DATA PROTECTION POLICY
The following data protection policy informs users about the type, extent and purpose of the collection and use of personal details by MyPostcard.com GmbH, the provider responsible for this website and its sub-pages (hereinafter the 'service').
The service comprises the creation and sending of postcards, printed with photos belonging to the user of the service.
II.ENTRY OF DATA BY THE USER
II.1.PERSONAL DETAILS AND THEIR USE
Personal details are individual pieces of information about personal or factual circumstances of a specific or identifiable natural person. These include, for example, name, email address and telephone number.
In the context of the service, personal details are only collected and used to the extent permitted by law or to which the user has consented. The same applies to the communication of personal details to others.
The service stores cookies in the user's browser. Cookies are text files that simplify visits to the service by storing login details, for example, or recording when and how often a user visits the service. Saving of cookies can be switched off entirely in all standard browsers.
The service enables the user to contact the provider. This is possible, for example, by the provision of a contact form or sending of an email to the provider. The information that the user provides in making contact is saved in order to process the query and handle any subsequent correspondence.
II.4.BLOG: COMMENTS AND CONTRIBUTIONS
The service also includes a blog area. In order to protect itself against illegal material, the provider saves the IP address of any user who makes a contribution to the blog or comments on his own contributions or those of others.
II.5.BLOG: SUBSCRIPTION TO COMMENTS
In order to enhance discussion on the blog, users are given the opportunity to subscribe to comments following on from their own. This is done by entering the user's own email address. In order to ensure that the person entering the email address is also the owner of that email address, a confirmation email is sent to the address, which also provides information about cancelling the subscription. The provider also saves the IP address and the date of subscription to prevent any misuse of the email address. The details required to register for the subscription and send emails are not used for other purposes or communicated to third parties. Consent to saving these details may be revoked at any time by sending an email to the provider or by means of a link provided in every information email.
II.6.SUBSCRIPTION TO NEWSLETTERS
In order to receive the newsletter, the user must enter an email address. In order to ensure that the person entering the email address is also the owner of that email address, a confirmation email is sent to the address, which also provides information about cancelling the newsletter. The provider also saves the IP address and the date of registration to prevent any misuse of the email address. The details required to register for the newsletter and send it out are not used for other purposes or communicated to third parties. Consent to saving these details may be revoked at any time by sending an email to the provider or by means of a link provided in every information email.
Users of the service can register for the websites belonging to the service. The details provided are used for usage of the service. Details of the recipients of the postcards are not required for registration. They are only saved for posting and then deleted. The user's details are also used to inform the user of changes to the extent of the service or technical changes by email. Registration includes entering the following details:
Date of birth
In addition, the IP address used for registration and the date of registration are saved to prevent misuse of the registration function.
Your personal data is encrypted during the ordering process using SSL (Secure Socket Layer) over the Internet. Credit card information is not stored, but charged directly by our payment service provider and processed. We secure our website and other systems through technical and organisational measures against loss, destruction, access, modification or distribution of your data by unauthorised persons.
III. VISITING OUR SITE
In addition to the entry of personal details, the provider and third parties also collect data automatically during use. The use of the service includes interaction with third parties.
III.1. ACCESS DATA/SERVER LOG FILES
The user's visit to the provider's website is saved in a record file (so-called server log files). For this purpose, the provider (e.g. a web space provider) collects the following data about each access to the service:
IP address of the accessing computer
Name of the file accessed
Date and time of access
Quantity of data transferred
Notification of successful access
Browser type and version and user's operating system
The provider uses the log data only for statistical evaluations for the purpose of the operation, security and optimisation of the service. However, the provider reserves the right to check the log file retrospectively if there are specific and legitimate reasons to suspect illegal use.
III.2. GOOGLE ANALYTICS
This website uses Google Analytics, a web analysis service of Google Inc. ('Google'). Google Analytics uses so-called 'cookies', text files that are saved on your computer and that facilitate analysis of your use of the website. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA where it is saved. In the case of activation of IP anonymisation on this website, however, your IP address is first abbreviated by Google within member states of the European Union or in other states that have signed the European Economic Area agreement. Only in exceptional cases is the full IP address transferred to a Google server in the USA where it is abbreviated. Google will use this information on behalf of the operator of this website to evaluate your use of the website, to compile reports on the website activity and to provide other services for the website operator associated with the use of the website and the internet. The IP address communicated by your browser to Google Analytics is not associated with other Google data. You can prevent cookies from being saved with the appropriate setting in your browser software; however, we wish to point out that in this case it is possible that you will not be able to use all functions of this website to their full extent. Moreover, you can prevent the recording of the data generated by the cookie and relating to your use of the website (including your IP address) by Google and the processing of this data by Google by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=en.
This website and its sub-pages only send abbreviated, i.e. anonymised, IP addresses to Google.
The service uses plug-ins from Facebook (Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA). As soon as a page of the service on which a plug-in is installed is accessed by the user, the user's browser automatically creates a connection to Facebook via the plug-in and loads content from there. The provider has no influence over the type and extent of the content displayed by the plug-in.
The provider also has no influence on the type and extent of the data that Facebook collects from the user. In any event, Facebook is notified by the plug-in that a user has accessed the service. If the user has not logged out of Facebook following the last visit, Facebook is able to link the use of the service with the Facebook account. Interaction with the plug-in (e.g. pressing the Like button) is saved by Facebook. Facebook also saves the (anonymised) IP addresses of users of the service who are not registered on Facebook. All of this access by Facebook can be blocked by add-ons that are available free of charge for any browser.
The service uses plug-ins from Twitter (Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA). As soon as a page of the service on which a plug-in is installed is accessed by the user, the user's browser automatically creates a connection to Twitter via the plug-in and loads content from there. The provider has no influence over the type and extent of the content displayed by the plug-in.
The provider also has no influence on the type and extent of the data that Twitter collects from the user. According to its own information, Twitter collects the IP address of the user and the address of the service on which the plug-in is installed.
By evaluating and analyzing feedback and behavioural patterns across our website's pages, we can improve the functionality of our websites and make them more user-friendly, more valuable and simpler for you to use. For that purpose we collect the following data:
your device's IP address (collected and stored in an anonymized format);
device screen size;
device type (unique device identifiers) and browser information;
geographic location (country only);
preferred language used to display the webpage.
geographic location (country only);
preferred language used to display the webpage;
date and time when website pages were accessed;
III.6. GOOGLE PLACES API
In order to make the adding of contacts and typing of addresses easier and faster, MyPostcard uses the Google Places API. For any further information, please visit: http://www.google.com/privacy.html
III.7. INTEGRATION OF SERVICES AND MATERIALS FROM OTHER THIRD PARTIES
In order to extend the service, it may be expedient to integrate materials from third parties into the service. This includes in particular photos from Flickr and Instagram, videos from YouTube and maps from Google Maps. In order to load materials from the servers of the third-party provider, it is necessary to pass on the user's IP address to it. The provider makes every effort only to use content from third parties who only save the IP address to deliver the content and not for other purposes.
IV. RIGHT TO INFORMATION
Users may demand information free of charge to an extent reasonable for the provider about which personal details are saved about them
V. CHANGES, CORRECTIONS AND UPDATES, WITHDRAWAL
Users have the right to demand the correction and update of their details if they cannot do so themselves. Users may also have personal details blocked or deleted unless the provider is subject to a statutory obligation to retain such information. Data is also deleted if a user withdraws consent to save it or if saving it is no longer permitted for legal reasons. Having given consent to the collection, processing or use of personal details, the user may revoke that consent at any time from that point on by sending an email to the following address: firstname.lastname@example.org