Version number: 2.0
GameAnalytics ApS, together with its affiliate GameAnalytics Limited, (referred to as “We”, “Our” or “Us”), is committed to protecting the privacy and security of Our clients, users, staff and partners’ personal data (You). We have developed this privacy notice to inform You of the data we collect, what we do with Your data, what we do to keep it secure as well as the Rights You have over Your personal data.
Throughout this notice we refer to data protection legislation which includes (but not limited to) the UK and EU GDPR, Swiss Federal Act on Data Protection and other applicable laws such as the e-Privacy Directive and the Privacy Electronic Communication Regulation (“PECR”) 2011. This also includes any replacement legislation which may come into effect from time to time.
This privacy notice applies to the GameAnalytics website www.gameanalytics.com (“Site”) and other services we offer, ranging from our game optimization and analytical services, software applications and game usage analytics, including users who access and use these services through a mobile device (“Services”).
For residents in Mainland China, please read GameAnalytics’ China PIPL Privacy Notice at https://gameanalytics.com/privacy/pipl-china
2. Contact Details
We have offices based in Denmark and the UK.
Our Danish office contact details are:
Post: Pilestræde 58, 2, 1112 Copenhagen K, Denmark
Our UK office contact details are:
Post: 18 Soho Square, London, W1D 3QL, United Kingdom
Our UK office is registered with the Information Commissioner’s Office (the ICO) with registration number ZB150644.
You can contact our Data Protection Officer through email: firstname.lastname@example.org
GameAnalytics processes personal data primarily on a B2B basis, and we do not process personal data on a B2C basis. When we engage with other game developers depending on the service, we may act as a data processor or as a joint controller.
4. Lawful Basis for Data Processing
Data protection legislation requires GameAnalytics to identify an appropriate lawful basis to process personal data. The lawful basis we rely on as a data controller are detailed below with brief examples for when they may apply:
|Consent||For opting into marketing communications, newsletters, competitions etc|
|Contractual Obligation||To take steps into entering and concluding contracts of employment|
|Legal Obligation||Where needed for tax reasons such as UK HMRC purposes|
|Vital Interests||To ensure we know about medical conditions of our employees or onsite visitors should they require medical attention|
|Legitimate Interests||To help answer any questions or concerns that may be sent to us from individuals who we may have no prior existing relationship with|
Where we act as a joint controller, the lawful basis is the consent collected by the game developer controller, to allow us to conduct advertising on games. Where we act as a joint controller or a data processor, the lawful basis is legitimate interests to enable us to carry out our analytics.
5. Data Subjects and Personal Data Collected
Due to the nature of our business and data processing activities we would collect and process various categories of personal data from various data subjects. Examples of data subjects whose data we could process as a data controller can include:
- Job applicants;
- Visitors/guests to our offices;
- Website visitors and enquirers
- Game users;
- Game developers;
As a data controller we would normally collect the following categories of personal data:
- Email address
- Phone numbers
- Recruitment data (e.g. CV and cover letters)
- Employee data (as per relevant HR requirements)
- Financial information
- IP address
- Other persistent identifiers
As a data processor we may process and store the following categories of personal data:
- Gamers profile data
- Analytical data
- In-game events
We collect personal data through several means. Examples can include:
- When You complete an online form on our website
- Contact by phone, email or postal letter
- Applying to any of recruitment vacancies
- When You use any of our services
- Communicate to us via social media
The above list is representative and non-exhaustive.
6. How We Use Personal Data
We may use personal data for various activities which can include the following activities:
- Register with us through the Services and create a GameAnalytics Account
- Make a purchase via the Services
- Submit and/or sell assets, content or games via the Services
- Submit a request for technical support
- Submit a request for information about the Services
- Track in-game activities
- Download, register, and/or install any Software
- Post any content via the Services
- To manage our relationship with You as a client, candidate, supplier or professional contact
- To process job applications
- Action any data subject right requests
- Seek Your views or comments on the services we provide
- Notify You of changes to our services
- Handle an enquiry or complaint You have made
- Sending marketing communications and other company updates
The above list is non-exhaustive and representative. For more information on how we use personal data for specific activities You can contact us as detailed above.
The provision of Personal Data by You is necessary for the performance of the Agreement and where in our legitimate interests to provide and improve the Services, complete Your transactions, enforce licensing terms, and administer Your inquiries.
During the registration process on our Site, You will be asked for the following Personal Data: Your name, Your email address, the company for which You work, Your country, and a password. This Personal Data is used for validation purposes. It may also be used to send You additional promotional information about our services. We store all data associated with Your account, including Your contact information, Your applications and Your campaigns, but we do not store credit card or other billing information.
When You register or create a GameAnalytics Account, we will collect certain Personal Data, including but not limited to IP address, operating system, username, hostname, and hardware ID during Your use of the Software. When You use the Software, the Software may automatically make Internet connections to check for updates, validate Your licence keys, and provide us with anonymous usage statistics.
When Your game is connected to our Services and used by You, we may collect the following from Your users’ devices: IP address, device events, hardware settings, browser type, browser language, the date and time of request and referral URL, cookies that may uniquely identify their browser. If You prefer that we do not collect and process this data or if You are a customer Yourself, You can at any time request us to cease the collection and processing of this data.
When You install the Services into Your game, we may collect some or all of the following data:
- Unique device identifier generated from the device including but not limited to 1) ID for Advertisers (iOS); 2) ID for Vendors (iOS); 3) Google Advertising ID (Google)
- Platform (automatic)
- Device (automatic)
- OS major (automatic)
- OS minor (automatic)
- IP address (automatic) – used to infer country information
- Install timestamp: it is the timestamp of the first event received from the app integrated with GameAnalytics, for that user
- Boot-up timestamp: it is the timestamp of when a user boots up a game
Additional data can be collected in GameAnalytics, depending on Your implementation of the Service. The general data types that can be collected are:
- business events such as transactions made in the game
- progression events that are used to mark a user’s progress or movement in the game
- resource events such as the acquisition or spend of game virtual currencies by the user
- design events used to track user behaviour in the game, which can refer to any aspect of the game’s design, including, but not limited to, level or character design, bonuses, social interactions, etc.
- error events such as any errors encountered by the user while using the game
- custom fields that can contain any game parameter defined by You.
If You prefer that we do not collect and process this data or if You are a user Yourself, You can at any time request us to cease the collection and processing of this data.
We may combine Personal Data that we collect from You with information we obtain about You from third parties (e.g., updated contact information and additional demographic information). We may also aggregate Your Personal Data with information collected from other GameAnalytics users to customise Your user experience, to improve the quality and value of the Services, to inform You about GameAnalytics products and services that may be of interest to You, and to analyse and understand how our Services are used.
7. Recruitment Data Processing
From time to time we may advertise job vacancies on our website at https://gameanalytics.com/careers or on other websites such as LinkedIn. When we receive candidate information we may receive personal data such as Your name, CV information and other information which may be used to help Your application to stand out (e.g. may be immediately available). We will be sure to only retain candidate data for as long as reasonably necessary which is typically 6 months if a candidate is unsuccessful.
The same applies with any direct applications received via LinkedIn. If we screen a profile and CV information and the candidate is unsuccessful we will make sure we only have that data for as long as necessary, which again would be up to 6 months.
No positions within our company will require a criminal background check. If this was to change we will be sure to update our policies and notices where needed.
8. Children’s Data
GameAnalytics services and products are designed to meet the highest safety standards in supporting children-friendly mobile apps and technologies, with a special focus on data security and privacy rights, in accordance with the applicable privacy laws, including GDPR, COPPA, and the UK Children’s code.
If a parent or guardian becomes aware that their child has provided us with information without their consent, they should contact us at email@example.com. We will delete such information from our files within a reasonable period of time.
9. Data Sharing
Due to the nature of our business there may be times we are required to share data with other departments and members of our organisation. Examples of when we may need to share data can include for recruitment purposes, IT concerns (including any help and assistance with our service offerings), and any questions or concerns regarding data protection received from other departments.
Please note there may also be instances where we may need to share data with any competent law enforcement body, regulatory, government agency, court or other third party where we believe disclosure is necessary (i) as a matter of applicable law or regulation or (ii) to exercise, establish or defend our legal rights.
In the event that we contract with a third party to provide some part of the Service that You have requested or to assist us in analysing our Service or information collected about You and/or Your users, GameAnalytics may provide Your information and/or Your users’ information to such third party, or such third party may collect information from You or the users on Our behalf. We may share Your information and user information with third parties with whom we have a strategic relationship, such as our affiliates (that provide complementary services such as mediation or monetization services, revenue reporting, attribution services), data providers, game developers and advertisers. The information shared with these third parties may be used for industry analysis, tracking game conversions or demographic profiling. When permitted by applicable law, we may also provide Your information and User information to our affiliates, business partners, advertisers or other trusted entities for the purpose of providing You with information on goods and services we believe will be of interest to You.
We are also required to share data with data controllers where we are acting as their data processors. This may involve (as examples) instances of where we have directly received any questions or complaints or erasure requests that need to be forwarded onto relevant data controllers.
10. International Data Transfers
There may be instances where we may need to transfer Your data outside the UK/ European Economic Area (“EEA” The EU member states, Norway, Iceland and Liechtenstein). We may need to share Your data with companies in an adequate listed country or in other third countries who may not have similar data protection laws to the UK/EEA. If we need to transfer Your information outside the UK/EEA we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that Your privacy rights continue to be protected as outlined in this notice.
GameAnalytics has entered into EU standard contractual clauses (“Model Contracts”) for transfers of Personal Data to its affiliates. You can request a copy of these Model Contracts by submitting Your request via email to firstname.lastname@example.org.
We may at times use sub-processors to help us fulfil our contractual duties and obligations to our client controllers. We have put into place agreements with them and ensured the correct data protection language, obligations and responsibilities are incorporated in these agreements. A list of sub-processors is available upon request by contacting us using our details above.
14. Marketing Communications
We would like to send You marketing news and updates regarding our company, products and services should You like to receive them. In order to send You these communications we would require Your consent, and You can always change Your preferences (i.e. opt out) by clicking on the relevant unsubscribe link at the bottom of the email. You also have the ability to opt out by contacting us over phone or email should You choose to do so.
15. Automated Decision-Making and Profiling
We do not conduct any automated decision making and profiling within our organisation.
16. Data Retention
We regularly review our data retention practices to ensure we only retain personal data for as long as necessary in line with our data processing activities. We have created data retention policies and accompanying data retention schedules to help document relevant retention periods.
As a data controller we will retain personal data for as long as necessary in line with various requirements, such as for example, best practice recommendations (e.g. supervisory authority recommendations), relevant guidelines (e.g. employment body guidance) or for as long as mandated under specific legislation (e.g. tax law requirements). We will also determine appropriate retention periods based on our legitimate interests where identified.
As a data processor we will retain personal data for as long as required by our client data controllers. Where the data controller has determined the relevant retention period, we will be sure to document this and notify them in advance before the deletion is carried out.
When data is needed to be deleted we will either delete automatically/manually or anonymise it if deletion is not possible.
17. What Happens If Our Business Changes Hands?
We may, from time to time, expand or reduce our business and this may involve the sale and/or the transfer of control of all or part of our business. Any personal data that You have provided will, where it is relevant to any part of our business that is being transferred, be transferred along with that part and the new owner or newly controlling party will be permitted to use that data only for the purposes for which it was originally collected by us.
18. Data Security
We have put in place appropriate security measures to prevent Your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to Your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process Your personal data on our instructions and they are subject to a duty of confidentiality.
If we become aware of any loss, misuse, alteration of personal data we will work closely with our IT team and other parties as necessary to investigate the incident at hand. We have put into place the relevant procedure and policies in place to investigate, mitigate and report (when needed to relevant parties) such instances.
19. Data Protection Rights
If You are based in the UK/EEA You have several Rights to how an organisation processes Your personal data. The Rights are as follows:
- Right to be informed
- Right to access data
- Right to rectification
- Right to erasure
- Right to restrict processing
- Right to objection
- Right to portability
- Right not to subject to automated decision making and profiling
If You would like to exercise any of the above Rights You can do so by sending us a written request to our email address mentioned above.
Please also note and as mentioned above, if we receive a Rights request as a data processor, we will forward the request to the client controller who may then contact You directly for additional information or to confirm if the Right is exercised or not.
20. Concerns and Complaints
We understand You may have concerns and complaints about this notice and any aspects to how we process personal data. If You would like to contact us directly to talk to us about a concern or to raise a complaint, You can do so by using our contact details above.
Our lead EU data protection supervisory authority is the Danish Datatilsynet and You can contact them and submit a complaint via this link (local language).
You can also submit a complaint directly to the Information Commissioner’s Office (the ICO), the UK supervisory authority for data protection in the UK, via this link.
If You are based anywhere within the EEA a list of supervisory authorities can be found via this link.
If You are based in Switzerland, You can contact the Swiss Federal Data Protection and Information Commissioner via this link (local language).
21. Review and Updates
We will review this notice and make changes to it from time to time. We recommend that You check this notice to see where changes have been made and to ensure You are able to review updated information at all times.