I. Basics

Here you will learn how we handle your data when using the PartyGuard app and our website partyguard.de.

Personal data includes all information that can be related to you - for example, name, email address, or your usage behavior.

The most important terms briefly explained:

• Personal data is all information that can identify you (name, email, address, etc.)
• Data processing means everything that happens with your data (collecting, storing, using, deleting)
• Controller is who decides how and why data is processed (in this case: FRCK Media)

II. Who is the controller?

The controller responsible for processing your data is:

We will provide you with our full address upon request (to protect against unwanted advertising).
PartyGuard is a service/project of FRCK Media.

III. How to reach our Data Protection Officer

There is no legal obligation for our company to appoint a data protection officer. For questions about data protection, please contact us directly using the contact details provided in section II.

IV. Who is affected by data processing?

When you visit our app or website as an interested party, customer, parent, or other visitor, your personal data is processed in accordance with legal regulations and this policy. All visitors to our website are grouped under the term "users."

V. What data do we collect from you and for what purposes or on what legal basis do we process it?

1. When visiting our website

When you visit our website, only the technically necessary data is collected:

• IP address (only temporarily stored and not used for tracking)
• Date and time of visit
• Pages visited
• Browser information
• Operating system

Why we need this data: This information is technically necessary to display our website to you and to ensure its stability and security. Your IP address is anonymized after 24 hours and completely deleted after four weeks at the latest.

Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest)

2. When using the PartyGuard app

For the use of the PartyGuard app, we process the following data:

• Name and contact details
• For creating a parental consent form ("Muttizettel"): Information about guardians, minors, and supervisors
• QR code scan data (e.g., scanned code, time, associated event)

Why we need this data: This information is necessary for you to create and manage parental consent forms and participate in events. The data is used exclusively for the functionality of the app and is never sold or passed on for advertising purposes.

Legal basis: Art. 6 para. 1 lit. b GDPR (contract performance) and, if applicable, your consent (Art. 6 para. 1 lit. a GDPR)

VI. Right to object according to Art. 21 GDPR

You have the right to object to the processing of your data at any time if it is based on legitimate interests or used for direct marketing. After your objection, we will no longer process your data unless we can demonstrate compelling legitimate grounds.

For direct marketing, you can always object without giving reasons. In other cases, we ask you to state reasons from your personal situation.

A message to us is sufficient for an objection (contact details see above).

Special note on the right to object:
To the extent that we process personal data as explained above to protect our legitimate interests that outweigh yours in the context of a balancing of interests, you may object to this processing with effect for the future. If the processing is carried out for direct marketing purposes, you may exercise this right at any time as described above. If the processing is carried out for other purposes, you only have a right to object if there are grounds arising from your particular situation.

VII. Duration of storage

We store your data only as long as necessary for the respective purposes:

After these periods expire, the data is automatically deleted unless it must be retained longer for legal reasons.

VIII. To whom do we transfer your data?

In general, your personal data is not transferred to third parties. Exceptions only apply if:

• This is necessary for the implementation of the user relationship (e.g., for technical service providers)
• We are legally obliged to pass on information
• The transfer is necessary for the establishment, exercise, or defense of legal claims

All service providers who process personal data on our behalf are contractually obligated to comply with data protection regulations.

IX. Will your data be transferred to locations outside the EU?

A transfer of your personal data to third countries (i.e., outside the EU or the EEA) or to an international organization is not intended. Should this become necessary in the future, it will only take place in compliance with Art. 44 et seq. GDPR, and we will inform you in advance.

X. What are your rights?

Under the GDPR, you have the following rights:

To exercise your rights, simply contact us at info@frck-media.de. You also have the right to file a complaint with a data protection supervisory authority.

We process your requests within 30 days and inform you about the result.

XI. QR code scanner and scan history

The app allows scanning QR codes and storing a scan history. The following data is processed:

• Scanned QR code contents
• Time of scan
• For parental consent forms: Association with the corresponding form

The processing of this data takes place on the basis of Art. 6 para. 1 lit. b GDPR (contract performance), as this function represents an essential component of the service. The scan history is stored locally on your device and includes a maximum of 50 entries. You can delete individual entries or the entire history at any time.

XII. Email communication

When you contact us by email or have activated email notifications, the data you provide (email address, possibly name and request) is stored to answer your request or to inform you about relevant events.

We send emails in the following cases:

• Confirmation of registration
• Password reset
• Confirmation of parental consent form creation
• Information about approval or rejection of parental consent forms (if activated in settings)
• Information about new events (if activated in settings)

This processing takes place on the basis of Art. 6 para. 1 lit. b GDPR (contract performance) and, if applicable, on the basis of your consent according to Art. 6 para. 1 lit. a GDPR. You can adjust or deactivate email notifications in your profile settings at any time.

XIII. When and why is the provision of your data necessary?

When using our PartyGuard app, you provide us with your personal data (e.g., name, address, or email address).

The provision of your personal data is partly required by law (e.g., due to tax regulations). It may also be necessary for the implementation of (pre-)contractual measures. Failure to provide your personal data would result in certain functions of the app not being usable or your request not being answerable.

For the implementation of certain functions of the app, such as the creation of parental consent forms, the provision of the following data is mandatory:

• First and last name
• Address
• Email address
• For parental consent forms: Name, address, phone number, and date of birth of the guardian

Unless otherwise stated in this privacy policy, all other information is voluntary.

XIV. Does automated decision-making (e.g., profiling) take place?

Automated decision-making (including profiling) does not take place. This means:

• No automatic decisions: We do not make decisions about you that are based solely on automated processing and have legal effects or significantly affect you.
• No profiling: We do not create user profiles that automatically analyze various aspects of your person (such as interests, behavior, or location) to make predictions about you.
• No scoring procedures: There is no scoring or evaluation of your behavior that could lead to automated consequences.

All important decisions are made by humans, not by algorithms.

XV. How can you contact us?

You can contact us either by mail, phone, or email (see above).

If, for example, you contact us by email or through our contact form, we automatically store the personal data you voluntarily transmit to us for the purpose of processing your request or contacting you. This data is not shared with third parties.

XVI. How do we secure our data?

The protection of your data is important to us. Therefore, we implement the following security measures:

• Encryption: Data transmission takes place via a secure SSL connection (recognizable by "https" and lock symbol)
• Hosting in Germany: Our servers are located in Germany and are subject to German data protection standards
• Access restrictions: Only authorized persons have access to personal data
• Secure passwords: Passwords are not stored in plain text but are secured with modern encryption methods
• Regular security updates: We always keep our systems up to date with security
• Profile values for parental consent forms: Standard values stored in your profile (such as name, address, and phone number) are kept secure and only used for pre-filling parental consent forms if you use this function
• Protection of sensitive ID data: ID card data provided on parental consent forms is specially protected by:
  • Encrypted storage with enhanced security protocols
  • Strict access restriction only for authorized persons
  • Automatic deletion after 3 months at the latest
  • No transfer to third parties (except as part of legal obligations)
  • No export or download in unencrypted form

We continuously develop our security measures in line with technological developments.

XVII. What are cookies and how do we use them?

On our website, we use so-called cookies. These are small files that contain text information and are stored by your browser or saved on your device.

The so-called transient (or temporary) cookies are automatically deleted when you close your browser. These include session cookies in particular. These store a specific identifier (the so-called session ID), which allows your device to be recognized when you return to our website. This can, for example, store the login status. Session cookies are deleted when you log out or close the browser.

We currently only use cookies that are technically necessary for providing our services. You can manage cookies in your browser settings:

• Chrome: Click on the three dots (top right) → Settings → Advanced → Privacy and Security → Site Settings → Cookies and site data
• Firefox: Click on the three lines (top right) → Settings → Privacy & Security → Cookies and Site Data
• Safari: Safari → Preferences → Privacy → Cookies and website data
• Mobile browsers: In your browser's settings, usually under "Privacy" or "Privacy & Security"

Please note that blocking all cookies may lead to limitations when using our website, as certain functions (such as login) may no longer work.

XVIII. Status of this privacy policy

This privacy policy was created on March 30, 2025. We regularly review it for currency and legal correctness and inform our users about significant changes.