CHALLENGING MIDJOURNEY
Privacy Policy
1. Basic Information on Data Processing and Legal Grounds
1.1 This Privacy Policy informs you about the type, scope, and purpose of processing personal data within our online services and associated websites, functions, and content (hereinafter collectively referred to as "online services" or "website"). This Privacy Policy applies regardless of the domains, systems, platforms, and devices (e.g., desktop or mobile) used to execute the online service.
1.2 Terms like "personal data" or "processing" refer to the definitions in Article 4 of the General Data Protection Regulation (GDPR).
1.3 The personal data processed within the scope of this online service includes inventory data (e.g., email addresses of members), contract data (e.g., services used, payment information), usage data (e.g., websites visited within our online service), and content data (e.g., posts in the forum).
1.4 The term "user" encompasses all categories of persons affected by data processing. These include our forum members, customers of our marketplace, interested parties, and other visitors to our online service. The terms used, such as "users," are to be understood as gender-neutral.
1.5 We process the personal data of users in compliance with relevant data protection regulations. This means that the data of users is processed only if there is a legal permission. This is the case, in particular, if data processing is necessary for providing our contractual services (e.g., processing orders) as well as online services, required by law, if user consent is given, and based on our legitimate interests, i.e., interest in the analysis, optimization, economic operation, and security of our online service as per Article 6(1)(f) GDPR, especially in measuring reach, creating profiles for advertising and marketing purposes, as well as collecting access data and using third-party services.
1.6 We point out that the legal basis for consents is Article 6(1)(a) and Article 7 GDPR, the legal basis for processing for the performance of our services and implementation of contractual measures is Article 6(1)(b) GDPR, the legal basis for processing for the fulfillment of our legal obligations is Article 6(1)(c) GDPR, and the legal basis for processing for the protection of our legitimate interests is Article 6(1)(f) GDPR.
2. Security Measures
2.1 We take organizational, contractual, and technical security measures according to the state of the art to ensure compliance with data protection laws and to protect the data processed by us against accidental or intentional manipulation, loss, destruction, or access by unauthorized persons.
2.2 Security measures include, in particular, the encrypted transmission of data between your browser and our server.
3. Disclosure of Data to Third Parties and Third-Party Providers
3.1 Data is only disclosed to third parties within the framework of legal requirements. We only disclose user data to third parties if this is necessary, for example, for contractual purposes based on Article 6(1)(b) GDPR or based on legitimate interests pursuant to Article 6(1)(f) GDPR for the economic and effective operation of our business.
3.2 If we use subcontractors to provide our services, we take appropriate legal precautions as well as corresponding technical and organizational measures to ensure the protection of personal data in accordance with relevant legal regulations.
3.3 If, in the context of this Privacy Policy, content, tools, or other means from other providers (hereinafter collectively referred to as "third-party providers") are used, and their named seat is located in a third country, it is assumed that a data transfer to the third countries of the third-party providers takes place. Third countries are countries where the GDPR is not directly applicable law, i.e., in principle, countries outside the EU or the European Economic Area. The transfer of data to third countries occurs either if an adequate level of data protection, user consent, or other legal permission exists.
4. Provision of Contractual Services
4.1 We process inventory data (e.g., names and addresses as well as contact details of users), contract data (e.g., services used, payment information) for the purpose of fulfilling our contractual obligations and services in accordance with Article 6(1)(b) GDPR.
4.2 Users can optionally create a user account, which allows them to publish their own posts and photos. During the registration process, the required mandatory information is communicated to the users.
4.3 If users have terminated their user account, their personal data will be deleted with regard to the user account, subject to its retention is required for commercial or tax reasons according to Article 6(1)(c) GDPR.
4.4 We are entitled to irretrievably delete all data stored during the contract period.
4.5 In the context of registration and renewed logins as well as the use of our online services, we store the IP address and the time of the respective user action. The storage takes place based on our legitimate interests, as well as the user's interest in protection against misuse and other unauthorized use. This data is not passed on to third parties unless it is necessary for the pursuit of our claims or there is a legal obligation according to Article 6(1)(c) GDPR.
5. Contacting Us
5.1 When contacting us (via contact form or email), the user's information is processed to handle the contact request and its processing according to Article 6(1)(b) GDPR.
5.2 User information can be stored in our Customer Relationship Management System ("CRM System") or comparable inquiry organization.
6. Comments and Posts
6.1 When users leave comments or other contributions, their IP addresses are stored based on our legitimate interests according to Article 6(1)(f) GDPR.
6.2 This is done for our security in case someone leaves illegal content in comments and posts (insults, forbidden political propaganda, etc.). In this case, we can be held liable for the comment or post and are therefore interested in the author's identity.
7. Collection of Access Data and Log Files
7.1 Based on our legitimate interests in accordance with Art. 6 (1) lit. f. GDPR, we collect data on every access to the server where this service is located (so-called server log files). The access data includes the name of the accessed website, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, user's operating system, and referrer URL.
7.2 Log file information is stored for security reasons (e.g., to investigate misuse or fraudulent activities) for a period of three months and then deleted. Data that needs to be retained for evidence purposes is excluded from deletion until the respective incident is fully resolved.
8. Cookies & Reach Measurement
8.1 Cookies are information transmitted from our web server or third-party web servers to users' web browsers and stored there for later retrieval. Cookies can be small files or other types of information storage.
8.2 We use "session cookies," which are only stored for the duration of the current visit to our online presence (e.g., to enable the storage of your login status and thus the use of our online offering). A session cookie contains a randomly generated unique identification number, called a session ID. Additionally, a cookie contains information about its origin and storage duration. These cookies cannot store any other data. Session cookies are deleted when you end your use of our online offering, such as by logging out or closing the browser.
8.3 If the user activates the "Stay logged in" option at login, a cookie will be stored for seven days, enabling the use of the forum without having to log in again.
8.4 Users are informed about the use of cookies for pseudonymous reach measurement within this privacy policy.
8.5 If users do not want cookies to be stored on their computer, they are asked to disable the corresponding option in their browser's system settings. Stored cookies can be deleted in the browser's system settings. Excluding cookies may lead to functional restrictions of this online offering.
8.6 You can object to the use of cookies used for reach measurement and advertising purposes through the Network Advertising Initiative's deactivation page (http://optout.networkadvertising.org/) and additionally the U.S. website (http://www.aboutads.info/choices) or the European website (http://www.youronlinechoices.com/uk/your-ad-choices/).
9. Google Analytics
9.1 Based on our legitimate interests (i.e., interest in the analysis, optimization, and economic operation of our online offering as defined in Art. 6 (1) lit. f. GDPR), we use Google Analytics, a web analytics service provided by Google Inc. ("Google"). Google uses cookies. The information generated by the cookie about users' use of the online offering is usually transmitted to and stored by Google on servers in the United States.
9.2 Google is certified under the Privacy Shield Agreement, providing a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
9.3 Google will use this information on our behalf to evaluate users' use of our online offering, compile reports on activities within this online offering, and provide other services related to the use of this online offering and internet usage to us. Pseudonymous usage profiles of users can be created from the processed data.
9.4 We use Google Analytics to display ads placed within Google's advertising services and its partners only to users who have shown an interest in our online offering or who have specific characteristics (e.g., interests in certain topics or products determined by the websites visited), which we transmit to Google (so-called "remarketing" or "Google Analytics Audiences"). With the help of Remarketing Audiences, we want to ensure that our ads match users' potential interests and do not have a harassing effect.
9.5 We use Google Analytics with IP anonymization enabled. This means that users' IP addresses are truncated by Google within member states of the European Union or other parties to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the United States and truncated there.
9.6 The IP address transmitted by the user's browser will not be merged with other data from Google. Users can prevent the storage of cookies by setting their browser software accordingly; users can also prevent the collection of data generated by the cookie and related to their use of the online offering by Google, as well as the processing of this data by Google, by downloading and installing the browser plugin available under the following link: http://tools.google.com/dlpage/gaoptout?hl=de.
9.7 Alternatively, you can set a cookie by clicking the following link, which prevents your data from being collected by Google Analytics on this website: Click here to stop Google Analytics from tracking your visits to this website.
9.8 For more information on data usage by Google, settings, and opt-out options, please visit the Google websites: https://www.google.com/intl/de/policies/privacy/partners ("Data usage by Google when you use our partners' websites or apps"), http://www.google.com/policies/technologies/ads ("Data usage for advertising purposes"), http://www.google.de/settings/ads ("Manage information Google uses to show you ads").