectification

You have a right to rectification and/or completion vis-à-vis the data controller if the personal data processed concerning you is incorrect or incomplete. The data controller shall make the correction without delay.

3. Right to restriction of processing

Under the following conditions, you may request that the processing of personal data concerning you be restricted:

  1. if you dispute the accuracy of the personal data concerning you for a period of time that enables the data controller to verify the accuracy of the personal data;
  2. the processing is unlawful and you object to erasure of the personal data, and instead request that the use of the personal data be restricted;
  3. the data controller no longer requires the personal data for the purposes of the processing, but you need it to assert, exercise or defend legal claims, or
  4. if you have filed an objection to processing pursuant to art. 21(1) of the GDPR and it has not yet been determined whether the legitimate reasons of the data controller outweigh your reasons.

If the processing of personal data concerning you has been restricted, this data may only be processed – apart from being stored – with your consent or for the purpose of asserting, exercising or defending rights or protecting the rights of another natural or legal person or on grounds of an important public interest of the Union or a Member State. If the processing restriction has been restricted according to the above conditions, you will be informed by the data controller before the restriction is lifted.

4. Right to cancellation

a) Duty to delete You may request the data controller to delete the personal data relating to you without delay and the data controller is obliged to delete this data without delay if one of the following reasons applies:

  1. The personal data concerning you is no longer required for the purposes for which it was collected or otherwise processed.
  2. You revoke your consent on which processing was based pursuant to art. 6(1)a or art. 9(2)a of the GDPR, and there is no other legal basis for processing.
  3. You file an objection to processing pursuant to art. 21(1) of the GDPR and there are no overriding legitimate reasons for processing, or you file an objection to processing pursuant to art. 21(2) of the GDPR.
  4. The personal data concerning you has been processed unlawfully.
  5. The erasure of personal data concerning you is necessary to fulfil a legal obligation under Union law or the law of the Member States to which the data controller is subject.
  6. The personal data concerning you has been collected in relation to Information Society services offered pursuant to art. 8(1) of the GDPR.

b) Information to third parties If the data controller has made the personal data concerning you public and is obliged to delete it pursuant to art. 17(1) of the GDPR, they shall take appropriate measures, including technical measures, taking into account the available technology and implementation costs, to inform data processors who process the personal data that you as the data subject have requested the erasure of all links to this personal data or of copies or replications of this personal data.

c) Exceptions The right to erasure does not exist insofar as processing is necessary

  1. to exercise freedom of expression and information;
  2. for the fulfilment of a legal obligation required for processing under the law of the Union or of the Member States to which the person responsible is subject or for the performance of a task in the public interest or in the exercise of official authority conferred on the data controller;
  3. for reasons of public interest in the field of public health pursuant to art. 9(2)h and i and art. 9(3) of the GDPR;
  4. for archiving purposes in the public interest, scientific or historical research purposes or for statistical purposes pursuant to art. 89(1) of the GDPR, insofar as the law referred to under a) is likely to render impossible or seriously impair the attainment of the objectives of such processing, or
  5. to assert, exercise or defend legal claims.

5. Right to information

If you have exercised your right to have the data controller rectify, erase or restrict processing, they are obliged to inform all recipients to whom the personal data concerning you has been disclosed of this rectification or erasure of the data or restriction on processing, unless this proves impossible or involves a disproportionate effort. You have the right to be informed of such recipients by the data controller.

6. Right to data portability

You have the right to receive the personal data concerning you that you have provided to the data controller in a structured, common and machine-readable format. In addition, you have the right to pass this data on to another data controller without obstruction by the data controller to whom the personal data was provided, provided that

  1. processing is based on consent pursuant to art. 6(1)a of the GDPR or art. 9(2)a of the GDPR or on a contract pursuant to art. 6(1)b of the GDPR and
  2. processing is carried out using automated methods.

In exercising this right, you also have the right to request that the personal data concerning you be transferred directly from one data controller to another, insofar as this is technically feasible. The freedom and rights of other persons must not be affected by this. The right to data portability shall not apply to the processing of personal data necessary for the performance of a task in the public interest or in the exercise of official authority conferred on the data controller.

7. Right to object

You have the right to object at any time, for reasons arising from your particular situation, to the processing of personal data concerning you under art. 6(1)e or f of the GDPR; this also applies to profiling based on these provisions. The data controller no longer processes the personal data concerning you, unless they can prove compelling reasons worthy of protection for processing which outweigh your interests, rights and freedom, or if the processing serves to assert, exercise or defend legal claims. If the personal data concerning you is processed for direct marketing purposes, you have the right to object at any time to the processing of the personal data concerning you for the purpose of such advertising; this also applies to profiling, insofar as this is associated with such direct marketing. If you object to the processing for direct marketing purposes, the personal data concerning you will no longer be processed for these purposes. You have the possibility to exercise your right of objection in connection with the use of the Information Society services by means of automated procedures using technical specifications, notwithstanding Directive 2002/58/EC.

8. Right to revoke the data protection declaration of consent

You have the right to revoke your data protection declaration of consent at any time. The revocation of consent shall not affect the legality of the processing carried out on the basis of the consent until revocation.

9. Automated decision in individual cases including profiling

You have the right not to be subject to a decision based exclusively on automated processing – including profiling – that has legal effect against you or significantly impairs you in a similar manner. This does not apply if the decision

  1. is necessary for the conclusion or performance of a contract between you and the data controller,
  2. is admissible by law of the Union or of the Member States to which the data controller is subject and that law contains appropriate measures to safeguard your rights, freedom and legitimate interests, or
  3. is done with your express consent.

However, these decisions may not be based on special categories of personal data pursuant to art. 9(1) of the GDPR unless art. 9(2)a or g applies and appropriate measures have been taken to protect your rights and freedoms and your legitimate interests. In the cases referred to in (1) and (3), the data controller shall take reasonable measures to safeguard your rights, freedom and legitimate interests, including at least the right to obtain the intervention of a person by the data controller, to state their own position and to challenge the decision.

10. Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State in which you reside, work or are suspected of infringement, if you believe that the processing of personal data concerning you is contrary to the GDPR. The supervisory authority to which the complaint has been lodged shall inform the complainant of the status and results of the complaint, including the possibility of a judicial remedy under art. 78 of the GDPR.

X Facebook Pixel

By using the Facebook pixel, a direct connection between your browser and a Facebook server is established when you visit our site. Facebook is thus given the opportunity to assign the website visit to your Facebook user account, provided you are logged into Facebook. Even if you do not have a Facebook user account, Facebook can draw any conclusions about your surfing behavior and interests on the basis of an anonymized IP address. At the web address https://www.facebook.com/about/privacy/ you will find further information on how Facebook handles your data. The use of the Facebook pixel as part of the Facebook Ads application or placement of remarketing advertising in the form of so-called custom audiences enables us to measure the success of the advertising campaigns, deliver more targeted advertising and optimize these advertising campaigns. By installing the Facebook pixel, we do not receive any private user data from the social network from Facebook and can only advertise anonymously on the basis of target group segments to a group of former website visitors and not to a directly numbered individual. You can edit your advertising preferences for Facebook advertisements under the following link: https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen.

XI TikTok Pixel

When you visit this website, personal data is processed. Categories of data processed: data about the use of the website as well as the logging of clicks on individual elements. Purpose of processing: Investigation of usage behavior, analysis of the effect of online marketing measures and selection of online advertising on other platforms, which are automatically selected based on usage behavior using real-time bidding. The legal basis for processing: Your consent in accordance with Art. 6 (1) a GDPR. Data is transferred: to the independent controller TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland (https:www.tiktok.com). The legal basis for the data transfer to TikTok Technology Limited is your consent in accordance with Art. 6 (1) a GDPR. This may also mean a transfer of personal data to a country outside the European Union. The data is transmitted based on your consent in accordance with Art. 6 Para. 1 lit a in conjunction with Art. 49 Para. 1 lit a GDPR. For an email contact with the data protection officer of TikTok Technology Limited: https://www.tiktok.com/legal/report/DPO. To contact the data protection officer of TikTok Technology Limited by email: https://www.tiktok.com/legal/privacy-policy-eea?lang=en. Duration of processing: is variable and ends when the purpose of processing no longer applies.

XII Payments

To manage our recurring billing and subscription services efficiently, we utilize Chargebee, a billing management system. For the actual processing of payments, we have partnered with Stripe, PayPal and Apple Pay. Chargebee aids in organizing and handling the billing aspects of your subscriptions, while Stripe, PayPal, Apple Pay securely process your payment transactions, including the collection of payment details and execution of charges. By subscribing to our services with a recurring payment plan, you are consenting to the processing of your billing and payment information by Chargebee, Stripe, PayPal and Apple Pay. This includes the use of your personal data as necessary for managing your subscription billing via Chargebee and for processing payments through Stripe and PayPal. Your explicit consent encompasses the collection, use, and sharing of this data as required for these purposes. You can find detailed information about the data processing in the privacy policies of Chargebee, Stripe, PayPal, and Apple Pay. In line with the General Data Protection Regulation (GDPR), you maintain the right to access, rectify, erase, or transfer your personal data that we, along with Chargebee, Stripe, PayPal and Apple Pay, hold . Additionally, you have the right to withdraw your consent at any moment. Should you wish to exercise any of these rights, please contact us. For more information please refer to section IX.