Privacy Policy

  1. Details of the Controller
  2. Information on the Types of Data Processed and Their Origin
  3. Processing Purposes & Legal Bases
  4. To Whom do we Transmit Your Data?
  5. Transmission to Countries Outside the EU or the EEA
  6. How long will my data be stored?
  7. Information on The Voluntary Nature of the Information
  8. Information About Your Rights
  9. Information About Your Right of Objection

 

This Privacy Policy gives you an overview of the processing of your personal data in the context of the use of the offers and online services on www.happiness.com (hereinafter referred to as the “Service”).

Furthermore, this Privacy Policy informs you about your rights and the possibilities you have to control your personal data and to protect your privacy.

We take appropriate organisational, contractual and technical measures to protect your data from unauthorised or unlawful processing and against accidental loss, destruction or damage.

 

1. Details of the Controller

Responsible for data processing is Ideawise Limited, Room 604, Alliance Building, 133 Connaught Road, Central Hong Kong, Hong Kong. Its representative is SmH ServiceCenter.de GmbH, P.O. Box: 20 04 34, 13514 Berlin.

Ideawise Limited is also meant when the terms “we” or “us” are used below. You can contact our data protection officer at:

Please note that we are a company based outside the European Economic Area (“EEA”). As far as you use our service and data is processed, these data are collected from within a so-called “third country”. Details can be found in section 5 below.

 

2. Information on the Types of Data Processed and Their Origin

If we provide the Service for your use, we process personal data from various sources. This is data that we collect automatically – for example when you visit a website – as well as other data that you have additionally provided to us.

a. Types of Data That We Automatically Collect

When you visit our website, you submit technical information to our servers. Each time a page is accessed, access data is stored in a file, the so-called server log. The following data is stored:

Your IP address, the time, the status of your website visit (status means in this case whether the visit of the website was successful or not) as well as the request that your browser has made to the server to open the page, the amount of data transferred and the website from which you came to the requested page (referrer), as well as the product and version information of the browser used (user agent).

We also use cookies to process this data. Cookies are small text files that are downloaded to your device that store the above information about you when you use our Service. If you want to know more about how cookies work, which cookies we use and how you can disable them, see the information in 4c below.

b. Types of Data You Transmit to Us

In addition to the data we receive from all website visitors, we also process additional data if users make this available, depending on how they use the Service. For instance, if you sign up to our ICO Update Newsletter, your e-mail address will be processed.

 

Processing Purposes & Legal Bases

We process your data exclusively for the following defined purposes:

  • To allow you and other users to use the Service and to ensure its functionality
  • To continuously improve the service offer and to correct errors
  • To detect and prevent fraud attempts
  • To disclose your personal data to third parties if we are legally obliged to do so
  • To assert legal claims and to defend against legal disputes
  • To ensure IT security and operation of our systems

In doing so, we rely on various legal bases in accordance with the so-called General Data Protection Regulation, a European Union legal framework for the standardisation of data protection law (“GDPR” for short). We refer in detail to the following legal bases:

 

Your consent

When you visit the website, you agree to our cookie guidelines and to the processing of your IP address in a cookie bar. If you have given your consent to the processing of personal data for specific purposes, this consent ensures the legality of such processing.

Accordingly, if we process your data, it is because you expressly allowed us to do so. Your consent is therefore the most important legal basis for the processing of your personal data by us. If you provide us with information about your religious or philosophical beliefs, we will process this data principally on the basis of your consent.

Safeguarding legitimate interests

By registering to use the Services, you consent to the processing of your data in accordance with this Privacy Policy. That is why we process your data, in principle, because you have allowed us to do so. However, there are some cases in which we would be entitled to process your data without your consent because it is necessary to protect our legitimate interests (or the interests of third parties). In this respect, the purposes for which we process your data also represent legitimate interests. We pursue legitimate interests, for example, if we take measures to secure virtual domiciliary rights. In these cases, we will not ask you in advance whether you agree to this processing, as processing is otherwise permitted.

Legal requirements or public interest

In addition, we are legally obliged to provide certain information to criminal prosecution in individual cases upon request.

 

To Whom do we Transmit Your Data?

We treat your personal data with care and confidentiality and will only pass them on to third parties to the extent described below and not beyond.

a. To Group Companies:

We transfer data to our affiliated companies, which form a group with us, within the framework of strict protection requirements. This is the case, for example, when you make sign up to the ICO Update Newsletter. We will then forward this request to our Community Management and Marketing team at Playamedia S.L.

b. To Third Parties & Cookies

In addition, we transmit data to external service providers that enable us to provide the Services. These include hosting providers and providers of analytics platforms. We require these service providers to comply with strict rules to ensure the security of your data when processing personal data on our behalf. Such processing is generally based on contractual regulations such as Data Processing Agreements or standard data protection clauses.

Cookies

We use our own cookies (so-called “first-party cookies”) to analyze web traffic, tailor services to your needs and interests, measure the effectiveness of advertising campaigns and promote confidence in and security of the service. In addition, we use first-party cookies to distinguish the various users from each other and, in conjunction with the log files of our web server, to calculate the total number of people who visit the service. The web usage data collected in this way helps us to receive the necessary feedback to continuously improve the service.

Users can prevent the acceptance of first-party cookies by configuring their browser settings so that they do not accept cookies at all. However, if this setting is made, you may not be able to use certain current or future elements of our Service.

In addition to first-party cookies, we also use cookies, tools and plug-ins provided by third parties (so-called “Third Party Cookies”) as described below.

Google

Google LLC is a privacy shield certified provider from the USA. Google Analytics is used to analyse the behaviour of users of our services. With the help of Google Drive we make documents available for visitors to view, such as the ICO Whitepaper. YouTube videos are embedded in our service in “enhanced privacy mode”. While no YouTube cookies are set by this particularly data protection-friendly type of embedding, calling up the pages nevertheless leads to a connection with YouTube and the DoubleClick network. A click on the video can trigger further data processing processes over which we no longer have any control. Here you find a resource to opt-out of Google Cookies. (https://tools.google.com/dlpage/gaoptout?hl=en)

Dropbox

This storage service (processing in the USA and Europe, Privacy-Shield certified) is used by us to store encrypted backups.

Wordfence

Cookies set by the Wordfence Security plugin are used to protect the site against malicious attacks. Wordfence only uses data about your visit and does not store personally identifiable information and therefore does not require user consent.

Mailchimp
The ICO Update Newsletters will be sent via MailChimp, a privacy shield certified mail-order service based in the USA. MailChimp may use the data of the recipients in pseudonymous form, i.e. without assignment to a user, to optimize or improve their own services, e.g. for the technical optimization of delivery and display of newsletters or for statistical purposes. However, the shipping service provider does not use the data of our newsletter recipients to address them themselves or to pass the data on to third parties.

Typeform
With this survey tool (location Spain, adequate level of data protection) we improve and maintain our community, through means of permanent feedback surveys, as well as regular quizzes, other types of surveys and evaluations. The type of information that is passed on to Typeform depends on the respective survey, and you also decide yourself what content your contribute to such activities.

 

Public authorities

We transmit data to authorities in the event of a legal obligation based on a request for information from the respective authority.

 

5. Transmission to Countries Outside the EU or the EEA

All servers of the Service are located in the EEA, hence initially your data does not leave the EEA technically, but the technical provision and processing of the data for the operation of the service takes place in the European Union.

However, when you submit data to us, it will be legally transferred to a country outside the EEA, as we have our registered office in the People’s Republic of China. In addition, our development company is also based in China, from where it has technical access to the servers in the European Union. According to the GDPR, China is a so-called “third country” in which an adequate level of data protection cannot be guaranteed in principle; there is no corresponding decision on adequacy and there are also no specific guarantees to compensate for this deficit. However, we have concluded strict Data Processing Agreements and standard contractual clauses that work towards a secure level of data protection. What do we mean with the information about China? It means that we may have to transmit data to government agencies there under less stringent conditions than is the case within the EEA. The legal hurdles to the protection of personal data in China are thus generally regarded as lower from a European point of view, as would also be the case for processing in Australia, Russia or India, for example.

6. How Long Will My Data Be Stored?

We process and store your personal data as long as it is necessary for the fulfilment of our contractual or legal obligations. Therefore, we store the data only as long as our contractual relationship with you exists and also after termination only, as far as the laws of the Federal Republic of Germany and the People’s Republic of China require this. If the data are no longer necessary for the fulfilment of such obligations, they will be regularly and promptly deleted, unless their further processing is necessary for the protection of legitimate interests or for the preservation of evidence within the framework of statute of limitations.

 

7. Information on The Voluntary Nature of the Information

You are not required by law to provide us with the above information. In principle, the relationship that you have entered into with us by agreeing to the Cookie Banner or by giving any other consent does not give rise to any obligation to provide this personal data. However, the transmission of automatically collected data is a basic prerequisite for using our Services. Furthermore, you may not be able to use the Services, or only to a limited extent, if you do not provide us with certain data or object to their use.

8. Information About Your Rights

You can assert the following rights:

  • Your right to access to information under Article 15 GDPR,
  • Your right to rectification under Article 16 GDPR,
  • Your right to erasure under Article 17 GDPR,
  • Your right to restriction of processing under Article 18 GDPR and
  • Your right to data portability under Article 20 GDPR.

If you have any questions in this regard, please contact our customer service at:

You can revoke your consent to the processing of personal data at any time. However, this revocation will then only be effective for the future. Processing that took place before the revocation is not affected by this.

In addition, you have a right of appeal to the competent data protection supervisory authority.

 

9.Information About Your Right of Objection

a. Right of Objection on a Case-By-Case Basis

In addition to the rights already mentioned, you have the right to object at any time for reasons arising from your particular situation to the processing of personal data concerning you, which is based on Article 6 para. 1e GDPR (data processing in the public interest) and Article 6 para. 1f GDPR (data processing on the basis of a balance of interests). If you file an objection, we will no longer process your personal data, unless we can prove compelling reasons worthy of protection for the processing, which outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

b. Right to Object to the Processing of Data for Advertising Purposes

You also have the right to object at any time to the processing of personal data concerning you for the purpose of direct marketing. If you object, we will no longer process your personal data. Please also note the information in Section 7 of this Privacy Policy: If we terminate the processing due to your objection, it may be that the service can no longer or only to a limited extent be made available to you.

The objection can be made informally and should be addressed to: