Privacy Policy

General Data Protection Regulation (GDPR)

Who we are

Our website address is: https://popeyesblog.eu/photoblog.

Sebastian, Dichler
Helene-Potetz-Weg 5/305
1120 Wien Austria
E-Mail: sedi343@gmail.com

What personal data we collect and why we collect it

– Inventory data (e.g. name, address)
– Contact details (e.g. email)
– Content data (e.g. text, photography, vidoes)
– Usage data (e.g. searched subsites, access times)
– Meta-/communications data (e.g. IP-address, device-information)

Purpose of processing

– Answering contact requests and communication with users
– Audience measurement

Relevant legal bases

In accordance with article 13 GDPR, we inform you about the legal basis of our data processing. Unless the legal basis is stated in the privacy policy, the following applies: The legal basis for obtaining consent is article 6 (1a) and article 7 GDRP; the legal basis for the processing for the performance of our services and the execution of contractual measures as well as the answer to inquiries is article 6 (1b) GDPR; the legal basis for processing to fulfill our legal obligations is article 6 (1c) GDPR; and the legal basis for processing in order to safeguard our legitimate interests is article 6 (1) (f) GDPR. In the event that vital interests of the data subject or another natural person require the processing of personal data, article 6 (1d) GDPR serves as the legal basis.

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Contact forms

When visitors leave a feedback to get in contact on the site we collect the data shown in the feedback form such as Name, Email, Website, and the visitor’s IP address to help spam detection. We are using this data to get in contact with visitors. We do not use the information submitted through visitors for marketing purposes.

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.

Analytics

We are using the analytics program Webalizer: http://www.webalizer.org/ which is collecting informations from the server log files including visitors IP, visitors User-Agent, overall status-code errors, overall downloads in byte, overall opened URLs. For WordPress we use the Plugin Jetpack for analytics.

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information except the password, which they only can change.

Server logs

Each of your accesses to the websites of popeyesblog.eu is stored in a log file (server logs) for a limited time with the following data.

– IP address of the requestor
– Request details and destination address
– Name of the retrieved file and transferred amount of data
– Date and time of retrieval
– Message if the retrieval was successful

These data are for system security verification only. There is no personal evaluation or profiling.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where we send your data

Data logged when accessing the website of popeyesblog.eu will only be transmitted to third parties to the extent required by law or court order or in the event of an attack on the Internet infrastructure for legal or criminal prosecution.

Visitor comments may be checked through an automated spam detection service. For WordPress we are using Akismet Anti-Spam protection.

Protection of minors

Persons under the age of 14 should not submit any personal data to us without the consent of their parents or guardians. We do not request personal information from children and adolescents. We do not knowingly collect such data and do not share it with third parties.

Your contact information

Sebastian, Dichler
Helene-Potetz-Weg 5/305
1120 Wien Austria
E-Mail: sedi343@gmail.com

How we protect your data

Every password stored in our database is saved as a hash, so it’s not visible as plain text. The admin and other users, therefore, can not see the password. For password encryption, we are using the default WordPress standards. For the transmission of every data, we are using an https point-to-point encryption between the user and the server.

What data breach procedures we have in place

For data breaches, either potential or real we are hosting a contact mechanism which you can find here: https://popeyesblog.eu/photoblog/?page_id=14

Akismet Anti-Spam-Check

Our online offering uses the “Akismet” service offered by Automattic Inc., 60 29th Street # 343, San Francisco, CA 94110, USA. The use is based on our legitimate interests within the meaning of Art. 6 para. 1 lit. f) GDPR.

We collect information about visitors who comment on Sites that use our Akismet anti-spam service. The information we collect depends on how the User sets up Akismet for the Site, but typically includes the commenter’s IP address, user agent, referrer, and Site URL (along with other information directly provided by the commenter such as their name, username, email address, and the comment itself).

For more information about the collection and use of data by Akismet, see the Automattic Privacy Notice: https://automattic.com/privacy/.

Profile pictures from Gravatar

We use the Gravatar service of Automattic Inc., 60 29th Street # 343, San Francisco, CA 94110, USA, within our online offering and specifically on the blog.

Gravatar is a service that allows users to log in and submit profile pictures and their email addresses. If users with the respective e-mail address on other online sites (especially in blogs) leave posts or comments, so their profile pictures can be displayed next to the posts or comments. For this purpose, the e-mail address communicated by the users to Gravatar is transmitted encrypted in order to check whether a profile is stored for it. This is the sole purpose of sending the e-mail address and it will not be used for other purposes but will be deleted afterwards.

The use of Gravatar is based on our legitimate interests within the meaning of Art. 6 para. 1 lit. f) DSGVO, because with the help of Gravatar we offer the post and comment writers the opportunity to personalize their posts with a profile picture.

By displaying the images, Gravatar has learned the IP address of the users, as this is necessary for communication between a browser and an online service. For more information about Gravatar’s collection and use of data, see the Automattic Privacy Notice: https://automattic.com/privacy/.

If users do not want a user picture linked to their email address on Gravatar to appear in the comments, they should use a non-Gravatar email address to comment. We also point out that it is also possible to use an anonymous or even no e-mail address if the users do not want their own e-mail address to be sent to Gravatar. Users can completely prevent the transfer of data by not using our commenting system.

Jetpack (WordPress Stats)

Based on our legitimate interests (ie interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 (1) lit. DSGVO) we use the plugin Jetpack (here the subfunction “WordPress Stats”), which includes Includes Visitor Access Statistical Evaluation Tool and Automattic Inc., 60 29th Street # 343, San Francisco, CA 94110, USA. Jetpack uses so-called “cookies”, text files that are stored on your computer and that allow an analysis of the use of the website by you.

The information generated by the cookie about your use of this online offer is stored on a server in the USA. Here, user profiles of the users can be created from the processed data, these being used only for analysis and not for advertising purposes. For more information, see the Automattic Privacy Policy: https://automattic.com/privacy/ and Jetpack Cookies: https://jetpack.com/support/cookies/.

Google Analytics

Based on our legitimate interests (i.e., interest in the analysis, optimization, and economic operation of our online offer within the meaning of Art. 6 (1) lit. DSGVO), Google Analytics uses a web analytics service provided by Google LLC (“Google”). Google uses cookies. The information generated by the cookie about the use of the online offer by the users are usually transmitted to a Google server in the USA and stored there.

Google is certified under the Privacy Shield Agreement, which provides a guarantee to comply with European privacy legislation (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

Google will use this information on our behalf to evaluate the use of our online offer by users, to compile reports on the activities within this online offer and to provide us with further services related to the use of this online offer and the internet usage. In this case, pseudonymous usage profiles of the users can be created from the processed data.

We only use Google Analytics with activated IP anonymization. This means that the IP address of the users will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the US and shortened there.

The IP address submitted by the user’s browser will not be merged with other data provided by Google. Users can prevent the storage of cookies by setting their browser software accordingly; Users may also prevent the collection by Google of the data generated by the cookie and related to its use of the online offer and the processing of such data by Google by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=en.

For more information about Google’s data usage, hiring and disparaging options, please read Google’s Privacy Policy (https://policies.google.com/technologies/ads) and Google’s Ads Ads Settings (https://adssettings.google.com/authenticated).

The personal data of users will be deleted or anonymised after 14 months.

Online presence in social media

We maintain an online presence within social networks and platforms in order to communicate with customers, prospects and users active there and to inform them about our services. When calling the respective networks and platforms, the terms and conditions and the data processing guidelines apply to their respective operators.

Unless otherwise stated in our Privacy Policy, we process users’ data as long as they communicate with us on social networks and platforms, e.g. Write posts on our online presence or send us messages.

Youtube

We embed videos from the YouTube platform of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy Policy: https://www.google.com/policies/privacy/, opt-out: https://adssettings.google.com/authenticated.

Use of Facebook Social Plugins

Based on our legitimate interests (ie interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 (1) f. DSGVO) we use social plugins (“plugins”) of the social network facebook.com, which operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland (“Facebook”). The plugins can represent interaction elements or content (eg videos, graphics or text contributions) and can be recognized by one of the Facebook logos (white “f” on blue tile, the terms “Like”, “Like” or a “thumbs up” sign ) or are marked with the addition “Facebook Social Plugin”. The list and appearance of Facebook Social Plugins can be viewed here: https://developers.facebook.com/docs/plugins/.

Facebook is certified under the Privacy Shield Agreement, which provides a guarantee to comply with European privacy legislation (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).

When a user invokes a feature of this online offering that includes such a plugin, their device establishes a direct connection to the Facebook servers. The content of the plugin is transmitted by Facebook directly to the device of the user and incorporated by him into the online offer. In the process, user profiles can be created from the processed data. We, therefore, have no influence on the amount of data that Facebook collects with the help of this plugin and therefore informs the users according to our knowledge.

By integrating the plugins, Facebook receives the information that a user has accessed the corresponding page of the online offer. If the user is logged in to Facebook, Facebook can assign the visit to his Facebook account. If users interact with the plugins, for example, press the Like button or leave a comment, the information is transmitted from your device directly to Facebook and stored there. If a user is not a member of Facebook, there is still the possibility that Facebook will find out and save their IP address. According to Facebook, only an anonymous IP address is stored in Germany.

The purpose and scope of the data collection and the further processing and use of the data by Facebook, as well as the related rights and setting options for protecting the privacy of users, can be found in Facebook’s privacy policy: https://www.facebook.com/about/privacy/.

If a user is a Facebook member and does not want Facebook to collect data about him via this online offer and link it to his member data stored on Facebook, he must log out of Facebook and delete his cookies before using our online offer. Other settings and inconsistencies regarding the use of data for advertising purposes are possible within the Facebook profile settings: https://www.facebook.com/settings?tab=ads or via the US-American site http://www.aboutads.info/choices/ or the EU page http://www.youronlinechoices.com/. The settings are platform independent, i. they are adopted for all devices, such as desktop computers or mobile devices.

Twitter

Within our online offering, features and content of the Twitter service offered by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA, may be incorporated. For this, e.g. Content such as images, videos, or text and buttons that users use to promote their content, subscribe to content creators or subscribe to our posts. If the users are members of the platform Twitter, Twitter can call the o.g. Assign contents and functions to the profiles of the users there. Twitter is certified under the Privacy Shield Agreement, which provides a guarantee to comply with European privacy legislation (https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active). Privacy Policy: https://twitter.com/privacy, Opt-Out: https://twitter.com/personalization.

Instagram

Within our online offering, features and content of the Instagram service offered by Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA, may be incorporated. For this, e.g. Content such as images, videos, or text and buttons that users use to promote their content, subscribe to the content creators or subscribe to our posts. If the users are members of the platform Instagram, Instagram can call the o.g. Assign contents and functions to the profiles of the users there. Instagram privacy policy: http://instagram.com/about/legal/privacy/.