The provision of our Online Service and their functions inevitably go hand in hand with the processing of our users’ data.
However, it is important to us to have your confidence that your data is in safe hands with us.
Therefore, with this FAQ we would first like to explain to you in an overview how we process your personal data. Our goal is to inform you so that you can control your data yourself. We want you to be sure that we process your personal data only in accordance with your preferences and expectations.
Below you will also find a summary of our data processing with the most important information, as well as a declaration of your rights.
Below you will also find a overview of our data processing with the most important information, as well as the information on your rights and the reference to further details of the processing of your data.
Does Total Joy process personal data of users in accordance with the DSGVO?
Yes, we process our users’ data on the basis of the applicable data protection regulations and in particular in accordance with the provisions of the General Data Protection Regulation (GDPR).
We have an implemented data protection management and have taken technical and organisational measures to ensure the protection of your data. In addition to the protection on a technical level, this also includes training of employees and their commitment to data protection, setting up concepts to observe the rights of data subjects, deletion of data and consideration of the principles of privacy by design during the development and implementation of our Online Services.
We are supported and supervised in this by an external data protection officer.
Which user data are processed?
When users create a user account with us, we store so-called inventory data, such as the names of users or Facebook IDs as well as login data. We also store e-mail addresses to identify and inform users. Depending on which of our Online Services our users use, other data, such as profile pictures, text entries, image uploads or visited locations may also be included. We also process data on the use of our services, such as contents that have been viewed, times of use, their duration and technical details, such as browsers or devices used, in order to make our offer user-friendly and secure.
From which sources do you obtain user data?
We receive the data either through user input or when users expressly consent to provide us with data via an interface to Facebook. Furthermore, data resulting from the use of our Services are processed (so-called usage or metadata, such as functions and content used or information on user devices).
With regard to the reception of data from Facebook, we would like to point out that we process this data exclusively in accordance with the strict guidelines of Facebook and are subject to the supervisory measures of Facebook.
For what purposes do you process user data?
We process the data of users in order to provide them with our online services and to design them according to the needs of the users. Furthermore, we process the data of users within the framework of legal requirements for the purposes of online marketing and to guarantee the security of our processing.
To what extent are users’ behavior and interests being analysed?
If we analyse the interests or behavior of users, this will be carried out in order to design our Online Services in accordance with users’ requirements. For example, users are proposed content or functions that correspond to the content and functions previously used.
Furthermore, we work together with various technological partners who, for example, display advertisements on the basis of user data. We make sure that the user’s data is pseudonymised (e.g. no clear data such as names or e-mail addresses) and that users have simple rights of revocation at their disposal. We also conclude special data protection agreements with our partners, in which they commit themselves to the protection of user data.
Do you sell data to third parties for research purposes?
The data of our users belong to the users. We only work with trustworthy partners on the basis of legal permits and in particular do not sell user data records (e.g. names, e-mail addresses) to third parties, in particular not for research purposes.
How are users informed about the processing of their data?
Can users object to the processing and request the deletion of their data?
An objection to the processing is possible at any time. If users terminate their profiles, we delete their data and otherwise give them technical options to decide for themselves whether to delete their data. In addition, we ensure that users’ rights are observed and, in particular, that requests for erasure are implemented without delay.
Overview of Data Processing
Total Joy GmbH
The Controller is hereinafter also referred to as “we” or “us”.
Data Protection Officer
Shai Kuritzky, E-Mail: firstname.lastname@example.org
Description of our services and objectives
Total Joy offers online services for entertainment purposes, such as personality tests or quizzes.
Type of processed data:
Inventory Data (e.g., names, addresses).
Contact details (e.g., e-mail, phone numbers).
Content Data (e.g., text input, photographs, videos).
Contract Data (e.g., subject matter of the contract, duration).
Usage Data (e.g., interests, websites visited, usage behaviour, access times, log data).
Meta/communication Data (e.g., device IDs, IP addresses).
Job candidate Data (e.g., names, contact details, qualifications, job application documents).
Processing of special categories of Data (Art. 9 (1) GDPR)
No special categories of Data are processed.
Categories of data subjects
Controllers / interested Parties / users of the Controller.
Suppliers of the Controller.
In the following, we will also summarise the data subjects as “users”.
Purpose of Processing
Provision of our services, its contents and functions.
Response to service, contact requests and other communication with users.
Marketing, advertising and market research.
Automated individual decision-making (Art. 22 GDPR):
We do not use exclusively automated individual decision-making.
You have the right to obtain from the controller confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, access to the personal data and the further information and a copy of the data in accordance with Art. 15 GDPR.
You have correspondingly. In accordance with Article 16 of the GDPR, the right to obtain from the controller the rectification of inaccurate personal data concerning you, or the completion of the data concerning you.
In accordance with Art. 17 GDPR, you have the right to demand that relevant data be erased without undue delay or, alternatively, to demand a restriction of the processing of the data in accordance with Art. 18 GDPR.
You have in accordance with Art. 20 GDPR the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller.
In accordance with Art. 77 GDPR, you also have the right to file a complaint with the a supervisory authority.
Right of Withdrawal
You have the right to withdraw consents granted pursuant to Art. 7 (3 GDPR with effect for the future.
Right to Object
You can object to the future processing of the data concerning you in accordance with Art. 21 GDPR at any time. The objection may be lodged in particular against processing for direct marketing purposes.