1. Scope of Application
2. Personal Data
Personal data is information with the help of which a person can be identified, i.e. information that can be traced back to a person. This typically includes the name, e-mail address or telephone number. In addition, purely technical data that can be assigned to a person can also be regarded as personal data. We process the personal data of our users only to the extent necessary to provide a functioning webapp as well as our content and services. The processing of personal data of our users takes place regularly only with the consent of the user. An exception applies in those cases in which it is not possible to obtain prior consent for actual reasons and the processing of the data is permitted by statutory provisions.
3. Legal Basis for the Processing of Personal Data
Insofar as we obtain your consent for the processing of personal data, Art. 6 para. 1 lit. a EU Data Protection Basic Regulation (GDPR) serves as the legal basis. Art. 6 para. 1 lit. b GDPR serves as the legal basis for the processing of personal data that is required to fulfil a contract with you. This also applies to processing operations that are necessary for the implementation of pre-contractual measures. Insofar as the processing of personal data is necessary to fulfil a legal obligation to which our company is subject, Art. 6 para. 1 lit. c GDPR serves as the legal basis. Very rarely, it may also be the case that vital interests of you or another natural person necessitate the processing of personal data. In these cases, Art. 6 para. 1 lit. d GDPR serves as the legal basis.
If the processing is necessary to safeguard a legitimate interest of our company or a third party and if your interests, fundamental rights and fundamental freedoms do not outweigh our interest or the interest of a third party, Art. 6 para. 1 lit. f GDPR serves as the legal basis for the processing. In these cases, our legitimate interest is derived from the purposes of processing listed in this data protection declaration.
4. Data Erasure and Storage Period
The personal data of the person concerned will be deleted or blocked as soon as the purpose of storage no longer applies. In addition, the data may be stored if the European or national legislator has provided for this in Union regulations, laws or other provisions to which the person responsible is subject. The data shall also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless it is necessary for further storage of the data for the conclusion or performance of a contract.
5. Automatic Collection of Access Data/Server Log Files
We automatically collect a number of technical data each time you access the Webapp.?These are:
The IP address of the user
The Internet Service Provider of the User
Name of the requested website or file
Date and time of access
transferred data volume
Notification of successful retrieval
Browser type and version
Operating system of the user
used terminal device of the user, including MAC address
Referrer URL (the previously visited page)
The data mentioned will be processed by us for the following purposes:
to ensure a smooth connection setup of our webapp;
to ensure a comfortable use of our webapp;
in order to be able to track unauthorised access to our webapp;
to evaluate system security and stability; and
for other administrative purposes.
The data is also stored in the log files of our system. These data are not stored together with other personal data of the user.
6. What is an IP-Adress?
Each device (e.g. smartphone, tablet, PC) connected to the Internet is assigned an IP address. Which IP address this is depends on which Internet access your device is currently connected to. This can be the IP address assigned to you by your Internet provider, for example, if you are connected to the Internet at home via your W-Lan. However, it can also be an IP address assigned to you by your mobile phone provider or the IP address of a provider of public or private W-Lan or other Internet access. In its currently most common form (IPv4), the IP address consists of four digit blocks separated by dots. In most cases, as a private user you will not use a constant IP address, as this is only temporarily assigned to you by your provider (so-called “dynamic IP address”). In the case of a permanently assigned IP address (so-called “static IP address”), it is in principle possible to unambiguously assign the user data using this feature.
Our webapp already supports the new IPv6 addresses. If you already have an IPv6 address, you should also know the following: The IPv6 address consists of eight blocks of four. The first four blocks, as with the entire IPv4 address, are typically assigned dynamically by private users. The last four blocks of an IPv6 address (so called “interface identifiers”) are determined by the device you use to browse the webapp. If this is not set differently in your operating system, the so-called MAC address is used for this. The MAC address is a kind of serial number that is assigned worldwide for each IP-enabled device. We therefore do not store the last four blocks of your IPv6 address. In general, we recommend that you activate the so-called “Privacy Extensions” on your end device in order to make the last four blocks of your IPv6 address more anonymous. Most common operating systems have a “Privacy Extensions” function, but in some cases this is not factory set.
7. Publicly Accessible Content
Please note that Kingsleague provides a platform where you can interact with other users. Accordingly, we will make parts of your personal data public. Depending on the selected publication settings, either no users, only certain users selected by you, or all users of Kingsleague can view this information. If you do not agree to this, you can delete the content or entries posted via your user account at any time.
8. User Profiles
When creating a user account for our webapp, you will be asked to enter a number of personal information (including first name, last name, street, zip code, city, telephone number, e-mail address and possibly other information that we ask for when registering). You can always view the data in the “User account” section. You can also delete the entire user account at any time. We collect, store and process your data mentioned in this section for the entire performance of your contract, including any subsequent warranties and for the performance of our services. The legal basis for the processing is Art. 6 Para. 1 S. 1 lit. b GDPR.
Your personal data will only be passed on or otherwise transmitted to third parties if this is necessary for the purpose of processing the contract or billing, if this is permitted by a legal provision, if you have given your prior consent, or if the transfer is necessary for the assertion, exercise or defence of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not passing on your data. The data passed on in this way may only be used by our service providers for the performance of their order-related tasks. Any other use of the information is not permitted and will not be made by any of the service providers entrusted by us.
9. Use of Your Data for Advertising Purposes
We will use your name and address for your further information about interesting products and services of Kingsleague Germany GmbH (self-promotion). We will send you offers via email, web, mail and the Kingsleague App. You can choose through which channels we can reach you. For selected companies that would like to advertise their own services/products, as well as for dialogue marketing companies, your so-called list data (name, first name, title, address, year of birth) will be used by us or transmitted to these companies (external advertising) on the basis of the legal provisions for advertising via the above-mentioned channels. With the application of the basic EU data protection regulation from May 25th 2018, further data beyond the so-called list data can also be used and transmitted for advertising purposes. In doing so, we will weigh up your interests, taking into account your interests in the exclusion of individual data for advertising use. You can object to the above-mentioned future use of your data for your own and/or third-party advertising at any time for the future by sending a message to the contact options listed in the imprint of the webapp.
Otherwise, your e-mail address and/or telephone number will only be used for advertising purposes if you have given us your consent to do so. You can revoke your consent at any time for the future by sending a message to the contact options listed in the imprint of the webapp.
10. Facebook Custom Audiences, Facebook Pixel
In order to find new Kingsleague friends and to make you interesting offers related to you, we transmit your data encrypted and anonymized to Facebook – so we can inspire even more passionate gamers for Kingsleague. Our ads will be displayed primarily to those for whom they are interesting. We use “Facebook Custom Audiences” for this procedure, which is very common in marketing. We don’t give Facebook any names, e-mails or personal information from you in plain text, but upload them in encrypted form. In this way we ensure that no third parties have access to your data and that you will not suffer any disadvantages as a result.
Due to the marketing tools used, your browser automatically establishes a direct connection with the Facebook server. We have no influence on the extent and further use of the data collected by Facebook through the use of this tool and therefore inform you according to our state of knowledge: By integrating Facebook Custom Audiences, Facebook receives the information that you have accessed the corresponding website of our webapp or clicked on an advertisement from us. If you are registered with a Facebook service, Facebook can assign the visit to your account. Even if you are not registered with Facebook or have not logged in, the provider may learn and store your IP address and other identifiers.
We also use the so-called “Facebook Pixel” to create Facebook Custom Audiences. When you visit our webapp and also when you perform certain actions, the Facebook pixel is triggered and the visit or action is reported – anonymously – to Facebook and registered by Facebook. Based on the information collected, Facebook can tell us how successful our webapp is. In a second step, we also determine which of our offers are of interest to which user groups. These user groups can then be advertised again by us as potentially interested parties, this is called “remarketing”.
By submitting the declaration of consent when creating your user account, you consent to data processing by us via “Facebook Custom Audiences”. You can revoke this consent with effect for the future at any time by informing us of your revocation, e.g. at the e-mail address given in the imprint.
The deactivation of the function “Facebook Custom Audiences” is possible for logged-in users at https://www.facebook.com/settings/?tab=ads .
Further information on data processing by Facebook can be found at https://www.facebook.com/about/privacy.
11. Registration with Facebook Connect
Instead of registering directly on our webapp, you can register with Facebook Connect. This service is provided by Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.
If you decide to register with Facebook Connect and click on the “Login with Facebook” / “Connect with Facebook” button, you will automatically be redirected to the Facebook platform. There you can log in with your usage data. This links your Facebook profile to our webapp or services. This link gives us access to your data stored on Facebook. These are above all:
Facebook-Profile- and Coverpicture
deposited E-Mail-adress at Facebook
This data will be used to set up, provide and personalize your account.
Registration with Facebook-Connect and the associated data processing procedures are based on your consent (Art. 6 para. 1 lit. a GDPR). You can revoke this consent at any time with effect for the future.
12. Facebook-Plugins (Like&Share-Button)
Plugins of the social network Facebook, provider Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA, are integrated on our pages and webapp. You can recognize the Facebook plugins by the Facebook logo or the “Like” button on our page. You can find an overview of the Facebook plugins here: https://developers.facebook.com/docs/plugins/?locale=de_DE.
If you do not want Facebook to associate visiting our pages with your Facebook user account, please log out of your Facebook user account.
The Facebook plug-ins are used on the basis of Art. 6 Para. 1 lit. f GDPR. The webapp operator has a justified interest in the widest possible visibility in the social media.
When you contact us (for example via contact form or e-mail), your details and the personal data transmitted will be stored for the purpose of processing the enquiry and in the event that follow-up questions arise.
On the webapp you can subscribe to a newsletter in which we inform you about new services, offers and further actions.
When you subscribe to the newsletter, we store your IP address and the date of registration. This storage serves solely as proof in the event that a third party misuses an e-mail address and registers for receiving the newsletter without the knowledge of the authorised party. This data will only be used to send the newsletter and will not be passed on to third parties.
You can revoke your consent to the use of your e-mail address for sending the newsletter at any time. The revocation can be made via a link in the newsletters themselves or by sending a message to the contact options in the imprint of the webapp.
We would like to point out that we evaluate your user behaviour when sending the newsletter. For this evaluation, the e-mails sent contain so-called web beacons or tracking pixels, which represent one-pixel image files stored on our webapp. Links received in the newsletter also contain this ID. For the evaluations, we link your personal data already collected by us (data transmission when simply visiting our web app) and the web beacons with your e-mail address and an individual ID.
With the data obtained in this way, we create a user profile in order to tailor the newsletter to your individual interests. We record when you read our newsletter, which links you click in it and infer your personal interests from this. We link this data to actions you take on our webapp.
You can object to this tracking at any time by clicking on the separate link provided in each e-mail or by informing us of the e-mail address given in the imprint. The information is stored as long as you have subscribed to the newsletter. After you unsubscribe, we store the data purely statistically and anonymously. Such tracking is also not possible if you have deactivated the display of pictures in your e-mail program by default. In this case, the newsletter will not be displayed completely and you may not be able to use all functions. If you have the pictures displayed manually, the above mentioned tracking will take place.
Some cookies are automatically deleted from your end device as soon as you leave the website (so-called session cookie). Other cookies are stored for a certain period of time, which does not exceed two years (persistent cookies). We also use so-called third-party cookies, which are administered by third parties in order to offer certain services. These third parties may only collect, process or use your data within the scope of their order and in accordance with our instructions. In particular, they may not pass on your data.
16. Google Analytics
This webapp uses Google Analytics, a web analytics service provided by Google Inc. (“Google”). Google Analytics uses several “cookies” (see above) to identify your browser. The information generated by the cookies about your use of this webapp is generally transmitted to a Google server in the United States and stored there. However, we have activated the IP anonymisation function on this webapp, so that your IP address is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On our behalf, Google will use this information to evaluate your use of the webapp, compile reports on webapp activity and provide other services to the webapp operator relating to webapp activity and internet usage. The IP address transmitted by your browser as part of Google Analytics is not merged with other data from Google. You can also prevent the transmission to Google of the data generated by the cookie and related to your use of the webapp (including your IP address) and the processing of this data by Google by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=de.
For the exceptional cases in which personal data is transferred to the USA, Google has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework. The legal basis for the use of Google Analytics is Art. 6 Para. 1 S. 1 lit. f GDPR.
Third party information: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001.
This webapp also uses the Google Tag Manager. The Google Tag Manager is a kind of user administration for our IT department that makes it easier to manage a link to Google Analytics, for example.
17. Google Adsense
This webapp uses Google AdSense, a service for the integration of Google Inc. advertisements. (“Google”). Provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Google AdSense uses “cookies”, which are text files placed on your computer, to help the webapp analyze how users use the site. Google AdSense also uses so-called web beacons (invisible graphics). Through these web beacons, information such as visitor traffic on these pages can be evaluated.
The information generated by cookies and web beacons about the use of this webapp (including your IP address) and the delivery of advertising formats is transmitted to a Google server in the USA and stored there. This information can be passed on by Google to Google’s contractual partners. However, Google will not merge your IP address with other data stored by you.
AdSense cookies are stored on the basis of Art. 6 Para. 1 lit. f GDPR. The webapp operator has a legitimate interest in analysing user behaviour in order to optimise both its webapp and its advertising.
You can prevent the installation of cookies by setting your browser software accordingly; we would like to point out that in this case you may not be able to use all the functions of this webapp to their full extent. By using this webapp, you consent to the processing of data about you by Google in the manner and for the purposes set out above.
18. Google Analytics Remarketing
Our sites use Google Analytics Remarketing features in conjunction with the cross-device features of Google AdWords and Google DoubleClick. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
This feature allows Google Analytics Remarketing to link advertising target groups with the cross-device capabilities of Google AdWords and Google DoubleClick. In this way, interest-related, personalized advertising messages that have been adapted to you depending on your previous usage and surfing behavior on one device (e.g. mobile phone) can also be displayed on another of your devices (e.g. tablet or PC).
If you have given your consent, Google will link your web and app browser history to your Google Account for this purpose. In this way, the same personalized advertising messages can be displayed on every device on which you log in with your Google Account.
To support this feature, Google Analytics collects Google-authenticated user IDs that are temporarily linked to our Google Analytics data to define and create target audiences for cross-device advertising.
You can permanently opt out of cross-device remarketing/targeting by opting out of personalized advertising in your Google Account by following this link: https://www.google.com/settings/ads/onweb/
The data collected in your Google Account will only be aggregated on the basis of your consent, which you may give or revoke to Google (Art. 6 Para. 1 lit. a GDPR). In the case of data collection processes that are not merged into your Google Account (e.g. because you do not have a Google Account or have objected to the merging), the collection of data is based on Art. 6 Para. 1 lit. f GDPR. The legitimate interest arises from the fact that the webapp operator has an interest in the anonymous analysis of webapp visitors for advertising purposes.
Further information and the data protection regulations can be found in Google’s data protection declaration at: https://policies.google.com/technologies/ads?hl=de.
19. Google Adwords and Google Conversion-Tracking
This webapp uses Google AdWords. AdWords is an online advertising program of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States (“Google”).
As part of Google AdWords, we use what is known as conversion tracking. When you click on an ad placed by Google, a conversion tracking cookie is set. Cookies are small text files that the Internet browser places on the user’s computer. These cookies expire after 30 days and are not used to personally identify users. If the user visits certain pages on this site and the cookie has not expired, Google and we may recognize that the user clicked on the ad and was directed to that page.
Each Google AdWords customer receives a different cookie. Cookies cannot be tracked through AdWords customer websites. The information collected from the Conversion cookie is used to generate conversion statistics for AdWords customers who have opted for Conversion Tracking. Customers will know the total number of users who clicked on their ad and were directed to a page with a conversion tracking tag. However, you will not receive any information that personally identifies users. If you do not want to participate in tracking, you can opt out of this use by turning off the Google Conversion Tracking cookie in your web browser under User Preferences. You will then not be included in the conversion tracking statistics.
The storage of “conversion cookies” and the use of this tracking tool are based on Art. 6 para. 1 lit. f GDPR. The webapp operator has a legitimate interest in analysing user behaviour in order to optimise both its webapp and its advertising.
You can set your browser so that you are informed when cookies are set and allow cookies only in individual cases, accept cookies for specific cases or generally exclude them and activate the automatic deletion of cookies when you close your browser. If cookies are deactivated, the functionality of this webapp may be restricted.
20. DoubleClick by Google
Due to the marketing tools used, your browser automatically establishes a direct connection with Google’s server. We have no influence on the extent and the further use of the data, which are raised by the employment of this tool by Google and inform you therefore according to our knowledge conditions: By the integration of DoubleClick Google receives the information that you called the appropriate part of our internet appearance or clicked an announcement of us. If you are registered with a Google service, Google can assign the visit to your account. Even if you are not registered with Google or have not logged in, it is possible that the provider may find out and store your IP address.
You can prevent participation in this tracking process in various ways:
By setting your browser software accordingly, in particular by suppressing third party cookies, you will not receive any advertisements from third parties,
By disabling conversion tracking cookies by setting your browser to block cookies from the “www.googleadservices.com” domain, https://www.google.de/settings/ads, which will be deleted if you delete your cookies,
By disabling the interest-based ads of the providers that are part of the “About Ads” self-regulatory campaign via the link http://www.aboutads.info/choices, whereby this setting is deleted when you delete your cookies;
By permanently disabling it in your Firefox, Internet Explorer or Google Chrome browser at the http://www.google.com/settings/ads/plugin link.
We would like to point out that in this case you may not be able to use all functions of this offer to their full extent. The legal basis for the processing of your data is Art. 6 Para. 1 S. 1 lit. f GDPR. Further information about DoubleClick by Google can be found at: https://www.google.de/doubleclick, as well as data protection at Google in general: https://www.google.de/intl/de/policies/privacy. Google has subjected itself to the EU-US Privacy Shield and thus guarantees compliance with the EU data protection standard.
21. Youtube with extended Data Protection
Our webapp uses plugins of the website YouTube. The site is operated by YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA.
We use YouTube in advanced privacy mode. According to YouTube, this mode means that YouTube does not store any information about visitors to this webapp before they watch the video. However, YouTube’s enhanced privacy mode does not necessarily preclude the sharing of information with YouTube partners. YouTube connects to the Google DoubleClick network whether or not you’re watching a video.
When you start a YouTube video on our site, it connects to YouTube’s servers. This will tell the YouTube server which of our pages you’ve visited. If you are logged in to your YouTube account, you will be able to assign your surfing behaviour directly to your personal profile. You can prevent this by logging out of your YouTube account.
Furthermore, YouTube can save various cookies on your terminal device after starting a video. YouTube can use these cookies to obtain information about visitors to our webapp. This information is used, among other things, to collect video statistics, improve usability and prevent fraud. The cookies remain on your device until you delete them.
If necessary, after the start of a YouTube video, further data processing operations may be triggered over which we have no control.
YouTube is used in the interest of an appealing presentation of our online services. This constitutes a legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR.
Further information on data protection at YouTube can be found in their data protection declaration at: https://policies.google.com/privacy?hl=de.
The e-mails are sent via “MailChimp”, an e-mail dispatch platform of the US provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA.
The email addresses of our email recipients, as well as any other information described in this notice, are stored on MailChimp’s servers in the United States. MailChimp uses this information to send and evaluate emails on our behalf. In addition, MailChimp may use this information for its own information to optimize or improve its own services, e.g. to technically optimize the sending and display of emails or for economic purposes to determine from which countries the recipients come. However, MailChimp does not use the data of our email recipients to write to them or pass them on to third parties.
The emails contain a so-called “web-beacon”, i.e. a pixel-sized file that is retrieved from the MailChimp server when the newsletter is opened. Within the scope of this retrieval, technical information such as information about the browser and your system, as well as your IP address and time of retrieval are first collected. This information is used to technically improve the services on the basis of technical data or target groups and their reading behaviour on the basis of their retrieval locations (which can be determined with the help of the IP address) or access times.
Statistical surveys also include determining whether emails are opened, when they are opened and which links are clicked. For technical reasons, this information can be assigned to the individual email recipients. However, it is neither our nor MailChimp’s aim to observe individual users. The evaluations serve us much more to recognize the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users.
23. General Advertising-Opt-Out
Our website uses the web analysis service Hotjar of Hotjar Ltd. Hotjar Ltd. is a European company based in Malta (Hotjar Ltd, Level 2, St Julians Business Centre, 3, Elia Zammit Street, St Julians STJ 1000, Malta, Europe, Tel: +1 (855) 464-6788).
This tool allows you to track movements on the websites where Hotjar is used (so-called heat maps). For example, you can see how far users scroll and which buttons users click on how often. Furthermore, the tool also makes it possible to obtain feedback directly from the users of the website. Above all, Hotjar’s services can improve the functionality of the Hotjar-based website by making it more user-friendly, more valuable and easier for end users to use.
When using this tool, we take special care to protect your personal data. For example, we can only track which buttons are clicked, the path of the mouse, how far it scrolls, the screen size of the device, device type and browser information, geographic location (country only) and the preferred language to display our website. Areas of the websites where personal data of you or third parties are displayed are automatically hidden by Hotjar and can therefore not be traced at any time. In order to exclude the possibility of direct personal references, IP addresses are only stored and processed anonymously. However, Hotjar uses various third-party services such as Google Analytics and Optimizely. It may therefore be the case that these services collect data that is transmitted by your browser in the context of web page requests. This could be cookies or your IP address, for example. In these exceptional cases, this processing is carried out in accordance with Art. 6 Para. 1 letter a GDPR on the basis of the consent you have given for the purpose of statistical analysis of user behaviour for optimisation and marketing purposes.
Hotjar offers every user the option of preventing the use of the Hotjar tool by means of a “Do Not Track” header, so that no data about the visit to the respective website is recorded. This is a setting that is supported by all common browsers in current versions. To do this, your browser sends a request to Hotjar to disable tracking for that user. If you use our websites with different browsers/computers, you have to set up the “Do Not Track Header” separately for each of these browsers/computers.
You can prevent Hotjar from collecting your information at any time when you visit a Hotjar-based website by going to our opt-out page https://www.hotjar.com/legal/compliance/opt-out/ and clicking deactivate Hotjar.
For more information about Hotjar Ltd. and the Hotjar tool, please visit
This website uses the services of Active Campaign to send emails. The provider is the US provider ActiveCampaign, LLC, 150 N. Michigan Ave Suite 1230, Chicago, IL, US, USA. Active Campaign is a service that can be used to organize and analyze the sending of newsletters, among other things. If you enter data for the purpose of receiving email (e.g. email address), this data is stored on Active Campaign’s servers in the USA.
Active Campaign is certified according to the “EU-US Privacy Shield”. The “Privacy-Shield” is an agreement between the European Union (EU) and the USA, which aims to ensure that European data protection standards are respected in the USA. With the help of Active Campaign we can analyse our email campaigns. When you open an email sent with Active Campaign, a file contained in the email (called a web beacon) connects to Active Campaign’s servers in the USA. This allows you to see if a message has been opened and which links have been clicked on. Technical information is also collected (e.g. time of retrieval, IP address, browser type and operating system). This information cannot be assigned to the respective recipient. It is used exclusively for statistical analysis of campaigns. The results of these analyses can be used to better adapt future emails to the interests of the recipients.
If you do not wish to receive analysis from Active Campaign, you must unsubscribe. For this purpose we provide a corresponding link in every email.
The data processing is based on your consent (Art. 6 para. 1 lit. a GDPR). You can revoke this consent at any time by unsubscribing the newsletter. The legality of the data processing operations already carried out remains unaffected by the revocation. The data you provide us with for the purpose of receiving the newsletter will be stored by us until you unsubscribe and will be deleted from our servers as well as from the servers of Active Campaign after your unsubscription. Data that has been saved for other purposes (e.g. email addresses for the member area) remains unaffected.
Link to the Privacy Shield certification: https://www.privacyshield.gov/participant?id=a2zt0000000GnH6AAK
Visitors to our website can use various ways to contact us. At the moment these are e-mail and live chat. The data you voluntarily provide when using the above-mentioned contact options will be transmitted to us and stored. If you contact us via e-mail and/or social media, we will also store the personal data you provide. If you use our live chat, we also store cookies (see above) in addition to the personal data transmitted in the process.
Kingsleague uses the following systems: CRM system Freshsales, helpdesk system Freshdesk, chat system Freshchat. Provider of these three systems is Freshworks Inc, 1250 Bayhill Drive, Suite 315, San Bruno, CA 94066, USA (hereinafter: Freshworks). Freshsales is a general system for maintaining customer relations, while Freshdesk is a system with which contact requests can be accepted and managed. Freshchat serves the purpose of communication between you and Kingsleague via live chat.
Through the use of the aforementioned systems, the data you provide will be transmitted to Freshworks and stored on their servers in the USA. Freshworks transfers this data to external service providers in order to be able to offer their services. Freshworks has a certification according to the so-called “EU-US-Privacy-Shield” (https://www.privacyshield.gov/participant?id=a2zt0000000GnbQAAS&status=Active), so that the legal requirements for the adequacy of the data protection level according to Art. 45 GDPR are given. This is an agreement between the European Union and the USA, which is intended to ensure compliance with European data protection standards in the USA. You can find more about Freshworks and data protection on the Freshworks website (http://freshworks.com/privacy).
The legal basis for the processing described above is Art. 6 para. 1 letter a), Art. 6 para. 1 sentence 1 letter b) and letter f) GDPR. Their processing is carried out for the purpose of checking and answering such requests. Our justified interest in the described data processing results from this purpose as well as from the need for direct and effective customer communication and the correspondingly needs-based design of the website.
27. Advertising Analytics by Matomo
On our webapp we use the open source software tool Matomo (formerly PIWIK) to analyze the surfing behavior of our users. The software sets a cookie on the user’s computer (for cookies see above). If individual pages of our webapp are accessed, the following data is stored:
Two bytes of the IP address of the user’s calling system
The website accessed
The website from which the user accessed the called website (referrer)
The subpages called from the called web page
The time spent on the website
Frequency of a call of a site
The software runs exclusively on the servers of our webapp. A storage of the personal data of the users takes place only there. The data will not be passed on to third parties. The software is set so that the IP addresses are not stored completely, but 2 bytes of the IP address are masked (e.g.: 192.168.xxx.xxx). In this way, it is no longer possible to assign the shortened IP address to the calling computer.
The legal basis for the processing of users’ personal data is Art. 6 para. 1 lit. f GDPR. The processing of the users’ personal data enables us to analyse the surfing behaviour of our users. By evaluating the data obtained, we are able to compile information on the use of the individual components of our webapp. This helps us to constantly improve our webapp and its user-friendliness. In these purposes our legitimate interest also lies in the processing of data in accordance with Art. 6 Para. 1 lit. f GDPR. By anonymizing the IP address, the interest of users in the protection of their personal data is sufficiently taken into account. The data are deleted as soon as they are no longer needed for our recording purposes. In our case this is the case after 1 year.
28. Kingsleague App
With our Kingsleague App you can compete with other users in your favorite video games. When using the app, we process personal data about you.
When you download the app, certain required information is sent to the App Store you select (e.g., Google Play or Apple App Store). This data is processed exclusively by the respective App Store and is beyond our control.
As part of your use of the App, we automatically collect certain data required for the use of the App. This includes:
internal device ID,?
version of your operating system,?
version of the app?
time of the current access, the last access and the first access?
duration of access?
This data is automatically transmitted to us and stored in order to provide you with the service and the associated functions; to improve the functions and features of the app and to prevent and eliminate misuse and malfunctions.
This data processing is justified by the fact that (1) the processing is necessary for the fulfilment of the contract between you as the data subject and us pursuant to Art. 6 Para. 1 lit. b) GDPR for the use of the App, or (2) we have a legitimate interest in guaranteeing the functionality and error-free operation of the App and being able to offer a service that is in line with the market and interests and outweighs your rights and interests in the protection of your personal data pursuant to Art. 6 Para. 1 lit. f) GDPR.
In order to use the Kingsleague App, you must log in with your user ID. We use this data to authenticate you when you log in. This data processing is justified by the fact that (1) the processing is necessary for the fulfilment of the contract between you as the data subject and us in accordance with Art. 6 Para. 1 lit. b) GDPR for the use of the app, or (2) we have a legitimate interest in guaranteeing the functionality and error-free operation of the app and being able to offer a service that is in line with the market and interests and outweighs your rights and interests in the protection of your personal data within the meaning of Art. 6 Para. 1 lit. f) GDPR.
In order to upload media that can be used as evidence for disputes, the Kingsleague App needs access to your mobile phone camera. The processing and use of usage data is done to provide the service. This data processing is justified by the fact that the processing is necessary for the fulfilment of the contract between you as the data subject and us pursuant to Art. 6 Para. 1 lit. b) GDPR for the use of the app.
We are dependent on the following external company for the provision of our service:?OneSignal, Inc., 411 Borel Ave Suite 512, San Mateo, CA 94402. USA.
The provider’s privacy information can be found here: https://onesignal.com/privacy_policy. OneSignal transfers and processes information about the installed app, its usage, the temporary unique device ID (e.g. IDFA and Android-ID) and other data to OneSignal and thus also to countries outside the European Economic Area (“EEA”). The basis for this is Art. 6 para. 1 lit. f) GDPR. This processing of personal data is justified by the fact that we have a legitimate interest in analysing user behaviour in order to constantly improve the App and make its content as user-friendly as possible, and that your rights and interests in the protection of your personal data within the meaning of Art. 6 para. 1 lit. f GDPR do not predominate.
29. Electronic Payment Processes
We offer various ways of depositing money. In many cases, account data is only transferred to a third party who already has your account data as your bank or your payment service provider (e.g. Paypal). We process the rest of the data provided by you to process your payment order. For this purpose we can pass on your payment data to our house bank.
We are obliged by commercial and tax law to store your address, payment and order data for a period of ten years. However, we regularly restrict processing within the company, i.e. your data is only used to comply with legal obligations.
Kingsleague uses several payment providers (hereinafter referred to as “payment service providers”). The transaction data, which may include verification information about your identity, is stored both in Kingsleague’s systems and in the payment service provider’s systems. With regard to the transaction data processed by it, each party acts as an independent responsible body within the meaning of Art. 4 No. 7 GDPR. If you have any questions about data protection at the payment service provider, you can contact the payment service provider directly. The processing of personal data in connection with payments is carried out on the basis of Art. 6 b), f) GDPR. We also recommend that you inform yourself about the data protection regulations of the respective payment service providers.
In your and our interest, we will inform you for security reasons each time you log in with a new device to allow you to check whether the device is actually from you or someone has attempted to gain unauthorized access to your account. We collect the following information about the device you use to access your Kingsleague account: device type; manufacturer; login timestamp; IP address; screen resolution; time zone; operating system. This will help us assign the device you are using to your Kingsleague account.
31. Identity Check
We also reserve the right to conduct security checks at any time to verify the accuracy of your identity, age and login information and to verify whether your use of our services and financial transactions may violate our Terms and Conditions and applicable laws. Security checks may include, but are not limited to, information about possible fraudulent activities or other confirmations of your information using third party databases. Verification service providers may be used for this purpose. If we have a legitimate interest within the meaning of Art. 6 f) GDPR, we may use the personal information we collect about you and disclose it to third parties if we believe it is necessary to do so in order to conduct security checks or if we believe it is necessary to do so in order to verify the information you provide when using our services. This may include, where necessary, the transfer of this information abroad, including to countries outside the European Economic Area (EEA).
Requests to verification service providers as part of security checks or identity checks may be stored by the service providers. The respective service provider is (separate) responsible for this storage within the meaning of Art. 4 No. 7 GDPR. If you have any questions about data protection at the verification service providers, you can contact them directly.
The processing of personal data in connection with security checks or identity checks is carried out on the basis of Art. 6 c), f) GDPR.
32. Right of Access, Rectification, Cancellation, Limitation and Transferability; Right of Appeal
You have the right to request information about the personal data stored about you free of charge. In addition, you have the right to correct incorrect data, block and delete your personal data, unless there is no legal obligation to store. In addition, there is also the possibility to merely limit the processing of your data by us. You can also request that we make your data available to you in a transferable form.
You also have the right to complain to a data protection supervisory authority about the processing of your personal data by us..
33. Duration of Data Retention
We only store personal data for as long as is necessary to perform the services you have requested or for which you have given your consent, or for as long as is required by the purpose for which the data was processed, taking into account your interests, unless otherwise required by law.
34. SSL/Encrypted Data Transmission
Your personal data will be transmitted in encrypted form in order to prevent misuse by third parties, whereby we use a so-called SSL encryption (Secure Socket Layer). This is a common security technology which encrypts your personal data, including credit card information, login data and your payment method during transport. Please note that data transfer over the Internet cannot be guaranteed to be 100% secure.
35. Timeliness and Amendment of this Data Protection Declaration