Hey Party Animals of Berliner.Party! 🎉 We totally dig your privacy. Here’s the easy-peasy version of our mega official Privacy Policy below:
- We keep your data snug and cozy according to some bigwig laws like GDPR and BDSG. It’s all about keeping the party vibes safe and secure!
- We catch a glimpse of your IP address, browser type, and some other techy tidbits to make sure our website runs smoother than a fresh jar of Skippy! Plus, it helps us keep the party crashers (aka fraudsters) at bay!
- Our website drops cookies (not the edible kind, bummer, we know) on your device to remember your preferences and make your online boogie smoother. You can manage these cookies; it’s all in your hands!
- We’ve got some cool social media embeds like YouTube, Twitter, and Instagram to jazz up your experience. They might collect some data but only to make the party better!
- Subscribe to our newsletter for the hottest updates on Berlin’s nightlife! You give us your email, we give you the keys to the city’s nightbeat!
- We don’t share your data with any third-party party poopers. It’s all in the Berliner.Party family!
- You’ve got a bunch of rights like accessing, correcting, or deleting your data. Anytime you want to exercise these rights, just hit us up!
- We get a sense of where our party animals are tuning in from to tailor our content and make Berliner.Party your local global party hub!
- We’ve got digital bouncers that keep the bots out and the good vibes in. So, you can party online without any party poopers!
- If you’re a details devil and want to dive deeper, or have any questions, our Data Protection Officer is your go-to buddy. Reach out at [email protected].
Now we come to the serious stuff, but if you dont have time you can go back and party and trust us that we take good care of you! 🎉 Berliner.Party is where the heart beats and the bass drops! Keep the good vibes rolling, and remember, your privacy is the guest of honor at our party! 🎈But if you want a deep dive into everything then here it is:
Welcome to Berliner.Party! We value your privacy and strive to protect your personal data. This policy outlines how we collect, use, and safeguard your information when you visit our website, interact with our newsletter, or engage with our social media platforms.
Us/We/Our: Refers to us operating the Berliner.Party website, namely Xolo Go OÜ - Jaroslaw Szymczak.
This privacy policy complies with the General Data Protection Regulation (GDPR) (EU) 2016/679 and the German Federal Data Protection Act (BDSG).
Xolo Go OÜ - Jaroslaw Szymczak
Kalasadama tn 4,
Põhja-Tallinna linnaosa,
Tallinn Harju maakond 10415,
Estonia
This privacy policy applies solely to the Berliner.Party website, our newsletter, and our social media platforms. Any interactions outside of these platforms are outside the scope of this policy.
Your interaction with our website, subscription to our newsletter, or engagement on our social media platforms constitutes your agreement to the terms outlined in this privacy policy.
We reserve the right to amend this privacy policy at any time. While we may elect to notify you of any significant changes to this policy, we encourage you to review this policy periodically. Any changes will become effective seven (7) days after they are initially posted on our website.
Should you have any concerns or inquiries regarding our privacy practices, you may contact us at [email protected].
This privacy policy is written in English, and this version is the only legally binding document. However, for your convenience, we have also translated a "Party-Savvy Privacy Lowdown" of this policy into German and Swedish. To view this policy in a different language, please use the language toggle located in the top right corner of our website.
We collect and process your personal data for various purposes, aiming to offer you a seamless and secure experience on our website. Here are the types of data we collect and the purposes for which they are collected:
-Purpose: Ensuring the security and integrity of our website, including prevention of fraud, unauthorized access, and maintaining a safe environment for all users.
-Legal Basis: Our legitimate interest in ensuring the security and proper functioning of our website (Article 6(1)(f) GDPR).
-Purpose: Diagnosing server issues, administering our website, and optimizing performance based on user traffic times.
-Legal Basis: Our legitimate interest in maintaining and improving the functionality of our website (Article 6(1)(f) GDPR).
-Purpose: Ensuring website functionality, understanding user interactions, and improving user experience.
-Legal Basis: Our legitimate interest in improving our services and website functionality (Article 6(1)(f) GDPR).
-Purpose: Diagnosing technical issues, monitoring server status, and ensuring a smooth user experience.
-Legal Basis: Our legitimate interest in diagnosing and resolving technical issues (Article 6(1)(f) GDPR).
-Purpose: Optimizing website performance, managing server resources, and ensuring a swift and responsive user experience.
-Legal Basis: Our legitimate interest in optimizing our services and website performance (Article 6(1)(f) GDPR).
-Purpose: Understanding user navigation to our website, analyzing traffic sources, and improving our marketing strategies.
-Legal Basis: Our legitimate interest in understanding user behavior and improving our marketing strategies (Article 6(1)(f) GDPR).
-Purpose: Optimizing for common browsers and operating systems, ensuring accessibility, and improving user experience.
-Legal Basis: Our legitimate interest in ensuring our website is accessible and usable across various platforms (Article 6(1)(f) GDPR).
-Purpose: Optimizing website performance and functionality, offering language preferences, and improving user experience.
-Legal Basis: Our legitimate interest in offering a tailored user experience (Article 6(1)(f) GDPR).
We may also collect additional data for analytics, personalization, and marketing purposes, subject to your consent and preferences.
-Legal Basis: Your consent (Article 6(1)(a) GDPR).
We prioritize the security and confidentiality of your personal data. Here's how and where your data is stored and managed:
-Location: Your data is primarily stored in Frankfurt, Germany.
-Facility: The data is hosted at DigitalOcean's secured servers.
-Encryption: We employ robust encryption techniques to ensure the confidentiality and integrity of your data while at rest and during transmission.
-Legal Basis: Compliance with legal obligations and our legitimate interest in protecting your data (Article 6(1)(c) and 6(1)(f) GDPR).
-Provider: We utilize Cloudflare for global caching purposes.
-Purpose: This aids in accelerating website performance and delivering content swiftly, irrespective of your geographical location.
-Data Transfer:Cloudflare’s global infrastructure may involve data transfers across different regions. Such transfers are carried out in compliance with GDPR provisions (Article 44 GDPR).
-Provider: We use Google Analytics for gathering statistics and insights to improve our website’s performance and user experience.
-Purpose: Analyzing user behavior, website traffic, and identifying areas for improvement.
-Data Processing: Google Analytics may process data globally, adhering to GDPR provisions (Article 44 GDPR).
-Internal Access: Access to your data within our organization is restricted to system administrators and support personnel only, ensuring a high level of data security.
-Training: Our personnel are trained in data protection principles, ensuring they handle your data with utmost care.
-Retention Policy: We retain your data only for as long as necessary to fulfill the purposes for which it was collected, as outlined in this policy. The specific retention periods can be obtained by contacting us at [email protected].
-Deletion: Upon the expiration of the retention period or your request, we ensure the secure deletion of your data from our systems.
-Platforms: We embed content from YouTube, Twitter, and Instagram which may collect data when you interact with their content.
-Data Collection: The data collection by these platforms is governed by their respective privacy policies.
-Referer Data: When you follow external links on our website, the referring website may receive certain information about your visit, which is standard internet practice.
-Techniques: Our JavaScript-based anti-bot measures ensure a safe browsing environment by differentiating between genuine users and bots. More details can be found in the Anti-bot Measures section.
At Berliner.Party, we respect your privacy and handle your data with utmost care. Here’s how we manage data access and sharing, ensuring a secure and transparent interaction:
-Restricted Access:Access to your personal data is highly restricted within our organization. Only authorized system administrators and support personnel have the privilege to access and manage your data, all under strict confidentiality agreements.
-Purpose of Access:The limited access is solely for the purpose of ensuring smooth operations, addressing your inquiries or issues, and maintaining the integrity and security of our website.
-Legal Obligations: There may be circumstances under which we are legally obliged to share your data, all in compliance with the GDPR and BDSG (Article 6(1)(f) GDPR).
-No Third-Party Sharing: We uphold a strong policy against sharing your data with third parties for marketing, advertising, or any other unauthorized purposes.
-Secure Transfer: In instances where data sharing is mandated by law, we ensure the transfer occurs through secure and encrypted channels to maintain data integrity and confidentiality.
-Documented Requests: Any request for data access from legal entities is documented meticulously, ensuring a transparent process and adherence to legal and GDPR guidelines.
-Information: You have the right to be informed about any instance where your data is being shared externally, as per Article 13 of the GDPR.
-Objection: Under GDPR, you have the right to object to data sharing or processing, unless it's mandated by law.
Understanding the geographic diversity of our visitors helps us to improve the Berliner.Party experience by tailoring our content and services. We use Cloudflare to obtain limited geographic data which is processed in adherence to the GDPR guidelines.
-IP Analysis: Cloudflare analyses your IP address to derive the city and country data. This information aids us in understanding the geographic distribution of our visitors.
-Data Minimalism: Only the city and country data are collected and analyzed. We do not obtain or store your precise geographic location.
-Service Improvement: The geographic data assists us in optimizing our services, ensuring that we cater to the preferences and demands of our audience across different regions.
-Content Tailoring: Understanding where our visitors are located helps us to create and curate content that is more relevant and engaging.
-Performance Monitoring: Geographic data also helps us in monitoring the performance of our website in different regions, aiding in identifying and resolving any region-specific issues.
-Anonymization: The data collected is anonymized to ensure your privacy is maintained.
-Secure Processing: The processing of geographic data is carried out securely, adhering to the high standards of data protection set by GDPR.
-No Unauthorized Sharing: We do not share this geographic data with any unauthorized third parties.
-Information and Access: As per GDPR, you have the right to be informed about the collection and use of your geographic data.
-Objection: You have the right to object to the processing of your geographic data.
At Berliner.Party, we prioritize the security of our platform to ensure that our virtual dance floor remains a safe and enjoyable space for real party enthusiasts. To combat bot intrusion, we employ multiple layers of security measures. Here are the detailed descriptions of our anti-bot mechanisms, which are aligned with user privacy and data protection standards:
Before any interaction with our site, Cloudflare, our network security partner, performs an initial layer of bot detection. This preliminary security layer scrutinizes the traffic to identify and filter out malicious bots, ensuring only genuine users can access the site.
Post the initial screening by Cloudflare, our specially designed JavaScript code takes over to further ensure a secure and authentic user environment. The advanced bot detection mechanism entails:
-User Interaction Analysis: The script analyzes your interactions with the page to discern between real users and bots.
-Screen Size Verification: By checking the screen size, the script differentiates between regular users and bots.
-Cookie Enablement Check: The script verifies cookie enablement to differentiate between real users and bots.
-Graphic Test via Canvas: A graphic test is conducted through Canvas to evaluate the rendering capabilities.
-Unexpected Blur Events Monitoring: The script monitors for any unexpected blur events to identify bots.
-Real User or Bot Likelihood Scoring: A score ranging from 1 to 10 is generated based on the aforementioned parameters.
-Score Transmission: Only the generated score is transmitted to our server, without sharing any personal data.
-No Personal Data Transmission: Our script does not transmit any personal data or browser information.
-User Consent: Users are informed about our anti-bot measures, and those who do not agree can choose to leave the site.
-Transparency: Users can contact us at [email protected] for any inquiries or concerns regarding our anti-bot security measures.
-Legal Basis: The processing of this data is carried out under our legitimate interest to ensure the security and proper functioning of our website (Article 6(1)(f) GDPR).
-Opt-Out Mechanism: Users who do not agree with these measures have the option to leave the site.
We, at Berliner.Party, ensure that your data protection rights are respected and upheld as per the stringent standards set forth by the General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG). Here's a detailed breakdown of your rights under these legal frameworks:
- You have the right to obtain confirmation as to whether or not personal data concerning you is being processed, and, where that is the case, access to the personal data and information regarding its processing.
- You have the right to have inaccurate personal data concerning you rectified, and to have incomplete personal data completed.
- You have the right to have your personal data erased without undue delay under certain circumstances, such as if the data is no longer necessary for the purposes for which it was collected.
- You have the right to restrict the processing of your personal data under certain conditions, like if you contest the accuracy of the data or if the processing is unlawful.
- You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used, and machine-readable format, and have the right to transmit those data to another controller without hindrance.
- You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you.
- You have the right to lodge a complaint with a supervisory authority, particularly in the Member State of your habitual residence, place of work, or place of the alleged infringement if you consider that the processing of personal data relating to you infringes upon the GDPR.
- You have the right to withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
Documentation and Reporting: All data breaches will be documented, and where there is a high risk to your rights and freedoms, the relevant supervisory authority (Bundesbeauftragte für den Datenschutz und die Informationsfreiheit) will be notified within 72 hours of becoming aware of the breach, as per Article 33 GDPR.
Your personal data may be transferred to and processed in countries outside of the European Economic Area (EEA). We will take all necessary measures to ensure that transfers of personal data to countries outside of the EEA are adequately protected as required by applicable data protection law.
In compliance with Articles 37-39 of the General Data Protection Regulation (GDPR) and §38 of the Bundesdatenschutzgesetz (BDSG), Berliner.Party has designated a Data Protection Officer (DPO) to oversee and ensure the lawful and secure processing of personal data within our organization.
-Name: Jaroslaw Szymczak
-Email: [email protected]
The primary responsibilities of the DPO include, but are not limited to:
-Monitoring Compliance: Monitoring our data processing activities to ensure compliance with GDPR, BDSG, and other relevant data protection laws.
-Advice and Recommendations: Providing advice regarding data protection impact assessments (DPIAs) and offering recommendations to ensure adherence to data protection principles.
-Training and Awareness: Conducting data protection training and raising awareness among staff regarding data protection laws and our data protection policies.
-Liaison with Supervisory Authorities: Serving as the contact point for data protection authorities and cooperating with them as necessary.
-Handling Inquiries: Addressing inquiries from data subjects regarding data processing activities and assisting them in exercising their rights under GDPR and BDSG.
Our DPO is available for any inquiries or concerns regarding data protection and privacy. If you have any questions or need to exercise your data protection rights, feel free to contact the DPO using the contact information provided above.
Our DPO operates under the highest standards of confidentiality and integrity, ensuring that your personal data is managed in a secure and compliant manner.
Our DPO continually updates their knowledge on data protection laws and practices to ensure Berliner.Party remains compliant with the evolving data protection landscape.
Under the General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG), you have several rights concerning your personal data. We at Berliner.Party are committed to respecting and facilitating the exercise of these rights:
-Request Submission: You may submit your requests concerning your data protection rights via email to [email protected] or by contacting our Data Protection Officer (DPO) directly.
-Verification: We may require verification of your identity to ensure the security and protection of your data.
-Response: We will acknowledge your request promptly and respond to it within one month of receipt, as stipulated by GDPR. If your request is complex, we may extend this period by a further two months, notifying you of the extension.
We will not charge a fee for the exercise of your rights under GDPR and BDSG. However, we may charge a reasonable fee for repetitive or manifestly unfounded requests.
For detailed information regarding your rights and how to exercise them contact our DPO.
In adherence to Article 32(1)(d) of the GDPR, we at Berliner.Party conduct regular testing, assessment, and evaluation of our technical and organizational measures to ensure the security of data processing:
Regular evaluations are carried out at least annually or following significant changes to our data processing activities.
The evaluations cover all data processing systems, procedures, and infrastructure, ensuring that they meet the highest standards of data protection.
All findings, recommendations, and implemented measures are documented and reviewed to ensure continuous improvement in our data protection posture.
We may engage reputable third-party auditors to evaluate our data protection measures and provide insights for enhancement.
Berliner.Party complies with other relevant German and EU laws and regulations concerning privacy and data protection:
We adhere to the provisions of the Telemedia Act and Telecommunications Act, especially concerning the provision of electronic communications services and online services.
We comply with the ePrivacy Directive, particularly regarding the use of cookies and the provision of electronic communications services.
We also comply with other applicable laws and regulations concerning data protection and privacy. Our compliance framework is continually updated to align with the latest legal requirements and best practices.
5. Social Media Embeddings and External Links (Article 7 GDPR, Article 49(1) DSGVO)
Embeddings
We enrich our website with embedded content from social media platforms such as YouTube, Twitter, and Instagram to provide a more interactive user experience. These embeddings may collect data about your visit even if you do not interact with them. Here’s how they work:
-YouTube: We embed videos from our official YouTube channel. YouTube may use cookies or similar technologies to collect data, like your IP address or which videos you’ve viewed, to personalize your experience or analyze user interactions.
-Twitter: Our embedded Twitter feed allows you to view and interact with our tweets without leaving our website. Twitter may collect data such as your IP address or your interactions with the Twitter widget for analytics or personalization purposes.
-Instagram: By embedding Instagram posts, we provide a visual snapshot of our activities. Instagram might collect data like your IP address or the posts you interact with for analytics or personalization.
External Links
Our website contains links to external websites for your reference and convenience. When you click on these links, the external site may collect data about your visit, including your referrer information which indicates that you were redirected from our website. The data collection practices of these external sites are governed by their own privacy policies, which we recommend reviewing.
-Referrer Information: When you follow a link from our website to an external site, the external site may receive information about the fact that you came from our website. This referrer information might include the URL of the page on our website that you were visiting before you followed the link.