Privacy Policy / Data Protection

§ 1 Information about the collection of personal data

(1) In the following we inform you about the collection of personal data when using our website. Personal data is any data that refers to you personally, e.g. name, address, phone number, email addresses, user behavior.

(2) In the sense of Article 4 (7) of the EU General Data Protection Regulation (GDPR), the Controller is SPOTROCKER GmbH, Gress-Str. 47, 71384 Weinstadt, Germany (see our legal notice).

 

§ 2 Your rights

(1) You have the following rights with regard to us with respect to your personal data:

a. the right to be informed in accordance with Art. 15 GDPR,
b. the right to rectification in accordance with Art. 16 GDPR,
c. the right to erasure (“right to be forgotten”) in accordance with Art. 17 GDPR,
d. the right to restrict processing in accordance with Art. 18 GDPR,
e. the right to object to processing in accordance with Art. 21 GDPR,
f. the right to data portability in accordance with Art. 20 GDPR.
With regard to the right to be informed and the right to erasure, however, restrictions apply in accordance with §§ 34 and 35 BDSG (German Federal Data Protection Act).

(2) You also have the right to lodge a complaint about our processing of your personal data with a data protection supervisory authority, Art. 77 GDPR in conjunction with § 19 BDSG.

(3) Under Article 22 GDPR, you also have the right not to be subject to a decision based solely on automated processing – including profiling – which takes legal effect or affects you in a similar manner. However, this does not apply if the decision

a. is required for the conclusion or performance of a contract between you and us as Controller,
b. is permissible on the basis of Union or member state legislation to which the Controller is subject, assuming this legislation contains appropriate measures to safeguard your rights and freedoms and your legitimate interests, or
c. takes place with your express consent.

However, these decisions must not be based on special categories of personal data under Art. 9 (1) GDPR, unless Art. 9 (2) (a) or (g) applies and reasonable measures have been taken to protect your rights and freedoms and your legitimate interests. With regard to the cases referred to in (a) and (c) above, we take reasonable steps to safeguard your rights and freedoms and your legitimate interests, including at least the right to obtain human intervention from the Controller, to express a personal point of view and to contest the decision.

 

§ 3 Collection of personal data when contacting us through our website

(1) When you contact us via email or via a contact form, we will store the data you have provided (your email address, if applicable your name and telephone number) in order to answer your questions. The legal basis for this processing is Art. 6 (1)(f) GDPR.

(2) We will delete the data arising in this context once storage is no longer required, or restrict processing if there are statutory storage requirements.

(3) If we rely on commissioned service providers for individual functions of our offer or would like to use your data for advertising purposes, we will inform you in detail below about the respective processes. In doing so, we also provide the specified criteria for the storage duration.

 

§ 4 Collection of personal data when visiting our website

(1) Should you use the website merely for information purposes, i.e. if you do not register or otherwise provide us with information, we will only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website and to ensure its stability and security (legal basis is Art. 6 (1)(1)(f) GDPR):

a. IP address
b. date and time of access request
c. time difference to Greenwich Mean Time (GMT)
d. contents of the request (concrete site)
e. access status/HTTP status code
f. each transmitted amount of data
g. website from which the request comes
h. browser
i. the operating system and its interface
j. language and version of the browser software.

(2) In addition to the aforementioned data, so-called cookies are stored on your computer when you use our website. Cookies are small text files that are saved on your hard disk associated to the browser you use which provide certain information to the party placing the cookie (in this case, us). Cookies cannot execute programs or transmit viruses to your computer. They are used to make our internet offer more functional, user-friendly and efficient as a whole for you; we use cookies to identify you for follow-up visits if you have an account with us. Otherwise you would have to log in again for each visit. The legal basis for this is Article 6 (1)(1)(f) GDPR.

(3) Use of cookies:

a. This website uses the following types of cookies, the scope and operation of which are explained below: temporary cookies (see b) and persistent cookies (see c).
b. Temporary cookies are automatically deleted when you close the browser. These include session cookies in particular. These store a so-called session ID, with which various requests from your browser can be assigned to the common session. This will allow your computer to be recognized when you return to our website. Session cookies are deleted when you log out or close the browser.
c. Persistent cookies are automatically deleted after a specified period, which may differ depending on the cookie. You can delete the cookies in the security settings of your browser at any time.
d. You can configure your browser setting according to your wishes and, for example, decline the acceptance of third-party cookies or all cookies. Please be aware that in this case you may not be able to use all functions of this website.
e. In order to inform you which cookies we use and to assist you if you do not want to use a certain group of cookies, we use a so-called cookie banner on our website to inform you about the use of cookies. For this purpose we use the service "Cookiebot" of Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark. Details about how your data is handled by this service can be found here: https://www.cookiebot.com/de/privacy-policy/. This service enables us to store your consent to the use of cookies and to show the cookie banner only when you visit one of our websites for the first time. For this purpose, the service creates a cookie under the domain of Cookiebot and the website you are visiting. The following data can be linked to this cookie: the IP address of your computer (in abbreviated form), the date and time of your consent, the web browser you are using, the URL of the visited website and the state of consent. This logging serves to fulfill § 13 paragraph 2 TMG; the legal basis in this respect is Art. 6 paragraph 1 sentence 1 lit. c DS-GVO.

 

 

§ 5 Additional features and offers of our website

(1) In addition to the purely informative use of our website, we offer various services that you can use if you are interested. To do this, you will typically need to provide additional personal information that we use solely to provide the service and for which the aforementioned data-processing principles apply.

(2) In some cases, we employ external service providers to process your data in accordance with Art. 28 GDPR. These have been carefully selected and commissioned by us, are bound by our instructions and are regularly inspected.

(3) Furthermore, we may pass on your personal data to third parties if campaign entries, contracts or similar services are offered by us together with partners. You will receive more information about this when you provide us with your personal data or in the respective offer description.

(4) An automated decision-making process within the meaning of Art. 22 GDPR only takes place in the course of the contract-related determination of the winner of a “Voter Award”; you will find the relevant bases for determining winners based on their “activity” here. The legal basis for this is Article 22 (2)(a) GDPR.

(5) Insofar as our service providers or partners are based in a country outside the European Economic Area (EEA), we will inform you about the consequences of this circumstance in the description of our services.

 

§ 6 Objection to or revocation of consent to the processing of your data

(1) If you have given your consent to the processing of your data, you can revoke it at any time. Such revocation will affect the admissibility of the processing of your personal data after you have notified us of it.

(2) Insofar as we base the processing of your personal data on the balance of interests, you may object to the processing. This is the case if, in particular, the processing is not required to fulfill a contract with you, which we describe in each case in the following description of the functions. In the event of such an objection, we ask you to explain the reasons why we should not process your personal data as we have done. In the case of a justified objection, we will examine the situation and will either discontinue or adapt the data processing or point out to you our compelling legitimate reasons on the basis of which we will continue the processing.

(3) Of course, you can object to the processing of your personal data for the purpose of advertising and data analysis at any time. You can inform us about your advertising objection using the following contact details: SPOTROCKER GMBH, Gress-Str. 47, 71384 Weinstadt, Germany, email: info(at)spotrocker.de

 

§ 7 Use of the comment functions

(1) You can submit your own comments in various places on our website. Your comment will be published in the post with your given username. We recommend using a pseudonym instead of your common name. Only registered users (see below under § 8) can submit comments; i.e. the submission of a username and email address is required during the registration process. All other information is provided voluntarily. If you submit a comment, we will associate this comment with your account as a registered user until you or we (see paragraph 2) delete this comment. This storage is necessary for us to defend ourselves against liability claims in cases of possible publication of unlawful content, if a third party should complain about your comment as unlawful. The legal bases for this are Article 6 (1)(1)(b) and (f) GDPR.

(2) Comments will not be reviewed prior to publication. We reserve the right to delete comments if they are objected to by third parties as being illegal or in violation of our Terms of Use.

 

§ 8 Use of our portal as a registered user

(1) Insofar as you wish to use our portal as a user, you must register by submitting your email address, a password that you can freely choose and your username. The legal basis for this is Article 6 (1)(1)(a) GDPR. There is no obligation to use your common name. Pseudonymous use is possible and strongly recommended. We use the so-called double-opt-in procedure for registration; i.e. your registration is only completed if you have previously confirmed your registration by clicking on the link contained in a confirmation email sent to you for this purpose. If your confirmation is not received within one week, your registration will be deleted from our database. The submission of the aforementioned data is mandatory; you can voluntarily provide all other information under the access-protected “profile data” area by using our portal.

(2) If you choose to participate in one of our open campaigns with a video, the conclusion of a contract in this respect requires that you provide additional personal information that we need to process your campaign participation by video. This information is: first name, last name, address, date of birth, phone number. We process this data exclusively for the handling of your campaign participation. The legal basis for this is Article 6 (1)(1)(b) GDPR.

(3) Should you be able to claim a payment from us as part of your participation in a campaign, we will also require your financial data (IBAN and BIC) for the contractual payment. For this purpose, we may pass on this data provided by you to our bank. The legal basis for this is Article 6 (1)(1)(b) GDPR

(4) If you use our portal in the manner described above, we will store your data required for the performance of the contract, including details of accounts, until you have us permanently deleted your access. Furthermore, we will store the voluntary data you have provided for the time of your use of the portal, unless you have previously deleted it; the legal basis for this is Article 6 (1)(1)(a) GDPR. All information can be managed and changed in the protected user area. In addition, due to commercial and tax regulations, we are obliged to retain your address and financial data for a period of ten years in the event of payments of funds; the legal basis for this is Article 6 (1)(1)(c). However, after deleting access to our portal, we limit processing, which means your data will only be used to comply with legal obligations.

(5) If you use the portal, some of your data becomes publicly visible in accordance with the contract. This information is: your username, activity index and – if provided by you – your photo, your website information and your profile description. Our members or users will not receive any further information about you from us. Any posts you make are publicly visible on our websites.

(6) In order to prevent unauthorized access by third parties to your personal data, in particular financial data, the connection is encrypted using TLS technology.

 

§ 9 Newsletter

(1) With your consent, you can subscribe to our newsletter, with which we inform you about everything related to SPOTROCKER, especially current campaigns.

(2) You may expressly grant your consent separately or as necessary during the registration process. To register for our newsletter as part of your registration as a user, we use the so-called double-opt-in procedure. This means that after you have sent the registration form, you will receive an email in which you can confirm your registration and, if applicable, your optionally selected newsletter subscription by clicking on the activation link. The purpose of the procedure is to prove your registration and, if necessary, to inform you about possible misuse of your personal data. After your confirmation for the receipt of newsletters, we also save your email address for the purpose of sending you the newsletter; the legal basis for this is Art. 6 (1)(1)(a) GDPR.

(3) You can revoke your consent to the sending of the newsletter at any time and unsubscribe from the newsletter. Such a revocation of consent has no effect on your use of our portal as a (registered) user. You can declare your revocation of consent by clicking on the link provided in each newsletter email, by emailing support(at)spotrocker.de or by sending a message to the contact details stated in the legal notice.

 

§ 10 Social media

 (1) Plugins or features of the social networks (providers) “Facebook” and “Twitter” are implemented on our website in order to share posts or individual URLs of our website on these social networks; these can be recognized by the buttons corresponding to the networks.

(2) When you visit our website, the plugins make direct connections between your browser and the servers of the respective social networks, whereby personal data can be transmitted to the respective provider and stored and processed there. The respective provider receives the information that you have accessed the corresponding page of our online service; in addition, the data referred to in § 4 of this declaration is transmitted regardless of whether you have an account with this provider and are logged in there. A cookie may be stored on your computer for this purpose; in order to actively influence this, please refer to the instructions in § 4 (3). Since the respective provider can carry out data collection via cookies in particular, you can delete all your cookies via the security settings of your browser before clicking on one of the buttons in order to reduce the data collection by the respective provider. We have no control over the data collected there and their data processing operations, nor are we aware of the full scope of data collection, purposes and retention periods. However, at a minimum the respective provider stores this data as usage profiles and uses it for purposes of advertising, market research and/or the personalized configuration of its website. Such an evaluation is carried out in particular (also for non-logged-in users) to display personalized advertising and to inform other users of the social network about your activities. You have a right to object to the formation of these user profiles. In order to exercise this right, you must contact the respective provider. The legal basis for the use of plugins is Art. 6 (1)(1)(f) GDPR.

(3) If you click on one of the buttons, you will be redirected to the provider's system in a new browser window and you will automatically transfer personal information to the respective provider, where it will be stored and processed. This data will be assigned directly to your account with the respective provider, provided that you are logged in with the provider. In order to complete the sharing process, meaning that you make the information to be shared visible in your account with the provider, according to your settings there, another click is required on the button (“Share on Facebook” or “Tweet”) provided in the window of the provider.

(4) For more information about the purpose and scope of data collection and its processing by the provider, please refer to the following privacy statements of these providers. There you will also find further information about your rights and settings options for the protection of your privacy. Addresses of the respective providers and URLs with their privacy notices:

a. Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA; Privacy Policy: https://de-de.facebook.com/policy.php; you can change your privacy settings on Facebook (opt-out) in the Account Settings at https://www.facebook.com/settings, https://www.facebook.com/ads/preferences/ and https://www.facebook.com/settings?tab=applications. Facebook is certified under the Privacy Shield Agreement and provides a guarantee to comply with European privacy legislation (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).

b. Twitter, Inc., 1355 Market St, Suite 900, San Francisco, California 94103, USA; Privacy Policy: https://twitter.com/de/privacy. You can change your privacy settings on Twitter (opt-out) in the Account Settings at https://twitter.com/account/settings and https://twitter.com/personalization. Twitter is certified under the Privacy Shield Agreement and provides a guarantee to comply with European privacy legislation (https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active).

Last updated: May 2018

New Campaigns

Join in! Create your ad and win!

New Ad Activities

Vote, share, comment and win!

This is how SPOTROCKER works

Easy, ingenious, profitable – for everyone!

So geht SPOTROCKER

Top News

Exciting stuff around SPOTROCKER!