Privacy Policy

LEONINE Holding GmbH takes the protection of personal data very seriously. In the following, we describe which data we collect, process and use within the scope of our website, when and for which purposes.

The responsible party pursuant to Article 4 (7) of the European General Data Protection Regulation (GDPR) is LEONINE Holding GmbH, Taunusstr. 21, 80807 Munich, Germany. You can reach us at any time via the contact methods listed in the imprint, e.g. by mail or e-mail at info@leoninestudios.com.

You can reach our data protection officer at any time with concerns about data protection, e.g. by e-mail to datenschutz@leoninestudios.com or at our postal address with the addition of “the data protection officer”.

You have the following rights with respect to the personal data concerning you:

• Right of access (Art. 15 GDPR),
• Right to rectification (Art. 16 GDPR),
• Right to erasure (Art. 17 DSGVO; “right to be forgotten”),
• Right to restriction of processing (Art. 18 GDPR),
• Right to object to processing (Art. 21 GDPR),
• Right to data portability (Art. 20 GDPR).

You also have the right to lodge a complaint about our processing of your personal data with a data protection supervisory authority in the Member State of your residence, workplace or the place of the alleged infringement if you consider that the processing of personal data relating to you is carried out unlawfully.

Insofar as you have given us consent to process your data, you may revoke this consent at any time with effect for the future. The legality of the processing of your data until the revocation remains unaffected.

To assert your rights or for other data protection concerns, you can contact us at any time via the contact channels listed in section 1 above and/or in our imprint.

We would also like to point out that if your personal data is processed on the basis of legitimate interest within the framework of the balance of interests pursuant to Art. 6 para.1 sentence 1 f) DSGVO and/or your personal data is processed for direct marketing purposes, you have the right to object to the processing of your personal data at any time.

We collect and process personal data from you in the course of using the services offered on our website in the following cases: Online applications.

A. ONLINE APPLICATIONS

Through the online link provided under the Careers section, you can fill out online the application form provided on the site.

If you use this function, your personal data will be processed exclusively for the purpose of carrying out the application process. We process the information that we receive from you as part of the application process, e.g. your letter of application, resume, references, information on your education and work experience, as well as correspondence and other correspondence with you as part of the application process. Your information will be treated as strictly confidential and will be encrypted during electronic transmission. The legal basis for the aforementioned processing as part of the application process is Section 26 of the German Federal Data Protection Act (processing as part of the decision on the establishment of an employment relationship).

As a rule, we do not require any special categories of personal data within the meaning of Art. 9 DS-GVO, such as health data, for the application process. If such information is exceptionally relevant for the application process (e.g. in the case of a severe disability so that we can fulfill our legal obligations under labor and social law), we process it together with the other data you provide. The legal basis for data processing in this case is Art. 9 (2) lit. b DS-GVO in conjunction with. Section 26 (3) BDSG.

If you are not considered in the application process, your data and application documents will be deleted within 90 days of the conclusion of the application process, unless you have given us your express consent in the application process to continue to store your data and application documents, e.g. for consideration of you for a future position. If your application is successful, the documents and information provided will become part of your personnel file and will be stored and processed for the purpose of implementing and terminating the employment relationship.

B. OBLIGATION TO PROVIDE PERSONAL DATA

If you wish to use the services offered, you must provide the personal data required for the respective service. If you do not provide us with this data, it is not possible for us to provide you with the requested service.

C. NON-EXISTENCE OF AUTOMATED DECISION MAKING

We would like to point out that in the course of using our website and the services offered on it, you will not be subject to any decision based solely on automated processing – including profiling – which produces legal effects vis-à-vis you or similarly significantly affects you.

Your personal data will only be disclosed or transferred to third parties by us if this is necessary for the performance of the contract with you, if there is a legitimate interest on our part, if you have given your consent and/or if we are obliged to do so by law or by official or court order. Your personal data will be transmitted by us to third parties in the cases and for the purposes described below.

The newsletter is sent using “MailChimp”, a newsletter sending platform of the US provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA.

The email addresses of our newsletter recipients, as well as their other data described in the context of these notes, are stored on the servers of MailChimp in the USA. MailChimp uses this information to send and evaluate the newsletter on our behalf. Furthermore, according to its own information, MailChimp may use this data to optimize or improve its own services, e.g. to technically optimize the dispatch and display of the newsletters or for economic purposes to determine from which countries the recipients come. However, MailChimp does not use the data of our newsletter recipients to write to them itself or to pass them on to third parties.

You can find the privacy policy of MailChimp here: https://mailchimp.com/legal/privacy

The newsletters contain a so-called “web beacon”, i.e. a pixel-sized file that is retrieved from the MailChimp server when the newsletter is opened. As part of this retrieval, technical information, such as information about the browser and your system, as well as your IP address and time of retrieval are collected. This information is used for the technical improvement of the services based on the technical data or the target groups and their reading behavior based on their retrieval locations (which can be determined with the help of the IP address) or the access times.

The statistical surveys also include determining whether the newsletters are opened, when they are opened and which links are clicked. For technical reasons, this information can be assigned to individual newsletter recipients. However, it is neither our endeavor nor that of MailChimp to observe individual users. The evaluations serve us much more to recognize the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users.

With the purpose of disseminating music and dance in audiovisual media, we cooperate with the IMZ International Music+Media Centre (Stiftgasse 29, A-1070 Vienna).  In this context, the social media channels Facebook, Twitter, Google/Youtube, Instagram, Pinterest and LinkedIn are also used. For more information, please see the IMZ privacy policy (https://www.imz.at/fileadmin/IMZ/documents/Data_Protection_Information_20180822.pdf).

In addition, we use service providers who provide services for us in connection with web hosting and also use cloud- or web-based software solutions from third parties that enable us to manage and host personal data in the cloud with external service providers in order to relieve the load on our own servers and to work effectively with new software solutions. In this context, we have concluded order processing agreements with the respective service providers, which ensure that the respective service providers do not process the data for their own purposes, but only within the scope of our instructions and on our behalf. The legal basis for the use of the service providers is Art. 6 para. 1 p. 1 lit. f) DSGVO (processing is necessary to protect the legitimate interests of the controller) in conjunction with Art. 28 DSGVO (order processing).

Some of the service providers we use, who process personal data for us on our behalf and within the scope of our instructions as so-called processors pursuant to Article 28 of the GDPR, are located outside the EU/EEA. Before transferring data to processors outside the EU/EEA, we ensure that the processor has an adequate level of data protection. This results, for example, for processors in countries such as Canada and Israel from an adequacy decision of the EU Commission (so-called safe third countries), for processors in the USA from self-certification in accordance with the EU-US Privacy Shield and for other processors by concluding the EU standard contractual clauses before the start of processing by the respective processor.

Even without a specific request, we will of course comply with our obligations to delete personal data (e.g. in accordance with Art. 17 DSGVO) and therefore only store data for as long as is necessary to provide the requested service or for the respective purpose.

For example, we store the data related to the sending of our newsletter only as long as you are subscribed to the newsletter and the data is deleted by us as soon as the storage is no longer necessary, e.g. after you have unsubscribed from the newsletter or revoked your consent.

We will store your personal data in connection with the registration and use of the non-public area for as long as you remain registered for the non-public area and your personal data will be deleted again when you delete your account and/or the user agreement with you ends or is terminated.

Please note, however, that the deletion will be replaced by a blocking or restriction of processing insofar as deletion conflicts with legal retention obligations that we must fulfill. For example, according to legal regulations, we must retain contract-related communications with you for a period of up to ten years.

In the case of merely informational use of our website, i.e. if you do not use one of our services offered on the website (see section 4 above), we only collect the data that your browser transmits to our server. For the use of cookies on our website, please see the separate information below in section 8.

Every time you use the Internet, your Internet browser automatically transmits certain information that is stored by us in so-called log files. This is the following data, which is necessary to display our website to you and to ensure stability and security: IP address (Internet Protocol address), date and time of the request, content of the request (specific page), access status/HTTP status code, amount of data transferred in each case, website from which the request comes, browser, operating system and its interface, language and version of the browser software. It is not possible for us to draw conclusions about individual persons on the basis of this data.

We store this data for a short time for reasons of technical security, e.g. to defend against attacks on our web servers. After seven days at the latest, the data is anonymized by shortening the IP address at domain level, so that it is no longer possible to establish a link to the individual website user. The legal basis for the aforementioned processing is Art. 6 para. 1 p. 1 lit. f) DSGVO (processing is necessary to protect the legitimate interests of the controller).

• Cookies and similar technologies are used for the following purposes:
• For the user-friendly design of the navigation and use of our website, in particular by storing user preferences (such as search or language settings) and user input (such as during registration). These cookies are mandatory in order to provide you with our offer.
• For the identification and authentication of our users (e.g. in the context of offers on our website that require registration). These cookies are also absolutely necessary for the provision of our offer.
• To display and play out video content integrated on our website.
• For statistical evaluation and analysis of the usage behavior (e.g. visited (sub)pages, dwell time, etc.) of our users (so-called web analytics cookies). With the knowledge gained, we can continuously optimize and improve our website.
• To measure and evaluate the effectiveness and success of advertising/ads (so-called advertising cookies).
• To display advertising tailored to your interests inside and outside our website by analyzing and recording your usage behavior in usage profiles, e.g. advertising banners clicked and how often an advertisement was played to you (so-called usage-based or interest-based advertising).
• For the proper accounting of commissions/remuneration towards online shops/platforms if you purchase an item advertised on our website via iTunes, GooglePlay or Amazon (so-called affiliate links/partner programs).
• To enable user interaction with social networks/platforms (so-called social plug-ins).

The cookies, pixels and similar technologies we use do not store any personal data about you, but rather, depending on the cookie or pixel used, purely pseudonymous or anonymous usage data that cannot be assigned to your person.

The legal basis for the use of cookies and similar technologies on our website for the aforementioned purposes is Art. 6 (1) p. 1 lit. f) DSGVO (processing is necessary to protect the legitimate interests of the controller).

C. WHICH COOKIES ARE SET WHEN VISITING OUR WEBSITE?

AA. TYPES OF COOKIES

• Session cookies: Session cookies are only stored on your computer or terminal device during your visit to our website and are automatically deleted after you leave our website. Session cookies are used, among other things, for the purpose of recognizing the user during the visit. Session cookies also serve to maintain security when visiting our website.
• Permanent cookies: Permanent cookies remain stored on your computer or terminal device until their preset “lifetime” expires or until you delete them from your browser on your own. Permanent cookies are primarily used for the purposes of web analytics, to display interest-based advertising and to analyze and evaluate the effectiveness of advertising. The permanent first-party cookies we use (see below) have a lifespan of one or more days up to months or years, whereby the cookies we set generally have a maximum lifespan of approximately two years and are then automatically deleted from your computer or terminal device.
• First-party cookies and third-party cookies: Whether a cookie is a first- or third-party cookie depends on the domain from which a cookie is set on your computer or terminal device. First-party cookies are cookies that are set by the website that you see in the address bar of your web browser. Third-party cookies, on the other hand, are cookies that are set by a domain other than the one that the visitor is currently visiting.

BB. COOKIES, PIXELS AND SIMILAR TECHNOLOGIES USED

Below you will find information on the individual first- and third-party cookies and tools used by us and by third parties on our website for these purposes. Under each tool used, you will also find information on how you can object to the use of cookies and similar technologies for web analysis and advertising purposes (so-called “opt-out”). General information on deleting cookies can also be found below in section 8 d.

– ADFORM:

To analyze the effectiveness/efficiency of so-called “clickouts”, e.g. how many people have clicked on a trailer link or a “buy movie ticket” link on our website, we use the technology AdForm from the provider Adform ApS, Wildersgarde 10B, 1, 1408 Copenhagen, Denmark. Cookies are set on your terminal device for this purpose. Your IP address is shortened before processing.

You can prevent an Adform cookie from being stored on your device by clicking on the “Opt-Out” button provided at https://site.adform.com/datenschutz-opt-out/. In this case, the cookie will be deleted and an anonymous cookie will be set. Please note that cookies are different on each browser and device, so the “Opt-Out” refers only to the browser and device you use to opt-out.

– AFFILIATE PARTNER PROGRAMS AMAZON, ITUNES AND GOOGLE PLAY:

We participate in affiliate programs of the online shops/platforms Amazon, iTunes (Apple) and Google Play. If you click on the respective embedded link to the Amazon Shop, the iTunes Store or the Google Play Store on our website, e.g. when viewing a DVD/BluRay or digital publication (so-called affiliate links) and purchase the respective physical/digital product, we receive a commission from the respective provider Amazon, iTunes or Google Play.

In order to be able to allocate from which page exactly you have clicked on the relevant affiliate link (to track the origin of the order) and for proper accounting of the affiliate remuneration, Amazon, iTunes and Google use cookies. We do not receive any personal data from you from Amazon, iTunes or Google, but only information about the orders placed/amount of commissions, without names/addresses etc. of the orderers.

– FACEBOOK WEBSITE CUSTOM AUDIENCE:

Our website uses the retargeting technology “Website Custom Audience” of the social network Facebook, which enables us to show our website visitors who are already interested in our website and content and are Facebook members relevant advertising/content on Facebook via the Facebook ad network. For this purpose, so-called Facebook retargeting pixels are integrated on our websites. We do not receive any personal data from Facebook, but only statistical evaluations of the advertisements/content played on Facebook.

You can object to the collection of data by Facebook Website Custom Audience for the future via https://www.facebook.com/settings/?tab=ads.

– GOOGLE ADSENSE:

To display and evaluate advertising based on your interests within the Google display network, we also use the Google Adsense service of the provider Google (Google Inc.). We do not receive any information/data about your person from Google, but only aggregated statistics on the advertising played via Google Adsense.

You can deactivate Google’s interest-based ads in your browser by clicking on the “deactivate” link in the “deactivation settings” subsection at http://www.google.de/settings/ads or -if you use the Google Chrome, Firefox or Internet Explorer browser- by deactivating the DoubleClick cookie by installing the extension for your browser offered on http://www.google.de/settings/ads.

– GOOGLE ANALYTICS:

We use Google Analytics to analyze the use of our website. Cookies are set for this purpose. On our behalf, Google evaluates your use of the website in order to compile reports on website activities and to provide further services to the website operator related to website and internet use. We would like to point out that on our website Google Analytics has been extended by the code “gat._anonymizeIp();” to ensure anonymized collection of IP addresses (so-called IP masking).

You can object to the processing of your data at any time by downloading and installing the browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de.

– GOOGLE ANALYTICS REMARKETING:

Our websites use retargeting technologies from Google. The provider is Google Inc. 1600 Amphitheatre Parkway Mountain View, CA 94043, USA.

This makes it possible to target visitors to our websites with personalized, interest-based advertising. The advertising is displayed on the basis of a cookie-based analysis of previous usage and surfing behavior. To the best of our knowledge, no personal data is stored in the process. A cookie is stored for this purpose in order to collect anonymized data about the interests of users and thus to customize advertising to this information. These cookies are small text files that are stored on your computer or mobile device.

You can permanently object to the use of cookies for retargeting by deactivating interest-based advertising by Google here: https://www.google.com/settings/ads/onweb/

For more information and the privacy policy, please see Google’s privacy policy at http://www.google.com/policies/technologies/ads/ and https://www.google.de/intl/de/policies/privacy.

– GOOGLE DOUBLECLICK (INCL. SAFEFRAME AND PUBLISHER TAGS)

Via the service/platform DoubleClick of the provider Google Inc. (Google), advertising based on your interests is delivered, processed, controlled and optimized by advertisers on publisher websites. Cookies are set for this purpose. As part of the use of DoubleClick, we also use the functionalities Google Publisher Tags, whereby the targeting can be optimally adapted to the content of the website, and Google SafeFrame to optimize the delivery of advertising.

You can deactivate Google’s interest-based ads in your browser by clicking on the “deactivate” link in the “deactivation settings” subsection at http://www.google.de/settings/ads or -if you use the Google Chrome, Firefox or Internet Explorer browser- by deactivating the DoubleClick cookie by installing the extension for your browser offered on http://www.google.de/settings/ads.

– SOCIAL PLUG-INS

In order to give our website visitors the opportunity to interact with social networks/platforms (e.g. through share, like buttons, etc.) and to make our offer more interesting and user-friendly for you (by displaying our news feed on our website, we use so-called social plug-ins of the following social networks/platforms:

• Facebook (Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland; privacy information: https://www.facebook.com/privacy/explanation)
• Instagram (Instagram Inc., 181 South Park Street, Suite 2, San Francisco, CA 94107, USA; information on data protection: https://help.instagram.com/519522125107875)
• LinkedIn (LinkedIn Ireland, Wilton Plaza/Wilton Place, Dublin 2, Ireland, privacy information: https://www.linkedin.com/legal/privacy-policy?trk=uno-reg-guest-home-privacy-policy)
• YouTube (YouTube LLC, 901 Cherry Ave. San Bruno, CA 94066; privacy information: https://policies.google.com/privacy?hl=de)
• Twitter (Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA; information on data protection: https://twitter.com/de/privacy)
• Snapchat (Snapchat Inc., 63 Market Street, Venice, California 90291, USA.; privacy information: https://www.snapchat.com/l/de-de/privacy)
• Pinterest (S Pinterest Inc., 808 Brannan Street, San Francisco, CA 94103, USA; privacy information: https://about.pinterest.com/de/privacy-policy)
• Tumblr (Tumblr, Inc., 35 East 21st St, 10th Floor, New York, NY 10010, USA; privacy information: https://www.tumblr.com/privacy/de)

We would like to point out that calling up our website leads to a connection being established with the above-mentioned social networks/platforms and that these receive, among other things, the information that the user has called up the corresponding sub-page of our website. If you interact with one of the integrated plug-ins, e.g. click on it and are logged into the respective social network/platform, your data may be directly assigned to your user account existing with the respective social network/platform.

We have no influence on the data and data processing operations collected by the social networks/platforms, nor are we aware of the full extent of the data collection, the purposes of the processing or the storage periods of the social networks/platforms. We also have no information on the deletion of the collected data.

We recommend that you inform yourself about the types of data covered by this, as well as the purpose and scope of the data collection and the further processing and use of the data by the social networks/platforms, as well as your rights in this regard and setting options for protecting your privacy, by reading the privacy notices linked above.

You can prevent the loading of the plug-ins and thus the collection of data by installing add-ons (so-called browser extensions) / script blockers in your browser.

– YOUTUBE (INTEGRATION OF YOUTUBE VIDEOS)

On our website we have embedded YouTube videos that are stored on www.YouTube.com and can be played directly from our website. These are embedded in “extended data protection mode”, i.e. no cookies are set by YouTube if you do not play the videos. Only when you play the videos will the data mentioned in the following paragraph be transferred. We embed YouTube videos on our website to make the use of our website as user-friendly as possible by allowing you to watch videos without having to leave our website. Even if videos have been embedded in a website in “extended data protection mode”, however, we would like to point out that calling up the website leads to a connection being established with YouTube and YouTube receives the information that the user has called up the corresponding sub-page of our website. We would also like to point out that when you play the video, YouTube stores your data as usage profiles and uses them for the purposes of advertising, market research and/or the design of YouTube’s website to meet your needs. You have the right to object to the creation of these user profiles, whereby you must contact YouTube to exercise this right.

For more information on the purpose and scope of data collection and processing by YouTube, please refer to Google’s privacy policy. There you will also find further information about your rights and settings options to protect your privacy: https://www.google.de/intl/de/policies/privacy.

– FACEBOOK

Plug-ins of the social network Facebook, provider Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA, are integrated on our websites.

You can recognize the Facebook plug-ins by the Facebook logo or the “Like button” (“Like”) on our page. You can find an overview of the Facebook plug-ins here: http://developers.facebook.com/docs/plugins/

When you visit our websites, a direct connection between your browser and the Facebook server is established via the plug-in. Facebook thereby receives the information that you have visited our site with your IP address. If you click the Facebook “Like” button while logged into your Facebook account, you can link the content of our pages on your Facebook profile. This allows Facebook to associate the visit to our pages with your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Facebook. For more information, please refer to Facebook’s privacy policy at http://de-de.facebook.com/policy.php.

If you do not want Facebook to be able to associate your visit to our pages with your Facebook user account, please log out of your Facebook user account.

– TWITTER

Functions of the Twitter service are integrated on our websites. By using Twitter and the “Re-Tweet” function, the websites you visit are linked to your Twitter account and made known to other users. In the process, data is also transferred to Twitter. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Twitter. For more information, please refer to the privacy policy of Twitter at https://twitter.com/de/privacy.

– INSTAGRAM

Functions of the Instagram service are integrated on our websites. These functions are offered by Instagram Inc., 1601 Willow Road, Menlo Park, CA 94025, USA.

If you are logged into your Instagram account, you can link the content of our pages to your Instagram profile by clicking on the Instagram button. This allows Instagram to associate the visit to our pages with your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Instagram.

For more information, please see Instagram’s privacy policy at https://help.instagram.com/155833707900388

– SNAPCHAT

Functions of the Snapchat service are integrated on our websites. These functions are offered by Snapchat Inc., 63 Market Street, Venice, California 90291, USA.

If you are logged into your Snapchat account, you can link the content of our pages to your Snapchat profile by clicking on the Snapchat button. This allows Snapchat to associate the visit to our pages with your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Snapchat.

For more information, please see Snapchat’s privacy policy at https://www.snapchat.com/l/de-de/privacy

– PINTEREST

Functions of the Pinterest service are integrated on our websites. These functions are offered by Pinterest Inc., 808 Brannan Street, San Francisco, CA 94103, USA.

If you are logged into your Pinterest account, you can link the content of our pages to your Pinterest profile by clicking on the Pinterest button. This allows Pinterest to assign the visit to our pages to your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Pinterest.

For more information, please see Pinterest’s privacy policy at https://about.pinterest.com/de/privacy-policy

– TUMBLR

Our websites use buttons of the Tumblr service. The provider is Tumblr, Inc., 35 East 21st St, 10th Floor, New York, NY 10010, USA.

These buttons allow you to share a post or page on Tumblr or follow the provider on Tumblr. When you visit one of our websites with a Tumblr button, the browser establishes a direct connection with Tumblr’s servers. We have no influence on the scope of the data that Tumblr collects and transmits with the help of this plug-in. According to the current status, the IP address of the user and the URL of the respective website are transmitted.

For more information, see Tumblr’s privacy policy at https://www.tumblr.com/privacy/de

D. DELETING COOKIES / BROWSER SETTINGS

If you do not want websites to place cookies on your computer or mobile device, you can set your web browser to notify you before a cookie is placed.

You can also set your web browser to reject all cookies or only third-party cookies. You can also delete cookies that have already been set at any time via your web browser settings.

In addition, you may disable or enable your preferences related to usage/interest-based advertising for many third-party vendors that manage usage data on behalf of website operators for the purpose of displaying and analyzing interest-based advertising under the following platform: http://www.youronlinechoices.com/de/praferenzmanagement/.

1. SUPPLEMENTARY INFORMATION ON DATA PROCESSING IN THE CONTEXT OF OUR PRESENCE ON SOCIAL MEDIA PLATFORMS

We maintain so-called fan pages or accounts (film-specific and company pages) on the social networks Facebook (facebook.com) and Instagram (instagram.com) in order to also provide you with information within social networks and to offer you further ways of contacting us and finding out about us. Furthermore, we organize competitions on the fan pages or accounts.

In the following, we inform you about which data we or the respective social network process from you in connection with the call and use of our fan pages/accounts.

A) DATA WE PROCESS FROM YOU

AA) PARTICIPATION IN COMPETITIONS/CAMPAIGNS

If you have a user account with the respective social network and would like to participate, for example, on Facebook or Instagram in a contest organized by us or a similar action and/or contact us via the offered messenger functionalities, we collect the data from you that are necessary for the participation and implementation of the contest, including the notification of the prize and its dispatch. This is usually the user name of the participant, from the winners additionally after sending the prize notification the query of the full name and address and if necessary the email address. The legal basis is Art. 6 para. 1 sentence 1 b) DSGVO (processing is necessary for the fulfillment of a contract-like relationship with the data subject).

In order to participate in a sweepstakes, it is necessary to provide the above data. If you do not provide us with this data, you will not be able to participate in the sweepstakes and, if you win, we will not be able to send you the prize.

Your data will be stored and processed exclusively in connection with the implementation of the competition and the determination of the prize. All data of the participants -with the exception of the data of the winner(s)- will be stored for a period of three months after the end of the competition in order to be able to clarify any queries of the participants) and then deleted. The data of the winner(s) (first and last name, address, etc.) will be stored for a period of two years to clarify any questions regarding the prize or the prize processing and then deleted. Participants’ address data will only be used to send the prize and will be deleted after the prizes have been sent. If you participate in a sweepstakes organized on one of our social media presences, which we organize in cooperation with a sweepstakes partner who, for example, provides the prizes for the sweepstakes in question and have been drawn as a winner, the respective sweepstakes partner will receive your first and last name and address for the purpose of sending the respective prize by the sweepstakes partner to the respective winner. The legal basis for the transmission is Art. 6 para. 1 p. 1 lit. b) DSGVO (processing is necessary for the fulfillment of a contractual relationship). In the context of participation in our sweepstakes, you are not subject to automated decision-making including profiling.

BB. CONTACT VIA MESSENGER/ DIRECT MESSAGE

If you wish to contact us via Messenger or via Direct Message via the respective social network, we generally process your user name via which you contact us and, if applicable, store further data provided by you, insofar as this is necessary to process/respond to your request. The legal basis is Art. 6 para. 1 sentence 1 f) DSGVO (processing is necessary to protect the legitimate interests of the controller).

B. (STATISTICAL) USAGE DATA WE RECEIVE FROM THE SOCIAL NETWORKS

In the case of Facebook and Instagram, we receive automated statistics from Facebook and Instagram regarding our fan pages/accounts via the Facebook Insights and Instagram Insights functionalities. The statistics include, among other things, the total number of page views, likes, information on page activities and post interactions, reach, video views and information on the proportion of men/women among our fans/followers.

The statistics only contain aggregated data that cannot be related to individual persons. You are not identifiable to us through this.

C. WHAT DATA THE SOCIAL NETWORKS PROCESS FROM YOU

In order to view the content of our fan pages or accounts, you do not have to be a member of the respective social network and, in this respect, no user account for the respective social network is required.

Please note, however, that the social networks also collect and store data from website visitors without a user account when the respective social network is called up (e.g. technical data in order to be able to display the website to you) and use cookies and similar technologies, over which we have no control. For details, please refer to the privacy policy of the respective social network (see the corresponding links at the bottom of this section).

Insofar as you wish to interact with the content on our fan pages/accounts, e.g. comment on, share or like our postings/contributions and/or participate in competitions or similar campaigns organized by us on the fan pages/accounts and/or contact us via messenger functions, prior registration with the respective social network and the provision of personal data is required. We have no influence on the data processing by the social networks within the scope of their use by you. To our knowledge, your data is stored and processed in particular in connection with the provision of the services of the respective social network, as well as for the analysis of user behavior (using cookies, pixels/web beacons and similar technologies), on the basis of which advertising based on your interests is played both within and outside the respective social network. It cannot be ruled out that your data will be stored by the social networks outside the EU/EEA and passed on to third parties. Information on, among other things, the exact scope and purposes of the processing of your personal data, the storage period/deletion as well as guidelines on the use of cookies and similar technologies in the context of registration and use of the social networks can be found in the privacy policy/cookie policy of the social networks. There you will also find information on your rights and objection options:

• Facebook: https://www.facebook.com/privacy/explanation and https://www.facebook.com/policies/cookies/
• Instagram: https://help.instagram.com/519522125107875 and https://www.facebook.com/policies/cookies/

OBJECTION ADVERTISING EMAILS:

The use of contact data published within the framework of the imprint obligation to send advertising and information materials not expressly requested is hereby prohibited. The operators of the pages expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as spam e-mails.

PRIVACY POLICY SCREENING ROOM

Last updated: 12.09.2021

This statement explains what personal data we collect and/or process (which may include collecting, organizing, structuring, storing, using or disclosing) in order to provide services related to the use of our Screening Room, which is offered directly by LEONINE Holding GmbH (“LEONINE”).

What personal data do we receive?

Personal data is any information from or about an identified or identifiable individual, including information that LEONINE can link to an individual. When you use or interact with LEONINE products, we may collect or process the following categories of personal data on behalf of our customers:

• Profile and Participant Information: Information associated with the profile of a user using the LEONINE Screening Room or provided by a user, such as name, address, email address, phone number, job information, specified location, user ID, or other information provided by the user, as well as consent to receive a newsletter.
• Contacts and calendar integrations: Contact information added by users to create contact lists.
• Settings: Information associated with account or user profile preferences and settings, such as audio and video settings, file recording location, screen sharing settings, and other settings and configuration information.
• Registration Information: Information that individuals provide when registering for a screening, such as name and contact information, answers to registration questions, and other registration information requested by the host.
• Device Information: Information about the computers, phones, and other devices that people use when interacting with the Screening Room, such as speaker, microphone, camera, operating system version, hard drive ID, PC name, MAC address, IP address (which can be used to generally infer location at the city or country level), browser type, device attributes (such as operating system version and battery level), Wi-Fi information, and other device information (such as Bluetooth signals).
• Screening Content and Context: content generated during screenings hosted on LEONINE, such as audio, video, in-event messages, chat message content, transcripts, written feedback, survey responses and Q&A, files, and associated context, such as invitation details, screening name.
• Product and website usage: information about how people and their devices interact with LEONINE, such as: when and via which ISP or website (referrer) participants join and leave a screening; what content was used, how often and for how long; the respective list of favorites; whether participants sent messages and who they exchanged messages with; performance data; and with which website (referrer) attendees join and leave a screening; what content was used, how often, and for how long; their respective favorites list; whether attendees sent messages and with whom they exchanged messages; performance data; mouse movements, clicks, keystrokes, or actions (such as mute/unmute or video on/off); and other user input that helps LEONINE understand feature usage, improve product design, and suggest features; what third-party apps users add to a meeting or other product and what information the app is allowed to access and perform actions on; features used (such as screen sharing, emojis or filters) and other usage information and metrics. This also includes information about when and how people visit and interact with LEONINE’s websites, including the pages they viewed, their interaction with website features.
• Communications with LEONINE: Information about your communications with LEONINE, including in connection with support issues and other inquiries.

How do we use personal data?

LEONINE uses personal information for the following activities:

• Provision of the Screening Room: To provide the Screening Room to users, including to customize features and recommendations. This may also include the use of personal data for support, which may include access to audio and video, files and messages at the user’s direction. We also use Personal Data to manage our relationship with the User, including to comply with contractual obligations and related administrative activities.
• Marketing and Promotions: To market, advertise and promote LEONINE products, including marketing products based on your use of the products or information we receive from external partners. When you visit our websites, we may record information about how and when you visit and interact with them. We may use this information to send you advertisements related to LEONINE products, or to engage outside marketing partners to log your interactions on our website or provide advertisements to you.
• Authentication, Integrity and Security: To authenticate activities, detect malicious, harmful, unauthorized or illegal behavior or unsafe experiences, remediate security threats, protect public safety and secure LEONINE products.
• Communicating with You: We use personal information (including contact information) to communicate with you about our products, including about product updates, your account, and changes to our policies and terms. We also use your information to respond to you when you contact us.
• Legal Reasons: To comply with applicable laws or to respond to a valid legal order, including by law enforcement or other authorities; to investigate or assist in investigating the facts of legal proceedings, disputes or other contested legal proceedings; and to investigate potential violations of our Terms of Use or policies and enforce our rights.

How do we share personal information?

LEONINE will only disclose personal information to third parties with your consent or in any of the following circumstances (subject to your prior consent where required by applicable law):

• Provider: LEONINE works with third party hosters and service providers (Amazon and Express Play) to provide, support and improve its technical infrastructure. These providers may access personal data subject to contractual and technical requirements to protect personal data. They may only use this personal data for the provision of services to LEONINE or as required by law.
• For legal reasons: LEONINE may disclose personal information when necessary to: (1) comply with applicable laws or cooperate with, respond to, or investigate valid legal process and process, including by law enforcement or other authorities; (2) enforce or investigate its rights regarding potential violations of its Terms of Use or policies; (3) detect, prevent, or investigate potential fraud, abuse, or security concerns, including threats to public safety; (4) fulfill our corporate and social responsibility obligations; (5) protect our rights and the property of our customers; and (6) resolve disputes and enforce contracts.
• Affiliated Companies: LEONINE shares personal information with affiliated companies to provide integrated and consistent experiences across all LEONINE products and to detect, investigate and prevent fraud, abuse and public safety threats.
• Change of Control: We may disclose Personal Information to actual or potential acquirers, their representatives and other relevant participants in or during negotiations for a sale, merger, acquisition, reorganization or change of control involving all or a portion of LEONINE’s business or assets, including in connection with bankruptcy or similar proceedings.

Data protection rights and choices

If you are located in the European Economic Area (EEA), Switzerland or the United Kingdom, or are a California resident, please see the relevant sections below. Otherwise, we will at your request and in accordance with the law:

• Inform you about what personal data we have about you that is under our control;
• amend or correct the personal data or any privacy settings previously selected by you or direct you to the appropriate tools; and/or
• delete this personal data or direct you to the appropriate tools.

To exercise your rights with respect to personal information controlled by LEONINE, or if you have other questions about our use of your personal information, please send a request to datenschutz@leoninestudios.com. Please identify yourself and provide your user information and other information so that we can authenticate and respond to your request. To the extent permitted by law, we may decline to process unreasonably frequent or systematic requests or requests that require disproportionate technical effort or jeopardize the privacy of others. As an account holder or user of a licensed account, you can also influence your personal data by logging into your account and changing your personal data yourself.

How to reach us

To exercise your rights or if you have any questions or comments about data protection in relation to this privacy policy, please send an email to datenschutz@leoninestudios.com.

You can also contact us in writing at the following address:

The responsible party pursuant to Art. 4 (7) of the European Data Protection Regulation (DSGVO) is LEONINE Holding GmbH, Taunusstr. 21, 80807 Munich, Germany. You can reach us at any time via the contact channels listed in the imprint, e.g. by post or by e-mail to info@leoninestudios.com.

You can reach our data protection officer at any time with concerns about data protection, e.g. by e-mail to datenschutz@leoninestudios.com or at our postal address with the addition of “Attn: Data Protection Officer”.

Storage

We will retain personal information for as long as is necessary for the purposes described in this Privacy Policy unless a longer retention period is required by applicable law.

The criteria used to determine our retention periods include the following:

• The period of time during which we maintain an ongoing business relationship with you and make the Screening Room available to you;
• Whether users modify information or users delete information about their accounts;
• A legal obligation to retain the information (for example, certain laws require us to retain records of your transactions for a certain period of time before we can delete them); or
• Whether retention is advisable with respect to our legal position (e.g., with respect to enforcement of our contracts, resolution of disputes and applicable statutes of limitations, legal proceedings or government investigations).

Information related to data protection in Europe

Rights of data subjects

If you are in the EEA, Switzerland or the UK, your rights in relation to your personal data processed by us as a data controller include in particular:

• Right of access and/or portability: You have the right to access any personal data we hold about you and, in certain circumstances, to have that data made available to you so that you can provide it to another provider or “port” it;
• Right to erasure: In certain circumstances, you have the right to have personal data that we hold about you erased (for example, if it is no longer needed for the purposes for which it was originally collected);
• Right to object to processing: In certain circumstances, you have the right to request that we stop processing your personal data and/or sending you marketing communications;
• Right to rectification: You have the right to request that we rectify inaccurate or incomplete personal data;
• Right to restrict processing: You have the right to request that we restrict the processing of your personal data in certain circumstances (for example, if you believe that the personal data we hold about you is not accurate or is not being held lawfully).

To exercise your rights in relation to the personal data controlled by LEONINE or if you have any other questions about our use of your personal data, please send a request to the address indicated in the “How to contact us” section of this Privacy Policy. Please note that we may ask you for additional information to confirm your identity and to ensure that you are authorized to access the relevant personal data.
You also have the right to lodge a complaint with a data protection authority. For more information, please contact your local data protection authority.

Legal basis for the processing of personal data

We will only use your information lawfully, fairly and in a way that is fair to you. When LEONINE as a data controller processes personal data of individuals in regions such as the EEA, Switzerland and the United Kingdom, we rely on the following legal bases applicable in your jurisdiction, depending on the nature of the personal data and the factual context:

• Where necessary for our contract: If we enter into a contract directly with you, we will process your personal data on the basis of our contract in order to create and enter into the contract and to perform and administer our contract (i.e. providing LEONINE products, features and services to users and those they invite to screenings, and administering our relationship and contract, including compliance with contractual obligations and related administrative matters). If we do not process your personal data for these purposes, we may not be able to provide you with all of our products, features and services;
• In accordance with certain revocable consents: We rely on your previously given consent to use cookies to analyze the use of our website (log-in information, specific World Sales or DACH portal usage, favorites list). You have the right to revoke your consent at any time by visiting our cookie management tool;
• Where necessary to comply with our legal obligations: We process your personal data to comply with the legal obligations to which we are subject, to comply with EEA laws, regulations, codes of practice, guidelines or rules applicable to us, and to respond to requests from and otherwise communicate with relevant offices, governmental and judicial bodies or other EEA regulators. This includes detecting, investigating, preventing and stopping fraudulent, harmful, unauthorized or illegal activities (“Fraud and Abuse Detection”) and complying with data protection laws;
• To protect our fundamental interest as well as the fundamental interest of others: We process certain personal data to protect fundamental interests in order to detect and prevent illegal activities affecting fundamental interests and public safety, including child sexual abuse materials; and
• Where this is necessary for our (or others’) legitimate interests, unless your interests or fundamental rights and freedoms requiring the protection of personal data override those interests: We process your personal data on the basis of these legitimate interests (i) to enter into and perform the contract with the User and/or the Distributor providing the products to you (this includes compliance with contractual obligations and related administration and support); (ii) to develop, test and improve our products and to troubleshoot products and features; (iii) to ensure the authentication, integrity, security and safety of accounts, activities and products, including detecting and preventing malicious behavior and violations of our terms and policies, to prevent or investigate bad or unsafe experiences and to remediate security threats; (iv) to send marketing communications, advertisements and offers in connection with the products; and (v) to comply with any laws, regulations, rules, policies or rules applicable to us outside the EEA and to respond to requests from competent public, governmental, judicial or other regulatory authorities outside the EEA and for other communications to such regulatory authorities and to comply with our corporate and social responsibility obligations to protect our rights and property and those of our customers, resolve disputes and enforce agreements.

International data transmission

LEONINE operates globally, which means that personal data may be transferred, stored (e.g., in a data center) and processed outside the country or region where it was originally collected, where LEONINE or its service providers have customers or facilities.

Regardless of where it is processed, we will protect your personal data in accordance with this Privacy Policy and will take reasonable steps, contractual or otherwise, to protect your personal data in accordance with applicable law. If personal data is transferred from users in the EEA, Switzerland or the UK to a recipient located in a country outside the EEA, Switzerland or the UK whose level of data protection is not considered adequate, we will ensure that the transfer is governed by the European Commission’s standard contractual clauses. Please contact us if you require further information in this regard.

Privacy Rights in California

California Consumer Privacy Act

Under the California Consumer Privacy Act of 2018 (CCPA), California residents may have the following rights:

• Access the categories and specific parts of personal data collected by LEONINE, the categories of sources from which the personal data originated, the business purpose(s) for collecting the personal data, and the categories of third parties with whom LEONINE has shared personal data;
• Deletion of personal data in certain circumstances; and
• Refusal to “sell” personal data. We do not sell your personal information in the traditional sense. However, like many companies, we use advertising services that attempt to tailor online advertisements to your interests based on information collected about your online activities through cookies and similar technologies. This is known as “interest-based advertising”. The legal definition of “sale” under the CCPA is broad and may include interest-based advertising. You can get more information and opt out of the use of cookies on our websites for interest-based advertising purposes. You must set your preferences on each device and web browser on which you wish to opt out. This feature uses a cookie to store your preferences. So if you delete all cookies in your browser, you will need to reset your settings.

LEONINE will not discriminate against you if you exercise any of these rights. This is also in accordance with your rights under the CCPA.

We will acknowledge receipt of your request within 10 business days and provide you with a substantiated response within 45 calendar days or notify you in writing of the reason and the extension period (up to 90 days).

Under the CCPA, only you or an authorized representative may make a request regarding your personal information. Note that we must verify your identity in order to respond to your request for access or to delete personal information under the CCPA. We may do this by requesting that you log into your LEONINE account (if any), provide information related to your account (which will be cross-checked with information we have, such as profile information), provide an affidavit of identity, and/or provide additional information. You may authorize an authorized representative to submit your verified consumer application by providing written authorization and proof of identity, or by providing proof of a power of attorney.

California’s “Shine the Light” law…

California Civil Code Section 1798.83, also known as the “Shine the Light” law, allows California residents to annually request information about the disclosure of your personal information (if any) to third parties for their direct marketing purposes during the previous calendar year. We do not disclose personal information to third parties for their direct marketing purposes.

Changes to this privacy policy

We may periodically update this Privacy Policy to reflect changes in how we collect and/or process personal information and will post the updated Privacy Policy on our website with the “Last Updated” date at the top. If we make material changes to this Privacy Policy, we will notify you and give you the opportunity to review it before you decide to continue using our products.