Data Protection Declaration

We, the upjers GmbH (Ltd.) seated in Hafenstraße 13, 96052 Bamberg, Deutschland, run the website www.upjers.com and gather data from our visitors, as far as it is necessary. In the following data protection declaration you will learn what we are doing with your data, so called personal data, and why we do this. Furthermore, we explain to you, how we protect your data, when data will be deleted and which rights you have thanks to the data protection.

In advance: We adhere to the data protection laws and protect your sphere of personal privacy in the best way possible. But we also want to be completely honest: the internet lives from data exchange and still displays many security leaks. Even when your data is encrypted while you are visiting our website, there is always a remaining risk, at the latest with the exchange of foreign websites. If you visit a different website, for example, via a link on our website, please consider that this data protection declaration at hand will not be valid for the foreign website.

Content:

1. Person in Charge – to Whom can I Turn to?

Responsible for this website is:

upjers GmbH
Hafenstraße 13
96052 Bamberg

Telefon: +49 (0)951/5109080
Fax: +49 (0)951/510908102
E-Mail: mail@upjers.com

Kunden-Support:
Support-Formular: https://support.upjers.com/en/start
Email: support@upjers.com

2. Data Protection Officer

Via the contact data you can also contact our data protection officer. If you have specific questions regarding your data, their deletion, or your rights, there is a direct contact possibility for data protection via the email datenschutzbeauftragter@upjers.com. If you want to raise a request, the notation “data protection” is sufficient.

3. What Rights do I have?

You can contact us whenever you have questions regarding your data protection rights or want to claim one of your following rights:

  • Right of revocation according to Article 7 Paragraph 3 GDPR (for example you can turn to us in case you would like to withdraw a formerly given agreement for a newsletter)
  • Right of Information according to Article 15 GDPR (for example, you can turn to us if you want to know which data of yours we have saved)
  • Rectification according to Article 16 GDPR (for example, you can turn to us in case your email has changed and if we are supposed to substitute the old email)
  • Deletion according to Article 17 GDPR (for example, you can turn to us if we have to delete certain data about you which we have saved)
  • Restriction of processing according to Article 18 GDPR (for example, you can turn to us if you want that your email is not deleted, but instead only used for sending you the absolutely necessary emails)
  • Data Portability according to Article 20 GDPR (for example, you can turn to us in order to receive your saved data in a compacted format, for example, when you want to provide another website with your data)
  • Objection according to Artice 21 GDPR (for example you can turn to us when you are inconvenient with the here mentioned promotional videos or analysis methods)
  • Right of appeal at the controlling authority in charge according to Article 77, Paragraph 1 GDPR (for example, you can also direct your complaints straight to the Data Protection Authorities)

4. Deletion of Data and Storage Period of Data

As long as not stated differently, we delete your data as soon as we do not need it any more. A blocking or deletion of your data also occurs when a storage limit, which is required by law, is ending unless there is a further need to save the data for a contract closing or a contractual performance. Certain data might have to be saved longer due to legal reasons. Of course, you can always obtain information about the saved data.

5. How Is your Personal Data Protected?

We will take all useful and suitable measures to protect the personal data saved by us from abuse, loss or unauthorized access. Therefore, we have taken several technical and organisational measures. This includes measures how to deal with every alleged data corruption possible.

If you have the suspicion that your personal data have been abused or have been lost, or that an unauthorized access has taken place, please let us know this as quickly as possible and turn to the contact data mentioned above!

6. Visit of the Website

If you only want to have a look around at our website, we do not gather any personal data with exception of the data your browser is transmitting in order to enable the visit of the website. This concerns especially:

  • the approximate localisation based on the IP-area (only country of the port)
  • Internet-provider (for example, Telstra, Vodafone or Comcast)
  • Date and Time (for example, 11:45 am, 25 May 2018)
  • Browser (for example Chrome or Safari)

The technical data raised cannot be traced back to you and only serve anonymous, statistic purposes to optimise our website.

Purpose of the temporary storage of data at the beginning is to secure the connection as well as the accessibility and the correct depiction of our website.

Legal basis is the so called legitimate interest in the frame of the above mentioned security measures, which has also been verified in accordance with the European Data Protection Requirements from Article 6 Paragraph 1 lit. GDPR. In accordance with that our interest in a secure and disruption-free provision of our services permits the utilization of the above mentioned technical data, which constitute due to their nature only a very small interference with the visitors’ informational self-determination.

7. Requests to our Customer Support

You have the opportunity to contact our support team. With clicking at “support” on our websites, you will be forwarded to https://support.upjers.com/de/start. A request is furthermore possible via email to support@upjers.com.

The following data can be requested by us:

  • username and/or login
  • user ID
  • upjers ID
  • email
  • if necessary, payment service provider
  • message, support request
  • plug-ins (for example, Adobe Flash)
  • operating system (for example, Mac OS)
  • hardware (for example, Intel processor)
  • browser

As a measure of protection, the support request is forwarded via an encrypted connection. Furthermore, we apply the basic principle of data minimisation and only gather data in the support form, which is effectively important. After the successful contacting with you and the ending of the support case, your data will be deleted immediately.

Purpose of the requested data is exclusively contacting and supporting you, which is why the data are also only used for this purposes.

Legal Basis is your consent (Article 6 Paragraph 1a, GDPR), which you give by contacting the support.

8. Downloading of Apps

Through our websites you can also reach our game range in the app stores for mobile terminal devices (in the following: apps) via a link.

During the download of an app, necessary information will be raised by the app store in question, especially the point in time of the download, title, language version and an advertiser ID/ individual device ID. We have no influence whatsoever on these data and are not responsible for it. The app stores provide you with their own data protection declaration concerning the handling of personal data.

We process data within the scope of app usage, as far as it is necessary for the download of the mobile app to your terminal device, the supply of the game in question and the liquidation of in-game purchases.

Further information regarding the data processing within the scope of app usage can be found in our data protection declaration for mobile applications (https://en.upjers.com/mprivacy).

9. Registration

Additionally, you have the possibility to register yourself on our website and log in afterwards whenever you want with your user account. To register yourself, the following data is needed:

  • email address
  • user name and/ or log in name
  • password

As a measure of protection, the transmission of the data entered by you will take place via an encrypted connection. Further, we apply the basic principle of data minimisation and only raise the data, which is effectively needed. Please do not use your real name or the one of a different person as a user name. We also assign you, depending on the transmitted IP-address, to a country. This data is saved in order to show you the corresponding offer of payment methods. You can change the selection at any time. After creating a user account, your data will be saved until you decide to change certain data or to delete the whole user account.

Purpose of the raised data is the creation of a user account in order to use our browser games and extended functions on the website (for example, in-game messages, post in the forum). Registration is voluntarily and can always be revoked and/ or the user data deleted.

Legal Basis is the user's consent in accordance with the European Data Protection Requirements from Article 6 Paragraph 1 lit. GDPR, which can be given by sending the registration form.

10. Usage of Integrated Games/Additional Features

Some of our upjers-games are embedded in social networks (for example Facebook). The games will be called there, for example, “apps” or “applications”. Furthermore some games might provide additional features, which allow in connection with a certain network the interaction between players (e.g. Twitch extensions). For its data processing and possible data transmission in accordance with data protection, the respective network itself is responsible and enlightens the user in its own data protection declaration. (compare Facebook: https://www.facebook.com/policy.php; Twitch: https://www.twitch.tv/p/legal/privacy-notice/).

We would like to point out, however, that you might be asked by the network to agree to the transmission of personal data if you want to use an integrated upjers game or additional features in the scope of a network. In the case of Facebook, the following data can be affected:

  • first name, surname, sex, birth date
  • profile picture or corresponding URL
  • log-in email address, which has been used at the registration of Facebook
  • location and access devices
  • user-ID- number, which is linked to public accessible information (on Facebook)
  • user-ID- number to your friends, which are likewise connected with the game

As long as you agree to the data transmission, the network might send in some circumstances data to upjers. upjers will only process such data if it is absolutely necessary for providing you with the game or certain additional features. upjers points out that you can influence the extent of information yourself, which the network is transferring, through the corresponding privacy settings. Exertion of influence could especially be exercised through

  • controlling, which information your Facebook friends share with you/ about you,
  • blocking certain applications, and/ or preventing them from raising certain information about you,
  • ignoring certain invitations to games,
  • controlling, who can see all your activities.

11. Social Sign-In & Social Log In

Besides the manual registration, we also offer you the possibility to directly register yourself at upjers with your already existing user account from another platform (e.g. Facebook, Amazon). If you would like to use this form of registration, you will be forwarded to the website of the provider in question after the selection of the platform and navigated through the registration process there.

As a measure of protection, transmission of the data entered by you will take place via an encrypted connection to the platform in question. We do not use the registration to access personal data like friend lists, or contacts, or for saving them for our own purposes. A temporary connection between your user account and the user account of Facebook and Amazon does not take place.

Both networks are subjected to the EU Standardized Contractual Terms and Conditions and by doing so a possible data transfer to the USA is legitimated (for further information please consult the the respective data protection declarations). Which data is raised by networks in the scope of the registration or how the data is connected, is not known to us. Further details can be found in the data protection declaration of Facebook (https://de-de.facebook.com/policy.php) and Amazon (https://www.amazon.com/gp/help/customer/display.html?nodeId=468496).

Purpose of the data asked is the registration via an already existing user account for the use of extended functions on the website. The registration via social networks is voluntarily and can always be recalled and/ or the user account can be deregistered.

Legal Basis is your agreement in accordance with the European Data Protection Requirements from Article 6 Paragraph 1 lit. a GDPR, which you can give in the scope of our cookie banners.

12. Communication in the Games

The games run by us offer you the possibility to communicate with us or with other players. We use automatic filter systems, which prevent the plentiful sending of messages, insulting, violence-glorifying, obscene, racist or whatever offensive statements, or news with promotional character. Further, we record: for the purposes of analyses and rectification of technical errors; for the warranty of system security and system integrity; for combatting abusive and/ or unauthorised usage, as well as for the preparation of user statistics on non-personal related basis, and the use of the provided communication channels for a short time. The reports created contain date and time of the news, sender and recipient, the text message, as well as the transmitted amount of data.

Without your agreement, none of our staff-members will read messages. If we have suspicion of abusive and/ or unauthorised usage of the communication channels provided (for example by a report of the recipient), we nevertheless reserve ourself the right to examine the player account in question, as well as the player account from which the message was sent and – if need be – take further measures.

As a measure of protection, the transmission of the data entered by you will take place via an encrypted connection to the platform in question.

Purpose of the processing is the provision of an ingame solution for communication for the exchange of messages between the players.

Legal basis for the temporary storage of data is Article 6 Paragraph 1 lit. a GDPR as well as Article 6 Paragraph 1 f GDPR. The input of data for the purpose of communication is voluntarily, and therefore on the basis of agreement by the user. The use of filter systems serves the purpose of keeping the conditions and protecting the data of third parties. In this purposes lies our rightful interest in data procession according to Article 6 Paragraph 1 lit. f GDPR. The input of data for the purpose of communication is based on your consent in accordance with Article 6 Article 1 lit. a GDPR, which you can give by sending a message. The use of filter systems serves the purpose of keeping the conditions and protecting the data of third parties. In these purposes also lies our rightful interest in data procession according to Article 6 Paragraph 1 lit. f GDPR. The interest to protect our customers from possible criminal offenses, like e.g. insults, eventually outweighs the interest in a completely anonymous communication.

13. Payment Handling

If you initiate a payment process to purchase premium currency, you will have to provide further data. The nature of the required data depends on the chosen payment method. Furthermore, upjers allows you to use anonymous payment methods.

You will have a variety of payment providers to choose from. In addition, the cooperation with third parties involves the payment processing via external payment providers (PayPal, credit card companies, mobile network operators, Paysafecard, cash payment, immediate transfer, etc.). All external payment providers are by law obliged to the secure handling of your data, and they are solely allowed to use your data as far as it is necessary for the fulfilment of their task.

You are able to choose freely which payment method you want to use, and therefore we would like to refer to the privacy policies and regulations of the respective payment provider.

The payment provider will collect personal data of the customer on their own responsibility to execute the payment. Thereafter, a response of the payment provider is sent to upjers, in which the successful completion of the payment process is confirmed. Normally, we don't receive person-related transaction data from the payment providers.

However, we point out that we will save the IP address of the customer when a payment process is confirmed. The sole objective is the fulfilment of our tax obligations. The IP address is used to determine the location of performance for tax objectives. The data is stored according to the fiscal period of time for safeguarding.

As an exception further person-related data will already be collected on our websites in case of the utilization of the following payment methods:

“Purchase by Monthly Invoicing”

In the scope of the payment processing upjers collects person-related data via a form and forwards this to the payment provider Payolution GmbH and the commissioned banking house for the solvency check. Further information regarding the data processing will be provided for you in a special data protection declaration in the scope of the payment process. The processing of your person-related data will only be executed with your consent, which you can give during the payment process.

14. Emails/Newsletter

We will send emails that directly affect the contractual relationship, e. g. contract confirmation, to the email address stated during the registration process.
We will not send you emails that not directly affect the contractual relationship, e. g. newsletter, without your prior consent.

We use the so-called Double-Opt-In Procedure to ask you for giving us permission to provide you with our newsletter. We will only send you a newsletter via email if you confirm that you would like to receive our newsletter by clicking on the link within the notification email.

Of course you can unsubscribe from our newsletter at any time. Therefore, you will find a respective link in every newsletter. Alternatively, you can contact our support staff via the support form or via email: support@upjers.com.

For providing our newsletter we are cooperating with the service provider Emarsys eMarketing Systems AG, Hans-Fischer-Straße 10, 80339 Munich, Germany. We concluded an order data processing contract with this service provider according to the specifications of Article 28, GDPR.

The legal basis for sending emails that directly affect the contractual relationship is the execution of the contract. The legal basis for sending emails that do not directly affect the contractual relationship is your consent in accordance with Article 6 Paragraph 1 lit. a DSGVO.

15. Cookies

To some extent so-called cookies are used on our websites. Cookies are small text files which are normally stored within a folder of your browser. Cookies contain information about the current as well as the last visit of the respective website:

  • name of the website
  • termination date of the cookie
  • arbitrary value

If cookies have no specific termination date, they are solely temporarily stored and will be automatically deleted, as soon as you close your browser or restart the terminal device. Cookies with a termination date remain stored when you close your browser or restart the device. These cookies are deleted at that specific date or if you delete them manually.

On our websites we use the following three types of cookies:

  • required cookies (for example, these are necessary to display the website correctly and to temporarily save specific settings)
  • function and performance-related cookies (these help us, for instance, to evaluate technical data of your visit on our website to prevent error messages). Such cookies serve the goal to enhance our offer with additional features, which exceed the technically necessary level and highly increase the user experience. Furthermore this also includes simple tracking pixels, which anonymously and statistically register certain actions on the sites and especially serve to measure and calculate the advertising campaigns. We do not use function- and performance-related cookies for collecting person-related data or for advertising purposes.
  • cookies for advertising and analysing purposes (for example, these are responsible for showing shoe advertisements if you searched for shoes before)

In the settings of your browser you will find options to configure, block or delete cookies. If you delete all cookies of our websites, there is a possibility that some functions of the website are not displayed correctly. The German Federal Office for Information Security Technology provides helpful information and instructions for commonly used browsers: https://www.bsi-fuer-buerger.de/BSIFB/DE/Empfehlungen/EinrichtungSoftware/EinrichtungBrowser/Sicherheitsmassnahmen/Cookies/cookies_node.html

Legal Basis for the implementation of technically required cookies is the execution of the contractual relationship. The legal basis for the implementation of function- and performance-related cookies is our rightful interest. Under consideration of the low interference intensity the interest in the provision of user-friendly services and the winning of new customers prevails and this allows the utilization of function- and performance-related cookies. The legal basis for the implementation cookies that serve for the analysis of user behavior or the displaying of advertisements is your consent, which you can give in the scope of our cookie banners or in other ways (e.g. 2-click solutions) when visiting our homepage.

16. Youtube

We use YouTube for directly embedding videos. YouTube is operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. When playing the embedded videos, a connection to the Google servers is established and at least your IP address is transmitted for technical reasons. In addition, if you are logged into your account, Google will assign, e.g. information to your personal user account about the videos watched. You can prevent this procedure by logging out from your Google account, before you use our website.

The high security standards of the google platform and the associated privacy policy of google are regarded as protective measures (https://policies.google.com/privacy?hl=en-GB). As Google is based in the USA, a so-called non-member State, further warranties are essential to ensure an adequate European level of data protection. Google is subjected to the EU Standardized Contractual Terms and Conditions and by doing so a possible data transfer to the USA is legitimated.

Furthermore, we embed YouTube videos with advanced privacy settings and a server solution. The user is initially solely shown a preview image, which is loaded from an upjers server. Only after pressing the Play-button is the YouTube frame activated and a limited data exchange with YouTube proceeds.

The purpose of data transmission is to integrate YouTube's video service, which is acclaimed among our users, for them to conveniently access the videos displayed without leaving our website.

The legal basis is your consent in accordance with Article 6 Paragraph 1 lit. a GDPR, which you can give by activating the YouTube player.

17. Google Tag Manager

We use the Google Tag Manager, which is a service of Google Ireland Limited, Google Building Gordon House, Barrow St, Dublin 4, Ireland ("Google"). With the help of the Google Tag Manager websites can be managed by using an interface.

According to Google the Google Tag Manager is a cookie-free domain, which does not collect any person-related data. The Google Tag Manager activates other tags, which might collect data. The Google Tag Manager does not access this data. If a deactivation is executed on a domain or cookie level, this continues to exist for all tracking tags, which have been implemented by the Google Tag Manager.

Further information regarding data privacy protection can be found in the data protection declaration of google https://policies.google.com/privacy?hl=en&gl=en

The Legal Basis is your consent in accordance with Article 6 Paragraph 1 lit. a GDPR, which you can give in the scope of our cookie banners.

18. Goolge Analytics

We use Google Analytics, a web analysis service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"). Google Analytics uses the aforementioned cookies for advertising and analysing purposes, to analyse our website regarding your user behaviour. The information generated by cookies about the use of this website is transferred to and stored in a Google server based in the USA. However, your IP address is shortened before the usage statistics are evaluated. Therefore, no conclusions can be drawn about your person. For this purpose, we extended Google Analytics on our website by the code “anonymizelp” to ensure the anonymous collection of IP addresses. Google will use the anonymous information collected by cookies to evaluate your use of the website, to compile reports on website activity for website operators, and to provide other services relating to the website and internet use. In addition, Google may transfer this information to third parties if this is required by law, or if third parties process this data on behalf of Google.

However, you can also configure your browser to refuse cookies, or you can prevent Google from collecting and analysing the data by downloading and installing a browser plug-in from Google (https://tools.google.com/dlpage/gaoptout?hl=en-GB). As an alternative to the browser extension or within browsers on mobile devices, you can set an Opt-Out-Cookie to prevent future collection by Google Analytics on this website (the opt-out only works in the browser and only for this domain). If you delete your cookies in this browser, you have to click this link again.

As protective measures we use the anonymisation procedure provided by Google, whereby a subsequent evaluation proceeds on a statistical basis only, but not on the basis of your person. In addition, the high security standards of the Google platform and the associated privacy policy of Google apply (https://policies.google.com/privacy?hl=en-GB). Moreover, we have concluded a specific data protection agreement with Google, which stipulates the protection of your data via technical and organisational security measures. As Google is based in the USA and thus in a so-called non-Member State, further warranties are essential to ensure an adequate European level of data protection. Google has been certified under the so-called EU-US Privacy Shield and has thus demonstrated an appropriate level of data protection (https://policies.google.com/privacy/frameworks?gl=de&hl=en-GB).

The objective of using Google Analytics is the anonymous analysis of your user behaviour on our websites. The information acquired from this procedure helps us to improve our service.

The legal basis is the so-called legitimate interest, which has been examined in order to pursue the objective and within the framework of the aforementioned protective measures, as well as in accordance with the European data protection requirements of article 6 paragraph 1 lit. f GDPR. Moreover, an order data processing contract was concluded, according to the specifications of article 28, GDPR.

19. Google Ads

We use "Google Ads", a service of the Google Ireland Limited, Google Building Gordon House, Barrow St, Dublin 4, Ireland ("Google"), on our website.

If you access our website via a Google advertisement, Google Ads will save a cookie on your PC. The effect of such cookies normally expires after 30 days. Normally the following information will be saved as analysis values together with this cookie: unique-cookie-ID, number ad impressions per ranking, last impression, opt-out-information.
These cookies enable Google to recognize your web browser. If a user visits pages of the website of an ad customer and if the cookie saved on their computer hasn’t expired yet, Google and the customer will see, that the user clicked on the advertisement and was forwarded to this site.

We ourselves do not collect and process person-related data in the scope of Google Ads. We are only provided with anonymized statistical evaluations by Google. Due to these evaluations we are able to identify, which of the used advertisement measures are especially effective. We do not have any influence on the scope and the further utilization of the data, which are collected by Google via Google Ads. According to our knowledge Google will receive the information, that you accessed the corresponding part of our website or clicked on one of our advertisements. If you are registered and if you have a Google user account, Google can connect the visit to your user account. However, even if you are not registered with Google, it can occur that Google will process your IP address.

As a Security Measure this service is deactivated by default on our websites and can be activated via the cookie banner. Additionally the high security standards of the Google platform and Google’s data protection declaration (http://www.google.com/intl/en-en/privacy), which is connected to that, apply. Furthermore we concluded a special data protection contract with Google, which stipulates the protection of your data by technical and organizational protection measures.
Google subjected to the EU Standardized Contractual Terms and Conditions and by doing so a possible data transfer to the USA is legitimated.

The Purpose of the utilization of Google Ads is to make our services known on external websites and to win new customers. By using Google Ads we can find out how successful individual advertisement measures are and optimize advertising campaigns if necessary.

The Legal Basis for the utilization of Google Ads is your consent in accordance with Article 6 Paragraph 1 S. 1 lit. a GDPR, which you can give in the scope of our cookie banners.

20. Facebook Pixel

We use "Facebook Pixel", a service of the Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland (“Facebook").

Facebook-Pixel enables an examination about whether a user has been forwarded to our website after clicking on our Facebook ads. Among other things Facebook Pixel uses cookies, which are locally saved small text files in the cache of your web browser on your device.

If you are logged into your Facebook user account, the visit of our online services will be recorded in your user account. The data collected from you is anonymized for us and does not give any clues about the users’ identity. However, Facebook can connect this data to your user account with them. We do not have any influence on the scope and the further utilization of the data, which are collected by Facebook via Facebook Pixel. According to our knowledge Facebook will receive the information, that you accessed the corresponding part of our website or clicked on one of our advertisements.
If you are registered and if you have a Facebook user account, Facebook can connect the visit to your user account. However, even if you are not registered with Facebook or rather currently not logged in, it can occur that Facebook will process your IP address and other identifiers.

As a Security Measure this service is deactivated by default on our websites and can be activated via the cookie banner. Additionally the high security standards of Facebook and Facebooks’s data protection declaration (https://www.facebook.com/about/privacy), which is connected to that, apply. Furthermore we concluded a special data protection contract with Facebook, which stipulates the protection of your data by technical and organizational protection measures.
Facebook subjected to the EU Standardized Contractual Terms and Conditions and by doing so a possible data transfer to the USA is legitimated.

The Purpose of the utilization of Facebook Pixel is the marketing of our services. It especially serves for the assessment, payoff, and optimization of our advertising campaigns on Facebook.

The Legal Basis is your consent in accordance with Article 6 Paragraph 1 S. 1 lit. a GDPR, which you can give in the scope of our cookie banners.

21. Promotional Videos

We have embedded promotional videos in various places of our websites and games. Our advertising partners provide selected content there, which we display for them. We would like to emphasise that our advertising partners are essential to keep our free2play system alive, and we are anxious to implement it in the interest of our users. If you as a user watch the provided promotional videos, you are able to obtain premium currency or game features. For further questions please contact our customer support.

We are cooperating with the following advertising companies:

a) Smartstream

Smartstream (www.smartstream.tv) uses technologies to control and optimise the insertion of promotional materials for the user. The service provider of Smartstream is SMARTSTREAM.TV GmbH, Dachauer Straße 15A, 80335 Munich, Germany. You can find further information regarding the data processing on https://www.smartstream.tv/en/privacy.

As protective measures video-Iframes are marked more clearly as ad or rather advertisement and it is pointed out that the offer is provided by third parties. The user will be informed in advance in the scope of a preview page, which will be loaded from an upjers server, that after activating the video player the possibility exists that data about the ad video viewings will be transfered to the individual provider. Such a data transfer will not occur before the video player has been actived. According to Smartstream solely pseudonymous usage data is processed. In addition, we concluded an order data processing contract with Smartstream according to the specifications of Article 28, GDPR.

The objective of processing usage data is to display promotional material to enable our free2play service.

The legal basis is the consent of the user in accordance with the European data protection requirements in Article 6 Paragraph 1 lit. a GDPR, which can be given by activating the video player.

b) adbility

Furthermore, we cooperate with the advertising partner adbility media GmbH, Große Elbstraße 38, 22767 Hamburg, Germany. Adbility uses technologies to control and optimise the insertion of promotional materials for the user. Further information regarding the data processing can be found on https://www.adbility-media.com/en/privacy-policy/.

As protective measures video-Iframes are marked more clearly as ad or rather advertisement and it is pointed out that the offer is provided by third parties. The user will be informed in advance in the scope of a preview page, which will be loaded from an upjers server, that after activating the video player the possibility exists that data about the ad video viewings will be transfered to the individual provider. Such a data transfer will not occur before the video player has been actived. Solely pseudonymous usage data will be processed. In addition, we concluded an order data processing contract with the adbility media GmbH according to the specifications of article 26, GDPR which states that we as well as adbility are liable for processing your data. Therefore, you can contact either us or adbility for any questions regarding data processing. You can find the contact information at https://www.adbility-media.com/en/contact/.

The objective of processing usage data is to display promotional material to enable our free2play service.

The legal basis is the consent of the user in accordance with the European data protection requirements in Article 6 Paragraph 1 lit. a GDPR, which can be given by activating the video player.

c) advandeo
Futhermore we collaborate with the partner Ad Tech Group GmbH, Friedensallee 38, 22765 Hamburg, Germany (hereinafter refered to as: ATG). ATG uses technologies to control and optimize the implementation of advertising media for the user. The data protection declaration of ATG can be found on: http://advandeo.com/privacy-policy/.

As protective measures video-Iframes are marked more clearly as ad or rather advertisement and it is pointed out that the offer is provided by third parties. The user will be informed in advance in the scope of a preview page, which will be loaded from an upjers server, that after activating the video player the possibility exists that data about the ad video viewings will be transfered to the individual provider. Such a data transfer will not occur before the video player has been actived. Solely pseudonymous usage data will be processed. In addition, we concluded an order data processing contract with the ATG according to the specifications of article 26, GDPR which states that we as well as ATG are liable for processing your data. Therefore, you can contact either us or ATG for any questions regarding data processing. You can find the contact information at http://advandeo.com/imprint/

The objective of processing usage data is to display promotional material to enable our free2play service.

The legal basis is the consent of the user in accordance with the European data protection requirements in Article 6 Paragraph 1 lit. a GDPR, which can be given by activating the video player.

22. Criteo

Pseudonymous information about the online behaviour of website visitors is collected and stored on our websites for marketing purposes by a technology of Criteo SA, 32 Rue Blanche, 75009 Paris, France. This data is stored in cookies on the visitor's computer. Criteo SA uses an algorithm to analyse the anonymised recorded online behaviour and can thereafter display certain product recommendations in form of personalised advertising banners on other websites (publishers). This data cannot be used to personally identify you as a visitor of our website under no circumstances. The collected data will solely be used to improve our services. This information will not be used for any other objectives or transferred to third parties.

You can veto the completely anonymised analysis of your online behaviour on our websites by clicking here: Criteo unsubscription. If you have already unsubscribed (OptOut cookie) and would like to see personalised Criteo banners again, please click here: Criteo Subscription.

For more information about the technology used, please read the privacy policy of Criteo SA.

As protection measures, the evaluation proceeds on a statistical basis only, but not on the basis of your person. In addition, the high security standards of Criteo apply. Further, we concluded a contract with Criteo according to the specifications of Article 28, GDPR which states that we as well as Criteo are liable for processing your data. Therefore, you can contact either us or Criteo for any questions regarding data processing. You can find the contact information at https://www.criteo.com/legal/

The objective of using Criteo is the anonymised analysis of your usage behaviour on our websites and providing interest-related advertising.

The legal basis is your consent in accordance with Article 6 Paragraph 1 lit. a GDPR, which you can give in the scope of our cookie banners when visiting our websites.

23. Social Plug-Ins

We use the following social plug-ins on our websites: Facebook's “Like” button, the “Google +1-button by Google and the “Tweet”-button by Twitter.

The respective service provider can be identified by the marking on the box above its initial letters as well as by the logo. We provide the option to directly communicate with the service provider of the plug-in via the button. Only if you click on the highlighted area and thereby activate it, the plug-in provider receives the information that you have accessed the corresponding website of our online service. According to the provider in Germany, the IP address is anonymised immediately after collection in the case of Facebook. By activating the plug-in, personal data is transferred from you to the respective plug-in provider and stored there. Since the plug-in provider obtains data especially via cookies, we recommend that you delete all cookies using the security settings of your browser before clicking on the grayed-out box.

We have neither influence on the data collected and data processing procedures, nor are we aware of the full scope of data acquisition, the objectives of processing the data and the storage periods. Furthermore, we have no information on the deletion of the data obtained by the plug-in provider.

The plug-in provider stores the data collected about you as user profiles and uses these for means of advertising, market research and needs-oriented design of his website. Such an evaluation particularly takes place (for not logged-in users as well) for displaying needs-oriented advertisements, and to inform other users of the social network about your activities on our website. You have a right of objection to the creation of these user profiles, whereby you have to contact the respective plug-in provider to exercise this right. We provide the option to interact with social networks and other users via the plug-ins. Therefore, we are able to improve our services and make them more interesting for you as a user. The legal framework for using these plug-ins is Article 6 Paragraph 1 S. 1 lit. f GDPR.

The data is transferred regardless of whether you have an account on the plug-in provider's website and are logged in there. If you are logged in on the plug-in provider's website, your data collected on our website will be directly assigned to your existing account on the plug-in provider's website. If you click on the activated button and link the page, for example, the plug-in provider stores this information in your user account, as well and notifies your contacts publicly of it. We recommend that you log out regularly from a social network after using it, especially before activating the buttons to prevent the assignment of information to your user profile on the plug-in provider's website.

Further information about the objectives and extent of this data acquisition, as well as their processing by the plug-in provider are available in the privacy policies of the providers listed below. Moreover, they will provide you with further information about your rights in this regard and configuration options available to you in order to protect your personal data.

Addresses of the respective plug-in provider and URLs of ther privacy policies:

Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland; for further information about data acquisition please visit: https://www.facebook.com/policy.php.

Google Ireland Limited, Google Building Gordon House, Barrow St, Dublin 4, Ireland; for further information about data acquisition please visit: https://policies.google.com/technologies/partner-sites?hl=en-GB.

Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, Ireland; for further information about data acquisition please visit: https://twitter.com/en/privacy.

The high security standards of the Google platform of Facebook and Twitter and the associated privacy policies of these platforms are regarded as protective measures (refer to the before mentioned). These services are subjected to the EU Standardized Contractual Terms and Conditions and by doing so a possible data transfer to the USA is legitimated. We do not collect any personal data via the social plug-ins or their usage. To prevent that data is transferred to the service providers in the USA without the user's knowledge, we use the so-called “Shariff solution”. This solution ensures that initially no personal data is transferred to the respective plug-in providers when you visit our website. Only after you click on one of the social plug-ins, data can be transferred to the provider and stored there. For more information about the Shariff solution please visit the website of the provider, Heise Medien Gmbh & Co. KG: http://m.heise.de/ct/artikel/Shariff-Social-Media-Buttons-mit-Datenschutz-2467514.html

The objective of the data transmission is implementing the plug-ins for the user to be able to share contents and interests with other users.

The legal basis is your consent in accordance with Article 6 Paragraph 1 lit. a GDPR, which you can give by activating the social plug ins.

24. Fan Pages

upjers operates a number of social media fan pages to inform about its offer and to communicate with its customers. Fan pages are maintained on the following platforms:

a) Facebook, a service of Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland; Data protection declaration: https://www.facebook.com/about/privacy/

b) Instagram, a service of Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland; Data protection declaration: https://help.instagram.com/519522125107875

c) YouTube, a service of Google Ireland Limited, Gordon House, Barrow Street Dublin 4, Ireland; Data protection declaration: https://policies.google.com/privacy?hl=en&gl=en

d) Twitter, a service of Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, Ireland; Data protection declaration: https://twitter.com/en/privacy

e) Pinterest, a service of Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland; Data protection declaration: https://policy.pinterest.com/en/privacy-policy

f) Discord, a service of Discord Inc., 444 De Haro Street Suite 200 San Francisco, CA 94107, USA; Data protection declaration: https://discord.com/new/privacy

The platform might collect person-related data as well as website- and utilization data via fan pages. The platform might supply the providers with anonymized statistical data about the visitors of the fan pages.
According to legal practice there is a common responsibility of the platform and the fan page provider especially regarding the data processing in the scope of the fan pages on the platform Facebook. This relation is stipulated in a special agreement (www.facebook.com/legal/terms/page_controller_addendum).

The Purpose of the data processing via the platforms are market research and advertisement proposes. This way user profiles can be created by regarding user behavior and users’ interests resulting from that. The utilization profiles can be used to operate advertisements, which could be of interest for the users, within and outside the platforms. For these purposes cookies, e.g. from Facebook, wherein the user behavior and the users’ interests will be stored, will be regularly saved on the users’ computers.
The platforms will not forward person-related data to the providers of the fan pages. If upjers receives anonymous statistics from a platform, we will exclusively use these statistics to make our fan pages even more customer-friendly.

The Legal Basis of the data processing in the scope of the fan pages is generally your consent in accordance with Article 6 Paragraph 1 lit. a. GDPR, which you declare by registering with the individual platform. The consent can be revoked against the platform, e. g. for Facebook via https://www.facebook.com/settings?tab=ads and http://www.youronlinechoices.com. Alternatively the utilization of such sites can be stopped.

Your Rights, especially information requests, can be most efficiently asserted against the individual platform. For this purpose Facebook provides an information portal, which allows the viewing and downloading of data collected by Facebook: https://www.facebook.com/help/1701730696756992?helpref=hc_global_nav. Only the platform can access the users’ data and directly take corresponding measures and give information. If you still need help, do not hesitate to contact us.

25. Enforcement, Exercition and Defence of Legal Claims

Sometimes it might be necessary for us to process personal data and, if required, sensitive personal data, in accordance with local laws and regulations, relating to the exercise or defence of legal claims. Article 9(2)(f) GDPR facilitates it, if the data processing “is essential for asserting, exercising and defending legal claims or if courts act in the course of their judicial activity”. For instance, this may be the case if we need legal advice in relation to legal proceedings or are legally obliged to preserve or disclose certain information in the course of legal proceedings.

This can, for example, happen if we need legal advice in reference to a legal procedure or if we are legally obliged to keep or reveal certain information within the context of a lawsuit.

26. Personal Data of Children

upjers is aware of the significance and data protection of children on the internet. Therefore, and to comply with specific laws, we do neither intentionally collect personal, individually identifiable information about children under 16, nor do we offer content for children under 16.

27. Change of Data Protection Declaration

upjers reserves the right to change this data privacy statement at any time, however, upjers will always adhere to the currently applicable data security laws. upjers advises you to inform yourself on each visit to these websites and games about the current data privacy statement.

Data Policy effective as of August 2020