Flash or update your board
Flash or update your board

Privacy Notice

Privacy Policy

1) Introduction and Contact Details of the Controller

1.1

We are pleased that you are visiting our website and thank you for your interest. In the following, we inform you about the handling of your personal data when using our website. Personal data includes all data with which you can be personally identified.

1.2

The controller responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is Daniel Jung, BitcoinPuzzlePirates, Küllenhahnerstrasse 199, 42349 Wuppertal, Germany, Tel.: +49 202 25131370, E-Mail: captain@bitcoinpuzzlepirates.com.

The controller responsible for processing personal data is the natural or legal person who alone or jointly with others determines the purposes and means of processing personal data.

2) Data Collection When Visiting Our Website

2.1

When using our website for informational purposes only, meaning you do not register or otherwise provide us with information, we only collect the data that your browser transmits to our server (so-called “server log files”). When you access our website, we collect the following data, which is technically necessary for us to display the website to you:

  • Our visited website
  • Date and time of access
  • Amount of data sent in bytes
  • Source/reference from which you accessed the page
  • Browser used
  • Operating system used
  • IP address used (if applicable: in anonymized form)

Processing is carried out in accordance with Art. 6(1)(f) GDPR based on our legitimate interest in improving the stability and functionality of our website. The data is neither shared nor used for other purposes. However, we reserve the right to subsequently check the server log files if there are concrete indications of unlawful use.

2.2

For security reasons and to protect the transmission of personal data and other confidential content (e.g., orders or inquiries to the controller), this website uses SSL or TLS encryption. You can recognize an encrypted connection by the “https://” prefix and the lock symbol in your browser’s address bar.

3) Hosting & Content Delivery Network

We use a provider for hosting our website and displaying its content, who provides its services either directly or through selected subcontractors exclusively on servers within the European Union.

All data collected on our website is processed on these servers.

We have entered into a data processing agreement with the provider to ensure the protection of our website visitors’ data and to prohibit unauthorized disclosure to third parties.

4) Cookies

To make your visit to our website more attractive and enable the use of certain functions, we use cookies—small text files that are stored on your device. Some of these cookies are automatically deleted when you close your browser (session cookies), while others remain on your device for a longer period and allow site settings to be saved (persistent cookies). In the latter case, you can find the storage duration in your web browser’s cookie settings overview.

If any of the cookies we use also process personal data, the processing is carried out:

  • According to Art. 6(1)(b) GDPR, if necessary for the performance of a contract,
  • According to Art. 6(1)(a) GDPR, if consent has been given, or
  • According to Art. 6(1)(f) GDPR, to protect our legitimate interest in ensuring the optimal functionality of the website and a user-friendly, effective browsing experience.

You can configure your browser to notify you when cookies are being set and decide on a case-by-case basis whether to accept them, exclude cookies in certain cases, or disable them entirely.

Please note that if cookies are not accepted, the functionality of our website may be limited.

5) Contacting Us

When you contact us (e.g., via contact form or email), personal data is processed solely for the purpose of handling and responding to your inquiry and only to the extent necessary.

The legal basis for processing this data is our legitimate interest in responding to your inquiry in accordance with Art. 6(1)(f) GDPR. If your contact is aimed at concluding a contract, an additional legal basis for processing is Art. 6(1)(b) GDPR.

Your data will be deleted once it is clear from the circumstances that the matter has been conclusively resolved, provided there are no statutory retention obligations preventing deletion.

6) Comment Function

When using the comment function on this website, in addition to your comment, the time of comment submission and the commenter name you choose will be stored and published on this website. Furthermore, your IP address will be recorded and stored.

The storage of the IP address is done for security reasons and in case the comment infringes the rights of third parties or contains unlawful content. Your email address is required so that we can contact you in case a third party disputes your published content as unlawful.

The legal bases for storing your data are Art. 6(1)(b) and (f) GDPR. We reserve the right to delete comments if they are reported as unlawful by third parties.

7) Data Processing When Creating a Customer Account

In accordance with Art. 6(1)(b) GDPR, personal data is collected and processed to the extent necessary when you provide this information to us while creating a customer account. The data required for account registration can be found in the input fields of the corresponding form on our website.

You can request the deletion of your customer account at any time by sending a message to the responsible contact address mentioned above.

After your customer account is deleted, your data will also be erased, provided that all associated contracts have been fully processed, there are no legal retention obligations preventing deletion, and we have no legitimate interest in continued storage.

8) Data Processing for Order Fulfillment

8.1

To the extent necessary for contract execution, specifically for delivery and payment purposes, the personal data we collect will be shared with the contracted shipping company and financial institution in accordance with Art. 6(1)(b) GDPR.

If we are required to provide updates for goods with digital elements or digital products under an applicable contract, we will process the contact details provided at the time of order (name, address, email address) to inform you personally about pending updates within the legally prescribed period. This processing is carried out in accordance with Art. 6(1)(c) GDPR as part of our legal information obligations. Your contact details will be used strictly for the purpose of these legally required notifications and only to the extent necessary.

To fulfill your order, we also collaborate with the following service providers, who assist us in executing the contracts. Certain personal data is transmitted to these service providers as outlined below.

8.2 External Shipping Partners

To fulfill our contractual obligations to our customers, we work with external shipping partners. We share your name, delivery address, and, if necessary for delivery, your phone number exclusively for the purpose of delivering the goods in accordance with Art. 6(1)(b) GDPR.

8.3 Use of Payment Service Providers (Payment Processing Services)

PayPal Checkout

This website uses PayPal Checkout, an online payment system from PayPal that includes PayPal’s own payment methods and third-party local payment methods.

When making a payment via PayPal, credit card via PayPal, direct debit via PayPal, or “Pay Later” (if offered by PayPal), your payment data will be transmitted to PayPal (Europe) S.a.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (“PayPal”) for payment processing. The data transfer is carried out in accordance with Art. 6(1)(b) GDPR and only to the extent necessary for payment processing.

For payments via credit card, direct debit, or “Pay Later” via PayPal, PayPal may perform a credit check. For this purpose, your payment data may be shared with credit agencies in accordance with Art. 6(1)(f) GDPR, based on PayPal’s legitimate interest in determining your creditworthiness. The result of this credit check is used by PayPal to decide whether to offer you the respective payment method.

The credit check may contain probability scores (so-called score values). These are based on a scientifically recognized mathematical-statistical method. Address data, among other factors, is used in the calculation of these scores.

You can object to this data processing at any time by contacting PayPal. However, PayPal may still be entitled to process your personal data if necessary for contract-compliant payment processing.

For PayPal’s “Invoice Purchase” option, your payment data is first transmitted to PayPal, which then forwards it to Ratepay GmbH, Franklinstraße 28-29, 10587 Berlin (“Ratepay”) for payment processing. The legal basis for this transfer is Art. 6(1)(b) GDPR. Ratepay performs identity and credit checks in its own name to assess payment capability and may transfer your payment data to credit agencies based on Art. 6(1)(f) GDPR. A list of credit agencies used by Ratepay can be found here: Ratepay Credit Agencies.

For local third-party payment providers, PayPal first processes your payment data in accordance with Art. 6(1)(b) GDPR before forwarding it to the respective payment provider, depending on your selected payment method:

  • Apple Pay (Apple Distribution International, Hollyhill Industrial Estate, Hollyhill, Cork, Ireland)
  • Google Pay (Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland)
  • iDeal (Currence Holding BV, Beethovenstraat 300, Amsterdam, Netherlands)
  • Bancontact (Bancontact Payconiq Company, Rue d’Arlon 82, 1040 Brussels, Belgium)
  • BLIK (Polski Standard Płatności sp. z o.o., ul. Czerniakowska 87A, 00-718 Warsaw, Poland)
  • EPS (PSA Payment Services Austria GmbH, Handelskai 92, Gate 2, 1200 Vienna, Austria)
  • MyBank (PRETA S.A.S, 40 Rue de Courcelles, F-75008 Paris, France)
  • Przelewy24 (PayPro SA, Kanclerska 15A, 60-326 Poznań, Poland)

For more details on PayPal’s data protection policies, please visit:
PayPal Privacy Policy

WooCommerce Payments

This website offers one or more online payment methods provided by Automattic Inc., 60 29th Street #343, San Francisco, CA 94110-4929, USA.

When selecting a prepaid payment method (e.g., credit card payment), your payment data (including name, address, bank and card details, currency, and transaction number) as well as order details will be transmitted to this provider in accordance with Art. 6(1)(b) GDPR.

The data transfer is solely for the purpose of processing the payment and will only be carried out to the extent necessary.

For data transfers to the USA, Automattic Inc. complies with the EU-US Data Privacy Framework, ensuring adherence to European data protection standards under a European Commission adequacy decision.

9) Website Functionality

Google Maps

This website uses an online map service provided by: Google Maps (API), operated by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”).

Google Maps is a web service for displaying interactive (land) maps to visually present geographic information. By using this service, our location will be displayed, making it easier for you to plan your route.

When accessing subpages that include a Google Maps map, information about your use of our website (such as your IP address) is transmitted to Google servers and stored there. This may also involve transmission to Google LLC servers in the USA. This occurs regardless of whether you have a Google user account and are logged in or whether such an account exists at all.

If you are logged into your Google account, your data is directly linked to your account. If you do not want this association, you must log out of your Google account before activating the button. Google stores user data (even for users who are not logged in) as usage profiles and evaluates them for purposes such as personalized advertising, market research, and optimizing Google services.

The collection, storage, and evaluation of this data take place in accordance with Art. 6(1)(f) GDPR, based on Google’s legitimate interest in displaying personalized advertising and conducting market research or demand-oriented design of Google services. You have the right to object to the creation of these user profiles, which you must exercise directly with Google.

If you do not agree with your data being transmitted to Google when using Google Maps, you have the option to disable Google Maps entirely by deactivating JavaScript in your browser settings. However, please note that in this case, Google Maps and the map display on this website will no longer be available.

Where legally required, we have obtained your explicit consent for the data processing described above in accordance with Art. 6(1)(a) GDPR. You can revoke your consent at any time with effect for the future. To withdraw your consent, please follow the objection instructions outlined above.

For data transfers to the USA, Google has joined the EU-US Data Privacy Framework, which ensures compliance with European data protection standards based on an adequacy decision by the European Commission.

For more details on Google’s privacy policy, please visit:
Google Privacy Policy

10) Tools and Miscellaneous

Cookie Consent Tool

This website uses a “Cookie Consent Tool” to obtain valid user consent for cookies and cookie-based applications that require approval.

The Cookie Consent Tool is displayed to users as an interactive interface upon accessing the website. Users can grant consent for specific cookies and/or cookie-based applications by selecting checkboxes. This ensures that only cookies requiring consent are loaded if the user actively provides their consent. As a result, such cookies are only placed on the user’s device if permission has been granted.

The tool sets technically necessary cookies to store your cookie preferences. No personal user data is processed in this case.

If, in exceptional cases, personal data (such as the IP address) is processed for the purpose of storing, assigning, or logging cookie settings, this processing is carried out in accordance with Art. 6(1)(f) GDPR, based on our legitimate interest in providing a legally compliant, user-specific, and user-friendly cookie consent management system and ensuring legal compliance for our website.

Another legal basis for processing is Art. 6(1)(c) GDPR, as we are legally obligated to obtain user consent for non-essential cookies.

Where required, we have entered into a data processing agreement with the provider to ensure the protection of our website visitors’ data and to prohibit unauthorized disclosure to third parties.

Further details about the operator and configuration options of the Cookie Consent Tool can be found directly in the corresponding user interface on our website.

11) Rights of the Data Subject

11.1

Under applicable data protection law, you have the following rights regarding the processing of your personal data. The legal basis for exercising these rights is indicated in each case:

  • Right to access according to Art. 15 GDPR
  • Right to rectification according to Art. 16 GDPR
  • Right to erasure (“right to be forgotten”) according to Art. 17 GDPR
  • Right to restriction of processing according to Art. 18 GDPR
  • Right to notification according to Art. 19 GDPR
  • Right to data portability according to Art. 20 GDPR
  • Right to withdraw consent given according to Art. 7(3) GDPR
  • Right to lodge a complaint with a supervisory authority according to Art. 77 GDPR

11.2 Right to Object

IF WE PROCESS YOUR PERSONAL DATA BASED ON OUR LEGITIMATE INTEREST AS PART OF A BALANCING OF INTERESTS, YOU HAVE THE RIGHT TO OBJECT TO THIS PROCESSING AT ANY TIME FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION, WITH EFFECT FOR THE FUTURE.

IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL CEASE PROCESSING THE AFFECTED DATA. HOWEVER, WE RESERVE THE RIGHT TO CONTINUE PROCESSING IF WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING THAT OUTWEIGH YOUR INTERESTS, FUNDAMENTAL RIGHTS, AND FREEDOMS, OR IF THE PROCESSING SERVES TO ASSERT, EXERCISE, OR DEFEND LEGAL CLAIMS.

IF YOUR PERSONAL DATA IS PROCESSED FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA FOR SUCH ADVERTISING PURPOSES. YOU MAY EXERCISE THIS RIGHT AS DESCRIBED ABOVE.

IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL STOP PROCESSING YOUR DATA FOR DIRECT MARKETING PURPOSES.

12) Duration of Storage of Personal Data

The duration of personal data storage is determined by the relevant legal basis, the purpose of processing, and—if applicable—the statutory retention period (e.g., commercial and tax retention periods).

  • If personal data is processed based on explicit consent in accordance with Art. 6(1)(a) GDPR, the data will be stored until you withdraw your consent.

  • If statutory retention periods apply to data processed for contractual or pre-contractual obligations based on Art. 6(1)(b) GDPR, the data will be routinely deleted after the retention period expires, provided it is no longer required for contract performance, initiation, or if there is no legitimate interest in continued storage.

  • If personal data is processed based on Art. 6(1)(f) GDPR, it will be stored until you exercise your right to object under Art. 21(1) GDPR, unless we can demonstrate compelling legitimate reasons for processing that override your interests, rights, and freedoms, or the processing serves the establishment, exercise, or defense of legal claims.

  • If personal data is processed for direct marketing purposes based on Art. 6(1)(f) GDPR, it will be stored until you exercise your right to object under Art. 21(2) GDPR.

Unless stated otherwise in this privacy policy, stored personal data will be deleted once it is no longer necessary for the purposes for which it was collected or otherwise processed.