Privacy policy

Table of contents:

1. General information
   
   1. Important terms
   2. Scope of application
   3. Person responsible
   4. Data Protection Officer
2. The data processing in detail
   
   1. General information on data processing
   2. Calling up our services
3. Rights of data subjects
   
   1. Right of objection
   2. Right to information
   3. Right of rectification
   4. Right to erasure ("right to be forgotten")
   5. Right to restriction of processing
   6. Right to data portability
   7. Right to withdraw consent
   8. Right of appeal

Browser: Computer program for displaying websites (e.g. Chrome, Firefox, Safari)

Cookies: Text files that are placed on the user's computer by the web server accessed via the browser used. The stored cookie information may contain both an identifier (cookie ID), which is used to recognize the user, and content information such as login status or information about websites visited. The Browser sends the cookie information back to the web server on subsequent, new visits to this page with each request. Most Browser accept Cookies automatically.

Third countries: Countries outside the European Union (EU)

GDPR: Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural persons with regard to the processing of personal data. Processing on the free movement of personal data and repealing Directive 95/46/EC (General Data Protection Regulation), available at here.

Personal data: Any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Profiling: Any type of automated Processing of personal data consisting of the use of such personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements

Services: Our offers to which this privacy policy applies (see scope of application).

Tracking: The collection of data and its evaluation with regard to the behavior of visitors on our Services.

Tracking technologies: Tracking can be carried out both via the activity logs stored on our web servers (log files) and by collecting data from your end device via Pixel, Cookies and similar Tracking technologies.

Processing: Any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Pixel: Pixel are also known as tracking pixels, web beacons or web bugs. These are small, invisible graphics in HTML emails or on websites. When a document is opened, this small image is downloaded from a server on the Internet and the download is registered there. This allows the server operator to see if and when an e-mail has been opened or a website visited. This function is usually implemented by calling up a small program (Javascript). In this way, certain types of information can be recognized on your computer system and passed on, such as the content of Cookiestime and date of the page view and a description of the page on which the tracking pixel is located.

This privacy policy applies to the following offers:

• our Online offer "Privacy Policy / Blue Ocean Entertainment AG / PLANET WOW" (website), available in particular at www.planetwow.de/,
• whenever reference is made to this privacy policy from one of our offers (e.g. websites, subdomains, mobile applications, web services or integrations in third-party sites), regardless of how you access or use it.

All of these offers are also referred to together as "Services" is labeled.

The person responsible for data processing - i.e. the person who determines the purposes and means of Processing of personal data decides - in connection with the Services is:

Or via the under I.3 address (for the attention of the Data Protection Department) or via:

In this section of the privacy policy, we inform you in detail about the Processing personal data within the scope of our Services. For the sake of clarity, we organize this information according to specific functionalities of our Services. During normal use of the Services different functionalities and therefore different processing methods can be used one after the other or simultaneously.

Unless otherwise stated, the following applies to all processing described below:

The provision of personal data is not required by law or contract and you are not obliged to provide data. We will inform you during the input process if the provision of personal data is required for the respective service (e.g. by marking it as a "mandatory field"). If data is required, failure to provide it will mean that the service in question cannot be provided. Otherwise, failure to provide the data may mean that we are unable to provide our services in the same form and quality.

In various cases, you have the option of giving us your consent to further processing in connection with the processing described below (possibly for part of the data). In this case, we will inform you separately in connection with the submission of the respective declaration of consent about all modalities and the scope of the consent and about the purposes that we pursue with this processing. The processing operations based on your consent are therefore not listed here again (Art. 13 para. 4 GDPR).

When we send data to Third countriesi.e. countries outside the European Union, then the transfer takes place exclusively in compliance with the legally regulated admissibility requirements.

If the transmission of the data to a Third country does not serve to fulfill our contract with you, we do not have your consent, the transfer is not necessary for the assertion, exercise or defense of legal claims and there is no other exception under Art. 49 GDPR applies, we will only transfer your data to a third party Third countryif an adequacy decision has been made in accordance with Art. 45 GDPR or suitable guarantees according to Art. 46 GDPR are available.

By concluding the EU standard data protection clauses issued by the European Commission with the receiving body, we fulfill the requirements for verification with regard to suitable guarantees in accordance with Art. 46 para. 2 lit. c) GDPRand with regard to an adequate level of data protection in the Third country. Copies of the EU standard data protection clauses are available on the website of the European Commission, available at here.

Our data processing is carried out to a large extent with the involvement of so-called hosting service providers, who provide us with storage space and processing capacities in their data centers and also process personal data on our behalf in accordance with our instructions. Personal data may be transmitted to hosting service providers for all of the functionalities listed below. These service providers either process data exclusively in the EU or we have guaranteed an adequate level of data protection with the help of the EU standard data protection clauses (see c.).

We transfer personal data to government authorities (including law enforcement authorities) if this is necessary to fulfill a legal obligation to which we are subject (legal basis: Art. 6 para. 1 lit. c) GDPR) or it is necessary for the establishment, exercise or defense of legal claims (legal basis Art. 6 para. 1 letter f) GDPR).

The "Storage period" section indicates how long we use the data for the respective processing purpose. After this period has expired, the data will no longer be processed by us, but will be deleted at regular intervals, unless there is a need for continued storage. Processing and storage is provided for by law (in particular because it is necessary to fulfill a legal obligation or to assert, exercise or defend legal claims) or you give us further consent.

Some of the data processing described in the following sections is carried out with the help of Cookies. The information stored in a cookie can only be accessed via the Internet by the operator of the web server that originally set the cookie. Access by third parties in this way is not possible. The Cookies have different functional durations. Some Cookies are only active during a browser session and are then deleted, others function for longer periods, but usually for less than a year. At the end of the functional period, a cookie is deleted by the Browser deleted. You can Cookies using the browser functions (usually under "Options" or "Settings"). This allows the saving of Cookies be deactivated, made dependent on your consent in individual cases or otherwise restricted. You can Cookies delete at any time.

In the following sections, the following summarizing category designations are used for certain types of data:

• Access data: Date and time of the visit to our service; the page from which the accessing system came to our site; pages accessed during use; data for session identification (session ID); also the following information of the accessing computer system: Internet Protocol address (IP address) used, browser type and version, device type, operating system and similar technical information.

We collect personal data from publicly accessible sources. Publicly accessible sources include, in particular, publicly accessible websites, all public directories that are available to the general public (telephone and similar directories) and public registers, even if they may require a login (e.g. commercial register).

We process all categories of data that are stored in publicly accessible sources. This may be, for example Personal master data, Address data, Contact details, Payment data, Order dataas well as all other categories of data, such as interests, preferences, affinities and the like.

The data is collected for the purpose of fulfilling the principle of accuracy in accordance with Art. 5 para. 1 letter d) GDPRwhere applicable, the purpose of contract performance in accordance with Art. 6 para. 1 letter b) GDPRif necessary for the purpose of enforcing rights and for collection in accordance with Art. 6 para. 1 letters b) and f) GDPRas well as for the purpose of direct advertising in accordance with Art. 6 para. 1 letter f) GDPR in conjunction with recital 46 GDPR.

Below we describe how your personal data is processed when you visit our website. Services are processed (e.g. loading and viewing the website, opening and navigating within the mobile device app). In addition, we use technically or legally necessary auxiliary tools that do not collect any data themselves (such as a tag manager), but only serve the security of the website, the administration and operation of other tools or the administration of consents given by you (Consent Management Platform). In particular, we would like to point out that the transmission of Access data to external content providers (see under b.) is unavoidable due to the technical functioning of information transfer on the internet. The third-party providers themselves are responsible for the data protection-compliant operation of the IT systems they use. The decision on the storage duration of the data is the responsibility of the service providers.

If we process your personal data for direct marketing purposes, you have the right to object to this processing at any time with effect for the future. Processing personal data concerning you for the purpose of such advertising; this also applies to the Profilinginsofar as it is associated with such direct advertising.

You also have the right, for reasons arising from your particular situation, to object to the processing of your personal data at any time with effect for the future. Processing personal data concerning you, which have been Art. 6 para. 1 letter e) or f) GDPR This also applies to an objection based on these provisions. Profiling.

You can exercise your right to object free of charge. In order to process your request more quickly, please use our form under the following link:
Data protection request form

Alternatively, you can contact us at I.4 mentioned Contact details reach.

You have the right to obtain from us confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, access to the personal data and the other information specified in Art. 15 GDPR listed information.

You have the right to obtain from us without undue delay the rectification of inaccurate personal data concerning you (Art. 16 GDPR). Taking into account the purposes of the Processing you have the right to request the completion of incomplete personal data - also by means of a supplementary declaration.

You have the right to obtain from us the erasure of personal data concerning you without undue delay where one of the grounds listed in Art. 17 para. 1 GDPR the above reasons apply and the Processing not for one of the Art. 17 para. 3 GDPR is required for the regulated purposes.

You are entitled to impose a restriction on the Processing of your personal data if one of the reasons listed in Art. 18 para. 1 letters a) to d) GDPR regulated conditions are met.

You have chosen from the Art. 20 para. 1 GDPR In exercising this right, you have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from us. When exercising the right to data portability, you have the right to have the personal data transmitted directly from us to another controller, where technically feasible.

As far as the Processing is based on your consent, you have the right to withdraw your consent at any time. The legality of the processing carried out on the basis of the consent until the revocation Processing is not affected by this.

You have the right to lodge a complaint with the supervisory authority responsible for our company. The supervisory authority responsible for our company is
The State Commissioner for Data Protection of Baden-Württemberg, P.O. Box 10 29 32, 70025 Stuttgart, https://www.baden-wuerttemberg.datenschutz.de/

Stand: 13.01.2025