I. Operator and person responsible within the meaning of the GDPR

Responsible provider of this website and the application in terms of data protection is:

Interdev Tech Media LTD

Nikis 1, Anthoupoli

2350 Nicosia

Cyprus

Registration No.: HE445898

VAT-ID: CY60003990B

Director: Sergejs Ribakovs

Contact:
Phone: +49 40 6963232 30
Email: info[at]interdev.info


The provider is currently not obliged to appoint a data protection officer. The contact person for data protection issues at the operator is:

Mr. SERGEJS RIBAKOVS

Nikis 1, Anthoupoli
2350 Nicosia

Email: info[at]besecret.com


II. Data processing of personal data

Personal data within the meaning of the European General Data Protection Regulation (GDPR) is all information that relates to an identified or at least identifiable natural person. This can be names, addresses, e-mail addresses, or IP addresses of the device or connection with which you use the website or the application.

Your data processed when using our website will be deleted or blocked as soon as the purpose of storage no longer applies, the deletion of the data does not conflict with any statutory storage obligations and no other information on processing is subsequently provided.


III. Server Data

For technical reasons, e.g. to ensure a secure and stable website or application, data is transmitted to us or our server operator via your Internet browser. With these so-called server log files, the type and version of your Internet browser, the operating system, the website from which you switched to our website (a so-called referrer URL), the website of our website or content through our application that you from our servers, the date and time of the respective access and the IP address of the Internet connection from which our website or the application is used.

The data collected in this way is stored temporarily, but not together with other data from you.

This storage takes place on the legal basis of Art. 6 Para. 1 lit. f) GDPR. Our legitimate interest lies in the improvement, stability, functionality and security of our website.

The data will be deleted after 30 days at the latest, provided that no further storage is required for evidentiary purposes. Otherwise, the data will be completely or partially excluded from deletion until the final clarification of an incident and will be marked accordingly with a blocking notice (Article 4 No. 4 GDPR).


IV. User account

As soon as you register a user account via our application, the data you entered during registration (i.e. your chosen pseudonym, your e-mail address, your IP address, gender and date of birth) will only be used for pre-contractual services, for the fulfillment of the contract collected and stored in accordance with the agreed terms of use or for the purpose of customer care. At the same time, we then save the IP address and the date of your registration along with the time. This data is not passed on to third parties.

The data is stored exclusively on servers within Cyprus.

As part of the registration process, consent to this processing is obtained and reference is made to this data protection declaration. The data we collect is used exclusively to provide the user account.

If you consent to this processing when registering, Article 6 (1) (a) GDPR is the legal basis for the processing.

The storage and processing of the pseudonym, age and gender specified during registration is used by the operator for evaluation within the framework of the service and for the group categorization of user contributions. In this way, other users can create reviews of the posts and popular posts can be highlighted. The legal basis for the processing required for the execution of the contract is Article 6 (1) (b) GDPR.

Before you can use paid services on the platform for the first time, you must enter a valid e-mail address for your user account in addition to the existing user account. The storage and processing is absolutely necessary for the contract execution of the payment transactions and assignment to a user profile, the legal basis is therefore Article 6 Paragraph 1 Letter b) GDPR.

If the initial registration of the user account is also used for pre-contractual measures, the legal basis for this processing is also Article 6 (1) (b) GDPR.

You can revoke your consent to the creation and maintenance of the user account at any time with effect for the future in accordance with Art. 7 Para. 3 GDPR. All you have to do is inform us of your revocation (e.g. by e-mail).

The collected personal data will be deleted as soon as the processing is no longer necessary. If legal retention periods for personal data are to be observed by the operator, your personal data will not be deleted but blocked until the statutory retention period has expired (restriction of processing by appropriate blocking marking, Art. 4 No. 3 GDPR).


V. Public posts and comments

When using the website via a user account, you can publish contributions (entries with text, images and videos, as well as comments) within the framework of the terms of use agreed upon when registering the user account. Your contribution will then be published with the date and time of submission as well as your chosen pseudonym, gender and age.

The legal basis for this is Art. 6 (1) (a) GDPR. You can revoke your consent at any time with effect for the future in accordance with Art. 7 Para. 3 GDPR. All you have to do is inform us of your revocation (e.g. by e-mail).

In addition, we also process your IP and e-mail address with which the post was created. The IP address is processed because we have a legitimate interest in taking steps or supporting prosecuting authorities if your contribution violates the rights of third parties and/or violates applicable legal standards.

In this case, the legal basis is Art. 6 (1) (f) GDPR. Our legitimate interest lies in any legal defense that may be necessary.


VI. In-App Analysis

In order to optimize the user experience and to ensure the security of our app, we use the voluum.com tool to analyze usage of the app. This is a service provided by Codewisespólka z ograniczonaodpowiedzialnoscia Sp. K., Lubicz 17 G, 31 – 503 Kraków, Poland.

The analysis data of the tool for using the app is collected, processed and stored exclusively on our own servers. Data is passed on to the provider Codewise to provide the points system and the crediting of points for recommendations of the app, as well as the sharing of contributions. These only include browser data of the accessing device, as well as the time of access and the IP address of the accessing device.

The provider itself is subject to the data protection law of the European Union.

The legal basis for the analysis is Article 6 Paragraph 1 Letter b) GDPR for the points system and Article 6 Paragraph 1 Letter f) GDPR for the rest. Our legitimate interest lies in providing the points system, improving the quality of the application and ensuring security.


VII. In-App Ads

The application sometimes displays advertising banners from advertising partners. The advertising banners are links to a page of the advertising partner. If the user clicks on the advertising banner, he is directed to the website of the advertising partner via the device's own browser. Analysis data or other data collected and stored by the operator will not be passed on to the respective advertising partner.
For advertisements, we use the advertising partner Google Inc. with its tool AdMob, which collects personal data such as device IDs, GPS data, demographic data, etc. in order to be able to display advertising that is relevant to you. For more details on the data collected by Google AdMob, see Google's privacy policy https://www. google.com/policies/privacy/partners/. The legal basis for this is Art. 6 (1) (a) GDPR. You can give your consent in accordance with Art. 7 Para. 3 DSGVO revoked at any time with effect for the future. All you have to do is inform us of your revocation (e.g. by e-mail).

VIII. Use of payment service providers

With certain payment methods, you will be redirected to a website of the respective payment service provider as part of the payment process. The data is then processed by the payment service provider. You can find out more about how your personal data is handled on their website.

If the user wishes to pay by credit card, it may be necessary to state the first and last name in connection with the address. This data is stored on our servers and forwarded to the respective credit card institutes involved.

Insofar as your IP address is a referrer for the payment process, your e-mail address is necessarily passed on to the respective payment service provider for execution by the operator to the payment service provider. The legal basis for the transmission of data is Art. 6 Para. 1 lit. b) GDPR.


IX. Cookies

A. Operator cookies

We use so-called cookies on our website. Cookies A cookie is a small file that contains a certain character string that is saved on your end device, making your browser clearly identifiable and further information can be stored. With the help of cookies, the operator improves the comfort and quality of its website and its services, for example by saving user settings. These cookies process certain information about you, such as your browser or location data or your IP address, to an individual extent.

This processing makes our website more user-friendly, effective and secure, as it allows us to retain convenience functions such as settings. It is also possible to use besecret.com without cookies, but functions may then be lost.

B. Third party cookies

We also use cookies from partner companies with whom we work for the purpose of advertising, analysis or the functionalities of our website. Details of the third-party providers we use (Facebook, Twitter, Instagram, Google Analytics) can be found in the following sections XV.-XIIVII.

C. Legal Basis Cookies

The legal basis for the processing of operator cookies and third-party cookies is Art. 6 Para. 1 lit b.) GDPR, insofar as these cookies are used to process data for the initiation or execution of a contract.

If the processing does not serve to initiate or process a contract, our legitimate interest lies in improving the functionality of our website. The legal basis is then Article 6 Paragraph 1 Letter f) GDPR.


X. Use of Twitter and Twitter social plugin

We use the plug-in of the social network Twitter on the website and in the application. In addition, contributions published on our site can also be published by us or by registered users via Twitter. This means that personal data can also be transferred to non-European countries (the GDPR does not apply).

Twitter is an Internet service provided by Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA, hereinafter referred to as "Twitter".

Through the certification of Twitter according to the EU-US data protection shield (international agreement "EU-US Privacy Shield", https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active ), the provider undertakes that the data protection level of the EU is also observed when processing data in the USA.

The legal basis is Article 6 (1) (f) GDPR. Our legitimate interest lies in improving the quality of our website and in being able to give you the opportunity to publish public posts on our site automatically via the social network.

If you publish contributions via our platform as a registered user, we can also publish these together with the ratings of other users via Twitter accounts. Contributions from you (chat messages) that are only visible to individual registered users will not be published or passed on under any circumstances.

If the plug-in is stored on one of the pages of our website you visit, your Internet browser downloads a representation of the plug-in from the Twitter servers. For technical reasons, it is necessary for Twitter to process your IP address. In addition, the date and time of the visit to our website are also recorded.

If you are logged in to Twitter when you visit our website, the information collected by the plug-in from your visit will be recognized by Twitter, stored and assigned to your Twitter user account, e.g. when using the so-called "Share" button Twitter. Publication on Twitter is also possible. If you want to prevent this, you should either log out of Twitter before visiting our website or make the appropriate settings in your Twitter user account. You can also use a browser extension that blocks functions of social media networks, such as "Ghostery". .

You can find more information about data processing by Twitter at https://twitter.com/privacy and the information that can be accessed there privacy notices.


XI. Facebook and Instagram plugin

We use the plug-in of the social network Facebook on the website and in the application. In addition, articles published on our site can also be published by us or by registered users via Facebook and Instagram. This means that personal data can also be transferred to non-European countries (the GDPR does not apply).

Facebook and Instagram are Internet services provided by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA. In the EU, these services are operated by Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.

Through the certification of Facebook according to the EU-US data protection shield (international agreement "EU-US Privacy Shield", https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active ), the provider undertakes that the data protection level of the EU is also observed when processing data in the USA.

The legal basis is Article 6 (1) (f) GDPR. Our legitimate interest lies in improving the quality of our website and in being able to give you the opportunity to publish public posts on our site automatically via these social networks.

If you publish contributions via our platform as a registered user, we can also publish these together with the ratings of other users via Facebook and/or Instagram accounts. Contributions from you (chat messages) that are only visible to individual registered users will not be published or passed on under any circumstances.

If a Facebook or Instagram plug-in is stored on one of the pages of our website you visit, your Internet browser will download a representation of the plug-in from the Facebook servers. For technical reasons, it is necessary for Facebook or Instagram to process your IP address. In addition, the date and time of the visit to our website are also recorded.

If you are logged in to Facebook when you visit our website, the information collected by the plug-in from your visit will be recognized by Facebook, stored and assigned to your Facebook user account, e.g. when using the “Like” or “Like ' button from Facebook. It can also be published on Facebook. If you want to prevent this, you should either log out of Facebook before visiting our website or make the appropriate settings in your Facebook user account. You can also use a browser extension that blocks features of social media networks, such as "Ghostery" or the "Facebook Blocker".

You can find more information about data processing by Facebook plugins at https://developers.facebook.com/ docs/plugins/ and specifically for Instagram at https://help.instagram.com/519522125107875 .


XII. Google Analytics

We use Google Analytics on the website and in the application to analyze the usage behavior of visitors and users.

Google Analytics is a web analytics service provided by Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043 USA, hereinafter referred to as "Google".

Through the certification of Google according to the EU-US data protection shield (international agreement "EU-US Privacy Shield", https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active ), the provider undertakes that the data protection level of the EU is also observed when processing data in the USA.

The legal basis is Article 6 (1) (f) GDPR. Our legitimate interest lies in the analysis of usage to optimize our website and the services offered, as well as in the economic operation of the website and the application.

When using the website and application, usage and user-related information such as IP address, location, time or frequency of visits to our website and application is transmitted to a Google server in the USA and stored there.

We use Google Analytics with an anonymization function, so that the IP address is already shortened on servers within the EU so that clear identification is no longer possible. In addition, Google states that the IP address will not be linked to other available information.

The data collected in this way is in turn used by Google to provide us with an evaluation of the visit to our site and the use of our application as well as activities there. This data can also be used by Google to be able to offer other services. At https://www.google.com/intl/de/policies/privacy/ partners you will find further information on data protection by Google.

You can install a plug-in for your browser provided by Google itself, which prevents the forwarding of data to Google Analytics (https://tools.google.com/dlpage/gaoptout?hl=de).

However, this does not prevent information from being transmitted to us or to other web analysis services.


XIII. Your rights

In relation to the personal data we store and process, you can:

1. Information about the processing (Article 15 GDPR),

2. Correction or completion of incorrect data (Art 16 GDPR),

3. Deletion of data that is no longer required (Art. 17 GDPR), as well as

4. Request restriction of processing (Article 18 GDPR), and/or

5. Request the data you have provided in a common, machine-readable format for transmission to other responsible parties (Article 20 GDPR)

In addition, according to Art. 21 GDPR, you can object to the future processing of the data concerning you, provided that this data is processed by us on the basis of Art. 6 Paragraph 1 lit. f) GDPR (legitimate interest). In particular, an objection to data processing for direct advertising purposes is then possible at any time.