Privacy Policy

Personal data (usually referred to just as "data" below) will only be processed by us to the extent necessary and for the purpose of providing a functional and user-friendly website, including its content and the services offered there. Our website and its services are not aimed at children and you must not use them if you are under 16 years of age.

Per Art. 4 No. 1 of Regulation (EU) 2016/679, i.e. the General Data Protection Regulation (hereinafter referred to as the "GDPR"), "processing" refers to any operation or set of operations such as collection, recording, organization, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment, or combination, restriction, erasure, or destruction performed on personal data, whether by automated means or not.

The following privacy policy is intended to inform you in particular about the type, scope, purpose, duration, and legal basis for the processing of such data either under our own control or in conjunction with others. We also inform you about some cases in which we are not in control of your data, as your data is being processed by third parties.

We ask you to inform yourself regularly about the content of our privacy policy. This privacy policy will be updated for example, in case we adjust or extend our data processing. It may also be necessary to adapt this privacy policy due to changes in legal requirements. Addresses and contact information of companies and individuals mentioned in this privacy policy can also change over time and thus require changes to this policy. This privacy policy was last updated on May 10th 2020.

Our privacy policy is structured as follows:

I. Information about us as controllers of your data
II. The rights of users and data subjects
III. Information about the data processing

We have an online presence on Twitter. In this case Twitter is a third party in control of the data processing. Please refer to the corresponding section named "Twitter" below in part III.

In case you contact us by email or by phone, please especially review the corresponding sections named "Communication by Email" and "Communication by Phone" below in part III.

I. Information about us as controllers of your data

The party responsible for this website (the "controller") for purposes of data protection law is:

Dennis Hannwacker
Wintersheide 14
33689 Bielefeld
Germany

Telephone (mobile): +491757233481
Email: info@thesummermoviewager.com

Legal Notice: https://thesummermoviewager.com/legalnotice.php

II. The rights of users and data subjects

With regard to the data processing to be described in more detail below, users and data subjects have the right

  • to confirmation of whether data concerning them is being processed, information about the data being processed, further information about the nature of the data processing, and copies of the data (cf. also Art. 15 GDPR);
  • to correct or complete incorrect or incomplete data (cf. also Art. 16 GDPR);
  • to the immediate deletion of data concerning them (cf. also Art. 17 GDPR), or, alternatively, if further processing is necessary as stipulated in Art. 17 Para. 3 GDPR, to restrict said processing per Art. 18 GDPR;
  • to receive copies of the data concerning them and/or provided by them and to have the same transmitted to other providers/controllers (cf. also Art. 20 GDPR);
  • to file complaints with the supervisory authority if they believe that data concerning them is being processed by the controller in breach of data protection provisions (see also Art. 77 GDPR).

In addition, the controller is obliged to inform all recipients to whom it discloses data of any such corrections, deletions, or restrictions placed on processing the same per Art. 16, 17 Para. 1, 18 GDPR. However, this obligation does not apply if such notification is impossible or involves a disproportionate effort. Nevertheless, users have a right to information about these recipients.

Under Art. 21 GDPR, you have the right to object to the controller's future processing of your data pursuant to Art. 6 Para. 1 lit. e) or f) GDPR without giving any explanation. In particular, an objection to data processing for the purpose of direct advertising, profiling or automatic decision making is permissible.

You can also revoke your consent to the data processing you have given to us for any or all purposes with future effect without any reason or explanation (Art. 7 GDPR Para. 3). Please refer to further information in this privacy policy about the effects of your revocation.

If you want to object or revoke your consent to the processing of your data, just contact the controller by for example sending an email to info@thesummermoviewager.com. Please note that any processing of your data which already happened before your objection or revocation is unaffected and still lawful. Only future processing will be affected by your objection or revocation.

III. Information about the data processing

Your data being processed by us will be deleted in accordance with the legal requirements as soon as it is no longer permitted for us to process it. This for example would be the case, when there is no longer any purpose or requirement for such data processing or the legal basis for such processing no longer exists. In case the legal basis was for example your consent for processing such data and you revoke your consent, then we would delete and stop processing this data.

If your data cannot be deleted, because it is required for other legally permissible purposes, the processing is restricted to these purposes and blocked from being processed for any other purposes. This could apply for example for data that must be kept for the assertion, exercise or defense of legal claims. Further information about the deletion policies of your data in each case will also be stipulated in the following sections below.

We will only transmit your data to third parties with your consent or in case we are required by law to do so. Should the law permits us to transmit your data to third parties to defend us against legal claims, we will do so if such transmission is necessary to effectively defend us. We will never sell your personal data to third parties.

Hosting / Hoster

For the provision of our online presence we use an internet service provider (hoster), on whose server the website is stored and who makes our site available on the Internet (hosting). The data being processed in the provision of the hosting will include all information of users, which are part of accessing and using the website. This includes the IP address necessary to access and deliver the content to browsers, and all entered data made by users within our web pages. The hosting services also include the service of sending, receiving and storing of emails. So data in regard to such emails is also being processed by our hoster (see section "Communication by Email"). The internet service provider (hoster) processes all such data on our behalf according to Art. 28 GDPR. The name and the address of the internet service provider is: webgo GmbH, Wandsbeker Zollstr. 95, 22041 Hamburg, Germany. Please refer to the following sections for further details in regard to the data processing.

Server Log Files

For technical reasons, the following described data is sent by your internet browser to our hoster and will be collected there in log files. These server log files record the type and version of your browser and operating system, the internet service provider from which the website is accessed from, the website from which you came (referrer URL), the webpages you visited on our site, the date and time of your visit, the HTTP response status code, the amount of data transferred, as well as the IP address from which you visited our site.

The data thus collected will be temporarily stored, but not in association with any other of your data. The data will be deleted or anonymized within no more than 7 days. Only anonymized data is used after such time for statistical analysis.

The basis for this storage is Art. 6 Para. 1 lit. f) GDPR. Our legitimate interest lies in the improvement, stability, availability, functionality, and security of our website.

Communication by Email

The hoster also provides us with an email service, which allows the sending, receiving and storing of emails. For the provision of this email service, the email addresses of the recipients and senders as well as other information regarding the email delivery (meta information like for example the participating providers) as well as the contents of the respective emails are being processed.

The email service we use from our hoster supports the encryption of emails on the transport route using SSL/TLS, but on the route between you and our server, we cannot guarantee that other participating partners (servers, routers) in the email delivery will use or keep such encryption. Especially, the emails will be unencrypted while they are stored on such servers/routers. So unless a so-called end-to-end encryption method is used, where the content of the email itself is encrypted, we cannot guarantee the security for the transmission of email contents between you and our server.

Should you have the need to use an end-to-end encryption method, you can contact us for information by either using an alternative method of contacting us or by an email which does not inlcude your personal data except your email address.

If you contact us by email, the data you provide will be used for the purpose of processing your request. We must have this data in order to process and answer your inquiry; otherwise we will not be able to answer it in full or at all. In case your request is in scope of a contract we already have with you or in case a contract results from your request, then the legal basis for this data processing is Art. 6 Para. 1 lit. b) GDPR. Otherwise the legal basis for this data processing is Art. 6 Para. 1 lit. f) GDPR. Our legitimate interest lies in being able to reply to your request in a fast and efficient way.

Your data, which was collected and processed for this purpose, will be deleted once we have fully answered or otherwise completed your inquiry and there is no further legal obligation to store your data, such as if a contract resulted therefrom. In case we have replied to your email, we will keep your data for (at most) 7 days after we replied, so that we are able to process any further inqueries you have. The hoster additionally keeps a log file for the mail server. This log file contains all aforementioned data in regard to emails which were sent or received. Entries in this log file will be automatically deleted after 4 weeks. The legal basis for this processing is Art. 6 Para. 1 lit. f) GDPR. Our legitimate interest lies in the stability and availability of our email service.

Communication by Phone

If you contact us by phone, the data you provide will be used for the purpose of processing your request. This also includes any voice message you may leave for us. We must have this data in order to process and answer your inquiry; otherwise we will not be able to answer it in full or at all.

In case your request is in scope of a contract we already have with you or in case a contract results from your request, then the legal basis for this data processing is Art. 6 Para. 1 lit. b) GDPR. Otherwise the legal basis for this data processing is Art. 6 Para. 1 lit. f) GDPR. Our legitimate interest lies in being able to reply to your request in a fast and efficient way.

Your data, which was collected and processed for this purpose, will be deleted once we have fully answered or otherwise completed your inquiry and there is no further legal obligation to store your data, such as if a contract resulted therefrom. In case we have replied to your inquiry, we will keep your data for (at most) 7 days after we replied, so that we are able to process any further inqueries you have.

Play Along Feature

If your are at least 16 years old and if submission of entries in the Play Along page is not closed for the current year, then you can use the so called Play Along feature of this website. The Play Along feature allows you to submit your own list of movies and join leaderboards each year to compete against other players worldwide. It also allows you and others to view your submitted lists, scores and progress in the Summer Movie Wager over the years. If you do not know what the game of the Summer Movie Wager is or what a list (of movies) for this game is, then please refer to our Help page.

Your username, which consists of max. 10 characters and can only contain letters a-z or A-Z and digits 0-9, can otherwise be freely chosen by you. The intended purpose of the username is just for you yourself to be able to access and identify your submitted entry. So you are able to use an anonymous username from which others cannot identify you by. It is recommended by us to do so. Should you choose to use such anonymous username, then the username will not be part of your personal data and thus some of the following legal information about how we process your personal data will not apply to your anonymous username.

After you submitted your list under your chosen username, you will be able to create bookmarks (links) using your browser. Notice that such links will include your username. Other users of this website, who do not know your username and who do not have access to your link, will not see yourself to be included on the main page or the "All Time" result page as an additional player. But notice that anyone who has access to your username (for example: by knowing or guessing your username), can view your list and scores. This also means that they themselves can add you as an additional player to their scoreboard, charts and list of players. So in such a case your username, list and scores would also be displayed to these users on this webseite. Every user can create such a pool of players and each user can add every other player by their username alone. Every username in such a pool of players whould be included in bookmarks (links) you would create using your browser.

When submitting your list you will be able to decide, if you want to join a leaderboard with your list this year or not. If you join one of the leaderboards your username, list and scores will be made available for everyone to see on a publicly available listing on this website (the leaderboard). For each game (year) we have separate leaderboards. Notice that every user will also be able to include you in his pool of players using a button at your entry in the leaderboards.

So your username will be publicly displayed on this website to everyone worldwide for the purpose of using the Play Along feature, as we do not restrict access to this website by for example the location of users. Before your submission, we explicitly ask for your consent to display (transfer) your username for the purpose of using the Play Along feature to countries, in which risks exist due to the absence of an adequacy decision (Art. 45 GDPR) and appropriate safeguards (Art. 46 GDPR). The legal basis for displaying (transmitting) your username as such is Art. 49 Para. 1 lit. a) GDPR. As your username is plublicly displayed on this website to everyone worldwide, your username will no longer be exclusively controlled by us and can be processed by others. So the risks we are talking about here, is that others (third parties) in any country of the world can view your username on this website, and they bascially could process your username in any (even unlawfull) way, and we might not be able to stop them from doing that, as some required legal means or data protection laws are not present or adhered to in every country of the world. The data processing we can control is then limited to this website, as others still cannot edit, delete, restrict or block your username on this website. You can use an anonymous username and thus exlcude any risks in that regard.

You may revoke your consent to transmit your username at any time under Art. 7 Para. 3 GDPR with future effect. All you have to do is to inform us that you are revoking your consent (for example by sending an email to info@thesummermoviewager.com) and we will stop displaying (transmitting) your username by (depending on your request) either anonymizing it or by deleting your submitted entry including your username.

When submitting your list you can also optionally provide us an email address. This email address will not be made available to others. We process your email address, so that we might contact you in case of problems or in case you finish at a high place in the leaderboards to congratulate you.

The date and time (timestamp) at which you submitted your list will also be processed, so that we can check, if your submission was before the deadline. If your submission is before the deadline, it can be included in the leaderboards. This can be done upon your request even retroactively.

Before you can submit your entry, consisting of your username, list of movies, date and time (timestamp) of your submission and optionally your email address, your consent will be obtained for the processing of this data for the purpose of using the Play Along feature. Thus Art. 6 Para. 1 lit. a) GDPR is the legal basis for the processing of this data.

You may revoke your consent to the processing of your personal data at any time under Art. 7 Para. 3 GDPR with future effect. All you have to do is to inform us that you are revoking your consent (for example by sending an email to info@thesummermoviewager.com) and this data will be deleted.

Otherwise we plan to keep a complete history of all wagers over the years. So your submitted entries, your scores and your placement in the leaderboards will be kept permanently on this site until we decide to no longer keep all submissions and delete them.

Form all submitted entries we might also create aggregated and anonymized statistics, which for example could be about how often a certain movie was picked in submitted lists or what the total amount of submissions were in any given year.

Google Authenticator

You have the option to use Google Authenticator to secure a username exclusively for your own use on this site. This feature is completely optional. You do not have to use Google Authenticator at all. Google Authenticator is an application provided by Google. Responsible in terms of data processing for people in the EU/EWR and Swiss is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Otherwise Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA is responsible.

Should you use Google Authenticator, then this website will create an image (QR-Code) and a text (key), which can be scanned or manually entered into Google Authenticator. The generated key will then also be stored on this site so that we can authenticate your provided codes generated by Google Authenticator.

This website will by itself not send any data to Google or cause any data to be directly processed by Google, but to use the generated QR-Code or key, you yourself will of course need to be using Google Authenticator (for example on your phone). By scanning the QR-Code into Google Authenticator you will input your username into Google Authenticator. Please be aware that even without scanning the QR-Code, Google might collect and process (additional) data from you when you install or use Google Authenticator. Please refer to Googles privacy policy here: https://policies.google.com/privacy

We would also like to point out that using Google Authenticator might cause user data to be processed outside the European Union, particularly in the United States. Google is certified under the Privacy Shield and committed to adhering to European privacy standards: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI

Twitter

We maintain an online presence on Twitter. Twitter is a service provided by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94107, USA. For persons outside the United States of America the Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2 D02 AX07, Ireland is responsible for the data processing.

Should you contact us on Twitter or otherwise interact with our profile, links or tweets on Twitter itself, we do not have any control over the data processing. Such data is mostly no longer processed by us. The only processing we might do on Twitter is that we read, reply, quote or retweet your tweets, or that we read and reply to your private messages. But we are using the services provided to us by Twitter and Twitter does not provide us any sufficient control over your data. So please be aware that when you are using Twitter in any way (for example contacting us on Twitter or reading our tweets), that your data is being controlled and processed by Twitter. We do not have sufficient access to your data and cannot for example delete it. The privacy policy of Twitter can be found here: https://twitter.com/privacy. Please be informed that there are some privacy settings you can control for your own account on Twitter here: https://twitter.com/personalization

Furthermore, we would like to inform you that we will not transmit your contact details or data without your explicit prior consent to Twitter for the first time. We will limit ourselves to only replying to your requests on Twitter which you yourself send to us in the first place, and we will not initiate contact by ourselves. The legal basis for replying to your requests on Twitter is Art. 6 Para. 1 lit. f) GDPR. Our legitimate interest lies in being able to fulfill your demand for communication on Twitter and being able to reply to your request in a fast and efficient way. Again, be informed that we are not in control of your data on Twitter. Please refer to section I. in this privacy policy for alternative means to contact us.

Tweets we write, quote or retweet can also contain links, which access or lead to other websites or (social) networks. By clicking on such links, you will leave Twitter. So in addition to the privacy policy of Twitter, please also refer to the privacy policy of those other linked sites or networks to get information about their data processing.

We would also like to point out that clicking on links to Twitter or using Twitter might cause user data to be processed outside the European Union, particularly in the United States. Twitter Inc. is certified under the Privacy Shield and committed to adhering to European privacy standards: https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO

In some places on this website we have links or buttons to our Twitter profile. We are using the Twitter icon for these elements. Such graphics are stored on our own server. This prevents the automatic connection to the servers of Twitter. Only by clicking on the corresponding graphic or link will you be forwarded to the service/network of Twitter.

Once you click, that network may record information about you and your visit to our site. Initially, this data includes such things as your IP address, the date and time of your visit, and the page visited. If you are logged into your user account on Twitter the network operator might assign the information collected about your visit to our site to your personal account. But in general, what happens after you have clicked on such link is out of our control. The privacy policy of Twitter can be found here: https://twitter.com/privacy.

Links to other Websites

By clicking on a link that leads to another website you are leaving this website. What data is being processed after leaving this site is out of our control. Initially at least such data will usually include your IP address, the date and time of your visit, and the page you visited before. Please refer to the privacy policy of that other website to get information about their data processing. We would like to point out that clicking on such links might cause user data to be processed outside the European Union.

Data Security and Retention

We take organizational, contractual and technical security measures according to the current state of the art, to ensure that the provisions of the data protection laws are complied with, and that we thus protect the data processed by us against accidental or intentional manipulation, partial or complete loss, destruction or against the unauthorized access by third parties. In particular, the security measures include the encrypted transmission of data between your browser (client) and our server using SSL/TLS.