Lotum GmbH, Am Goldstein 1, 61231 Bad Nauheim, Germany, games@lotum.de ("Lotum" or "we") respects and protects your personal data.
The following privacy policy is intended to inform you in greater detail about the collection, processing, and use of data in connection with the website.
Lotum collects, processes and uses personal data exclusively within the framework of the applicable legal regulations. Therefore, the high data protection standards of the General Data Protection Regulation ("GDPR") and the Telecommunications Digital Services Data Protection Act ("TDDDG") apply.
1.1. This Privacy Policy is addressed to all users of the website (“Users”).
1.2. As far as certain Lotum services have a different Privacy Policy, then that policy applies.
1.3. Third-party services that may be referenced by the website via so-called links are likewise excluded from the scope of this privacy policy. Lotum generally assumes no responsibility for their content or for their compliance with data protection regulations, unless otherwise stated in the privacy policy of the linked content. This applies, for example, to links to social networks such as LinkedIn and Xing. Users can find information on the handling and protection of their personal data on these platforms in the respective platform’s privacy policy.
2.1. When visiting Lotum's website, information that your browser automatically transmits to us is logged. This includes the IP address of the device you are using, the date and time (including time zone) of each access to the website, as well as the information about which specific page or file was requested, the domain from which the respective request originated (so-called referrer URL), the operating system used, and the browser used. These are data that are absolutely necessary for the use of the website.
2.2. Lotum collects this data for the provision of the website on the basis of § 25 (2) no. 2 TDDDG and processes this data in accordance with Article 6 (1) sentence 1 lit. f) GDPR, whereby Lotum's legitimate interest is the provision of the website.
2.3. Lotum may also use the aforementioned data to ensure the proper and secure operation of the website, i.e., in particular for IT security purposes. The basis for this further processing is Article 6 (1) sentence 1 lit. f) GDPR, whereby Lotum's legitimate interest is to ensure the security of the website.
3.1. We provide the website and the media files contained therein using third-party services. For this purpose, we use the service Vercel, offered by Vercel Inc., 440 N Barranca Ave #4133, Covina, CA 91723, USA (“Vercel”).
3.2. This service may collect and, if necessary, store the IP address of your device when you use the website. However, Lotum does not directly receive the IP addresses and only accesses IP addresses collected by these services in exceptional cases and only when there is a legal basis, particularly when it is necessary to protect Lotum’s legitimate interests (e.g., during maintenance work or in the event of technical issue investigations). We use this service and the aforementioned data to provide the website efficiently and with the lowest possible error rate, thereby ensuring the smooth use of the website’s functions. The legal basis for the related data processing is Article 6 (1) sentence 1 lit. f) GDPR, whereby our legitimate interest is the optimal and technically flawless provision of the website. Access to the mentioned data is also absolutely necessary for this purpose (§ 25 (2) no. 2 TDDDG).
3.3. Further information and the applicable privacy policies of Vercel can be found at https://vercel.com/legal/privacy-policy. Additional information on data processing in the context of using Vercel as well as on the agreements concluded with Vercel can be found at the corresponding link.
3.4. We would like to point out that Vercel reserves the right to process data at other locations as well, such as in the USA. The transfer of data to servers in the USA used by Vercel Inc. may involve additional risks, for example, the enforcement of your rights to this data may be more difficult. To counter these risks, we have concluded the EU Commission’s standard data protection clauses with Vercel Inc. for this data transfer and have also defined appropriate protective measures, which, depending on the sensitivity of the data, may include encryption and can be enhanced in accordance with the legal and technical requirements for adequate data protection. Therefore, if data is transferred to Vercel Inc. in the USA, such transfer is based on Article 46 (2) lit. c) GDPR.
4.1. To analyze and attribute app installations triggered via our website or marketing campaigns, we use the service Singular, offered by Singular Labs, Inc., 301 Howard St, San Francisco, CA 94105, USA (“Singular”).
4.2. When so-called deep links are used, Singular may process information to determine whether and through which advertising measure or source an app installation occurred. In particular, the IP address of the device, mobile device identifiers, timestamps, user interactions with the link, and, if applicable, referrer data are processed. This information is used solely for the purpose of correct attribution and performance evaluation of app installations. Lotum does not receive any personal profiles or user histories, but only aggregated or pseudonymized evaluations.
4.3. The legal basis for the use of Singular is Article 6 (1) sentence 1 lit. f) GDPR. Our legitimate interest lies in measuring the success of our marketing activities and efficiently managing advertising budgets. If the processing by Singular is not strictly necessary, it is carried out only with your consent pursuant to § 25 (1) TDDDG or Article 6 (1) lit. a) GDPR (depending on the type of tracking and device used).
4.4. Further information and the applicable privacy policies of Singular can be found at https://www.singular.net/privacy-policy/. Additional information on data processing in the context of using Singular as well as on the agreements concluded with Singular can be found at the corresponding link.
4.5. Singular reserves the right to process data on servers at other locations, such as in the USA. For this data transfer with Singular, we have concluded the EU Commission’s standard data protection clauses and defined appropriate protective measures within them, which may include encryption of the data depending on its sensitivity and can be enhanced in accordance with the legal and technical requirements for adequate data protection. Therefore, if data is transferred to Singular in the USA, such transfer is based on Article 46 (2) lit. c) GDPR.
5.1. We process your personal data as long as it is necessary to achieve the purposes of the processing, or is prescribed by a legal obligation to store the data. Subsequently, the data is deleted in accordance with statutory laws.
5.2. Data that we store for legal reasons, however, is stored for as long as this is required by law. After expiry of a statutory retention period, the data will be deleted without undue delay, unless there are other reasons within the meaning of Art. 17 (3) GDPR opposing the deletion.
6.1. Lotum has taken appropriate technical and organizational measures to protect personal data against accidental loss, damage, unauthorized access or unauthorized changes. In particular, data is transmitted by Lotum in encrypted form to the greatest extent possible. However, Lotum points out that privacy and data security cannot be guaranteed for transmissions outside Lotum's sphere of influence.
7.1. Personal data will only be transferred to third parties without the User's explicit consent if this is necessary for the provision of Lotum's services (e.g. for the technical provision of the offer), unless stated otherwise at another point in this Privacy Policy. Accordingly, a transfer of data to such service providers (such as technical service providers) only takes place in order to protect our legitimate interests pursuant to Article 6 (1) sentence 1 lit. f) GDPR. Of course, Lotum will ensure that the respective service provider has taken appropriate technical and organizational measures to guarantee the security of the data before forwarding the User's personal data.
7.2. Apart from that, Lotum will not pass on the User's personal data to third parties, unless the User has expressly consented to the transfer (Article 6 (1) sentence 1 lit. a) GDPR) and Lotum is neither entitled nor obliged to transfer the data due to legal regulations or court orders. In the latter case, Lotum will transfer the data in order to fulfil a legal obligation according to Article 6 (1) sentence 1 lit. c) GDPR.
The user has the right to object at any time to data processing based on Art. 6 (1) lit. e) or lit. f) GDPR for reasons arising from his particular situation, unless Lotum can prove compelling reasons worthy of protection, which outweigh the interests of the user, or the processing serves to assert, exercise or defend legal claims. The user can object to data processing for the purpose of direct advertising at any time without special reasons being required.
The user has the right to obtain free of charge from Lotum the personal data stored by Lotum concerning him or her, the processing purposes, their origin, which transfer to which recipients or categories of recipients took place, the storage period and the rights of the data subjects available to him or her.
Furthermore, the user has the right to request at any time the correction of incorrect data, the deletion and/or restriction of the processing of personal data stored about him or her, insofar as there is no legal obligation for Lotum to keep records or other reasons in the sense of Art. 17 (3) GDPR which prevents deletion. Insofar as this includes personal data that is necessary for the provision of services to the user, the deletion or restriction of the processing of this data can only take place when the user no longer uses Lotum's services.
If the user provides data relating to him or her and Lotum processes such data on the basis of the user's consent or in order to fulfill the contract, the user may request that he/she receives such data in a structured, current and machine-readable format from Lotum or that Lotum transmits such data to another controller, insofar as this is technically possible (so-called right to data portability).
Any consent given by the user to the use of personal data can be freely revoked by the user at any time with effect for the future.
The user may also lodge a complaint with a supervisory authority against data processing which he or she considers to be in breach of the statutory provisions.
9.1. Lotum reserves the right to change this privacy policy at any time, while Lotum will always comply with the legal requirements of data protection. Therefore, Lotum recommends that users regularly take note of the applicable privacy policy. Lotum will inform users in advance of any further use of data, for example via in-game notification or so-called push notifications in your browser, if you allow such push notifications.
Lotum GmbH, Am Goldstein 1, 61231 Bad Nauheim, Deutschland
Data Protection Officer: Susanne Klein, c/o Beiten Burkhardt Services GmbH, Ganghoferstraße 33, 80339 München, Germany, privacy@lotum.de