c[ode]clap
Snapshots | Login (itch.io)

Privacy Policy

I. Data Controller

codeclap
C/O Clas Rurik
Kokhaven 20
6230 Rødekro
Denmark

CVR: 44202816

webmaster@codeclap.cc

II. Purpose of the data processing

Processing in order to offer downloads to customers, including confirmation of customer status by authentication using itch corp.

III. Data that is collected

datasourceaffectedrecipient (if applicable)
ip-address and request header automatically transmitted by client website visitors
ip-address and request path automatically transmitted by client website visitors
itch: api-access-token automatically transmitted by client authenticated users itch corp.
itch: profile (username, user-id, profile-picture, et. al.), download-key and number of downloads (if available) itch corp. authenticated users
session-cookie generated by server and stored in client browser authenticated users

IV. a. Legal basis for data processing affecting website visitors

ip-address and request header legitimate interest of controller and data subject, art. 6 lit. f GDPR
ip-address and request path legitimate interest of controller (it-security), art. 6 lit. f, recital 49 GDPR
itch: api-access-token legitimate interest of controller and data subject, art. 6 lit. f GDPR
itch: profile (username, user-id, profile-picture, et. al.), download-key and number of downloads (if available) legitimate interest of controller and data subject, art. 6 lit. f GDPR
session-cookie legitimate interest of controller and data subject, art. 6 lit. f GDPR

itch: api-access-token is transferred to a third country to itch corp. in USA based on art. 49 lit. b GDPR, contract fulfilment

IV. b. Duration of storage affecting website visitors

ip-address and request header only while transferring the website data
ip-address and request path 7 days
itch: api-access-token only during authentication process
itch: profile (username, user-id, profile-picture, et. al.), download-key and number of downloads (if available) only during authentication process
session-cookie duration of session

V. a. Legal basis for data processing affecting authenticated users

ip-address and request header legitimate interest of controller and data subject, art. 6 lit. f GDPR
ip-address and request path legitimate interest of controller (it-security), art. 6 lit. f, recital 49 GDPR
itch: api-access-token legitimate interest of controller and data subject, art. 6 lit. f GDPR
itch: profile (username, user-id, profile-picture, et. al.), download-key and number of downloads (if available) legitimate interest of controller and data subject, art. 6 lit. f GDPR
session-cookie legitimate interest of controller and data subject, art. 6 lit. f GDPR

itch: api-access-token is transferred to a third country to itch corp. in USA based on art. 49 lit. b GDPR, contract fulfilment

V. b. Duration of storage affecting authenticated users

ip-address and request header only while transferring the website data
ip-address and request path 7 days
itch: api-access-token only during authentication process
itch: profile (username, user-id, profile-picture, et. al.), download-key and number of downloads (if available) only during authentication process
session-cookie duration of session

VI. Rights of data subjects

Pursuant to art. 15 GDPR, you have the right to obtain information about the personal data stored about you, including any recipients and the planned storage period. Should incorrect personal data be processed, you have the right to correction pursuant to art. 16 GDPR. If the legal requirements are met, you can request the deletion or restriction of the processing and lodge an objection against the processing (art. 17, 18 and 21 GDPR), as well as a right to complain to the relevant data protection authority. If the requirements of art. 20 GDPR are met you have the right to data portability.
Imprint | Privacy Policy