1. General Information
The operators of this website take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.
The use of our website is generally possible without providing personal data. Insofar as personal data (e.g. name, address, or email addresses) are collected on our pages, this is always done, as far as possible, on a voluntary basis. This data will not be passed on to third parties without your express consent.
We would like to point out that data transmission over the Internet (e.g. when communicating by e-mail) may have security gaps. Complete protection of data against access by third parties is not possible.
2. Responsible Party
The responsible party for data processing on this website is:
Dean Trockel
c/o IP-Management #5061
Ludwig-Erhard-Str. 18
20459 Hamburg
Deutschland
Contact:
E-Mail: [email protected]
Telefon: +49 15203248478
Website: https://endercity.net
3. Data Collection on Our Website
3.1 Server Log Files
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
• Browser type and browser version
• Operating system used
• Referrer URL
• Hostname of the accessing computer
• Time of the server request
• IP address
This data is not merged with other data sources. The basis for data processing is Art. 6 para. 1 lit. f GDPR, which permits the processing of data for the fulfillment of a contract or pre-contractual measures.
Server log files are automatically deleted after 14 days.
3.2 Registration on the Website
You can register on our website to use additional functions. We only use the data entered for the purpose of using the respective offer or service for which you have registered. The mandatory information requested during registration must be provided in full. Otherwise, we will reject the registration.
For important changes, such as the scope of the offer or technically necessary changes, we use the e-mail address provided during registration to inform you in this way.
The processing of the data entered during registration is based on your consent (Art. 6 para. 1 lit. a GDPR). You can revoke your consent at any time. An informal message by e-mail to us is sufficient for the revocation. The legality of the data processing already carried out remains unaffected by the revocation.
The data collected during registration will be stored by us for as long as you are registered on our website and will then be deleted. Legal retention periods remain unaffected.
3.3 Stored User Data (Database)
When you register on our website or use our services, the following personal data is stored in our database:
• E-mail address (for login and communication)
• Password (stored exclusively in hashed/encrypted form; we have no access to your plain-text password)
• Minecraft UUID (unique player identifier assigned by Mojang/Microsoft, used to link your website account to your Minecraft account)
• Minecraft username
• Registration date and time
• Account status and role information
This data is required for the operation of our services and to provide you with a personalized experience on our website and Minecraft server. The legal basis for processing is Art. 6 para. 1 lit. b GDPR (performance of a contract) and Art. 6 para. 1 lit. a GDPR (consent).
Your password is stored using modern cryptographic hashing procedures. A reconstruction of the original password from the stored hash is not possible.
You can request the deletion of your account and all associated data at any time by contacting us at [email protected]. 4. SSL/TLS Encryption
This site uses SSL/TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from 'http://' to 'https://' and by the lock symbol in your browser line.
If SSL/TLS encryption is activated, the data you transmit to us cannot be read by third parties. 5. Cloudflare
We use the 'Cloudflare' service provided by Cloudflare, Inc., 101 Townsend St., San Francisco, CA 94107, USA. Cloudflare offers a content delivery network with DNS. As a rule, all traffic between the user and our website is routed through the Cloudflare network. Cloudflare analyzes the data traffic between users and our website and, among other things, serves as a filter between our servers and potentially harmful traffic from the Internet. In doing so, Cloudflare may also use cookies or other technologies to recognize Internet users, but these are only used for the purpose described here.
The use of Cloudflare is based on our legitimate interest in providing our website as error-free and secure as possible (Art. 6 para. 1 lit. f GDPR).
We have concluded a Data Processing Agreement (DPA) pursuant to Art. 28 GDPR with Cloudflare. Data transfer to the USA is based on the EU-US Data Privacy Framework. Cloudflare is certified under the EU-US Data Privacy Framework and additionally uses EU Standard Contractual Clauses. For more information, see Cloudflare's privacy policy: https://www.cloudflare.com/privacypolicy/ 6. Google Cloud CDN
We use Google Cloud CDN, a content delivery network provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ('Google'). Google Cloud CDN is used to accelerate the delivery of website content and improve the user experience. For this purpose, calls from your browser are routed via a Google server. This enables Google to determine that our website has been accessed from your IP address.
The use is based on our legitimate interest in a secure and efficient provision and optimization of our online offering (Art. 6 para. 1 lit. f GDPR).
We have concluded a Data Processing Agreement (DPA) pursuant to Art. 28 GDPR with Google. Google LLC is certified under the EU-US Data Privacy Framework. For more information on data protection at Google, see: https://policies.google.com/privacy 7. Google Tag Manager
This website uses Google Tag Manager, a solution provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ('Google'). Google Tag Manager allows us to manage website tags through a single interface. The Google Tag Manager tool itself does not process any personal data, but it enables the integration of other services that may collect data. Google Tag Manager does not access this data. If a deactivation has been made at the domain or cookie level, it remains in place for all tracking tags implemented with Google Tag Manager.
For more information, see: https://policies.google.com/privacy 8. Google Analytics
This website uses functions of the web analytics service Google Analytics, provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ('Google'). Google Analytics uses 'cookies', text files that are stored on your computer and enable analysis of your use of the website. The information generated by the cookie about your use of the website is usually transferred to a Google server in the USA and stored there.
Google Analytics is only activated after you have given your explicit consent via our cookie banner (opt-in). The legal basis for processing is therefore Art. 6 para. 1 lit. a GDPR (consent). You can revoke your consent at any time with effect for the future by adjusting your cookie settings.
We have activated the IP anonymization function on this website. As a result, your IP address will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area before transmission to the USA.
On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity, and to provide other services relating to website activity and internet usage to the website operator.
The data collected via Google Analytics is automatically deleted after 14 months. Google LLC is certified under the EU-US Data Privacy Framework.
For more information on terms of use and data protection, see: https://www.google.com/analytics/terms/ and https://policies.google.com/privacy 9. Google Ads
Our website uses Google Ads, an online advertising program from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ('Google'). With Google Ads, we can display advertisements in the Google search engine or on third-party websites when the user enters certain search terms on Google (keyword targeting). Furthermore, targeted advertisements can be displayed based on the user data available at Google (e.g. location data and interests) (target group targeting).
Google Ads conversion tracking is also used. When you click on an ad placed by Google, a cookie for conversion tracking is set. These cookies lose their validity after 30 days and are not used to identify the user personally.
Google Ads and its conversion tracking are only activated after you have given your explicit consent via our cookie banner (opt-in). The legal basis is Art. 6 para. 1 lit. a GDPR (consent). You can revoke your consent at any time with effect for the future.
Google LLC is certified under the EU-US Data Privacy Framework. For more information, see Google's privacy policy: https://policies.google.com/privacy 10. Google Ads Remarketing
This website uses the remarketing function of Google Ads. Google Ads Remarketing enables us to assign people who interact with our online offering to certain target groups in order to subsequently display interest-based advertising to them in the Google advertising network (remarketing or retargeting).
In addition, the advertising target groups created with Google Ads Remarketing can be linked with Google's cross-device functions. In this way, interest-based, personalized advertising messages that have been adapted to you depending on your previous usage and surfing behavior on one end device (e.g. mobile phone) can also be displayed on another of your end devices (e.g. tablet or PC).
Google Ads Remarketing is only activated after you have given your explicit consent via our cookie banner (opt-in). The legal basis is Art. 6 para. 1 lit. a GDPR (consent). You can revoke your consent at any time with effect for the future.
Google LLC is certified under the EU-US Data Privacy Framework. For more information and the data protection regulations, see Google's privacy notice at: https://policies.google.com/technologies/ads 11. Google AdSense
This website uses Google AdSense, a service for integrating advertisements from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ('Google'). Google AdSense uses cookies, which enable an analysis of the use of our website. Google AdSense also uses so-called web beacons (invisible graphics). Through these web beacons, information such as visitor traffic on these pages can be analyzed.
The information generated by cookies and web beacons about the use of this website (including your IP address) and the delivery of advertising formats is transmitted to and stored by Google on servers in the USA.
Google AdSense is only activated after you have given your explicit consent via our cookie banner (opt-in). The legal basis is Art. 6 para. 1 lit. a GDPR (consent). You can revoke your consent at any time with effect for the future.
Google LLC is certified under the EU-US Data Privacy Framework. For more information on data protection at Google, see: https://policies.google.com/privacy 12. Encrypted Payment (Tebex)
All purchases and payment processing on our website are handled exclusively through the payment platform Tebex (Tebex Limited, registered in England & Wales). EnderCity itself does not store or process any payment data such as credit card numbers, bank account details, or other financial information.
When making a purchase, you will be redirected to a Tebex checkout page. Tebex is responsible for the secure processing and storage of your payment information. The data transmission to Tebex is encrypted via SSL/TLS.
We have concluded a data processing agreement (DPA) with Tebex in accordance with Art. 28 GDPR.
For more information on how Tebex handles your data, please refer to the Tebex privacy policy: https://www.tebex.io/legal/privacy and Tebex terms: https://www.tebex.io/legal/terms 13. Your Rights
You have the right to free information about your stored personal data, its origin and recipient and the purpose of data processing, and, if applicable, a right to correction, blocking, or deletion of this data at any time. You can contact us at any time at the address given in the legal notice for this and other questions on the subject of personal data.
• Right of access (Art. 15 GDPR)
• Right to rectification (Art. 16 GDPR)
• Right to erasure (Art. 17 GDPR)
• Right to restriction of processing (Art. 18 GDPR)
• Right to data portability (Art. 20 GDPR)
• Right to object (Art. 21 GDPR)
If you believe that the processing of your data violates data protection law or your data protection rights have been violated in any other way, you can file a complaint with the competent supervisory authority.
14. Cookies
Our website uses cookies. Cookies are small text files that are stored on your end device and that your browser saves. They serve to make our offering more user-friendly, effective, and secure.
We distinguish between technically necessary cookies and analytics/marketing cookies:
• Technically necessary cookies: These cookies are required for the operation of the website (e.g. session cookies, login cookies). They are stored on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the technically error-free provision of its services.
• Analytics and marketing cookies: These cookies are only set after you have given your explicit consent via our cookie banner (opt-in). The legal basis is Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time with effect for the future by adjusting your cookie settings.
Some cookies are 'session cookies'. Such cookies are automatically deleted after the end of your browser session. Other cookies remain stored on your end device until you delete them.
You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude acceptance of cookies for certain cases or in general, and activate the automatic deletion of cookies when closing the browser.
15. Data Processing Agreements (DPA)
We have concluded data processing agreements in accordance with Art. 28 GDPR with all service providers that process personal data on our behalf. This applies in particular to Cloudflare, Google, and Tebex. These agreements ensure that service providers only process data according to our instructions and in compliance with the GDPR.
16. Data Transfer to Third Countries
Some of the service providers we use are based in the USA (Google LLC, Cloudflare, Inc.). Data transfers to the USA are carried out on the basis of the EU-US Data Privacy Framework (DPF). The aforementioned companies are certified under the DPF and thereby commit to compliance with European data protection standards. In addition, we use EU Standard Contractual Clauses as an additional safeguard.
For more information on the EU-US Data Privacy Framework, visit: https://www.dataprivacyframework.gov 17. Data Protection of Minors
Our services are not specifically directed at children under the age of 16. We do not knowingly collect personal data from children under 16 without the consent of their parents or legal guardians. If we become aware that personal data has been collected from a child under 16 without the required consent, we will delete this data immediately.
18. Changes to This Privacy Policy
We reserve the right to update this privacy policy to always comply with current legal requirements or to implement changes to our services in the privacy policy, e.g. when introducing new services. The new privacy policy will apply to your next visit.
