Skydd av personuppgifter

Privacy Policy

1. Privacy at a Glance

General Information

The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data is any data that can be used to personally identify you.

Data Collection on This Website

Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator. You can find the contact details in the "Data Controller" section below.

How do we collect your data?
Your data is collected when you provide it to us – for example, by filling out a contact form, registering as a dojo administrator, or signing up for an event. Other data is collected automatically by our IT systems when you visit the website. This is primarily technical data (e.g. browser type, operating system, or time of page access).

What do we use your data for?
Some of the data is collected to ensure the website functions correctly. Other data may be used to process your registration or event sign-up.

What rights do you have regarding your data?
You have the right at any time to obtain information free of charge about the origin, recipients, and purpose of your stored personal data. You also have the right to request the rectification, restriction of processing, or deletion of this data. You can contact us at any time regarding this or any other questions about data protection.

2. Data Controller

The controller responsible for data processing on this website is:

Klaus Meßlinger (1Dojo)
Contact details: see legal notice (imprint) page

3. Joint Controllership with Event Organisers

1Dojo is a platform where event organisers (dojos, schools, clubs) can publish their events and receive registrations from participants. For the processing of participant data in connection with event registrations, there is a joint controllership between 1Dojo and the respective event organiser in accordance with Art. 26 GDPR (and equivalent provisions under the UK GDPR and Swiss Federal Act on Data Protection).

Division of Responsibilities

1Dojo is responsible for:

  • Provision and technical operation of the platform
  • Security of data processing and hosting
  • Implementation of technical and organisational data protection measures
  • Management of dojo administration accounts

The event organisers (dojos) are responsible for:

  • Content and lawfulness of the participant data they collect
  • Informing participants about data processing in connection with their events
  • Acting as the first point of contact for participant enquiries regarding access, rectification, or deletion of their data

Contact Point for Data Subjects

If you have registered for an event and have questions about your data or wish to exercise your rights, please first contact the respective event organiser (dojo). You can find their contact details on the event page or in the organiser's profile.

If the organiser does not respond or you require further assistance, you can also contact us directly using the contact details provided above.

4. Hosting

This website is hosted by STRATO AG, Otto-Ostrowski-Straße 7, 10249 Berlin, Germany. It is a dedicated virtual Linux server located in Germany.

When you visit this website, information is automatically stored in server log files that your browser transmits. We have concluded a Data Processing Agreement with STRATO in accordance with Art. 28 GDPR, which ensures the data protection-compliant handling of your data.

For more information, please see STRATO's privacy policy: https://www.strato.de/datenschutz/

5. Server Log Files

The hosting provider of this website automatically collects and stores information in server log files that your browser transmits. These include:

  • Browser type and version
  • Operating system
  • Referrer URL (the previously visited page)
  • IP address of the accessing device
  • Time of the server request

This data is not combined with other data sources.

This data is collected on the basis of Art. 6(1)(f) GDPR (and equivalent provisions under UK GDPR). The website operator has a legitimate interest in the technically error-free presentation and optimisation of their website, as well as in detecting and preventing attacks and misuse. Server log files are automatically deleted after 6 months.

6. Cookies

This website uses cookies. These are small text files that are stored on your device.

Strictly Necessary Cookies

We use the following strictly necessary cookies:

  • Language preference: Stores your preferred language for the website.
  • Session cookie: Enables the use of your user account and stores your login status during a browser session.

These cookies are necessary for the operation of the website and cannot be disabled. They do not contain personal data that would allow identification.

The storage of these cookies is based on Art. 6(1)(f) GDPR (and equivalent provisions under UK GDPR). The website operator has a legitimate interest in the technically error-free and optimised provision of their services.

Third-Party Cookies

We do not use third-party cookies. All libraries and resources used (such as fonts and JavaScript libraries) are hosted locally on our server to avoid data transfers to third parties.

7. Contact Form

When you send us an enquiry via the contact form, your details from the form (name, email address, message) are transmitted to us by email. This data is stored exclusively in our email system and is not recorded in a database.

This data is processed on the basis of Art. 6(1)(b) GDPR if your enquiry relates to the performance of a contract or is necessary for pre-contractual measures. In all other cases, the processing is based on our legitimate interest in effectively handling enquiries addressed to us (Art. 6(1)(f) GDPR).

The data you enter in the contact form will remain with us until you request deletion or the purpose for data storage no longer applies. Mandatory statutory provisions – particularly retention periods – remain unaffected.

8. Dojo Administration Accounts

When you register as a dojo administrator, we collect the following data:

Organisation Data (Dojo)

  • Organisation name
  • Logo
  • Address
  • Contact details (email(s), phone, website)
  • Description and profile image
  • Martial arts represented
  • Details of participation conditions

We also store the information you enter about event venues (photo, name, building, address, geolocation).

Personal Data of Administrators

  • First and last name
  • Email address
  • Phone number
  • Password (stored encrypted)
  • Language and country

This data is processed for the performance of the platform usage contract (Art. 6(1)(b) GDPR).

Retention Period

Dojo accounts are retained until:

  • you request deletion of the account, or
  • payment for platform usage is discontinued, or
  • no events have been created over a period of 3 years.

When a dojo account is deleted, all associated events and registration data are also deleted.

9. Event Registrations

When you register for an event, the data you provide is collected. Which data is required depends on the respective event and is determined by the organiser. This typically includes:

  • First and last name
  • Email address
  • Selection of offering
  • Acceptance of participation conditions
  • Newsletter subscription
  • Personal message
  • Other event-specific information where applicable

This data is processed for the performance of the event registration and for communication about the event (Art. 6(1)(b) GDPR).

Access to Registration Data

The following have access to your registration data:

  • The event organiser (dojo) with whom you registered
  • System administrators and the 1Dojo support team (for support purposes and system maintenance only)

Other organisers or third parties do not have access to your data.

Retention Period

Registration data is stored together with the associated event. Participant data and event images are automatically deleted 18 months after the end of the event. When a dojo account is deleted, all associated registration data is also deleted.

10. Participant User Accounts

We offer you the option to create a user account to manage your event registrations. When registering, we collect:

  • First and last name
  • Email address
  • Password (stored encrypted)
  • Other profile data where applicable

Processing is based on Art. 6(1)(b) GDPR for the provision of the user account.

You can delete your user account at any time. When you do so, your profile data will be deleted. Event registrations that have already been made will remain stored with the respective organiser, as these are necessary for the performance of the event.

11. External Services

Google Maps (Two-Click Solution)

On some pages, we may offer the option to display the event location on a Google Maps map. The map is only loaded after you actively click on a corresponding link or preview image, thereby consenting to the data transfer.

Only after your consent is a connection established to Google's servers. In doing so, data (particularly your IP address) is transmitted to Google. Google may process this data in the USA.

The use of Google Maps is based on your consent pursuant to Art. 6(1)(a) GDPR. You can withdraw this consent at any time by not activating the map.

For more information, please see Google's privacy policy: https://policies.google.com/privacy

12. Email Communication

We send emails in connection with:

  • Confirmation of contact enquiries
  • Registration and management of dojo accounts
  • Event registrations and notifications

Emails are sent via our own mail server, which is hosted on the same server as the website (STRATO, Germany).

13. SSL/TLS Encryption

For security reasons and to protect the transmission of confidential content, this website uses SSL or TLS encryption. You can recognise an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.

When SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

14. Your Rights

Under applicable data protection laws (including GDPR, UK GDPR, and the Swiss Federal Act on Data Protection), you have the following rights at any time:

Right of Access (Art. 15 GDPR)

You have the right to obtain confirmation as to whether personal data concerning you is being processed. If so, you have a right to access this data and further information in accordance with Art. 15 GDPR.

Right to Rectification (Art. 16 GDPR)

You have the right to obtain without undue delay the rectification of inaccurate personal data or the completion of incomplete personal data.

Right to Erasure (Art. 17 GDPR)

You have the right to request the deletion of your personal data if one of the grounds set out in Art. 17 GDPR applies.

Right to Restriction of Processing (Art. 18 GDPR)

You have the right to request the restriction of processing of your data if one of the conditions set out in Art. 18 GDPR is met.

Right to Data Portability (Art. 20 GDPR)

You have the right to receive the personal data concerning you in a structured, commonly used, and machine-readable format and to transmit this data to another controller.

Right to Object (Art. 21 GDPR)

You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is based on Art. 6(1)(f) GDPR.

Right to Withdraw Consent (Art. 7(3) GDPR)

You have the right to withdraw any consent you have given at any time. The lawfulness of the processing carried out on the basis of the consent until the withdrawal is not affected.

15. Right to Lodge a Complaint with a Supervisory Authority

You have the right to lodge a complaint with a data protection supervisory authority about the processing of your personal data.

Our Lead Supervisory Authority (Germany)

Der Hessische Beauftragte für Datenschutz und Informationsfreiheit
(The Hessian Commissioner for Data Protection and Freedom of Information)
Postfach 3163
65021 Wiesbaden, Germany
Phone: +49 611 1408-0
Email: poststelle@datenschutz.hessen.de
Website: https://datenschutz.hessen.de

For Users in Other Jurisdictions

You may also lodge a complaint with the supervisory authority in your country of residence or place of work. A list of EU/EEA data protection authorities can be found at: https://edpb.europa.eu/about-edpb/about-edpb/members

United Kingdom: Information Commissioner's Office (ICO), https://ico.org.uk

Switzerland: Federal Data Protection and Information Commissioner (FDPIC), https://www.edoeb.admin.ch

16. Legal Framework

This privacy policy complies with the requirements of:

  • The EU General Data Protection Regulation (GDPR)
  • The UK General Data Protection Regulation (UK GDPR) and Data Protection Act 2018
  • The Swiss Federal Act on Data Protection (FADP/DSG)
  • Applicable data protection laws in EEA member states

As our servers are located in Germany (an EU member state), all data is processed within the European Union and is subject to EU data protection standards. Data transfers to third countries (such as the USA via Google Maps) only occur with your explicit consent.

17. Changes to This Privacy Policy

We reserve the right to amend this privacy policy to ensure it always complies with current legal requirements or to implement changes to our services. The new privacy policy will then apply to your subsequent visits.

Last updated: January 2026