This privacy statement was last updated on 1. April 2024 and applies to citizens and legal permanent residents of the European Economic Area and Switzerland.
In this privacy statement, we explain what we do with the data we obtain about you via https://pandalorians.com. We recommend you carefully read this statement. In our processing we comply with the requirements of privacy legislation. That means, among other things, that:
- we clearly state the purposes for which we process personal data. We do this by means of this privacy statement;
- we aim to limit our collection of personal data to only the personal data required for legitimate purposes;
- we first request your explicit consent to process your personal data in cases requiring your consent;
- we take appropriate security measures to protect your personal data and also require this from parties that process personal data on our behalf;
- we respect your right to access your personal data or have it corrected or deleted, at your request.
If you have any questions, or want to know exactly what data we keep of you, please contact us.
1. Purpose, data and retention period
We may collect or receive personal information for a number of purposes connected with our business operations which may include the following: (click to expand)1.1 Newsletters
1.1 Newsletters
For this purpose we use the following data:
- A first and last name
- Account name or alias
- An email address
The basis on which we may process these data is:
Upon the provision of consent.
Retention period
We retain this data until the service is terminated.
2. Cookies
Our website uses cookies. For more information about cookies, please refer to our Cookie Policy.
3. Disclosure practices
We disclose personal information if we are required by law or by a court order, in response to a law enforcement agency, to the extent permitted under other provisions of law, to provide information, or for an investigation on a matter related to public safety.
If our website or organisation is taken over, sold, or involved in a merger or acquisition, your details may be disclosed to our advisers and any prospective purchasers and will be passed on to the new owners.
4. Security
We are committed to the security of personal data. We take appropriate security measures to limit abuse of and unauthorized access to personal data. This ensures that only the necessary persons have access to your data, that access to the data is protected, and that our security measures are regularly reviewed.
The security measures we use consist of:
- Login Security
- DKIM, SPF, DMARC and other specific DNS settings
- (START)TLS / SSL / DANE Encryption
- Website Hardening/Security Features
- Security measures of hardware that contain, or process personal data.
5. Third-party websites
This privacy statement does not apply to third-party websites connected by links on our website. We cannot guarantee that these third parties handle your personal data in a reliable or secure manner. We recommend you read the privacy statements of these websites prior to making use of these websites.
6. Amendments to this privacy statement
We reserve the right to make amendments to this privacy statement. It is recommended that you consult this privacy statement regularly in order to be aware of any changes. In addition, we will actively inform you wherever possible.
7. Accessing and modifying your data
If you have any questions or want to know which personal data we have about you, please contact us. You can contact us by using the information below. You have the following rights:
- You have the right to know why your personal data is needed, what will happen to it, and how long it will be retained for.
- Right of access: You have the right to access your personal data that is known to us.
- Right to rectification: you have the right to supplement, correct, have deleted or blocked your personal data whenever you wish.
- If you give us your consent to process your data, you have the right to revoke that consent and to have your personal data deleted.
- Right to transfer your data: you have the right to request all your personal data from the controller and transfer it in its entirety to another controller.
- Right to object: you may object to the processing of your data. We comply with this, unless there are justified grounds for processing.
Please make sure to always clearly state who you are, so that we can be certain that we do not modify or delete any data of the wrong person.
8. Submitting a complaint
If you are not satisfied with the way in which we handle (a complaint about) the processing of your personal data, you have the right to submit a complaint to the Data Protection Authority.
9. Contact details
Chris Bernecker
Gertrudisstraße 12
45141 Essen
Germany
Website: https://pandalorians.com
Email: masterpanda@pandalorians.com
Phone number: 123456789
10. Data Requests
For the most frequently submitted requests, we also offer you the possibility to use our data request form
×
Annex
User Registration
This sample policy includes the basics around what personal data you may be collecting, storing and sharing, as well as who may have access to that data. Depending on what settings are enabled and which additional plugins are used, the specific information shared by your form will vary. We recommend consulting with a lawyer when deciding what information to disclose on your privacy policy.
What we collect and store
While you visit our site, we’ll track:- Form Fields Data: Forms Fields data includes the available field types when creating a form. We’ll use this to, for example, collect informations like Name, Email and other available fields.
- Location, IP address and browser type: we’ll use this for purposes like geolocating users and reducing fraudulent activities.
- Transaction Details: we’ll ask you to enter this so we can, for instance, provide subscription packs, and keep track of your payment details for subscription packs!
- Send you information about your account and order
- Respond to your requests, including transaction details and complaints
- Process payments and prevent fraud
- Set up your account for our site
- Comply with any legal obligations we have, such as calculating taxes
- Improve our form offerings
- Send you marketing messages, if you choose to receive them
- Or any other service the built form was created to comply with and it’s necessary information
Who on our team has access
Members of our team have access to the information you provide us. For example, both Administrators and Editors can access:- Form submission information and other details related to it
- Customer information like your name, email and address information.
What we share with others
In this section you should list who you’re sharing data with, and for what purpose. This could include, but may not be limited to, analytics, marketing, payment gateways, shipping providers, and third party embeds.
Payments
In this subsection you should list which third party payment processors you’re using to take payments on your site since these may handle customer data. We’ve included PayPal as an example, but you should remove this if you’re not using PayPal.
Available Modules
In this subsection you should list which third party modules you’re using to increase functionality on your site since these may handle customer data. We’ve included MailChimp as an example, but you should remove this if you’re not using MailChimp.
iThemes Security
What personal data we collect and why we collect it
Security Logs
Suggested text: The IP address of visitors, user ID of logged in users, and username of login attempts are conditionally logged to check for malicious activity and to protect the site from specific kinds of attacks. Examples of conditions when logging occurs include login attempts, log out requests, requests for suspicious URLs, changes to site content, and password updates. This information is retained for 60 days.Login Device Protection
Suggested text: Session data, such as IP addresses and user agents, are stored to verify that users are logging-in from trusted devices.Who we share your data with
Suggested text: A QR code image is generated for users that set up two-factor authentication for this site. This image is generated using an iThemes hosted API. As part of generating this image, your username is sent to the API. This data is not logged. For privacy policy details, please see the iThemes Privacy Policy. Suggested text: When logging into this website, users with the role or higher may have their IP address transmitted to one of the following 3rd-parties, depending on availability, to provide a rough estimate of their location to help prevent unauthorized access to their account: IP Info, Geobytes, GeoPlugin und IP APIWhen running Security Check, ithemes.com will be contacted as part of a process to determine if the site supports TLS/SSL requests. No personal data is sent to ithemes.com as part of this process. Requests to ithemes.com include the site's URL. For ithemes.com privacy policy details, please see the iThemes Privacy Policy.
Suggested text: This site is scanned for potential malware and vulnerabilities by the iThemes Site Scanner. We do not send personal information to the scanner; however, the scanner could find personal information posted publicly (such as in comments) during the scan.In order to ensure file integrity, iThemes Security pulls data from wordpress.org, ithemes.com, and amazonaws.com. No personal data is sent to these sites. Requests to wordpress.org include the WordPress version, the site's locale, a list of installed plugins, and a list of each plugin's version. Requests to ithemes.com and amazonaws.com include the installed iThemes products and their versions. For wordpress.org privacy policy details, please see the WordPress Privacy Policy. For ithemes.com privacy policy details, please see the iThemes Privacy Policy. Requests to amazonaws.com are to content added and managed by iThemes which is covered by the Amazon Web Services Data Privacy policy.