GDPR Rights and Data Protection

Your data protection rights under European law

Introduction to GDPR

The General Data Protection Regulation (GDPR) is a comprehensive data protection law that gives you control over your personal data. As a European company, childebertgame.com is fully committed to GDPR compliance and protecting your privacy rights.

This page explains your rights under GDPR and how to exercise them when using our ChildebertGame services.

Data Controller Information

Data Controller: childebertgame.com

Registered Address: 180 Zelená Street, Vienna, Austria, Europe

Contact Email: support@childebertgame.com

Data Protection Officer: Available upon request

Your GDPR Rights

Under GDPR, you have the following fundamental rights regarding your personal data:

1. Right of Access (Article 15)

You have the right to know whether we process your personal data and, if so, to access that data and receive information about:

  • The purposes of processing
  • Categories of personal data concerned
  • Recipients or categories of recipients
  • Retention period or criteria
  • Your rights regarding the data
  • Source of data if not collected directly from you

How to exercise: Email support@childebertgame.com with "Data Access Request" in the subject line.

2. Right to Rectification (Article 16)

You have the right to have inaccurate personal data corrected and incomplete personal data completed. This includes the right to provide a supplementary statement.

How to exercise: Contact us with details of the incorrect information and the correct version.

3. Right to Erasure - "Right to be Forgotten" (Article 17)

You have the right to have your personal data erased in certain circumstances:

  • The data is no longer necessary for the original purpose
  • You withdraw consent and there is no other legal ground
  • You object to processing and there are no overriding legitimate grounds
  • The data has been unlawfully processed
  • Erasure is required for compliance with legal obligations

How to exercise: Submit a deletion request specifying the data you want erased and the reason.

4. Right to Restriction of Processing (Article 18)

You have the right to restrict processing of your personal data in the following cases:

  • You contest the accuracy of the data
  • Processing is unlawful but you oppose erasure
  • We no longer need the data but you need it for legal claims
  • You have objected to processing pending verification of legitimate grounds

How to exercise: Request restriction by explaining which of the above situations applies.

5. Right to Data Portability (Article 20)

You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit this data to another controller when:

  • Processing is based on consent or contract
  • Processing is carried out by automated means

How to exercise: Request data portability specifying the format you prefer (JSON, CSV, XML).

6. Right to Object (Article 21)

You have the right to object to processing of your personal data when:

  • Processing is based on legitimate interests
  • Processing is for direct marketing purposes
  • Processing is for scientific or historical research

How to exercise: Submit an objection stating your grounds and the specific processing you object to.

7. Right to Withdraw Consent (Article 7)

When processing is based on your consent, you have the right to withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing before withdrawal.

How to exercise: Use the unsubscribe links in emails or contact us directly to withdraw consent.

8. Rights Related to Automated Decision-Making (Article 22)

You have the right not to be subject to decisions based solely on automated processing that produce legal effects or significantly affect you. Currently, we do not use automated decision-making systems.

How to Exercise Your Rights

Making a Request

To exercise any of your GDPR rights:

  1. Send an email to support@childebertgame.com
  2. Include "GDPR Request" in the subject line
  3. Clearly state which right you want to exercise
  4. Provide sufficient information to identify you and locate your data
  5. Include any specific details about your request

Identity Verification

To protect your privacy, we may need to verify your identity before processing your request. We may ask for:

  • Additional information to confirm your identity
  • Proof of your authority if acting on behalf of someone else
  • Clarification of your request if unclear

Response Time

We will respond to your GDPR requests:

  • Standard response: Within 30 days of receipt
  • Complex requests: Up to 90 days with explanation
  • Acknowledgment: Within 5 business days

Free of Charge

Exercising your GDPR rights is free of charge. However, we may charge a reasonable fee for:

  • Manifestly unfounded or excessive requests
  • Additional copies of data beyond the first free copy
  • Administrative costs for complex requests

Cookie Management and Consent

Cookie Categories

Our website uses different types of cookies:

  • Essential Cookies: Necessary for website functionality
  • Analytics Cookies: Help us understand website usage
  • Marketing Cookies: Used for personalized content
  • Preference Cookies: Remember your settings

Managing Cookie Consent

You can manage your cookie preferences:

  • Through our cookie consent banner
  • Via browser settings and preferences
  • By contacting us to update your preferences
  • Using browser extensions for cookie management

Withdrawing Cookie Consent

To withdraw cookie consent:

  1. Clear your browser cookies for our site
  2. Adjust browser settings to reject cookies
  3. Contact us to opt out of specific cookie types
  4. Use the preference center when available

Data Processing Purposes and Legal Basis

Purposes of Processing

We process your personal data for:

  • Providing and improving our services
  • Responding to your inquiries and support requests
  • Sending newsletters and updates (with consent)
  • Website analytics and performance monitoring
  • Compliance with legal obligations
  • Protecting our legitimate business interests

Legal Basis for Processing

We process your data based on:

  • Consent (Article 6(1)(a)): For newsletters, marketing communications
  • Contract (Article 6(1)(b)): To provide requested services
  • Legal Obligation (Article 6(1)(c)): For compliance requirements
  • Legitimate Interests (Article 6(1)(f)): For analytics, security, business operations

Data Transfers and Safeguards

If we transfer your data outside the European Economic Area (EEA), we ensure adequate protection through:

  • European Commission adequacy decisions
  • Standard contractual clauses (SCCs)
  • Binding corporate rules
  • Certification schemes and codes of conduct

Complaints and Supervisory Authority

If you believe we have not handled your personal data properly, you have the right to lodge a complaint with a supervisory authority.

Austrian Data Protection Authority

Österreichische Datenschutzbehörde
Barichgasse 40-42
1030 Vienna, Austria
Phone: +43 1 52 152-0
Email: dsb@dsb.gv.at
Website: https://www.dsb.gv.at/

European Data Protection Board

For cross-border complaints or general GDPR information, visit the European Data Protection Board at https://edpb.europa.eu/

Data Breach Notification

In case of a data breach that may pose a high risk to your rights and freedoms, we will:

  • Notify the supervisory authority within 72 hours
  • Inform affected individuals without undue delay
  • Provide clear information about the breach and response measures
  • Offer guidance on protecting yourself from potential harm

Regular Updates and Reviews

We regularly review and update our data processing practices to ensure continued GDPR compliance. This includes:

  • Annual privacy impact assessments
  • Regular staff training on data protection
  • Updates to privacy policies and procedures
  • Technical and organizational security measures

Contact Information for GDPR Matters

For all GDPR-related inquiries, requests, or complaints:

  • Primary Contact: support@childebertgame.com
  • Subject Line: "GDPR Request" or "Data Protection Inquiry"
  • Response Time: Within 5 business days for acknowledgment
  • Languages: English, German

Additional Resources

For more information about GDPR and your rights:

  • European Commission GDPR Portal: https://ec.europa.eu/info/law/law-topic/data-protection_en
  • Your Rights Under GDPR: https://gdpr.eu/what-is-gdpr/
  • Austrian Data Protection Authority: https://www.dsb.gv.at/
  • European Data Protection Board: https://edpb.europa.eu/

Updates to GDPR Information

We may update this GDPR information page to reflect changes in:

  • Legal requirements and guidance
  • Our data processing practices
  • Supervisory authority recommendations
  • Technical capabilities and security measures

Check this page regularly for the most current information about your GDPR rights and our data protection practices.