Privacy Policy Minit Games

 

We — Minit Games (“Minit” or “we”) — would like to inform you about how we process your personal data in accordance with the General Data Protection Regulation (“GDPR”).

Our data protection information is structured in a modular fashion. It consists of general information for all processing of personal data and processing situations (1.) and specific information, the content of which only refers to the processing situation specified there (2. ff.). To find the sections relevant to you, please refer to the following outline:

1.       General information

2.       Supplementary information for data processing when visiting the website

3.       Additional information for applicants



 

1. General information


 

1.1 Data protection officer

The controller within the meaning of the GDPR and other national data protection laws of the member states as well as other data protection regulations is

Drop GmbH

Nobistor 16, 22767 Hamburg

Email: [email protected]

Website: www.minit.games


1.2 Legal basis for the processing of personal data

We process some of your personal data on the basis of the following legal grounds:


1.2.1 Consent of the data subject

Insofar as we obtain the consent of the data subject for a specific purpose, Art. 6 (1) (a) GDPR is the legal basis.


1.2.2 Fulfillment of contractual obligations

Where processing is necessary for the performance of a contract to which you are party, the legal basis is Art. 6 (1) (b) GDPR. This also applies to processing operations that are necessary for the implementation of pre-contractual measures.


1.2.3 Legal requirements and obligations

Insofar as processing is necessary for compliance with a legal obligation to which we are subject, Art. 6 (1) (c) GDPR is the legal basis.


1.2.4 Safeguarding legitimate interests

Insofar as processing is necessary to safeguard our legitimate interests or those of a third party and your interests, fundamental rights, and freedoms do not outweigh the former interest, Art. 6 (1) (f) GDPR is the legal basis.


1.3 Storage period and deletion of personal data

Personal data will be deleted or blocked as soon as there is no longer a legal basis for processing it.


1.4 Recipients of personal data

Internally, only those departments that need personal data to fulfill their processing purposes process it. This also applies to the processors, service providers, and vicarious agents we employ. All departments and persons who work with personal data are bound to data secrecy and instructed to handle such data sensitively.

Personal data will only be passed on to third parties if this is in accordance with data protection regulations. In particular, persons employed to carry out our business operations (e.g., banks, tax advisors, service providers for EDP and IT services) as well as government agencies/authorities may receive your personal data if this is necessary to fulfill a legal obligation.


1.5 Data processing in third countries

Our services may require the processing of personal data in countries outside the EU/EEA (“third countries”) by our processors. If personal data is processed and the country does not have a level of data protection that meets European standards, as confirmed by an adequacy decision pursuant to Art. 45 (3) GDPR by the EU Commission, we have concluded EU standard contractual clauses with the data processors concerned in order to establish appropriate safeguards within the meaning of Art. 46 GDPR. A copy of the EU standard contractual clauses can be found here: https://eur-lex.europa.eu/legal-content/DE/TXT/PDF/?uri=CELEX:32021D0914&from=DE

We will indicate below if processing takes place in a third country.


1.6 Rights of data subjects

If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis us as the controller:


1.6.1 Right to information

In accordance with Art. 15 GDPR, you have the right to request information about the personal data we process. In particular, you can


    • information about the purposes of processing,


    • the category of data,


    • the categories of recipients to whom your data has been or will be disclosed, and information on whether the personal data is transferred to a third country or to an international organization (in this context, you may request to be informed of the appropriate safeguards pursuant to Art. 46 GDPR),


    • the planned storage period,


    • the existence of a right to rectification, erasure, restriction of processing, or objection,


    • the existence of a right to lodge a complaint, the origin of your data, if it was not collected by us,


    • and the existence of automated decision-making, including profiling, pursuant to Art. 22 (1) and (4) GDPR and, at least in these cases, meaningful information about the logic involved, as well as the significance and intended effects of such processing for the data subject.


1.6.2 Right to rectification

In accordance with Art. 16 GDPR, you have the right to rectify and/or complete your personal data if it is inaccurate or incomplete. We must make the rectification without delay.


1.6.3 Right to restriction of processing

Pursuant to Art. 18 GDPR, you have the right to request the restriction of the processing of your data if you dispute the accuracy of the data or if the processing is unlawful.

If the restriction of processing has been restricted, we will inform you before the restriction is lifted.


1.6.4 Right to erasure

Pursuant to Art. 17 GDPR, you have the right to erasure of your personal data, unless the processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise, or defense of legal claims.


1.6.5 Right to notification

If you have asserted your right to rectification, erasure, or restriction of processing against us, we are obliged to notify all recipients to whom the personal data has been disclosed of the rectification, erasure of the personal data, or restriction of processing, unless this proves impossible or involves disproportionate effort.


1.6.6 Right to data portability

In accordance with Art. 20 GDPR, you have the right to receive your personal data that you have provided to us in a structured, commonly used, and machine-readable format or to request that it be transferred to another controller.


1.6.7 Right to object

In accordance with Art. 21 GDPR, you have the right to object to the processing if the processing is based on Art. 6 (1) (e) or (f) GDPR.


1.6.8 Right to revoke your declaration of consent under data protection law

Pursuant to Art. 7 (3) GDPR, you have the right to withdraw your declaration of consent under data protection law at any time. The withdrawal of consent does not affect the lawfulness of the processing carried out on the basis of the consent until withdrawal.


1.6.9 Right to lodge a complaint with a supervisory authority

Pursuant to Art. 77 GDPR, you have the right to complain to a data protection supervisory authority about our processing of your personal data.


 

2. Additional information on data processing when visiting the website

We are responsible for our website www.minit.games and its subpages (“website”). Personal data is processed when you use our website. Below, we provide detailed information about the data processing that takes place.


2.1 Provision of the website and creation of log files

When you visit our website, we automatically collect data and information from the user’s device (so-called log files).


2.1.1 Information & duration of processing

The following information is processed when you visit our website:


    • Information about the browser type and version used


    • The operating system of the device


    • Referrer URL


    • Date and time of the server request


    • IP address (anonymized after 24 hours)


    • Website visited


    • Data volume in bytes


    • Access log files


    • Error log files

The log files are deleted within fourteen days at the latest.


2.1.2 Purpose of processing & legal basis

The data is required to display the website on the user’s device, to ensure its functionality, and to analyze any malfunctions. In addition, uses the data to optimize the website and to ensure the security of our information technology systems.

The legal basis is Art. 6 (1) (f) GDPR. The collection of log files is essential for the operation of the website. Consequently, there is no possibility for the user to object.


2.2 Processors

To provide our website, we use the service of Amazon Web Services EMEA SARL, 38 Avenue John F. Kennedy, L-1855, Luxembourg with whom we have concluded a data processing agreement and who processes personal data exclusively on our behalf.


2.3 Use of cookies

We do not use cookies on our website.


 

3 Additional information for applicants

The following additional information applies to you if you apply for a position with us.


3.1 Processed information & duration of processing

We process the personal data that we receive from you through your application.

The personal data will be deleted after six months if no employment relationship is established. If an employment relationship is established, the data will be further processed for this purpose.


3.2 Purpose of processing & legal basis

We collect and process the personal data of applicants for the purpose of handling the application process.


The legal basis for the processing of personal data is § 26 BDSG (Federal Data Protection Act). If we conclude an employment contract with you, the data transmitted will be further processed for the purpose of handling the employment relationship; in this case, the legal basis remains § 26 BDSG in particular. If no employment contract is concluded, the application documents will be deleted, provided that no other legitimate interests of the controller prevent deletion. Other legitimate interests in this sense include, for example, the burden of proof in proceedings under the General Equal Treatment Act (AGG).