- 1. OUR PRIVACY STATEMENT
- 2. HOW DO WE USE YOUR PERSONAL DATA?
We will always process your personal data based on one of the legal basis provided for in the GDPR (Articles 6 and 7). In addition, we will always process your sensitive personal data, for example, concerning your trade union membership, religious views, or health condition, in accordance with the special rules provided for in the GDPR (Articles 9 and 10).
We may collect and process your personal data for the purposes detailed below, which are required so that we can pursue our legitimate interests and provide you with adequate services and products:
- To help KLab develop, deliver, manage and improve the Services and advertising;
- For market research purposes that support KLab’s efforts to deliver a more valuable service to KLab users;
- To serve ads that contain links to services, websites or application, and KLab may further utilize your Device ID to track clicks or other ad fulfillment metrics;
- To provide customer and technical support;
- To send you messages with informative or commercial content about KLab, the Services, or third party products and services that KLab thinks may be of interest to you;
- To allow KLab to keep you posted regarding our latest Services announcements, software updates, and upcoming events;
- To audit and analyze data to improve the Services and customer communications; and
Finally, in very specific circumstances, we may require your consent to process your personal data.
We may process your personal data for the specified purposes based on the legal basis as follows:
No. Processed personal data Purpose Legal basis 1 your IP address, your universal unique identifier (e.g., UUID), and Instance IDs to identify you as a game user and provide you our game services your and our legitimate interests to provide you with the requested game services. (Article 6(1)(f) GDPR) 2 In addition to the personal data written in No.1, your location data based on your selection to provide location data to provide a certain service using user's location data. your and our legitimate interests to provide you with the requested game services. (Article 6(1)(f) GDPR) 3 In addition to the personal data written in No.1, personal data provided to us, such as your name, surname, phone number, e-mail address, game data, your user identifier (e.g., Game Centre ID or Google ID), and data related to your marketplace receipt (e.g., iTunes, Google Play) to provide you with customer services your and our legitimate interests to provide you with the requested game services (Article 6(1)(f) GDPR) 4 Game Centre ID, Google ID, SchoFes ID, or Facebook ID to enable you to save and continue your games within your profile across multiple devices your and our legitimate interests to provide you with the requested game services (Article 6(1)(f) GDPR) 5 IP address, cookie data, advertising IDs / IDFA and other similar technologies to analyse your behaviour online (e.g., websites visited by you), and provide behavioural and targeted advertising your consent (Article 6(1)(a) GDPR and Article 5(3) e-Privacy Directive) 6 IP address, your country (including no other geographical information), UUID/AndroidID and other similar technologies to assist debugging, and to improve our service and its stability. your and our legitimate interests to provide you with the requested game services
We will process your data for these specified, explicit and legitimate purposes, and will not further process the data in a way that is incompatible with these purposes. If we intend to process personal data originally collected for one purpose in order to attain other objectives or purposes, we will ensure that you are informed of this. We will keep your personal data for as long as it is necessary for us to comply with our legal obligations, to ensure that we provide an adequate service, and to support its business activities (Article 5 and 25(2) GDPR).
- 3. WHAT TYPES OF PERSONAL DATA DO WE USE?
We process the personal data outlined above for the respective purposes that we have explained. We can obtain such personal data either directly from you when you decide to communicate such data to us (i.e., when you fill in forms displayed on the Website) or indirectly where such personal data is provided to us by your electronic communication terminal equipment or your Internet browser. We ensure that the personal data processed be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.
- 4. HOW DO WE SHARE YOUR PERSONAL DATA?
We may share your personal data with Company Group entities and with third parties in accordance with the GDPR. Where we share your data with a data processor, we will put the appropriate legal framework in place in order to cover such transfer and processing (Articles 26, 28 and 29). Furthermore, where we share your data with any entity outside the EEA, we will put appropriate legal frameworks in place, notably controller-to-controller (2004/915/EC) and controller-to-processor (2010/87/EU) Standard Contract Clauses approved by the European Commission, in order to cover such transfers (Articles 44 ff. GDPR).
For the provision of our games, we share your personal data with companies which provide services on our behalf, such as hosting, maintenance, support services, email services, marketing, auditing, fulfilling your orders, processing payments, data analytics, providing customer service, and conducting customer research and satisfaction surveys.
Your data will be transferred to vendors and service providers to provide support operations (e.g., E-Guardian, Inc., Japan; adish Co., Ltd., Japan; and Active Gaming Media Inc., Japan) , debug supporting tools (e.g. FROSK, Inc.), in-game advertisement tools (e.g., Google Inc.), and cloud computing and web services (e.g., Amazon Web Services, U.S. ).
Regarding your personal data related to online advertising and advertisement measurement, if you consent to this processing of personal data, your data may be transferred to media companies for online behavioral and targeted advertising, such as Facebook (U.S.), Google (U.S.), Twitter (U.S.), Dynalist (U.S.), Appier (Asia), Criteo (France), Pocketwhale (France) and Snapchat (U.S.).
For the provision of our website, your data may be processed by vendors or service providers that we use, such as analysis service providers (e.g., J-Stream, Japan; Dai Nippon Printing, Japan; IMJ, Japan), web services and cloud computing and storage services (e.g., Amazon Web Services), and access analysis vendors (e.g., Google, Inc., U.S.; and User Local, Inc., Japan).
KLab Inc. Affiliates and Corporate Business Transactions
We may share your personal data with all KLab Inc. affiliates. In the event of a merger, reorganization, acquisition, joint venture, assignment, spin-off, transfer, or sale or disposition of all or any portion of our business, including in connection with any bankruptcy or similar proceedings, we may transfer any and all personal data to the relevant third party.
Legal Compliance and Security
It may be necessary for us – by law, legal process, litigation, and/or requests from public and governmental authorities within or outside your country of residence – to disclose your personal data. We may also disclose your personal data if we determine that, due to purposes of national security, law enforcement, or other issues of public importance, the disclosure is necessary or appropriate.
We may also disclose your personal data if we determine in good faith that disclosure is reasonably necessary to protect our rights and pursue available remedies, enforce our terms and conditions, investigate fraud, or protect our operations or users.
Such disclosures may involve transferring your personal data out of the European Union in the following countries: Japan, the United States, China and Singapore. Such transfer may take place for internal reporting, management and business purposes. For each of these transfers, we make sure that we provide an adequate level of protection to the data transferred, in particular by entering into standard contract clauses as defined by the European Commission decisions 2001/497/EC, 2002/16/EC, 2004/915/EC and 2010/87/EU.
We will not use your personal data for online marketing purposes unless you have expressly consented to such use of your personal data. You can change your marketing preferences at any time by contacting us as detailed below.
- 5. OUR RECORDS OF DATA PROCESSES
We handle records of all processing of personal data in accordance with the obligations established by the GDPR (Article 30), both where we might act as a controller or as a processor. In these records, we reflect all the information necessary in order to comply with the GDPR and cooperate with the supervisory authorities as required (Article 31).
- 6. SECURITY MEASURES
We process your personal data in a manner that ensures their appropriate security, including protection against unauthorised or unlawful processing, accidental loss, destruction or damage. We use appropriate technical or organisational measures to achieve this level of protection (Article 25(1) and 32 GDPR).
We will retain your personal information for as long as it is necessary to fulfill the purposes outlined in this Privacy Statement, unless a longer retention period is required or permitted by law.
- 7. NOTIFICATION OF DATA BREACHES TO THE COMPETENT SUPERVISORY AUTHORITIES
In case of breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed, we have the mechanisms and policies in place in order to identify it and assess it promptly. Depending on the outcome of our assessment, we will make the requisite notifications to the supervisory authorities and communications to the affected data subjects, which might include you (Articles 33 and 34 GDPR).
- 8. PROCESSING LIKELY TO RESULT IN HIGH RISK TO YOUR RIGHTS AND FREEDOMS
We have mechanisms and policies in place in order to identify data processing activities that may result in high risk to your rights and freedoms (Article 35 of the GDPR). If any such data processing activity is identified, we will assess it internally and either stop it or ensure that the processing is compliant with the GDPR or that appropriate technical and organisational safeguards are in place in order to proceed with it.
In case of doubt, we will contact the competent Data Protection Supervisory Authority in order to obtain their advice and recommendations (Article 36 GDPR).
- 9. YOUR RIGHTS
You have the following rights regarding personal data collected and processed by us.
- Information regarding your data processing: You have the right to obtain from us all the requisite information regarding our data processing activities that concern you (Articles 13 and 14 GDPR).
- Access to personal data: You have the right to obtain from us confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, access to the personal data and certain related information (Article 15 GDPR).
- Rectification or erasure of personal data: You have the right to obtain from us the rectification of inaccurate personal data concerning you without undue delay, and to complete any incomplete personal data (Article 15 GDPR). You may also have the right to obtain from us the erasure of personal data concerning you without undue delay, when certain legal conditions apply (Article 17 GDPR).
- Restriction on processing of personal data: You may have the right to obtain from us the restriction of processing of personal data, when certain legal conditions apply (Article 18 GDPR).
- Object to processing of personal data: You may have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you, when certain legal conditions apply (Article 21 GDPR).
- Data portability of personal data: You may have the right to receive your personal data in a structured, commonly used and machine-readable format, and have the right to transmit those data to another controller without our hindrance, when certain conditions apply (Article 20 GDPR).
- Not to be subject to automated decision-making: You may have the right not to be subject to automated decision-making (including profiling) based on the processing of your personal data, insofar as this produces legal or similar effects on you, when certain conditions apply (Article 22 GDPR).
- 10. CHILDREN
- 11. LINKS TO OTHER SITES
We may propose hypertext links from the Website to third-party websites or Internet sources. We do not control and cannot be held liable for third parties’ privacy practices and content. Please read carefully their privacy policies to find out how they collect and process your personal data.
The contact details of the Data Protection Officer are as follows:
AMI Data&Solutions UG
Address: Marie-Curie-Strasse 6, 85055 Ingolstadt, Germany.
Telephone: +49 (0) 89-71680318-1
- What are cookies?
Cookies are small text files which are placed on your computer or mobile phone when you visit a website. They are widely used in order to make websites work or to work more efficiently. The cookies help our Website to recognize your device and remember information about your visit (e.g., your preferred language, font size and other preferences).
We use Google Analytics, User Insights, and other analytics tools to help us measure traffic and usage statistics in order to understand how visitors access and use our Website. We use information collected through cookies to help improve our Website and to compile aggregate statistics about how our Website is used by visitors. How to manage your cookies preferences
Most browsers allow you to manage your cookies preferences by changing your browser settings. You may thus set your browser to: (i) automatically accept or refuse all cookies; (ii) automatically accept or refuse first party cookies and/or third party cookies; or (iii) notify you before any cookies are set on your terminal equipment so that you get the opportunity to accept or refuse such cookies.
- Chrome (https://support.google.com/chrome/answer/95647?hl=en);
- Internet Explorer (http://windows.microsoft.com/en-US/windows-vista/Block-or-allow-cookies);
- Mozilla Firefox (https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences?redirectlocale=en-US&redirectslug=Enabling+and+disabling+cookies); and
- Safari (https://support.apple.com/kb/PH21411?viewlocale=en_US&locale=fr_FR).
- In addition, if you do not want Google Analytics to be used in your browser, you can
- install the Google Analytics browser add-on at https://tools.google.com/dlpage/gaoptout; and/or
- opt-out through the Network Advertising initiative consumer opt-out system accessible at the following link: http://optout.networkadvertising.org/#!/.
In addition, you may wish to visit www.aboutcookies.org, which contains comprehensive information on how to do this on a wide variety of browsers.
Moreover, you can use another online service enabling you to manage the advertisement cookies placed our your devices: http://www.youronlinechoices.com/.
Please note yet that if you block cookies, your experience on our Website may be impacted as we may then not be able to provide you with full access to all functionalities and contents of our Website.
- How long do we retain cookies?
We consider that your consent to cookies is valid for a maximum period of twelve (12) months. After such time frame, we will ask for your consent again.