Privacy Policy

Protecting your privacy and your identity is extremely important to us at Gozaclub.com, Germany. This document outlines how your data is processed in accordance with data protection legislation, based on the applicable regulations (GDPR). This Data Protection Policy applies to the online services we offer, referred to generally as “online offerings” and specifically as the “platform” on websites and the “app” on mobile applications.

In principle, we process personal data only as necessary to provide functional online offerings and our content and services. Personal data is typically processed only after you have granted your consent, except in cases where obtaining prior consent is impractical and data processing is permitted by law.

1. Name and Contact Details of the Controller and Data Protection Officer
– Controller
This Data Protection Policy covers data processing by Gozaclub.com

2. General Information on the Processing of Personal Data
Operating our online services inherently involves the dynamic nature of the Internet, making it impossible to detail every aspect of its functionality here. This Policy aims to cover the most critical elements of our data processing practices.

Personal Data Definition: Personal data refers to any information related to an identified or identifiable individual. Data is processed to present the services you seek, fulfill our contractual obligations, and undertake necessary pre-contractual measures in response to your inquiries. The primary purposes of data processing include:

Enhancing your user experience and supporting technical and content development.
Providing essential functions and algorithms aligned with the community’s core concept and networking expectations.
Addressing IT security issues.
Personal data is typically deleted once it is no longer necessary for its collected purpose, provided no legal retention periods apply. Retention periods for third-party tools are detailed in the respective third-party provider’s data protection policy unless otherwise stated.

3. Data Processing When Using Our Services
Our services can be accessed through various channels (e.g., website, app). Some services are free, while others require payment. Certain services are purely informational, while others necessitate registration and a free or paid user agreement. Personal data is processed either by us or by service providers, with the purposes, procedures, and legal bases detailed below.

3.1 Applied Technology Without User Recognition
Each time our online services are accessed, information is automatically sent to our servers and temporarily stored in a “log file.” This includes:

IP address of the accessing device
Date and time of access
Name and URL of the accessed file or interface
Referrer URL (website from which access originated)
Browser details, operating system, device name, and Internet service provider
App version if apps are used
User account details if registered, user ID, and session ID
Any anonymized errors
We process this data to:

Deliver online content appropriately across devices and browsers.
Protect our IT systems from misuse.
Ensure the ongoing functionality of our IT systems.
Provide necessary information to law enforcement for prosecution.
Evaluate system security and stability.
Optimize online content.
Data processing is legally based on Art. 6(1.1f) GDPR, with our legitimate interest being the purposes listed above. We never use this data to identify individuals and delete it once it is no longer needed.

3.2 User-Recognition Technologies
Our app uses device-identification methods to provide certain features, evaluate errors, and publish user-specific content. We use device identifiers like the “Ad ID” for iOS and “Google advertising ID” for Android to allocate chargeable services to devices and offer push notifications. These IDs are not used for targeted ads.

3.3 Subscribing to Newsletters
With your express consent under Art. 6(1.1a) GDPR, we use your email to send newsletters regularly. Only an email address is required to receive the newsletter. Data is deleted once it is no longer needed. You can unsubscribe anytime via the link in each newsletter or by emailing us at dsb@fp.de.

3.4 Using Contact Forms and Support Functions
For inquiries, you must provide a valid email address or active login to identify the sender and respond. Additional information is optional. Data is processed to answer contact queries based on Art. 6(1.1b) GDPR for pre-contractual steps or contractual obligations, or Art. 6(1.1a) GDPR with your consent.

Personal data for contact purposes is deleted once the inquiry is resolved, provided no legal retention requirements exist. Registered users can also report content and request support services. In such cases, we store the sender’s name, inquiry content, and any reported content, logging the conversation in our support system.

Support service data is processed based on Art. 6(1.1a) GDPR (consent), Art. 6(1.1b) GDPR (contractual/pre-contractual), and Art. 6(1.1c and f) GDPR (handling content notifications per legal requirements). Data is deleted once the inquiry is resolved, barring any legal retention obligations.

3.5 Ordering a Product
We accept various payment methods and may share payment data with payment service providers. These providers, approved by the BaFin (German Federal Financial Supervisory Authority), process payments. Selecting a payment option consents to transmitting necessary personal data for payment processing.

Typically, personal data shared includes name, address, date of birth, gender, email, IP address, phone number, and payment details like account or card information. Data is exchanged to verify identity, manage payments, and prevent fraud, based on Art. 6(1b) GDPR. Data may also be shared with credit-rating agencies for identity verification and credit screening, based on Art. 6(1f) GDPR.

The payment service provider may also share personal data with service providers or subcontractors as necessary to fulfill contractual obligations. You can withdraw your consent to the payment service provider’s handling of personal data at any time. However, withdrawal of consent does not apply to data essential for the contractual processing of payments.

3.6 User Accounts and Profiles

As a user, you can access our services as a guest or register for additional features. Unregistered access may be limited in scope.

When you visit our online offerings, a contractual relationship is established. Data is processed in accordance with Art. 6(1.1b) GDPR to fulfill a contract or implement precontractual measures. No additional fees apply unless you purchase membership and consent after registering.

Providing personal information is not mandatory, but necessary for certain user agreements. Additional information is optional but recommended. Certain features or services may be unavailable if you do not provide specific information or object to its use.

3.6.1 Guest Users

Guests can use basic functions without obligation. User data and technical data are collected to provide and optimize content as outlined in this Data Protection Policy. No further personal data is collected from guests.

For special uses like subscribing to newsletters, relevant policy sections apply. Guests can access registration forms to create a user account. Required data is stored temporarily for email verification. Unverified data is deleted immediately.

3.6.2 Registered Users

Registration involves providing additional personal data depending on the registration form used. This data is necessary to offer the requested service within the existing user relationship.

You can enhance your community profile by providing information such as username, age, region, and preferences. Additional privacy settings are available for some inputs, allowing you to control visibility.

Sensitive data like your exact birthdate or email is not publicly visible and is stored for internal use only. Data may be forwarded to external processors for internal purposes on our behalf. Birthday display can be deactivated via privacy settings. Registered users can correct registration data anytime.

Data accessible only to you, like internal email communication and profile visitors, is stored to ensure functionality. We collect usage data for statistical purposes and service optimization regularly.

Providing additional data is voluntary. Data is stored and processed to support community functions per Art. 6(1.1a) GDPR, with a legitimate interest under Art. 6(1.1f) GDPR in making specific data accessible within the online offering and connecting user functions.

We provide stored personal data information on request and correct or delete data as instructed, provided no legal retention periods apply. Data not subject to retention is deleted when no longer needed, and at the latest upon user account deletion. Our Data Protection Officer can assist with inquiries.

3.7 Authenticity and Legal Age Verification

GOZAclub ensures genuine profiles and minor protection through authenticity checks and age verification. Members can verify their authenticity and age via a video recording, with optional ID presentation for doubts. Data is stored on German servers briefly and deleted after verification.

For standalone authenticity checks, only a photo is required. Participation is voluntary, with data processing based on consent per Art. 6(1a) GDPR and age verification under Art. 6(1c) GDPR and the German Treaty on the Protection of Minors (JMStV). Data is deleted immediately after verification.

Verification can also be done in person at select events.

3.8 Competitions and Surveys

Participation in surveys or competitions may require collecting your postal address and real name to ship physical prizes. Data processing is based on consent per Art. 6(1.1a) GDPR. Address data is deleted after prize shipment.

4. Disclosure of Data

Your personal data is only disclosed for the purposes listed below.

We will only disclose your data to third parties if:

• You have given explicit consent under Art. 6(1.1a) GDPR.
• Disclosure is necessary under Art. 6(1.1f) GDPR to assert, exercise, or defend legal claims, and you have no overriding legitimate interest against disclosure.
• We are legally obligated to disclose under Art. 6(1.1c) GDPR.
• Disclosure is legally permitted and necessary under Art. 6(1.1b) GDPR to process contractual relationships or orders with you.
• There is a legitimate interest in optimizing our offering under Art. 6(1.1f) GDPR.

5. Web Analytics

5.1 Adobe Analytics

We use Adobe Analytics, an analytics tool from Adobe Systems Software Ireland Limited, to understand website usage and optimize user experience. This tool helps us measure reach, usage, and performance, and detect fraudulent activities like bot or crawler traffic. Key data points processed during your website visit include:

• Browser and operating system details
• Mobile device dimensions and screen resolution
• Abbreviated IP address
• Visit date and time
• Duration of visit per page
• Referrer website
• Pages visited within our website
• Time spent on each page
• Interactions with content (e.g., clicks, scrolling)
• Account-related data (e.g., account type, membership type, stated age, membership duration, app status)

We do not use cookies with Adobe Analytics. Data processing is based on Art. 6(1f) GDPR, with a legitimate interest in improving website security and optimizing our online offerings. Data is transferred to Adobe servers for storage and may be shared with third parties if required by law or for processing on Adobe’s behalf. We have an order processing agreement with Adobe ensuring data protection compliance. Personal data is stored only as long as necessary for the described purposes.

6. Google reCAPTCHA

To protect our community, we use Google reCAPTCHA, provided by Google Ireland Limited, to distinguish human users from bots. This service transmits only authentication data to Google, containing no personal data, solely to authenticate our software.

reCAPTCHA sends standard client information (e.g., browser, IP address) to Google servers in the USA, where it is stored and potentially shared with third parties if required by law or for processing. Google does not combine your IP address with other data, and IP addresses are anonymized (IP masking). In rare cases, the full IP address is sent to the USA and anonymized there.

Data processing is based on Art. 6(1f) GDPR, with a legitimate interest in protecting our website from unauthorized automated spying and spam. You can disable JavaScript and cookies in your browser to prevent Google from collecting and processing your data, but this may limit website functionality.

More information on data protection is available in Google’s Privacy Policy.

7. Social Media Integration

Our online offerings include social media integrations to enhance user interaction and community engagement. This section outlines our practices related to social media plug-ins and links.

7.1 Facebook

We use social plug-ins from Facebook, provided by Facebook Ireland Limited. When you visit our site, the plug-in establishes a direct connection between your browser and Facebook servers, transmitting data such as your IP address and the pages you visit. If you are logged into Facebook, your visit can be linked to your Facebook account.

This data processing is based on Art. 6(1a) GDPR, with your consent. You can disable Facebook plug-ins using browser settings or add-ons like “Facebook Blocker.”

7.2 Twitter

Our site includes Twitter features, provided by Twitter International Company. These features may collect your IP address and pages visited, which are transmitted to Twitter servers in the USA. If logged into Twitter, your visit is associated with your Twitter account.

Data processing is based on Art. 6(1a) GDPR, with your consent. You can disable Twitter features via browser settings or specific add-ons.

7.3 Instagram

We integrate Instagram functions, provided by Facebook Ireland Limited, allowing interaction with Instagram servers. Data such as IP address and pages visited may be transmitted. If logged into Instagram, your visit links to your account.

Data processing is based on Art. 6(1a) GDPR, with your consent. Disabling Instagram features can be done via browser settings or add-ons.

8. Data Security

We implement appropriate technical and organizational measures to protect your data from unauthorized access, alteration, or destruction. Security measures include encryption, access controls, and regular security assessments.

9. Your Rights

Under GDPR, you have rights regarding your personal data, including:

• Access: Request information about your personal data we process.
• Rectification: Request correction of inaccurate data.
• Erasure: Request deletion of your data.
• Restriction: Request restriction of data processing.
• Data Portability: Receive your data in a structured, commonly used format.
• Objection: Object to data processing based on legitimate interests.
• Withdraw Consent: Withdraw consent for data processing at any time.

To exercise your rights, contact our Data Protection Officer at contact@gozaclub.com

10. Changes to this Data Protection Policy

We may update this Data Protection Policy to reflect changes in our practices or for legal reasons. Any changes will be posted on this page, and significant updates will be communicated via email or a notice on our website.

11. Precedence of English Version of this Privacy Policy

The official text of this Privacy Policy shall be in English, and any translation, interpretation, or construction of this Privacy Policy shall be based on the English version. If any documents or notices related to this Privacy Policy are translated into another language, the English version shall prevail in the event of any discrepancy between the two (except to the extent that the law in your jurisdiction prohibits this provision).

12. Contact Information

For questions or concerns about this Data Protection Policy or data processing practices, please contact our Data Protection Officer: at contact@gozaclub.com

Or by our contact form: here

Email: contact@gozaclub.com

This Data Protection Policy is effective as of 01 July 2024.