Data Protection Declaration

We, upjers GmbH, located at Hafenstraße 13, 96052 Bamberg, Germany, operate the website www.upjers.com and collect certain data from our visitors to the extent necessary. In the following privacy policy, you will learn what we do with your data, so-called personal data, and why we do this. We also tell you how we protect your data, when the data is deleted and what rights you have thanks to data protection.

If you visit another website - for example via a link on our website - please note that this privacy policy does not apply to this third-party website.

Responsible for this website is:

upjers GmbH
Hafenstraße 13
96052 Bamberg

Phone: +49 (0)951/5109080
Fax: +49 (0)951/510908102
E-mail: mail@upjers.com

Customer support:
Support form: https://support.upjers.com/de/start
Email: support@upjers.com

You can also reach our data protection officer via the contact details. If you have specific questions about your data, its deletion or your rights, you can contact us directly about data protection via the e-mail address datenschutzbeauftragter@upjers.com. If you wish to submit a written request, simply add "Data protection".

You can contact us at any time if you have any questions about your data protection rights or wish to assert any of the following rights:

• Right of revocation pursuant to Art. 7 para. 3 GDPR (e.g. you can contact us if you wish to revoke a previously given consent to a newsletter)
• Right to information in accordance with Art. 15 GDPR (e.g. you can contact us if you would like to know what data we have stored about you)
• Rectification pursuant to Art. 16 GDPR (e.g. you can contact us if your email address has changed and you want us to replace the old email address)
• Erasure in accordance with Art. 17 GDPR (e.g. you can contact us if you want us to erase certain data that we have stored about you)
• Restriction of processing in accordance with Art. 18 GDPR (e.g. you can contact us if you do not want us to delete your email address but only want us to use it to send essential emails)
• Data portability in accordance with Art. 20 GDPR (e.g. you can contact us to receive your data stored by us in a compressed format, e.g. because you want to make the data available to another website)
• Objection pursuant to Art. 21 GDPR (e.g. you can contact us if you do not agree with one of the advertising or analysis procedures specified here)
• Right to lodge a complaint with the competent supervisory authority pursuant to Art. 77 (1) GDPR (e.g. you can also contact the data protection supervisory authority directly if you have a complaint)
• Insofar as processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR, you have the right to object in accordance with Art. 21 GDPR.

If no specific storage period is specified in the individual sections, the data will be deleted at the latest after the expiry of statutory retention periods or after the purpose of processing no longer applies. Your data will also be blocked or deleted if a storage period prescribed by law expires, unless there is a need for further storage of the data for the conclusion or fulfillment of a contract. Certain data may have to be stored for longer for legal reasons. You can of course request information about the stored data at any time.

We will take all reasonable and appropriate measures to protect the personal information we store from misuse, loss or unauthorized access. To this end, we have taken a number of technical and organizational measures. This includes measures to deal with any suspected data breaches.

If you suspect that your personal information has been misused, lost or accessed without authorization, please let us know as soon as possible and contact us using the contact details above!

If you merely wish to browse our website, we do not collect any personal data, with the exception of the data that your browser transmits to enable you to visit the website, first and foremost:

• Approximate location based on IP range (country of connection only)
• Internet provider (e.g. Kabel Deutschland or Deutsche Telekom)
• Date and time (e.g. 11:45 on 25.05.2018)
• Browser (e.g. Chrome or Safari)

It is generally not possible for us to identify you directly from this data. The data is only used for anonymous, statistical purposes to optimize our website.

The purpose of the temporary storage of the data at the beginning is to ensure the connection, as well as the accessibility and correct display of our website.

The legal basis is the so-called legitimate interest, which has been examined in the context of the aforementioned protective measures and in accordance with the European data protection requirements of Art. 6 para. 1 lit. f GDPR. Accordingly, our interest in the secure and trouble-free provision of our services permits the use of the above-mentioned technical data, which, due to their nature, represent an extremely minor interference with the informational self-determination of visitors.

You have the option of contacting our support team. By clicking on "Support" on our website, you will be redirected to https://support.upjers.com/de/start. You can also send a request by e-mail to support@upjers.com.

The following data can be requested from us:

• User name or login name
• User ID
• upjers ID
• e-mail address
• Payment service provider, if applicable
• Message or support request
• Plugins (e.g. Adobe Flash)
• Operating system (e.g. Mac OS)
• Hardware (e.g. Intel processor)
• Browser

As a protection measure, the support request is made via an encrypted connection. We also apply the principle of data minimization and only collect the data actually required in the support form. After successfully contacting you and completing the support, your data will be deleted after processing has been completed, taking into account statutory retention periods.

The sole purpose of the data requested is to contact you and provide customer support, which is why the data is only used for this purpose.

The legal basis is Art. 6 para. 1 lit. b GDPR (performance of contract).

You can also access our games for mobile devices (hereinafter: apps) in the app stores via a link on our website.

When downloading an app, required information is collected by the respective app store, in particular the time of download, title, language version and an advertiser ID/individual device identification number. We have no influence on this data collection and are not responsible for it. The app stores provide information on their handling of personal data in their own privacy policies. We process data in the context of app use to the extent necessary for downloading the mobile app to your mobile device, providing the respective game and processing in-game purchases.

Further information on data processing in the context of app use can be found in our privacy policy for mobile applications (https://de.upjers.com/mprivacy).

You also have the option of registering on our website and then logging in with a user account at any time. The following data is required to register with us:

• E-mail address
• User name or login name
• Password

As a protection measure, the data you enter is transmitted via an encrypted connection. We also apply the principle of data minimization and only collect the data that is actually required. Please do not use your real name or that of another person as your user name. We also assign you to a country based on the IP address transmitted by your device. This data is stored in order to be able to show you the appropriate range of payment methods. You can change your selection at any time. After creating a user account, your data will be stored until you decide to change individual data or delete the entire user account.

The purpose of the data requested is to create a user account to use our browser games and extended functions on the website (e.g. in-game messages, forum posts). Registration is voluntary and can be revoked or the user data deleted at any time.

The legal basis is Art. 6 para. 1 lit. b GDPR (performance of a contract).

Some upjers games are integrated into social networks (e.g. Facebook). There, the games are referred to as "apps" or "applications", for example. In addition, individual games may offer additional functions that allow interaction with other players in connection with a specific network (e.g. Twitch extensions). The respective network itself is responsible for its data processing and any data transmission in compliance with data protection regulations and informs its users about this in its own privacy policy (see Facebook: https://de-de.facebook.com/policy.php; Twitch: https://www.twitch.tv/p/de-de/legal/privacy-notice/).

However, we would like to point out that you may be asked by a network to consent to the transfer of personal data if you wish to use an integrated upjers game or additional functions within a network. In the case of Facebook, the following data may be affected:

• First name, last name, gender, date of birth
• Profile picture or corresponding URL
• Login e-mail address provided during registration on Facebook
• Location and access devices
• User ID number, which is linked to publicly accessible information (on Facebook)
• User ID number of your friends who are also connected to the game.

If you consent to data transmission, the network may send data to upjers. upjers only processes such data if it is absolutely necessary for the provision of the game or certain additional functions. upjers would like to point out that you can influence the scope of information that the network shares by making the appropriate privacy settings yourself. An influence can be exerted in particular by

• You control what information your Facebook friends share with you/about you,
• blocking specific applications or preventing them from collecting certain information about you,
• ignoring certain game invitations,
• control who can view your activities.

In addition to manual registration, we offer you the option of registering with us directly using your existing user account with another platform (e.g. Facebook, Amazon). If you wish to use this type of registration, you will be redirected to the page of the respective provider after selecting the platform and navigated through the registration process.

As a protection measure, the data you enter is transmitted via an encrypted connection to the respective platform. We do not use the login to access personal data such as friends lists or contacts or to store them for our own purposes. There is no permanent link between your user account and the user account on Facebook and Amazon.

Insofar as personal data is transferred to countries outside the European Union or the European Economic Area, this is done on the basis of the EU-US Data Privacy Framework (DPF), provided the respective provider is certified, or on the basis of the EU standard contractual clauses in accordance with Art. 46 GDPR. Further details can be found in the privacy policies of Facebook (https://de-de.facebook.com/policy.php) and Amazon (https://www.amazon.com/gp/help/customer/display.html?nodeId=468496).

The purpose of the requested data is the registration via an existing user account for the use of extended functions on the website. Registration via the social networks is voluntary and can be revoked or the user account canceled at any time.

The legal basis is Art. 6 para. 1 lit. b GDPR (performance of a contract). Any further data transmission is based on your consent.

The games we operate offer you various options for communicating with us or other players. We use automatic filtering systems that prevent the mass sending of messages or offensive, violent, obscene, racist or otherwise objectionable statements or messages of an advertising nature. Furthermore, we log the use of the communication channels provided for a short period of time in order to analyze and correct technical errors, to ensure system security and integrity, to combat abusive and/or unauthorized use and to compile usage statistics on a pseudonymized or aggregated basis. The logs created contain the date and time of the message, its sender and recipient, the message text and the volume of data transmitted.

In the event of suspicion of misuse and/or unauthorized use of the communication channels provided (e.g. if a message is reported by the recipient), we reserve the right to investigate the player account concerned and the messages sent by this player account and to take further measures if necessary.

As a protective measure, the data you enter is transmitted via an encrypted connection of the respective platform.

The purpose of the processing is to provide an in-game communication solution for the exchange of messages between players.

The legal basis is Art. 6 para. 1 lit. b, c and f GDPR. The use of the filter systems serves to check compliance with the rules of proper communication and to protect the rights of third parties. These purposes also constitute our legitimate interest in data processing in accordance with Art. 6 para. 1 lit. f GDPR. The interest in protecting our customers from possible criminal offenses, such as insults, ultimately outweighs the interest in unrestricted anonymous communication.

When you initiate a payment process to purchase premium currency, you must enter additional data. Which data this is depends on the type of payment method you choose. upjers also allows you to use anonymous payment methods.

Various payment processing services are available to you, which you can select. The cooperation with third parties also concerns payment processing via external service providers (Paypal, credit card companies, mobile network operators, Paysafecard, Barzahlen, Sofortüberweisung, etc.). These external service providers are obliged to treat your data in a lawful, confidential and secure manner and may only use your data insofar as this is necessary to fulfill their task.

You are free to decide which payment option you use and we refer in this respect to the data protection provisions and notes of the respective provider.

The payment provider collects the customer's personal data on its own responsibility in order to process the payment. The payment service provider then sends a response to upjers confirming the successful transaction. As a rule, we do not receive any personal transaction data from the payment providers.

However, we would like to point out that we store the customer's IP address for a confirmed payment transaction. The sole purpose of this is to fulfill our tax obligations. We can use the IP address to determine the place of performance for VAT purposes. The data is stored by us in accordance with the retention periods under tax law.

As an exception, further personal data is already collected on our websites when the following payment methods are used:

"Purchase on monthly invoice"

As part of the payment process, upjers collects personal data via a form and forwards it to the payment provider Payolution GmbH and the commissioned bank for a credit check. Further information on data processing will be made available to you in a special privacy policy as part of the payment process. Your personal data will only be processed with your consent, which you declare during the payment process.

We send emails that directly relate to the contractual relationship, e.g. contract confirmation, to the email address provided during registration.
Without your consent, we will not send you any emails that do not directly concern the contractual relationship, e.g. newsletters. We use a so-called double opt-in procedure to obtain your consent.

This means that we will only send you a newsletter by email if you confirm that you wish to receive our newsletter by clicking on a link in our notification email.

You can of course unsubscribe from our newsletter at any time; you will find a link to do so in every newsletter. Alternatively, you can contact our customer support via the support form or via the email address support@upjers.com.

We work with the service provider Emarsys eMarketing Systems AG, Hans-Fischer-Straße 10, 80339 Munich, Germany, to send our newsletter. We have concluded an order processing contract with this service provider in accordance with the requirements of Art. 28 GDPR.

The legal basis for sending emails that directly concern the contractual relationship is the execution of the contract. The legal basis for sending emails that do not directly concern the contractual relationship is your consent in accordance with Art. 6 para. 1 lit. a GDPR.

Our website partly uses so-called cookies. Cookies are small text files that are usually stored in a folder in your browser. Cookies contain information about the current or last visit to the website:

• Name of the website
• Expiry date of the cookie
• Any value

If cookies do not contain an exact expiration date, they are only stored temporarily and automatically deleted as soon as you close your browser or restart your device. Cookies with an expiration date remain stored even if you close your browser or restart your device. Such cookies are only deleted on the specified date or when you delete them manually.

We use the following three types of cookies on our website:

• Required cookies (we need these, e.g. to display the website correctly for you and to temporarily store certain settings)
• Functional and performance-related cookies (these help us, for example, to evaluate technical data from your visit and thus avoid error messages). Such cookies are used to provide our website with additional functions that go beyond what is technically necessary and significantly improve the user experience. They also include simple tracking pixels that statistically record certain actions on the pages in anonymous form and are used in particular to measure and bill advertising campaigns. We do not use functional and performance-related cookies to collect personal data or for advertising purposes.
• Advertising and analytics cookies (these ensure that, for example, advertisements for shoes are displayed if you have previously searched for shoes)

You can configure, block and delete cookies in your browser settings. If you delete all cookies from our website, some functions of the website may not be displayed correctly. The Federal Office for Information Security provides helpful information and instructions for the most common browsers: https://www.bsi-fuer-buerger.de/BSIFB/DE/Empfehlungen/EinrichtungSoftware/EinrichtungBrowser/Sicherheitsmassnahmen/Cookies/cookies_node.html

Legal basis Technically required cookies are necessary to provide the basic functions of our website. In this respect, processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR. All other cookies and technologies (e.g. analysis, marketing or advertising cookies) are used exclusively on the basis of your consent in accordance with Art. 6 para. 1 lit. a GDPR and § 25 TTDSG. Consent is given via our consent management tool and can be revoked at any time with effect for the future.

We use the provider YouTube for the direct integration of videos. YouTube is operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. When you play the embedded videos, a connection to the Google servers is established and, for technical reasons, at least your IP address is transmitted. If you are also logged into your user account, Google will assign information about the videos you have accessed to your personal user account, for example. You can prevent this assignment by logging out of your Google user account before using our website.

The high security standards of the Google platform and the associated Google privacy policy (http://www.google.com/intl/de-DE/privacy) apply as protective measures. Insofar as personal data is transferred to countries outside the European Union or the European Economic Area, this is done on the basis of the EU-US Data Privacy Framework (DPF), provided the respective provider is certified, or on the basis of the EU standard contractual clauses pursuant to Art. 46 GDPR.

In addition, we integrate YouTube videos with extended data protection settings and a server solution. The user is initially only shown a preview image that is loaded from an upjers server. Only after pressing the play button is the YouTube image activated and a limited data exchange with YouTube takes place.

The purpose of the data transfer is to integrate YouTube's video offerings, which are popular among our users, in order to be able to conveniently access the displayed videos without leaving our website.

The legal basis is your consent in accordance with Art. 6 para. 1 lit. a GDPR, which can be declared by activating the YouTube player.

We use Google Tag Manager, a service provided by Google Ireland Limited, Google Building Gordon House, Barrow St, Dublin 4, Ireland ("Google"). With the help of Google Tag Manager, website tags can be managed via an interface.

According to Google, Google Tag Manager is a cookie-free domain that does not collect any personal data. Google Tag Manager triggers other tags, which in turn may collect data. Google Tag Manager does not access this data. If deactivation has been carried out at domain or cookie level, this remains in place for all tracking tags that are implemented with Google Tag Manager.

Further information on data protection can be found in Google's privacy policy: https://policies.google.com/privacy?hl=de&gl=de

The legal basis for the use is your consent in accordance with Art. 6 para. 1 lit. a GDPR, which can be declared in the context of our cookie banner.

We use Google Analytics, a web analytics service provided by Google Ireland Limited, Google Building Gordon House, Barrow St, Dublin 4, Ireland ("Google"). Google Analytics uses the advertising and analysis cookies described above to analyze our website with regard to your usage behavior. The information generated by cookies about the use of this website is transmitted to a Google server and stored there. However, your IP address is shortened before the usage statistics are analyzed, so that no conclusions can be drawn about your person. For this purpose, Google Analytics has been extended on our website by the code "anonymizeIp" to ensure pseudonymized collection of IP addresses. Google will use the pseudonymized information obtained from the cookies to evaluate your use of the website, to compile reports on website activity for website operators and to provide other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf.

As a protective measure, we use the anonymization procedure offered by Google, which means that subsequent evaluation of the data is not based on your person, but only on a statistical basis. In addition, the high security standards of the Google platform and the associated Google privacy policy apply (http://www.google.com/intl/de-DE/privacy). We have also concluded a special data protection agreement with Google, which stipulates the protection of your data through technical and organizational protective measures. If data is transferred to the USA, this is done on the basis of the EU-US Data Privacy Framework (DPF) or the EU standard contractual clauses pursuant to Art. 46 GDPR.

The purpose of using Google Analytics is the pseudonymized analysis of your usage behavior on our websites. The insights gained from this help us to improve our offering.

Legal basis: The processing takes place exclusively on the basis of your consent in accordance with Art. 6 para. 1 lit. a GDPR and § 25 TTDSG.

We use "Google Ads" on our website, a service provided by Google Ireland Limited, Google Building Gordon House, Barrow St, Dublin 4, Ireland ("Google").

If you access our website via a Google ad, Google Ads will store a cookie on your PC. These cookies generally lose their validity after 30 days. The following information is usually stored as analysis values for this cookie: unique cookie ID, number of ad impressions per placement, last impression, opt-out information.
These cookies enable Google to recognize your web browser. If a user visits certain pages of an Ads customer's website and the cookie stored on their computer has not yet expired, Google and the customer can recognize that the user clicked on the ad and was redirected to this page.

We do not receive any individual personal information from Google, but only aggregated statistical evaluations. Based on these evaluations, we can recognize which of the advertising measures used are particularly effective. We have no influence on the scope and further use of the data collected by Google through the use of Google Ads. To the best of our knowledge, Google receives the information that you have accessed the relevant part of our website or clicked on one of our ads. If you have a user account with Google and are registered, Google can assign the visit to your user account. However, even if you are not registered with Google, it is possible that Google will process your IP address.

As a protective measure, the service is deactivated on our websites by default and can be activated via the cookie banner. In addition, the high security standards of the Google platform and the associated Google privacy policy apply (http://www.google.com/intl/de-DE/privacy). We have also concluded a special data protection agreement with Google, which stipulates the protection of your data through technical and organizational protective measures. Insofar as personal data is transferred to countries outside the European Union or the European Economic Area, this is done on the basis of the EU-US Data Privacy Framework (DPF), provided the respective provider is certified, or on the basis of the EU standard contractual clauses in accordance with Art. 46 GDPR.

The purpose of using Google Ads is to draw attention to our offer by means of advertising material on external websites and to attract new customers. Google Ads allows us to track how successful individual advertising measures are and optimize advertising campaigns if necessary.

The legal basis for the use of Google Ads is your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR, which you can declare in our cookie banner.

We use "Facebook Pixel" on our website, a service provided by Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland ("Facebook").

Facebook Pixel allows us to check whether a user has been redirected to our website after clicking on our Facebook ads. Among other things, Facebook Pixel uses cookies, i.e. small text files that are stored locally in the cache of your web browser on your end device.

If you are logged in to Facebook with your user account, your visit to our website will be noted in your user account. The data collected about you is anonymous to us and does not allow us to draw any conclusions about the identity of the user. However, this data can be linked by Facebook to your user account there. We have no influence on the scope and further use of data collected by Facebook through the use of Facebook pixels. To the best of our knowledge, Facebook receives the information that you have accessed the relevant part of our website or clicked on one of our ads. If you have a Facebook user account and are registered, Facebook can assign the visit to your user account. Even if you are not registered with Facebook or have not logged in, it is possible that Facebook will process your IP address and any other identifying features.

As a protective measure, the service is deactivated by default on our websites and can be activated via the cookie banner. In addition, Facebook's high security standards and the associated privacy policy apply at https://www.facebook.com/about/privacy. We have also concluded a special data protection agreement with Facebook, which stipulates the protection of your data through technical and organizational security measures. Insofar as personal data is transferred to countries outside the European Union or the European Economic Area, this is done on the basis of the EU-US Data Privacy Framework (DPF), provided the respective provider is certified, or on the basis of the EU standard contractual clauses in accordance with Art. 46 GDPR.

The purpose of using Facebook pixels is to market our offers. It is used in particular for the evaluation, billing and optimization of advertising campaigns on Facebook.

The legal basis is your consent pursuant to Art. 6 para. 1 sentence 1 lit. a) GDPR, which you can declare in our cookie banner.

We have integrated advertising videos in various places in our offers and games. Our advertising partners provide selected content there, which we play for them. We would like to point out that our free2play system also depends on our advertising partners and we endeavor to implement this in the interests of our users. If you as a user watch the web videos provided, you can receive premium currency or game functions. If you have any further questions, please contact our customer support.

We work with the following providers:

adbility

We also work with our partner adbility media GmbH, Große Elbstraße 38, 22767 Hamburg, Germany. adbility uses technologies to control and optimize the display of advertising material for the user. Further information on data processing can be found at: https://www.adbility-media.com/datenschutz/.

As a protective measure, the video frames are clearly marked as advertisements and it is pointed out that the offer is provided by third parties. The user is informed in advance on a preview page, which is loaded from an upjers server, that after activating the video player, data about the viewing of the advertising videos may be transmitted to the respective provider. Such data transmission only takes place after the video player has been activated. Only pseudonymous usage data is processed. We have also entered into an agreement with adbility media GmbH in accordance with Art. 26 GDPR, according to which both we and adbility are responsible for the processing of your data. You can therefore contact us and adbility if you have any questions about data processing. You can find contact details at https://www.adbility-media.com/kontakt/

The purpose of the processing is the display of advertising material to enable our free2play offer.

The legal basis is the consent of the user in accordance with the European data protection requirements of Art. 6 para. 1 lit. a GDPR, which can be declared by activating the video player.

On our websites, pseudonymous information about the surfing behavior of website visitors is collected and stored for marketing purposes using technology from Criteo SA, 32 Rue Blanche, 75009 Paris, France. This data is stored in cookies on the visitor's computer. Criteo SA uses an algorithm to analyze the pseudonymized recorded surfing behavior and can then display targeted product recommendations as personalized advertising banners on other websites (so-called publishers). Under no circumstances can this data be used to personally identify you as a visitor to our website. The collected data is only used to improve the offer. This information will not be used in any other way or passed on to third parties.

You can object to the pseudonymous analysis of your surfing behavior on our websites by clicking here on Criteo opt-out. If you have already opted out (opt-out cookie) and would like to be shown personalized Criteo banners again, please click on Criteo registration.

Further information on the technology used can be found in the Criteo SA privacy policy.

As a protective measure, the data is not evaluated on the basis of your person, but only on a statistical basis. In addition, Criteo's high security standards apply. We have also entered into an agreement with Criteo in accordance with Art. 26 GDPR, according to which both we and Criteo are responsible for the processing of your data. You can therefore contact us and Criteo if you have any questions about data processing. You can find contact details at https://www.criteo.com/de/legal/

The purpose of using Criteo is the pseudonymized analysis of your usage behavior on our websites and the provision of interest-based advertising.

The legal basis is your consent in accordance with Art. 6 para. 1 lit. a GDPR, which you can give when you visit our websites in the context of our cookie banner.

We use the following social plug-ins on our website: "Like" button from Facebook, "Google +1" button from Google and the Twitter "Tweet".

You can recognize the provider of the plug-in by the marking on the box above its initial letter or logo. We give you the opportunity to communicate directly with the provider of the plug-in via the button. Only if you click on the marked field and thereby activate it will the plug-in provider receive the information that you have accessed the corresponding website of our online offering. In the case of Facebook, according to the provider in Germany, the IP address is pseudonymized immediately after collection. By activating the plug-in, your personal data is therefore transmitted to the respective plug-in provider and stored there. As the plug-in provider collects data in particular via cookies, we recommend that you delete all cookies via your browser's security settings before clicking on the grayed-out box.

We have no influence on the data collected and data processing procedures, nor are we aware of the full scope of data collection, the purposes of processing or the storage periods. We also have no information on the deletion of the data collected by the plug-in provider.

The plug-in provider stores the data collected about you as usage profiles and uses these for the purposes of advertising, market research and the needs-based design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) to display needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact the respective plug-in provider to exercise this right. We offer you the opportunity to interact with the social networks and other users via the plug-ins so that we can improve our offering and make it more interesting for you as a user.

Data is passed on regardless of whether you have an account with the plug-in provider and are logged in there. If you are logged in with the plug-in provider, your data collected by us will be assigned directly to your existing account with the plug-in provider. If you click the activated button and, for example, link the page, the plug-in provider also saves this information in your user account and shares it publicly with your contacts. We recommend that you regularly log out of a social network after using it, but especially before activating the button, as this way you can avoid being assigned to your profile with the plug-in provider.

Further information on the purpose and scope of data collection and its processing by the plug-in provider can be found in the data protection declarations of these providers provided below. There you will also find further information on your rights in this regard and setting options to protect your privacy.

Addresses of the respective plug-in providers and URL with their data protection notices:

Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland; further information on data collection: http://www.facebook.com/policy.php.

Google Ireland Limited, Google Building Gordon House, Barrow St, Dublin 4, Ireland; further information on data collection: https://www.google.com/policies/privacy/partners/?hl=de.

Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, Ireland; further information on data collection: https://twitter.com/privacy.

The high security standards of the Google platform of Facebook and Twitter and the associated privacy policy of the platforms apply as protection measures (see above). The services have submitted to the EU standard contractual clauses and thus legitimized a possible transfer of data to the USA. We do not collect any personal data by means of the social plugins or through their use. To prevent data from being transferred to service providers in the USA without the user's knowledge, we use the so-called Shariff solution. This solution ensures that no personal data is initially passed on to the providers of the individual social plugins when you visit our website. Only when you click on one of the social plugins can data be transferred to the service provider and stored there. You can find more information about the Shariff solution on the website of the provider, Heise Medien Gmbh & Co. KG: http://m.heise.de/ct/artikel/Shariff-Social-Media-Buttons-mit-Datenschutz-2467514.html

The purpose of the data transfer is to integrate the plugins so that users can share content and communicate interests to other users.

The legal basis is your consent in accordance with Art. 6 para. 1 lit. a GDPR, which you can declare by activating the social plugin.

upjers operates fan pages on various social media to provide information about its products and services and to communicate with its customers. Fan pages are maintained on the following platforms:

a) Facebook, a service of Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland; privacy policy: https://www.facebook.com/about/privacy/

b) Instagram, a service of Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland; privacy policy: https://help.instagram.com/519522125107875

c) Youtube, a service of Google Ireland Limited, Gordon House, Barrow Street Dublin 4, Ireland; Privacy Policy: https://policies.google.com/privacy?hl=de&gl=de

d) Twitter, a service of Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, Ireland; Privacy Policy: https://twitter.com/de/privacy

e) Pinterest, a service of Pinterest Europe Ltd, Palmerston House, 2nd Floor, Fenian Street
Dublin 2, Ireland; Privacy Policy: https://policy.pinterest.com/de/privacy-policy

f) Discord, a service of Discord Inc, 444 De Haro Street Suite 200 San Francisco, CA 94107, USA; Privacy Policy: https://discord.com/new/privacy

The platform may collect personal data and website/usage data via fan pages. The platform may provide the operators with statistical data about the visitors to the fan pages in pseudonymized form.
According to case law, the platform and the fan page operator are jointly responsible for data processing within the framework of a fan page on the Facebook platform. This relationship is governed by a special agreement (www.facebook.com/legal/terms/page_controller_addendum).

The purpose of data processing by the platforms is for market research and advertising purposes. For example, usage profiles can be created from the usage behavior and the resulting interests of the users. The usage profiles can be used, for example, to place advertisements within and outside the platforms that may correspond to the interests of the users. For these purposes, Facebook, for example, regularly stores cookies on users' computers, in which the usage behavior and interests of the users are stored.
The platforms do not pass on any personal data to the operators of fan pages. If upjers is provided with pseudonymized statistics by a platform, we use these exclusively to make our fan pages more customer-friendly.

The legal basis for data processing in the context of the fan pages is generally your consent pursuant to Art. 6 para. 1 lit. a. GDPR, which you declare to the respective platform when you register. Consent can be withdrawn from the platform, e.g. for Facebook via https://www.facebook.com/settings?tab=ads and http://www.youronlinechoices.com. Alternatively, the use of such sites can be terminated.

Your rights, in particular requests for information, can be asserted most effectively against the respective platform. Facebook provides an information portal for this purpose, which can be used to view and download the data collected by Facebook: https://www.facebook.com/help/1701730696756992?helpref=hc_global_nav. Only the platform has access to the user's data and can take appropriate measures and provide information directly. If you still need help, you are welcome to contact us.

Sometimes it may be necessary for us to process personal data and, where applicable - in accordance with local laws and regulations - sensitive personal data in connection with the exercise or defense of legal claims. Article 9(2)(f) of the GDPR allows this if the processing is "necessary for the establishment, exercise or defense of legal claims or when courts are acting in their judicial capacity".

This may occur, for example, if we require legal advice in relation to legal proceedings or are required by law to preserve or disclose certain information in the course of legal proceedings.

upjers’ services are intended for users aged 16 years and older. Individuals under the age of 16 are not permitted to create an account or use our services.

If we become aware that personal data has been collected from a person under the age of 16, we will take appropriate steps to delete such data without undue delay.

We do not knowingly process personal data of children under the age of 16.

upjers reserves the right to amend this Privacy Policy at any time, but upjers will always comply with the applicable data protection laws. upjers recommends that you inform yourself about the current Privacy Policy each time you visit the Website and the Games.

Our games are offered internationally. As a company based in Germany, we are subject to European data protection regulations, in particular the General Data Protection Regulation (GDPR). Insofar as personal data is processed in the context of the use of our games, this is done on the basis of the applicable legal provisions and the legal bases described in this privacy policy.

If consent is required for certain processing, this is obtained in advance and can be revoked at any time with effect for the future. Consent is obtained via a consent management system that ensures that non-technically required tracking or analysis functions are only activated after active consent has been given. Processing for these purposes does not take place without consent.

Status of the privacy policy: February 2026