gamigo Publishing GmbH (hereinafter: “we,” “us”) respects the integrity of personal data, protects privacy and ensures the security of its customers’ personal data.
This Privacy Policy applies to all of our games and other services that we offer through the Glyph platform (“Glyph”), which is operated by gamigo US Inc. 350 Marine Park Way, Redwood City, CA, 94065, United States of America and our website: https://playskydome.com/. For all other games and other services that we offer outside of Glyph, the privacy policy applies, which can be found at the following link: http://www.looki.com/us/privacy
In this Privacy Policy, which applies to our games and other services we offer on Glyph, we want you to understand what information we collect and process about you when you use our games and other services and for what purpose we collect such data. In addition, we would like to inform you about the rights you are entitled to if you have entrusted us with your personal data as part of our offers.
1. Controller
gamigo Publishing GmbH
Behringstraße 16b
22765 Hamburg
Germany
Telephone: +49 (0)40 411 885 0 (Not for support queries)
Telefax: +49 (0)40 411 885 255 (Not for support queries)
We are the controller within the meaning of Article 4 No. 7 of the General Data Protection Regula-tion (GDPR) and other data protection regulations. As the controller, we decide, if necessary jointly with third parties, on the purposes and means of processing personal data. This is contingent upon the processing being lawful.
2. Contact Details of the Data Protection Officer
You can reach our external data protection officer, Mr. Jörg F. Smid, by writing a letter to
DPL Consult
Drehbahn 9
20354 Hamburg
Germany
and emailing datenschutz(at)gamigo.com.
3. Definitions
Decisive for the definitions of the terms used in this Privacy Policy, such as the term personal data, is Art. 4 of the General Data Protection Regulation (GDPR).
When we talk about our games and other services in this Privacy Policy, it always refers to our games and other services that we offer through Glyph.
4. Handling Personal Data
The provision of personal data on the internet always carries the risk of unauthorized processing by third parties who gain unauthorized access to this data, as no technological system can be fully pro-tected against external attacks.
We take technical and organizational measures to protect your data from misuse. We process your data in accordance with the requirements of German and European data protection law and con-tinue to further educate ourselves. The data processing is carried out according to the current state of the art.
5. Origin of Personal Data
We obtain personal data in the following way:
5.1. Information provided by you
We receive personal data from you when you provide it in the course of using our games and other services we offer through Glyph. Providing this information is always voluntary. However, some of our services may require certain information from you in order to function properly.
Examples: Registration/update of user accounts, support and community management requests, use of the social functions offered by us; purchases in our shops, e-mail address, self-chosen nick-names in our offers, name, date of birth, address.
5.2. Automatically collected and generated data
When you use our games and other services we offer on Glyph, data is automatically collected and generated.
Examples: Device information, game data in our games, user account and character IDs, infor-mation from your support or community management request.
5.3. Data collected by third parties
We can also receive information from third parties. Our games and other services on Glyph require that you create a user account with Glyph. The user account is a mandatory requirement so that you can receive, use, and continue to use all services from us. If you delete your user account, you will be subject to the consequences described in the Terms of Use for the “Glyph” platform under “Contractual Term, Termination.” Instead of creating a user account, you can also log in with an account you have already created. This offers the advantage that you do not need to create a user account for Glyph, as it is created automatically.
To make this possible, we need your consent to use the data provided by the third party. With your consent, your user account with us will be linked to the account you have with the third party. We thereby gain access to parts of your personal data that are required to create an account.
Examples of processed data: E-mail address, IP address, token, user ID.
6. Scope and Purpose of the Processing of Personal Data and the Legal Bases for Processing
The scope and purposes of the processing of your personal data will depend on which of our games and other services offered through Glyph you use, i.e. not each of our games and other services includes all of the personal data processing practices described herein. In the following, we would like to give you an overview of the personal data that we process in connection with all of our services. Furthermore, we have listed the different categories of data and examples of per-sonal data that can be processed when using the corresponding service.
Personal data is all information about you and your factual and personal circumstances, for exam-ple name, address or age. Data that cannot be assigned to a specific natural person is not personal data. For example, this can be statistical data that describes a group.
Regardless of which of our games and other services that we offer through Glyph you use, we will treat your personal data confidentially and in accordance with the statutory data protection regula-tions. We will not share it with third parties without your consent, unless permitted by law (e.g. because it is necessary to perform the contract).
In the following you can also read on which legal basis the respective processing of the listed data is based.
The main legal bases in scope are regulated in Art. 6 para. 1 sentence 1 GDPR. These are, as far as relevant for us, the following cases:
Art. 6 Para. 1 Sentence 1 lit. a) GDPR: Data processing is based on a consent that you have granted us.
Art. 6 Para. 1 Sentence 1 lit. b) GDPR: The data processing is necessary for the performance of a contract to which you are a party, or is necessary for the performance of pre-contractual measures taken at your request.
Art. 6 Para. 1 Sentence 1 lit c) GDPR: Data processing is necessary for the fulfillment of a legal obli-gation to which we are subject.
Art. 6 para. 1 sentence 1 lit. f) GDPR: The data processing is necessary to protect our legitimate interests or those of a third party, unless your interests or fundamental rights and freedoms re-quiring the protection of personal data, outweigh these.
6.1. Use of our websites on Glyph
6.1.1. Forums
Our websites on Glyph offer you the opportunity to use our online forums. There you can create a publicly viewable profile in which you can voluntarily add additional information. In our forums you can make public posts and send private messages to other users. You can also have yourself in-cluded in public member lists.
Examples of processed data: content of the forum (version, division, location, time zone, authori-zations, forum user account, posts), IP address, content written, name, date of birth, address.
The processing of personal data described above is legal under Art. 6 para. 1 sentence 1 lit. b) GDPR.
6.1.2. Transactions
On our websites on the Glyph platform, you can deposit real money on your user account and pur-chase virtual currency or items directly. You can also buy items or unlock features (e.g. character transfer) from previously purchased virtual currency on our websites. To do so, you will usually have the option of using various payment providers to pay for our games and other services we offer on Glyph.
The payment service providers process the data as a separate controller. Please read the respec-tive privacy policy of the payment service provider carefully.
| Payment Provider | Privacy Policy |
|---|---|
| Adyen N.V. | https://www.adyen.com/policies-and-disclaimer/privacy-policy |
| BOA COMPRA S/A | https://boacompra.com/policy |
| Boku Payments, Inc. | https://www.boku.com/payments-privacy-notice/ |
| Chase Paymentech Europe Limited | https://merchantservices.chase.com/privacy-statement |
| Hipay SAS | https://hipay.com/en/terms |
| Paysafecard | https://www.paysafe.com/en/paysafegroup/privacy-policy/ |
| PayPal | https://www.paypal.com/en/webapps/mpp/ua/privacy-full |
Examples of processed data: IP address, order information (especially time, product ordered and the quantity, transaction number, encrypted mobile phone number), subscriptions, chargebacks, refunds, gifts, payment details (especially also payment method, voucher redemption), shipping data (e.g. for CD shipping), licenses for consumable goods in games.
The processing of personal data described above is legal under Art. 6 para. 1 sentence 1 lit. b) GDPR. The legal basis is Art. 6 para. 1 sentence 1 lit. c) GDPR in conjunction with Secs. 147 para. 1 no. 4, para. 3 AO (German Fiscal Code); Sec. 257 para. 1 no. 4, para. 4 HGB (German Commercial Code); Sec. 14b para. 1 UstG (German Vat Act), insofar as the transaction data are posting docu-ments.
6.1.3. Log files
We use log files to analyze and optimize the functionality of our websites on Glyph, to find errors, to ensure the security of our systems (e.g. to fend off cyberattacks) and to ensure compliance with the Terms of Use for the “Glyph” platform, the Terms of Use for the games on the “Glyph” plat-form, the game rules and applicable law.
Examples of processed data: Connection type, IP address, URL of the referring website from which the file was requested, date and time of access, browser type and operating system as well as hardware information, the page you visited, hardware features, duration and frequency of use.
On the one hand, the described processing of personal data is legal according to Art. 6 para. 1 sen-tence 1 lit. b) GDPR, because we need the data in order to fulfill the user agreement concluded with you, and on the other hand according to Art. 6 para. 1 sentence 1 lit. f) GDPR, because our users and we have a legitimate interest in our websites being secure and functional.
6.1.4. Downloads
You can download various programs on our websites on Glyph. As part of this, personal data is pro-cessed so that we can check whether the download is working, and if not, where there are errors, in order to optimize our service quality. Error sources can e.g. originate from a certain region, ema-nate from a certain internet provider, or result from only the partial transfer of the file.
Examples of processed data: Transferred data quantity, time of download, access status (transfer file, file not found), IP address, hardware features, speed.
The described processing of personal data is legal according to Art. 6 para. 1 sentence 1 lit. b) GDPR, insofar as it concerns our obligation from a user agreement concluded with you (e.g. for the provi-sion of the game software) and according to Art. 6 para. 1 sentence 1 lit. f) GDPR, given that we have a legitimate interest in providing our services safely and reliably, free of technical errors.
6.1.5. Cookies
6.1.5. Cookies When you visit our websites on Glyph, we want to make sure that you always get the information that is most relevant to you. For this reason, we use cookies on our websites.
Cookies are small text files that are stored on your local device. They ensure that we recognize you the next time you visit our websites and that we can offer you a personalized experience on our websites.
There are permanent cookies, which remain stored for a longer period of time and so-called ses-sion cookies, which are only placed as long as your visit lasts and are deleted as soon as you leave.
Sometimes we place cookies ourselves, other times, however, we use cookies from third parties (so-called third-party cookies).
We use cookies so that we can show you our websites, you can take advantage of comfort func-tions, we can carry out statistical evaluations and for marketing purposes.
If cookies contain personal data that is required for the operation of our websites, the legal basis for the processing of your personal data is Art. 6 (1) p. 1 lit. f) GDPR. All other cookies are only set if you give us your consent. If cookies contain personal data, the legal basis in this case is Art. 6 para. 1 p. 1 lit. a) GDPR.
6.1.6. Advertising
To improve our advertising offer, we sometimes use small images on our websites, which inde-pendently collect data.
This aims at only showing you advertising that is relevant to you. It also allows us to see if you have clicked on our advertisement.
Examples of processed data: IP address.
The processing of personal data described above is legal as per Art. 6 para. 1 sentence 1 lit. f) GDPR, as our partners and we have a legitimate interest in determining the success of services and campaigns.
6.2. Using our games on Glyph
6.2.1. User account information
If you want to play our games, you will need a user account to use Glyph. The user account is a mandatory requirement so that you can receive, use, and continue to use all services from us. If you delete your user account, you will be subject to the consequences described in the Terms of Use for the “Glyph” platform under “Contractual Term, Termination.” After activating a user ac-count, you can register for one or more games (“game registration”).
A Glyph user account is created when you manually create once for Glyph or register for one of our games or other services we offer on Glyph. You need your account in order to write forum posts on our game pages, or to participate in online games and make payments. You can enter some information under the user account manually, and some information is generated automatically. You can view most of the data when you log in and update it in the user account settings.
Examples of processed data: Account name, your name, age, gender, email address and former email address, account region, preferred language, date of birth, phone number, home address, shipping address, account links (for example with Facebook), opt-in and opt-out details.
The processing of personal data described above is legal under Art. 6 para. 1 sentence 1 lit. b) GDPR.
6.2.2. Downloads
For the most part, you must download our games and other services offered on Glyph in order to use them. Our games are updated regularly, so updates are provided and must be installed. As part of this, personal data is processed so that we can track whether the download (and thus our offered game or other service) works, and if not, where there are errors. Error sources can e.g. originate from a certain region, emanate from a certain internet provider, or result from only the partial transfer of the file.
Examples of processed data: Transferred data quantity, time of download, access status (transfer file, file not found), IP address, hardware features.
The described processing of personal data is lawful according to Art. 6 para. 1 p. 1 lit. b) GDPR and because of the need to ensure a safe operation of our games, according to Art. 6 para. 1 p. 1 lit. f) GDPR.
6.2.3. Gaming data
When you play our games, data is generated that stores your game progress. Among other things, we keep records of game licenses, progress, history, statistics, in-game purchases and interactions with other users.
On the one hand, we process this data to enable us to provide support for the affected user in the event of an error. On the other hand, we must ensure that the user is compliant with our Terms of Use, the rules of the game and applicable law (e.g. data protection and criminal regulations) in or-der to guarantee a flawless gaming experience. In particular, the maximum permitted user ac-counts per person according to our Terms of Use (“multi-accounting”) must not be exceeded, and the use of fraud software which is used to gain in-game advantages or for attacks on technical sys-tems must be prevented. For this purpose we use various protection programs that also process personal data.
Examples of processed data: Purchased items (e.g. skins, portraits, gold, boosters), other unlocks, character names, social exchanges, connected games, chat logs, progress, game history, tasks in progress, game statistics, guild information, in-game messages, friend lists, inventory items (equipment, skills, etc.), screenshots, technical user data such as browser data, IP address, user account information.
The processing of personal data described above is legal under Art. 6 para. 1 sentence 1 lit. b) GDPR. The processing of personal data for the purpose of preventing fraud and manipulation is also legal under Art. 6 para. 1 sentence 1 lit. f) GDPR, as we and our users have a legitimate interest in ensuring that the services we offer are free from manipulation and that the general terms and conditions, rules of the game and applicable law are complied with.
6.2.4. Use of “Social Logins”
To use our games and other services on Glyph, you must create a user account on the Glyph plat-form. Instead, you can log in with an account you have already created. This offers the advantage that you do not need to create a user account for Glyph, as it is created automatically.
To make this possible, we need your consent to use the data provided by the third party. With your consent, your user account with us will be linked to the account you have with the third party (e.g. a social media platform). We thereby gain access to personal data.
Which data is collected by the respective provider depends on the operator and is beyond our con-trol. The providers process the data as independent controllers. Please read the privacy policy of the respective provider carefully. You will find an overview of our partners in the “Social Login” section:
| Partner | Privacy Policy |
|---|---|
| Steam | https://store.steampowered.com/privacy_agreement/ |
| Microsoft (XBOX) | Microsoft Privacy Statement – Microsoft privacy |
| Sony (Playstation Network) | https://www.playstation.com/en-us/legal/privacy-policy/ |
Examples of processed data: E-mail address, IP address, token, user ID.
The processing of personal data presented is legal under Art. 6 para. 1 sentence 1 lit. a) GDPR.
6.2.5. Support
We are happy to support our users and are always happy for you to contact us. If you create a tick-et for our games and other services, or contact us via contact form, mail or e-mail, we need infor-mation to help you with your request and to answer it. We also use this information to optimize our services. Please contact us for your support requests primarily via our ticket system (https://support.gamigo.com/hc/en-us)
You can also reach and contact us via social media (e.g. Facebook) Personal data is collected by the provider of the respective service. Please review their privacy policy before contacting us. We only receive the data that is generally required when contacting us (such as the user name).
Examples of data processed: problems encountered, experiences, sanctions (ban, mutes), contact details, contact methods (ticket, e-mail, contact form, post, social networks), description of the problem in the service ticket, notes on the user account, ticket chat log, documents used to au-thenticate user accounts (e.g. information on the user account, screenshots of invoices).
The processing of personal data presented is legal under Art. 6 para. 1 sentence 1 lit. b) GDPR to the extent that the contact is necessary for the performance of the contract or the implementa-tion of pre-contractual measures. Insofar as the contact is made for the other purposes men-tioned, the processing is legal according to Art. 6 para. 1 sentence 1 lit. f) GDPR, as our users and we have a legitimate interest in helping our users with (technical) problems and supporting them within the scope of our services.
6.2.6. Transactions
In our games and for the other services we offer on Glyph, you can purchase items or unlock fea-tures (e.g. character transfers) for virtual currency or, in some cases, real money.
Examples of processed data: IP address, order data (in particular time, product ordered and the quantity, transaction number, possibly encrypted mobile phone number), subscriptions, charge-backs, refunds, gifts, payment details (in particular also payment method, coupon redemption, delivery address), licenses for consumer goods in games.
The processing of personal data presented is legal under Art. 6 para. 1 sentence 1 lit. b) GDPR. The legal basis is Art. 6 para. 1 sentence 1 lit. c) GDPR in conjunction with Secs. 147 para. 1 no. 4, para. 3 AO (German Fiscal Code); Sec. 257 para. 1 no. 4, para. 4 HGB (German Commercial Code); Sec. 14b para. 1 UstG (German Vat Act), insofar as the transaction data are posting documents.
The payment service providers process the data as a separate controller. Please read the respec-tive privacy policy of the payment service provider carefully.
| Payment Provider | Privacy Policy |
|---|---|
| Adyen N.V. | https://www.adyen.com/policies-and-disclaimer/privacy-policy |
| BOA COMPRA S/A | https://boacompra.com/policy |
| Boku Payments, Inc. | https://www.boku.com/payments-privacy-notice/ |
| Chase Paymentech Europe Limited | https://merchantservices.chase.com/privacy-statement |
| Hipay SAS | https://hipay.com/en/terms |
| Paysafecard | https://www.paysafe.com/en/paysafegroup/privacy-policy/ |
| PayPal | https://www.paypal.com/en/webapps/mpp/ua/privacy-full |
6.2.7. Push messages
Some of the games and other services we offer through Glyph allow you to stay up to date using push messages. They inform you about important events or remind you of certain events. The device token allows us to identify the phone based on the app-device combination issued by the providers of push notification gateways. This enables gateway providers to forward messages and ensure that the notification is only sent to devices that have the unique app-device combination.
Examples of processed data: Mobile phone number, content of the sent message, date of the sent message, user account, device tokens.
The above processing of personal data only takes place if you have consented to being contacted via push messages. The legal basis is Art. 6 para. 1 sentence 1 lit. a) GDPR.
6.3. Transfer to users or the public
When you use our games or other services we offer on Glyph, your personal information (e.g. character name, nickname, e.g. in forums) may be visible to other users or the public. This is the case, for example, when you post in our forums, post messages in the public chat of our games, participate in competitions or use leader boards (Competition Boards).
Examples of processed data: Name of the game figure, nickname, e.g. in forums.
The processing of personal data described above is legal under Art. 6 para. 1 sentence 1 lit. b) GDPR. In addition, the processing is legal as per Art. 6 para. 1 sentence 1. lit. f) GDPR, having in mind that our users and we have a legitimate interest in an open exchange between our users about our games and services and other topics.
6.4. Participation in competitions
We will be hosting competitions at irregular intervals where you can win physical or digital prizes. The task that needs to be accomplished in order to participate in the respective competition can be found in the announcement of the competition. Depending on the nature of the prize and the required task, different corresponding personal data will be processed to run the competition. The announcement of the respective competition will also include information about what kind of per-sonal data will be used. Please read the announcement of the competition as well as the terms of participation carefully before participating in the respective competition.
Examples of data processed: E-Mail Address, Address
This processing of personal data is legal according to art. 6, para. 1, sentence 1 b) of the GDPR. In the case that a different legal basis is relevant, this will be stated in the competition announce-ment.
6.5. Participation in surveys
You have the opportunity to participate in our surveys. In these surveys, we would like to learn more about how you use our services and our games and how you feel about them. The results of the surveys will be used to improve our services and games.
Examples of data processed: E-Mail Address, your answers
This processing of personal data is legal according to art. 6, para. 1, sentence 1 f) of the GDPR. In the case that a different legal basis is relevant, this will be stated in the respective survey or in the announcement of the respective survey.
6.6. Case records
We keep case records for legal disputes with which we are confronted.
Examples of processed data: Name, address, correspondence
The described processing of personal data is legal according to Art. 6 para. 1 lit. f) GDPR, as we have a legitimate interest in protecting and asserting the rights of third parties and our rights.
6.7. Marketing and newsletters
We can inform you by newsletter about similar goods and services according to Sec. 7 para. 3 UWG (German Unfair Competition Act), for example about other games from us. You can unsubscribe from receiving further newsletters at any time free of charge using the link contained in the news-letter (“Unsubscribe button”). In addition, we inform you by newsletter about all offers, services and other activities by us or the other companies in the gamigo group and about all other offers, services and other activities by third parties in connection with the offers, services and other activi-ties of one or more companies in the gamigo group (so-called gamigo group newsletter) if you have previously consented to this newsletter being sent to you. You can also unsubscribe from this newsletter free of charge at any time using the unsubscribe button contained in the newsletter.
Newsletters are sent at our request by our service provider. Your e-mail address, which receives our newsletter, and other personal data are temporarily stored on the service provider’s servers. This information is used to send and evaluate the newsletter. For this purpose, so-called tracking pixels are used, i.e., in our newsletter there is a non-visible image file which transmits technical information to the service provider when the newsletter is opened (e.g., whether the newsletter has been opened). Your data will not be used by the service provider independently to send the newsletter.
We also place banner ads on websites, i.e., we provide our partners with a graphic that they can integrate on their website. The banner contains a hyperlink so that the user can reach one of our websites. To enable a statistical evaluation, an ID is generated using a pixel-code to determine how users became aware of our products and, if applicable, whether they have completed a payment transaction.
Examples of processed data: IP addresses, the language used, hardware, how the newsletter was handled, i.e., when it was read, and which links were clicked on.
The described processing of personal data, i.e. the sending of newsletters, has as its basis Art. 6 para. 1 sentence 1 lit. f) GDPR in conjunction with Sec. 7 para. 3 UWG for the advertising of similar goods and services, on the other hand, Art. 6 para. 1 p.1 lit. a) GDPR in connection with Sec. 7 para. 2 no. 3 UWG if you have consented to the gamigo group newsletter being sent to you. We base the use of the pixel-code on Art. 6 Para. 1 S.1. lit. f) GDPR, as we have a legitimate interest in cus-tomizing our information according to the recipient.
6.8. Media information
We collect contact details of journalists to provide them with specially prepared information about our services.
Examples of processed data: Name, company, email, telephone number.
The above processing of personal data is legal under Art. 6 para. 1 lit. a) GDPR.
6.9. Processing for legal reasons
We pass on personal data insofar as we are legally obliged to do so. This can happen, for example, because of a court or public prosecutor’s order. In doing so, strict attention is paid to ensuring that all statutory requirements are met before passing on the data. In general, only certain data is re-quested (e.g., technical user data), but in principle the obligation to pass on data may apply to all data collected. Before each transfer of personal data, we critically check whether we are obliged to do so.
We also pass on personal data in the context of legal proceedings (e.g., to external lawyers) if this is necessary to assert our rights (e.g., to protect intellectual property rights).
Examples of processed data: Contact details, user account information.
We will only process personal data for legal reasons as described above if it is compliant with the applicable law. Legal basis is Art. 6 para. 1 sentence 1. lit. c) GDPR for the fulfillment of a legal obli-gation or under Art. 6 para. 1 sentence 1. lit. f) GDPR because we have a legitimate interest in en-suring that our rights are safeguarded or enforced.
7. Storage Duration and Deletion of the Collected Data
We store personal data only as long as there is a concrete purpose for this. The duration of the storage depends on the purpose of the processing, the requirements of the processing, as well as on your and our interests and rights and, if applicable, the interests and rights of third parties. We always store personal data as briefly as possible (principle of data economy data/minimization), but at the same time we observe the statutory requirements which stipulate a minimum retention period (e.g. in commercial and tax law of up to 10 years, Sec. 257 para. 4 of the German Commercial Code, Sec. 147 para. 3 of the German Fiscal Code).
In any case, the following shall apply: If the purpose of processing has ceased to exist or if data is no longer required to achieve this purpose and there are no further statutory storage obligations to the contrary, we delete the relevant data (e.g. we delete support tickets at the latest 9 months after we have processed your request).
8. Recipient of Personal Data
To achieve the processing purposes described above, we pass on personal data to various catego-ries of recipients. The concrete passing on of personal data about you depends largely on which of our services you use.
We share personal data with the following categories of service providers as processors: service providers in the context of fraud and manipulation prevention, to service providers to conduct surveys, to service providers for analysis services, to payment service providers, to service provid-ers for sending newsletter, to service providers for advertising services, data centers, as well as to subsidiaries and affiliated companies within the meaning of Sec. 15 AktG (German Stock Corpora-tion Act). The transfer of the personal data to the respective recipient as processor is lawful under Art. 28 GDPR.
We pass on personal data to the following categories of service providers as independent control-lers: Lawyers, authorities, the police, payment service providers, and providers of “social logins.”
8.1. Disclosure to third parties in the context of the use of non-essential cookies
Where you consent to us setting non-essential cookies (see the “Cookies” section), we share per-sonal data with third parties. This includes advertising partners, IT service providers, social media providers and partners to analyze our website for performance (i.e., measuring visits, traffic sources, and usage patterns).
In the following sections, we will explain in more detail the Google services that we use:
8.1.1. Google Universal Analytics
Google Universal Analytics is a widely used web analytics service from Google Ireland Ltd. in Dublin. The methods provided by Google Universal Analytics enable a cross-device analysis of website usage by placing cookies. The information generated while using the website is usually transferred to a Google server in the United States of America and also stored there. Google uses the collected information to analyze the use of websites on our behalf, to create reports and to provide services for the purposes of market research and website optimization. The anonymous IP address auto-matically transmitted to Google is not combined with other Google data and is only used by us for statistical analysis. The processing of the data by Google can be prevented by a suitable browser add-on. If you use a mobile device, it is possible to deactivate Link Google Analytics using the fol-lowing link. This prevents activity data from being shared with Google Universal Analytics via the JavaScript (gtag.js, ga.js, analytics.js and dc.js) executed on websites. For more information about Google Universal Analytics, please consult the Google privacy policy.
8.1.2. Google “Remarketing and similar target groups function”
We use the remarketing feature of Google Ireland Ltd. in Dublin, which allows us to target visitors to a website with personalized and interest-based advertising as soon as they visit another Google Display Network site. For this purpose, Google uses cookies that perform an analysis of website usage, which forms the basis for creating interest-based online advertising. To carry out this pro-cess, Google places a short file with an identification number on your end device, through which website visits and anonymized data on the use of the respective websites are recorded. To the extent that visitors have agreed to have their web and app browsing histories linked by Google to their Google Account, and information from their Google Account is used to personalize ads dis-played, Google will use data from these logged-in users along with Google Analytics data to create and define target audience lists for cross-device remarketing. This allows visitors to the website to be addressed with personalized, interest-based advertising across devices. Subsequent visits to other sites on the Google Display Network will display advertisements that most likely reflect the product and information areas previously viewed by the site visitor. If you do not wish to use Google’s remarketing function, you can deactivate it by adjusting the corresponding settings at http://www.google.com/settings/ads. Google’s use of cookies can also be permanently disabled by accessing the following links to the cookie management settings:
http://www.google.com/policies/technologies/managing/
http://www.google.com/policies/technologies/ads/
For more information about Google Remarketing, please consult the Google privacy policy.
8.1.3. Additional Google Analytics functions for display advertising
The following Google Analytics functions are used on our websites to display advertising:
- Report editor in Google Display Network
- Integration of Double Click Campaign Manager,
- Google Analytics reports on performance by demographic features and interests
The aforementioned reporting functions serve to evaluate and use the data collected by Google in the context of interest-based advertising as well as visitor data from third-party providers in Google Universal Analytics, such as age, gender and interests. The end customer can deactivate Google Analytics for display advertising at any time and adjust the ads in the Google Display Net-work under the display settings at http://www.google.com/settings/ads.
For more information about functionalities of Google analytics for display advertising, please con-sult Google’s privacy policy.
8.2. Other third country transfers
Mandatory parts of your data will be processed for the use of Glyph by gamigo US Inc. in the USA. The USA is a third country within the meaning of the GDPR. The transfer to gamigo US Inc. takes place on the basis of suitable guarantees within the meaning of Art. 46 (2) GDPR, namely on the basis of standard contractual clauses and a contract on commissioned data processing that we have concluded with gamigo US Inc. If personal data is processed in a third country, we ensure compli-ance with Art. 44 et seq. GDPR, i.e. before any transfer of personal data to third parties in a country outside the EU or the EEA (Norway, Iceland, Liechtenstein), we check whether an adequate level of protection is ensured. This may be ensured by the existence of an adequacy decision by the EU Commission or by the fact that the third country transfer is subject to other guarantees regulated in Art. 46. ff. GDPR is permissible. Copies of these guarantees can be requested from us at the above address (see Controller).
9. Your rights
In this section, we inform you about the rights you have in relation to the processing of your data. You will find the exact scope of the law mentioned in each case in the corresponding article of the General Data Protection Regulation (GDPR). To exercise your rights, please email us at datenschutz@gamigo.com.
9.1. Right of access by the data subject to Art. 15 GDPR
You have a right to access your personal data stored by us pursuant to Art. 15 GDPR.
9.2. Right to rectification pursuant to Art. 16 GDPR
You have a right pursuant to Art. 16 GDPR to have incorrect personal data rectified or correct per-sonal data completed.
9.3. Right to erasure pursuant to Art. 17 GDPR
Pursuant to Art. 17 GDPR, you have the right to have your personal data stored by us erased. Please note that we cannot undo an erase, i.e. all your game scores and progress are permanently lost.
9.4. Right to restriction of processing pursuant to Art. 18 GDPR
You have the right to restrict the processing of your data pursuant to Art. 18 GDPR if you dispute the accuracy of the data, if the processing is unlawful but you refuse to erase it, if we no longer need the data but you need it for the assertion, exercise or defense of legal claims or if you have lodged an objection to the processing in accordance with Art. 21 GDPR.
9.5. Right to data portability pursuant to Art. 20 GDPR
You have the right to data transfer pursuant to Art. 20 GDPR, i.e. the right to receive selected data stored by us about you in a common, machine-readable format, or to request the transfer to an-other controller,
9.6. Right to object pursuant to Art. 21 GDPR
You have a right to object processing of data pursuant to Art. 21 GDPR.
9.7. Right to withdraw the granted consent under data protection law
If we process data on the basis of a consent given by you, you have the right to withdraw the con-sent given at any time. The withdrawal of consent does not render invalid the data processed on the basis of the consent until the time of withdrawal.
9.8. Right to lodge a complaint with a supervisory authority pursuant to Art. 77 GDPR
You have the right to lodge a complaint with a supervisory authority pursuant to Art. 77 GDPR. To consult the contact details of the supervisory authorities in the German federal states, please ac-cess the following link:
https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html
10. Final Provisions
This Privacy Policy is merely to inform you and does not require your agreement. We can and must adapt the Privacy Policy in the event of a change in circumstances, i.e. other data protection pro-cesses, and will inform you thereof by appropriate means.
Region Specific Privacy Information:
California Residents
CALIFORNIA PRIVACY NOTICE
Personal Data
The following is a list of the categories of personal information which we collect, or have collected, in the twelve months prior to the effective date of this Privacy Policy, the catego-ries of sources from which such category is collected; and the categories of third parties with whom we share such information.
Categories we collect: User account information, support information, gaming information, transactions and purchases, posts in forums, email addresses, mobile advertising identifiers, session and persistent cookies, IP addresses, apps used or downloaded, web sites visited, browser and operating system type, type of devise used, information actively provided by users responding to a form in an ad, randomly assigned identifiers, precise and general lo-cation information and system information that our SDK may collect about your device or network provider. Further details may also be found in the gamigo policy available at this web site.
Sources: All the information above is collected at our web sites and apps when you visit, register, play games or from your mobile device when you are using an app and is provided to us from the advertiser or publisher partners users interact with by using their app or viewing an ad. We also acquire this information from partners or from advertising or data exchanges.
Location information: We acquire location information when you provide it to an app which shares this information with us.
Each Category is collected for the following business purposes: providing games, processing transactions, supporting forums and newsletters, delivering ads on publisher sites, reporting on ad delivery, securing, protecting, auditing, bug and fraud detection, debugging and re-pair of errors and the detection, protection and prosecution of security incidents or illegal activity; enforcing our terms and policies; complying with law.
Each Category is also collected for uses that advance our commercial interests including creating profiles to target ads on behalf of advertisers, using data collected from publishers and from other third parties.
Sale/Sharing Information: Do Not Sell My Personal Information rights
Gamigo may disclose the categories of information described above to vendors, such as analytics companies and may sell the information to advertisers, ad networks, other part-ners, and third parties. Please email us at datenschutz(at)gamigo.com for instructions for how you can exercise your California access, deletion and Do Not Sell rights.
Do Not Sell signal
If a partner has transmitted to us a Do Not Sell signal, we will limit our use of infor-mation from that partner and we will act only as a service provider as defined in the CCPA.
Access and Deletion
Subject to certain exceptions and restrictions, the CCPA provides California Residents the right to submit requests to a business which has collected their personal information: (i) to provide them with access to the specific pieces and categories of personal information col-lected by the business about such California Resident, the categories of sources for such information, the business or commercial purposes for collecting such information, and the categories of third parties with which such information was shared; and (ii) to delete such personal information.
If you are a California Resident, please email us at datenschutz(at)gamigo.com for instruc-tions for how you can exercise your California access, deletion and Do Not Sell rights.
California Residents may designate an authorized agent to make California Requests on their behalf.
We do not discriminate against you
You also have the right to not be discriminated against (as provided for in applicable law) for exercising certain of your rights. We do not discriminate against California Residents for exercising their rights.
We do not sell the personal information of minors under 16 years of age without af-firmative authorization.
For questions or further information please contact datenschutz(at)gamigo.com
Version: March 2021