Privacy Policy

Last updated: March 2026

This Privacy Policy explains how personal data is collected, used, and processed when visiting or using the website parrylock.com. The processing of personal data is carried out in accordance with the General Data Protection Regulation (GDPR) and applicable data protection laws.

1. Controller

The controller responsible for data processing on this website is:

Eric Kaiser Hauptstraße 2 77975 Ringsheim Germany Email: support@deadlockparry.com

2. Categories of Data Processed

The website processes the following categories of personal data:

Account Data

  • Email address
  • Username
  • Encrypted password

Leaderboard Data

  • Username
  • Recorded leaderboard times
  • Ranking position

Communication Data

  • Email address (newsletter or email communication)

Technical Data

  • IP address
  • Browser type and version
  • Operating system
  • Access date and time
  • Referrer URL

Verification Data

  • Email confirmation status (Double Opt-In)

3. Purpose of Data Processing

Personal data is processed for the following purposes:

  • Creation and management of user accounts
  • Authentication and login functionality
  • Recording and displaying leaderboard results
  • Operation and security of the website
  • Communication with users
  • Sending newsletters or informational emails (if consent is provided)
  • Preventing abuse and ensuring system integrity

4. Legal Bases for Processing (Art. 6 GDPR)

Processing of personal data is based on the following legal grounds:

Art. 6(1)(b) GDPR — Contract Performance

  • User registration
  • Account management
  • Leaderboard participation

Art. 6(1)(f) GDPR — Legitimate Interest

  • Server security
  • Fraud prevention
  • Technical operation of the website

Art. 6(1)(a) GDPR — Consent

  • Newsletter subscription
  • Email communications beyond necessary service messages

5. User Registration and Accounts

Users may create an account by providing an email address, username, and password. The password is stored in encrypted form and cannot be read by the website operator.

The user account enables:

  • login access
  • participation in the leaderboard
  • storage of recorded performance data

Users are responsible for keeping their login credentials confidential.

6. Leaderboard Data

Leaderboard functionality allows public display of performance results.

The following information may be publicly visible:

  • Username
  • Recorded leaderboard time
  • Ranking position

Email addresses or other personal data are not publicly displayed.

The purpose of this processing is to provide competitive ranking features for the service. Legal basis: Art. 6(1)(b) GDPR (contract performance).

7. Server Log Files

The hosting provider automatically collects and stores information in server log files, including:

  • IP address
  • browser type and version
  • operating system
  • referrer URL
  • date and time of access
  • accessed pages

These data are required to:

  • ensure technical stability
  • detect misuse or attacks
  • maintain system security

Legal basis: Art. 6(1)(f) GDPR (legitimate interest).

Server logs are not combined with other personal data.

8. Cookies and Sessions

The website uses technical cookies or session storage to enable essential functionality.

These may include:

  • login session cookies
  • security-related session identifiers

These cookies are strictly necessary for the operation of the website.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in secure website operation).

No tracking or advertising cookies are used unless explicitly stated.

9. Newsletter and Email Communication

Users may voluntarily subscribe to a newsletter or receive informational emails.

The newsletter may include:

  • product updates
  • service announcements
  • platform-related information

The email address provided during subscription is used exclusively for this purpose. Legal basis: Art. 6(1)(a) GDPR (consent).

Users may unsubscribe at any time using the unsubscribe link included in each email.

10. Double Opt-In Procedure

Newsletter subscriptions are verified using a Double Opt-In process. This means:

  1. The user submits their email address through a signup form.
  2. A confirmation email is sent.
  3. The subscription becomes active only after clicking the confirmation link.

The following data may be stored for verification purposes:

  • email address
  • IP address
  • timestamp of registration
  • timestamp of confirmation

This ensures that no unauthorized person can subscribe using another person's email address.

11. Hosting Provider

The website is hosted by an external hosting provider.

Personal data processed on this website may be stored on the servers of the hosting provider. This may include:

  • user account data
  • leaderboard data
  • server logs
  • technical metadata

The hosting provider processes data solely for the purpose of providing infrastructure and services necessary to operate the website. A Data Processing Agreement (DPA) in accordance with Art. 28 GDPR is concluded with the hosting provider.

12. Data Retention

Personal data is stored only as long as necessary for the purposes described in this policy.

Retention periods may include:

  • User accounts: stored until the account is deleted by the user or the operator.
  • Leaderboard data: stored as long as the associated user account exists or until removal is requested.
  • Server logs: typically stored for a limited period for security monitoring.
  • Newsletter data: stored until consent is withdrawn.

After expiration of the retention period, data will be deleted or anonymized.

13. Rights of Data Subjects

Under the GDPR, users have the following rights:

  • Right of access (Art. 15 GDPR)
  • Right to rectification (Art. 16 GDPR)
  • Right to erasure ("right to be forgotten", Art. 17 GDPR)
  • Right to restriction of processing (Art. 18 GDPR)
  • Right to data portability (Art. 20 GDPR)
  • Right to object to processing (Art. 21 GDPR)

Requests may be submitted using the contact information provided above.

14. Withdrawal of Consent

If data processing is based on consent, that consent may be withdrawn at any time. Withdrawal does not affect the lawfulness of processing carried out before the withdrawal.

15. Right to Lodge a Complaint

Users have the right to lodge a complaint with a data protection supervisory authority if they believe that their personal data is being processed unlawfully. Within the European Union, complaints may be filed with the supervisory authority responsible for the user's place of residence, workplace, or the location of the alleged infringement.

16. SSL / HTTPS Encryption

This website uses SSL or TLS encryption to protect the transmission of confidential data. Encrypted connections can be recognized by the https:// prefix in the browser address bar and the lock icon displayed by the browser. SSL encryption ensures that transmitted data cannot be read by unauthorized third parties.