With the following data protection declaration, we would like to inform you about the types of your personal data (hereinafter also referred to as “data”) that we process, for what purposes, and to what extent. The data protection declaration applies to all processing of personal data carried out by us, both in the context of the provision of our services and in particular on our websites, in mobile applications, and within external online presences, such as our social media profiles (hereinafter collectively referred to as the “Online Offer”).
The terms used are not gender-specific.
FliffGuru.com (community-driven blog/website)
E-mail address: email@example.com
The following overview summarizes the types of data processed and the purposes of their processing and refers to the data subjects.
Types of Data Processed
- Inventory data (e.g., names, addresses).
- Content data (e.g., entries in online forms).
- Contact information (e.g., email, phone numbers).
- Meta/communication data (e.g., device information, IP addresses).
- Usage data (e.g., websites visited, interest in content, access times).
- Contract data (e.g., subject matter of the contract, term, customer category).
Categories of Affected Persons
- Communication partners.
- Users (e.g., website visitors, users of online services).
- Affiliate tracking.
- Provision of our online offer and user-friendliness.
- Content Delivery Network (CDN).
- Direct marketing (e.g., by e-mail or postal mail).
- Feedback (e.g., collecting feedback via online form).
- Contact requests and communication.
- Profiles with user-related information (creation of user profiles).
- Safety measures.
- Provision of contractual services and customer service.
- Managing and responding to inquiries.
Relevant Legal Bases
Below you will find an overview of the legal basis of the GDPR on the basis of which we process personal data. Please note that in addition to the provisions of the GDPR, national data protection regulations may apply in your or our country of residence or domicile. If, in addition, more specific legal bases are relevant in individual cases, we will inform you of these in the data protection declaration.
- Consent (Art. 6 (1) p. 1 lit. a. DSGVO) – The data subject has given his/her consent to the processing of personal data concerning him/her for a specific purpose or purposes.
- Contract performance and pre-contractual requests (Art. 6 para. 1 p. 1 lit. b. DSGVO) – Processing is necessary for the performance of a contract to which the data subject is a party or for the performance of pre-contractual measures taken at the data subject’s request.
- Legitimate interests (Art. 6 (1) p. 1 lit. f. DSGVO) – Processing is necessary to protect the legitimate interests of the controller or a third party, unless such interests are overridden by the interests or fundamental rights and freedoms of the data subject, which require the protection of personal data.
We take appropriate technical and organizational measures to ensure a level of protection appropriate to the risk in accordance with the legal requirements. The measures include, in particular, ensuring the confidentiality, integrity, and availability of data by controlling physical and electronic access to the data. We have established procedures to ensure the exercise of data subject rights, the deletion of data, and responses to data compromise. Furthermore, we take the protection of personal data into account during the development or selection of hardware, software, and processes in accordance with the principle of data protection.
- IP address shortening: If IP addresses are processed by us or by the service providers and technologies used, and the processing of a full IP address is not required, the IP address is shortened (also referred to as “IP masking”) to prevent or make it significantly more difficult to identify a person by their IP address.
- SSL encryption (https): To protect your data transmitted via our online offer, we use SSL encryption.
Transmission of Personal Data
In the course of our processing of personal data, the data may be transferred to or disclosed to other entities, companies, legally independent organizational units, or persons. The recipients of this data may include service providers commissioned with IT tasks or providers of services and content that are integrated into a website. In such cases, we comply with the legal requirements and conclude appropriate contracts or agreements that serve to protect your data with the recipients of your data.
Data Processing in Third Countries
If we process data in a third country (i.e., outside the European Union (EU), the European Economic Area (EEA)), or if the processing takes place in the context of the use of third-party services or the disclosure or transfer of data to other persons, entities, or companies, this is only done in accordance with the legal requirements.
The data processed by us will be deleted in accordance with the legal requirements as soon as their consents permitted for processing are revoked or other permissions cease to apply. If the data is not deleted because it is required for other and legally permissible purposes, their processing will be limited to these purposes. We have established procedures to ensure the exercise of data subject rights, the deletion of data, and responses to data compromise.
Cookies are text files that contain data from visited websites or domains and are stored by a browser on the user’s computer. A cookie is primarily used to store information about a user during or after his visit within an online offer. Stored information may include, for example, language settings on a website, login status, a shopping cart, or where a video was watched. The term cookies also includes other technologies that perform the same functions as cookies (e.g., when user information is stored using pseudonymous online identifiers, also known as “user IDs”).
Types of Cookies
Temporary cookies (also: session cookies)
Temporary cookies are deleted at the latest after a user has left an online offer and closed his browser.
Permanent cookies remain stored even after the browser is closed. For example, login status can be saved or preferred content can be displayed directly when the user revisits a website. Likewise, the interests of users used for reach measurement or marketing purposes may be stored in such a cookie.
First-party cookies are set by us.
Third-party cookies (also: third-party cookies)
Third-party cookies are mainly used by advertisers (so-called third parties) to process user information.
Necessary (also: essential or absolutely necessary) cookies
Cookies may be absolutely necessary for the operation of a website (e.g., to store logins or other user inputs or for security reasons).
Statistics, marketing, and personalization cookies
If we do not provide you with explicit information about the storage period of permanent cookies (e.g., in the context of a so-called cookie opt-in), please assume that the storage period can be up to two years.
Objection and Opt-Out
Cookie Consent Management
Processing of Cookie Data on the Basis of Consent
Provision of the Online Offer and Web Hosting
To provide our online offer securely and efficiently, we use the services of one or more web hosting providers. These providers offer infrastructure and platform services, computing capacity, storage space, and database services, as well as security services and technical maintenance services. The data processed in the course of providing the hosting service may include all information concerning the users of our online service that is generated in the course of use and communication. This regularly includes the IP address, which is necessary to be able to deliver the contents of online offers to browsers, and all entries made within our online offer or from websites.
Email Sending and Hosting
The web hosting services we use also include the sending, receiving, and storing of emails. For these purposes, the addresses of the recipients and senders, as well as further information concerning the email dispatch (e.g., the providers involved) and the contents of the respective emails, are processed. The aforementioned data may also be processed for spam detection purposes. Please note that emails are generally not sent encrypted over the Internet. As a rule, emails are encrypted in transit but not on the servers from which they are sent and received. Therefore, we cannot assume any responsibility for the transmission path of emails between the sender and the reception on our server.
Collection of Access Data and Log Files
We ourselves (or our web hosting provider) collect data on every access to the server (so-called server log files). The server log files may include the address and name of the web pages and files accessed, the date and time of access, the volume of data transferred, notification of successful access, browser type and version, the user’s operating system, referrer URL (the previously visited page), and, as a rule, IP addresses and the requesting provider. The server log files may be used, on the one hand, for security purposes (e.g., to prevent server overload, especially in the case of abusive attacks) and, on the other hand, to ensure the utilization of the servers and their stability.
Content Delivery Network (CDN)
We use a content delivery network (CDN) to deliver the content of our online offering, such as large media files, more quickly and securely. The CDN works by distributing the content across regionally distributed servers connected via the internet.
Blogs and Publication Media
We use blogs or comparable means of online communication and publication. When users leave comments or other contributions, their IP addresses may be stored based on our legitimate interests. This is done for our security in case someone leaves illegal content in comments and posts. Furthermore, we reserve the right to process the user’s data for the purpose of spam detection on the basis of our legitimate interests.
Comments and Contributions
Contact and Request Management
When contacting us, the information of the inquiring persons is processed to the extent necessary to respond to the contact requests and any requested measures. The answering of contact inquiries as well as the administration of contact and inquiry data in the context of contractual or pre-contractual relationships is carried out to fulfill our contractual obligations or to answer (pre)contractual inquiries and otherwise on the basis of legitimate interests.
We process personal data for online marketing purposes, which may include marketing advertising space or displaying promotional and other content based on users’ potential interests and measuring its effectiveness. For these purposes, user profiles are created and stored, and IP addresses are also stored. However, we use available IP masking methods to protect users’ identities. We only receive access to aggregate information about the success of our advertisements. Conversion measurement is used solely to analyze the success of our marketing efforts.
Objection and Opt-Out
We refer to the data protection notices of the respective providers and the objection options (so-called “opt-out”) given to the providers. If no explicit opt-out option has been specified, you have the option of disabling cookies in your browser settings. However, this may restrict the functionality of our online offer. We recommend the following opt-out options:
Services Used and Service Providers
Affiliate Programs and Affiliate Links
We include affiliate links or other references to the offers and services of third-party providers in our online offer. When users follow the affiliate links or subsequently take advantage of the offers, we may receive a commission or other benefits from these third parties.
Shoutout to our friends at CashPick