Legal.

Data ProtectionSocial Hobby

The protection of your personal data is very important to us. Here is how we handle your information on Lummelinchen.

1. Data Controller

Tobias Maslowski
(Refer to the Legal Notice for contact details)

2. Data Collection and Storage

2.1 Battle.net Auth

When logging in via Battle.net, we receive your BattleTag and WoW character info. This is used strictly for core features (event registration, guild management) and is never shared.

2.2 Raider.io Data

We fetch public achievements from Raider.io. This data is only stored in a temporary cache (max 24h) and is not permanently linked to your personal identity.

2.3 Availability Data

If you participate in scheduler polls, your selected time availability is stored and visible to Guild Administrators for the purpose of planning events.

2.4 Push Notification Data

If you opt-in to Push Notifications, we store a unique browser endpoint and encryption keys. This is used solely to deliver service-related messages and can be deleted instantly by disabling the feature in your settings.

2.5 Email Notifications (Brevo)

If you opt-in to Email Notifications, we store your email address and use Brevo (formerly Sendinblue) as our service provider to send you notifications. Your email and notification content are transmitted to Brevo strictly for delivery purposes. You can revoke this consent at any time in your settings.

2.6 Database Storage (MongoDB Atlas)

Your event registrations, character roles, and notification preferences are stored securely in our database, hosted on MongoDB Atlas. This data is linked to your BattleTag ID and is necessary to coordinate team activities effectively.

2.7 Hosting (Vercel)

Our website is hosted on Vercel. To provide this service, Vercel collects and processes technical telemetry data (such as IP addresses and browser fingerprints) in their server logs. This is necessary for the technical operation and security of the platform.

3. Cookies

We use purely "strictly necessary" cookies for session management and preference persistence. These are essential for the technical operation of the platform.

4. Your Rights

GDPR Art. 15-21

You have the right to access, rectify, or erase your data at any time. To exercise these rights, please reach out via the email provided in the Legal Notice.

Last updated: December 2025