Berliner.Party Bear icon

Privacy Policy

Party-Savvy Privacy Lowdown

Hey Party Animals of Berliner.Party! 🎉 We totally dig your privacy. Here’s the easy-peasy version of our mega official Privacy Policy below:

1. Your Privacy is Our Jam! 🛡️

- We keep your data snug and cozy according to some bigwig laws like GDPR and BDSG. It’s all about keeping the party vibes safe and secure!

2. What We Snag When You Boogie Online 🕺💃

- We catch a glimpse of your IP address, browser type, and some other techy tidbits to make sure our website runs smoother than a fresh jar of Skippy! Plus, it helps us keep the party crashers (aka fraudsters) at bay!

3. Cookie Monster Alert! 🍪

- Our website drops cookies (not the edible kind, bummer, we know) on your device to remember your preferences and make your online boogie smoother. You can manage these cookies; it’s all in your hands!

4. Social Media Shindig 🎶

- We’ve got some cool social media embeds like YouTube, Twitter, and Instagram to jazz up your experience. They might collect some data but only to make the party better!

5. Newsletter Nights 💌

- Subscribe to our newsletter for the hottest updates on Berlin’s nightlife! You give us your email, we give you the keys to the city’s nightbeat!

6. Sharing is Caring, but Not Always 🤐

- We don’t share your data with any third-party party poopers. It’s all in the Berliner.Party family!

7. Your Rights are the Real VIPs 🌟

- You’ve got a bunch of rights like accessing, correcting, or deleting your data. Anytime you want to exercise these rights, just hit us up!

8. Geo-Party Vibes 🌍

- We get a sense of where our party animals are tuning in from to tailor our content and make Berliner.Party your local global party hub!

9. Anti-Bot Bouncers 🤖

- We’ve got digital bouncers that keep the bots out and the good vibes in. So, you can party online without any party poopers!

10. Need More Info? 🤔

- If you’re a details devil and want to dive deeper, or have any questions, our Data Protection Officer is your go-to buddy. Reach out at [email protected].

Now we come to the serious stuff, but if you dont have time you can go back and party and trust us that we take good care of you! 🎉 Berliner.Party is where the heart beats and the bass drops! Keep the good vibes rolling, and remember, your privacy is the guest of honor at our party! 🎈But if you want a deep dive into everything then here it is:

1. Introduction

Welcome to Berliner.Party! We value your privacy and strive to protect your personal data. This policy outlines how we collect, use, and safeguard your information when you visit our website, interact with our newsletter, or engage with our social media platforms.

Us/We/Our: Refers to us operating the Berliner.Party website, namely Xolo Go OÜ - Jaroslaw Szymczak.

This privacy policy complies with the General Data Protection Regulation (GDPR) (EU) 2016/679 and the German Federal Data Protection Act (BDSG).

Company Information:

Xolo Go OÜ - Jaroslaw Szymczak

Kalasadama tn 4,

Põhja-Tallinna linnaosa,

Tallinn Harju maakond 10415,

Estonia

Scope of the Policy:

This privacy policy applies solely to the Berliner.Party website, our newsletter, and our social media platforms. Any interactions outside of these platforms are outside the scope of this policy.

User Consent:

Your interaction with our website, subscription to our newsletter, or engagement on our social media platforms constitutes your agreement to the terms outlined in this privacy policy.

Updates to the Policy:

We reserve the right to amend this privacy policy at any time. While we may elect to notify you of any significant changes to this policy, we encourage you to review this policy periodically. Any changes will become effective seven (7) days after they are initially posted on our website.

Contact for Privacy Concerns:

Should you have any concerns or inquiries regarding our privacy practices, you may contact us at [email protected].

Language Availability:

This privacy policy is written in English, and this version is the only legally binding document. However, for your convenience, we have also translated a "Party-Savvy Privacy Lowdown" of this policy into German and Swedish. To view this policy in a different language, please use the language toggle located in the top right corner of our website.

2. Data Collection and Usage (Article 6(1) GDPR)

We collect and process your personal data for various purposes, aiming to offer you a seamless and secure experience on our website. Here are the types of data we collect and the purposes for which they are collected:

 IP Address:

-Purpose: Ensuring the security and integrity of our website, including prevention of fraud, unauthorized access, and maintaining a safe environment for all users.

-Legal Basis: Our legitimate interest in ensuring the security and proper functioning of our website (Article 6(1)(f) GDPR).

Date and Time of Request:

-Purpose: Diagnosing server issues, administering our website, and optimizing performance based on user traffic times.

-Legal Basis: Our legitimate interest in maintaining and improving the functionality of our website (Article 6(1)(f) GDPR).

Content of the Request:

-Purpose: Ensuring website functionality, understanding user interactions, and improving user experience.

-Legal Basis: Our legitimate interest in improving our services and website functionality (Article 6(1)(f) GDPR).

Access Status/HTTP Status Code:

-Purpose: Diagnosing technical issues, monitoring server status, and ensuring a smooth user experience.

-Legal Basis: Our legitimate interest in diagnosing and resolving technical issues (Article 6(1)(f) GDPR).

Amount of Data Transmitted:

-Purpose: Optimizing website performance, managing server resources, and ensuring a swift and responsive user experience.

-Legal Basis: Our legitimate interest in optimizing our services and website performance (Article 6(1)(f) GDPR).

Referrer:

-Purpose: Understanding user navigation to our website, analyzing traffic sources, and improving our marketing strategies.

-Legal Basis: Our legitimate interest in understanding user behavior and improving our marketing strategies (Article 6(1)(f) GDPR).

Browser, Operating System, and Interface:

-Purpose: Optimizing for common browsers and operating systems, ensuring accessibility, and improving user experience.

-Legal Basis: Our legitimate interest in ensuring our website is accessible and usable across various platforms (Article 6(1)(f) GDPR).

Language and Version of Browser Software:

-Purpose: Optimizing website performance and functionality, offering language preferences, and improving user experience.

-Legal Basis: Our legitimate interest in offering a tailored user experience (Article 6(1)(f) GDPR).

Additional Data Collection:

We may also collect additional data for analytics, personalization, and marketing purposes, subject to your consent and preferences.

-Legal Basis: Your consent (Article 6(1)(a) GDPR).

3. Data Storage (Article 32 GDPR)

We prioritize the security and confidentiality of your personal data. Here's how and where your data is stored and managed:

Primary Storage:

-Location: Your data is primarily stored in Frankfurt, Germany.

-Facility: The data is hosted at DigitalOcean's secured servers.

-Encryption: We employ robust encryption techniques to ensure the confidentiality and integrity of your data while at rest and during transmission.

-Legal Basis: Compliance with legal obligations and our legitimate interest in protecting your data (Article 6(1)(c) and 6(1)(f) GDPR).

Global Caching:

-Provider: We utilize Cloudflare for global caching purposes.

-Purpose: This aids in accelerating website performance and delivering content swiftly, irrespective of your geographical location.

-Data Transfer:Cloudflare’s global infrastructure may involve data transfers across different regions. Such transfers are carried out in compliance with GDPR provisions (Article 44 GDPR).

Analytics:

-Provider: We use Google Analytics for gathering statistics and insights to improve our website’s performance and user experience.

-Purpose: Analyzing user behavior, website traffic, and identifying areas for improvement.

-Data Processing: Google Analytics may process data globally, adhering to GDPR provisions (Article 44 GDPR).

Access Control:

-Internal Access: Access to your data within our organization is restricted to system administrators and support personnel only, ensuring a high level of data security.

-Training: Our personnel are trained in data protection principles, ensuring they handle your data with utmost care.

Data Retention:

-Retention Policy: We retain your data only for as long as necessary to fulfill the purposes for which it was collected, as outlined in this policy. The specific retention periods can be obtained by contacting us at [email protected].

-Deletion: Upon the expiration of the retention period or your request, we ensure the secure deletion of your data from our systems.

Third-party Embeddings:

-Platforms: We embed content from YouTube, Twitter, and Instagram which may collect data when you interact with their content.

-Data Collection: The data collection by these platforms is governed by their respective privacy policies.

External Links:

-Referer Data: When you follow external links on our website, the referring website may receive certain information about your visit, which is standard internet practice.

Anti-bot Measures:

-Techniques: Our JavaScript-based anti-bot measures ensure a safe browsing environment by differentiating between genuine users and bots. More details can be found in the Anti-bot Measures section.

6. Newsletter (Article 6(1)(a) GDPR)

Engage with the pulsating heart of Berlin's nightlife through our newsletter! By subscribing, you're hopping on a vibrant ride of updates, news, and exciting tidbits, ensuring you never skip a beat of what Berliner.Party has to offer.

Subscription and Consent

-Opting In: Your journey begins when you willingly enter your email address in the subscription field and hit 'subscribe'. This act symbolizes your consent to receive our newsletter, as per Article 6(1)(a) of the GDPR.

-Double Opt-In: To ensure it’s really you craving for our updates, we follow a Double Opt-In process. After your initial subscription, you’ll receive a confirmation email. Only after you click the confirmation link, your subscription is activated, reinforcing your consent.

What’s in the Newsletter?

-Events and Updates: Get the low-down on upcoming events, recent happenings, and other groovy updates directly in your inbox. 

-Exclusive Invites: Who doesn’t love an exclusive invite? Be among the first to know about special events and offers.

-Party Insights: Explore articles, interviews, and more to keep your party spirit high and informed.

Managing Your Subscription

-Unsubscribing: If at any point the newsletter stops resonating with your vibe, you can easily unsubscribe by clicking the 'unsubscribe' link provided at the bottom of every newsletter. Your email address will be removed from our mailing list, and you’ll stop receiving the newsletters henceforth.

-Change of Heart: Fallen out of the loop but yearning to rejoin? No worries! Subscribe again anytime you wish.

Data Usage and Storage

-Storage: Your email address is stored securely with us, solely for the purpose of sending you the newsletters you've subscribed to.

-Sharing: Fear not, for your email address isn’t thrown into a wild party of its own; it remains confidential and isn’t shared with any third parties.

7. Data Access and Sharing (Article 13 GDPR)

At Berliner.Party, we respect your privacy and handle your data with utmost care. Here’s how we manage data access and sharing, ensuring a secure and transparent interaction:

Internal Data Access:

-Restricted Access:Access to your personal data is highly restricted within our organization. Only authorized system administrators and support personnel have the privilege to access and manage your data, all under strict confidentiality agreements.

-Purpose of Access:The limited access is solely for the purpose of ensuring smooth operations, addressing your inquiries or issues, and maintaining the integrity and security of our website.

External Data Sharing:

-Legal Obligations: There may be circumstances under which we are legally obliged to share your data, all in compliance with the GDPR and BDSG (Article 6(1)(f) GDPR).

-No Third-Party Sharing: We uphold a strong policy against sharing your data with third parties for marketing, advertising, or any other unauthorized purposes.

Data Sharing Protocols:

-Secure Transfer: In instances where data sharing is mandated by law, we ensure the transfer occurs through secure and encrypted channels to maintain data integrity and confidentiality.

-Documented Requests: Any request for data access from legal entities is documented meticulously, ensuring a transparent process and adherence to legal and GDPR guidelines.

Your Rights:

-Information: You have the right to be informed about any instance where your data is being shared externally, as per Article 13 of the GDPR.

-Objection: Under GDPR, you have the right to object to data sharing or processing, unless it's mandated by law.

8. Geographic Location Data (Recital 49 GDPR)

Understanding the geographic diversity of our visitors helps us to improve the Berliner.Party experience by tailoring our content and services. We use Cloudflare to obtain limited geographic data which is processed in adherence to the GDPR guidelines.

Data Collection:

-IP Analysis: Cloudflare analyses your IP address to derive the city and country data. This information aids us in understanding the geographic distribution of our visitors.

-Data Minimalism: Only the city and country data are collected and analyzed. We do not obtain or store your precise geographic location.

Usage:

-Service Improvement: The geographic data assists us in optimizing our services, ensuring that we cater to the preferences and demands of our audience across different regions.

-Content Tailoring: Understanding where our visitors are located helps us to create and curate content that is more relevant and engaging.

-Performance Monitoring: Geographic data also helps us in monitoring the performance of our website in different regions, aiding in identifying and resolving any region-specific issues.

Data Protection:

-Anonymization: The data collected is anonymized to ensure your privacy is maintained.

-Secure Processing: The processing of geographic data is carried out securely, adhering to the high standards of data protection set by GDPR.

-No Unauthorized Sharing: We do not share this geographic data with any unauthorized third parties.

Your Rights under GDPR:

-Information and Access: As per GDPR, you have the right to be informed about the collection and use of your geographic data.

-Objection: You have the right to object to the processing of your geographic data.

9. Anti-Bot Security Measures

At Berliner.Party, we prioritize the security of our platform to ensure that our virtual dance floor remains a safe and enjoyable space for real party enthusiasts. To combat bot intrusion, we employ multiple layers of security measures. Here are the detailed descriptions of our anti-bot mechanisms, which are aligned with user privacy and data protection standards:

Initial Bot Detection by Cloudflare:

Before any interaction with our site, Cloudflare, our network security partner, performs an initial layer of bot detection. This preliminary security layer scrutinizes the traffic to identify and filter out malicious bots, ensuring only genuine users can access the site.

Advanced Bot Detection Mechanism:

Post the initial screening by Cloudflare, our specially designed JavaScript code takes over to further ensure a secure and authentic user environment. The advanced bot detection mechanism entails:

-User Interaction Analysis: The script analyzes your interactions with the page to discern between real users and bots.

-Screen Size Verification: By checking the screen size, the script differentiates between regular users and bots.

-Cookie Enablement Check: The script verifies cookie enablement to differentiate between real users and bots.

-Graphic Test via Canvas: A graphic test is conducted through Canvas to evaluate the rendering capabilities.

-Unexpected Blur Events Monitoring: The script monitors for any unexpected blur events to identify bots.

Security Scoring:

-Real User or Bot Likelihood Scoring: A score ranging from 1 to 10 is generated based on the aforementioned parameters.

-Score Transmission: Only the generated score is transmitted to our server, without sharing any personal data.

Data Privacy and User Rights:

-No Personal Data Transmission: Our script does not transmit any personal data or browser information.

-User Consent: Users are informed about our anti-bot measures, and those who do not agree can choose to leave the site.

-Transparency: Users can contact us at [email protected] for any inquiries or concerns regarding our anti-bot security measures.

-Legal Basis: The processing of this data is carried out under our legitimate interest to ensure the security and proper functioning of our website (Article 6(1)(f) GDPR).

-Opt-Out Mechanism: Users who do not agree with these measures have the option to leave the site.

10. Your Rights Under GDPR and German Federal Data Protection Act (BDSG)

We, at Berliner.Party, ensure that your data protection rights are respected and upheld as per the stringent standards set forth by the General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG). Here's a detailed breakdown of your rights under these legal frameworks:

Right to Access (Article 15 GDPR, §34 BDSG):

- You have the right to obtain confirmation as to whether or not personal data concerning you is being processed, and, where that is the case, access to the personal data and information regarding its processing.

Right to Rectification (Article 16 GDPR):

- You have the right to have inaccurate personal data concerning you rectified, and to have incomplete personal data completed.

Right to Erasure ('Right to be Forgotten') (Article 17 GDPR, §35 BDSG):

- You have the right to have your personal data erased without undue delay under certain circumstances, such as if the data is no longer necessary for the purposes for which it was collected.

Right to Restriction of Processing (Article 18 GDPR):

- You have the right to restrict the processing of your personal data under certain conditions, like if you contest the accuracy of the data or if the processing is unlawful.

Right to Data Portability (Article 20 GDPR):

- You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used, and machine-readable format, and have the right to transmit those data to another controller without hindrance.

Right to Object (Article 21 GDPR, §36 BDSG):

- You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you.

Right to Lodge a Complaint with a Supervisory Authority (Article 77 GDPR, §37 BDSG):

- You have the right to lodge a complaint with a supervisory authority, particularly in the Member State of your habitual residence, place of work, or place of the alleged infringement if you consider that the processing of personal data relating to you infringes upon the GDPR.

Right to Withdraw Consent (Article 7(3) GDPR):

- You have the right to withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.

Automated Decision Making and Profiling (Article 22 GDPR):

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.

11. Data Breach Notification

Documentation and Reporting: All data breaches will be documented, and where there is a high risk to your rights and freedoms, the relevant supervisory authority (Bundesbeauftragte für den Datenschutz und die Informationsfreiheit) will be notified within 72 hours of becoming aware of the breach, as per Article 33 GDPR.

12. International Data Transfers

Your personal data may be transferred to and processed in countries outside of the European Economic Area (EEA). We will take all necessary measures to ensure that transfers of personal data to countries outside of the EEA are adequately protected as required by applicable data protection law.

13. Designation of Data Protection Officer (DPO)

In compliance with Articles 37-39 of the General Data Protection Regulation (GDPR) and §38 of the Bundesdatenschutzgesetz (BDSG), Berliner.Party has designated a Data Protection Officer (DPO) to oversee and ensure the lawful and secure processing of personal data within our organization.

Contact Information of the DPO:

-Name: Jaroslaw Szymczak

-Email: [email protected]

Responsibilities of the DPO:

The primary responsibilities of the DPO include, but are not limited to:

-Monitoring Compliance: Monitoring our data processing activities to ensure compliance with GDPR, BDSG, and other relevant data protection laws.

-Advice and Recommendations: Providing advice regarding data protection impact assessments (DPIAs) and offering recommendations to ensure adherence to data protection principles.

-Training and Awareness: Conducting data protection training and raising awareness among staff regarding data protection laws and our data protection policies.

-Liaison with Supervisory Authorities: Serving as the contact point for data protection authorities and cooperating with them as necessary.

-Handling Inquiries: Addressing inquiries from data subjects regarding data processing activities and assisting them in exercising their rights under GDPR and BDSG.

Availability:

Our DPO is available for any inquiries or concerns regarding data protection and privacy. If you have any questions or need to exercise your data protection rights, feel free to contact the DPO using the contact information provided above.

Confidentiality:

Our DPO operates under the highest standards of confidentiality and integrity, ensuring that your personal data is managed in a secure and compliant manner.

Continuous Learning:

Our DPO continually updates their knowledge on data protection laws and practices to ensure Berliner.Party remains compliant with the evolving data protection landscape.

14. Exercising Your Rights

Under the General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG), you have several rights concerning your personal data. We at Berliner.Party are committed to respecting and facilitating the exercise of these rights:

Procedure:

-Request Submission: You may submit your requests concerning your data protection rights via email to [email protected] or by contacting our Data Protection Officer (DPO) directly.

-Verification: We may require verification of your identity to ensure the security and protection of your data.

-Response: We will acknowledge your request promptly and respond to it within one month of receipt, as stipulated by GDPR. If your request is complex, we may extend this period by a further two months, notifying you of the extension.

Fees:

We will not charge a fee for the exercise of your rights under GDPR and BDSG. However, we may charge a reasonable fee for repetitive or manifestly unfounded requests.

Further Information:

For detailed information regarding your rights and how to exercise them contact our DPO.

15. Regular Testing and Evaluation

In adherence to Article 32(1)(d) of the GDPR, we at Berliner.Party conduct regular testing, assessment, and evaluation of our technical and organizational measures to ensure the security of data processing:

Frequency:

Regular evaluations are carried out at least annually or following significant changes to our data processing activities.

Scope:

The evaluations cover all data processing systems, procedures, and infrastructure, ensuring that they meet the highest standards of data protection.

Documentation:

All findings, recommendations, and implemented measures are documented and reviewed to ensure continuous improvement in our data protection posture.

Third-party Audits:

We may engage reputable third-party auditors to evaluate our data protection measures and provide insights for enhancement.

16. Additional Legislation

Berliner.Party complies with other relevant German and EU laws and regulations concerning privacy and data protection:

Telemedia Act (TMG) & Telecommunications Act (TKG):

We adhere to the provisions of the Telemedia Act and Telecommunications Act, especially concerning the provision of electronic communications services and online services.

ePrivacy Directive:

We comply with the ePrivacy Directive, particularly regarding the use of cookies and the provision of electronic communications services.

Others:

We also comply with other applicable laws and regulations concerning data protection and privacy. Our compliance framework is continually updated to align with the latest legal requirements and best practices.

Q2lHVWg2M0NCaStwNEtCRnc5YUx4Y1M4VWtrWmRVYmtwdXQ0RkxhMXhtMVQ3YzBhNFJtTGlFbmJlZG5MMUJqWjo6xD7nXhohE33c1Y2i+KjKAg==
06-18 14:14:43