To see our data processing agreement please visit this page.
This privacy policy is valid from September 17th, 2020.
1. General
We at Riddle Technologies AG (Riddle) take the protection of your personal data very seriously. Your privacy is important to us.
We process your personal data in accordance with the applicable statutory data protection requirements for the following purposes.
If you have been in contact with Riddle services, for example by responding to a quiz created with our software, we guarantee that we will not collect, store or process any personal data about you. The data we collect is merely aggregated data (i.e. a statistical evaluation is made of how often a particular question has been answered with a specific answer). In doing so, Riddle deliberately does not collect any data as to which response came from which user. The services we offer only require anonymous data, so we cannot draw any conclusions about your person.
2. Name and contact details of the controller and the company data protection officer
This privacy policy applies to data processing by:
Controller:
Riddle Technologies AG, Lenaustr. 1, 66125 Saarbrücken
Telefon: +49-6897-9392500
E-Mail: hello@riddle.com
The company data protection officer of Riddle Technologies AG is reachable under the above address care of Mr. Clasen, or at datenschutz@riddle.com.
3. Collection and storage of personal data and the nature and purpose of its use
Personal data is information that helps to identify a person, i.e. information that can be traced back to a person. This includes name, e-mail address or phone number. But it also includes data about preferences, hobbies, memberships or which websites were viewed by someone. Personal data is only collected, used and passed on by the provider if this is permitted by law or if the users consent to the data collection.
a) When visiting the website
When visiting our website www.riddle.com the browser used on your device automatically sends information to the server of our website.
This information is temporarily stored in a so-called log file. The following information will be collected without your intervention and stored until automated deletion:
- IP address of the requesting computer,
- Date and time of access,
- Name and URL of the retrieved file,
- Website from which the access is made (referrer URL),
- Browser used and, if applicable, the operating system of your computer as well the name of your access provider.
The data mentioned is processed by us for the following purposes:
- To ensure a smooth connection of the website,
- To ensure comfortable use of our website,
- To evaluate system security and stability, and
- For further administrative purposes.
The legal basis for data processing is Art. 6 (1) (f) GDPR. Our legitimate interest follows from the data collection purposes listed above. In no case do we use the collected data for the purpose of drawing conclusions about your person.
In addition, we use cookies and analysis services when you visit our website. Further details can be found under no. 4 and 5 of this privacy policy.
b) When using our contact form For any questions you might have, we offer you the possibility to contact us via a form provided on the website. It is necessary to provide a valid e-mail address so that we know who the request came from and can answer it. Further information can be provided voluntarily. The data processing for the purpose of contacting us is based on your voluntarily granted consent in accordance with Art. 6 (1) (a) GDPR. The personal data collected by us for the use of the contact form will be automatically deleted after completion of the request made by you.
3. Disclosure of data
A transfer of your personal data to third parties for purposes other than those listed below does not take place. We only share your personal data with third parties if:
- You have expressly consented to this according to Art. 6 (1) (a) GDPR have expressly consented to this,
- Disclosure pursuant to Art. 6 (1) (f) GDPR is required to assert, exercise or defend legal claims and there is no reason to assume that you have a prevailing legitimate interest in not disclosing your data,
- There is a legal obligation to disclosure pursuant to Art. 6 (1) (c) GDPR, and
- This is legally permissible and, according to Art. 6 (1) (b) GDPR is required for the settlement of contractual relationships with you.
4. Cookies
We use cookies on our site. These are small files that your browser automatically creates and that are stored on your device (laptop, tablet, smartphone, etc.) when you visit our site.
Cookies do not harm your device, do not contain viruses, Trojans or other malicious software. Information is stored in the cookie, which results in connection with the specific terminal used. However, this does not mean that we are immediately aware of your identity. On the one hand, the use of cookies serves to make the use of our offer more pleasant for you. For example, we use so-called session cookies to recognise that you have already visited individual pages on our website. These are automatically deleted after leaving our website. In addition, to improve usability, we also use temporary cookies that are stored on your device for a specified period of time. If you visit our site again to take advantage of our services, it will automatically recognise that you have already been with us and what inputs and settings you have made, so you do not have to re-enter them. On the other hand, we use cookies in order to statistically record the use of our website and to evaluate it for the purpose of optimising our offer (see section 5). These cookies allow us to automatically recognise when you visit our site again that you have already been with us. These cookies are automatically deleted after a defined time. The data processed by cookies is done for the purposes mentioned in order to safeguard our legitimate interests as well as those of third parties according to Art. 6 (1) (f) GDPR. Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or a notice always appears before a new cookie is set. However, disabling cookies completely may mean that you cannot use all features of our website.
5. Analysis tools
Tracking tools
The tracking measures listed below and used by us are based on Art. 6 (1) (f) GDPR. With the tracking measures to be used, we want to ensure the needs-based design and the continuous optimisation of our website. We also use the tracking measures to statistically record the use of our website and evaluate it for the purpose of optimising our offer for you. These interests are to be regarded as justified within the meaning of the aforementioned provision. The respective data processing purposes and data categories can be found in the corresponding tracking tools.
i) Matomo Analytics
For the purpose of customising and continually optimising our pages, we use a self hosted version of Matomo Analytics, hereinafter: “Matomoâ€). In this context, pseudonymised usage profiles are created and cookies (see section 4) are used.The information generated by the cookie about your use of this website, includes:
- Browser type / version,
- Operating system used,
- Referrer URL (the previously visited page),
- Host name of the accessing computer (IP address, anonymized by removing the last 2 bytes),
- Time of server request.
- URL of the page you opened
- Screenresolution
- Click on external links
- The duration of your visit
- The Country, Region and City from where you visit with low accuracy as we anonymize IP addresses
- The browser language
- Interaction with forms on our site but not the content of the forms
This information is transmitted to a server in Frankfurt/Main Germany, which is owned and operated by Riddle Technolgies AG. The information is used to evaluate the use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage for the purposes of market research and tailor-made website design. This information may also be transferred to third parties if required by law or if third parties are commissioned to process this data. The IP addresses are anonymised, so that an assignment is not possible (IP masking). You can prevent the installation of cookies by setting the browser software accordingly; however, we point out that in this case not all features of this website may be fully used. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) and the processing of this data by Matomo by option out below
The opt-out cookie is only valid in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you must set the opt-out cookie again.
6. Integration of services and contents of third parties
Based on our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our online offer within the meaning of Art. 6 (1) (f) GDPR), we make use of content or services offered by third-party providers in order to provide their content and services such as videos or fonts (collectively referred to as content). For the purpose of optimising and economically operating our online offer, we also use the communication service described under 6 b). This always presupposes that the third-party providers of this content see the IP address of the users, since they could not send the content to their browser without the IP address. The IP address is therefore required for the presentation of this content. We endeavour to use only content whose respective providers use the IP address solely for the delivery of the content. Third parties may also use so-called pixel tags (invisible graphics, also referred to as "web beacons") for statistical or marketing purposes. The pixel tags can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user's device and may include, but is not limited to, technical information about the browser and operating system, referring web sites, visit time, and other information regarding the use of our online offer.
The following presentation provides an overview of third-party providers as well as their contents, as well as links to their privacy statements, which contain further notes on the processing of data and, in some cases already mentioned here, the possibility of objecting (so-called opt-out):
b) User Engage
Integration of the third-party communications service from user.com., User.com SP. Z O.O., ul. Grzybowska 87, 00-844 Warsaw, Poland (user.com). This is an instant messaging service. Integration takes place as part of the framing. Framing is the offering of a third-party content or service within a so-called frame. These frames are a direct window to the third-party online offer. As a result, all communication within the chatbox happens via an user.com server (located in France).
Privacy policy: https://user.com/en/privacy-policy/
c) Youtube
Videos from the platform YouTube of the third-party provider Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA.
Privacy policy: https://www.google.com/policies/privacy/,
Opt-Out: https://www.google.com/settings/ads/.
7. Payment services
For the purpose of charging for the service you have purchased, we use the services of Chargebee Inc (Chargebee), located at 340 S Lemon Avenue, # 1537, Walnut Creek, California 91789, USA. Chargebee is a platform that helps you make recurring payments (subscriptions and other continuing obligations). It is used especially in the case of online payment services that do not have their own way to handle regular subscription fees. The payment data stored by you in the context of the use of Chargebee is stored by Chargebee and managed accordingly (= processed).
After the (regular) payment allocation has been issued by you with the help of Chargebee, the payment is made on the respective due date. Your chosen payment service will transfer the amount due to the account maintained by us at this payment service. Data that we receive in the course of the payment process includes the account data of the respective payment service (e.g. your Paypal account ID) and your name.
his is done in accordance with Art. 6 (1) (b) GDPR in the context of the execution of contractual relationships. Or legitimate interest lies in the settlement of the contractual agreements concluded with you (including subscriptions). data obtained by us in this way will be deleted immediately after the end of the contract or after the expiry of statutory retention periods.
Which data Chargebee collects can be found here:
Privacy policy: https://www.chargebee.com/privacy/
Opt-Out: http://www.youronlinechoices.eu
http://preferences-mgr.truste.com/
8. Rights of data subjects
You have the right:
- In accordance with Art. 15 GDPR, to request information about the personal data processed by us about you. In particular, you can request information on the processing purposes, the category of personal data, the categories of recipients to whom your data has been disclosed, the planned retention period, the right to rectification, deletion, restriction of processing or objection, the existence of a right to lodge a complaint, the source of the data, if not collected from us, and the existence of automated decision-making including profiling and, where appropriate, meaningful information about the details of this;
- In accordance with Art. 16 GDPR, to immediately demand the correction of incorrect data or completion of incomplete personal data stored with us;
- In accordance with Art. 17 GDPR, to demand the deletion of your personal data stored by us, unless the processing of the data is required for the exercise of the right to freedom of expression and information, for the fulfilment of a legal obligation, for reasons of public interest or for the assertion, exercise or defence of legal claims;
- In accordance with Art. 18 GDPR, to demand the restriction of the processing of your personal data as far as the accuracy of the data is disputed by you; or the processing is unlawful, but you reject its deletion and we no longer need the data, but you need the data to assert, exercise or defend legal claims, or you have objected to the processing in accordance with Art. 21 GDPR;
- In accordance with Art. 20 GDPR, to receive your personal data provided to us in a structured, standard and machine-readable format or to request transmission to another controller;
- In accordance with Art. 7 (3) GDPR, to revoke at any time your consent previously granted to us. As a result, we are no longer allowed to continue the data processing based on this consent for the future and
- In accordance with Art. 77 GDPR, the right to lodge a complaint with a supervisory authority As a rule, you can contact the supervisory authority of your usual place of residence or work or our company headquarters for this purpose.
9. Right to objection
If your personal data is processed based on a legitimate interests in accordance with Art. 6 (1) (f) GDPR, you have the right to file an objection against the processing of your personal data in accordance with Art. 21 GDPR, provided that there are reasons for this arising from your particular situation or the objection is directed against direct marketing. In the latter case, you have a general right of objection, which shall be implemented by us without you specifying any particular situation. If you would like to exercise your right of revocation or objection, please send an e-mail to datenschutz@riddle.com
10. Data security
We use the popular SSL (Secure Socket Layer) method when you visit our site, in conjunction with the highest level of encryption supported by your browser. In general, this is 256-bit encryption. If your browser does not support 256-bit encryption, we will use 128-bit v3 technology instead. Whether an individual page of our website is encrypted is shown by the closed key or lock icon in the lower status bar of your browser. We also take appropriate technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or total loss, destruction, and against unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.
11. Up-to-dateness and amendment of this privacy policy
This privacy policy is currently valid and is dated May 2018, version 1.2. As a result of the further development of our website and offers or due to changed legal or official requirements, it may be necessary to amend this privacy policy. The latest privacy policy can be viewed and printed at any time on the website at https://www.riddle.com/legal/privacy.