Datenschutzerklärung

Bitte beachten Sie die folgenden Hinweise

Privacy Policy

 

The following privacy policy applies across the Regatta Hero System. Additional information regarding privacy for the iOS and Android apps can be found at the following link. The general privacy policies of the Regatta Hero System listed below always apply in addition.

 

Preamble

With this privacy policy, we aim to inform you about the types of personal data (hereinafter referred to as "data") we process, for what purposes, and to what extent. This privacy policy applies to all processing of personal data by us, whether as part of providing our services or on our websites, mobile applications, and external online presences such as our social media profiles (hereinafter collectively referred to as "online offering").

The terms used are not gender-specific.

Effective date: March 30, 2023

Table of Contents

Controller

Kristian Raue
St. Galler Str. 7
79199 Kirchzarten

Email address:

info@regattahero.com

Legal notice:

www.regattahero.com/legal.html

Overview of Processing

The following overview summarizes the types of data processed and the purposes of their processing, and refers to the affected individuals.

Types of Processed Data

  • Inventory data.
  • Contact details.
  • Content data.
  • Usage data.
  • Meta, communication, and procedural data.

Categories of Data Subjects

  • Communication partners.
  • Users.

Purposes of Processing

  • Provision of contractual services and customer support.
  • Contact inquiries and communication.
  • Security measures.
  • Direct marketing.
  • Administration and response to inquiries.
  • Feedback.
  • Provision of our online offering and user-friendliness.
  • Information technology infrastructure.

Legal Bases

Below you will find an overview of the legal bases of the GDPR on which we process personal data. Please note that, in addition to the GDPR, national data protection regulations may apply in your or our country of residence. If more specific legal bases are applicable in certain cases, we will notify you in this privacy policy.

  • Consent (Art. 6 para. 1 sentence 1 lit. a) GDPR) - The data subject has given their consent to the processing of their personal data for one or more specific purposes.
  • Contract performance and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b) GDPR) - The processing is necessary for the performance of a contract to which the data subject is a party, or to carry out pre-contractual measures requested by the data subject.
  • Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR) - The processing is necessary for the purposes of the legitimate interests pursued by the controller or a third party, unless such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data.

Security Measures

We take appropriate technical and organizational measures in accordance with legal requirements, considering the state of the art, implementation costs, the nature, scope, and purposes of the processing, as well as the varying likelihood and severity of risks to the rights and freedoms of individuals, to ensure a level of security appropriate to the risk.

Data Deletion

Data we process will be deleted in accordance with legal requirements, once their consent to processing has been revoked or other legal permissions no longer apply (e.g., if the purpose of processing is no longer relevant or necessary). If data is not deleted, because it is required for other legally permissible purposes, processing will be restricted to those purposes. This means data will be locked and not processed for other purposes. This applies, for example, to data that must be retained for commercial or tax reasons, or data required to assert, exercise, or defend legal claims or protect the rights of another natural or legal person.

Use of Cookies

Cookies are small text files or other memory markers that store information on devices and retrieve information from devices. For example, to store login status in a user account, the content of a shopping cart in an online store, or content accessed or features used in an online offering. Cookies can also be used for various purposes, such as the functionality, security, and comfort of online offerings, as well as creating visitor flow analyses.

Notes on consent: We use cookies in accordance with legal regulations. Therefore, we obtain prior consent from users, except when it is not legally required. Consent is particularly unnecessary if the storage and reading of information, including cookies, is strictly necessary to provide users with a telemedia service they have expressly requested (i.e., our online offering). Typically, necessary cookies include those with functions related to the display and operability of the online offer, load balancing, security, storage of user preferences and choices, or similar purposes connected to the provision of the main and secondary functions of the online offer requested by the users. The revocable consent is clearly communicated to users and includes information on the respective use of cookies.

Notes on legal data protection bases: The legal basis on which we process users' personal data using cookies depends on whether we ask users for consent. If users consent, the legal basis for processing their data is the declared consent. Otherwise, the data processed using cookies is based on our legitimate interests (e.g., in the economic operation of our online offering and improving its usability) or when necessary for fulfilling our contractual obligations. We clarify the purposes for which cookies are processed in this privacy policy or in our consent and processing procedures.

Storage duration: The following types of cookies are distinguished regarding the storage duration:

  • Temporary cookies (also known as session cookies): Temporary cookies are deleted no later than when a user leaves an online offering and closes their device (e.g., browser or mobile application).
  • Permanent cookies: Permanent cookies remain stored even after the device is closed. For example, the login status can be stored, or preferred content can be displayed directly when the user revisits a website. Data collected via cookies may also be used for reach measurement. If we do not provide explicit information about the type and storage duration of cookies (e.g., as part of obtaining consent), users should assume that cookies are permanent and that their storage duration can be up to two years.

General notes on revocation and objection (Opt-Out): Users can revoke their consent at any time and also object to the processing of their data according to the legal requirements under Art. 21 GDPR. Users can declare their objection through their browser settings, e.g., by deactivating the use of cookies (though this may limit the functionality of our online services). An objection to the use of cookies for online marketing purposes can also be declared via the websites https://optout.aboutads.info and https://www.youronlinechoices.com/.

  • Legal basis: Consent (Art. 6 (1) sentence 1 lit. a) GDPR).

Further information on processing procedures, methods, and services:

  • Processing of cookie data based on consent: We use a cookie consent management procedure in which users' consent for the use of cookies or the processing and providers named in the cookie consent management process is obtained, managed, and can be revoked. The consent declaration is stored so that it does not need to be repeated and to comply with the legal obligation to provide proof of consent. The storage can be server-side and/or in a cookie (so-called opt-in cookie or using comparable technologies) to assign consent to a user or their device. Unless individual information is provided about the providers of cookie management services, the following information applies: The duration of the storage of consent may be up to two years. A pseudonymous user identifier is created and stored along with the time of consent, the scope of the consent (e.g., which categories of cookies and/or service providers), as well as the browser, system, and device used; Legal basis: Consent (Art. 6 (1) sentence 1 lit. a) GDPR).

Provision of the online offering and web hosting

We process users' data to provide them with our online services. To this end, we process the user's IP address, which is necessary to transmit the content and functions of our online services to the user's browser or device.

  • Processed data types: Usage data (e.g., visited websites, interest in content, access times); meta, communication, and procedural data (e.g., IP addresses, timestamps, identification numbers, consent status).
  • Affected persons: Users (e.g., website visitors, users of online services).
  • Purposes of processing: Provision of our online offering and user-friendliness; IT infrastructure (operation and provision of information systems and technical devices such as computers, servers, etc.); security measures.
  • Legal basis: Legitimate interests (Art. 6 (1) sentence 1 lit. f) GDPR).

Further information on processing procedures, methods, and services:

  • Provision of online offering on rented storage space: We use storage space, computing capacity, and software provided by a server provider (also known as a "web host") for the provision of our online offering; Legal basis: Legitimate interests (Art. 6 (1) sentence 1 lit. f) GDPR).
  • Collection of access data and log files: Access to our online offering is logged in the form of so-called "server log files." These log files may include the address and name of the accessed websites and files, the date and time of the access, transferred data volumes, notifications of successful access, browser type and version, the user's operating system, the referrer URL (the previously visited page), and generally IP addresses and the requesting provider. Server log files can be used for security purposes, e.g., to prevent server overloads (especially in cases of abuse attacks, such as DDoS attacks), as well as to ensure the stability of the servers; Legal basis: Legitimate interests (Art. 6 (1) sentence 1 lit. f) GDPR); Data deletion: Logfile information is stored for a maximum of 30 days and then deleted or anonymized. Data whose further retention is required for evidential purposes are excluded from deletion until the respective incident is fully clarified.
  • Hetzner: Services in the area of providing IT infrastructure and related services (e.g., storage space and/or computing capacity); Service provider: Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany; Legal basis: Legitimate interests (Art. 6 (1) sentence 1 lit. f) GDPR); Website: https://www.hetzner.com; Privacy Policy: https://www.hetzner.com/de/rechtliches/datenschutz; Data Processing Agreement: https://docs.hetzner.com/de/general/general-terms-and-conditions/data-privacy-faq/.

Blogs and publication media

We use blogs or similar means of online communication and publication (hereinafter referred to as "publication medium"). The data of readers is processed only to the extent necessary for the presentation and communication between authors and readers or for security reasons. Otherwise, we refer to the information regarding the processing of visitors to our publication medium as part of this privacy notice.

  • Processed data types: Inventory data (e.g., names, addresses); contact data (e.g., email, telephone numbers); content data (e.g., entries in online forms); usage data (e.g., visited websites, interest in content, access times); meta, communication, and procedural data (e.g., IP addresses, timestamps, identification numbers, consent status).
  • Affected persons: Users (e.g., website visitors, users of online services).
  • Purposes of processing: Fulfillment of contractual services and customer support; feedback (e.g., collecting feedback via online form); provision of our online offering and user-friendliness.
  • Legal basis: Legitimate interests (Art. 6 (1) sentence 1 lit. f) GDPR).

Contact and Inquiry Management

When contacting us (e.g. by mail, contact form, email, telephone, or via social media), as well as within the scope of existing user and business relationships, the information of the inquiring persons is processed to the extent necessary to respond to the contact inquiries and any requested actions.

  • Processed Data Types: Contact data (e.g. email, phone numbers); Content data (e.g. entries in online forms); Usage data (e.g. visited websites, interest in content, access times); Meta, communication, and procedural data (e.g. IP addresses, time stamps, identification numbers, consent status).
  • Affected Persons: Communication partners.
  • Purposes of Processing: Contact inquiries and communication; management and response to inquiries; feedback (e.g. collecting feedback via online form); provision of our online services and user-friendliness.
  • Legal Basis: Legitimate interests (Art. 6 para. 1 sent. 1 lit. f GDPR); contract fulfillment and pre-contractual inquiries (Art. 6 para. 1 sent. 1 lit. b GDPR).

Further information on processing, procedures, and services:

  • Contact Form: When users contact us via our contact form, email, or other communication channels, we process the data provided in this context to handle the request; Legal Basis: Contract fulfillment and pre-contractual inquiries (Art. 6 para. 1 sent. 1 lit. b GDPR), legitimate interests (Art. 6 para. 1 sent. 1 lit. f GDPR).

Newsletter and Electronic Notifications

We send newsletters, emails, and other electronic notifications (hereinafter referred to as "Newsletter") only with the consent of the recipients or a legal permission. If the content of the newsletter is described in specific terms during the registration process, it is decisive for the user's consent. Otherwise, our newsletters contain information about our services and us.

To subscribe to our newsletter, it is generally sufficient to provide your email address. However, we may ask for a name for personalized addressing in the newsletter or other details if they are necessary for the newsletter's purpose.

Double Opt-In Procedure: The registration for our newsletter generally follows a double opt-in procedure. This means you will receive an email after registration in which you are asked to confirm your subscription. This confirmation is necessary so that no one can register with someone else's email address. Newsletter registrations are logged to be able to prove the registration process in compliance with legal requirements. This includes storing the time of registration and confirmation as well as the IP address. Changes to your data stored by the email service provider are also logged.

Deletion and Limitation of Processing: We may store unsubscribed email addresses for up to three years based on our legitimate interests before deleting them to prove a previously given consent. The processing of this data is limited to the purpose of potential defense against claims. An individual deletion request is possible at any time, provided the previous existence of consent is confirmed. In the case of obligations to permanently observe objections, we reserve the right to store the email address solely for this purpose in a blocklist (so-called "blocklist").

Logging of the registration process is carried out on the basis of our legitimate interests for the purpose of proving its proper execution. If we engage a service provider to send emails, this is done on the basis of our legitimate interests in an efficient and secure delivery system.

Content:

Information about us, our services, promotions, and offers.

  • Processed Data Types: Inventory data (e.g. names, addresses); Contact data (e.g. email, phone numbers); Meta, communication, and procedural data (e.g. IP addresses, time stamps, identification numbers, consent status); Usage data (e.g. visited websites, interest in content, access times).
  • Affected Persons: Communication partners.
  • Purposes of Processing: Direct marketing (e.g. via email or postal mail).
  • Legal Basis: Consent (Art. 6 para. 1 sent. 1 lit. a GDPR).
  • Opt-Out: You can cancel the receipt of our newsletter at any time, i.e., revoke your consent, or object to further receipt. A link to unsubscribe from the newsletter can be found either at the end of each newsletter or you can otherwise use one of the contact options listed above, preferably email.

Further information on processing, procedures, and services:

  • Measurement of Opening and Click Rates: Newsletters contain a so-called "web-beacon", i.e., a pixel-sized file retrieved from our server, or if we use an email service provider, from their server when opening the newsletter. In the course of this retrieval, technical information such as information about the browser and your system, as well as your IP address and time of retrieval, is collected. This information is used for the technical improvement of our newsletters based on the technical data or target groups and their reading behavior based on their access locations (which can be determined using the IP address) or access times. This analysis also includes determining whether the newsletters are opened, when they are opened, and which links are clicked. This information is assigned to individual newsletter recipients and stored in their profiles until deletion. The evaluations serve us to recognize the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users. The measurement of opening rates and click rates, as well as the storage of the results in the profiles of Users Legal Basis: Consent (Art. 6 para. 1 sent. 1 lit. a GDPR).

Plugins and Embedded Functions and Content

We incorporate functional and content elements into our online services that are obtained from the servers of their respective providers (hereinafter referred to as "third-party providers"). These can include, for example, graphics, videos, or city maps (hereinafter uniformly referred to as "content").

The integration always requires that the third-party providers of this content process the IP address of the users, as they would not be able to send the content to their browser without the IP address. The IP address is therefore necessary for the display of this content or functionality. We strive to use only content whose respective providers use the IP address solely for the delivery of the content. Third-party providers can also use so-called pixel tags (invisible graphics, also known as "web beacons") for statistical or marketing purposes. Through the "pixel tags", information such as visitor traffic on the pages of this website can be evaluated. The pseudonymous information can also be stored in cookies on the user's device and include, among other things, technical information about the browser and operating system, referring websites, visit times, as well as other details about the use of our online services and be combined with such information from other sources.

  • Processed Data Types: Usage data (e.g. visited websites, interest in content, access times); Meta, communication, and procedural data (e.g. IP addresses, time stamps, identification numbers, consent status); Inventory data (e.g. names, addresses); Contact data (e.g. email, phone numbers); Content data (e.g. entries in online forms).
  • Affected Persons: Users (e.g. website visitors, users of online services).
  • Purposes of Processing: Provision of our online services and user-friendliness.
  • Legal Basis: Legitimate interests (Art. 6 para. 1 sent. 1 lit. f GDPR).

Further information on processing, procedures, and services:

  • Google Fonts (Access from Google Server): Access to fonts (and symbols) for the purpose of a technically secure, maintenance-free, and efficient use of fonts and symbols with respect to current updates and loading times, their consistent display, and consideration of any licensing restrictions. The font provider is informed of the user's IP address so that the fonts can be provided to the user's browser. Additionally, technical data (language settings, screen resolution, operating system, used hardware) is transmitted, which is necessary for providing the fonts depending on the devices used and the technical environment. This data may be processed on a server of the font provider in the USA. When visiting our online offer, the users' browsers send their browser HTTP requests to the Google Fonts Web API (i.e., an interface for retrieving fonts). The Google Fonts Web API provides users with the Cascading Style Sheets (CSS) of Google Fonts and then the fonts specified in the CSS. These HTTP requests include (1) the IP address used by the respective user to access the Internet, (2) the requested URL on the Google server, and (3) the HTTP headers, including the user agent, which describes the browser and operating system versions of the website visitors, as well as the referer URL (i.e., the webpage on which the Google font is to be displayed). IP addresses are neither logged nor stored on Google servers, and they are not analyzed. The Google Fonts Web API logs details of the HTTP requests (requested URL, user agent, and referer URL). Access to this data is restricted and strictly controlled. The requested URL identifies the font families for which the user wants to load fonts. This data is logged so that Google can determine how often a particular font family is requested. The user agent must adjust the font generated for the respective browser type. The user agent is primarily logged for debugging and used to generate aggregated usage statistics, which measure the popularity of font families. These aggregated usage statistics are published on the Google Fonts "Analytics" page. Finally, the referer URL is logged, so the data can be used for production maintenance and an aggregated report of the top integrations based on the number of font requests can be generated. According to Google, they do not use any information collected by Google Fonts to create user profiles or target advertisements; Service Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; Legal Basis: Legitimate interests (Art. 6 para. 1 sent. 1 lit. f GDPR); Website: https://fonts.google.com/; Privacy Policy: https://policies.google.com/privacy; Further Information: https://developers.google.com/fonts/faq/privacy?hl=en.
  • YouTube Videos: Video content; Service Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; Legal Basis: Legitimate interests (Art. 6 para. 1 sent. 1 lit. f GDPR); Website: https://www.youtube.com; Privacy Policy: https://policies.google.com/privacy; Opt-Out Option: Opt-Out Plugin: https://tools.google.com/dlpage/gaoptout?hl=en, Ad Settings: https://adssettings.google.com/authenticated.

Created with the free Privacy Generator by Dr. Thomas Schwenke

Download the Smartphone App

Regatta Hero on App Store

Regatta Hero on Google Play

Tips for Android Smartphones