To see our data processing agreement please visit this page.
We at Riddle Technologies AG (Riddle) take the protection of your personal data very seriously. Your privacy is important to us.
We process your personal data in accordance with the applicable statutory data protection requirements for the following purposes.
If you have been in contact with Riddle services, for example by responding to a quiz created with our software, we guarantee that we will not collect, store or process any personal data about you. The data we collect is merely aggregated data (i.e. a statistical evaluation is made of how often a particular question has been answered with a specific answer). In doing so, Riddle deliberately does not collect any data as to which response came from which user. The services we offer only require anonymous data, so we cannot draw any conclusions about your person.
2. Name and contact details of the controller and the company data protection officer
Riddle Technologies AG, Lenaustr. 1, 66125 Saarbrücken
The company data protection officer of Riddle Technologies AG is reachable under the above address care of Mr. Clasen, or at firstname.lastname@example.org.
3. Collection and storage of personal data and the nature and purpose of its use
Personal data is information that helps to identify a person, i.e. information that can be traced back to a person. This includes name, e-mail address or phone number. But it also includes data about preferences, hobbies, memberships or which websites were viewed by someone. Personal data is only collected, used and passed on by the provider if this is permitted by law or if the users consent to the data collection.
a) When visiting the website
When visiting our website www.riddle.com the browser used on your device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file. The following information will be collected without your intervention and stored until automated deletion:
- IP address of the requesting computer,
- Date and time of access,
- Name and URL of the retrieved file,
- Website from which the access is made (referrer URL),
- Browser used and, if applicable, the operating system of your computer as well the name of your access provider.
The data mentioned is processed by us for the following purposes:
- To ensure a smooth connection of the website,
- To ensure comfortable use of our website,
- To evaluate system security and stability, and
- For further administrative purposes.
The legal basis for data processing is Art. 6 (1) (f) GDPR. Our legitimate interest follows from the data collection purposes listed above. In no case do we use the collected data for the purpose of drawing conclusions about your person.
b) When using our contact form For any questions you might have, we offer you the possibility to contact us via a form provided on the website. It is necessary to provide a valid e-mail address so that we know who the request came from and can answer it. Further information can be provided voluntarily. The data processing for the purpose of contacting us is based on your voluntarily granted consent in accordance with Art. 6 (1) (a) GDPR. The personal data collected by us for the use of the contact form will be automatically deleted after completion of the request made by you.
3. Disclosure of data
A transfer of your personal data to third parties for purposes other than those listed below does not take place. We only share your personal data with third parties if:
- You have expressly consented to this according to Art. 6 (1) (a) GDPR have expressly consented to this,
- Disclosure pursuant to Art. 6 (1) (f) GDPR is required to assert, exercise or defend legal claims and there is no reason to assume that you have a prevailing legitimate interest in not disclosing your data,
- There is a legal obligation to disclosure pursuant to Art. 6 (1) (c) GDPR, and
- This is legally permissible and, according to Art. 6 (1) (b) GDPR is required for the settlement of contractual relationships with you.
5. Analysis tools
The tracking measures listed below and used by us are based on Art. 6 (1) (f) GDPR. With the tracking measures to be used, we want to ensure the needs-based design and the continuous optimisation of our website. We also use the tracking measures to statistically record the use of our website and evaluate it for the purpose of optimising our offer for you. These interests are to be regarded as justified within the meaning of the aforementioned provision. The respective data processing purposes and data categories can be found in the corresponding tracking tools.
i) Matomo AnalyticsFor the purpose of customising and continually optimising our pages, we use a self hosted version of Matomo Analytics, hereinafter: "Matomo". In this context, pseudonymised usage profiles are created and cookies (see section 4) are used.
The information generated by the cookie about your use of this website, includes:
- Browser type / version,
- Operating system used,
- Referrer URL (the previously visited page),
- Host name of the accessing computer (IP address, anonymized by removing the last 2 bytes),
- Time of server request.
- URL of the page you opened
- Click on external links
- The duration of your visit
- The Country, Region and City from where you visit with low accuracy as we anonymize IP addresses
- The browser language
- Interaction with forms on our site but not the content of the forms
This information is transmitted to a server in Frankfurt/Main Germany, which is owned and operated by Riddle Technolgies AG. The information is used to evaluate the use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage for the purposes of market research and tailor-made website design. This information may also be transferred to third parties if required by law or if third parties are commissioned to process this data. The IP addresses are anonymised, so that an assignment is not possible (IP masking). You can prevent the installation of cookies by setting the browser software accordingly; however, we point out that in this case not all features of this website may be fully used. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) and the processing of this data by Matomo by option out below
The opt-out cookie is only valid in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you must set the opt-out cookie again.
6. Integration of services and contents of third parties
Based on our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our online offer within the meaning of Art. 6 (1) (f) GDPR), we make use of content or services offered by third-party providers in order to provide their content and services such as videos or fonts (collectively referred to as content). For the purpose of optimising and economically operating our online offer, we also use the communication service described under 6 b). This always presupposes that the third-party providers of this content see the IP address of the users, since they could not send the content to their browser without the IP address. The IP address is therefore required for the presentation of this content. We endeavour to use only content whose respective providers use the IP address solely for the delivery of the content. Third parties may also use so-called pixel tags (invisible graphics, also referred to as "web beacons") for statistical or marketing purposes. The pixel tags can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user's device and may include, but is not limited to, technical information about the browser and operating system, referring web sites, visit time, and other information regarding the use of our online offer.
The following presentation provides an overview of third-party providers as well as their contents, as well as links to their privacy statements, which contain further notes on the processing of data and, in some cases already mentioned here, the possibility of objecting (so-called opt-out):
a) User Engage
Integration of the third-party communications service from user.com., User.com SP. Z O.O., ul. Grzybowska 87, 00-844 Warsaw, Poland (user.com). This is an instant messaging service. Integration takes place as part of the framing. Framing is the offering of a third-party content or service within a so-called frame. These frames are a direct window to the third-party online offer. As a result, all communication within the chatbox happens via an user.com server (located in France).
7. Rights of data subjects
You have the right:
- In accordance with Art. 15 GDPR, to request information about the personal data processed by us about you. In particular, you can request information on the processing purposes, the category of personal data, the categories of recipients to whom your data has been disclosed, the planned retention period, the right to rectification, deletion, restriction of processing or objection, the existence of a right to lodge a complaint, the source of the data, if not collected from us, and the existence of automated decision-making including profiling and, where appropriate, meaningful information about the details of this;
- In accordance with Art. 16 GDPR, to immediately demand the correction of incorrect data or completion of incomplete personal data stored with us;
- In accordance with Art. 17 GDPR, to demand the deletion of your personal data stored by us, unless the processing of the data is required for the exercise of the right to freedom of expression and information, for the fulfilment of a legal obligation, for reasons of public interest or for the assertion, exercise or defence of legal claims;
- In accordance with Art. 18 GDPR, to demand the restriction of the processing of your personal data as far as the accuracy of the data is disputed by you; or the processing is unlawful, but you reject its deletion and we no longer need the data, but you need the data to assert, exercise or defend legal claims, or you have objected to the processing in accordance with Art. 21 GDPR;
- In accordance with Art. 20 GDPR, to receive your personal data provided to us in a structured, standard and machine-readable format or to request transmission to another controller;
- In accordance with Art. 7 (3) GDPR, to revoke at any time your consent previously granted to us. As a result, we are no longer allowed to continue the data processing based on this consent for the future and
- In accordance with Art. 77 GDPR, the right to lodge a complaint with a supervisory authority As a rule, you can contact the supervisory authority of your usual place of residence or work or our company headquarters for this purpose.
8. Right to objection
If your personal data is processed based on a legitimate interests in accordance with Art. 6 (1) (f) GDPR, you have the right to file an objection against the processing of your personal data in accordance with Art. 21 GDPR, provided that there are reasons for this arising from your particular situation or the objection is directed against direct marketing. In the latter case, you have a general right of objection, which shall be implemented by us without you specifying any particular situation. If you would like to exercise your right of revocation or objection, please send an e-mail to email@example.com
9. Data security
We use the popular SSL (Secure Socket Layer) method when you visit our site, in conjunction with the highest level of encryption supported by your browser. In general, this is 256-bit encryption. If your browser does not support 256-bit encryption, we will use 128-bit v3 technology instead. Whether an individual page of our website is encrypted is shown by the closed key or lock icon in the lower status bar of your browser. We also take appropriate technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or total loss, destruction, and against unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.