Privacy Policy

1. Responsible Parties

Responsible for the processing of personal data within the meaning of the General Data Protection Regulation (GDPR) is: Fraqment Film GbR Kuckucksblumenstr. 23 80469 Munich
Phone: +49 89 99954892
Email: info@fraqment.com

Represented by

Götz Hudelmaier David Purviance

Contact

Do you have questions or need support? Just send an email to kontakt@climate-quest.de! The data protection responsibility lies exclusively with the above-mentioned adult responsible parties. This privacy policy applies to both the website and the mobile app.

2. General Notes on Data Processing

We process users' personal data only to the extent necessary for providing a functional app as well as our content and services. Processing is based on the General Data Protection Regulation (GDPR) and the Telecommunications-Telemedia Data Protection Act (TDDDG).

3. Legal Bases for Data Processing

The processing of personal data is carried out exclusively in accordance with the GDPR on the following legal bases:

Art. 6 para. 1 lit. a GDPR (Consent): for all services requiring consent, in particular external content such as YouTube, Google reCAPTCHA and comparable third-party services.
Art. 6 para. 1 lit. b GDPR (Contract Performance): for registration, provision of user accounts and execution of the user agreement.
Art. 6 para. 1 lit. f GDPR (Legitimate Interest): for technically necessary measures to ensure operation, IT security as well as abuse and error prevention.

Processing based on legitimate interests is only carried out if no overriding interests or fundamental rights of the affected persons oppose it.

4. Services and Third Parties Used

4.1 Google reCAPTCHA (Google LLC)

To protect against automated access, we use Google reCAPTCHA. User data such as IP address, mouse movements and possibly other technical features are transmitted to Google. Integration only takes place after active user consent.

4.2 Quill (Instructure Inc.)

We use Quill as a rich text editor for content input. Quill itself does not process any personal data, however, personal content may be entered and stored through its use . Integration is done locally (see 4.4). Quill Privacy Policy: https://quilljs.com/

4.3 Use of localStorage

Our app uses the so-called localStorage of your browser to store certain settings to improve user-friendliness and document your consents.

Purpose of Storage

Cookie settings: Your selection regarding the use of cookies and third-party services is stored locally so that you are not asked again on subsequent visits to the app.

Storage Duration

The data stored in localStorage remains stored until you change the cookie settings or manually delete the localStorage or browser cache.

Note

localStorage stores data exclusively on your end device. There is no automatic transmission of this information to our servers or third parties. The use of localStorage is based on Art. 6 para. 1 lit. f GDPR, as it is necessary for the technically error-free operation of the app. If consents are stored, this is done on the basis of Art. 6 para. 1 lit. a GDPR.

Transmission of Data to Third Countries

When using certain services (e.g. YouTube or Google reCAPTCHA), personal data may be transmitted to servers of Google LLC located in the USA. Google is certified under the EU-U.S. Data Privacy Framework. Nevertheless, there is a residual risk in data transmissions to the USA that US authorities may access personal data without affected persons having effective legal remedies available against this. The use of these services is only carried out after express consent in accordance with Art. 6 para. 1 lit. a GDPR.

5. Storage Duration

Personal data is only stored for as long as necessary for the respective purposes.

Account data: until deletion of the user account.
Content (articles, comments etc.): until deletion by the user or termination of the usage relationship, unless legal retention obligations exist.
Server log files: Server log files are initially collected with IP address and immediately anonymized. The anonymized log data is stored for a maximum of 14 days.
Error logs: maximum 14 days, unless security-related incidents require longer storage .
Backups: are regularly overwritten and deleted at the latest after 30 days.

Legal retention obligations remain unaffected.

6. Data Subject Rights

Users have the right to:

Information about stored data (Art. 15 GDPR)
Correction of incorrect data (Art. 16 GDPR)
Deletion of data (Art. 17 GDPR)
Restriction of processing (Art. 18 GDPR)
Data portability (Art. 20 GDPR)
Revocation of granted consents (Art. 7 para. 3 GDPR)
Objection to processing (Art. 21 GDPR)

7. Data Storage

We store personal data on our own password-protected server in Nuremberg, Germany. The processing is based on Art. 6 para. 1 lit. b GDPR for the execution of the user agreement as well as Art. 6 para. 1 lit. f GDPR to ensure IT security. To avoid data loss, backups of the data are stored in encrypted form with Google Drive. With Google there is a data processing agreement pursuant to Art. 28 GDPR. Transmission to the USA cannot be excluded. Google is certified under the EU-U.S. Data Privacy Framework. Access to this data is restricted to authorized persons. The data is deleted as soon as the purpose of storage ceases and no legal retention obligations exist.

8. Notes on Location Usage

To provide the tracking function, access to location data of your end device is required. The processing of location data takes place exclusively locally on your end device (frontend) and serves exclusively the calculation of the distance traveled. No transmission of specific location data to our servers or third parties takes place. The location data is processed exclusively temporarily in the memory of your end device and not permanently stored. The distance traveled calculated as part of the local processing is transmitted to our servers and stored there in a personalized manner to enable you to use the tracking function as well as the display of your distance traveled. Storage of specific location data does not take place at any time. The storage of the personalized distance data takes place until manual deletion by you or until the deletion of your user account. The legal basis for the processing of location data is your consent in accordance with Art. 6 para. 1 lit. a GDPR. The storage of distance data is based on Art. 6 para. 1 lit. b GDPR, to the extent that this is necessary for providing the tracking function. You can revoke your consent at any time via the settings of your end device or browser.

9. Data Processing When Using the App

When calling up the app, technically necessary access data is processed. This includes date and time of access, pages called up, browser type, operating system as well as anonymized IP addresses. The IP address is anonymized immediately after collection, so that a personal reference can no longer be established . For error analysis and ensuring the functionality of the app, additional technical log data (e.g. time, executed action, error messages) is stored. These error logs do not contain any IP addresses and no directly identifying personal data. The processing is based on Art. 6 para. 1 lit. f GDPR (legitimate interest in IT security and stability of the platform).

10. Right to Complain to the Supervisory Authority

Affected persons have the right to complain to a data protection supervisory authority if they believe that the processing of their personal data violates the GDPR. The competent authority is usually the data protection supervisory authority of the federal state of your place of residence.

Special Notes on the Protection of Children and Young People

This app is also aimed at young users. The protection of personal data of children and young people has special importance for us. If consent is required for certain functions or services, it may only be given by an adult or person with parental authority. Users confirm in the course of consent, to be authorized to do so. The data protection responsibility for the app lies with an adult person. Minors do not act as responsible parties within the meaning of the GDPR.

Contact for Data Protection Questions

For data protection concerns, please contact the contact details given above (see also Imprint)

Changes to this Legal Notice

We reserve the right to update this legal notice to reflect changes in legal requirements or modifications to our services. The current version can always be found at this URL.