Privacy Policy
We appreciate your interest in our website www.lawgames.com (hereinafter referred to as “website”). We respect your privacy and take the protection of your personal data very seriously. Therefore, we collect and process your personal data exclusively in accordance with the applicable legal provisions, in particular the European General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG), and the Telecommunications-Telemedia Data Protection Act (TTDSG).
This privacy policy explains which types of personal data we collect when you visit our website and how we process this data.
1. Controller
The controller responsible for data processing (Art. 4 No. 7 GDPR) is:
LawGames GmbH
Starnberger Straße 24, D-82131 Gauting
Phone: +49 173 7017155
Email: datenschutz@lawgames.com
2. What are personal data?
Personal data (Art. 4 No. 1 GDPR) means any information relating to an identified or identifiable natural person. This includes your name, address, telephone number, fax number, and email address. Non-personal data, on the other hand, are general information which cannot be used to identify you (e.g. the number of visitors to our website).
3. Collection and processing of personal data, scope, purposes and legal basis for data processing
You can generally visit our website, which is primarily informative, without providing us with personal data that directly identifies you. Below we provide you with detailed information about when we process personal data, which personal data this concerns, for which purposes we process your personal data, and on what legal basis this happens.
3.1 Server log files (including IP address)
Scope and content of data processing
When you visit our website, our web server automatically collects access data transmitted by your browser due to technical necessity. This usually includes your IP address, date and time of your visit to our website, the pages you visited, the website you came from, the browser you used (e.g. Mozilla Firefox or Google Chrome), your operating system (e.g. Windows 11), and the domain name and address of your internet provider (e.g. Deutsche Telekom or 1&1).
Purposes and legal basis for data processing
The processing of your access data is technically necessary to enable communication with our web server and to provide you with our website. We also process this data to ensure, as far as technically possible and reasonable, the integrity, stability and functionality of our website and to prevent attacks. The processing is necessary to safeguard our legitimate interests in providing and ensuring the technical integrity of our website (Art. 6 para. 1 lit. f GDPR). Without providing this data, use of our website would not be technically possible.
In addition, in the event of system abuse, we may process information collected by our web server in cooperation with your internet provider and/or local authorities to identify the perpetrator of the abuse. The legal basis for this is our legitimate interests (Art. 6 para. 1 lit. f GDPR) to protect the integrity of our website, our system, and visitors to our website.
3.2 Google Analytics 4
Scope and content of data processing
On our website, we use the web analytics service Google Analytics 4 provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “Google”). Google Analytics 4 is used to analyze the use of our website and to generate reports on website activity. The data collected include IP address, date and time of page views, click paths, browser and device information, visited pages, referrer URL, location data, and purchase activities. The IP address is anonymized before storage and is not merged with other Google data.
Google uses technologies such as cookies and tracking pixels to enable website usage analysis. The data collected by Google Analytics 4 are generally transmitted to and stored on servers in the USA. Since there is no EU adequacy decision for the USA, data transfer is based on the EU standard contractual clauses pursuant to Art. 46 GDPR.
Purposes and legal basis for data processing
The purpose of data processing by Google Analytics 4 is to analyze the use of our website and continuously optimize our offerings on this basis. The use of Google Analytics 4 takes place with your consent pursuant to § 25 para. 1 TTDSG in conjunction with Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time with effect for the future.
We also use Google Analytics demographic reports that include anonymized data such as age, gender, and interests. These reports can be disabled in the ad settings. Further information can be found at: https://policies.google.com/privacy/frameworks.
3.3 Borlabs Cookie
On our website, we use the service Borlabs Cookie by Borlabs GmbH (Rübenkamp 32, 22305 Hamburg) to allow visitors to our website to set their cookie preferences. In the Borlabs Cookie box, you can save your selection of permitted or rejected cookie categories. Processing is based on our legitimate interest pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR for the smooth operation of our website and the use of a reliable and user-friendly cookie management.
3.4 Google Tag Manager
On our website, we use Google Tag Manager, a service of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland). Google Tag Manager is a cookie-less domain that does not collect personal data. It allows tags to be managed via an interface. These tags may themselves collect data, but Google Tag Manager does not access this data. Google Tag Manager provides cookies to control enhanced script and event handling to enable the basic functions of the website.
The use of Google Tag Manager is based on our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR for the integration of tracking and analytics tools as well as for contract fulfillment pursuant to Art. 6 para. 1 sentence 1 lit. b GDPR. If deactivation is made at domain or cookie level, this remains effective for all tracking tags implemented with Google Tag Manager. Consent for use is obtained via our cookie banner pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR.
3.5 Google Conversion Tracking
On our website, we use Google Conversion Tracking, a service of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) to statistically record the use of our website and to create conversion statistics. If you arrive on our website via a Google ad, a conversion cookie is stored on your device. These cookies enable Google and us to recognize whether a user clicked on an ad and was redirected to a page with a conversion tracking tag. Each AdWords account receives its own cookie, which is used exclusively for generating conversion statistics. Cookies cannot be tracked across AdWords customers’ websites.
The information collected via the conversion cookie allows us to record the total number of users who clicked on an ad and were redirected to a page with a conversion tracking tag. However, we do not receive any personal data that would allow conclusions to be drawn about the identity of users. The purpose of data collection is to optimize our offer.
The legal basis for use is your consent pursuant to Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time via the cookie settings.
4. Disclosure of personal data
4.1 We will not disclose your personal data to third parties unless this is necessary for the use of our website (Art. 6 para. 1 lit. b GDPR), you have consented to the disclosure (Art. 6 para. 1 lit. a GDPR), or disclosure is permitted under applicable legal provisions.
4.2
We are entitled, within the scope of data protection regulations, to outsource the processing of your personal data in whole or in part to external service providers who act as processors (Art. 4 No. 8 GDPR) on our behalf. External service providers especially provide, operate, maintain, and support our website. The service providers commissioned by us process your data exclusively according to our instructions within the framework of a data processing agreement (Art. 28 GDPR). We remain responsible for protecting your data, which is ensured by strict contractual regulations, technical and organizational measures, and additional controls by us.
External service providers supporting us in operating this website process personal data exclusively on our behalf and based on Art. 28 GDPR. A corresponding overview of our current or future processors, including a description of the respective services and the existence of an adequate data protection level, can be found in the following table. The use of certain services, such as analysis or tracking tools, is only carried out with your prior consent.
4.3 Personal data may also be processed and disclosed to third parties in other ways if we are legally obliged to do so (e.g. by court order or to fulfill legal obligations) (Art. 6 para. 1 lit. c GDPR) or if this is necessary to support criminal or legal investigations or other legal proceedings domestically or abroad.
5. Data transfer to third countries
We use services from providers that are partially located in so-called third countries, i.e. countries outside the European Union (EU) or the European Economic Area (EEA) that do not provide an adequate level of data protection equivalent to EU standards. Data processing in these countries takes place only if an adequate level of data protection is ensured according to the special safeguards of Art. 44 ff. GDPR.
If the European Commission has not issued an adequacy decision for these countries pursuant to Art. 45 GDPR, we take appropriate measures to ensure an adequate level of data protection for the transfer of your personal data. These measures include in particular the conclusion of EU standard contractual clauses pursuant to Art. 46 para. 2 lit. c and d in conjunction with Art. 47 GDPR or binding internal data protection regulations that comply with European data protection law.
If such safeguards cannot be applied, we base the transfer of personal data on exceptions according to Art. 49 GDPR, e.g. on your explicit consent or the necessity of the transfer to fulfill contractual obligations.
Please note that in data transfers to third countries without an adequate data protection level and without appropriate guarantees, authorities of the respective third country, such as intelligence agencies, may gain access to your personal data. In such cases, your rights as a data subject may not be fully enforceable. We will explicitly inform you of these risks as part of your consent.
6. Storage duration
Your personal data will only be stored by us for as long as necessary to achieve the respective purpose or – insofar as there are statutory retention periods beyond that (e.g. in the Commercial Code and Tax Code) – for the duration of the legally required retention.
7. Your data protection rights
According to applicable data protection law, you have the following rights subject to the respective legal requirements. To enforce your data protection rights, you can contact us at any time using the contact details provided in section 1.
7.1 Right to object (Art. 21 GDPR)
You have the right to object at any time, for reasons arising from your particular situation, to the processing of your personal data based on legitimate interests (Art. 6 para. 1 lit. f GDPR). We will no longer process your personal data after an objection unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or the processing serves the assertion, exercise or defense of legal claims (see Art. 21 para. 1 GDPR). In this case, you must state grounds related to your particular situation for the objection.
7.2 Right to access, rectification, erasure and restriction (Arts. 15 ff. GDPR)
You have the right to obtain information at any time about your personal data stored by us. If we process your personal data, we endeavor to ensure by appropriate measures that your personal data are accurate and up to date for the purposes for which they were collected. If your personal data are incorrect or incomplete, you may request the correction of these data. Furthermore, you may have the right to request the deletion or restriction of processing of your personal data if, for example, there is no legitimate business purpose for such processing under this privacy policy or applicable law and statutory retention obligations do not require further storage.
7.3 Right to data portability (Art. 20 GDPR)
You may have the right to receive the personal data concerning you that you have provided to us in a structured, commonly used and machine-readable format or to transmit these data to another controller.
7.4 Right to withdraw your consent (Art. 7 para. 3 GDPR)
If you have consented to the collection and processing of your personal data, you may revoke your consent at any time with effect for the future without affecting the lawfulness of the processing based on the consent until revocation.
7.5 Right to lodge a complaint with a supervisory authority (Art. 20 GDPR)
You have the right to lodge a complaint with the competent supervisory authority (in particular the supervisory authority in the Member State of your residence, workplace or the place of the alleged infringement) if you believe that the processing of your personal data is unlawful. The competent data protection supervisory authority for us is:
Bavarian Data Protection Authority (BayLDA)
Promenade 18, D-91522 Ansbach
Phone +49 981 180093-0
Fax +49 981 180093-800
E-Mail poststelle@lda.bayern.de
8. Data transfer and security
We take appropriate measures to secure your personal data. For security reasons, our website uses SSL/TLS encryption. You can recognize a secure connection by the “https://” in your browser’s address bar and the padlock symbol in the browser window.
Our security measures are subject to continuous improvement and optimization processes. Please always use the latest version of your respective browser to ensure your personal data is optimally protected.
9. Automated decision-making
We do not use automated decision-making pursuant to Art. 22 GDPR on our website.
10. Reservation of changes
We reserve the right to amend this privacy policy in compliance with legal requirements. This may be necessary, for example, to comply with new legal provisions or to consider new functions of our website. However, we will at all times treat your personal data in accordance with the version of the privacy policy that was in effect at the time of the collection of this information.
