Effective date: January 01, 2019
01. Personal data general information on the processing.
The use of the products and services we offer may result in the processing of personal data. The term “personal data” under data protection law refers to all information relating to a specific or identifiable person. An IP address can also be considered personal data. An IP address is assigned to each device connected to the internet by the internet service provider, so that it can send and receive data. When you use the apps, we collect data that you provide yourself. In addition, when you use the app, we automatically collect certain information about your use of it. We process personal data in compliance with the relevant data protection regulations of the GDPR. We will only process data where we are legally permitted to do so. When you use these apps, we will process personal data only with your consent (Art. 6 paragraph 1 sentence 1 letter a GDPR), for the performance of a contract to which you are a party, or in order to take steps at your request prior to entering into a contract (Art. 6 paragraph 1 sentence 1 letter b GDPR), for compliance with a legal obligation (Art. 6 paragraph 1 sentence 1 letter a GDPR) or if the processing is necessary for the purposes of our legitimate interests or the legitimate interests of a third party, except where such interests are overridden by your interests or fundamental rights and freedoms which require the protection of personal data (Art. 6 paragraph 1 sentence 1 letter f GDPR).
02. What personal data we collect and why we collect it.
03. How long we retain your data.
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue. For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information. Unless otherwise stated in the following sections, we will store the data only as long as necessary to achieve the purpose of processing or to fulfill our contractual or statutory obligations.
04. Transmission of data.
Unless otherwise stated in the following sections, data will be processed on the servers of technical service providers commissioned by us for this purpose. These service providers will only process the data after having received express instructions and they are contractually obliged to guarantee adequate technical and organizational measures for data protection. Insofar as we refer to integrated services of other providers in this Data Protection Declaration, it can be assumed that personal data will be transmitted to the specified headquarters of these providers. These providers may be based in a so-called third country outside the European Union or the European Economic Area. Further information can be found in the sections describing each service.
05. Data collection during downloading.
06. What rights you have over your data.
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes. The apps requires various access permissions from your device. These are required to maintain certain functionality of our apps. For example, if you only want to download updates using a wireless connection, the app needs access to your wireless connection. If you would like to purchase additional content via the app, we may need access to the interface required for your app store. Another example is what is referred to as “push notifications”, in which we can use an interface to display a message directly on your device. The access permissions on your mobile device are dependent on the operating system (e.g. Android, iOS, etc.) and the store where the app was purchased (e.g. Google Play Store, Apple App Store, Amazon, etc.). As a rule, you will receive information prior to the installation as to which access permissions are required by our app. The legal basis for the processing of technically necessary access permissions is Art. 6 paragraph 1 sentence 1 letter b GDPR. All further access permissions are based on Art. 6 paragraph 1 sentence 1 letter f GDPR. Under “Settings” in Apple iOS, you can get an overview at any time of the content that our apps can access. You can restrict these access permissions at a later point in time. In Android, various access permissions are also needed on your mobile device. Under “Settings/Apps” you can subsequently check the access rights of our apps.
07. Registration and login.
08. Facebook connect.
We also offer you the option of easier registration for our games and services through Facebook. You can use your existing Facebook user account for this purpose. By clicking the “Log in with Facebook” link, you can use this registration method via our online portal. To do this, you need to already have a Facebook account or have access to Facebook. If you would like to register for one of our services using your Facebook account, the first step in the registration process will immediately redirect you to Facebook. Facebook will then ask you to log in or to register. Under no circumstances will we receive your personal access data (user name and password). In a second step, you will connect your Facebook profile with the service for which you would like to register. At this point, you will be told which data from your Facebook profile will be transmitted to us. This information is usually your “public information” on Facebook and information which you have made available to the public or authorized for the application in question. Information of this type generally includes your name, profile picture and cover photo, your gender, your networks, your username (Facebook URL), and your user ID number (Facebook ID). We will also use the email address you have saved with Facebook in order to contact you outside of Facebook. You can see an overview of information in your profile that is available to the public via the General Account Settings menu of your Facebook profile (https://www.facebook.com/settings?tab=applications). Facebook is certified under the Privacy Shield Agreement and thus guarantees compliance with European data protection legislation (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active). The legal basis for data collection and storage is your consent, within the meaning of Art. 6 paragraph 1 sentence 1 letter a GDPR. If you would like to remove the connection between Facebook Connect and our service, please log in to Facebook and make the required changes to your profile. We will then no longer have the right to use information from your Facebook profile.
09. Data processing in our games.
In our games we are able to track and evaluate various actions at the player level. This especially includes contact data provided during registration and your actions during the games. For this purpose, we collect your connection data, such as your IP address. We need to be able to process this information to execute gaming operations. It is, therefore, processed on the basis of Art. 6 paragraph 1 sentence 1 letter b GDPR.
10. Payments made through our website.
11. Payments made through our apps.
In principle, you can enjoy our games without having to provide personal contact data. If you pay for chargeable activities in our games, your personal data will be collected by the corresponding payment service providers listed. All payment-relevant data, such as your contact and payment data, are initially collected and processed by the corresponding payment provider. The legal basis for this data processing is Article 6(1)(b) GDPR. For payments, we collect the Geo-location of your IP address, which allows us to determine in which country you are located. The legal basis for this data collection is Art. 6 paragraph 1 sentence 1 letter c GDPR, as the processing is necessary for compliance with a legal obligation. The legal obligation arises from Directive 2006/112/EC (MOSS Directive). We also receive information from payment providers related to payment fraud prevention. The legal basis for this data collection is Art. 6 paragraph 1 sentence 1 letter c GDPR, as the processing is necessary for compliance with a legal obligation.
By subscribing to our newsletter, you agree to receive it and you agree to the processes described below. The legal basis is your consent pursuant to Art. 6 paragraph 1 sentence 1 letter a GDPR. We do not include the following information under the term “advertising communication”: Information about technical and organizational processes and information relating to the provision of services to our users. To subscribe to our newsletter, use the double opt-in procedure, which serves to confirm your e-mail address. This confirmation is required so that no one can register with an e-mail address that does not belong to them. Subscriptions to the newsletter are logged in order to be able to provide evidence of the registration process in accordance with statutory requirements. This includes the storage of the time of registration itself and the time of confirmation, as well as the IP address. Any changes to your data stored with the service provider that sends the newsletters are also logged. Newsletters are sent with the help of an EU-based external service provider, whom we have engaged to process orders in accordance with statutory requirements. The newsletters contain cookies that are retrieved by the server of the service provider that sends the newsletter, as soon as the newsletter is opened. Within the scope of this retrieval, technical information, such as information about the browser and your system, as well as your IP address and time of retrieval are initially collected. This information is used for technical improvement or to analyze the target groups and their reading behavior on the basis of their retrieval locations (which can be determined using the IP address) or access times. The statistical data collection also includes determining if and when the newsletters are opened and which links are clicked when they are clicked. For technical reasons, this information can be assigned to the individual newsletter recipients. These analyses are primarily intended to help us to identify the reading habits of our users and to adapt our content to them or to send different content based on user interests. The legal basis is Art. 6 paragraph 1 sentence 1 letter f GDPR. You can stop receiving our newsletter at any time in the future just by letting us know that you wish to cancel. You can do so easily by using the link at the bottom of each of our communications or by using our support form. Unfortunately, you cannot request separate cancellations for the service provider that sends the newsletter or for the statistical analysis. If you wish to cancel, you must cancel the entire subscription.
We conduct occasional customer satisfaction surveys for our games. For this purpose, we collect and process your contact data as provided in the surveys. The legal basis for the use of this information is your consent in accordance with Art. 6 paragraph 1 sentence 1 letter a GDPR. Your participation in the survey is voluntary. Your consent to its use may be revoked at any time. We use the services of SurveyMonkey Inc (San Mateo, One Curiosity Way, San Mateo, California 94403, “SurveyMonkey”) to conduct the surveys. SurveyMonkey collects additional information from participants in the form of cookies, which are only intended to ensure that the survey service is fully usable and that the surveys run as intended. The legal basis for processing this additional information is Art. 6 paragraph 1 sentence 1 letter f GDPR. If you do not participate in our survey, no personal information will be collected. SurveyMonkey is certified under the Privacy Shield Agreement and thus guarantees compliance with European data protection legislation https://www.privacyshield.gov/participant?id=a2zt0000000Gn7zAAC&status=Active
14. Processing apps log files.
If you use our services, general information (that is not used on a individual basis) is initially stored automatically, i.e. not through registration. For example, our web servers normally store the following information: IP, Device ID, Device Type, OS, time of the server request. The processing is carried out for the purposes of our legitimate interests, the legal basis of which is Art. 6 paragraph 1 sentence 1 letter f GDPR. This processing is used for technical administration and the security within the app.
15. Combating fraud.
We process pseudonymous information, such as the IP address or device ID, for the analysis of signals in order to identify fraud by third parties in the context of customer acquisition. To accomplish this, we are supported by external service providers whom we have ensured are committed to the same statutory requirements. The legal basis of Art. 6, paragraph 1, sentence 1, letter f GDPR. This processing helps the organizational security of the app.
16. Facebook SDK.
We use Facebook’s Software Development Kit (SDK) within our app. The Facebook SDK is issued and administered by Facebook. By means of this integration, we can link various Facebook services with our app. For example, this enables users to be able to use the Facebook SDK to share content from our apps within their Facebook timeline or to send messages to other Facebook users. Further information about the Facebook SDK within iOS can be found here: https://developers.facebook.com/docs/ios. For Android, please refer to: https://developers.facebook.com/docs/android. The legal basis for the storage of this data is Art. 6 paragraph 1 sentence 1 letter b GDPR. Facebook App Events: We use the Facebook App Events service though the Facebook SDK to track the reach of our advertising campaigns and the use of the Facebook SDK. Facebook merely provides us with an aggregated analysis of user behavior with our app. We have no influence beyond that on the information that will be processed through App Events by Facebook. Facebook is certified under the Privacy Shield Agreement and thus guarantees compliance with European data protection legislation (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active). The legal basis for this processing is Art. 6 paragraph 1 sentence 1 letter f GDPR. In our app settings, you can opt out of using App Events for these purposes.
17. Google marketing services.
18. Google SDK (Firebase analytics).
19. AppsFlyer/Kochava SDK.
20. Microsoft Bing ads.
We use the conversion and tracking tool Bing Ads from Microsoft Corporation (One Microsoft Way, Redmond, WA 98052-6399, “Microsoft”) as part of our app. Microsoft stores a cookie on the user’s device to enable an analysis of the use of our online services. The prerequisite for this is that the user has accessed our app through an ad from Microsoft Bing Ads. This enables Microsoft and us to know that someone has clicked on an ad, has been redirected to our online services and has reached a predetermined target page. We only see the total number of users who clicked on a Bing ad and were then forwarded to the target page (conversions). No IP addresses are stored. No other personal information about the identity of the user is disclosed. Users can find further information on data protection and the cookies used at Microsoft Bing ads in Microsoft’s privacy statement: https://privacy.microsoft.com/de-de/privacystatement. The legal basis for the use of this service is Art. 6 paragraph 1 sentence 1 letter f GDPR. If you do not wish to participate in the Bing Ads tracking process, you can communicate your objection to Microsoft here: https://choice.microsoft.com/de-DE/opt-out. Microsoft is certified under the Privacy Shield Agreement and thus guarantees compliance with European data protection legislation (https://www.privacyshield.gov/participant?id=a2zt0000000KzNaAAK&status=Active).
We use advertising services provided by the social network Pinterest, which is operated by Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland. We use the site to book advertising space on pins within Pinterest. If you land on one of our offers via a pin we have booked, this information will be processed by Pinterest and communicated to us as statistics (conversion). This allows us to find out, for instance, how many users have clicked on our pins. We obtain no information that allows users to be personally identified. Furthermore, we analyze whether a user then goes on to download our app. Insofar as personal data is processed, this is carried out on the legal basis of article 6 paragraph 1 letter f GDPR. You can object to inclusion in the tracking via the following link: https://help.pinterest.com/de/articles/personalization-and-data
22. The right to object.
In accordance with Art. 21 GDPR, you have the right to object to any processing operations executed that use Art. 6 paragraph 1 sentence 1 letter e or letter f of GDPR as their legal basis.
23. Additional rights.
As the person concerned, you are entitled to exercise your rights against us. In particular, you have the following rights:
- In accordance with Article 15 GDPR and Section 34 BDSG, you have the right to request information as to whether or not, and to what extent, we process personal data about you.
- You have the right to have us correct your data in accordance with Article 16 GDPR.
- You have the right to have us delete your personal data in accordance with Article 17 GDPR and Section 35 BDSG.
- You have the right to have the processing of your personal data restricted in accordance with Article 18 GDPR.
- You have the right, in accordance with Article 20 GDPR, to receive the personal data concerning you that you have provided to us, in a structured, commonly used and machine-readable format and to transmit this data to another controller.
24. Minor’s privacy.
The Service is not targeted towards, nor intended for use by anyone under the age of 16. We do not collect personal data from any person we actually know is under the age of 16.
25. Data protection additional inquiries.
If you have any concerns or require additional information about the data protection, do not hesitate to contact us through our contact form on https://www.appsgator.com/clone/forms/get-in-touch
26. Complaints to government authorities.
If you believe that the processing of your personal data constitutes an infringement of the provisions of the GDPR, you have the right to lodge a complaint with a supervisory authority in accordance with Article 77 GDPR.