Datenschutz
The following Data Protection Declaration applied to the use of the offers and products of the PlayCade Interactive GmbH.
The service provider as per § 13 of the Telemedia Act (TMG) and responsible as per Art. 4, Par. 7 of the EU General Data Protection Regulation (GDPR) is the PlayCade Interactive GmbH.
Table of Contents
I. Overview
- Contact options
- Scope of application of this Data Protection Declaration
- What data and information do we collect?
- Sensible data
- How do we make use of your data and on what legal basis do we do this?
- Necessary data
- Automated decisions
- Storage period
- How do we store your data and who do we share it with?
II. Your rights
III. Web and app analytics
IV. Your Right to Objection
V. Your security; Age restrictions
VI. Additional information
I. Overview
We at PlayCade Interactive GmbH (to hereby be referred to as “PlayCade“, "we" or "us") take your data protection very seriously. We want you to understand what information is collected from you when you use our products (games on the web and on mobile applications) and how we process it to guarantee you the best possible and complete gaming experience. This Data Protection Declaration provides you with an overview of what data we collect, why we collect and process it, and what control options you retain. We will also inform you about what legal rights you have in relation to your personal data and who you can go to so as to legally enforce these rights.
We make use of the term "personal data" in conjunction with Art. 4 of the GDPR.
1. Contact options
The PlayCade Interactive GmbH is a gaming publisher with its headquarters in Hamburg, Germany.
You can locate us here:
PlayCade Interactive GmbH Bleichenbrücke 10 20354 Hamburg Germany
Should you have any questions with respect to our data protection policies, you can reach us at datenschutz@playcade.de or feel free to contact our legal data protection officer:
Philip Reisberger, Tobias Reisberger PlayCade Interactive GmbH Bleichenbrücke 10 20354 Hamburg Germany E-mail: datenschutz@playcade.de
The responsible supervisory authority for the PlayCade Interactive GmbH is:
Der Hamburgische Beauftragte für Datenschutz und Informationsfreiheit
(The Hamburg Commissioner for Data Protection and Freedom of Information)
Ludwig-Erhard-Str 22, 7th floor
20459 Hamburg
Germany
Tel.: 040 / 428 54 - 4040
Fax: 040 / 428 54 - 4000
E-mail: mailbox@datenschutz.hamburg.de Homepage: http://www.datenschutz.hamburg.de
2. Scope of application of this Data Protection Declaration
This Data Protection Declaration is aimed at the users of our applications, any associated websites or mobile applications, and those who use our services via a Third-Party website that integrates our offers, regardless of the system via which a corresponding call-up or invocation is made (either mobile or desktop).
3. What data and information do we gather?
We collect data (personal and non-personal) when you install and use our applications. Some of this data is collected automatically while some other information is provided to us voluntarily, for example, should you make use of the Facebook login to maintain and use your score (gaming status) on multiple devices.
We collect and process the following forms of personal data:
Data for access management (login information) For example, e-mail addresses, Facebook ID for a link with Facebook, etc.
Player data, for example, display names and avatars
Data on game progress, i.e. ranking, winnings or the amount of virtual currency that you possess, in addition to contact and connection data that you have voluntarily entered so as to redeem a prize
Settings data, i.e. whether you would like to receive notifications
Device data, i.e. device ID, operational system
Data on your online behavior, i.e. logins, game sessions data about individual payments in our games, i.e. when loading up on game currency
Network data, for example, IP address, referrer
Localization data, i.e. country of origin, time zone, and language setting information
Partner information, i.e. advertising banners that you have clicked on to reach us
The manner in which we process this data is explained in Section I, Point 5.
4. Sensible data
Sensible data as per Art. 9 of the GDPR shall not be collected.
However, we cannot influence which content you voluntarily reveal in messages that you, for example, send to our customer service or publish on our social media presences. Although we strive to protect your privacy, we cannot distinguish messages you have written with particularly sensitive content from less sensitive messages. Please note that we cannot offer any additional protection to such communications.
5. How do we make use of your data and on what legal basis do we do this?
We only process personal data in compliance with the relevant data protection regulations. This means that user data shall only be processed if the legal permission to do so has been provided. This is most particularly the case when data processing is legally required or it is required of us to provide the contractual performance or online services, the user has provided consent and/or the data processing takes place based on our legitimate interests.
The legal basis for data processing is as follows:
Art. 6, Par. 1, lit. a and Art. 7 of the GDPR (Consent); Art. 6, Par. 1, lit. b of the GDPR (Processing for Reasons of Performance or Contract Fulfillment); Art. 6, Par. 1, lit. c of the GDPR (Processing for the sake of fulfilling Legal Obligations) as well as Art. 6, Par. 1, lit. f of the GDPR (Processing to protect Legitimate Interests, i.e. Interest in Analysis, Optimization, and the economical Operation as well as Security of our Offers).
a) Enabling of gaming operations (Contractual Performance, Article 6, Par. 1, lit. b of the GDPR)
We need certain data from our users in order to ensure a meaningful course of the gameplay and to identify the players as unique users. You have the option of using our applications anonymously, but you can also connect your score to Facebook to save it and use it on other devices. By installing our applications, you ‘ll be transmitting technical data (i.e., IP address, device platform, and ID, language settings, and time zone information, installation source, advertising ID). By using the apps (i.e., payment history, score, game stand, etc.) and, if necessary, the redemption of a prize (i.e. contact and connection data) or establishing a link to Facebook (i.e. social network ID, name, avatar, profile link, etc.), you voluntarily provide us with additional data.
b) Payments and invoices (Legitimate Interest, Article 6 Par. 1 lit. c and f of the GDPR)
When you load up on virtual currency in our in-game shop, this interaction is handled using Third Party payment services. Once a purchase has been successfully completed, we will receive this information in the form of a digital invoice. We shall store this invoice in compliance with legal requirements (Article 6, Par. 1, lit. c of the GDPR), provide this information in the event of a legal dispute (Legitimate Interest, Article 6, Par. 1, lit. f of the GDPR), and for the sake of optimizing our offer (Legitimate Interest, Article 6, Par. 1, lit. f of the GDPR).
These invoices contain information about which article has been purchased and for what price and with which payment method. We do not store any information that could be used for a payment on your behalf unless you have given your expressed written consent to facilitate your payment process for you (by activating QuickPay or similar; see contract fulfillment, Art. 6, Par. 1, lit. b of the GDPR). We do not have access to credit card data or card verification numbers (Card Verification Code - CVC). The processing or transfer of corresponding data to Third Parties is not possible.
c) Measures for your security (Legitimate Interest, Article 6, Par. 1, lit. f of the GDPR)
To ensure the security of our offer and to prevent fraud of all sorts, we sometimes save data such as your IP address and device information.
Your device data and your IP address are stored and logged so as to enable forensic investigations with regard to fraud and data protection. Your IP address is also automatically processed by our network devices. This process is necessary to offer our offers, but also to deny access to IP addresses that have been identified as dangerous and thus, to protect both our offer and our users.
We cannot offer to prevent this process as this would not be conducive to the security efforts mentioned above and, in most cases, is not technically feasible (i.e., preventing your IP address from being recognized by our network devices).
Should you object to this process, we kindly ask you not to make use of our games, mobile applications, general applications, and websites.
6. Necessary data
In the following, you will find some of the data categories and data that are required for the operation of our offers.
a) Data that is required to fulfill our contractual obligations and the associated services
aa) Data that you provide explicitly This includes i.e., data for access management and, if applicable, personal data.
bb) Data about your preferences This includes i.e. your opt-in and opt-out decisions.
cc) Data that you store when using our offers This includes i.e., network data as well as data about your in-game progress.
b) Data that we have to store for legal reasons This includes i.e., data that you store when making a purchase.
c) Data required for security This includes i.e. data that you automatically deploy or use when making use of our offers, i.e. device and network data.
Without this personal data, we cannot offer you our services.
7. Automated decisions
We do not use personal data for automated individual decisions.
8. Storage period
a) Data that we store for legal reasons will be kept for as long as we are required by law (up to ten years).
b) Data that we store in consideration of legal disputes can be stored for as long as legally permissible (generally up to 30 years).
c) In the case of logs (protocol files) that store network data, we delete the data in regular intervals. The exact storage period depends on the respective configuration rules and on whether the data was part of a data momentary view (so-called snapshot) that is stored in a backup and on whether the logs are part of a series of logs that, under normal circumstances, are forwarded to a central log depot. The storage period shall not exceed 2 years duration.
9. How do we store your data and who do we share it with?
a) Your personal data within the PlayCade Interactive GmbH
Your personal data will only be processed by people who need this data to pursue our legitimate interests or to fulfill any contractual or legal obligations we may have.
b) Your personal data outside the PlayCade Interactive GmbH
We shall only pass your data along if this is legally permissible, for example, when it comes to the fulfillment of contracts that you have with us (Art. 6 Par. 1 lit. b GDPR), or due to legitimate interests (Art. 6, Par. 1, lit. f of the GDPR).
We only pass along your personal data in the following cases:
aa) You have given us permission to do so.
bb) The transfer only takes place in aggregated or anonymous form such that your data cannot be linked to other data that you may have provided elsewhere.
cc) The data shall only be shared with trusted service partners who are contractually obligated to treat and handle your data with strict confidentiality.
c) We share data with providers in the following categories to ensure that the game runs smoothly:
aa) Hosting providers: These providers generally do not have direct access to our systems, but do provide a network infrastructure that processes your IP address.
bb) Payment providers: Should you make a transaction through a payment provider, we receive billing information from these providers. All payment details required for an actual payment on your behalf are processed solely by the payment providers themselves.
cc) Single Sign-On providers: These are providers who are only relevant if you use a single sign-on option that is offered (i.e., Facebook Connect). In this case, our interaction with the provider enables you to log into our service in a simplified manner. Should you change your mind, the providers usually offer you a means by which to decouple your single sign-on account from our service (by revoking us access to your metadata). You can find more information on this in the documentation provided by the corresponding provider.
dd) Game developers: They create and maintain games for us. We only share the data necessary for game administration and maintenance with our developers (IP address, device data, display names, in-game progress stands, payment processes, etc.).
ee) Support ticket system: We make use of an external provider to handle our customer service. Every support request that you send us via the official channel will be deposited with this provider.
ff) Crash reports: Our mobile games integrate crash reporting functions. These crash reports only contain anonymous information. However, you can object to this in the app’s settings.
gg) Geo localization: We receive data from geolocation services via the approximate geographical site of an IP addresses (we shall not share any information with these services; we are only consumers of this data).
hh) Advertisement services: We sometimes make use of advertising services to show you advertisements. Your impression of these videos will be recorded by these services.
The providers we make use of are either located in the European Union, in a country that is considered safe according to the data protection standards of the European Union or are contractually obliged to treat your data in accordance with the strict protection provisions of the GDPR. Should the process allow it, we anonymize or pseudonymize your data.
Under no circumstances whatsoever shall we sell your data to a Third Party.
II. Your rights
The PlayCade Interactive GmbH has its headquarters within the European Union. We are committed to complying with the General Data Protection Regulations (GDPR). This provides you with several notable rights with respect to your personal data.
1. You have the following rights:
a) To request information about your personal data (Art. 15 of the GDPR) and to receive this in a common, machine-legible format (Art. 20 of the GDPR).
b) To request a correction to your personal data (Art. 16 of the GDPR).
c) To request a restriction of the processing of your personal data (Art. 18 of the GDPR).
d) To request the deletion of your personal data (Art. 17 of the GDPR).
e) To object to the processing of your data if the lawfulness of the data processing is based on our legitimate interest (Art. 7, Par. 3, and Art. 21 of the GDPR).
f) To submit a complaint to a supervisory authority (Art. 77 of the GDPR).
Should you have any questions about data protection, please contact us at: datenschutz@playcade.de
Please also denote that we may have to ensure that the person making the request is you or the authorized person or the owner of the corresponding game account.
Please also denote that processing times could last up to a month’s time.
Additional information is provided in Article 7, Par. 3, 15-21, and 77 of the GDPR.
2. Your right to information, correction, and deletion of your personal data (Art. 15, 16, 17, and 20 of the GDPR)
You can receive information at any time as to whether your personal data is being processed by Whow Marketing, to what purpose such processing is taking place, and how to request a copy of your personal data.
a) Specifically, you can request information about the following:
aa) The purpose(s) as to why the data is being processed.
bb) The categories of personal data that are being processed.
cc) The categories of recipients to or with whom the data has been shared.
dd) The intended storage period.
ee) Your rights in relation to this data (correction, deletion, restriction, withdrawal of consent, and submitting a complaint to the supervisory authority).
ff) The source of the data in cases in which we did not obtain the data directly from you.
gg) The existence of automated decision making based on this data, including profiling and your right to request meaningful information about the algorithms used.
If you make this request electronically, the information will be made available in a commonly used electronic format. If your requests are manifestly unfounded or excessive, Whow Marketing may require you to pay a fee to cover administrative costs.
You also have the right to request a correction if your data is incorrect or incomplete. In most cases, you can make this change yourself.
b) Finally, you have the right to have your personal data deleted, provided we have no legal basis to keep it stored (such as freedom of expression, legal regulations, public interest or, if necessary, as evidence in legal disputes) and one of the following reasons applies:
aa) Your personal data is no longer required for the purposes for which it was collected or processed.
bb) You want to revoke a consent that served as the basis for the processing and there is no other basis that would justify such processing.
cc) Your personal data has been processed unlawfully.
dd) Your personal data should be deleted in accordance with a statutory provision.
If we delete data that has been jointly processed with a Third Party, we will also contact these Third Parties and ensure that they delete your data from their system as well.
3. Right to restrict the processing of personal data (Art. 18 of the GDPR)
You can assert your right to restrict the processing of your personal data in the following cases:
a) If you dispute the accuracy of your personal data in the period of time in which the accuracy of this data is being checked and verified.
b) If the processing of your personal data is unlawful, but you refuse to delete it and instead request that the processing be restricted.
c) If we no longer need your personal data, but you still need such personal data in order to establish, exercise or defend legal claims.
4. Right to data portability (Art. 20 of the GDPR)
You have the right to receive the personal data you have made available to us in a structured, generally applied, and machine-legible format. You also have the right to have this data transmitted by the PlayCade Interactive GmbH to another responsible person.
5. Right to withdraw consent (Art. 7, Par. 3, and Art. 21 of the GDPR)
We only process your personal data with your consent unless this data processing is otherwise required (see Section I. 6).
Please denote that a revocation of your consent does not affect the legality of the data processing that has been conducted before your revocation.
6. Right to submit a complaint to your supervisory authority (Art. 77 of the GDPR)
If, despite our efforts to protect the confidentiality of your personal data, you are of the opinion that your rights have not been respected, you have the right to lodge a complaint with the supervisory authority for data protection in your state.
III. Web and app analytics
In order to optimize our offers and to advertise our campaigns, we make use of various tracking services based on Art. 6, Par. 1, lit. f of the GDPR.
These services make use of either cookies (desktop) or device IDs (mobile devices) so that they can classify the behavioral data collected from you (i.e., to determine how long the average user makes use of our offer).
The data exchanged can be information about when you started using our products, how you found out about our products (i.e., which banner you clicked) as well as information about your device parameters (i.e., operational system, brand), your user ID in our games, and payments you may have made.
The trackers use this data to either create approximate behavioral profiles in order to achieve an optimized marketing orientation or to enable us to pay for our campaigns through registration events or paying users as opposed to impressions ("Performance Marketing").
IV. Preventing tracking
Since you may ultimately interact with trackers that we use on Third Party websites that we do not, ourselves, operate, deactivating these trackers on an individual website will probably not correspond with your wishes. To ensure that you can effectively prevent any possible tracking by these providers, you will find an overview of all trackers that we use and some information on how you can deactivate them in this section.
The opt-out options for many tracking services can also be found on the US site https://www.aboutads.info/choices/ as well as the EU site https://www.youronlinechoices.eu. These websites help you object to tracking conducted by providers that we are not making use of.
Unless otherwise stated, be it here or on our tracking partner’s pages on options for making objections, your browser must accept cookies so that the opt-out process can be successfully completed.
We make use of Third-Party analytics tools to deliver advertising and content relevant to your interests. These partners process your data solely in accordance with our specific instructions and can make use of cookies and other tracking technologies to collect information about your use of our apps. This collected information includes installation data, in-app events, language, platform, device type, operating system version or device IDs such as advertising IDs and IDFA as well as usage information.
We use the advertising networks mentioned below it the data described below for the purpose of providing personalized advertising order to be able to display advertising within the framework of our free apps. These collect:
1. Facebook / Facebook Audience Network
Facebook Inc. is located at 1601 Willow Road, Menlo Park, CA 94025, USA. Facebook Ireland is the responsible representative of the company in EU territories.
Type of data: Device attributes (operational system, hardware and software versions, etc.), Procedures on the device, identifiers (unique identifiers, device IDs, and other identifiers), device signals (Bluetooth, WLAN, etc.), data from device settings (GPS, camera, photos), network and connections (cellular or Internet provider, language, time zone, IP address, etc.), cookie data.
The Data Protection Declaration with options for making objections is located here: https://www.facebook.com/about/privacy/update
2. Google Ads, AdMob, and Google Analytics
The Google Corporation is located at 1600 Amphitheatre Parkway in Mountain View, California, USA.
Type of data: Online identifiers, including cookie identifiers, Internet protocol addresses, and device identifiers; customer identifiers
The Data Protection Declaration with objection possibilities is provided here: https://policies.google.com/privacy?hl=de
Google offers information on making objections for Google Ads and AdMob at https://adssettings.google.com/authenticated.
Google offers information on making objections for Google Analytics at https://tools.google.com/dlpage/gaoptout.
Your IP address will be sent anonymously to Google Analytics. For more information, please see https://www.google.com/analytics/terms/.
You can find more information on data usage by Google, settings, and objection options on Google websites: https://www.google.com/intl/de/policies/privacy/partners (”Data usage by Google when you use our partners’ websites or apps“), http://www.google.com/policies/technologies/ads (”Data usage for advertising purposes“), http://www.google.de/settings/ads (”Manage information that Google uses to show you advertisements“).
3. Appsflyer
The AppsFlyer Inc. is located at 100 First St. San Francisco, CA, 94105, USA.
Type of data: Online identifiers, including cookie identifiers, Internet protocol addresses, and device identifiers; customer identifiers
The Data Protection Declaration is located here: https://www.appsflyer.com/privacy-policy/
4. Unity Ads
The Unity Technologies ApS is located at Vendersgade 28, Sal 1, Copenhagen, 1363, Denmark.
Type of data: Device information, IP address, device identifiers, combined with Unity Analytics to personalize advertisements.
Their Data Protection Declaration is located here: https://unity3d.com/de/legal/privacy-policy
5. IronSource
The IronSource Ltd. is located at 28 Lilienblum, Tel Aviv, 6513307, Israel.
Type of data: Device type (manufacturer and model), operational system, IP address, Android identifier and/or IDFA, time zone, language settings, type of Internet connection, geographical information of the devices, type of advertisement, advertisement content, post click information in connection with the advertisement.
The Data Protection Declaration is located here: https://www.ironsrc.com/privacy/
6. Other applicable information
You can object to the use of personalized advertising by making the following settings, depending on the your device’s type: For iPhones or iPads, you start by opening “Settings“, tip on “Data protection“, then open “Advertisement“. You can activate “No ad tracking” right here. If you use devices with Android and Google Play services, begin by opening ”Google Settings“, then tap on “Ads“ and open “Disable interest-based ads“. Conclude by tapping on “OK“.
The use of the aforementioned advertising networks and the transmission of the aforementioned data is based on our legitimate interest in refinancing our investments for the operation of our games and mobile applications (apps) through advertising.
V. Your security; Age restrictions
Online (in the web), we make use of the popular SSL (Secure Socket Layer) method in conjunction with the highest level of encryption supported by your browser for our offers. You can tell whether an individual page of our website is transmitted in encrypted form by the closed key or lock symbol in the status bar of your browser.
We also use suitable technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or also against unauthorized access by Third Parties. Our security measures are continuously expanded in line with technological developments.
To be able to use our services, you must be in possession of your full legal capacity or, in the case of limited legal capacity, have received the consent of your legal guardian. Furthermore, we do not knowingly gather, request, or collect the personal data of a child. Should you not possess full legal capacity, we kindly ask that you do not send us any data about yourself, including your name, address, or email address. However, should we have collected personal data from a child and become aware of it, we will delete this information as soon as possible. Should you be of the opinion that we are in possession of the data of a child, please contact us at: datenschutz@playcade.de
V. Changes to the Data Protection Declaration
We reserve the right to update this Data Protection Declaration regularly in taking applicable data protection regulations into account. This allows us to adapt to current legal requirements and take changes to our services into account, e.g. when introducing new services or products. The latest version of the Data Protection Declaration is available online at https://www.playcade.de/datenschutzerklärung.
VI. Additional information
Should you have any questions about data protection and how it is handled by the PlayCade Interactive GmbH, feel free to contact us at datenschutz@playcade.de
***
Stand: 15. April 2021