This data protection declaration applies to all domains associated with the maaloo Geocaching and maaloo Outdoor apps. These are maaloo.app, maaloo.net and maaloo.de. It also applies to the app itself.
1. General information on data protection
The protection of your personal data is important to us.
Our website can usually be used without providing personal data. Insofar as personal data (e.g. name, address or email address) is collected on our website, this is always done on a voluntary basis as far as possible. These data will not be passed to third parties without your express consent.
2. Responsible person and contact
Responsible for your personal data is:
Oliver Michel, Neulußheimer Str.70a, 01465 Langebrück, Germany
You can reach us by email: firstname.lastname@example.org
3. Collection of data
3.1. Data collection in the app
The maaloo Geocaching and maaloo Outdoor app can be used without entering personal data.
The GPS position of your device is used:
- to display your position on the map
- to load map tiles matching your position
- to load geolocation related data matching your position from third-party providers (e.g. geocaching.com)
The app uses third-party providers via their interfaces (APIs) to make their services accessible in the app. Access is applied by secure procedures (OAuth) and anonymized tokens, which make it unnecessary for us to collect personal data, as these are not required for technical implementation. The third-party providers protect your personal data, documented in their respective data protection declarations, as mentioned in section 4.
3.2. Data collection on the website
The website can be used without entering personal data.
If you want to write comments to our blog entries, which you do completely voluntarily, your name / pseudonym, email address and your comment text will be recorded. Only your name / pseudonym and the comment text will be published.
For technical reasons, certain data on your device are generally recorded automatically:
- IP address
- Date and time
- Browser / device used
- URL called
This serves the technical provision and stability of the offered services and are therefore legitimate interests (Art. 6 Para. 1 lit. f GDPR).
4. Third party
Our website and its blog function is provided by WordPress.com. WordPress.com fulfills international standards for the protection of your personal data and thus fulfills the requirements under 3.2. mentioned conditions.
We as a partner of geocaching.com use the officially interface (API) to offer you their content in the maaloo Geocaching app.
To connect the app with your geocaching.com account, two-factor authentication (OAuth) is used. The login is carried out via the websites and servers of geocaching.com. After successful login, the app only receives an anonymous access token, which is used for further technical communication in the app with the geocaching.com servers. This will hide your password from the app.
You have stored all personal data that may be displayed or used in the app at geocaching.com, under their data protection conditions.
The app uses content from your geocaching account or displays it because the app wants to offer you a special user experience for geocaching. By using the app, you consent to the use of your content in the app. You can object to the app’s access to your account in the settings of your account on geocaching.com.
Our websites does not interact directly with geocaching.com.
5. Your rights as a data subject
This data protection declaration would like to explain the processing of your personal data to you and takes place within the framework of the applicable laws. The legal situation still gives you the following rights.
- Right to information (Art. 15 GDPR): You have the right to request confirmation from us as to whether we are processing your personal data , as well as information about this personal data and about information regarding the processing (e.g. the processing purposes or the categories of personal data). “Personal data” are defined in the GDPR as all information about an identified or identifiable natural person (“data subject”); An identifiable natural person is a person who can be identified directly or indirectly, in particular by means of assignment to an identifier such as a name, an identification number, location data, an online identifier or to one or more characteristics that express the physical, physiological, genetic , mental, economic, cultural or social identity of this natural person are
- Right to rectification (Art. 16 GDPR): You have the right to correct your personal data, as far as this is legally permissible.
- Right to deletion (Art. 17 GDPR): You have the right, to request the deletion of your personal data from us, insofar as this is legally permissible. This right can, among other things, be exercised: (i) if your personal data are no longer required for the purposes for which they were collected or otherwise processed; (ii) if you withdraw the consent on which the processing is based on your consent and if there is no other legal reason for the processing; (iii) if you object to the processing that is necessary for our legitimate interests (in accordance with Art. 21 (1) GDPR) and there are no overriding legitimate reasons for the processing or (iv) if your personal data has been processed unlawfully.
- Right to restriction of processing (Art. 18 GDPR): You have the right to request that our processing be restricted under certain circumstances, including : if the accuracy of your personal data is disputed; if the processing is unlawful and you reject the deletion of your personal data and instead request that the use of your personal data be restricted; and, if you have objected to the processing that is necessary for our legitimate interests (in accordance with Art. 21 (1) GDPR), as long as it has not yet been determined whether our legitimate reasons outweigh your reasons.
- Right to data portability (Art. 20 GDPR): You have the right to receive the personal data you have provided in a structured, commonly used and machine-readable format, and you have the right to transfer this information to another person responsible, including direct transfer, as far as this is technically possible.
- Right of objection (Art. 21 GDPR): You have the right to object to the processing of your personal data, insofar as this is legally permissible. This right is limited to the processing that is necessary for the performance of a task in the public interest or in the exercise of the public authority delegated to the person responsible, which is necessary for the purposes of our legitimate interests (Art. 6 Para. 1 lit. e) or f) GDPR)
If you need help or would like to exercise one of the rights mentioned above, please use the contact options mentioned under 2.