Cycling ’74, 440 N Barranca Ave #4074 Covina, CA 91723 USA, herewith informs you about the processing of personal data for which Cycling ’74 is responsible in the sense of the EU General Data Protection Regulation (GDPR).
Apart from sending us a letter, you may contact us at any time via firstname.lastname@example.org
You can reach our data protection officer by sending an e-mail to email@example.com or by sending a letter to Cycling ‘74 DPO, daspro GmbH, Kurfürstendamm 21, 10719 Berlin, Germany.
We have compiled below the most important information on typical data processing for you, broken down by groups of data subjects. For certain data processing operations, which only concern specific groups, the information requirements are fulfilled separately. Where the term "data" is used, only personal data within the meaning of the GDPR are meant.
- Website Visitors
- Newsletter Recipients
- Customers and Respective Contacts
- Communication Partners, Artists and Externals
- Rights of the data subjects
- Children's Online Privacy Protection Act (COPPA)
1. Website Visitors
1.1 Server protocol data
Our web server processes a series of data for each request, which your browser automatically transmits to our web server. This data comprises the IP address currently assigned to your device, the date and time of the request, the time zone, the specific page or file called up, the http status code and the amount of data transferred. Additionally, the website from which your request came, the browser used, the operating system of your end device and the set language. The web server uses this data to display the contents of this website in the best possible way on your device.
If you do not want a user image linked to your e-mail address to appear in the comments at Gravatar, you should use an e-mail address which is not stored at Gravatar for commenting. We would also like to point out that it is also possible to use an anonymous e-mail address or no e-mail address at all if users do not wish their own e-mail address to be sent to Gravatar. Users can completely prevent the transmission of data by not using our comment system.
1.3 Web analysis with Google Analytics
In case you declare your consent through our "Cookie Banner" this website uses Google Analytics, a web analysis service of Google Inc. ("Google"). Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. IP anonymization is activated for this website, meaning Google will shorten your IP address within the European Union or in another contracting state to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.
Google will use this information as a processor according to Art. 28 GDPR to evaluate your use of the website, to compile reports on the website activities and to provide the website’s operator with further services connected with the use of the website and the internet. The IP address transmitted by your browser in the context of Google Analytics is not merged with other Google data. Google may use anonymous data for maintenance and development purposes.
1.4 YouTube Frames
To integrate videos on our website, we use the provider YouTube, which belongs to Google. When you view a video embedded in our website, a connection is established to YouTube's servers. Your browser automatically transmits the data mentioned under 1.1 to YouTube. If you have a YouTube account and are logged in, YouTube will be able to associate this information with your personal YouTube profile. You can prevent this by logging out of your YouTube account.
YouTube may only collect information about you if you actively click on the video. There is no data transfer to YouTube beforehand.
The website includes functions of the Instagram service, which belongs to Facebook. These functions are provided by the sole data controller Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. If you are logged into your Instagram account, you can link content of our pages to your Instagram profile by clicking the Instagram button. No data will be transferred before clicking the button. This allows Instagram to assign the visit to our pages to your user account. For more information, see Instagram's Privacy Statemen.
1.8 Technically required cookies
Besides the above mentioned third party cookies, we make use of technically required cookies.
We utilize a Consent Cookie to store your consent on using technically not required cookies on our website.
We use a Session Cookie on our websites. This cookie contains information about you as our user (name, email, user ID) and their roles/permissions for our Cycling ’74 services. The cookie is deleted when you sign out of our website.
We use the help desk software tool Zendesk on our Knowledge Base and Support Website. Zendesk is acting as our processor within the framework of a data processing agreement. With the help of Zendesk we can answer your questions and help requests in a better way. When Zendesk is used, cookies are used to improve the user experience.
1.9 The purpose of data processing is to present Cycling ’74 on the internet, to implement third party services and to communicate with Website Visitors, Newsletter Recipients, Job Candidates, Customers and Respective Contacts, Communication Partners, Artists and Externals The purpose of evaluating user behavior on the website is to design the website in line with their requirements.
1.10 The legal basis for processing of web server data and first party cookies is Art. 6 (1)(f) GDPR (legitimate interest, specifically operation of a website and user interaction). The legal basis for the analysis of user behavior is Art. 6 (1) (a) GDPR (your consent). The legal basis for including third party services is Art. 6 (1) (a) GDPR (your consent).You have the right to revoke this consent at any time with future effect. The processing carried out prior to a revocation remains unaffected by the revocation.
1.11 Protocol and communication data will not be transferred to third parties unless special circumstances have arisen. If a criminal offence is suspected or in the course of an investigation, data may be transferred to the police and the public prosecutor's office. We use service providers to process orders for the provision of our services, in particular for the provision, maintenance and servicing of IT systems.
1.12 The use of the website is not possible without disclosure of personal data, such as the IP address. Communication via the website without providing data is not possible. The use of the website is also possible if the pseudonymous user analysis was denied. The use of the website is possible without consenting to third party services, but then third party services are not available.
2. Newsletter Recipients
2.1 When you order our newsletters, we process your data with the purpose of sending the newsletter.
2.2 The legal basis for data processing with respect to newsletters is Art. 6 (1) (a) GDPR (your consent).
2.3 We use service providers as data processors for the performance of services, in particular for the provision, maintenance and servicing of IT systems.
2.4 Data relating to newsletters will be deleted when you unsubscribe from the newsletter.
2.5 Data submission is necessary for the receipt of newsletters. Without submitting data, it is not possible to send the newsletter.
3. Customers and Respective Contacts
3.1 We process your data for the purpose of performing the obligations stemming from our contractual relationship. This also includes consulting, support and information about product innovations and new products.
3.2 The legal basis for processing the data of customers who are natural persons is Article 6 (1) (b) GDPR (contract) and Article 6 (1) (c) GDPR (legal obligations). The legal basis for the processing of contact data for customers who are not natural persons is Article 6 (1) (f) GDPR (legitimate interest, namely communication with the customer). The legal basis for information on products is Article 6 (1) (f) GDPR (legitimate interest, namely advertising).
3.3 Banks and payment service providers may be recipients of data for the processing of payments. In individual cases, data may be transferred to debt collection service providers, lawyers and courts. We also use service providers to process orders for the provision of our services, in particular for the provision, maintenance and servicing of IT systems.
3.4 All data relevant to contracts and bookkeeping shall be stored for a period of ten calendar years after the contract’s end in accordance with tax and commercial law retention periods.
3.5 The provision of data is obligatory for customers based on statutory and contractual regulations. The contractual relationship cannot be established and carried out without providing data.
3.6 Support requests may be processed by Cycling ’74 corporation in the USA. This processing is based on the conclusion of EU standard contractual clauses. A copy can be made available by the data protection officer at any time.
4. Communication Partners, Artists and Externals
4.1 The purpose of the processing is the preparation and execution of a contractual relationship or other communication.
4.2 With respect to contracts with natural persons, the legal basis for processing is Art. 6 (1) (b) GDPR (contract or contract initiation), whereas for contracts with legal persons Art. 6 (1) (f) GDPR (legitimate interest, namely communication with contact persons relevant to the contract) and Art. 6 (1) (c) GDPR (statutory obligations, in particular tax and commercial law provisions) apply. If just communication concerned, the legal basis is Article 6(1) (f) GDPR (legitimate interest, namely documentation of communication processes).
4.3 Contact and contract data can be transmitted to other service providers, business partners as well as offices and authorities if necessary for the execution of the contract or order. We also use service providers to process orders for the provision of our services, in particular for the provision, maintenance and servicing of IT systems.
4.4 Data of contract partners and service providers shall be deleted ten calendar years after termination of the contract or order.
4.5 The processing of contact data on part of the service providers and business partners is necessary to execute the contract or order. If the data is not provided, the communication may be considerably impaired.
5. Rights of the data subjects
Provided the GDPR applies to our processing of your data, in particular if you are in the European Union, you have the following rights:
5.1 We do not use any methods of automated individual decision-making.
5.2 You have the right to request information at any time about all your personal data which we are processing.
5.3 If your personal data is incorrect or incomplete, you have the right to have it rectified and completed.
5.4 You can request the erasure of your personal data at any time, as long as we are not bound by legal obligations that require or allow us to continue processing your data.
5.5 If the applicable legal requirements are met, you can request a restriction to the processing of your personal data.
5.6 You have the right to object to the processing, insofar as the data processing is based on profiling or direct marketing purposes.
5.7 If the processing is carried out on the basis of the weighing of interests, you may object to the processing by stating reasons arising from your particular situation.
5.8 If the data processing takes place on the basis of your consent or a contract, you have the right to a transfer of the data provided by you, insofar as the rights and freedoms of others are thereby not impaired.
5.9 If we process your data on the basis of a declaration of consent, you have the right to revoke this consent at any time with future effect. The processing carried out prior to a revocation remains unaffected by the revocation.
5.10 Moreover, you have the right to file a complaint at any time with a data protection supervisory authority, if you believe that data processing has been carried out in violation of the applicable law.
6. Children's Online Privacy Protection Act (COPPA)