PinguPal CMS

Finally, blogging without tech stress

Privacy Policy

Privacy Policy

1. General Information

This Privacy Policy informs you about the nature, scope, and purpose of the processing of personal data (hereinafter referred to as "Data") within our online offering and the associated websites, functions, and content (hereinafter collectively referred to as the "Online Offering" or "Website"). The Privacy Policy applies regardless of the domains, systems, platforms, and devices used (e.g., desktop or mobile) on which the Online Offering is executed.

Responsible Body (Controller) as defined by GDPR:

Dominique Blake-Hofer, Landstrase 9, CH 8471 Oberwil (Dägerlen), itsystems@blake-hofer.net

2. Types of Data Processed

We process the following types of data:

  1. Inventory Data: Name, address, contact details (e.g., email, telephone numbers).
  2. Usage Data: Access times, visited websites, mouse movements, IP addresses, device identifiers.
  3. Content Data: Information provided by users (e.g., text entries, photographs).
  4. Payment/License Data: Data required for processing payments and verifying the PRO license (License Code, associated email, license status, subscription ID).

3. Categories of Affected Persons

Visitors and users of the Online Offering (hereinafter collectively referred to as "Users").

4. Purpose of Processing

We process User data for the following purposes:

  1. Provision of the Online Offering, its features, and content.
  2. Provision of contractual services, including processing PRO license transactions and ensuring feature access.
  3. Answering contact requests and communicating with Users.
  4. Security measures and range measurement (traffic analysis).

5. Hosting and Log Files

We use a hosting service provider to provide our Online Offering efficiently and securely. This provider processes Inventory Data, Contact Data, Content Data, Usage Data, and Meta/Communication Data on our behalf.

When accessing our website, the hosting provider (or we) collects data on every access to the server (so-called server log files). This data includes: name of the accessed website, file, date and time of access, amount of data transferred, notification of successful retrieval, browser type and version, the user's operating system, referrer URL, IP address, and the requesting provider.

The legal basis for this is our legitimate interest in the technically flawless presentation and optimization of our website (Art. 6 (1) lit. f GDPR).

6. PinguPal CMS Specific Data Processing

6.1. Administration and User Accounts

For the secure operation of the PinguPal CMS administrative backend, we process the following data:

  1. User ID / Author ID: For attributing content created.
  2. Admin Email and Password: Stored as a secure hash for login authentication.
  3. Session Data: For maintaining the logged-in state ($_SESSION['a_id']).

Purpose: Ensuring the integrity and security of the CMS content. Legal Basis: Fulfillment of contractual obligations (T&Cs for use) and legitimate interest in system security (Art. 6 (1) lit. b and f GDPR).

6.2. PRO License Verification

For Users of the PinguPal PRO License, the CMS verifies the license key by sending a small data package to our license server (as outlined in the PinguPal License Strategy). The data processed for verification includes:

  1. The unique License Key / License Code.
  2. The Site URL of the PinguPal installation.

Purpose: Technical necessity for activating and maintaining the access to PRO features (the core contractual service). Legal Basis: Fulfillment of contractual obligations (Art. 6 (1) lit. b GDPR).

7. Newsletter and Email Marketing

If you register for our newsletter (e.g., for pre-launch updates), we will use your provided Email Address for the purpose of sending you the newsletter.

Service Provider: [Specify your actual newsletter service provider, e.g., MailChimp, Sendinblue, or your own system]. Legal Basis: Consent (Art. 6 (1) lit. a GDPR). You can revoke your consent at any time via the unsubscribe link in the newsletter.

8. External Integrations (PRO Features)

The PinguPal PRO version allows for easy integration of third-party services, such as Google AdSense for monetization. When you enable such features, the respective third party (e.g., Google) will directly collect Usage Data, IP addresses, and potentially set cookies on your website to display personalized ads.

  1. PinguPal acts as the intermediary, but the data processing responsibility lies with the third-party provider and the User of the CMS.
  2. Please consult the privacy policy of the respective third-party providers (e.g., Google AdSense) for details on their data processing.

9. Your Rights (GDPR)

Under the GDPR, you have the right to:

  1. Right of Access (Art. 15 GDPR): Request confirmation as to whether data concerning you are being processed and obtain copies of this data.
  2. Right to Rectification (Art. 16 GDPR): Demand the completion or correction of inaccurate data concerning you.
  3. Right to Erasure (Art. 17 GDPR): Demand that data concerning you be erased without delay (Right to be Forgotten).
  4. Right to Restriction of Processing (Art. 18 GDPR): Request the restriction of the processing of data.
  5. Right to Data Portability (Art. 20 GDPR): Receive the data concerning you that you have provided to us in a structured, commonly used, and machine-readable format.
  6. Right to Object (Art. 21 GDPR): Object to the future processing of data concerning you at any time.

You also have the right to lodge a complaint with a competent supervisory authority.