Introduction
Thank
you for visiting our website. Jokerstar GmbH (hereinafter
"Jokerstar", "we" or "us") attaches
great importance to the security of users' data and compliance with
data protection regulations. We would like to inform you below about
the processing of your personal data on our website.
Responsible
body and data protection officer
Responsible body:
Jokerstar GmbH, Ziegeleistr. 26, 88255 Baindt
Phone: 07502-94 33 0
E-mail:
E-mail: info@jokerstar.de
Contact
details data protection officer:
DDSK
GmbH
E-mail:
datenschutz@jokerstar.de
Terms
The
technical terms used in this privacy policy are to be understood as
legally defined in Art. 4 GDPR.
Notes on
data processing
Automated data
processing (log files etc.)
Our
website can be visited without the user actively providing any
personal data. However, we automatically store access data (server
log files) such as the name of the Internet service provider, the
operating system used, the website from which the user visits us, the
date and duration of the visit or the name of the requested file, as
well as the IP address of the terminal device used for a period of 7
days for security reasons, e.g. to detect attacks on our website.
This data is evaluated exclusively to improve our offer and does not
allow any conclusions to be drawn about the person of the user. This
data is not merged with other data sources.
We
process and use the data for the following purposes: provision of the
website, improvement of our websites, prevention and detection of
errors/malfunctions and misuse of the website.
| Legal Basis |
Legitimate interest, pursuant to Art. 6 para. 1 lit. f) GDPR |
| Legitimate Interests |
Ensuring the functionality and error-free and secure operation of the website, and adapting the website to the requirements of the users. |
Required cookies (functionality, opt-out links, etc.)
In order to enable the use of the basic functions on our website and to provide the service requested by the user, we use so-called cookies on our website. Cookies are a standard internet technology for storing and retrieving information for website users. Cookies represent information and/or data that can be stored on the user's end device, for example. With classic cookie technology, the user's browser is instructed to store certain information on the user's device when a specific website is accessed.
Strictly necessary cookies are used to provide a digital service explicitly requested by the user, e.g:
Cookies for error analysis and security purposes
Cookies for storing logins
Cookies for storing data in online forms if the form extends over several pages
Cookies for saving (language) settings
Cookies to store items placed in the shopping cart by users to complete the purchase
Cookies for storing consent or revocation (opt-in, opt-out)
Some of the cookies used (so-called session cookies) are deleted after the end of the browser session, i.e. after closing the browser.
Cookies can be deleted by users afterwards in order to remove data that the website has stored on the user's computer.
The data processing described may also relate to information that is not personal but constitutes information within the meaning of the TDDDG. In these cases, too, this information may be necessary for the use of an expressly requested service and for this reason be stored in accordance with Section 25 TDDDG.
Storage and processing of unnecessary information and data
Beyond
the required scope, user data may be processed by means of cookies,
similar technologies or application-related technologies, e.g. for
the purpose of (cross-website) tracking or personalized advertising
etc.. Data may be transmitted to third-party providers. The storage
and further processing of user data that is not absolutely necessary
to provide the digital service is then carried out on the basis of
consent within the meaning of Art. 6 para. 1 lit. a) GDPR (if
applicable in conjunction with § 25 para. 2 no. 1 TDDDG).
Consent Management Platforms (consent management)
We
use a consent management process on our website to store and manage
the consent given by website visitors in a verifiable manner in
accordance with data protection requirements.
The
consent management platform we use helps us to recognize all cookies
and tracking technologies and manage them based on consent status. At
the same time, visitors to our website can use the consent management
service we have integrated to manage the consents and preferences
given (optional setting of cookies and other technologies that are
not required) or revoke consent at any time using the button.
The
status of the consent is stored on the server and/or in a cookie
(so-called opt-in cookie) or a comparable technology in order to be
able to assign the consent to a user or their device. The time of the
declaration of consent is also recorded.
| Data categories: |
Consent data (consent ID and number, time consent was given, opt-in or opt-out), meta and communication data |
| Purposes of processing: |
Fulfillment of accountability, consent
management |
| Legal basis |
Legal obligation (Art. 6 para. 1 lit. c) GDPR in
conjunction with Art. 7 GDPR) |
| Manage consent/revocation |
|
iubenda Consent
Solution
| Service used: |
Iubenda s.r.l., Via San Raffaele, 1, 20121 Milan, Italy |
| Data protection: |
https://www.iubenda.com/privacy-policy/30370247 |
| Third country transfer: |
/ |
Web analysis and
optimization
We
use tools for web analysis and reach measurement so that we can
evaluate visitor flows on our online offering. For this purpose, we
collect information about the behavior, interests or demographic
information of our visitors, such as age, gender or similar. This
helps us to recognize at what time our online offer, its functions or
content are most frequented or invite repeated visits. We can also
use the information collected to determine whether our online
offering needs to be optimized or adapted.
The
information collected for this purpose is stored in cookies or
similar procedures and is used for range measurement and
optimization. The data stored in the cookies may include content
viewed, online presences visited, settings and functions and systems
used. As a rule, however, no clear user data is processed for the
purposes described. In this case, the data is modified in such a way
that neither we nor the provider of the tool used know the actual
identity of the user. The data modified in this way is often stored
in user profiles.
| Categories of data subjects: |
Website visitors, users of online
services |
| Data categories: |
User data (e.g. websites visited, interest in
content, access times), meta and communication data (e.g. device
information, IP addresses), contact data (e.g. e-mail address,
telephone number), content data (e.g. text details, photographs,
videos)
|
| Purposes of processing: |
Website analysis, reach measurement,
utilization and evaluation of website interaction, lead evaluation |
|
Legal basis:
|
Legitimate interests (Art. 6 para. 1 lit. f)
GDPR)
|
|
Legitimate interests:
|
Optimization and further development of
the website, profit increase, customer loyalty and new customer
acquisition
|
Matomo
Online marketing
In
order to constantly increase our reach and the awareness of our
online offering, we process personal data in the context of online
marketing, in particular with regard to potential interests and
measuring the effectiveness of our marketing measures.
For
the purpose of measuring the effectiveness of our marketing measures
and recognizing potential interests, relevant information is stored
in cookies or similar procedures are used. The data stored in the
cookies may include content viewed, online presences visited,
settings and functions and systems used. As a rule, however, no clear
user data is processed for the purposes described. The data is then
modified in such a way that neither we nor the provider of the tool
used know the actual identity of the user. The modified data is often
stored in user profiles.
If
user profiles are stored, the data can be read, supplemented and
added to on the online marketing provider's server when visiting
other online offers that use the same online marketing process.
We
can determine the success of our advertisements on the basis of
summarized data made available to us by the provider of the online
marketing process (so-called conversion measurement). As part of
these conversion measurements, we can track whether a marketing
measure has led to a purchase decision by a visitor to our online
offering. This evaluation serves to analyze the success of our online
marketing.
| Categories of data subjects: |
Website visitors, users of online
services |
| Data categories: |
User data (e.g. websites visited, interest in
content, access times), meta and communication data (e.g. device
information, IP addresses), contact data (e.g. e-mail address,
telephone number), content data (e.g. text details, photographs,
videos)
|
| Purposes of processing: |
Website analysis, reach measurement,
utilization and evaluation of website interaction, lead evaluation |
|
Legal basis:
|
Legitimate interests (Art. 6 para. 1 lit. f)
GDPR)
|
|
Legitimate interests:
|
Optimization and further development of
the website, profit increase, customer loyalty and new customer
acquisition
|
Google Tag Manager
Google Analytics
Optimove
TradeDesk
Adition
MediaLytics (Pixel
Tracking)
Motion
Media Analytics (Pixel Tracking)
Offer of an affiliate program
In
order to draw attention to our offer on other online offers, we use
an affiliate program. We use special, so-called affiliate links or
similar methods, which give us information about how the user reached
our online offer. In return, the provider of the online offer from
whose site our offer was accessed regularly receives non-variable
remuneration.
By
adding certain values (e.g. time of clicking, online identification
of the source website, online identification of the offer, type of
link used, online identification of the user), which are components
of the link or by setting cookies, it is possible to assign the
affiliate links. In this way, we can trace which online offer was
used to access our offer.
| Categories of data subjects: |
Users (e.g. website visitors, users of online services), business and contractual partners |
| Data categories: |
Contract data (e.g. subject matter of the contract, term, customer category), usage data (e.g. websites visited, interests, access times), meta and communication data (e.g. device information, IP address)
|
| Purposes of processing: |
Expansion of reach, reach analysis and statistical evaluations, commission payment |
|
Legal basis:
|
Consent (Art. 6 para. 1 lit. a) GDPR), performance of a contract and pre-contractual inquiries (Art. 6 para. 1 sentence 1 lit. b) GDPR), legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR)
|
|
Legitimate interests:
|
Profit generation, increasing reach, customer acquisition/customer retention
|
MAP iGaming Affiliate Software
Social media presence
We
maintain online presences on social networks and career platforms so
that we can exchange information with the users registered there and
get in touch with them easily.
In
some cases, user data is used in social networks to conduct market
research and pursue advertising purposes. User profiles can be
created based on the usage behavior of users, for example the
indication of interests, and used to adapt advertisements to the
interests of target groups. Cookies are regularly stored on users'
end devices for this purpose, in some cases regardless of whether
they are registered users of the social network.
In
connection with the use of social media, we also use the associated
messengers to communicate easily with users. We would like to point
out that the security of individual services may depend on the user's
account settings. Even in the case of end-to-end encryption, the
service provider can draw conclusions about the fact that and when
users communicate with us and may collect location data.
Depending
on where the social network is operated, user data may be processed
outside the European Union or outside the European Economic Area.
This may result in risks for users, for example because it makes it
more difficult to enforce their rights.
| Categories of affected persons: |
Registered users and non-registered users of the social network |
| Data categories |
Master data (e.g. name, address), contact data (e.g. e-mail address, telephone number), content data (e.g. text details, photographs, videos), usage data (e.g. websites visited, interests, access times), meta and communication data (e.g. device information, IP address)
|
|
Purposes of the processing:
|
Expansion of the range, networking
|
|
Legal basis:
|
Legitimate interests (Art. 6 para. 1 lit. f) GDPR), consent (Art. 6 para. 1 lit. a) GDPR)
|
|
Legitimate interests:
|
Interaction and communication on social media presence, profit increase, insights about target groups
|
Instagram
Facebook
LinkedIn
| Recipient: |
LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland |
|
Legal basis:
|
Consent (Art. 6 para. 1 lit. a) GDPR)
|
|
Third country transfers:
|
EU-U.S. Data Privacy Framework
|
|
Privacy policy:
|
https://www.linkedin.com/legal/privacy-policy
|
Xing
YouTube
| Recipient: |
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland |
|
Legal basis:
|
Consent (Art. 6 para. 1 lit. a) GDPR)
|
|
Third country transfers:
|
EU-U.S. Data Privacy Framework
|
|
Privacy policy:
|
https://policies.google.com/privacy?hl=de&gl=de
|
Social media marketing
We
use our social media channels to advertise our products and services.
Our aim is to reach a broad community that we cannot reach via
traditional advertising channels, e.g. offline marketing (e.g.
flyers). The social media advertising is shown to users in the form
of text, display or video ads on their social media channels.
Targeting
As
part of our social media channels, we use so-called targeting
processes to track certain user activities (interactions) to ensure
that our ads are delivered to specific target groups. We use the
procedures and technologies of various social media providers. One
common technology is the so-called pixel.
We
install this pixel in the source code of our website. This ensures
that user navigation is recorded. When users interact with our
website or our ad on social media, the pixel records the people and
the actions they take (e.g. clicks on ads, bounces on websites) and
saves which pages and subpages have been accessed.
Products
and services viewed but not purchased in our ads are analyzed using
the technologies used. This serves to display real-time and
behavior-based advertising to potential customers on various social
media platforms. We can determine the success of our advertisements
on the basis of summarized data made available to us by the social
media provider (so-called conversion measurement). This allows us to
track whether a marketing measure has led to a so-called event (e.g.
downloading a PDF or playing a video) or a conversion (e.g. purchase
of a product or registration on our website). The evaluation is
provided to us in the form of statistics via our tracking tool and
serves to analyze the success of our online activities (success
control).
| Data categories: |
Usage and interaction data (e.g. websites visited, interests, access times), meta and communication data (e.g. device information, IP address, location data if applicable) |
|
Purposes of the processing:
|
Expansion of reach, reach analysis and statistical evaluations
|
|
Legal basis:
|
Consent (Art. 6 para. 1 lit. a) GDPR)
|
Meta Pixel
Meta advertisements
(Ads)
Competitions
We
use our online presences, in particular our social media presences,
to run competitions. In doing so, we process the data of the campaign
participants required for the implementation of the respective
campaign. This also includes data that we need in order to inform the
winner and pay out the prize.
You
can take part in the competitions on social media by posting a
comment, tagging a friend and following our channel on the relevant
platform.
The
winners will be notified by direct message and will be publicly
announced with their Instagram username / Facebook first name.
The
implementation of the respective action on our presence in a social
network is also subject to the terms of use and data protection
regulations of the respective network.
| Categories of persons affected: |
Participants in the competition |
| Data categories: |
Master data (e.g. name, address), contact data (e.g. e-mail address, telephone number), content data (e.g. text entries, photos, videos)
|
|
Purposes of the processing:
|
Carrying out the prize draw including prize distribution and announcement of the winne
|
|
Legal basis:
|
Consent (Art. 6 para. 1 lit. a) GDPR) |
Instagram
Facebook
Survey services (with data transmission)
From
time to time, we conduct surveys and questionnaires (hereinafter
"surveys") on our website. This helps us to improve our
services and to better meet the needs of our customers. Participation
in the survey is voluntary.
| Data categories: |
Meta and communication data (e.g. device information, IP address), usage data (e.g. interests, access times), master data (e.g. name, address), contact data (e.g. e-mail address, telephone number) |
|
Purposes of processing
|
Marketing, customer loyalty and new customer acquisition, improvement and optimization of the offer |
|
Legal basis:
|
Legitimate interest (Art. 6 para. 1 lit. f) GDPR)
|
Reputation+
Payment service provider
In
addition to banks and other financial institutions, we also use
various payment service providers to make and receive payments and
subsidies easily.
In
order to make transactions particularly convenient and uncomplicated
for visitors to our online offering, payments to us can also be made
via payment service providers. The payment service providers process
the data required for the transaction; when using the payment service
provider, we do not receive any of the data that visitors to our
online offering have provided to them. When using a payment service
provider, we only receive information with confirmation or negative
information about the payment.
| Categories of affected parties: |
Customers, |
| Data categories: |
Master data (e.g. name, address), transaction data (bank details, invoices, payment history), contract data (e.g. subject matter of contract, term), meta and communication data (e.g. device information, IP address), contact data (e.g. email address, telephone number) |
|
Purposes of processing:
|
Simplification of order and payment processing, outsourcing, data minimization |
|
Legal basis:
|
Legitimate interest (Art. 6 para. 1 lit. f) GDPR)
|
|
Legitimate interests:
|
Simplification of work processes, resource-efficient fulfillment, market research, service provision |
Klarna
|
Service used:
|
SOFORT GmbH, Theresienhöhe 12, 80339 Munich, Germany
|
|
Data protection:
|
https://www.klarna.com/sofort/datenschutz/
|
Adyen
PayPal
Trustly
Survey services
From
time to time, we conduct surveys and questionnaires (hereinafter
"surveys") on our website. This helps us to improve our
services and to better meet the needs of our customers. Participation
in the survey is voluntary.
| Data categories: |
Meta and communication data (e.g. device information, IP address), usage data (e.g. interests, access times), master data (e.g. name, address), contact data (e.g. e-mail address, telephone number), if applicable |
| Purposes of processing: |
Marketing, customer loyalty and new customer acquisition, improvement and optimization of the offer |
| Legal basis: |
Consent (Art. 6 para. 1 lit. a) GDPR) |
Reputation+
| Service used: |
reputativ GmbH, Petzvalstraße 38, 38104 Braunschweig, Germany |
| Data protection: |
Data protection - reputativ GmbH |
| Legal basis: |
Consent (Art. 6 para. 1 lit. a) GDPR) |
Newsletter and broad
communication with tracking
On
our website, users have the option of subscribing to our newsletter
or any notifications via various channels, such as email, SMS and web
push messages (hereinafter referred to as "newsletter").
We only send newsletters in accordance with the statutory provisions
to recipients who have consented to receiving the newsletter. We use
a selected service provider to send our newsletter.
To
subscribe to our newsletter, you must provide an e-mail address. We
may also collect additional data, such as your name, in order to
personalize our newsletter.
Our
newsletter is only sent after the double opt-in procedure has been
completed. If visitors to our website decide to subscribe to our
newsletter, they will receive a confirmation e-mail, which serves to
prevent the misuse of false e-mail addresses and to prevent the
newsletter from being sent by a simple, possibly inadvertent click.
You can unsubscribe from our newsletter at any time in the future. An
unsubscribe link (opt-out link) is included at the end of each
newsletter.
We
are also obliged to provide proof that our subscribers actually
wanted to receive the newsletter. For this purpose, we collect and
store the IP address and the time of subscription and unsubscription.
Our
newsletters are designed in such a way that it is possible for us to
gain insights into improvements, target groups or the reading
behavior of our subscribers. This enables us to use a so-called web
beacon or tracking pixel, which reacts to interactions with the
newsletter, for example whether links are clicked on, whether the
newsletter is opened at all or at what time the newsletter is read.
For technical reasons, we can assign this information to individual
subscribers.
SendGrid
| Service used: |
Twilio Inc, 375th, 645 Harrison Street 3rd Floor, San Francisco, CA 94107, USA |
| Data protection: |
https://www.twilio.com/legal/privacy |
| Legal basis: |
Consent (Art. 6 para. 1 lit. a) GDPR) |
| Guarantee third country transfer: |
EU-U.S. Data Privacy Framework |
Clever Push GmbH
| Service used: |
Clever Push GmbH, Nagelsweg 22, 20097 Hamburg, Germany |
| Data protection: |
https://cleverpush.com/de/privacy/ |
| Legal basis: |
Consent (Art. 6 para. 1 lit. a) GDPR) |
Mobivate
Contact us
On
our website, we offer the option of contacting us directly or
obtaining information via various contact options. In order to always
have an overview of contacts made with us, we use a management tool
to process corresponding inquiries.
If
you contact us, we process the data of the person making the inquiry
to the extent necessary to answer or process the inquiry. The data
processed may vary depending on how we are contacted.
| Categories of persons concerned: |
Inquiring persons |
| Data categories: |
Master data (e.g. name, address), contact data (e.g. email address, telephone number), content data (e.g. text input, photographs, videos), usage data (e.g. interests, access times), meta and communication data (e.g. device information, IP address). |
| Purposes of processing: |
Processing of inquiries, increasing efficiency |
| Legal basis: |
Consent (Art. 6 para. 1 lit. a) GDPR), fulfillment or initiation of a contract (Art. 6 para. 1 lit. b) GDPR)
|
Zendesk
Zopim
Chatbots
We
offer users the opportunity to contact us via a chat function when
visiting the website. We use a so-called chatbot for this purpose. A
chatbot is a software or cloud service that functions as a text or
voice-based dialog system and is installed on our website.
The
use of the chatbot requires users to give their consent to the
processing of their data for the purpose of answering inquiries via
the chatbot. Consent also includes the transfer of data to the
chatbot provider associated with the use of the chatbot.
Rule-based
chatbot
The
chatbot we use draws on a known question/answer catalog in order to
process user queries. Our chatbot cannot answer questions posed by
users that differ from the catalog. The chatbot helps us to process
user queries in real time. The most important search terms or topics
entered by users are stored by us in order to improve our service for
users and to expand the question/answer catalog.
Personal
data is processed when the tool provided by us is actively used. The
data processed may vary and depends on the information provided by
the user via the chat function.
At
the beginning of the conversation with the user, contact information
may be collected in order to be able to assign any inquiry to a
specific customer or user and, under certain circumstances, to
forward it to an internal employee for a final response to a user
inquiry.
All
data and contents of communication are transmitted and stored in
encrypted form.
Statistics
and customer insights
The
chatbot provides us with anonymous statistics via the dashboard,
which tells us how quickly and satisfactorily inquiries were answered
and which questions, topics and concerns are particularly relevant.
The statistics cannot be assigned to a specific user or person at any
time.
| Data categories |
Content data (e.g. text input), usage data (e.g. interests, access times), meta and communication data (e.g. device information, IP addresses), location data if applicable, master data if applicable (e.g. name, address), contact data if applicable (e.g. email address) |
| Purposes of processing |
Automation of customer communication for efficient processing of inquiries, increasing customer satisfaction through quick responses, improving customer service, saving time and costs, relieving employees, constant availability |
| Legal basis: |
Consent (Art. 6 para. 1 lit. a) GDPR) |
Zopim
Registration and verification
We
offer the option of creating a user account on our website. As part
of the registration process, we collect the necessary data from
interested visitors that we need to provide a user account.
If
visitors to our website decide to register, they will receive an
e-mail which must be confirmed and which serves to prevent the misuse
of false e-mail addresses.
To
protect the use of the internal area, we collect IP addresses and the
time of access to prevent misuse of a user account and unauthorized
use. We do not pass this data on to third parties unless this is
necessary to pursue our claims or we are legally obliged to do so.
In
order to complete the registration process, we are legally obliged to
carry out a verification process to check whether the information you
have provided is correct. For this purpose, we use service providers
who carry out the corresponding query for us or offer the possibility
of automatic identification in real time.
In
addition, no later than one year after completion of registration and
then once a year, the customer's identity will be verified not only
by a password but also by an additional authentication method.
Authentication
serves to ensure that only the identified and age-checked person is
granted access to closed user groups and is intended to make it more
difficult to pass on access authorizations to unauthorized third
parties. We use two-factor authentication via SMS, in which a
multi-digit numerical code is sent by SMS to the cell phone number
stored in the user account.
| Categories of affected persons |
registered users |
| Data categories |
Master data (e.g. name, address, date of birth), contact data (e.g. e-mail address, telephone number), login data (user name and password), meta and communication data (e.g. device information, IP addresses), usage data (e.g. websites visited, interests, access times), bank data (e.g. payment institution, bank details), ID data (e.g. picture, ID card, passport, nationality, place of birth, gender)
|
| Purposes of processing |
Simplification of the website function, contract fulfillment, customer loyalty |
| Legal basis |
Consent (Art. 6 para. 1 lit. a) GDPR), Art. 6 para. 1 lit. c) GDPR |
Insic ID procedure
Insic manual ID and document check
IDENTT Vision
SCHUFA IdentityCheck (Premium) with SCHUFA birth data check
TOLERANT PEP
GBG
Loqate Capture
WebID identification
and verification service
Credit check
In
connection with the increase in the betting limit above €1000, an
automated check is carried out via SCHUFA for reasons of player
protection (in particular to check financial capacity), in accordance
with the specifications in our license notice, based primarily on the
GlüStV.
SCHUFA
requires the user's personal master data (name, date of birth,
address) in order to determine the player. For the SCHUFA credit
check, the registration data verified by Schufa Identitätscheck
Premium or by means of an ID check is used. In the next step, SCHUFA
sends us the so-called G information so that we can grant users with
a sufficiently high score an increase in the betting limit.
In
addition, we are obliged to check the user's financial capacity by
means of digital account analysis via the connection to the automated
finAPI check via the service provider finAPI GmbH. In this context,
we reserve the right to check individual documents - such as account
statements or similar - manually.
Manual
ID and document verification is carried out by the service provider
insic GmbH. Once the user has uploaded the relevant documents, our
customer service team will receive an email requesting them to
manually check and approve the (ID) document provided by the user.
| Data categories |
Master data (e.g. name, address, date of birth), payment data if applicable (e.g. bank details, invoices, payment history, contract data (e.g. subject matter of contract, term), creditworthiness data |
| Purposes of processing |
Avoidance of payment defaults and reduction of the default rate of payments, reduction of our credit risk
Legal basis: Legitimate interests (Art. 6 para. 1 lit. f) GDPR) |
| Legal basis |
Legitimate interests (Art. 6 para. 1 lit. f) GDPR) |
| Legitimate interests |
Economic security, protection against payment defaults, reduction of creditor risk, profit realization |
SCHUFA G information
Insic manual ID and document check
Content
Delivery Network
We
use a so-called Content Delivery Network (CDN) on our website. The
CDN provides protective functions for the website, such as a web
application firewall. The data transfer between your browser and our
server runs via the upstream infrastructure of Cloudflare and is
analyzed there to ward off attacks.
| Categories of data subjects |
Website visitors |
| Data categories |
Usage data (e.g. websites visited, interests, access time), Meta and communication data (e.g. device information, IP address), Contact data (e.g. e-mail address, telephone number), Master data (e.g. name, address) |
| Purposes of processing |
Website visitorsDesigning our online offering, increasing the reach of advertisements in social media, sharing posts and content, interest-based and behavior-based marketing, cross-device trackingtd>
|
| Legal basis |
Legitimate interests (Art. 6 para. 1 lit. f) GDPR) |
| Legitimate interests |
Secure use of the website, protection against external attacks
|
Cloudflare
| Service used |
Cloudflare, Inc, 101 Townsend St., San Francisco, CA 94107, USA |
| Data protection |
https://www.cloudflare.com/de-de/privacypolicy/
|
| Legal basis |
Legitimate interests (Art. 6 (1) (f) GDPR)
Guarantee third country transfer: EU-U.S. Data Privacy Framework |
Player
protection
In
connection with our player protection measures, we are also legally
obliged to compare data with nationwide files, such as the OASIS
central blocking file or the cross-state gambling supervision system
(LUGAS) for online gambling. For this purpose, we transmit certain
data to the legally responsible authorities in order to ensure player
protection across all forms of gambling.
As
part of the registration process, we are legally obliged to request
the blocking status from the central blocking file OASIS before each
login and before registering for the newsletter.
In
addition, we are obliged to transmit the deposit limit set by us, as
well as deposits made, to the competent authority for the operation
of the limit file and the activity file, so that the cross-provider
deposit limit is not exceeded and parallel play with several gambling
providers is not possible.
Furthermore,
we store your game history on a so-called "safe server" in
accordance with legal requirements and provide you with all relevant
information about your game history.
In
addition, we are legally obliged to implement a system for the early
detection of players at risk of gambling addiction and gambling
addiction. We use the service provider Neccton to fulfill this
obligation.
| Categories of data subjects |
registered users, newsletter subscribers |
| Data categories |
Name, date of birth, blocking status, payment data (deposits, deposit limit), gaming history
|
| Purposes of the processing |
Fulfillment of legal obligations |
| Legal basis |
Art. 6 para. 1 lit. c) GDPR |
Neccton
OASIS
LUGAS
Data transmission
We
transmit the personal data of visitors to our online offering for
internal purposes (e.g. for internal administration or to the HR
department in order to comply with legal or contractual obligations).
The internal transfer or disclosure of data only takes place to the
extent necessary in compliance with the relevant data protection
regulations.
We
are part of a group of companies headquartered in Germany. The data
of visitors to our online offering is stored in our centralized
customer database in Germany in compliance with the relevant data
protection regulations and is processed within the network for
internal administrative purposes. Processing beyond administrative
purposes does not take place.
|
Legal basis
|
Legitimate interests (Art. 6 (1) (f) GDPR)
|
|
Legitimate interests
|
So-called small group privilege, centralized management and administration within the company to exploit synergy effects, cost savings, increased effectiveness
|
|
Recipient
|
Kling Automaten GmbH
|
It may be necessary for us to disclose personal data in order to
perform contracts or to fulfill a legal obligation. If we are not
provided with the data required in this respect, it may not be
possible to conclude the contract with the data subject.
We
transfer data to countries outside the EEA (so-called third
countries). This is done on the basis of the above-mentioned purposes
to the listed recipients. The transfer only takes place to fulfill
our contractual and legal obligations or on the basis of the data
subject's prior consent.
In
the event that we transfer data to a country outside the EEA for
processing, we ensure that the processing is legally permissible in
the manner we intend. In this case, we have concluded standard data
protection clauses including a separate regulation of suitable
technical and organizational measures in order to protect the data of
data subjects in the best possible way. In the event of a transfer to
a third country, we have linked the guarantees used directly in the
description of the service used.
Storage duration
We
generally store the data of visitors to our online offering for as
long as is necessary to provide our service or if this has been
provided for by the European legislator or another legislator in laws
or regulations to which we are subject. In all other cases, we delete
the personal data after the purpose has been fulfilled, with the
exception of data that we must continue to store in order to fulfill
legal obligations (e.g. we are obliged to retain documents such as
contracts and invoices for a certain period of time due to retention
periods under tax and commercial law).
Automated decision
making
We
do not use automated decision-making or profiling in accordance with
Art. 22 GDPR.
Legal basis
The
relevant legal bases are primarily derived from the GDPR. These are
supplemented by national laws of the member states and may be
applicable together with or in addition to the GDPR.
|
Consent
|
Art. 6 para.1 lit. a) GDPR serves as the legal basis for processing operations for which we have obtained consent for a specific processing purpose.
|
|
Performance of a contract
|
Art. 6 para. 1 lit. b) GDPR serves as the legal basis for processing operations necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.
|
|
Legal obligation
|
Art. 6 para. 1 lit. c) GDPR serves as the legal basis for processing operations which are necessary for compliance with a legal obligation.
|
|
Vital interests
|
Art. 6 para. 1 lit. d) GDPR serves as the legal basis if the processing is necessary to protect the vital interests of the data subject or another natural person.
|
|
Public interest
|
Art. 6 para. 1 lit. e) GDPR serves as the legal basis for processing operations that are necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller
|
|
Legitimate interest
|
Art. 6 para. 1 lit. f) GDPR serves as the legal basis for processing that is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.
|
Rights of data
subjects
|
Right to information
|
Pursuant to Art. 15 GDPR, data subjects have the right to request confirmation as to whether we are processing data concerning them. They can request information about this data as well as the further information listed in Art. 15 para. 1 GDPR and a copy of their data.
|
|
Right to rectification
|
Pursuant to Art. 16 GDPR, data subjects have the right to request the rectification or completion of data concerning them and processed by us.
|
|
Right to erasure
|
Data subjects have the right pursuant to Art. 17 GDPR to demand the erasure of data concerning them without undue delay. Alternatively, they can request that we restrict the processing of their data in accordance with Art. 18 GDPR.
|
|
Right to data portability
|
Pursuant to Art. 20 GDPR, data subjects have the right to request the provision of the data they have provided to us and to request its transfer to another controller.
|
|
Right to lodge a complaint
|
Data subjects also have the right to lodge a complaint with the supervisory authority responsible for them in accordance with Art. 77 GDPR.
|
|
Right to object
|
If personal data is processed on the basis of legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f) GDPR, data subjects have the right to object to the processing of their personal data in accordance with Art. 21 GDPR, provided that there are reasons for this arising from their particular situation or the objection is directed against direct advertising. In the latter case, data subjects have a general right to object, which is implemented by us without specifying a particular situation.
|
Revocation
Some
data processing operations are only possible with the express consent
of the data subject. You have the option of withdrawing consent that
you have already given at any time. All you need to do is send us an
informal message or email to datenschutz@jokerstar.de. The legality
of the data processing carried out until the revocation remains
unaffected by the revocation.
External links
Our
website contains links to the online offers of other providers. We
hereby point out that we have no influence on the content of the
linked online offers and the compliance with data protection
regulations by their providers.
Changes
We
reserve the right to adapt this data protection information at any
time in the event of changes to our online offer and in compliance
with the applicable data protection regulations so that it complies
with the legal requirements.
This privacy policy was created by
of DDSK GmbH