Privacy Policy

FaceFocusVR - Henrik Sopart
c/o IP-Management #6498
Ludwig-Erhard-Str. 18
20459 Hamburg
Germany

Email: [email protected]

The data controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.

This website is hosted via Cloudflare Pages and delivered through the Cloudflare CDN. The provider is Cloudflare, Inc., 101 Townsend St, San Francisco, CA 94107, USA.

When you access our website, the following information is automatically collected and stored in server log files:
IP address of the accessing device
Date and time of access
Name and URL of the retrieved file
Browser and operating system used
Referrer URL

This data is processed by Cloudflare as a data processor on our behalf. The legal basis for data processing is Art. 6(1)(f) GDPR. Our legitimate interest lies in the secure and efficient provision of our website.

Cloudflare is certified under the EU-US Data Privacy Framework. Additionally, we have concluded a Data Processing Agreement (DPA v6.3) with Cloudflare that includes the EU Standard Contractual Clauses (SCCs).

More information: https://www.cloudflare.com/cloudflare-customer-dpa/

This website uses technically necessary cookies set by Cloudflare as part of bot protection (Bot Fight Mode):

__cf_bm: Used for bot detection. Duration: 30 minutes after last activity. Contains encrypted bot score data.
cf_clearance: Stores the result of JavaScript detection. Duration: 15 minutes.

These cookies are technically necessary for the secure operation of the website and serve to protect against automated attacks. The legal basis is Section 25(2)(2) TDDDG (strictly necessary cookies) in conjunction with Art. 6(1)(f) GDPR.

Beyond these, this website does not set any cookies of its own.

We use Cloudflare Web Analytics for statistical evaluation of website visits. This service is cookie-free and does not create individual user profiles. Only aggregated performance metrics are collected (page views, Core Web Vitals, load times).

The provider is Cloudflare, Inc., 101 Townsend St, San Francisco, CA 94107, USA.

Cloudflare Web Analytics does not use fingerprinting and does not store personal data. A JavaScript beacon is embedded in the page that transmits anonymized performance data to Cloudflare.

Usage is based on our legitimate interest in analyzing and optimizing our website pursuant to Art. 6(1)(f) GDPR.

If you have not consented, you can decline the collection at any time via our cookie banner.

More information: https://www.cloudflare.com/web-analytics/

We use Cloudflare's email address obfuscation feature to protect email addresses displayed on our website from automated spam harvesting. A small JavaScript is executed in the visitor's browser to decrypt the email addresses. No personal data is collected or transmitted to third parties.

On some pages of our website, we embed YouTube videos. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

We use a privacy-friendly 2-click solution: When the page loads, no data is transmitted to Google. Only when you actively click the play button is a connection established with YouTube servers. The enhanced privacy setting (youtube-nocookie.com) and consent-by-click are used.

After clicking, the following data is transmitted to Google:
IP address
Cookie data (if available)
Device and browser information

The legal basis is Art. 6(1)(a) GDPR (consent by active click). A privacy notice is displayed before playback.

More information on Google's privacy practices: https://policies.google.com/privacy

This website stores the following data locally in your browser:

Theme preference (localStorage): Stores whether you prefer the light or dark design. No personal content.
Tab state (sessionStorage): Stores the currently selected tab on the instructions page. Deleted when the tab is closed. No personal content.

This storage serves exclusively the functionality of the website and is permitted without consent under Section 25(2)(2) TDDDG, as it is strictly necessary for providing the service explicitly requested by the user.

Our website contains links to external websites, particularly to our online store at shop.facefocusvr.com (operated via Shopify). When you click on an external link, you leave our website. The respective operators are responsible for data processing on external websites.

The online store is subject to a separate legal notice and privacy policy:
Legal notice of the store: https://shop.facefocusvr.com/policies/legal-notice
Privacy policy of the store: https://shop.facefocusvr.com/policies/privacy-policy

Other external links lead to Discord, GitHub, and partner websites, among others. We have no influence on data processing by these providers.

This website uses SSL/TLS encryption for security reasons and to protect the transmission of confidential content. You can recognize an encrypted connection by the browser's address bar changing from "http://" to "https://" and the lock icon in your browser bar.

You have the following rights with regard to your personal data:

Right of access (Art. 15 GDPR)
Right to rectification (Art. 16 GDPR)
Right to erasure (Art. 17 GDPR)
Right to restriction of processing (Art. 18 GDPR)
Right to data portability (Art. 20 GDPR)
Right to object to processing (Art. 21 GDPR)

To exercise your rights, please contact: [email protected]

If you believe that the processing of your personal data violates the GDPR, you have the right to lodge a complaint with a data protection supervisory authority.

The supervisory authority responsible for us is:

Landesbeauftragte fuer Datenschutz und Informationsfreiheit Nordrhein-Westfalen (LDI NRW)
Kavalleriestrasse 2-4
40213 Duesseldorf
https://www.ldi.nrw.de

We reserve the right to update this privacy policy to ensure it always complies with current legal requirements or to implement changes to our services in the privacy policy. The new privacy policy will apply to your next visit.