We take data protection very seriously and treat your personal data confidentially and in accordance with the legal provisions, especially the General Data Protection Regulation (GDPR). Urban Challenger has taken appropriate technical measures to ensure the most comprehensive protection of your personal data. However, internet-based data transmission can have security gaps. Therefore, absolute protection cannot be guaranteed. As a user of our website, you are free to transmit personal data to us by other means, such as by phone.
Definitions of the terms used (e.g. "personal data" or "processing") can be found in Art. 4 GDPR.
Urban Challenger GmbH
c/o /gebrüderheitz GmbH & Co. KG
Phone: +49 1579 2481771
For questions about data protection, please contact us at privacy[at]urbanchallenger.com
The use of our website is possible without providing personal data; however, if you want to use our apps, the processing of personal data may be necessary. If the processing of personal data is necessary and there is no other legal basis for this processing, we will ask for your consent.
For security reasons and to protect the transmission of personal data and other confidential content, we use transport encryption (TLS/SSL) on this website. You can recognize an encrypted connection by the string "https://" and the lock symbol in your browser address bar.
When you or an automated system accesses our website, we collect a range of general data and information. This general data and information is stored in the server log files. This can include:
When we use this general data and information, we do not draw any conclusions about you as an individual. Rather, this information is required to:
This anonymously collected data and information is evaluated statistically by Urban Challenger and is also evaluated with the aim of increasing data protection and data security within our company, ultimately to ensure an optimal level of protection for the personal data we process. The server log file data, which is pseudonymous for us, is stored separately from all personal data provided by you and is deleted when it is no longer needed.
You have the option to register on our website by providing personal data. The personal data transmitted to Urban Challenger is determined by the respective input mask used for registration. The personal data you enter is collected and stored solely for internal use by Urban Challenger and for our own purposes. Urban Challenger may arrange for the transfer to one or more contract processors, such as a parcel service, who will also use the personal data for an internal purpose that can be attributed to Urban Challenger.
When you register on the website of Urban Challenger, the IP address assigned by the Internet service provider (ISP) and used by you, as well as the date and time of registration, are also stored. The storage of this data is necessary to prevent the misuse of our services and, if necessary, to enable us to investigate any crimes committed. In this respect, the storage of this data is necessary to secure Urban Challenger. This data will not be passed on to third parties unless there is a legal obligation to do so or the transfer serves the purpose of criminal prosecution.
Your registration with the voluntary provision of personal data should enable Urban Challenger to offer you content or services that can only be offered to registered users due to the nature of the matter. As a registered user, you are free to change the personal data provided during registration at any time or to have it completely deleted from Urban Challenger's data inventory.
Urban Challenger will provide you with information at any time upon request on which personal data about you is stored. Furthermore, Urban Challenger will correct or delete personal data upon request or notification from you, provided that there are no legal storage obligations.
When you visit our website, cookies are set. These are small data sets or information bites that are stored on your end device. Cookies usually contain a characteristic character string, the so-called cookie ID, which can be used to identify your browser when you visit our website again.
In addition, we use so-called tags, which are small code elements that help us measure the behavior of our users and the success of advertising activities.
Depending on the type of cookies or tags used, different data is collected and processed in an anonymous or pseudonymous way.
We use both our own cookies and cookies from other providers (third-party cookies).
By using cookies, Urban Challenger can provide you as a user of this website with more user-friendly services that would not be possible without the cookie setting.
You can prevent the setting of cookies by our website at any time by means of an appropriate setting in your internet browser and thus permanently object to the setting of cookies. In addition, cookies that have already been set can be deleted at any time via an internet browser or other software programs. This is possible in all common internet browsers. If you deactivate the setting of cookies in the internet browser used, it may not be possible to use all functions of our website to their full extent.
We use Memberstack to store your user data, including your first name, city, email address, and the games you have purchased as a user. This is a service provided by Memberstack LLC, 104 Sagamore Williamsburg, VA, 23188, USA ("Memberstack").
Memberstack is a third-party service that allows us to securely manage your user data. By using our services, you agree that we may disclose the data you provide to Memberstack to enable you to access our games and related services.
We take the protection of your personal data very seriously and have taken technical and organizational measures to ensure that your data is secure. If you have any questions about the data we store or their use, please contact us.
We only store your profile data in our login/member area as long as you do not delete your profile yourself.
We have concluded a contract for contract data processing (including standard data protection clauses of the EU) with Memberstack for the aforementioned purposes, in which we oblige Memberstack to protect the data of our customers and not to disclose it to third parties.
We use Hubspot CRM on this website. HubSpot is a software company from the USA with a branch in Ireland. Contact: HubSpot Inc., 2nd Floor 30 North Wall Quay, Dublin 1, Ireland, Phone: +353 1 5187500.
Hubspot CRM allows us to manage existing and potential customers as well as customer contacts. With the help of Hubspot CRM, we can capture, sort, and analyze customer interactions via email, social media, or phone across different channels. The personal data collected in this way can be evaluated and used for communication with potential customers or for marketing purposes. With Hubspot CRM, we can also capture and analyze the user behavior of our contacts on our website.
The use of Hubspot CRM is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in efficient customer management and customer communication.
For analysis purposes, we ask for your consent. Thus, the processing is based exclusively on Art. 6 para. 1 lit. a GDPR and 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information on the user's end device (e.g. device fingerprinting) within the meaning of the TTDSG. The consent can be revoked at any time.
For the USA, there is an adequacy decision of the European Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Hubspot has certified itself according to the TADPF and thus committed to complying with European data protection principles. Furthermore, we have concluded a contract for order processing (including standard data protection clauses of the EU) with Hubspot.
We use Google Workspace for the efficient organization of our work, especially for email communication. This means that data, including personal data, is stored on external servers (cloud) of Google Inc. Guarantees under Art. 46 GDPR for the transfer to third countries exist in the form of an adequacy decision of the European Commission. Google has certified itself according to the Trans-Atlantic Data Privacy Framework (TADPF) and thus committed to complying with European data protection principles.
We participate in the "ADCELL" partner program of Firstlead GmbH, Rosenfelder St. 15-16, 10315 Berlin (hereinafter "ADCELL"). As part of its services, ADCELL stores cookies on users' devices to document transactions (e.g. "sales leads") when a visitor clicks on an advertisement with the partner link. These cookies serve solely the purpose of correctly assigning the success of an advertising medium and the corresponding billing within the network. ADCELL also uses so-called tracking pixels. These enable the evaluation of information such as visitor traffic on the pages.
The information generated by cookies and tracking pixels about the use of this website (including the IP address) and the delivery of advertising formats is transmitted to a server of ADCELL and stored there. Among other things, ADCELL can recognize that the partner link was clicked on this website. Under certain circumstances, ADCELL may disclose this (anonymized) information to contractual partners, but data such as the IP address is not merged with other stored data.
If the information also contains personal data, the processing described is based on our legitimate financial interest in processing commission payments with ADCELL pursuant to Art. 6 para. 1 lit. f GDPR.
If you want to block the evaluation of user behavior via cookies, you can set your browser to inform you about the setting of cookies and individually decide on their acceptance or exclude the acceptance of cookies for certain cases or in general. If you do not agree to the processing of your data as described above, you have the option to deactivate the data processing at www.adcell.de/datenschutz.
If legally required, we have obtained your consent pursuant to Art. 6 para. 1 lit. a GDPR for the processing of your data as described above. You can revoke your consent at any time with effect for the future. To exercise your revocation, please follow the aforementioned possibility to object.
We use the shop system of the service provider Shopify International Limited, Victoria Buildings, 2nd Floor, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland ("Shopify") for the purpose of hosting and displaying the online shop.
All data collected on our website is processed on Shopify's servers. Shopify ensures that data is only processed within the EU or the EEA by using appropriate technical and organizational measures. With regard to the theoretical possibility of access by the Canadian parent company, Shopify Inc., 150 Elgin St, Ottawa, ON K2P 1L4, Canada, there is an adequacy decision of the European Commission for Canada, which establishes that an adequate level of data protection is guaranteed. Further information on data protection at Shopify can be found at the following website:
The order processing is carried out via the service provider "Billbee" (Billbee GmbH, Paulinenstrasse 54, 32756 Detmold). Name, address and, if applicable, further personal data will be passed on to Billbee exclusively for the purpose of processing the online order in accordance with Art. 6 Para. 1 lit. b GDPR.
Your data will only be passed on to the extent necessary for processing the order.
Details on data protection by Billbee and its data protection declaration can be viewed on the Billbee website at "billbee.io".
When selecting payment via Stripe, we pass on your order data to Stripe Payments Europe Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland (hereinafter "Stripe") for the purpose of payment processing. In the USA, the service is offered by Stripe, Inc., 510 Townsend Street, San Francisco, CA 94103, USA.
During the ordering process, we transmit the following information about your order to Stripe, as well as the selected payment provider (Visa, Mastercard):
Your data will only be passed on to Stripe Payments Europe Ltd. for the purpose of payment processing and to the extent necessary for this purpose.
The personal data transmitted by Urban Challenger to Stripe may be transmitted by Stripe to credit agencies. This transmission serves the purpose of identity and creditworthiness checks. Stripe may also disclose personal data to affiliated companies and service providers or subcontractors to the extent necessary to fulfill contractual obligations or to process the data on behalf of the client.
You can object to the processing of your data at any time by sending a message to Stripe. However, Stripe may still be entitled to process your personal data if this is necessary for the contractual processing of the payment.
For the USA, there is an adequacy decision of the EU Commission, the Trans-Atlantic Data Privacy Framework (TADPF). Stripe has certified itself according to the TADPF and has thus committed itself to comply with European data protection principles.
Our website may contain links to other interesting websites. However, once you have used these links to leave our website, you should note that we have no control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
You can revoke any consent given for the processing of your personal data at any time with effect for the future. Please note that the revocation does not affect the lawfulness of the processing carried out so far and that it does not extend to such processing operations for which there is a legal basis for processing and which may therefore be processed without your consent.
In addition, you have the following data subject rights under Articles 15 to 21 and 77 of the EU General Data Protection Regulation (GDPR) if the legal requirements are met:
You can demand at any time that we provide you with information about which of your personal data we process and how and provide you with a copy of the personal data stored by you, Art. 15 GDPR.
You can demand the correction of incorrect personal data and the completion of incomplete personal data, Art. 16 GDPR.
For the deletion of your personal data: Please note that data which we need for the execution and processing of purchases and for the assertion, exercise and defence of legal claims as well as data for which there are legal, supervisory or contractual retention obligations are excluded from deletion, Art. 17 GDPR.
Under certain circumstances, you can demand the restriction of processing, e.g. if you believe that your data is incorrect, if the processing is unlawful or if you have objected to the processing of the data. This means that your data may only be processed to a very limited extent without your consent, e.g. for the assertion, exercise and defense of legal claims or for the protection of the rights of other natural and legal persons, Art. 18 GDPR.
You have the possibility to object to the processing of data for direct advertising purposes at any time. Furthermore, you can object to data processing at any time if there are special reasons for doing so, which are based on a legitimate interest, Art. 21 GDPR.
You have the right to receive the data that you have provided to us and which we process on the basis of your consent or for the performance of a contract in a common, machine-readable format and to request the direct transmission of this data to third parties within the scope of what is technically feasible, Art. 20 GDPR.
If you believe, for example, that our data processing is unlawful or that we have not granted the rights described above to the necessary extent, you have the right to lodge a complaint with the responsible data protection supervisory authority.
Urban Challenger only processes and stores personal data for the period necessary to achieve the storage purpose or as long as provided for by the European legislator or other legislator in laws or regulations to which the controller is subject.
In accordance with legal requirements in Germany, storage is carried out for 6 years in accordance with § 257 para. 1 HGB and for 10 years in accordance with § 147 para. 1 AO.
If the storage purpose no longer applies or if a prescribed storage period expires, the personal data will be blocked or deleted in accordance with Art. 17 and 18 DS-GVO.
We regularly make changes to our data protection declaration to ensure that we continue to comply with legal regulations in the future. Your rights to information, correction, deletion and objection remain unaffected by such changes. Therefore, always pay attention to the latest update.
Version 1.0 / As of: 09.2023