Scandal

History

Privacy Policy

Last Updated: 04.04.2026

1. Introduction

Welcome to Scandal History ("we," "our," or "us"). We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website scandalhistory.com.

2. Data Controller

The data controller responsible for your personal information is:

  • Name: Nicolas B.
  • Address: [Not disclosed for privacy reasons], 88662 Überlingen, Germany
  • Email: nicolas@sahnetorte.de

3. Information We Collect

3.1 Personal Information You Provide

We collect information that you voluntarily provide to us when you:

  • Register for an account (via Discord OAuth)
  • Submit content (scandals, entities, events)
  • Report content
  • Contact us

This information may include:

  • Discord username and ID
  • Email address
  • Profile picture
  • Submitted content and reports

3.2 Automatically Collected Information

When you visit our website, we automatically collect:

  • IP address
  • Browser type and version
  • Device information
  • Pages visited and time spent
  • Referring website
  • Cookie data (with your consent)

4. How We Use Your Information

We use your personal information for the following purposes:

  • To provide and maintain our service
  • To manage your account and authentication
  • To enable content submission and moderation
  • To respond to your inquiries and support requests
  • To send administrative information and updates
  • To analyze website usage and improve our service
  • To comply with legal obligations and enforce our Terms of Service

5. Legal Basis for Processing (GDPR)

If you are from the European Economic Area (EEA), our legal basis for collecting and using your personal information depends on the data and context:

  • Consent: You have given explicit consent (e.g., cookie consent)
  • Contract: Processing is necessary to perform our agreement with you
  • Legal Obligation: We are required by law to process your data
  • Legitimate Interests: Processing serves our legitimate business interests

6. Data Sharing and Disclosure

6.1 Third-Party Service Providers

We share your data with the following service providers:

  • Authentication: Discord (OAuth authentication)
  • Database & Hosting: Supabase (EU (Frankfurt))
  • Analytics: None

6.2 Legal Requirements

We may disclose your information if required by law or in response to valid legal requests by public authorities.

7. Data Retention

We retain your personal information only as long as necessary for the purposes outlined in this Privacy Policy, unless a longer retention period is required by law.

  • Account data: Retained until account deletion
  • Submitted content: Retained indefinitely (or until deletion request)
  • Analytics data: None
  • Logs: 90 days

8. Your Privacy Rights (GDPR)

If you are a resident of the EEA, you have the following rights:

  • Right to Access: Request copies of your personal data
  • Right to Rectification: Request correction of inaccurate data
  • Right to Erasure: Request deletion of your personal data
  • Right to Restrict Processing: Request limitation of processing
  • Right to Data Portability: Request transfer of your data
  • Right to Object: Object to our processing of your data
  • Right to Withdraw Consent: Withdraw consent at any time

To exercise these rights, please contact us at nicolas@sahnetorte.de.

Right to Erasure (Art. 17 GDPR)

You have the right to request erasure of your personal data. However, we may not comply if:

  • The content is necessary for exercising freedom of expression/information
  • You are a public figure and the content is accurate
  • The content serves a legitimate public interest

We conduct a balancing test considering whether you are a public figure and the accuracy of the content. We will respond to your request within 30 days.

9. International Data Transfers

Your information may be transferred to and maintained on servers located outside of your country. We ensure appropriate safeguards are in place for such transfers in compliance with GDPR requirements.

Data Storage Locations: EU (Frankfurt)

10. Data Security

We implement appropriate technical and organizational security measures to protect your personal information, including:

  • Encryption of data in transit (HTTPS/SSL)
  • Secure authentication mechanisms
  • Regular security assessments
  • Access controls and authorization

11. Children's Privacy

Our service is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us.

12. Cookies and Tracking

We use cookies and similar tracking technologies to track activity on our website. For more information, please see our Cookie Policy.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date.

14. Contact Us

If you have any questions about this Privacy Policy, please contact us:

15. Supervisory Authority

If you are located in the EEA and believe we have not addressed your privacy concerns adequately, you have the right to lodge a complaint with your local data protection authority.

For Germany: Bundesbeauftragte für den Datenschutz und die Informationsfreiheit (BfDI), https://www.bfdi.bund.de