Thank you for using pokertools.online! To ensure the proper functioning of our
services, it is necessary to process personal data in some cases. Fairness and
transparency are our top priorities—therefore, we would like to inform you here
about which data we process, for what purpose, and on what legal basis.
Additionally, we would like to inform you about your rights under the European
General Data Protection Regulation (GDPR) and the (German) Federal Data Protection
Act (BDSG).
This privacy policy applies to the digital services of pokertools.online,
hereinafter also referred to as the "Website", and the associated
subdomains.
If you have any questions, comments, or wish to exercise your rights, please contact:
Dominik Johs
Auwaldstr. 1A
76661 Philippsburg
E-Mail:
info@pokertools.online
As a data subject, you have the right to assert your data subject rights with us. In
particular, you have the following rights:
If you believe that the processing of personal data concerning you violates the provisions of the GDPR, you have the right, in accordance with Article 77 GDPR, to lodge a complaint with a supervisory authority.
If you believe that the processing of personal data concerning you violates the provisions of the GDPR, you have the right, in accordance with Article 21(2) and (3) GDPR, to object to the processing.
We process personal data in compliance with the relevant data protection
regulations, particularly the GDPR and the BDSG. Data processing by us takes place
only on the basis of legal authorization.
When using this website, we process personal data only with your consent (§ 25(1)
TDDDG or Article 6(1)(a) GDPR), to fulfill a contract to which you are a party, or
at your request to carry out pre-contractual measures (Article 6(1)(b) GDPR), to
fulfill a legal obligation (Article 6(1)(c) GDPR), or if the processing is necessary
to protect our legitimate interests or the legitimate interests of a third party,
provided that your interests or fundamental rights and freedoms, which require the
protection of personal data, do not override them (Article 6(1)(f) GDPR).
Unless otherwise indicated in the following notes, we store the data only for as long as is necessary to achieve the processing purpose or to fulfill our contractual or legal obligations. Such legal retention obligations may arise in particular from commercial or tax law provisions.
We use data processors in the context of processing your data. Processing operations
carried out by such processors include, for example, hosting, authentication, [...].
Our data processing may involve the transfer of certain personal data to third
countries, i.e., countries where the GDPR is not applicable law. Such a transfer is
permissible if the European Commission has determined that an adequate level of data
protection exists in such a third country. If no such adequacy decision by the
European Commission is in place, a transfer of personal data to a third country will
only occur if there are suitable safeguards in accordance with Art. 46 GDPR or if
one of the conditions of Art. 49 GDPR is met.
In the absence of an adequacy decision and unless otherwise specified below, we use
the EU Standard Contractual Clauses as appropriate safeguards for the transfer of
personal data to third countries. You have the opportunity to obtain or review a
copy of these EU Standard Contractual Clauses. Please contact the address provided
under Contact for this purpose.
If you consent to the transfer of personal data to third countries, the transfer is
based on the legal grounds of Art. 49(1)(a) GDPR.
When using our website for informational purposes only, general information that your browser transmits to our server, as well as to data processors, is stored automatically.
The data transmitted by your browser may include the following information:
Data processing is carried out to safeguard our legitimate interests in the secure
and efficient provision of the website and is based on the legal grounds of Art.
6(1)(f) GDPR.
Processing of this data is neither legally nor contractually required. The
website's functionality cannot be ensured without this processing. We are
unable to identify you as a data subject based on the stored information. Therefore,
Articles 15 to 20 GDPR do not apply according to Art. 11(2) GDPR, unless you provide
additional information that enables your identification to exercise the rights laid
down in these articles.
The data is processed exclusively by our data processors and is only stored as long as necessary for the described purposes.
We use hosting products from BunnyWay d.o.o., Dunajska cesta 165, 1000 Ljubljana,
Slovenia, to provide our website.
BunnyWay is a Slovenian hosting provider that offers solutions for delivering
websites and web applications. We use the services bunny.net CDN and bunny.net
Storage for the efficient delivery of our website. A CDN (Content Delivery Network)
is a worldwide network of servers that stores and delivers static copies of our
website on servers in different countries. This allows for faster content delivery
and better website performance. BunnyWay is headquartered in Ljubljana, Slovenia.
Slovenia is part of the European Union, and BunnyWay's services are subject to
EU data protection laws.
BunnyWay is the recipient of your personal data and acts as a data processor on our
behalf. This aligns with our legitimate interest according to Art. 6(1)(f) GDPR, as
it allows us to avoid operating our own CDN. We have entered into a data processing
agreement with BunnyWay for the use of BunnyWay products (Art. 28 GDPR). This is a
data protection legally required contract that ensures BunnyWay processes the
personal data of our website visitors only according to our instructions and in
compliance with the GDPR.
When registering a user account on our website or using our website as a logged-in user, additional personal data is collected and transmitted to additional data processors.
Data processing is carried out to safeguard our legitimate interests in the secure provision of the website and is based on the legal grounds of Art. 6(1)(f) GDPR. Processing of this data is neither legally nor contractually required. The website's functionality cannot be ensured without this processing.
The stored data is retained until you delete your user account.
We use the service Google Firebase Authentication by Google Ireland Limited, Gordon
House, 4 Barrow Street, D04 E5W5 Dublin, Ireland (“Google”), to perform
authentication processes and manage user accounts.
Firebase Authentication is a login and authentication service provided by Google. To
simplify the login and authentication process, Firebase Authentication can use
third-party identity services and store the information on its platform.
To use Firebase Authentication for our purposes, the following data is transmitted
to and stored by Google: unique user ID, username, email address, and password
(encrypted). For more information on Google Firebase and privacy, please visit
https://policies.google.com/privacy
and
firebase.google.com.
Google is the recipient of your personal data and acts as a data processor on our
behalf. This aligns with our legitimate interest under Art. 6(1)(f) of the GDPR,
allowing us to avoid the need to provide our own authentication system. Google may
process your data, including in the USA. As an active participant in the EU-US Data
Privacy Framework (DPF), Google ensures that the transfer of personal data from EU
citizens to the USA is specifically and securely regulated. Additionally, Google has
implemented compliance measures for international data transfers based on the EU
Standard Contractual Clauses (SCCs). These measures apply to all global activities
where Google processes personal data of individuals in the EU. For more information,
please visit:
https://cloud.google.com/terms/sccs
We offer a registration and login with Google Single-Sign-On. Google Single-Sign-On
is a login and authentication service provided by Google Ireland Limited, Gordon
House, 4 Barrow Street, D04 E5W5 Dublin, Irland („Google“) which allows you to log in
with a Google account.
To use Google Single-Sign-On for our purposes, the following data is transmitted to
us by Google: Unique user ID, display name, email address, profile picture.
The login or registration with Google Single-Sign-On is carried out completely
via the Google system. During the login or registration process, you are
redirected to a Google page. Google may therefore collect data that your browser
transmits to Google. This includes, for example, the data listed under "Provision
of the Website".
Google may process your data in the USA. As an active participant in the
EU-US Data Privacy Framework (DPF), Google ensures that the transfer of personal
data from EU citizens to the USA is specifically and securely regulated.
Additionally, Google has implemented compliance measures for international data
transfers based on the EU Standard Contractual Clauses (SCCs). These measures apply
to all global activities where Google processes personal data of individuals in the
EU. For more information, please visit:
https://cloud.google.com/terms/sccs
The data you enter while using our website is stored in the backend services we developed for this site. This data is not shared with third parties and is stored on servers in Germany. To ensure certain functionalities of the website, personal data is also processed.
Data processing is carried out to safeguard our legitimate interests in the secure, efficient, and functionally correct provision of the website and is based on the legal grounds of Art. 6(1)(f) GDPR. Processing of this data is neither legally nor contractually required. The website's functionality cannot be ensured without this processing.
These data are stored until you delete your user account. The server log files we collect are deleted after 7 days, unless there are specific indications of a legitimate suspicion of unlawful use, requiring further examination and processing of the information.
We use hosting products from Hetzner Online GmbH, Industriestr. 25, 91710
Gunzenhausen, Germany (“Hetzner”), to provide our backend services.
Hetzner is a German hosting provider offering server and cloud solutions for the
provision of websites and web applications. Hetzner stores the data we transmit for
processing on servers in Germany.
Hetzner is the recipient of your personal data and acts as a data processor for us.
This aligns with our legitimate interest under Art. 6(1)(f) GDPR in not having to
operate our own servers. We have entered into a data processing agreement with
Hetzner for the use of Hetzner products (Art. 28 GDPR). This is a data
protection-required contract that ensures Hetzner processes the personal data of our
website visitors only according to our instructions and in compliance with the GDPR.
We use tools on our website for performance measurement and error analysis. These tools allow us to measure the website's performance and analyze errors to improve user-friendliness. The tools may process personal data.
Data processing is carried out to safeguard our legitimate interests in optimizing our services and is based on the legal grounds of Art. 6(1)(f) GDPR.
The data we collect for error analysis and performance measurement is deleted within 90 days at the latest.
We use a JS agent from New Relic, Inc, 188 Spear Street, Suite 1000, San Francisco,
CA 94105, USA (“New Relic”), to monitor the performance and correct functionality of
our website.
The New Relic JS Agent allows us to assess and improve the stability of our services
by monitoring the system and code errors.
The New Relic JS Agent collects and stores data about website usage as well as the
IP address. According to New Relic, the IP address is used solely for location
determination and is not stored. Therefore, we cannot identify you as a data subject
based on the stored information. Consequently, Articles 15 to 20 GDPR do not apply
according to Art. 11(2) GDPR.
New Relic is the recipient of your personal data and acts as a data processor on our
behalf. The legal basis for the processing is your consent according to Art. 6 para.
1 lit. a GDPR. New Relic may also process your data in the USA, among other
locations. As an active participant in the EU-US Data Privacy Framework (DPF), New
Relic ensures that the transfer of personal data from EU citizens to the USA is
specifically and securely regulated. Additionally, we have entered into a data
processing agreement with New Relic for the use of New Relic products (Art. 28
GDPR). This is a data protection legally required contract that ensures that they
process the personal data of our website visitors only according to our instructions
and in compliance with the GDPR. This contract is based on the EU Standard
Contractual Clauses (SCCs).
To ensure the proper functioning of our website, we use various technologies to store data on your device. We use these technologies solely to ensure the proper functionality of the website. Storing the data listed below on your device is therefore technically necessary and does not require your consent.
Name: firebaseLocalStorageDb
Type: IndexedDB
Purpose: To determine if you are already logged
in, Firebase Authentication stores information about the currently logged-in user in
this database.
Storage Duration: Current Session
Name: firebase-heartbeat-db
Type: IndexedDB
Purpose: To protect your service from abuse,
Firebase Authentication performs regular connection checks (so-called Heartbeats).
Information about these Heartbeats is stored in this database.
Storage Duration: Persistent
Name: pto-db/expandings
Typ: IndexedDB
Purpose: To determine which folders you have
expanded in the Range Editor, we store this information in your browser to ensure a
seamless workflow when you visit the website again.
Storage Duration: Persistent
Name: pto-db/routes
Type: IndexedDB
Purpose: To direct you to the correct location
when you visit the website or switch between functionalities, we store the last used
routes in your browser to ensure a seamless workflow.
Storage Duration: Persistent
Name: pto-db/settings/language
Type: IndexedDB
Purpose: To determine the language you prefer, we
store this information in your browser.
Storage Duration: Persistent