Privacy Policy

We – Travian Games GmbH, Moosacher Str. 70 in 80809 Munich/Germany (hereinafter referred to as "Travian Games" or "we") – operate the website www.traviangames.com are are responsible for the collection, processing and use of your personal data in accordance with the EU General Data Protection Regulation (GDPR) and other national data protection laws of the member states and other data protection regulations. Your personal data is collected and used exclusively in accordance with the legal provisions of the applicable data protection law.

First and foremost, we adhere to data protection legislation and protect your privacy to the greatest extent possible. However, we would like to make it absolutely clear: data exchange is the lifeblood of the Internet, and the Internet is still associated with many security vulnerabilities. Even when your data is encrypted when visiting our website, there is always a residual risk – at the latest while interacting with external websites. If you visit other websites – for example via a link on our website – please note that this Privacy Policy does not apply to third-party websites.

In the event that you are being redirected to another website operated by Travian Games on another website that is not operated by Travian Games, or if you make use of the services of third parties (for example, during a payment process), please note that this Privacy Policy does not apply to this third-party website.

What is personal data?

Personal data in this sense refers to all individual pieces of information regarding the personal or material circumstances of an identified or identifiable natural person, such as name, address, or email address as well as IP address.

Controller for the processing of data pursuant to Art. 4 (7) GDPR

Controller for the processing of data is:

Travian Games GmbH
Moosacher Str. 70
80809 Munich
Telephone: +49 (0)89 324915-0
Fax: +49 (0)89 324915-970
Email: privacy@traviangames.com

Contacting the data protection officer

If you have any questions or suggestions regarding data protection, please do not hesitate to contact us or our data protection officer. You can contact our data protection officer via the following email address: privacy@traviangames.com or alternatively also by post at the address mentioned above with the addition "The Data Protection Officer". Further contact options and information can be found in our imprint. When you contact us by email, we will store your email address and, if you have transmitted the respective details, your name and telephone number in order to answer your questions. All data arising in this context is deleted after storage is no longer necessary or – in the case of statutory retention obligations – the corresponding processing is restricted.

What are my rights?

You can contact us at any time if you have any questions about your rights with regard to data protection or if you would like to assert one of your following rights:

  • Right of withdrawal pursuant to Art. 7 (3) GDPR (for example, you can contact us if you would like to withdraw your previously granted consent to receive a newsletter)
  • Right of information pursuant to Art. 15 GDPR (for example, you can contact us if you would like to know what data we have stored about you)
  • Rectification pursuant to Art. 16 GDPR (for example, you can contact us if your email address has changed and we should replace your email address)
  • Erasure pursuant to Art. 17 GDPR (for example, you can contact us if your would like us to delete certain data that we have stored about you)
  • Restriction of processing pursuant to Art. 18 GDPR (for example, you can contact us if you would like us not to delete your email address, but instead only use it to send you absolutely necessary emails)
  • Data portability pursuant to Art. 20 GDPR (for example, you can contact us if you would like to receive the data we have stored about you in a compressed format, such as because you would like to provide this data to another website)
  • Objection pursuant to Art. 21 GDPR (for example, you can contact us if you do not accept one of the advertising or analytical processes indicated here)
  • Right to lodge a complaint with the competent supervisory authority pursuant to Art. 77 (1) GDPR (for example, you can also contact the data protection supervisory authority directly if you wish to complain)

Competent supervisory authority:

Bavarian State Office for Data Protection (Bayerisches Landesamt für Datenschutzaufsicht)
Postal address
P.O. Box 606
91511 Ansbach
Germany

Erasure and storage period

Unless otherwise indicated, we delete your data as soon as we no longer need it. The data will also be erased or blocked if a storage period determined by law expires, unless a further storage of the data for the conclusion or performance of a contract is necessary. Certain data must be retained for longer periods for legal reasons. Of course, you may request information about your stored data at any time.

How is your personal data protected?

We will take all reasonable and appropriate measures to protect the personal information we store about you against misuse, loss or unauthorized access. To this end, we have taken a range of technical and organizational measures. They also encompass measures for our response in the event of any suspected data breaches. If you suspect that your personal data has been misused or misplaced or accessed by an unauthorized person, please let us know as soon as possible by contacting us using the above-mentioned contact details!

Legal bases for data processing

We only collect and process your personal data if this is permitted by law. In addition to your explicit consent, other legal bases may be considered for this purpose. If the processing is based on your consent, Art. 6 (1) a) EU General Data Protection Regulation (GDPR) serves as legal basis for the processing of your data. The processing of personal data required to fulfill the license contract is subject to the legal basis pursuant to Art. 6 (1) b) GDPR. If the processing of personal data is necessary to comply with a legal obligation to which our company is subject, Art. 6 (1) c) GDPR is the legal basis. And if processing is necessary to safeguard a legitimate interest of Travian Games or a third party and if the interests, fundamental rights and freedoms of you as the person concerned do not outweigh the former interest, Art. 6 (1) f) GDPR shall apply as the legal basis for processing. In the event that processing is based on such a balance of interests, you have a right to object to this data processing, insofar as you have special reasons for this objection and that we are unable to demonstrate any compelling and legitimate reasons for this processing.

You will find the relevant legal basis for individual data processing at the end of the respective descriptions of data processing.

If we use contracted service providers for individual functions of our offer or would like to use your data for advertising purposes, we will inform you in detail about the respective processes below. Where we cooperate with appropriate service providers, we have carefully selected them with regard to compliance with the legal requirements for data protection and data security and have entered into order processing agreements with them, which comply with the requirements of Art. 28 GDPR. If the service providers are based outside the EU, we ensure that there are appropriate safeguards as referred to in Art. 46 GDPR that a corresponding level of data protection is given by the processor. For example, certification under the EU US Privacy Shield or EU standard data protection clauses may be considered. We will refer to the appropriate safeguards accordingly.

Visiting the website

We do not collect any personal data during simple visits to our website, with the exception of data transmitted by your browser in order to enable the visit to the website, primarily including the following:

  • IP address (for example, 95.91.215.example or 2a02:8109:9440:1198:bdb1:551f:example)
  • Approximate location based on the IP range (for example, Berlin and the surrounding area)
  • Internet provider (for example, "Kabel Deutschland" or "Deutsche Telekom")
  • Internet speed (for example, 120 Mbit)
  • Date and time (for example, 11:45 a.m. on 05.25.2018)
  • Most recently visited website (for example, www.google.com)
  • Browser (for example, Chrome or Safari)
  • Operating system (for example, Mac OS)
  • Hardware (for example, Intel processor)
For you as a visitor to our website, the most interesting item is the IP address, as this refers to data that can in theory be linked to your identity. As a security measure for your privacy, we therefore delete or anonymize your IP address after you have visited our website. This means the other technical data can no longer be traced back to you and this data may thus only serve anonymous, statistical purposes in order to optimize our website. The purpose of temporarily storing the data at the beginning is to ensure the connection as well as the accessibility and correct display of our website. The IP address and the aforementioned technical data are required in order to display the website, prevent display problems for visitors and resolve error messages. The legal basis is the legitimate interest that has been reviewed in connection with the aforementioned security measures as well as in accordance with the European data protection requirements pursuant to Art. 6 (1) f) GDPR

Contact form

You are able to get in touch with us using our contact form. You can disclose the following data to this end:

  • Name
  • Email address
  • Subject
  • Message
As a security measure, the communication takes place by way of an encrypted connection – just like when visiting the rest of the website. Moreover, we apply the principle of data minimization and only collect the data we actually need in the contact form. After successfully contacting you, we immediately delete your data.The purpose of the requested data is solely to facilitate communication with you; the data is also only used for this purpose. The legal basisis the legitimate interest that has been reviewed for the pursuit of the purpose and in connection with the aforementioned security measures as well as in accordance with the European data protection requirements pursuant to Art. 6 (1) f) GDPR.

Applicant data

We collect and process the personal data of applicants for the purpose of conducting the application procedure. Processing may take place electronically, involving our partner Jacando AG. For this purpose, an order processing agreement has been entered into with Jacando AG. Applicant data is processed electronically particularly if the applicant provides us with their corresponding application documents by means of an electronic channel, for example by email, or if the applicant applies via our application option on the homepage. Insofar as we enter into an employment contract with an application, the transmitted data is stored for the purpose of conducting the employment relationship in accordance with statutory regulations. If an applicant is not subsequently hired, the application documents will be deleted six months after completion of the application procedure, unless such deletion is opposed by a legitimate interest of ours. Another legitimate interest in this sense is, for example, proof of evidence in cases according to the General Equal Treatment Act. Even as an applicant, you are entitled to the rights detailed in this Privacy Policy. You can contact us at any time if you have any questions.

Data collection in connection with registering for newsletters

We use the "double opt-in" procedure for providing our newsletters. This means we will only send you a newsletter by email if you confirm that you wish to receive our newsletter by clicking on a link contained in our notification email. If you confirm your wish to subscribe to the newsletter, we will store your email address until you cancel your newsletter subscription. The data is stored only in order to be able to send you the newsletter. Naturally, you may cancel your subscription to our newsletter at any time; a relevant link can be found in each newsletter. Alternatively, you may use the above-mentioned contact details of ours. In order to dispatch our newsletter, we work with the service provider salesforce.com EMEA Limited, Floor 26 Salesforce Tower, 110 Bishopsgate, London, EC2N 4AY, United Kingdom. We have concluded an order processing agreement with this service provider in compliance with the requirements of Art. 28 GDPR.

Cookies

Our website sometimes uses cookies. Cookies are small text files that are usually saved in a folder of your browser. Cookies contain information about the current or most recent visit to the website:

  • Name of the website
  • Expiration date of the cookie
In the event of cookies that do not contain an exact date of expiry, they are only stored temporarily and automatically deleted as soon as you close your browser or restart the end device. Cookies with a date of expiry also remain stored when you close your browser or restart the end device. These cookies are only removed at the date indicated or if you delete them manually. On our website, we use the following three types of cookies:
  • Required cookies (we need these, for example, in order to display the website correctly for you and temporarily save certain settings)
  • Function and performance-related cookies (these help us, for example, to evaluate technical data regarding your visit and thereby prevent error messages)
  • Advertising and analytical cookies (these enable, for example, advertising for shoes to be displayed if you previously searched for shoes)
You can configure, block and delete cookies in the settings of your browser. If you delete all cookies for our website, it is possible that some functions of the website will not be displayed correctly. Helpful information and guides for common browsers are provided by the German Federal Office for Information Security.

Google Fonts

In order to improve the appearance of text, Google Fonts (https://fonts.google.com) by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google") is used; Google Fonts concerns a repository of fonts by Google. These fonts are transmitted and activated when accessing this website or other websites in the memory folder of your browser. If this is not supported, the text on the website will only be displayed in a standard font. In order to enable this, a request is sent to domains such as fonts.googleapis.com or fonts.gstatic.com, which receive your IP address for technical reasons. Your data is not, however, linked with other data or associated with your personal identity. As a security measure, we have assured ourselves that this use of the font repository of Google does not involve any linking of data with other Google offers, for example if you have a Google user account. This is confirmed by the information on data protection provided by Google Fonts (https://developers.google.com/fonts/faq). In addition, the high security standards of the Google platform and the associated Google Privacy Policy apply (https://policies.google.com/privacy). As Google is based in the USA and thus in a third country, further guarantees are required to ensure an adequate level of European data protection. Google has certified itself in accordance with the EU US Privacy Shield and therefore demonstrated a corresponding level of data protection (https://www.google.com/policies/privacy/frameworks/). The purpose of the data transmission is to correctly display fonts in the manner we have chosen. The IP address is required in order to establish a connection with the Google servers and to download the font repository, unless this is already available on the terminal device.The legal basis is the legitimate interest that has been reviewed for the pursuit of the purpose and in connection with the aforementioned security measures as well as in accordance with the European data protection requirements pursuant to Art. 6 (1) f) GDPR.

Google Analytics

We use Google Analytics, a web analytics service provided by Google Inc., Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043 (”Google”). Google Analytics uses the advertising and analysis cookies described above in order to analyze our website with regard to your usage behavior. The information generated by the cookies about your use of the website will be transmitted to and stored by Google on servers in the United States. However, your IP address is shortened before the usage statistics are evaluated, so that no conclusions can be drawn about your identity. For this purpose, Google Analytics has been extended on our website by the code "anonymizeIp" in order to guarantee the anonymous collection of IP addresses. Google will use the anonymous information obtained by the cookies to evaluate your use of the website, to compile reports on the website activities for the website operators and to provide further services associated with the use of the website and the Internet. Google may also transfer this information to third parties if this is required by law or if third parties process this data on behalf of Google. You may also configure your browser such that it rejects cookies, or you can prevent the collection and analysis of data by Google by downloading and installing a browser plug-in (https://tools.google.com/dlpage/gaoptout?hl=en) from Google. As an alternative to the browser add-on or within browsers on mobile devices, you can place an opt-out cookie to prevent future collection by Google Analytics within this website (the opt-out only works in the browser and only for this domain). If you delete your cookies in this browser, you must click this link again. As a security measure, we use the anonymization procedure offered by Google in which data analysis is not conducted on the basis of your personal identity, but instead exclusively on a statistical basis. In addition, the high security standards of the Google platform and the associated Google Privacy Policy apply (https://policies.google.com/privacy). We have also entered into a special data protection agreement with Google, which stipulates the protection of your data by means of technical and organizational security measures. As Google is based in the USA and thus in a third country, further guarantees are required to ensure an adequate level of European data protection. Google has certified itself in accordance with the EU US Privacy Shield and therefore demonstrated a corresponding level of data protection (https://www.google.com/policies/privacy/frameworks/). The purpose for using Google Analytics is the anonymous analysis of your usage behavior on our websites. The insights gained in this way help us to improve our offer. The legal basis is the legitimate interest that has been reviewed for the pursuit of the purpose and in connection with the aforementioned security measures as well as in accordance with the European data protection requirements pursuant to Art. 6 (1) f) GDPR. Moreover, an order processing agreement has been entered into in accordance with the requirements of Art. 28 GDPR.

Social plug-ins

We use social plug-ins such as the "Like" button or "Facebook Connect" from Facebook and the Twitter button. We currently use the following social media plug-ins: Facebook, Twitter, LinkedIn and Xing. You can identify the provider of the plug-in by the marking on the box above its initial letter or the logo. We offer you the possibility to communicate directly with the provider of the plug-in via the button. Only if you click on the marked field and thereby activate it, will the plug-in provider receive the information that you have accessed the corresponding website of our online offer. In the case of Facebook, the IP address is anonymized immediately after collection, according to the respective provider in Germany. By activating the plug-in, personal data is transferred from you to the respective plug-in provider and stored there (for US providers: in the USA). Since the plug-in provider collects data mainly via cookies, we recommend that you delete all cookies before clicking on the grayed-out box using your browser’s security settings. We have no influence on the data collected and data processing processes, nor are we aware of the full extent of data collection, the purposes of processing or the storage periods. We also have no information on the deletion of the data collected by the plug-in provider. The plug-in provider stores the data collected about you as user profiles and uses these for the purposes of advertising, market research and/or the needs-based design of its website. Such an evaluation takes place in particular (also for users not logged in) for the display of advertising tailored to meet the market need and in order to inform other users of the social network about your activities on our website. You have a right of objection to the creation of these user profiles, whereby you must contact the respective plug-in provider to exercise this right. Through the plug-ins, we offer you the possibility to interact with social networks and other users, so that we can improve our offer and make it more interesting for you as a user. The data is transferred regardless of whether you have an account with the plug-in provider and are logged in there. If you are logged in with the plug-in provider, your data collected with us will be directly assigned to your existing account with the plug-in provider. If you click the activated button and, for example, link the page, the plug-in provider also stores this information in your user account and shares it publicly with your contacts. We recommend that you log out regularly after using a social network, especially before activating the button, as this way you can avoid being associated with your profile with the plug-in provider. For more information on the purpose and scope of data collection and its processing by the plug-in provider, please refer to the privacy policies of these providers as notified below. They will also provide you with further information about your rights in this regard and setting options to protect your privacy.

Addresses of the respective plug-in providers and URL with their data protection information:

  • Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA; further information on data collection: http://www.facebook.com/policy.php. Facebook has committed itself to the EU US Privacy Shield (https://www.privacyshield.gov/EU-US-Framework).
  • Twitter "Tweet" of the communication platform Twitter, operated by Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA; further information on data collection: https://twitter.com/privacy. Twitter has committed itself to the EU US Privacy Shield (https://www.privacyshield.gov/EU-US-Framework).
  • LinkedIn LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA (henceforth "LinkedIn") is integrated. You can recognize the LinkedIn plug-ins on this website by the LinkedIn logo. More information is available at http://www.linkedin.com/static?key=privacy_policy&trk=hb_ft_priv.
  • Xing XING AG is integrated, allowing the provision of the Xing functions (particularly the calculation/display of the counter value). The up-to-date data protection information and additional notices can be found on this website: https://www.xing.com/app/share?op=data_protection
As security measures, the high security standards of the Google platform, Facebook and Twitter, and the associated privacy policies of the platforms (see above) apply. We do not collect any personal data using the social plug-ins or on their use. In order to prevent data from being sent to the service providers in the USA without the knowledge of the user, we use what is known as the "Shariff" solution. This solution prevents any personal data from being sent initially to the providers of individual social plug-ins when you visit our website. The purpose of the data transmission is to integrate the plug-ins so that the users are able to share content and interests with other users. The legal basis is the legitimate interest that has been reviewed for the pursuit of the purpose and in connection with the aforementioned security measures as well as in accordance with the European data protection requirements pursuant to Art. 6 (1) f) GDPR.

Handling of children's data

We are aware of the importance of data security and protection of children on the Internet. For this reason and in order to comply with certain laws, we neither deliberately collect the personal, individually identifiable information of children under 16 years of age, nor do we offer content to children under 16 years of age.

Version of this Privacy Policy: May 2018