Does Bo Liao Days process users’ personal data in accordance with the GDPR?
Yes, we process our users’ data on the basis of the applicable data protection regulations and in particular in accordance with the provisions of the General Data Protection Regulation (GDPR).
We have a data protection management and have implemented technical and organizational measures to ensure data protection. In addition to protection on a technical level, this also includes training for employees and their commitment to data protection, setting up concepts to comply with the rights of those affected, deleting data and taking the principles of data protection into account as early as the development and implementation of our online services.
We are supported and supervised by an external data protection officer.
Which user data is processed?
When users create a user account with us, we store so-called inventory data, such as the names of the users or Facebook IDs and login data. We also save the email addresses in order to identify and inform users. Depending on which of our online services our users use, other data such as profile pictures, text entries, image uploads or places visited may also be included. We also process data relating to the use of our services, such as content accessed, times of use, their duration and technical information, such as browsers or devices used, in order to make our offer user-friendly and secure.
What sources do you get user data from?
We receive the data on the one hand through user input or when users provide us with data via an interface to Facebook with their express consent. Furthermore, data that arise in the course of using our services are processed (so-called usage or metadata, such as functions and content used or information about the users’ devices).
With regard to the acquisition of data from Facebook, we would like to point out that we process this data exclusively in accordance with Facebook’s strict guidelines and are subject to Facebook’s control measures.
For what purposes do you process user data?
On the one hand, we process user data in order to provide them with our online services and to design them according to the needs of the users. Furthermore, we process user data within the framework of the legal requirements for online marketing purposes and to ensure the security of our processing.
To what extent are the behavior of the users and their interests evaluated?
If we evaluate the interests or behavior of users, this is done to tailor our online offers to needs. For example, content or functions are suggested to users that correspond to the content and functions used so far.
We also work with various technological partners who use user data to display ads, for example. In doing so, we ensure that the data of the users is pseudonymized (e.g. does not contain any clear data such as names or email addresses) and that the users have simple rights of revocation. We also conclude special data protection contracts with our partners, in which they undertake to protect user data.
Do you sell data to third parties, possibly for research purposes?
The data of our users belong to the users. We only work with trustworthy partners on the basis of legal permissions and, in particular, do not sell any user data (e.g. names, email addresses) to third parties, especially not for research purposes.
How are users informed about the processing of their data?
Before we collect user data, we inform them of the type, scope and purposes of processing. This is done on the one hand by providing a data protection declaration, which on the one hand provides an overview of the processing and also provides detailed information on the individual processing.
Furthermore, we refer to the processing and the data protection declaration before users transmit data to us via Facebook, for example. Even if we introduce new procedures, such as processing their profile pictures (e.g. to use design filters), we point out to users how they work.
Can users object to the processing and request the deletion of their data?
An objection to the processing is possible at any time. If users terminate their profiles, we delete their data and otherwise provide them with technical options to decide themselves about the deletion of data. In addition, we ensure that the rights of the users are observed and, in particular, that requests for deletion are implemented immediately.
Users can contact us at any time, e.g. via our contact form or via the contact options listed below.