PXLBASE
0
PXLBASE
nl flag nl
de flag Deutsch en flag English fr flag Français nl flag Nederlands it flag Italiano es flag Español sv flag Svenska fi flag Suomi
Contact Colofon Privacy AV Admin FAQ

Privacy Policy

A trusting and secure handling of personal data is very important to us. We observe the regulations of the EU General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG) as well as other European regulations and would like to inform you in detail and transparently about the processing of your personal data in this privacy policy.

Personal data is all data that relates to you personally, e.g. name, address, email addresses or user behavior. With regard to the further terms used below, such as "controller" or "processor", we refer to the definitions in Art. 4 GDPR.

1. Controller

The collection, processing and use of personal data in connection with the use of the website www.pxlbase.de and other data processing processes described herein is carried out by:

[Your Company Name, e.g. PXLBASE GmbH / Max Mustermann]
[Your Street and House Number]
[Your Zip Code and City]
Email: support@pxlbase.de

2. Data Protection Officer

(Note: If you do not have to appoint a data protection officer, you can remove this point. If you do, enter the details here:)
If you have any questions about data protection, please write us an email or contact our data protection officer directly. You can reach them at the following contact details:

[Name of the Data Protection Officer / Company]
[Street]
[Zip Code and City]
Email: [Email address of the Data Protection Officer]

3. Collection, processing and use of personal data

We only collect, process and/or use personal data if you have consented or if this is permitted by law. This "prohibition with reservation of permission" applicable in data protection law means that processing may only take place on the basis of consent or a statutory permission provision. The most important and relevant permission provisions for us can be found in Art. 6 (1) GDPR. These relate in particular to the case,

  • that consent of the person concerned is present, cf. Art. 6 (1) lit. a in conjunction with Art. 7 GDPR,
  • that the processing of personal data is necessary for the fulfillment of our contractual obligations, cf. Art. 6 (1) lit. b GDPR,
  • or that the processing is based on our legitimate interests (e.g. analysis and further development of our products, increasing economic efficiency), cf. Art. 6 (1) lit. f GDPR.

4. Type of data and purpose

A. Informational use

In the case of mere informational use of our website, i.e. if you do not register or otherwise transmit information to us, we only collect the personal data that your browser transmits to our servers.
When you call up our website, based on our legitimate interests pursuant to Art. 6 (1) lit. f GDPR, we collect the following data, which is technically necessary for us to display our website to you and to ensure data security as well as the stability and safety of our IT systems:

  • IP address
  • the domain name of the website you came from
  • the websites you have visited on our site
  • the names of the accessed files
  • Date and time of access
  • the name of your internet service provider
  • and, if applicable, the operating system and browser version of your PC.

B. Contact by email

When establishing contact with us by email, we process the data you have provided (your email address, possibly your name, telephone number and other information) in order to process and answer your questions; The legal basis is Art. 6 (1) lit. f GDPR.

C. Online Shop

We process inventory data (e.g. names and addresses as well as contact data of users), contract data (e.g. services used, names of contact persons, payment information) for the purpose of fulfilling our contractual obligations and services according to Art. 6 (1) lit b. GDPR.

Users can optionally create a user account by which they can view their orders in particular. As part of the registration process, the necessary mandatory information will be communicated to the users. The user accounts are not public and cannot be indexed by search engines. It is the responsibility of the users to back up their data prior to the end of the contract if they have terminated their account. In the event of a user account termination, we are entitled to irretrievably delete all of the user's data stored during the term of the contract.

As part of the registration and renewed logins, as well as use of our online services, we store the IP address and the time of the respective user action. The storage is based on our legitimate interests, as well as the user's protection against misuse and other unauthorized use. This data is basically not passed on to third parties, unless it is necessary to pursue our claims or there is a legal obligation to do so according to Art. 6 (1) lit. c GDPR.

We process usage data (e.g. the visited web pages of our online offer, interest in our products) and content data (e.g. entries in the contact form or user profile) for advertising purposes in a user profile, to display product tips to the user based on their previously used services, for instance.

D. Photography at sports events / events

If you participate in an event where we have been commissioned by the organizer as a photo service or where our photographers are active, we may collect image material on which you can be personally recognized, potentially with your participant number for the event (e.g. start number).

We use the data collected at the events to fulfill our obligation as a photo service provider originating from the underlying contract with the organizer as well as in our own economic interest to market the photos of the event to interested participants via our website www.pxlbase.de. Every participant of such an event must expect that photos of such events will be marketed as memories or souvenirs.

The legal basis is our aforementioned legitimate interests according to Art. 6 (1) lit. f GDPR. You can object to this processing in accordance with Section 12. To capture the corresponding photos, we solely employ photographers whom we have contractually bound to data protection laws in alignment with the EU General Data Protection Regulation.

E. PXLBASE search function (Facial recognition via AWS)

We offer various search functions that allow participants to search our databases for their pictures of a specific event. We offer the possibility for participants to upload a selfie/picture of themselves to our platform, based on which we search our database utilizing an algorithm to provide pictures of the participant.

In this process, the anonymized hash of the uploaded face is compared with the hash values of our anonymized database of the event for the purpose of a similarity analysis. We utilize services from Amazon Web Services (AWS) (Amazon Rekognition) for this technology.

When a corresponding request is made via the search function, the IP address of the user is processed since it is technically necessary. If you upload pictures of yourself for the purpose of the comparison, the processing of the data takes place exclusively for the purpose of identification and provision of your own pictures. Uploaded selfie pictures are not stored permanently following the query and identification.

The legal basis for the processing of the uploaded images is the explicit consent of the user according to Art. 9 (2) lit. a GDPR, which is obtained prior to the upload of the images. The consent can be revoked at any time with effect for the future.

5. Purpose of the collection, processing or use of personal data

Unless otherwise stated, we collect, process or use your provided personal data to fulfill our obligations stemming from the underlying contracts (e.g. ordering of goods or services, enabling access to various platforms), cf. Art. 6 (1) lit. b GDPR.
Otherwise, we collect, process or use the depicted personal data based on our legitimate interest to enable the use of our website and to ensure its IT security, cf. Art. 6 (1) lit. f GDPR.

6. Duration of storage of personal data or criteria for the storage duration

The data stored by us will be deleted as soon as they are no longer necessary for their intended purpose, or the storage is no longer necessary for the handling or execution of the contract and the deletion does not conflict with any legitimate interests on our part or statutory retention obligations. Assuming the user's data is not deleted because it is necessary for other and legally permissible purposes, its processing will be restricted. I.e. the data will be blocked and not processed for other purposes. This applies, for example, to user data that must be retained for commercial or tax reasons (6 years in accordance with § 257 (1) HGB and 10 years in accordance with § 147 (1) AO).

7. No unauthorized disclosure to third parties

We treat the personal data you provide with the utmost care. We solely transmit the data to third parties if this is necessary for the execution and processing of agreed contractual relationships, if you have given us your consent to do so, or if the transmission is otherwise permissible based on relevant statutory provisions.

8. Protection of personal data

We secure both our website as well as the data stored in our area of responsibility against loss, destruction, unauthorized access, alteration or publication by unauthorized persons through a bundle of technical and organizational measures corresponding to the current state of technology.
The entry and transmission of personal data is encrypted using the SSL method (Secure-Socket-Layer). Due to the encryption of the transmission, you can assume that your entered data can only be read by us.

9. Use of cookies

In addition to the aforementioned data, technical aids for various functions are used when utilizing our website, in particular cookies, which can be stored on your end device.

  • Transient cookies: Such cookies, particularly session cookies, are automatically deleted upon closing the mobile app or by logging out.
  • Persistent cookies: Such cookies are automatically deleted after a specified period, which varies depending on the cookie.

The technical structure of the website requires us to utilize techniques, specifically cookies. Without these techniques, our website cannot be used (completely accurately). The storage of necessary and functional cookies on your device therefore takes place on the basis of Section 25 (2) No. 2 of the Telecommunications-Telemedia Data Protection Act (TTDSG) as well as Art. 6 (1) Clause 1 lit. f GDPR.
We employ all other cookies on the basis of Section 25 (1) TTDSG and Art. 6 (1) lit. a GDPR, given you have given us your consent via the Consent Manager upon your first visit to our website.

10. Integration of third-party services and content

Within the scope of our online offer, we utilize content or service offerings of third-party providers on the basis of our legitimate interests (Art. 6 (1) lit. f. GDPR) in order to integrate their content and services. The IP address is mandatory for the depiction of these contents.

  • Hosting and image processing (Amazon Web Services - AWS): We utilize services from Amazon Web Services EMEA SARL, 38 Avenue John F. Kennedy, 1855 Luxembourg, for hosting our platform, storing image databases as well as for voluntary facial recognition searches. Data may also be processed on servers in the US during this process. AWS has committed to complying with European data protection standards. For further information on data protection at AWS, see: https://aws.amazon.com/de/privacy/
  • Payment service provider (Stripe): For the processing of payments (credit card, etc.) in our online shop, we employ the payment service provider Stripe Payments Europe, Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland. When you instigate a payment, your payment details (e.g., credit card number, invoice amount, name) are directly transferred to Stripe and processed there. The processing occurs for the fulfillment of the contract according to Art. 6 (1) lit. b GDPR. Further information can be found at: https://stripe.com/de/privacy
  • Instagram: Functions of the Instagram service are integrated within our online offering. These functions are offered by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. If you are logged into your Instagram account, you can link the contents of our pages with your profile by clicking the Instagram button. This enables Instagram to associate the visit to our pages with your user account. Privacy policy: https://instagram.com/about/legal/privacy/
  • Facebook: Functions of Facebook (Meta Platforms Ireland Limited) are likewise integrated on our site. When visiting the site, the plugin establishes a direct connection between your browser and the Facebook server. As a result, Facebook receives the information that you have visited our site with your IP address. Privacy policy: https://de-de.facebook.com/policy.php

11. Rights of data subjects

You have the following rights vis-à-vis us with regard to personal data concerning you:

  • Right to information according to Art. 15 GDPR,
  • Right to rectification or deletion according to Art. 16 GDPR or Art. 17 GDPR,
  • Right to restriction of processing according to Art. 18 GDPR,
  • Right to data portability according to Art. 20 GDPR,
  • Right to object to the processing according to Art. 21 GDPR.

You additionally hold the right to complain to a data protection supervisory authority about the processing of your personal data by us. The responsible authority is the State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia, P.O. Box 20 04 44, 40102 Düsseldorf.

12. Objection to or revocation of processing

If you have given your consent to the processing of your data, you can revoke it at any time. Such a revocation influences the permissibility of the processing of your personal data after you have pronounced it to us.

AS FAR AS WE BASE THE PROCESSING OF YOUR PERSONAL DATA ON THE BALANCING OF INTERESTS ACCORDING TO ART. 6 (1) LIT. F GDPR, YOU CAN RAISE AN OBJECTION TO THE PROCESSING. IN THE EXERCISE OF SUCH AN OBJECTION, WE ASK YOU TO EXPLAIN THE REASONS WHY WE SHOULD NOT PROCESS YOUR PERSONAL DATA AS CONDUCTED BY US. IN THE EVENT OF YOUR REASONED OBJECTION, WE WILL EXAMINE THE SITUATION AND EITHER CEASE OR ADJUST DATA PROCESSING OR POINT OUT TO YOU OUR COMPELLING LEGITIMATE GROUNDS FOR CONTINUING THE PROCESSING.

YOU CAN OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA FOR ADVERTISING AND DATA ANALYSIS PURPOSES AT ANY TIME. YOU CAN INFORM US OF YOUR ADVERTISING OBJECTION UNDER THE CONTACT DETAILS LISTED IN SECTION 1.

13. Changes to the Privacy Policy

We reserve the right to change the privacy policy in order to adapt it to changed legal situations or in the event of changes to the service as well as data processing. This only applies, however, with regard to declarations concerning data processing. Provided user consents are required or components of the privacy policy contain regulations of the contractual relationship with the users, the changes will solely be made with the consent of the users. Users are asked to inform themselves regularly regarding the content of the privacy policy.

14. Questions, comments, pointers

We are happy to answer your questions regarding data protection and welcome comments and pointers. Please write an email to support@pxlbase.de or contact the following mailing address in writing:

[Your Company Name / PXLBASE GmbH]
[Your Street and House Number]
[Your Zip Code and City]