Language:
Imprint / Terms & Conditions / Privacy Policy

I. Imprint:
upjers GmbH

Managing director authorized to represent: Mirko Marschalek
Address: Hafenstrasse 13, 96052 Bamberg, Germany

E-Mail: mail@upjers.com (no support)
Tel.: +49 (0)951/5109080 (no support)
Fax: +49 (0)951/510908102 (no support)

Should you have questions or problems, please contact our support team via support@upjers.com
Court of Registry: Local Court of Bamberg
Trade Register Number: HRB 5558

VAT ID: DE275673923

Data Privacy Officer:

Frank Trautwein
E-Mail: datenschutzbeauftragter@upjers.com

Youth Protection Officer:

Dr. Andreas Lober, attorney
E-Mail: jugendschutzbeauftragter@upjers.com

upjers GmbH is a member of USK online, a division of Unterhaltungssoftware Selbstkontrolle GmbH (Entertainment Software Self-Regulation Body)

Note: On http://ec.europa.eu/consumers/odr the European Commission places at your disposal a platform for online dispute resolutions. Consumers can use this platform in order to settle disputes. upjers is not obliged to participate in dispute resolution proceedings before a consumer arbitration service. upjers will not participate in such proceedings.


II. Terms & Conditions
§ 1 Scope, Conclusion of contract
(1) The general terms and conditions govern the relationship between upjers GmbH, Hafenstraße 13, 96052 Bamberg, Germany (provider) and the users (users) of their electronic entertainment offers (services). Terms of use provided by the user will only become part of the contract if the provider expressly agrees to them in written form. These terms of use are valid for any use of the services, including any future contracts, offers, goods and services of or by the provider.
(2) These terms of use can be saved to random access memory or to a permanent data medium and can be printed. On request by the user, the terms of use may also be mailed to them.
(3) In addition and complementary to these terms of use, the game rules and game manuals that are specified in the scope of the respective services are also valid.
(4) The services are solely aimed at users according to § 13 of the German civil code. Commercial use of these services is prohibited. The use of these services is authorized for all persons who at the time of registration are 18 years old or older. Minors are only authorized to use these services with the permission of their parents or legal guardian(s).
(5) By registering, the user explicitly warrants that he/she is of majority age - or in case of minors, that he/she has obtained an express consent of his/her legal guardian to use these services.
(6) The contractual relationship begins with the registration of the user on the game portal or a specific service provided by the provider and of the acceptance of this registration by the provider by way of granting authorized access (an account). It ends with the termination of the contract by the user, be it through deletion of the account in question or through blocking or deletion of the account by the provider as well as by abrogation by the provider.
(7) The contractual agreements between provider and user mentioned in these General Terms and Conditions take effect with the conclusion of a service usage agreement or the acceptance of an application to conclude a contract over the use of additional services by the provider. Access to the account may be confirmed immediately or upon first fulfillment action of the provider. The receipt of this request shall be confirmed immediately electronically by sending a confirmation email to the email-address provided by the user. The access confirmation does not signify a binding acceptance of the usage agreement. The access confirmation can however be linked with the declaration of acceptance.


§ 2 Scope of Services
(1) The provider enables the user to use the provider's services in their respective state by making these available on the internet. The user is responsible for fulfilling the technical prerequisites for using these services.
(2) The user has no right to use the service offered by the provider. The provider especially reserves the right to reject or limit registrations made by the user to one or more services.
(3) The provider does not guarantee that the services offered meet the requirements of the user. The provider especially does not warrant that the services are suited to whatever goal the user may aspire to reach using the services.
(4) The user is to be informed that a constant, uninterrupted and complete availability of the service is not possible. The provider however does guarantee an annual average availability of 92% (ninety-two percent) or higher. Times in which the servers are unavailable on the internet due to technical or other problems that are beyond the reach of the provider (force majeure, influence of third persons, and others), as well as times in which game updates or standard maintenance activities are carried out, are exempt from this. The providers may limit access to their services if the security of network operations, the maintenance of network integrity, as well as especially avoiding serious network failures, failures of software or saved data should require this.
(5) The services are subject to ongoing development, adaptation and change. The provider therefore is free to change the content and appearance as well as to change or modify technical and other parameters at all times. The user cannot demand the preservation of certain technical or other features. The user is only granted the right to use the respective service in its respective current form.
The user has no demand to claim the preservation of the service as it was when the contractual agreement was entered.
The provider reserves the right to cease operation of these services at any time without justification.
(6) Hints, tips and pieces of advice about the game communicated by the provider as well as employees or agents of the provider are non-binding. The user does not have the right to compensation for any disadvantages that may be caused by these pieces of information.
(7) Unless mentioned differently in the description of the services, the services offered by the provider are free of charge.


§ 3 Claims for Defects
(1) The provider offers access to the service and additional services to the user in their respective current versions. The user has no claim to preservation or arrangement of a previous state of the service or additional service.
(2) The user should be aware that the software that the provider enables him to use cannot be rendered completely faultless. The service is only to be deemed deficient if the playability of the game is strongly hindered.
(3) To his/her own protection and to be able to offer proof, the user is advised to send all claims to the provider in written or via email.
(4) Errors outside of the provider's control (force majeure a.o.) or errors caused by the user, or by changes not carried out by the provider or changes that cannot be attributed to the provider or other forms of manipulation, can never be subject to claims for defects.
(5) Guarantees according to the law are not being given by the provider, unless otherwise explicitly agreed upon in written.


§ 4 Accountability
(1) If services are provided for free, the provider is never held accountable for any kind of damage, unless that damage is caused by gross negligence or inflicted deliberately.
(2) In case of slight negligence, the provider will only be made liable in case of essential contractual obligations. Essential contractual obligations or cardinal obligations in line with the established case law of the Court of Justice are those obligations whose fulfillment is a prerequisite for enabling the proper fulfillment of the contract in the first place and on whose fulfillment the user may rely. The liability to pay damages is limited to the typically occurring and foreseeable contractual damage.
(3) The aforementioned exclusions of accountability are not valid in the case of threats to life or health. They are also not valid if this damage was caused by a violation of the contract in the first place. This does not refer to the provider's accountability according to the Product Liability Act as well as where §44 a of the German telecommunications customer protection act (TKG) is applied.
(4) The aforementioned exclusions and restrictions of accountability are also valid with regard to the accountability of employees, co-workers and other personnel of the provider, especially if it is in favor of the shareholders, co-workers, representatives, and other bodies and their employees with regard to their personal accountability.
(5) The provider explicitly distances themselves from the content of all pages that are either directly or indirectly linked to the service offered by the provider ("links"). The provider cannot be held accountable for the content and sites. The providers of the sites in question are responsible for their content. The provider has no explicit control of third-party websites. It is not known to the provider that any such websites violate any applicable laws. If this should be the case and is reported to the provider, the link to the site in question will of course be removed by the provider immediately.
(6) A change of the burden of proof to the disadvantage of the user is not associated with the above provisions.


§ 5 Duties of the User
(1) The user obligates him- or herself to use only one account per service. The simultaneous usage of multiple accounts with one service (so-called multi-using) is not permitted.
(2) Usage of external scripts or programs to automate participation on these services (e.g. via so-called bots) is not permitted.
(3) The user obligates him- or herself not to use bugs or other programming errors to his/her advantage. Any advantages that may have occurred from this are to be reversed or repaid and may be revoked by the provider. The user has to keep actual or supposed bugs or irregularities a secret and to report them to the provider without delay.
(4) The user obligates him- or herself not to post or distribute any pictures, links, names or words that are in any way commercial, political, insulting, sexist, pornographic or otherwise morally questionable or objectionable in the frame of the services. The user also obligates himself not to use any copyrighted terms, names or images. In case of doubt, the user has to remove these contents as soon as possible if called upon to do so by the provider. The provider has the right to remove the offending content manually.
(5) The user has to obey any decree or ordinance from the part of the provider and their employees. This rule is also valid for decrees issued by administrators or moderators of the official forum that is linked to the game in question.
(6) A deliberate violation of these duties gives the provider the right to exclude the user from the service in question and to block or delete the user's account or accounts. Compensation for Premium currencies already credited to one or several accounts at the time of their closure or deletion will not be issued. Compensation for services booked and paid for by one or several accounts at the time of their closure or deletion will not be issued.


§ 6 Abrogation
(1) The user has the right to terminate his/her participation on one or more services without giving reasons or having to adhere to a deadline. The provider is entitled to terminate the license agreement at any time without observing a notice period, if the user has not made use of any fee-based services.
(2) Apart from that the provider has the right to terminate single, several or all services taking into account a notice period of one month to the end of a calendar month, if the services are to be terminated.
(3) The right of both parties to terminate for good cause at any time shall remain unaffected.
(4) The provider has the right to terminate an account because of important reasons (though not exclusively because of such reasons), if
- the user deliberately violates the rules of the service and does not end this behavior when called upon to do so. An admonishment is not necessary if it is deemed unreasonable for the provider to retain the contract, for instance in the case of unusually heavy infractions (multiple accounts per player, criminal offences, etc.).
(6) If the service platform does not provide the possibility of abrogation, each abrogation must be provided in text form (e. g. email). Extraordinary cancellations must be made given reasons.
(7) Because of technical reasons, complete deletion of user data and accounts is effective only after a delay of a couple of days.
(8) In case of a justifiable abrogation by the provider for significant reasons, the user has no right to a refund for the services that are affected by the abrogation.


§ 7 Transfer of Rights
The right to contents a user posts during the frame of a service, remains with the respective user. By entering the content, the user merely gives the provider a simple, unrestricted, royalty free license to use these contents and make them publicly available.


§ 8 Severability Clause, Other
(1) If one or several of the agreements here are objectionable or invalid, the rest of the agreements are unaffected by this.
(2) German law applies to these terms of use and all contracts executed based on these terms of use. The Uniform Law on the International Sale of Goods (CISG) and German conflict of law provisions do not apply. Provisions for the protection of the consumer, which would have to be applied without choice of law and which must not be amended by agreement, remain unaffected.
(3) The company domicile (Bamberg) shall be the legal venue for all possible disputes relating to these contracts. If the user 's domicile is a country outside of the Federal Republic of Germany, the company domicile remains the legal venue. This also applies if the exact domicile of the user was unknown at the time of the accusation.
(4) The provider reserves the right to modify or supplement these terms of use with effect to the future when this is deemed necessary (for instance adaptation to the legal situation, extension of the service spectrum of the provider, etc.), and if the user does is not adversely affected hereby under the principle of equity and good faith. The user is to be notified of any changes in the terms of use in a manner deemed appropriate. This notification will take place either in the scope of the services or by sending an email to the email address the user has submitted. In any case, the user will be informed of the change when logging into the service the next time. The user has one (1) month to object to the changes in the terms of use. It is recommended that the user do this in written form or via email for the sake of conservation of evidence. If the user fails to object to the changed terms of use within the deadline of one (1) month and continues to use the service, the new rules will apply to him by default. If he/she honors the deadline, both parties have the right to end the agreement with a cancellation period of one month, unless a right to abrogation according to § 8 is already in effect. The former terms of use will remain valid until the termination of the contract. The provider will specifically point out the possibility of abrogation, objection to the terms of agreement, and the legal consequences thereof, especially with regard to the absence of an objection to the agreement to the user.

(5) The user is recommended to regularly inform him- or herself of the status of the terms of use and the descriptions of the scope and usage of the service in question.


III. Privacy Policy

We, the upjers GmbH (Ltd.) seated in Hafenstraße 13, 96052 Bamberg, Deutschland, run the website http://www.upjers.com/ and gather data from our visitors, as far as it is necessary. In the following data protection declaration you will learn what we are doing with your data, so called personal data, and why we do this. Furthermore, we explain to you, how we protect your data, when data will be deleted and which rights you have thanks to the data protection.
In advance: We adhere to the data protection laws and protect your sphere of personal privacy in the best way possible. But we also want to be completely honest: the internet lives from data exchange and still displays many security leaks. Even when your data is encrypted while you are visiting our website, there is always a remaining risk, at the latest with the exchange of foreign websites. If you visit a different website, for example, via a link on our website, please consider that this data protection declaration at hand will not be valid for the foreign website.

Content:
1. Person in Charge – to Whom can I Turn to?
2. Data Protection Officer
3. What Rights do I have?
4. Deletion of Data and Storage Period of Data
5. How Is your Personal Data Protected?
6. Visit of the Website
7. Requests to our Customer Support
8. Downloading of Apps
9. Registration
10. Usage of built-in Games
11. Social Sign-In & Social Log In
12. Communication in the Games
13. Payment Handling
14. Newsletter
15. Cookies
16. Youtube
17. Google Analytics
18. Promotional Videos
19. Criteo
20. Social Plug-Ins
21. Enforcement, Exercition and Defence of Legal Claims
22. Personal Data of Children
23. Change of Data Protection Declaration

1. Person in Charge – to Whom can I Turn to?
Responsible for this website is:
upjers GmbH
Hafenstraße 13

96052 Bamberg

Telefon: +49 (0)951/5109080
Fax: +49 (0)951/510908102

E-Mail: mail@upjers.com

Kunden-Support:
Support-Formular: https://support.upjers.com/de/start
Email: support@upjers.com


2. Data Protection Officer
Via the contact data you can also contact our data protection officer. If you have specific questions regarding your data, their deletion, or your rights, there is a direct contact possibility for data protection via the email datenschutzbeauftragter@upjers.com. If you want to raise a request, the notation “data protection” is sufficient.


3. What Rights do I have?
You can contact us whenever you have questions regarding your data protection rights or want to claim one of your following rights:
· Right of revocation according to Article 7 Paragraph 3 GDPR (for example you can turn to us in case you would like to withdraw a formerly given agreement for a newsletter)
· Right of Information according to Article 15 GDPR (for example, you can turn to us if you want to know which data of yours we have saved)
· Rectification according to Article 16 GDPR (for example, you can turn to us in case your email has changed and if we are supposed to substitute the old email)
· Deletion according to Article 17 GDPR (for example, you can turn to us if we have to delete certain data about you which we have saved)
· Restriction of processing according to Article 18 GDPR (for example, you can turn to us if you want that your email is not deleted, but instead only used for sending you the absolutely necessary emails)
· Data Portability according to Article 20 GDPR (for example, you can turn to us in order to receive your saved data in a compacted format, for example, when you want to provide another website with your data)
· Objection according to Artice 21 GDPR (for example you can turn to us when you are inconvenient with the here mentioned promotional videos or analysis methods)
· Right of appeal at the controlling authority in charge according to Article 77, Paragraph 1 GDPR (for example, you can also direct your complaints straight to the Data Protection Authorities)


4. Deletion of Data and Storage Period of Data
As long as not stated differently, we delete your data as soon as we do not need it any more. A blocking or deletion of your data also occurs when a storage limit, which is required by law, is ending unless there is a further need to save the data for a contract closing or a contractual performance. Certain data might have to be saved longer due to legal reasons. Of course, you can always obtain information about the saved data.


5. How Is your Personal Data Protected?
We will take all useful and suitable measures to protect the personal data saved by us from abuse, loss or unauthorized access. Therefore, we have taken several technical and organisational measures. This includes measures how to deal with every alleged data corruption possible.
If you have the suspicion that your personal data have been abused or have been lost, or that an unauthorized access has taken place, please let us know this as quickly as possible and turn to the contact data mentioned above!


6. Visit of the Website
If you only want to have a look around at our website, we do not gather any personal data with exception of the data your browser is transmitting in order to enable the visit of the website. This concerns especially:
· the approximate localisation based on the IP-area (only country of the port)
· Internet-provider (for example, Telstra, Vodafone or Comcast)
· Date and Time (for example, 11:45 am, 25 May 2018)
· Browser (for example Chrome or Safari)
The technical data raised cannot be traced back to you and only serve anonymous, statistic purposes to optimise our website.
Purpose of the temporary storage of data at the beginning is to secure the connection as well as the accessibility and the correct depiction of our website.
Legal basis is the so called legitimate interest in the frame of the above mentioned security measures, which has also been verified in accordance with the European Data Protection Requirements from Article 6 Paragraph 1 lit. GDPR.


7. Requests to our Customer Support
You have the opportunity to contact our support team. With clicking at “support” on our websites, you will be forwarded to https://support.upjers.com/de/start. A request is furthermore possible via email to support@upjers.com.
The following data can be requested by us:
· username and/or login
· user ID
· upjers ID
· email
· if necessary, payment service provider
· message, support request
· plug-ins (for example, Adobe Flash)
· operating system (for example, Mac OS)
· hardware (for example, Intel processor)
· browser


As a measure of protection, the support request is forwarded via an encrypted connection. Furthermore, we apply the basic principle of data minimisation and only gather data in the support form, which is effectively important. After the successful contacting with you and the ending of the support case, your data will be deleted immediately.
Purpose of the requested data is exclusively contacting and supporting you, which is why the data are also only used for this purposes.
Legal Basis is next to your agreement (Article 6 Paragraph 1a, GDPR) the implementation and fulfilment of the contract (Article 6 Paragraph 1b, GDPR).


8. Downloading of Apps
Through our websites you can also reach our game range in the app stores for mobile terminal devices (in the following: apps) via a link.
During the download of an app, necessary information will be raised by the app store in question, especially the point in time of the download, title, language version and an advertiser ID/ individual device ID. We have no influence whatsoever on these data and are not responsible for it. The app stores provide you with their own data protection declaration concerning the handling of personal data.
We process data within the scope of app usage, as far as it is necessary for the download of the mobile app to your terminal device, the supply of the game in question and the liquidation of in-game purchases.
Further information regarding the data processing within the scope of app usage can be found in our data protection declaration for mobile applications (https://de.upjers.com/mprivacy).


9. Registration
Additionally, you have the possibility to register yourself on our website and log in afterwards whenever you want with your user account. To register yourself, the following data is needed:
· email address
· user name and/ or log in name
· password
As a measure of protection, the transmission of the data entered by you will take place via an encrypted connection. Further, we apply the basic principle of data minimisation and only raise the data, which is effectively needed. Please do not use your real name or the one of a different person as a user name. We also assign you, depending on the transmitted IP-address, to a country. This data is saved in order to show you the corresponding offer of payment methods. After creating a user account, your data will be saved until you decide to delete certain data or the whole user account.
Purpose of the raised data is the creation of a user account in order to use our browser games and extended functions on the website (for example, in-game messages, post in the forum). Registration is voluntarily and can always be revoked and/ or the user data deleted.
Legal Basis is the user's consent in accordance with the European Data Protection Requirements from Article 6 Paragraph 1 lit. GDPR.


10. Usage of Integrated Games
Some of our upjers-games are embedded in social networks (for example Facebook). The games will be called there, for example, “apps” or “applications”. For its data processing and possible data transmission in accordance with data protection, the respective network itself is responsible and enlightens the user in its own data protection declaration. We would like to point out, however, that you might be asked by the network to agree to the transmission of personal data if you want to use an integrated upjers game. In the case of Facebook, the following data can be affected:
· first name, surname, sex, birth date
· profile picture or corresponding URL
· log-in email address, which has been used at the registration of Facebook
· location and access devices
· user-ID- number, which is linked to public accessible information (on Facebook)
· user-ID- number to your friends, which are likewise connected with the game
As long as you agree to the data transmission, the network might send in some circumstances data to upjers. upjers will only process such data if it is absolutely necessary for providing you with the game. upjers points out that you can influence the extent of information yourself, which the network is transferring, through the corresponding privacy settings. Exertion of influence could especially be exercised through
· controlling, which information your Facebook friends share with you/ about you,
· blocking certain applications, and/ or preventing them from raising certain information about you,
· ignoring certain invitations to games,
· controlling, who can see all your activities.


11. Social Sign-In & Social Log In
Besides the manual registration, we also offer you the possibility to directly register yourself at upjers with your already existing user account of a social network of selected providers. We use the platforms “Facebook Sign In” and “Amazon”. As long as you would like to use one of these functions, you will be forwarded to the website of the provider in question and navigated through the registration process there.
As a measure of protection, transmission of the data entered by you will take place via an encrypted connection to the platform in question. We do not use the registration to access personal data like friend lists, or contacts, or for saving them for our own purposes. A temporary connection between your user account and the user account of Facebook and Amazon does not take place. Both networks are certified under the EU-US-PRIVACY-Shield (for further information please consult the the respective data protection declarations). Which data is not raised in social networks with the registration or how the data is connected, is not known to us. Further details can be found in the data protection declaration of Facebook (https://de-de.facebook.com/policy.php) and Amazon (https://www.amazon.com/gp/help/customer/display.html?nodeId=468496).
Purpose of the data asked is the registration via an already existing user account for the use of extended functions on the website. The registration via social networks is voluntarily and can always be recalled and/ or the user account can be deregistered.
Legal Basis is your agreement in accordance with European Data Protection Requirements from Article 6 Paragraph1 lit. GDPR.


12. Communication in the Games
The games run by us offer you the possibility to communicate with us or with other players. We use automatic filter systems, which prevent the plentiful sending of messages, insulting, violence-glorifying, obscene, racist or whatever offensive statements, or news with promotional character. Further, we record: for the purposes of analyses and rectification of technical errors; for the warranty of system security and system integrity; for combatting abusive and/ or unauthorised usage, as well as for the preparation of user statistics on non-personal related basis, and the use of the provided communication channels for a short time. The reports created contain date and time of the news, sender and recipient, the text message, as well as the transmitted amount of data.
Without your agreement, none of our staff-members will read messages. If we have suspicion of abusive and/ or unauthorised usage of the communication channels provided (for example by a report of the recipient), we nevertheless reserve ourself the right to examine the player account in question, as well as the player account from which the message was sent and – if need be – take further measures.
As a measure of protection, the transmission of the data entered by you will take place via an encrypted connection to the platform in question.
Purpose of the processing is the provision of an ingame solution for communication for the exchange of messages between the players.
Legal basis for the temporary storage of data is Article 6 Paragraph 1 lit. a GDPR as well as Article 6 Paragraph 1 f GDPR. The input of data for the purpose of communication is voluntarily, and therefore on the basis of agreement by the user. The use of filter systems serves the purpose of keeping the conditions and protecting the data of third parties. In this purposes lies our rightful interest in data procession according to Article 6 Paragraph 1 f GDPR.


13. Payment Handling
If you initiate a payment process to purchase premium currency, you will have to provide further data. The nature of the required data depends on the chosen payment method. Furthermore, upjers allows you to use anonymous payment methods.
You will have a variety of payment providers to choose from. In addition, the cooperation with third parties involves the payment processing via external payment providers (PayPal, credit card companies, mobile network operators, Paysafecard, cash payment, immediate transfer, etc.). All external payment providers are by law obliged to the secure handling of your data, and they are solely allowed to use your data as far as it is necessary for the fulfilment of their task.
You are able to choose freely which payment method you want to use, and therefore we would like to refer to the privacy policies and regulations of the respective payment provider.
The payment provider will collect personal data of the customer on their own responsibility to execute the payment. Thereafter, a response of the payment provider is sent to upjers, in which the successful completion of the payment process is confirmed.
We point out that we will save the IP address of the customer when a payment process is confirmed. The sole objective is the fulfilment of our tax obligations. The IP address is used to determine the location of performance for tax objectives. The data is stored according to the fiscal period of time for safeguarding.


14. Newsletter
We use the so-called Double-Opt-In Procedure for providing our newsletters, which means we will send you a newsletter via email as soon as you confirm that you would like to receive our newsletter by clicking on the link within the notification email.
Of course you can unsubscribe from our newsletter at any time. Therefore, you will find a respective link in every newsletter. Alternatively, you can contact our support staff via the support form or via email: [email=support@upjers]support@upjers[/email].
For providing our newsletter we are cooperating with the service provider Emarsys eMarketing Systems AG, Hans-Fischer-Straße 10, 80339 Munich, Germany. We concluded an order data processing contract with this service provider according to the specifications of Article 28, GDPR.


15. Cookies
To some extent so-called cookies are used on our websites. Cookies are small text files which are normally stored within a folder of your browser. Cookies contain information about the current as well as the last visit of the respective website:
· name of the website
· termination date of the cookie
· arbitrary value
If cookies have no specific termination date, they are solely temporarily stored and will be automatically deleted, as soon as you close your browser or restart the terminal device. Cookies with a termination date remain stored when you close your browser or restart the device. These cookies are deleted at that specific date or if you delete them manually.
On our websites we use the following three types of cookies:
· required cookies (for example, these are necessary to display the website correctly and to temporarily save specific settings)
· function and performance-related cookies (these help us, for instance, to evaluate technical data of your visit on our website to prevent error messages)
· cookies for advertising and analysing purposes (for example, these are responsible for showing shoe advertisements if you searched for shoes before)
In the settings of your browser you will find options to configure, block or delete cookies. If you delete all cookies of our websites, there is a possibility that some functions of the website are not displayed correctly. The German Federal Office for Information Security Technology provides helpful information and instructions for commonly used browsers: https://www.bsi-fuer-buerger.de/BSIFB/DE/Empfehlungen/EinrichtungSoftware/EinrichtungBrowser/Sicherheitsmassnahmen/Cookies/cookies_node.html


16. Youtube
We use YouTube for directly embedding videos. YouTube is operated by YouTube LLC, headquartered at 901 Cherry Avenue, San Bruno, CA 94066, USA. YouTube is represented by Google Inc. based at 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. When playing the embedded videos, a connection to the YouTube servers is established and at least your IP address is transmitted for technical reasons. In addition, if you are logged into your YouTube account, YouTube will assign information to your personal user account about the videos watched. You can prevent this procedure by logging out from your YouTube account, as well as other accounts, which are connected to the Google platform, before you use our website.
The high security standards of the google platform and the associated privacy policy of google are regarded as protective measures (https://policies.google.com/privacy?hl=en-GB). As Google is based in the USA, a so-called non-member State, further warranties are essential to ensure an adequate European level of data protection. Google has been certified under the so-called EU-US Privacy Shield and has thus demonstrated an appropriate level of data protection (https://policies.google.com/privacy/frameworks?gl=de&hl=en-GB).
Furthermore, we embed YouTube videos with advanced privacy settings and a server solution. The user is initially solely shown a preview image, which is loaded from an upjers server. Only after pressing the Play-button is the YouTube frame activated and a limited data exchange with YouTube proceeds.
The purpose of data transmission is to integrate YouTube's video service, which is acclaimed among our users, for them to conveniently access the videos displayed without leaving our website.
The legal basis is the so-called legitimate interest, which has been examined in order to pursue the objective and within the framework of the aforementioned protective measures and in accordance with the European data protection requirements under Article 6 Paragraph 1 lit. f GDPR.


17. Google Analytics
We use Google Analytics, a web analysis service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"). Google Analytics uses the aforementioned cookies for advertising and analysing purposes, to analyse our website regarding your user behaviour. The information generated by cookies about the use of this website is transferred to and stored in a Google server based in the USA. However, your IP address is shortened before the usage statistics are evaluated. Therefore, no conclusions can be drawn about your person. For this purpose, we extended Google Analytics on our website by the code “anonymizelp” to ensure the anonymous collection of IP addresses. Google will use the anonymous information collected by cookies to evaluate your use of the website, to compile reports on website activity for website operators, and to provide other services relating to the website and internet use. In addition, Google may transfer this information to third parties if this is required by law, or if third parties process this data on behalf of Google.
However, you can also configure your browser to refuse cookies, or you can prevent Google from collecting and analysing the data by downloading and installing a browser plug-in from Google (https://tools.google.com/dlpage/gaoptout?hl=en-GB). As an alternative to the browser extension or within browsers on mobile devices, you can set an Opt-Out-Cookie to prevent future collection by Google Analytics on this website (the opt-out only works in the browser and only for this domain). If you delete your cookies in this browser, you have to click this link again.
As protective measures we use the anonymisation procedure provided by Google, whereby a subsequent evaluation proceeds on a statistical basis only, but not on the basis of your person. In addition, the high security standards of the Google platform and the associated privacy policy of Google apply (https://policies.google.com/privacy?hl=en-GB). Moreover, we have concluded a specific data protection agreement with Google, which stipulates the protection of your data via technical and organisational security measures. As Google is based in the USA and thus in a so-called non-Member State, further warranties are essential to ensure an adequate European level of data protection. Google has been certified under the so-called EU-US Privacy Shield and has thus demonstrated an appropriate level of data protection (https://policies.google.com/privacy/frameworks?gl=de&hl=en-GB).
The objective of using Google Analytics is the anonymous analysis of your user behaviour on our websites. The information acquired from this procedure helps us to improve our service.
The legal basis is the so-called legitimate interest, which has been examined in order to pursue the objective and within the framework of the aforementioned protective measures, as well as in accordance with the European data protection requirements of article 6 paragraph 1 lit. f GDPR. Moreover, an order data processing contract was concluded, according to the specifications of article 28, GDPR.


18. Promotional Videos
We have embedded promotional videos in various places of our websites and games. Our advertising partners provide selected content there, which we display for them. We would like to emphasise that our advertising partners are essential to keep our free2play system alive, and we are anxious to implement it in the interest of our users. If you as a user watch the provided promotional videos, you are able to obtain premium currency or game features. For further questions please contact our customer support.

We are cooperating with the following advertising companies:
a) Smartstream
Smartstream (https://www.smartstream.tv/en) uses technologies to control and optimise the insertion of promotional materials for the user. The service provider of Smartstream is SMARTSTREAM.TV GmbH, Dachauer Straße 15A, 80335 Munich, Germany. If you wish to veto the acquisition of anonymised information, you are able to deactivate the data acquisition at https://www.smartstream.tv/en/privacy under “OptOut”.
If you have already activated “OptOut”, you can cancel this setting at any time by clicking on the “OptIn” button.
As a protective measure, solely pseudonymous usage data is processed and the user has the right of objection at his disposal. In addition, we concluded an order data processing contract with Smartstream according to the specifications of Article 28, GDPR.
The objective of processing usage data is to display promotional material to enable our free2play service.
The legal basis is the so-called legitimate interest, which has been examined in order to pursue the objective, and within the framework of the aforementioned protective measures, as well as in accordance with the European data protection requirements in Article 6 Paragraph 1 lit. f GDPR
b) adbility
Furthermore, we cooperate with the advertising partner adbility media GmbH, Große Elbstraße 38, 22767 Hamburg, Germany. Adbility uses technologies to control and optimise the insertion of promotional materials for the user. You can veto the acquisition of anonymised information at https://www.adbility-media.com/en/privacy-policy/ at any time.
Processing solely pseudonymous usage data is regarded as a protective measure. Furthermore, the user has the right of objection at his disposal. In addition, we concluded an order data processing contract with the adbility media GmbH according to the specifications of article 28, GDPR which states that we as well as adbility are liable for processing your data. Therefore, you can contact either us or adbility for any questions regarding data processing. You can find the contact information at https://www.adbility-media.com/en/contact/.
The objective of processing usage data is to display promotional material to enable our free2play service.
The legal basis is the so-called legitimate interest, which has been examined in order to pursue the objective and within the framework of the aforementioned protective measures and in accordance with the European data protection requirements under article 6 paragraph 1 lit. f GDPR.


19. Criteo
Pseudonymous information about the online behaviour of website visitors is collected and stored on our websites for marketing purposes by a technology of Criteo SA, 32 Rue Blanche, 75009 Paris, France. This data is stored in cookies on the visitor's computer. Criteo SA uses an algorithm to analyse the anonymised recorded online behaviour and can thereafter display certain product recommendations in form of personalised advertising banners on other websites (publishers). This data cannot be used to personally identify you as a visitor of our website under no circumstances. The collected data will solely be used to improve our services. This information will not be used for any other objectives or transferred to third parties.
You can veto the anonymised analysis of your online behaviour on our websites by clicking here: Criteo unsubscription. If you have already unsubscribed (OptOut cookie) and would like to see personalised Criteo banners again, please click here: Criteo Subscription.
For more information about the technology used, please read the privacy policy of Criteo SA.
As a measure of protection, the evaluation proceeds on a statistical basis only, but not on the basis of your person. In addition, the high security standards of Criteo apply. Further, we concluded a contract with Criteo according to the specifications of Article 28, GDPR which states that we as well as Criteo are liable for processing your data. Therefore, you can contact either us or Criteo for any questions regarding data processing. You can find the contact information at https://www.criteo.com/legal/
The objective of using Criteo is the anonymised analysis of your usage behaviour on our websites and providing interest-related advertising.
The legal basis is the so-called legitimate interest, which has been examined in accordance with the European data protection requirements under Article 6 Paragraph 1 lit. f GDPR, in order to pursue the objective and within the framework of the aforementioned protective measures.


20. Social Plug-Ins
We use the following social plug-ins on our websites: Facebook's “Like” button, the “Google +1-button by Google and the “Tweet”-button by Twitter.
The respective service provider can be identified by the marking on the box above its initial letters as well as by the logo. We provide the option to directly communicate with the service provider of the plug-in via the button. Only if you click on the highlighted area and thereby activate it, the plug-in provider receives the information that you have accessed the corresponding website of our online service. According to the provider in Germany, the IP address is anonymised immediately after collection in the case of Facebook. By activating the plug-in, personal data is transferred from you to the respective plug-in provider and stored there (for US providers in the USA). Since the plug-in provider obtains data especially via cookies, we recommend that you delete all cookies using the security settings of your browser before clicking on the grayed-out box.
We have neither influence on the data collected and data processing procedures, nor are we aware of the full scope of data acquisition, the objectives of processing the data and the storage periods. Furthermore, we have no information on the deletion of the data obtained by the plug-in provider.
The plug-in provider stores the data collected about you as user profiles and uses these for means of advertising, market research and needs-oriented design of his website. Such an evaluation particularly takes place (for not logged-in users as well) for displaying needs-oriented advertisements, and to inform other users of the social network about your activities on our website. You have a right of objection to the creation of these user profiles, whereby you have to contact the respective plug-in provider to exercise this right. We provide the option to interact with social networks and other users via the plug-ins. Therefore, we are able to improve our services and make them more interesting for you as a user. The legal framework for using these plug-ins is Article 6 Paragraph 1 S. 1 lit. f GDPR.
The data is transferred regardless of whether you have an account on the plug-in provider's website and are logged in there. If you are logged in on the plug-in provider's website, your data collected on our website will be directly assigned to your existing account on the plug-in provider's website. If you click on the activated button and link the page, for example, the plug-in provider stores this information in your user account, as well and notifies your contacts publicly of it. We recommend that you log out regularly from a social network after using it, especially before activating the buttons to prevent the assignment of information to your user profile on the plug-in provider's website.
Further information about the objectives and extent of this data acquisition, as well as their processing by the plug-in provider are available in the privacy policies of the providers listed below. Moreover, they will provide you with further information about your rights in this regard and configuration options available to you in order to protect your personal data.
Addresses of the respective plug-in provider and URLs of ther privacy policies:
Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA; for further information about data acquisition please visit: https://www.facebook.com/policy.php. Facebook is liable to the EU-US Privacy Shield (https://www.privacyshield.gov/EU-US-Framework).
Google Inc., 1600 Amphitheater Parkway, Mountainview, California 94043, USA; for further information about data acquisition please visit: https://policies.google.com/technologies/partner-sites?hl=en-GB. Google is liable to the EU-US Privacy Shield (https://www.privacyshield.gov/EU-US-Framework).
Twitter “Tweet” of the communication platform Twitter, provided by Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA; for further information about data acquisition please visit: https://twitter.com/en/privacy. Twitter is liable to the EU-US Privacy Shield (https://www.privacyshield.gov/EU-US-Framework)..
The high security standards of the Google platform of Facebook and Twitter and the associated privacy policies of these platforms are regarded as protective measures (refer to the before mentioned). We collect no personal data via the social plug-ins or their usage. To prevent that data is transferred to the service providers in the USA without the user's knowledge, we use the so-called “Shariff solution”. This solution ensures that initially no personal data is transferred to the respective plug-in providers when you visit our website. Only after you click on one of the social plug-ins, data can be transferred to the provider and stored there. For more information about the Shariff solution please visit the website of the provider, Heise Medien Gmbh & Co. KG: http://m.heise.de/ct/artikel/Shariff-Social-Media-Buttons-mit-Datenschutz-2467514.html
The objective of the data transmission is implementing the plug-ins for the user to be able to share contents and interests with other users.
The legal basis is the so-called legitimate interest, which has been examined in order to pursue the objective and within the framework of the aforementioned protective measures and in accordance with the European data protection requirements under Article 6 Paragraph 1 lit. f GDPR


21. Enforcement, Exercition and Defence of Legal Claims
Sometimes it might be necessary for us to process personal data and, if required, sensitive personal data, in accordance with local laws and regulations, relating to the exercise or defence of legal claims. Article 9(2)(f) GDPR facilitates it, if the data processing “is essential for asserting, exercising and defending legal claims or if courts act in the course of their judicial activity”. For instance, this may be the case if we need legal advice in relation to legal proceedings or are legally obliged to preserve or disclose certain information in the course of legal proceedings.
This can, for example, happen if we need legal advice in reference to a legal procedure or if we are legally obliged to keep or reveal certain information within the context of a lawsuit.


22. Personal Data of Children
upjers is aware of the significance and data protection of children on the internet. Therefore, and to comply with specific laws, we do neither intentionally collect personal, individually identifiable information about children under 16, nor do we offer content for children under 16.


23. Change of Data Protection Declaration
upjers reserves the right to change this data privacy statement at any time, however, upjers will always adhere to the currently applicable data security laws. upjers advises you to inform yourself on each visit to these websites and games about the current data privacy statement.

State: December 2018