The privacy policy includes the information in the sense of Art. 13 DSGVO/GDPR about the data processing in the context of the use of our website "picter.com". Insofar as we link to third-party sites, we have neither influence nor control over the linked content and the data protection provisions there. We recommend that you check the privacy statements on the linked websites to determine whether and to what extent personal data is collected, processed, used or made available to third parties there.
The company responsible for processing personal data via the website is Picter GmbH, Hans-Preißinger-Str. 8, 81379 Munich, Germany (hereinafter: "Picter"). You can reach us in all data protection matters at privacy@picter.com.
All personal data that we collect and process via the website is stored on local servers of the company AWS in Germany. The purpose of this data processing is the hosting of our web servers and databases as well as their data protection (backup) based on corresponding order processing contracts.
We work with various IT service providers who maintain our IT infrastructure and continuously develop it (security) technically. If and to the extent that these service providers have access to personal data in the course of these activities, this is always done under the supervision of Picter, and it is ensured that personal data is processed on the basis of the required data protection agreements.
Picter collects so-called access data for technical reasons when the website is called up and stores this in a log file (so-called log file). In addition to the IP address, the name of the website accessed by you, the file accessed, the date and time of access, the amount of data transferred and notification of successful access, the browser type and version, the operating system, the so-called referrer URL (the previously visited page) and the requesting provider are stored in the log file. We do not pass this data on to unauthorized third parties. The collection of the data is solely necessary for the technical operation of our website (Art. 6 para. 1 lit. f) GDPR).
In addition to log files, so-called cookies are used when visiting our websites. For details on the cookies that are used when you use our website, how long they are stored, and information on how you can delete the data collected here, please refer to the cookie settings. We distinguish the following types of cookies:
Essential cookies: These cookies are necessary to provide the basic functions of the website. and cannot be disabled in your systems (Art. 6 para. 1 lit. f) DSGVO).
Analysis cookies: These cookies allow us, among other things, to evaluate the calls and visits to the website in order to improve our website. With these cookies, we are able to provide advanced functionalities and personalization options. They can be set by us or by third-party providers (External Media) whose services we use on our pages (Art. 6 para. 1 lit. a) DSGVO).
We use tools, among other things, to be able to optimize our offers and presentations by way of usage analysis or to gain insights into our target groups. In order to use these tools, however, we require your prior consent (Art. 6 (1) a) DSGVO). However, profiling or automated decision-making does not take place. An overview of the tools and their providers can be found in the cookie settings.
Plugins are used on our websites, with which interaction with other services or websites (plugin providers) is usually established. However, we also require your consent for this beforehand (Art. 6 (1) a) DSGVO). Only then will your browser establish a connection to the servers of the respective network. An overview of the plugins as well as their providers can be found in the cookie settings.
Please note that Picter is only responsible for the collection of the IP address via the use of the plugin. With regard to the subsequent processing by the providers, they are responsible under data protection law, including the duration of data storage. In addition to the IP address collected by us, the plugin provider may use its own personal data (held by the provider) from you for purposes of advertising (including for third parties), market research and/or demand-oriented design of its own website and to inform other users of the respective network about your activities on our website. The providers act here as likewise responsible in the sense of data protection, since we have no knowledge of the extent to which the provider uses the data thus obtained from the time you clicked on the respective button. Further information on the purpose and scope of data processing by the plug-in providers as well as information on exercising your rights in this regard (e.g., information and objection) can be found in the data protection declarations linked below.
When you create a user account with us, in addition to the registration data (e.g., first and last name, e-mail address); we also process the login data (e-mail address, password) and your customer data (billing address, shipping address) and the connection data (IP address). We process this data to provide you with access to your user account. The login data is used to verify your customer account. In addition, you can manage your data, projects, and settings via your account. This includes, for example, the possibility to set delivery, payment, and newsletter preferences (Art. 6 para. 1 lit. b) GDPR). The data will not be disclosed to unauthorized third parties. We store this data for the duration of the existence of your customer account unless you request us to delete it beforehand and there are no other legal retention and storage obligations. The provision of the above personal data is contractually required, otherwise the use of the customer account and management of your account is not possible.
Depending on the selected payment service provider, the payment information is transmitted to the corresponding provider. For credit card payments, we use a PCI-DSS certified and specialized service provider with whom we have concluded an order processing agreement (Art. 6 para. 1 lit. b) GDPR). Regarding the duration of the respective data storage, please contact the respective provider.
Insofar as open calls and/or contests are handled by us and/or our partners via our platform, we are responsible for data protection alongside our partners (separated Controllership). The data processed in this context includes contact data (name, address, e-mail and telephone number) and communication data (IP address). The processing only takes place within the framework of our contractual cooperation, the entrant administration, communication with the participants, and for the purpose of handling the exhibitions as well as the competitions (Art. 6 para. 1 lit. b GDPR). Should you wish the data to be deleted in this respect, please contact us as well as the respective organizer of the exhibition or competition.
We offer a contact form on our website to answer questions of interested parties and users and to provide information about our services. We process the inquiries and information sent to us in this context only to process your inquiry and to contact you (Art. 6 para. 1 f) GDPR). We store your data at the longest for the duration of a resulting business relationship with you (Art. 6 para. 1 b) GDPR). If such a business and contractual relationship does not arise as a result of the request, we will delete your data no later than 24 months after the last contact with you. The right to object to the processing beforehand or to demand deletion remains unaffected, of course.
If you subscribe to our email newsletter, we will only process your email address. The data will be used exclusively to send you information from us at regular intervals (Art. 6 para. 1 lit. a) GDPR). We do not pass on your personal data, which you provide to us when registering for the newsletter, to unauthorized third parties. However, the newsletter tool is provided by an external provider, which is why we have concluded a contract with them for commissioned data processing. When receiving the newsletter, we use so-called web beacons, or tracking pixels, with the help of which we can determine that you have received or opened the newsletter or whether you have clicked on links stored in the newsletter. With the data obtained in this way, we create a user profile in order to tailor the newsletter to your individual interests. We may link this data by means of tracking with actions you have taken on our website (Art. 6 para. 1 lit. a) GDPR). If you also do not want any automated evaluation and analysis of your user behavior in connection with the newsletter, you must unfortunately unsubscribe from the newsletter service. Until then, the data will be stored as long as you have subscribed to the newsletter. After unsubscribing, we store the data purely statistically and anonymously. The provision of personal data is neither legally nor contractually required. However, without the specification of the e-mail address, the dispatch, or the receipt of the newsletter is not possible.
Our website uses so-called web fonts, which are provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly (Art. 6 para. 1 lit. f GDPR). However, we have integrated the web fonts locally, i.e., on our web server. As a result, there is no data transmission to the servers of Google.
We operate websites on online platforms and social networks in order to interact with potential or existing customers, to exchange information with interested parties and users, or to advertise offers and services. We operate our websites under joint responsibility (under data protection law) with the providers. We process data that you directly share or publish via the online platforms and networks (e.g., via comment and chat functions) as the responsible party in order to interact with you in this regard or to exchange information with you. As part of this interaction, we may also receive statistical data from the platform operators on the use of our "channels and fan pages". This includes, for example, information about interactions, likes, comments or aggregate information and statistics (e.g. IP address; origin of followers) that help us learn about interactions with our site. The legal basis for data processing in our area of responsibility is Art. 6 para. 1 p. 1 f) GDPR.
However, the providers also process data under their own responsibility. We have no influence on data that is processed by the provider under its own responsibility in accordance with its own terms of use and data protection conditions. We would like to point out that when you access the aforementioned providers, additional data (e.g. your usage and "surfing behavior") may be collected and possibly transmitted to the provider. Please also note that in the event of interaction via the aforementioned media, data may also be processed outside the area of the European Union. Furthermore, user data is usually processed for market research and advertising purposes. For example, usage profiles can be created from the usage behavior and resulting interests of the users. The usage profiles can in turn be used, for example, to place advertisements within and outside the platforms that presumably correspond to the interests of the users. More information on this can be found in the data protection information of the respective providers. If we have personal data from you in connection with the use of the online platforms and networks, please address your concerns to us. If you wish to assert rights against a specific provider in addition, please contact the respective provider.
You have the right to request confirmation from us at any time as to whether we are processing personal data about you and the right to information about this personal data. In addition, you have the right to rectification, erasure and restriction of data processing, as well as the right to object to the processing of personal data at any time, or to withdraw consent to data processing at any time, or to request data transfer. In addition, you have the right to complain to a supervisory authority in the event of data protection violations. Please direct all requests for information, revocations or objections to data processing by e-mail to legal@picter.com.
You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning your which is carried out, inter alia, on the basis of Article 6(1)(e) or (f) GDPR, in accordance with Article 21 GDPR. We will stop processing your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or if the processing serves the purpose of asserting, exercising or defending legal claims. If you would like to exercise your right to object, simply send an e-mail to legal@picter.com.
We reserve the right to adapt this data protection declaration so that it always complies with the current legal requirements or in order to implement changes to our services in the data protection declaration, e.g. when introducing new content, services and website offers. For your renewed visit, the new data protection statement accessible at this URL will then apply.
Status: 14 March 2023
