Privacy Policy

Privacy Policy

This privacy policy explains how personal data is processed on this website in accordance with Articles 13 and 14 GDPR.

1. Controller

The controller responsible for data processing on this website is:

Ilka Warstat-Schibilak
Georg Westermann-Allee 78
38102 Braunschweig
E-mail: info@kinderklassik.com

2. Hosting and technical provision

When you access this website, the hosting provider processes technically required connection data (in particular IP address, date/time, requested URL, referrer, browser type, operating system, status codes).

This processing is necessary to provide the website securely and reliably (e.g., content delivery, error analysis, abuse prevention) and is based on Article 6(1)(f) GDPR.

3. External content and third-party services

3.1 External fonts and icons

Fonts and icons used for presentation are served locally from this repository (no external loading from Google Fonts or Font Awesome CDNs).

Therefore, loading these resources does not by itself transmit your IP address to those third-party providers.

Legal basis: Article 6(1)(f) GDPR (legitimate interest in a consistent and performant presentation).

3.2 Embedded or linked third-party content

If pages embed or load external content (e.g., media, maps, external images), the privacy policies of the respective providers also apply.

4. Game features, leaderboards, and local storage

This website includes browser games. Depending on the game and selected features, different data may be processed.

4.1 Local browser storage (Local Storage)

For technical operation and usability, the website stores settings and game data locally in your browser (e.g., theme mode, high scores, audio settings, unlocked content).

This processing is based on Article 6(1)(f) GDPR. You can delete local data at any time in your browser settings.

4.2 Online leaderboards / account features (Supabase)

For selected games, online leaderboards and optional login features are provided via Supabase.

Depending on usage, the following data may be processed in particular:

  • user-selected username (or guest name)
  • score / high score
  • timestamps for game and leaderboard updates
  • for account usage: login credentials (managed as an account in Supabase), user ID, and related profile data (e.g., league assignment)

Legal bases:

  • Article 6(1)(b) GDPR (provision of requested leaderboard/account features)
  • Article 6(1)(f) GDPR (security, abuse prevention, technical operation)

The recipient is the technical service provider Supabase (as processor or independent controller depending on the specific processing activity).

5. Cookies and similar technologies

This website does not use tracking or marketing cookies.

Where browser-side storage (e.g., Local Storage) is used, this is limited to technically required or user-requested functionality.

When account/leaderboard features are enabled, technically required Supabase authentication data (e.g., session tokens in browser storage) may also be used.

6. Contact by e-mail

If you contact us by e-mail, we process the data you provide (e.g., e-mail address, name, message content) to handle your request.

Legal bases:

  • Article 6(1)(b) GDPR (pre-contractual measures / contract performance), where applicable
  • Article 6(1)(f) GDPR (handling other inquiries)

7. Recipients and third-country transfers

Data is disclosed to third parties only where required for technical operation or where there is a legal obligation.

When using services from international providers (e.g., Google, Cloudflare, Supabase), transfers to countries outside the EU/EEA (especially the USA) cannot be ruled out. Where required, transfers are based on appropriate safeguards under Articles 44 et seq. GDPR (e.g., Standard Contractual Clauses).

8. Retention period

Personal data is stored only as long as necessary for the stated purposes or as required by statutory retention obligations.

  • Server/technical data: generally short-term according to hosting operational necessity
  • E-mail communication: until final handling, and longer where legally required
  • Leaderboard/account data: until deletion by the controller or technical operator, or when the purpose no longer applies

9. Your rights

Under the GDPR, you have the following rights in particular:

  • access (Article 15 GDPR)
  • rectification (Article 16 GDPR)
  • erasure (Article 17 GDPR)
  • restriction of processing (Article 18 GDPR)
  • data portability (Article 20 GDPR)
  • objection (Article 21 GDPR)
  • withdrawal of consent with effect for the future (Article 7(3) GDPR)

You also have the right to lodge a complaint with a data protection supervisory authority (Article 77 GDPR).

10. Requirement to provide data

There is generally no legal obligation to provide personal data. However, without technically necessary data, the website cannot be provided properly; without voluntary information (e.g., e-mail content, leaderboard username), corresponding features cannot be used.

11. Automated decision-making

No solely automated decision-making, including profiling under Article 22 GDPR, takes place.

12. Data security

Appropriate technical and organizational measures are used to protect personal data against loss, manipulation, and unauthorized access.

13. Changes to this privacy policy

This privacy policy may be updated to reflect legal, technical, or organizational changes. The version published on this website applies.

Version date: April 8, 2026

Note: Eine rechtliche Prüfung wird noch benötigt.