Privacy Policy for Mobile Apps

Effective Date: 03/01/2021
Applicable To The Following Mobile Applications:

Drunk ‘n’ Master – Drinking Game for fun evenings

Smoke ‘n’ Stoner – Social game for fun evenings

 

Link to the Privacy Policy for the app:

Drug Quiz – Test your Drug Knowledge (Online Quiz) 

Personal data (usually referred to just as “data” below) will only be processed by us to the extent necessary and for the purpose of providing a functional and user-friendly website, including its contents, and the services offered there.

Per Art. 4 No. 1 of Regulation (EU) 2016/679, i.e. the General Data Protection Regulation (hereinafter referred to as the “GDPR”), “processing” refers to any operation or set of operations such as collection, recording, organization, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment, or combination, restriction, erasure, or destruction performed on personal data, whether by automated means or not.

The following privacy policy is intended to inform you in particular about the type, scope, purpose, duration, and legal basis for the processing of such data either under our own control or in conjunction with others. We also inform you below about the third-party components we use to optimize our website and improve the user experience which may result in said third parties also processing data they collect and control.

Our privacy policy is structured as follows:

I. Information about us as controllers of your data
II. Information about the data processing
III. The rights of the users
IV. Further information about the collection and processing of data

I. Information about us as controllers of your data

Responsible provider of this website in the sense of data protection law is:

GbR mit Haug/Werner
Weiherweg 4a
89431 Baechingen
Germany

Telephone: +49 (0) 152 – 55304363

Email: info@candyflip-play.com

II. Information about the data processing

Your data processed during the use of our website will be deleted or blocked as soon as the purpose of the storage no longer applies, the deletion of the data does not conflict with any statutory retention obligations and no other information is provided below on individual processing procedures.

Contract Processing
Hosting and Backend Infrastructure
Firebase
Firebase Hosting
Firebase Cloud Firestore
Firebase InApp Messaging
Google Analytics
Google AdSense
Appodeal

Contract processing

The data provided by you in order to make use of our range of goods and/or services will be processed by us for the purpose of processing the contract and are necessary to this extent. Conclusion and processing of the contract are not possible without the provision of your data.
The legal basis for the processing is Art. 6 para. 1 lit. b) GDPR.

We delete the data with complete contract execution, but must observe the retention periods under tax and commercial law.
In the context of contract processing, we pass on your data to the transport company commissioned with the delivery of goods or to the financial service provider, insofar as the transfer is necessary for the delivery of goods or for payment purposes.
The legal basis for the transfer of data is then Art. 6 para. 1 lit. b) GDPR

Hosting and backend infrastructure

The purpose of these types of services is to host data and files so that this application can be managed and used. Furthermore, these services may provide a pre-built infrastructure that handles specific functions or entire components for this application.
Some of these services operate with geographically distributed servers, making it difficult to determine where personal data is stored.

Firebase (Firebase, Inc.)

Firebase is a web hosting and backend service provided by Google Inc.
 
Personal data processed: various types of data, as described in the privacy policy of the service.
 
Processing location: USA – Privacy Policy.

Firebase Hosting (Firebase, Inc.).

Firebase Hosting is a web hosting service provided by Google LLC or by Google Ireland Limited, depending on the location from which this application is accessed.

Personal data processed: various types of data, as described in the privacy policy of the service.

Processing location: USA – Privacy Policy.

Firebase Cloud Firestore.

Firebase Cloud Firestore is a web hosting and backend service provided by Google LLC or by Google Ireland Limited, depending on the location from which this application is accessed.

Personal Data Processed: Usage data; various types of data as described in the service’s privacy policy.

Processing location: United States – privacy policy; Ireland – privacy policy.

Firebase inApp Messaging

Firebase inApp Messaging is a messaging service provided by Google LLC or by Google Ireland Limited, depending on the location from which this application is accessed. Firebase Cloud Messaging allows the owner to send messages and notifications to users via platforms such as Android, iOS, and the web. Messages can be sent to individual devices, groups of devices, on specific topics, or to specific user segments.

Personal Data Processed: various types of data as described in the Service’s Privacy Policy.

Processing Location: United States – Privacy Policy; Ireland – Privacy Policy.

Google Analytics

The services listed in this section allow the Owner to monitor and analyze traffic and track user behavior.

Google Analytics with IP anonymization (Google Inc.).

In our app, we use Google Analytics. This is a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, hereinafter only referred to as “Google”.
The Google Analytics service is used to analyze the usage behavior of our app. The legal basis is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest lies in the analysis, optimization and economic operation of our app.
Usage and user-related information, such as IP address, location, time or frequency of visits to our website, is transferred to a Google server in the USA and stored there. However, we use Google Analytics with the so-called anonymization function. Through this function, Google already shortens the IP address within the EU or EEA.

The data collected in this way is in turn used by Google to provide us with an evaluation of the visit to our website and the usage activities there. This data may also be used to provide other services related to the use of our website and the use of the Internet.

Google states that it will not associate your IP address with any other data. In addition, Google keeps a record of your IP address at

https://www.google.com/intl/de/policies/privacy/partners


Google provides you with further information on data protection law, for example on the possibilities of preventing the use of data.
Google also offers an opt-out function, which is activated by default in the app. This means that the app has already activated IP anonymization when it is started for the first time. However, this setting can be changed in the settings if desired.

However, this does not prevent information from being transmitted to us or to other web analytics services. If and which other web analytics services are used by us, you will of course also find out in this privacy policy.

Personal data processed: Cookie; Usage data.

Processing location: USA – Privacy PolicyOpt Out.

Google AdSense 

In our mobile app, we use Google AdSense for marketing. This is a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, hereinafter referred to as “Google”.

Through Google AdSense, cookies as well as so-called web beacons are stored on your end device via your internet browser. This enables Google to analyze how you use our website. The information collected in this way, along with your IP address and the advertising formats displayed to you, is transferred to Google in the USA and stored there. Furthermore, Google may pass this information on to contractual partners. However, Google declares that your IP address would not be merged with other data of yours.
The legal basis is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest lies in the analysis, optimization and economic operation of our website.

If you do not agree to this processing, you have the option of preventing the installation of cookies by making the appropriate settings in your Internet browser. Details on this can be found above under the item “Cookies”.
In addition, Google offers a cookie service at

https://policies.google.com/privacy

https://adssettings.google.com/authenticated

for further information, in particular on the options for preventing the use of data.

Google AdSense privacy policy

Appodeal

In our mobile app, we use Appodeal to integrate advertisements. This is a service of © 2021 Appodeal Inc. 611 Mission Street, San Francisco, CA 94105, USA, hereinafter referred to as “Appodeal”.

No personal data is stored by Appodeal. This service is only used to display non-personal advertising in our app.

For further information, in particular on the options for preventing the use of data.

Appodeal privacy policy

III. The rights of the users

Users may exercise certain rights with respect to their data processed by the Provider.
In particular, users have the right to do the following:

  • Revoke the consents at any time. If the User has previously consented to the processing of personal data, they may revoke their own consent at any time.
  • Object to the processing of their data. The user has the right to object to the processing of their data if the processing is based on a legal basis other than consent. Further information on this is provided below.
  • Receive information regarding their data. The user has the right to know whether the data is being processed by the provider, to receive information about individual aspects of the processing and to obtain a copy of the data.
  • To have the data checked and corrected. The user has the right to check the accuracy of their data and request that it be updated or corrected.
  • Request restriction of the processing of their data. Users have the right to restrict the processing of their data under certain circumstances. In this case, the Provider will not process the data for any purpose other than storage.
  • Request deletion or other removal of personal data. Users have the right, under certain circumstances, to request that their data be erased by the Provider.
  • Receive their data and have it transferred to another responsible party. Users have the right to receive their data in a structured, common and machine-readable format and, if technically possible, to have it transferred to another controller without hindrance. This provision is applicable if the data is processed by automated means and the processing is based on the user’s consent, on a contract to which the user is party, or on pre-contractual obligations.
  • Filing a complaint. Users have the right to file a complaint with the competent supervisory authority.

Details on the right to object regarding processing.

If personal data are processed in the public interest, in the exercise of a sovereign power conferred on the Provider or to safeguard the Provider’s legitimate interests, the User may object to such processing by providing a justification ground that relates to their particular situation.
Users are informed that they may object to the processing of personal data for direct marketing at any time without giving reasons. Users can find out whether the Provider processes personal data for direct marketing purposes in the relevant sections of this document.

How the rights can be exercised

All requests to exercise the User Rights may be addressed to the Provider via the contact details provided in this document. Requests can be exercised free of charge and will be processed by the Provider as soon as possible, at the latest within one month.

IV. Further information about the collection and processing of data

Access of the app to personal data and other apps.
Access permissions:

 

<uses-permission android:name=”android.permission.INTERNET” />

android.permission.INTERNET is a permission required by apps that access the Internet in some form. To enable for example inApp messaging, it needs this permission.
The legal basis for the collection of your input data and usage data during your use of the app is Art. 6 para. 1 lit. b) GDPR.

 

<uses-permission android:name=”android.permission.ACCESS_NETWORK_STATE” />
<uses-permission android:name=”android.permission.ACCESS_WIFI_STATE” />

These permissions are required for the Appodeal service. This makes it possible to display advertisements in the app. No data / IP addresses are stored by us in this case. To get more information about this, please have a look at the privacy policy of Appodeal

 

The legal basis for the collection of your input data and usage data during your use of the app is Art. 6 para. 1 lit. b) GDPR.

The processing of your Functional Data to ensure the general usability, system security and system stability of our services is based on Art. 6 para. 1 lit. b) GDPR.

Sample privacy policy of the law firm Weiß & Partner

Privacy Policy for Mobile Apps

Effective Date: 03/01/2021
Applicable To The Following Mobile Applications:

Drunk ‘n’ Master – Drinking Game for fun evenings

Smoke ‘n’ Stoner – Social game for fun evenings

Personal data (usually referred to just as “data” below) will only be processed by us to the extent necessary and for the purpose of providing a functional and user-friendly website, including its contents, and the services offered there.

Per Art. 4 No. 1 of Regulation (EU) 2016/679, i.e. the General Data Protection Regulation (hereinafter referred to as the “GDPR”), “processing” refers to any operation or set of operations such as collection, recording, organization, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment, or combination, restriction, erasure, or destruction performed on personal data, whether by automated means or not.

The following privacy policy is intended to inform you in particular about the type, scope, purpose, duration, and legal basis for the processing of such data either under our own control or in conjunction with others. We also inform you below about the third-party components we use to optimize our website and improve the user experience which may result in said third parties also processing data they collect and control.

Our privacy policy is structured as follows:

I. Information about us as controllers of your data
II. Information about the data processing
III. The rights of the users
IV. Further information about the collection and processing of data

I. Information about us as controllers of your data

Responsible provider of this website in the sense of data protection law is:

GbR mit Haug/Werner
Weiherweg 4a
89431 Baechingen
Germany

Telephone: +49 (0) 152 – 55304363

Email: info@candyflip-play.com

II. Information about the data processing

Your data processed during the use of our website will be deleted or blocked as soon as the purpose of the storage no longer applies, the deletion of the data does not conflict with any statutory retention obligations and no other information is provided below on individual processing procedures.

Contract Processing
Hosting and Backend Infrastructure
Firebase
Firebase Hosting
Firebase Cloud Firestore
Firebase InApp Messaging
Google Analytics
Google AdSense
Appodeal

Contract processing

The data provided by you in order to make use of our range of goods and/or services will be processed by us for the purpose of processing the contract and are necessary to this extent. Conclusion and processing of the contract are not possible without the provision of your data.
The legal basis for the processing is Art. 6 para. 1 lit. b) GDPR.

We delete the data with complete contract execution, but must observe the retention periods under tax and commercial law.
In the context of contract processing, we pass on your data to the transport company commissioned with the delivery of goods or to the financial service provider, insofar as the transfer is necessary for the delivery of goods or for payment purposes.
The legal basis for the transfer of data is then Art. 6 para. 1 lit. b) GDPR

Hosting and backend infrastructure

The purpose of these types of services is to host data and files so that this application can be managed and used. Furthermore, these services may provide a pre-built infrastructure that handles specific functions or entire components for this application.
Some of these services operate with geographically distributed servers, making it difficult to determine where personal data is stored.

Firebase (Firebase, Inc.)

Firebase is a web hosting and backend service provided by Google Inc.
 
Personal data processed: various types of data, as described in the privacy policy of the service.
 
Processing location: USA – Privacy Policy.

Firebase Hosting (Firebase, Inc.).

Firebase Hosting is a web hosting service provided by Google LLC or by Google Ireland Limited, depending on the location from which this application is accessed.

Personal data processed: various types of data, as described in the privacy policy of the service.

Processing location: USA – Privacy Policy.

Firebase Cloud Firestore.

Firebase Cloud Firestore is a web hosting and backend service provided by Google LLC or by Google Ireland Limited, depending on the location from which this application is accessed.

Personal Data Processed: Usage data; various types of data as described in the service’s privacy policy.

Processing location: United States – privacy policy; Ireland – privacy policy.

Firebase inApp Messaging

Firebase inApp Messaging is a messaging service provided by Google LLC or by Google Ireland Limited, depending on the location from which this application is accessed. Firebase Cloud Messaging allows the owner to send messages and notifications to users via platforms such as Android, iOS, and the web. Messages can be sent to individual devices, groups of devices, on specific topics, or to specific user segments.

Personal Data Processed: various types of data as described in the Service’s Privacy Policy.

Processing Location: United States – Privacy Policy; Ireland – Privacy Policy.

Google Analytics

The services listed in this section allow the Owner to monitor and analyze traffic and track user behavior.

Google Analytics with IP anonymization (Google Inc.).

In our app, we use Google Analytics. This is a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, hereinafter only referred to as “Google”.
The Google Analytics service is used to analyze the usage behavior of our app. The legal basis is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest lies in the analysis, optimization and economic operation of our app.
Usage and user-related information, such as IP address, location, time or frequency of visits to our website, is transferred to a Google server in the USA and stored there. However, we use Google Analytics with the so-called anonymization function. Through this function, Google already shortens the IP address within the EU or EEA.

The data collected in this way is in turn used by Google to provide us with an evaluation of the visit to our website and the usage activities there. This data may also be used to provide other services related to the use of our website and the use of the Internet.

Google states that it will not associate your IP address with any other data. In addition, Google keeps a record of your IP address at

https://www.google.com/intl/de/policies/privacy/partners


Google provides you with further information on data protection law, for example on the possibilities of preventing the use of data.
Google also offers an opt-out function, which is activated by default in the app. This means that the app has already activated IP anonymization when it is started for the first time. However, this setting can be changed in the settings if desired.

However, this does not prevent information from being transmitted to us or to other web analytics services. If and which other web analytics services are used by us, you will of course also find out in this privacy policy.

Personal data processed: Cookie; Usage data.

Processing location: USA – Privacy PolicyOpt Out.

Google AdSense 

In our mobile app, we use Google AdSense for marketing. This is a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, hereinafter referred to as “Google”.

Through Google AdSense, cookies as well as so-called web beacons are stored on your end device via your internet browser. This enables Google to analyze how you use our website. The information collected in this way, along with your IP address and the advertising formats displayed to you, is transferred to Google in the USA and stored there. Furthermore, Google may pass this information on to contractual partners. However, Google declares that your IP address would not be merged with other data of yours.
The legal basis is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest lies in the analysis, optimization and economic operation of our website.

If you do not agree to this processing, you have the option of preventing the installation of cookies by making the appropriate settings in your Internet browser. Details on this can be found above under the item “Cookies”.
In addition, Google offers a cookie service at

https://policies.google.com/privacy

https://adssettings.google.com/authenticated

for further information, in particular on the options for preventing the use of data.

Google AdSense privacy policy

Appodeal

In our mobile app, we use Appodeal to integrate advertisements. This is a service of © 2021 Appodeal Inc. 611 Mission Street, San Francisco, CA 94105, USA, hereinafter referred to as “Appodeal”.

No personal data is stored by Appodeal. This service is only used to display non-personal advertising in our app.

For further information, in particular on the options for preventing the use of data.

Appodeal privacy policy

III. The rights of the users

Users may exercise certain rights with respect to their data processed by the Provider.
In particular, users have the right to do the following:

  • Revoke the consents at any time. If the User has previously consented to the processing of personal data, they may revoke their own consent at any time.
  • Object to the processing of their data. The user has the right to object to the processing of their data if the processing is based on a legal basis other than consent. Further information on this is provided below.
  • Receive information regarding their data. The user has the right to know whether the data is being processed by the provider, to receive information about individual aspects of the processing and to obtain a copy of the data.
  • To have the data checked and corrected. The user has the right to check the accuracy of their data and request that it be updated or corrected.
  • Request restriction of the processing of their data. Users have the right to restrict the processing of their data under certain circumstances. In this case, the Provider will not process the data for any purpose other than storage.
  • Request deletion or other removal of personal data. Users have the right, under certain circumstances, to request that their data be erased by the Provider.
  • Receive their data and have it transferred to another responsible party. Users have the right to receive their data in a structured, common and machine-readable format and, if technically possible, to have it transferred to another controller without hindrance. This provision is applicable if the data is processed by automated means and the processing is based on the user’s consent, on a contract to which the user is party, or on pre-contractual obligations.
  • Filing a complaint. Users have the right to file a complaint with the competent supervisory authority.

Details on the right to object regarding processing.

If personal data are processed in the public interest, in the exercise of a sovereign power conferred on the Provider or to safeguard the Provider’s legitimate interests, the User may object to such processing by providing a justification ground that relates to their particular situation.
Users are informed that they may object to the processing of personal data for direct marketing at any time without giving reasons. Users can find out whether the Provider processes personal data for direct marketing purposes in the relevant sections of this document.

How the rights can be exercised

All requests to exercise the User Rights may be addressed to the Provider via the contact details provided in this document. Requests can be exercised free of charge and will be processed by the Provider as soon as possible, at the latest within one month.

IV. Further information about the collection and processing of data

Access of the app to personal data and other apps.
Access permissions:

<uses-permission android:name=”android.permission.INTERNET” />

android.permission.INTERNET is a permission required by apps that access the Internet in some form. To enable inApp messaging, it needs this permission. In addition, we count anonymous game calls anonymously to improve the experience. Only the call of the inGame game is counted, but not data about the user, smartphone or the like.
The legal basis for the collection of your input data and usage data during your use of the app Drunk ‘n’ Master is Art. 6 para. 1 lit. b) GDPR.

The processing of your Functional Data to ensure the general usability, system security and system stability of our services is based on Art. 6 para. 1 lit. b) GDPR.

Sample privacy policy of the law firm Weiß & Partner

en_USEnglish