Privacy Policy
Below we inform you in accordance with the statutory requirements of data protection law (in particular pursuant to the BDSG as amended and the European General Data Protection Regulation, GDPR) about the type, scope and purpose of the processing of personal data by our company. This privacy policy also applies to our website and our Instagram profile. With regard to the definition of terms such as personal data or processing, we refer to Art. 4 GDPR.
Name and contact details of the controllerOur controller (hereinafter the Controller) within the meaning of Art. 4 No. 7 GDPR is:
Sascha Dumke
Mathildenstraße 6
90489 Nürnberg, Germany
Email address: hi@99darts.com
Types of data, purposes of processing and categories of data subjects
Below we inform you about the type, scope and purpose of the collection, processing and use of personal data.
1. Types of data we processUsage data (access times, websites visited, etc.), master data (name, address, etc.), contact data (phone number, email, fax, etc.), payment data (bank details, account data, payment history, etc.), contract data (subject matter of the contract, term, etc.), communication data (IP address, etc.), entered dart throws.
2. Purposes of processing pursuant to Art. 13 para. 1 c) GDPR
Processing of contracts, technical and economic optimization of the website, fulfillment of contractual obligations, optimization and statistical evaluation of our services, improving user experience, making the website user friendly, creating statistics, handling contact requests, providing websites with functions and content, uninterrupted, secure operation of our website,
3. Categories of data subjects pursuant to Art. 13 para. 1 e) GDPR
Visitors/users of the website, customers,
The data subjects are collectively referred to as users.
Legal bases for the processing of personal data
Below we inform you about the legal bases for the processing of personal data:
- If we have obtained your consent for the processing of personal data, Art. 6 para. 1 sentence 1 lit. a) GDPR is the legal basis.
- If processing is necessary for the performance of a contract or for the implementation of pre contractual measures taken at your request, Art. 6 para. 1 sentence 1 lit. b) GDPR is the legal basis.
- If processing is necessary for compliance with a legal obligation to which we are subject (e.g. statutory retention obligations), Art. 6 para. 1 sentence 1 lit. c) GDPR is the legal basis.
- If processing is necessary to protect vital interests of the data subject or of another natural person, Art. 6 para. 1 sentence 1 lit. d) GDPR is the legal basis.
- If processing is necessary to safeguard our legitimate interests or those of a third party and your interests or fundamental rights and freedoms do not override those interests, Art. 6 para. 1 sentence 1 lit. f) GDPR is the legal basis.
Disclosure of personal data to third parties and processors
Without your consent, we generally do not pass on data to third parties. Should this nevertheless be the case, disclosure takes place on the basis of the legal bases mentioned above, for example on the basis of a court order or due to a legal obligation to disclose data for the purpose of criminal prosecution, hazard prevention or enforcement of intellectual property rights.
We also use processors (external service providers, e.g. for web hosting of our websites and databases) to process your data. If data is passed on to processors within the framework of a data processing agreement, this always takes place in accordance with Art. 28 GDPR. We carefully select our processors, monitor them regularly and have reserved the right to issue instructions regarding the data. In addition, processors must have implemented appropriate technical and organizational measures and comply with the data protection provisions pursuant to the BDSG as amended and the GDPR
Transfer of data to third countries
The adoption of the European General Data Protection Regulation (GDPR) created a uniform basis for data protection in Europe. Your data is therefore mainly processed by companies to which the GDPR applies. Should processing nevertheless be carried out by third party services outside the European Union or the European Economic Area, they must meet the special requirements of Art. 44 et seq. GDPR. This means that processing takes place on the basis of special guarantees, such as the officially recognized determination by the EU Commission of an adequate level of data protection or compliance with officially recognized special contractual obligations, the so called standard contractual clauses.
Insofar as we obtain your express consent to the transfer of data to the USA pursuant to Art. 49 para. 1 sentence 1 lit. a) GDPR due to the ineffectiveness of the so called Privacy Shield, we point out in this regard the risk of secret access by US authorities and the use of the data for surveillance purposes, possibly without legal remedies for EU citizens.
Deletion of data and storage period
Unless expressly stated in this privacy policy, your personal data will be deleted or blocked as soon as the consent you have given for processing is revoked or the purpose for storage no longer applies or the data is no longer required for the purpose, unless further retention is required for evidentiary purposes or statutory retention obligations oppose this. These include, for example, commercial law retention obligations for business letters pursuant to Section 257 para. 1 HGB (6 years) as well as tax law retention obligations pursuant to Section 147 para. 1 AO for receipts (10 years). When the prescribed retention period expires, your data will be blocked or deleted, unless storage is still required for concluding or fulfilling a contract.
Existence of automated decision making
We do not use automated decision making or profiling.
Provision of our website and creation of log files
- If you use our website for information purposes only (i.e. without registration and without otherwise transmitting information), we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data:
• IP address;
• Internet service provider of the user;
• Date and time of access;
• Browser type;
• Language and browser version;
• Content of the request;
• Time zone;
• Access status/HTTP status code;
• Data volume;
• Websites from which the request originates;
• Operating system.
This data is not stored together with other personal data of yours. - This data serves the purpose of user friendly, functional and secure delivery of our website to you with functions and content as well as its optimization and statistical evaluation.
- The legal basis for this is our legitimate interest in data processing pursuant to Art. 6 para. 1 sentence 1 lit. f) GDPR, which also lies in the purposes stated above.
- For security reasons, we store this data in server log files for a storage period of 180 days. After this period expires, it is automatically deleted, unless we need to retain it for evidentiary purposes in the event of attacks on the server infrastructure or other legal violations.
Cookies
- We only use technically necessary cookies or local storage technologies (for example to maintain your login session). These are strictly required for the operation of the website and therefore do not require consent under applicable law.
- We do not use cookies for marketing, advertising, or third party tracking purposes.
Processing of contracts
- We process master data (e.g. company, title/academic degree, names and addresses as well as contact details of users, email), contract data (e.g. services used, names of contact persons) and payment data (e.g. bank details, payment history) for the purpose of fulfilling our contractual obligations (knowing who the contractual partner is; establishment, content and processing of the contract; checking the plausibility of the data) and support services (e.g. contacting customer service) pursuant to Art. 6 para. 1 sentence 1 lit. b) GDPR. The entries marked as mandatory in online forms are required for the conclusion of the contract.
- Disclosure of this data to third parties generally does not take place, unless it is required to pursue our claims (e.g. transfer to a lawyer for debt collection) or to fulfill the contract (e.g. transfer of data to payment providers) or there is a legal obligation to do so pursuant to Art. 6 para. 1 sentence 1 lit. c) GDPR.
- We may also process the data you provide in order to inform you about other interesting products from our portfolio or to send you emails with technical information.
- The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. This is the case for master and contract data when the data is no longer required for the performance of the contract and no claims can be asserted from the contract because they are time barred (warranty: two years / regular limitation period: three years). We are obliged under commercial and tax law to store your address, payment and order data for a period of ten years. However, upon termination of the contract, we restrict processing after three years, i.e. your data is only used to comply with legal obligations. Information in the user account remains until it is deleted.
Contact by email or phone
- You can contact us by email or phone; you will find the contact details in the legal notice. When you contact us by email or phone, we process the data you provide (e.g. email address, name, your message) to handle your request. The legal basis is Art. 6 para. 1 lit. f GDPR (legitimate interest in answering your request).
Website analysis with Umami
- We use Umami, a privacy friendly analytics tool, to understand how visitors use our website and app. (Service provider: Umami Software Inc.; provided via cloud.umami.is).
- Data categories and description of data processing: Umami does not use cookies and does not collect personal data. It records anonymous page views, referrer information and a general location indication (at country level, derived from the IP address, which is not stored). When a page is accessed, only the path of the visited page is transmitted; language settings, screen sizes or comparable device characteristics are not read (unless you have opted in to optional loading speed tracking, see below).
- Purpose of processing: Anonymous reach measurement and improvement of our web offering.
- Legal bases: Art. 6 para. 1 sentence 1 lit. f) GDPR (legitimate interest in privacy preserving usage analysis without cookies).
- Data transfer/recipient category: Umami Software Inc., USA. Processing takes place via Umami cloud infrastructure.
- You can find out more about Umami privacy practices at umami.is/privacy.
- We do not use Google Analytics, Google AdWords remarketing or advertising or marketing tracking tools. We do not sell your data to third parties and never display advertising.
- You can additionally choose to opt in to sharing anonymous loading speed data (for example how quickly pages load), so we can find and fix slow spots in the app. This feature is off by default and can be changed anytime in Settings. When enabled, this feature reads technical performance data directly from your browser or app.
YouTube videos
- Some pages may contain a link to a YouTube video. These links open the video directly on YouTube in a new tab. We do not embed YouTube videos on our website, and no data is transferred to YouTube as long as you do not follow the link. If you follow the link, the privacy policy of YouTube/Google applies.
Social media presence
- In the footer of our website we link to our Instagram profile. This is a simple external link; visiting our website does not transfer any data to Instagram. Only when you follow the link and visit Instagram does the privacy policy of Instagram/Meta apply.
Rights of the data subject
- Objection or revocation against the processing of your data
Insofar as processing is based on your consent pursuant to Art. 6 para. 1 sentence 1 lit. a), Art. 7 GDPR, you have the right to revoke your consent at any time. The lawfulness of processing carried out on the basis of consent until revocation is not affected thereby.
Insofar as we base the processing of your personal data on the balancing of interests pursuant to Art. 6 para. 1 sentence 1 lit. f) GDPR, you may object to the processing. This is the case in particular if the processing is not necessary for the performance of a contract with you, which we describe in each case in the following description of the functions. When exercising such an objection, we ask you to state the reasons why we should not process your personal data as we have done. In the event of your justified objection, we will examine the situation and either stop or adjust the data processing or show you our compelling legitimate reasons on the basis of which we continue the processing.
You may object to the processing of your personal data for advertising and data analysis purposes at any time. You can exercise the right to object free of charge. You can inform us of your objection to advertising using the following contact details:
Sascha Dumke
Mathildenstraße 6
90489 Nürnberg, Germany
Email address: hi@99darts.com - Right of access
You have the right to request confirmation from us as to whether personal data concerning you is being processed. If this is the case, you have the right to access your personal data stored with us pursuant to Art. 15 GDPR. This includes in particular information about the purposes of processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the origin of your data if it was not collected directly from you. - Right to rectification
You have the right to rectification of incorrect data or completion of correct data pursuant to Art. 16 GDPR. - Right to erasure
You have the right to erasure of your data stored with us pursuant to Art. 17 GDPR, unless statutory or contractual retention periods or other legal obligations or rights to further storage oppose this. - Right to restriction
You have the right to request restriction of the processing of your personal data if one of the conditions in Art. 18 para. 1 lit. a) to d) GDPR is met:
• If you contest the accuracy of the personal data concerning you for a period enabling the controller to verify the accuracy of the personal data;
• the processing is unlawful and you refuse erasure of the personal data and instead request restriction of the use of the personal data;
• the controller no longer needs the personal data for the purposes of processing, but you need it for the establishment, exercise or defense of legal claims, or
• if you have objected to processing pursuant to Art. 21 para. 1 GDPR and it has not yet been determined whether the legitimate reasons of the controller override your reasons. - Right to data portability
You have the right to data portability pursuant to Art. 20 GDPR, which means that you can receive the personal data concerning you stored with us in a structured, commonly used and machine readable format or request transmission to another controller. - Right to lodge a complaint
You have the right to lodge a complaint with a supervisory authority. As a rule, you can contact the supervisory authority in particular in the member state of your place of residence, your place of work or the place of the alleged violation.
Data security
In order to protect all personal data transmitted to us and to ensure that the data protection regulations are complied with by us as well as by our external service providers, we have implemented appropriate technical and organizational security measures. Among other things, all data is transmitted encrypted between your browser and our server via a secure SSL connection.
Last updated: 21 April 2025