Privacy Policy

Before you issue a warning due to possibly missing, incomplete, or insufficiently considered aspects of the GDPR, please consider the words of the EU Commissioner for Justice, Věra Jourová, who was responsible for introducing the regulation. In an interview with ZEIT, she literally said: "It [the GDPR] is about common sense and proportionality. If someone writes you an email and allows you to use their data, then it's clear that they have given their consent. Moreover, the data protection officers do not only sanction but also advise. My prediction is that the authorities will focus on providers that can cause the most damage, those that process the most data."

Furthermore, we would also like to refer to a statement by the German "father" of the GDPR, Jan Philipp Albrecht. He writes in his blog literally: "What will not happen, however, is that […] the supervisory authorities and any warning lawyers will suddenly take a completely different approach against all the small companies, sole traders, clubs, and bloggers." You may rest assured that we will report to both parties in the event of a warning.

Data protection is extremely important to us, and we take your privacy, your right to self-determination on the internet, and above all, your right to sovereignty over your data seriously. We strive to protect your data to the best of our knowledge and belief.

If you have any questions about this, you can best reach us at apparatus.larp@gmail.com.

In the following lines, you will find our actual privacy statement.

Your Rights

One thing is very, very important to us: it's your data. What happens with it is up to you. Nevertheless, as part of the preparation and execution of our events, we must collect a minimum amount of data.

Here are the rights you have:

• According to Art. 15 GDPR, you may request information about the data we process at any time. We must disclose upon your request which data we collect, how and why we process it, who has access to it, and how long (and also why) we store your data. Also, we have to disclose where we got your data from. You can also request that we restrict the processing of your data, and indeed, you are also welcome to ask us more detailed questions, and we will gladly respond.

• According to Art. 16 GDPR, you may demand the immediate correction of incorrect data or completion of your personal data stored with us.

• According to Art. 17 GDPR, you may request the deletion of your data at any time. You don't even have to tell us why you want it from us. We will then do so immediately, unless there is something against it. What could argue against it? On the one hand, the fulfillment of legal obligations, or if there is a public interest in your data, and probably we have a few other loopholes to not have to delete your data. But since we are only a small association and not a large corporation with a huge legal department, we will simply do as you say and completely delete your data.

• According to Art. 18 GDPR, you may demand the restriction of the processing of your personal data. Then your data lies around with us, and you are responsible for its correctness. If there is a legitimate interest on your part not to delete this data (for example, for the assertion, exercise, or defense of legal claims), then we must not do so either but must keep the data.

• According to Art. 20 GDPR, you also have the right to demand the transfer of your data from us, and that in a "machine-readable format", which is official German and means a csv file. Or an equivalent.

• According to Art. 7 para. 3 GDPR, you may, of course, revoke any consent you have given us at any time, and then we must stop doing whatever you previously consented to but now wish to revoke your consent. What a sentence!

• According to Art. 77 GDPR, you can file a complaint with a supervisory authority. In the worst case, this could lead to us having to pay horrendous penalties. But then we deserve it because we have not met the data protection requirements. However, you can also simply seek dialogue with us, our own data protection officer, or with a mediator.

At this point, we would like to thank Hannah Gritsch very much for giving us permission to use her photos on our homepage. Feel free to visit her at: www.hannahgritsch.de or on Instagram: hannahgritsch_larpphotography