We (Datasophie GmbH, “DS”) are committed to protecting your personal information and your right to privacy. If you have any questions or concerns about our policy, or our practices with regards to your personal information, please contact us at email@example.com.
The data controller in respect of any Personal Data that you submit to us via the Services (or otherwise) is
The Personal Data you submit to us via the Services (or otherwise) will be processed by us or by data processors appointed by us to undertake processing on our behalf.
2 What is personal and non-personal data?
“Personal Data” means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, or an online identifier.
“Non-Personal Data” means information that we have collected from you which is not Personal Data, i.e. cannot be used by us to identify you.
3 Which data does DS collect and use at which state?
3.1 Use of Our Website
If you access or use our Website we may collect the following Personal Data and Non-Personal Data:
- Request (Name of the requested file)
- Browser type/veDSon (e.g.: Internet Explorer 11.0)
- Browser language (e.g.: English)
- Operating System (e.g.: Windows 7)
- Resolution of the Browser window
- Screen resolution
- Java On / Off
- Cookies On / Off
- Color settings
- Referral URL (the previously visited page)
- Time of Access
DS also may maintain log files which contain IP addresses. An IP address is a numeric address that may be assigned to your computer by your Internet Service Provider and can, in certain circumstances, amount to Personal Data. In general, we use log files to monitor traffic on our Website and to troubleshoot technical problems. In the event of user abuse of our Website, however, we may block certain IP addresses.
We use the information set out in this Section 3.1.1 to optimize your experience of the Services. The collection of the information set out in this Section 3.1.1 is mandatory. DS is not able to properly provide you with the Services without this basic information.
3.1.2 Cookies and Tracking Technologies
We may use various tracking technologies to automatically collect the types of information set out in Section 3.1.1 above, including:
Cookies, which are small data files stored on your device that act as a unique tag to identify your browser. We use several types of cookies, including session cookies and persistent cookies. Session cookies make it easier for you to navigate our website and expire when you close your browser. Persistent cookies help with personalizing your experience, remembering your preferences, and supporting security features. Persistent cookies may remain on your device for extended periods of time, and generally may be controlled through your browser settings.
Your browser settings may allow you to automatically transmit a “Do Not Track” signal to online services you visit. Note, however, there is no industry consensus as to what site and app operators should do with regard to these signals. Accordingly, unless and until the law is interpreted to require us to do so, we do not monitor or take action with respect to “Do Not Track” signals. For more information on “Do Not Track”, visit http://www.allaboutdnt.com.
3.2 Account Registration and Commercial Transaction
You will need to register for an account in order to access and use some of the Services (“Account”). If you register for an Account, in addition to the information we collect under Section 3.1 above we will also collect the following Personal Data:
- Account ID
- LogIn ID
- Display name
- Email address
- Community moniker
- User handle
- Referral Code (if any)
- Creation date
If you conduct and carry out commercial transactions via any of the Services, in addition to the Personal Data set out above, we may also collect the following Personal Data and Non-Personal Data:
- First name
- Last name
- Billing address (including street, ZIP code, country)
- Shipping address for physical goods (including street, ZIP code, country)
- Telephone number
- Date and data of transaction
- Object acquired
- Confirmation email address
We use this Personal Data and Non-Personal Data to
- fulfill our contractual obligations and comply with applicable law;
- track the transactions you have made via the Services;
- remember which products you have added to your basket;
- provide customer service to you in relation to your use of the Services, to deal with enquiries and complaints relating to the use of the Services and to notify you about any changes to the services that we provide via the Services;
- send you reminder and verification notifications such as password reminders.
We are obliged by applicable law to identify our commercial customers for purposes of enabling our contractual relationships with them. We are also obliged by applicable law to collect and store detailed information regarding all commercial transactions, especially for accounting and tax purposes.
The collection of the information set out in this Section 3.2 is mandatory. DS is prohibited by law from providing you with commercial services without collecting such information. For legal reasons this information will be stored as long as your account remains open and thereafter for the retention periods set forth by law for accounting and tax purposes.
3.3 Marketing Communications
Subject to your approval we will collect, transfer and process Personal Information and Non-Personal Information for performance marketing as follows:
DS will receive advertising data from our performance marketing partners, including Google. This data includes campaign, ad group and click IDs, keywords and placements. For more information on Google’s Ad Privacy Policies see here.
To ensure DS can report on the effectiveness of the advertising campaign DS will pass conversion data to our performance marketing partners, including when you register a new account or complete a commercial transaction. Included in the conversion data is a timestamp, conversion ID, revenue, SKU/product, new game package flag, credit/cash flag.
Conversion data is collected using cookies. Advertising data (clicks and impressions) is collected using cookies and (if applicable) Google signed-in data.
Data collection on performance marketing is not mandatory. You have to actively opt-in using Real Cookie Banner to allow marketing cookies. You can opt-out of data collection using marketing cookies at any time using the Real Cookie Banner tool.
Subject to your approval we may also use the information collected under Sections 3.1 to 3.3 to provide marketing information and special offers through communications to you (e.g. by email). This use of the information collected under Sections 3.1 to 3.3 is not mandatory. You must actively opt-in using Real Cookie Banner to allow this marketing information. You can opt-out of data collection for marketing information at any time using the Real Cookie Banner tool (find the links to your privacy settings in Section 3.1.2).
3.4 Retention Periods
DS stores your Personal Information and Non-Personal Information for as long as this is necessary for the provision of the Services, including as required in accordance with contractual or statutory requirements (e.g. tax law, accounting law and guidelines or other commercial purposes such as invoices). See also Sec. 3.1-3.3 for further reference.
4 Will DS share my information with third parties?
DS may share your Personal Data
- with any of our affiliated companies or distributors, including brandcompete GmbH. The legal basis under GDPR is Art. 6 (1) lit. f GDPR with having organizational and financial requirements as legitimate interest;
- with third party payment providers which are bound by strict privacy policies to carry out payment transactions with you. The legal basis under GDPR is Art. 6 (1) lit. b GDPR;
- with any authority to which we are obliged by law to disclose your Personal Information and Non-Personal Information (e.g. tax authorities for commercial transactions). The legal basis under GDPR is art. 6 (1) lit. c GDPR;
- at your request or your direction.
5 How does DS protect your personal data?
The security of your Personal Data is important to us. We have implemented physical, electronic and managerial procedures in order to help safeguard and prevent unauthorized access, use, alteration, modification and/or disclosure of your Personal Data. We follow applicable law to protect the Personal Data submitted to us, both during transmission and in storage.
Despite these measures, transmission via the internet is not completely secure and we cannot guarantee the security of your Personal Data provided through the internet.
If you have any questions about security on our Website, please contact us at firstname.lastname@example.org.
6 Data transfer
We host our website on AWS. The provider is Amazon Web Services EMEA SARL, 38 Avenue John F. Kennedy, 1855 Luxembourg (hereinafter AWS).
When you visit our website, your personal data will be processed on AWS servers. Personal data can also be transmitted to the parent company of AWS in the USA. Data transfer to the USA is based on the EU standard contractual clauses. Details can be found here.
7 Review, correction of your information, requesting removal from mailing lists and deactivating your account
You can correct, update or delete your Account information at any time by logging on our Website and navigating to your Account settings. Should you be unable to log in your Account, please contact us at email@example.com. We will be happy to review, update or remove information as appropriate. If you wish to have your account deactivated, please contact firstname.lastname@example.org. Please note that we will retain and use information as set out in Sections 3.1 to 3.4.