Privacy Policy

Date: 21.01.2021

This privacy policy only applies to visitors to our Woofbuzz website and users of our Woofbuzz app.

Responsible for the processing of your personal data:

LuckyShot GmbH
Schönhauser Allee 163
10435 Berlin
Tel.: +49 (0)30-403 639 730
E-Mail: info(at)luckyshot.io

CEO
Alexander Adam
Amtsgericht Berlin-Charlottenburg HRB 192374 B

Data Protection Officer:
Herbert Bischof
E-Mail: herbert(at)luckyshot.io

LuckyShot stands for data protection. The protection of our users’ data is our top priority. The rules of the German Federal Data Protection Act (BDSG) and the European Data Protection Regulation (GDPR) are observed and constantly monitored.

In the following, you will be informed about what kind of data is collected and for what purpose:

  1. Data transmission/data logging when visiting the website
    https://woofbuzz.com
    When visiting the website, the web server automatically records log files that cannot be assigned to a specific person by us, but are considered personal data according to the DSGVO. This data includes, for example, the browser type and version, operating system used, referrer URL (the previously visited page), IP address of the requesting computer, access date and time of the server request and the client’s file request (file name and URL). This data is only collected pseudonymously for the purpose of statistical evaluation and is only stored for as long as is necessary for the stated purposes. Data is not passed on to third parties for commercial or non-commercial purposes. An exception to this is the transfer of data to third parties for the fulfilment of the requested services. The legal basis for the processing of this usage data is Article 6 (1) f) GDPR.

  2. Data processing within the framework of our app
    If you want to use our app for iOS and other operating systems, it is necessary for you to register with a user account. You can provide us with further information (such as a profile picture or other profile details) in the app itself. We will only process this data to enable you to use the app in accordance with your preferences. Our legal basis for processing this app data is Article 6(1)(b) GDPR.

  3. Processing of personal data in general
    Further personal data is only collected or processed if you provide this information voluntarily, e.g. in the context of an enquiry via e-mail or contact form. Unless there are necessary reasons in connection with a business transaction, you can revoke the previously granted permission to shop your personal data at any time with immediate effect in writing by sending an email to info(at)luckyshot.io. Your data will not be passed on to third parties unless this is required by law. Your data may be used for our own advertising purposes.

  4. Our legal bases
    When processing your personal data, we rely on various legal bases in accordance with the GDPR, which we have already informed you about in the section concerning the respective data processing. In summary: For the processing of data within the scope of our service (i.e. our website and our app), Article 6(1)(b) of the GDPR applies, as we process this data in order to fulfil our contractual obligations with you. For the processing of usage data (also anonymised by Google Analytics or Sentry), we rely on Article 6(1)(f) of the GDPR, as we process this data in order to exercise our legitimate interests through reach measurement and web analytics regarding the improvement of our app and website.

  5. Your legal rights
    You can assert the following rights against us within the scope of the GDPR with regard to your personal data: the right to information pursuant to Article 15 GDPR, the right to rectification pursuant to Article 16 GDPR, the right to erasure pursuant to Article 17 GDPR, the right to restriction of processing pursuant to Article 18 GDPR and the right to data portability pursuant to Article 20 GDPR. You also have the right to lodge a complaint with the competent data protection supervisory authority (Article 77 GDPR in conjunction with Section 19 BDSG). Furthermore, you can also revoke your consent to the processing of your personal data at any time. However, this revocation is only valid for the future. Processing that took place before the revocation remains unaffected.

    Information about your right to object according to Article 21 of the GDPR: In addition to the rights already mentioned, you have the right to object at any time to the processing of your personal data on the basis of Article 6(1)(f) of the GDPR (processing of data on the basis of a balance of interests) for reasons related to your particular situation. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is for the establishment, exercise or defence of legal claims.

  6. Security of your data & transmission to third parties
    Your personal data made available to us will be secured by taking all technical and organisational security measures in accordance with the latest state of the art so that they are inaccessible to unauthorised third parties. When sending very sensitive data or information, it is advisable to use the postal service, as complete data security cannot be guaranteed by e-mail. We will not pass on your data to third parties unless this is obligatory for us due to legal regulations or necessary to protect our legitimate interests (e.g. to a lawyer for the assertion or defence of legal claims). Otherwise, we only transmit personal data to our service providers, who are subject to strict contractual provisions to process personal data exclusively for the provision of their services to us and exclusively on our instructions. Our service providers primarily include our hosting providers. Our website is hosted by Heroku, a subsidiary of Salesforce.com, inc. Salesforce Tower, 415 Mission Street, 3rd Floor, San Francisco, CA 94105, United States (participating in the EU-US Privacy Shield) our app is hosted by Firebase, a subsidiary of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 (participating in the EU-US Privacy Shield).

  7. Adequate level of data protection for recipients abroad
    Where our service providers are based abroad, i.e. outside the territory of the European Economic Area (EEA) (such as Google), we will nevertheless ensure an adequate level of data protection at all times by ensuring that either the EU’s model contracts for the transfer of data to other EU countries, as amended from time to time, are in place or that there are otherwise appropriate safeguards for an adequate level of data protection.

  8. Duration of storage
    We process and store your personal data to the extent and for as long as necessary to fulfil our contractual or legal obligations. Therefore, we store your data as long as our contractual relationship with you exists and after termination only to the extent and for as long as required by the law of the Federal Republic of Germany. All other data will be deleted when you unsubscribe from us. If data is no longer required for the fulfilment of legal obligations (e.g. according to tax or commercial law), it is therefore regularly deleted, unless its further processing is necessary for the preservation of evidence or for the defence of legal claims against us.

  9. SSL or TLS encryption
    For security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us, we use SSL or TLS encryption. You can recognise an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line. If SSL or TLS encryption is activated, the data you send to us cannot be read by third parties.

  10. Cookies
    We use cookies on our website to make it easier for you to use our website. These are small text files that are stored on your hard drive with an expiry date and, depending on the settings of your browser programme, are deleted again when you close the browser. We use functional cookies to enable you to browse our website. These cookies do not retrieve any information stored about you on your hard drive and do not affect your PC or files. Most browsers are set to automatically accept cookies. However, you can disable cookies or set your browser to notify you when cookies are sent. We also use Google Analytics, which also uses cookies. Detailed information about these services and their cookies can be found at the end of this privacy policy.

  11. Changes to this privacy policy
    We will update this policy from time to time to protect your personal information. You should review this policy from time to time to stay informed about how we are protecting your information and improving the content of our website. If we make any material changes to the collection, use and/or disclosure of the personal information you provide to us, we will notify you by posting a prominent notice on the Site. By using the Website, you agree to be bound by the terms of this privacy policy. If you have any questions about this privacy policy, please contact us at info(at)luckyshot.io.

  12. Google Analytics
    This website and app use Google Analytics, a web analytics service provided by Google LLC. (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyse how users use the site. The information generated by the cookie about your use of the website will be transmitted to and stored by Google on servers in the United States. In the event that IP anonymisation is activated on this website, however, your IP address will be shortened beforehand by Google within member states of the EEA. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) by Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link. An Opt-Out-Cookie will be set, which prevents the future collection of your data when visiting this website. You can find more information on the terms of use and data protection at http://www.google.com/analytics/terms/de.html or at https://www.google.de/intl/de/policies/. We would like to point out that the code “anonymizeIp” has been added to Google Analytics on this website to ensure an anonymised collection of IP-Addresses (so-called IP-Masking).

  13. Google Cloud Platform
    We use services of the Google Cloud Platform, a developer platform operated by Google Ireland Limited , Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, California 94043 USA (“Google”). The data processing is carried out on the basis of our legitimate interests (Art.6 para.1 lit. f GDPR) in the technically error-free and optimised provision of our services. You can find more information on data processing via the Google Cloud Platform in Google’s privacy policy. We have concluded a so-called “Data Processing Agreement” with Google, operator of the Google Cloud Platform, in which we oblige Google to protect the data of our customers, not to pass it on to third parties and, in the event of a transfer of personal data to the USA, to comply with the regulations of the standard contractual clauses pursuant to Art. 46 GDPR.

  14. Google Tag Manager
    This website uses Google Tag Manager. The provider is Google Ireland Limited, Google Building Gordon House, 4 Barrow St., Dublin, Ireland. The Google Tag Manager does not collect any personal data. The tool triggers other tags, which in turn may collect data. Google Tag Manager does not access this data. The use is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in analysing user behaviour in order to optimise both its website and its advertising. If a deactivation has been made at domain or cookie level, this remains in place for all tracking tags implemented with Google Tag Manager. You can find Google’s data protection information on this tool in Google’s data protection statement.

  15. Google Fonts
    The integration of Google Fonts (https://www.google.com/fonts) is done by a server call at Google (usually in the USA). You can find the Google privacy policy and the Opt-Out here.

  16. Google Maps
    The app uses the map service Google Maps via an API. The provider is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland. To use the functions of Google Maps, it is necessary to store your IP address and location information. This information is usually transferred to a Google server in the USA and stored there. The provider of this site has no influence on this data transmission. Google Maps is used in the interest of an appealing presentation of our online offers and to make it easy to find the places we indicate on the website. This represents a legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR.  You can find more information on data processing in Google’s privacy policy and the. Opt-Out here.

  17. Online presence in social media
    We maintain online presences within social networks and platforms in order to be able to communicate with the customers, interested parties and users active there and to inform them about our services there. When calling up the respective networks and platforms, the terms and conditions and data processing guidelines of their respective operators apply. Unless otherwise stated in our privacy policy, we process the data of users if they communicate with us within the social networks and platforms, e.g. write posts on our online presences or send us messages.

  18. Instagram
    Functions of the Instagram service are integrated within our online offer. These functions are offered by Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA. If you are logged into your Instagram account, you can link the content of our pages to your Instagram profile by clicking on the Instagram button. This allows Instagram to associate your visit to our pages with your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Instagram. You can find more information on data processing in the Instagram privacy policy.

  19. Facebook
    Within our online offer, we may link to Facebook. Facebook is certified under the Privacy Shield agreement (participation in the EU-US Privacy Shield) and thus offers a guarantee of compliance with European data protection law. You can find more information on this in Facebook’s privacy policy.

  20. Newsletter and notifications
    We send newsletters, e-mails and other electronic notifications containing promotional information only with the consent of the recipient or with legal authorisation. The newsletters contain information about our offers and services. However, notifications sent in the context of contractual or business relationships are not considered advertising. This includes, for example, the sending of service e-mails with technical or organisational information within the scope of our service provision, notices of technical or legal changes or questions about our offers. Notifications of activities to which the customer has subscribed. So-called double opt-in e-mails sent within the framework of registration or subscription to a newsletter are also not advertising messages. These double opt-in emails invite users to confirm a registration or subscription. The double opt-in emails are necessary to verify that the registration was really made by the email owner. The first and last name details are used to personalise the newsletter. Consent to the storage of data, e-mail addresses and their use for sending the newsletter can be revoked at any time. The revocation can be made, for example, via an unsubscribe link in the newsletter or an e-mail to info(at)luckyshot.io with “Unsubscribe” in the subject line. The registrations for the newsletter are logged in order to be able to check the registration process in compliance with the legal requirements. For this purpose, the moment of registration and activation are recorded in particular.

  21. Amazon Web Services
    We use the following services provided by Amazon Web Services, Inc, 420 Montgomery Street, San Francisco CA 94163, USA (“Amazon Web Services” or “AWS”). You can find further information on data processing by AWS in the AWS privacy policy.

  22. Raidboxes
    We use Raidboxes to host our wordpress blog. You can find further information on data processing by Raidboxes in their privacy policy.