PRIVACY POLICY FOR MOBILE APPLICATIONS (APPS)
The following information applies to all our mobile applications (apps) for smartphones and tablet PCs. While we try and keep app permissions and access to a minimum and will never use any information provided in a manner for which the information was not intended, the use of these apps may involve the inadvertent processing of personal information. Our intention is for the following information to provide you with an overview of these processes so that you can understand them. In order to ensure fair processing, we would also like to inform you about your rights under the European General Data Protection Regulation (GDPR) and the Privacy Data and Protection Act 2014 (Australia, Vic)
PS Games P/L Australia (hereinafter referred to as “we” or “us”) is responsible for the data processing.
1. CONTACT US
If you have any questions or suggestions about this information or would like to contact us to exercise your rights, please contact us via email: paul.vella@psgamesonline.com
2. GENERAL INFORMATION ON THE PROCESSING OF PERSONAL DATA
The use of the products and services we offer may result in the processing of personal data. The term “personal data” under data protection law refers to all information relating to a specific or identifiable person. An IP address can also be considered personal data. An IP address is assigned to each device connected to the internet by the internet service provider, so that it can send and receive data. When you use the apps, we collect data that you provide yourself. In addition, when you use the app, we automatically collect certain information about your use of it.
We process personal data in compliance with the relevant data protection regulations of the GDPR and the Australian Law. We will only process data where we are legally permitted to do so. When you use these apps, we will process personal data only with your consent (Art. 6 paragraph 1 sentence 1 letter a GDPR), for the performance of a contract to which you are a party, or in order to take steps at your request prior to entering into a contract (Art. 6 paragraph 1 sentence 1 letter b GDPR), for compliance with a legal obligation (Art. 6 paragraph 1 sentence 1 letter a GDPR) or if the processing is necessary for the purposes of our legitimate interests or the legitimate interests of a third party, except where such interests are overridden by your interests or fundamental rights and freedoms which require the protection of personal data (Art. 6 paragraph 1 sentence 1 letter f GDPR).
3. DURATION OF STORAGE
Unless otherwise stated in the following sections, we will store the data only as long as necessary to achieve the purpose of processing or to fulfil our contractual or statutory obligations.
4. TRANSMISSION OF DATA
Unless otherwise stated in the following sections, data will be processed on the servers of technical service providers commissioned by us for this purpose. These service providers will only process the data after having received express instructions and they are contractually obliged to guarantee adequate technical and organizational measures for data protection.
Insofar as we refer to integrated services of other providers in this Data Protection Declaration, it can be assumed that personal data will be transmitted to the specified headquarters of these providers. These providers may be based in a so-called third country outside the European Union or the European Economic Area. Further information can be found in the sections describing each service.
5. DATA COLLECTION DURING DOWNLOADING
When downloading the app, no information is actively transferred by us to the app store involved (Apple App Store, Google Play, Amazon App Store, Samsung App Store, etc.). If you want to know what data is collected and processed by a given app store during the downloading process, please consult their privacy policy. We have no control over any data collection by app stores. They are solely responsible for the processing of any of your personal data within the meaning of Article 7(4) GDPR.
6. ACCESS RIGHTS OF THIS APP
This app requires various access permissions from your device. These are required to maintain certain functionality of our apps. For example, if you only want to download updates using a wireless connection, the app needs access to your wireless connection. If you would like to purchase additional content via the app, we may need access to the interface required for your app store. Another example is what is referred to as “push notifications”, in which we can use an interface to display a message directly on your device. The access permissions on your mobile device are dependent on the operating system (e.g. Android, iOS, etc.) and the store where the app was purchased (e.g. Google Play Store, Apple App Store, Amazon, etc.). As a rule, you will receive information prior to the installation as to which access permissions are required by our app.
The legal basis for the processing of technically necessary access permissions is Art. 6 paragraph 1 sentence 1 letter b GDPR. All further access permissions are based on Art. 6 paragraph 1 sentence 1 letter f GDPR.
Under “Settings” in Apple iOS, you can get an overview at any time of the content that our apps can access. You can restrict these access permissions at a later point in time.
In Android, various access permissions are also needed on your mobile device. Under “Settings/Apps” you can subsequently check the access rights of our apps.
7. CONTACT FORM
Our app contains a contact form with which you can send us messages. The transfer of your data is encrypted.
The legal basis for processing this data is Art. 6 paragraph 1 sentence 1 letter b GDPR. All data fields marked as mandatory are required for the execution of the contract. If they are not provided, the contractual services cannot be carried out. The provision of any additional data is voluntary. Alternatively, you can also send us a message to the contact e-mail address.
8. REGISTRATION AND LOGIN
In order to use certain functions of the app, registration within the app may be required. Upon completion of the registration process, a contract of use is entered.
In the context of this use, only the information you provide is processed. This information can be seen on the registration screen. The legal basis for this processing is Art. 6 paragraph 1 sentence 1 letter b GDPR. It is essential to provide the information marked as mandatory in order to establish the user relationship. The data provided will only be processed for the purposes stated in the terms of use and they will only be stored for the duration of use. You may terminate your use at any time by deactivating your user account.
9. FACEBOOK CONNECT
We may also offer you the option of easier registration for our games and services through Facebook. You can use your existing Facebook user account for this purpose. By clicking the “Log in with Facebook” link, you can use this registration method via our online portal. To do this, you need to already have a Facebook account or have access to Facebook.
If you would like to register for one of our services using your Facebook account, the first step in the registration process will immediately redirect you to Facebook. Facebook will then ask you to log in or to register. Under no circumstances will we receive your personal access data (user name and password).
In a second step, you will connect your Facebook profile with the service for which you would like to register. At this point, you will be told which data from your Facebook profile will be transmitted to us. This information is usually your “public information” on Facebook and information which you have made available to the public or authorized for the application in question. Information of this type generally includes your name, profile picture and cover photo, your gender, your networks, your username (Facebook URL), and your user ID number (Facebook ID). We will also use the email address you have saved with Facebook in order to contact you outside of Facebook. You can see an overview of information in your profile that is available to the public via the General Account Settings menu of your Facebook profile (https://www.facebook.com/settings?tab=applications).
Facebook is certified under the Privacy Shield Agreement and thus guarantees compliance with European data protection legislation (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).
The legal basis for data collection and storage is your consent, within the meaning of Art. 6 paragraph 1 sentence 1 letter a GDPR. If you would like to remove the connection between Facebook Connect and our service, please log in to Facebook and make the required changes to your profile. We will then no longer have the right to use information from your Facebook profile.
10. DATA PROCESSING IN OUR GAMES
In our games we can track and evaluate various actions at the player level. This especially includes contact data provided during registration and your actions during the games. For this purpose, we collect your connection data, such as your IP address. We need to be able to process this information to execute gaming operations. It is, therefore, processed based on Art. 6 paragraph 1 sentence 1 letter b GDPR.
11. PAYMENTS MADE THROUGH OUR APP
In principle, you can enjoy our games without having to provide personal contact data. If you pay for chargeable activities in our games, your personal data will be collected by the corresponding payment service providers listed.
All payment-relevant data, such as your contact and payment data, are initially collected and processed by the corresponding payment provider. The legal basis for this data processing is Article 6(1)(b) GDPR.
For payments, we collect the geolocation of your IP address, which allows us to determine in which country you are located. The legal basis for this data collection is Art. 6 paragraph 1 sentence 1 letter c GDPR, as the processing is necessary for compliance with a legal obligation. The legal obligation arises from Directive 2006/112/EC (MOSS Directive).
We also receive information from payment providers related to payment fraud prevention. The legal basis for this data collection is Art. 6 paragraph 1 sentence 1 letter c GDPR, as the processing is necessary for compliance with a legal obligation.
12. PROCESSING APP LOG FILES
If you use our services, general information (that is not used on a individual basis) is initially stored automatically, i.e. not through registration. For example, our web servers normally store the following information: IP, Device ID, Device Type, OS, time of the server request.
The processing is carried out for the purposes of our legitimate interests, the legal basis of which is Art. 6 paragraph 1 sentence 1 letter f GDPR. This processing is used for technical administration and the security within the app.
13. COMBATING FRAUD
We may process pseudonymous information, such as the IP address or device ID, for the analysis of signals in order to identify fraud by third parties in the context of customer acquisition. To accomplish this, we are supported by external service providers whom we have ensured are committed to the same statutory requirements. The legal basis of Art. 6, paragraph 1, sentence 1, letter f GDPR. This processing helps the organizational security of the app.
14. FACEBOOK SDK
We use Facebook’s Software Development Kit (SDK) within some of our apps. The Facebook SDK is issued and administered by Facebook. By means of this integration, we can link various Facebook services with our app. For example, this enables users to be able to use the Facebook SDK to share content from our apps within their Facebook timeline or to send messages to other Facebook users. Further information about the Facebook SDK within iOS can be found here: https://developers.facebook.com/docs/ios. For Android, please refer to: https://developers.facebook.com/docs/android.
The legal basis for the storage of this data is Art. 6 paragraph 1 sentence 1 letter b GDPR.
Facebook App Events: We may use the Facebook App Events service though the Facebook SDK to track the reach of our advertising campaigns and the use of the Facebook SDK. Facebook merely provides us with an aggregated analysis of user behaviour with our app. We have no influence beyond that on the information that will be processed through App Events by Facebook.
Facebook is certified under the Privacy Shield Agreement and thus guarantees compliance with European data protection legislation (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).
The legal basis for this processing is Art. 6 paragraph 1 sentence 1 letter f GDPR. In our app settings, you can opt out of using App Events for these purposes.
15. INFORMATION ABOUT OUR FACEBOOK PAGE
When you visit our Facebook Pages, which we use to represent our company or individual products or services, some of your personal data will be processed. The sole controller responsible for the processing of personal data is Facebook Ireland Ltd (4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland, “Facebook”). Further information about the processing of personal data by Facebook can be found at https://www.facebook.com/privacy/explanation.
Processing of Page Insights
Facebook provides us with anonymized statistics and insights for our Facebook page, which help us to understand the types of actions that people take on our Page (so-called “Page Insights”). These Page Insights are created based on specific information about individuals who have visited our Page. This processing of personal data is carried out by Facebook and by us as joint controllers. The processing serves our legitimate interest to evaluate the types of actions being taken on our Page and to improve our Page based on these findings. The legal basis for this processing is Article 6 paragraph 1 letter f GDPR. We are in no case able to assign the information obtained via Page Insights to a specific Facebook profile using the “Like” data for our Page.
We have reached an agreement with Facebook to share joint responsibility for the processing, in which the division of data protection obligations between ourselves and Facebook is set out. Details about the processing of personal data for creating Page Insights and the agreement entered into between ourselves and Facebook can be found at https://www.facebook.com/legal/terms/information_about_page_insights_data.
Processing of data that is provided to us via our Facebook pages
We also process data that you make available to us via our Facebook Pages. Such information might be your Facebook user name, your player name in one of our games, contact details or a communication to us. We only process this personal data if we have previously expressly asked you to share this data with us, for example as part of a survey or a competition. This processing will be done by us as the sole data controller.
If you have communicated data to us because you are taking part in a contest, we will only process this if it is necessary to send you a prize. After delivery of the prize, or if you do not win, your data will be deleted. The legal basis for this processing is Article 6 paragraph 1 letter b GDPR.
Personal data that we have collected through surveys will be processed in anonymized form, to ensure that customers are happy with our offers. This processing serves our legitimate interest of continuously improving our offers, and the legal basis therefor is Article 6 paragraph 1 letter f GDPR.
16. GOOGLE MARKETING SERVICES
On our app we use the marketing and re-marketing services of Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”). These services allow us to display advertisements in a more targeted manner in order to present advertisements of interest to users. Through remarketing ads and products are displayed to users relating to an interest established by activity on other apps within the Google Network. For these purposes, a code is used by Google when our app is accessed and what are referred to as (re)marketing tags are incorporated into the app. With their help, an individual cookie, i.e. a small file, is stored on the user’s device (comparable technologies may also be used instead of cookies). Cookies can be set by various domains, including google.com, doubleclick.net, invitemedia.com, admeld.com, googlesyndication.com or googleadservices.com. This file records which apps users have visited, which content they are interested in and which offers have been used. In addition, technical information about the browser and operating system, referring apps, the length of the visit as well as any additional data about the use of the online products and services are stored. The IP address of users is also recorded, although we would like inform you that within the framework of Google Analytics, IP addresses within Member States of the European Union or in other contracting states to the Agreement on the European Economic Area are truncated.
All user data will only be processed as pseudonymous data. Google does not store any names or e-mail addresses. All displayed ads are therefore not displayed specifically for a person, but for the owner of the cookie. This information is collected by Google and transmitted to and stored by servers in the USA.
One of the Google marketing services we use is the online advertising program Google AdWords. In the case of Google AdWords, each AdWords customer receives a different conversion cookie. Cookies can therefore not be tracked through the apps of AdWords customers. The information collected by the cookie is used to generate conversion statistics for AdWords customers who have opted for conversion tracking. AdWords customers see the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, they will not receive any information that personally identifies users.
We may include third-party advertisements based on the Google Marketing Service called DoubleClick. DoubleClick uses cookies to enable Google and its partner apps to place ads based on users’ visits to this app or other apps on the Internet.
Google services make use of Google’s Tag Manager. For more information about Google’s use of data for marketing purposes, please see the summary page: https://www.google.com/policies/technologies/ads, Google’s privacy policy is available at https://www.google.com/policies/privacy
The legal basis for the use of this service is Article Art. 6 paragraph 1 sentence 1 letter f GDPR. If you wish to object to interest-based advertising by Google marketing services, you can do so using the settings and opt-out options provided by Google: http://www.google.com/ads/preferences.
Google is certified under the Privacy Shield Agreement and thus guarantees compliance with European data protection legislation
(https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
17. GOOGLE SDK (FIREBASE ANALYTICS)
We use the developer platform called “Google Firebase” as well as the associated functions and services of Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, (“Google”). Google Firebase is a platform for developing apps for mobile devices and websites. Google Firebase offers a variety of features, which are can be found on the following summary page: https://firebase.google.com/products/
The functions include the storage of apps, including users’ personal data, such as content they have created or information regarding their interaction with the apps. Google Firebase also offers interfaces that allow interaction between the users of the app and other services.
The analysis of user interactions is carried out using the analysis service of Firebase Analytics. This service helps us to record our users’ interactions. Events such as the first time an app is opened, the uninstalling of an app, updates, crashes or the frequency of use of the app are recorded. Certain user interests are also recorded and evaluated.
The information processed by Google Firebase may be used with other Google services, such as Google Analytics and Google marketing services. In this case, only pseudonymous information, such as the Android Advertising ID or the Advertising Identifier for iOS, will be processed to identify users’ mobile devices. Additional information on the use of data for marketing purposes by Google can be found on the summary page: https://www.google.com/policies/technologies/ads, Google’s privacy policy is available at https://www.google.com/policies/privacy.
The legal basis for use is Art. 6 paragraph 1 sentence 1 letter f GDPR. If users wish to object to interest-based advertising through Google marketing services, they can use the settings and opt-out options provided by Google: http://www.google.com/ads/preferences.
Google is certified under the Privacy Shield Agreement and thus guarantees compliance with European data protection legislation
(https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
18. ADVERTISING IN APPS
Our mobile apps allow you to view video sequences from third‑party providers funded through advertising. This allows paid content, for example, to be used free of charge. Viewing the videos is voluntary, and must be actively confirmed by you, the user.
The advertising displayed through our partners is either personalized or non-personalized (context-related). The data you provide when using advertising media is collected and analyzed, which will be explained in more detail below..
The legal basis for the processing is our legitimate financial interests (Art. 6 paragraph 1 letter f GDPR). You can deactivate personalized advertising in the settings of your mobile device. In order to do this, please follow the instructions below:
Android
Depending on your device, you can find the Google settings in one of the following locations:
– In a separate app called “Google settings”
– Scroll through your main app “Settings” and tap on Google Tap on “Ads” Tap on the toggle button next to Opt out of Ads Personalization iOS
iOS devices use Apple’s Advertising Identifier.
Further information on the different options for using this Identifier can be found in the Settings app of your mobile device.
This can be found by:
Opening “Settings” Selecting “Privacy” Selecting “Advertising” Here you can choose between specific settings using a toggle button.
Unity Ads
Unity Ads (a service of Unity Technologies, 30 3rd Street, San Francisco, CA 94103, United States) is another advertising partner that plays video ad sequences. Unity operates under its own responsibility and offers both personalized and context-related advertising. Unity’s Privacy Policy explains the scope of the data processing: https://unity3d.com/de/legal/privacy-policy. Specific information on privacy and opting out of personalized advertising is also displayed transparently in the video player.
Facebook Ads
In order to display personalized video ad sequences, we have also integrated the Facebook Audience Network SDK (Facebook Ads). Facebook operates under its own responsibility and offers comprehensive information on the legal basis for the data processing and its ad settings on its own information page: https://www.facebook.com/about/ads. As a Facebook user, you can switch off personalized advertising on third-party sites in the settings.
19. THE RIGHT TO OBJECT
In accordance with Art. 21 GDPR, you have the right to object to any processing operations executed that use Art. 6 paragraph 1 sentence 1 letter e or letter f of GDPR as their legal basis.
20. YOUR ADDITIONAL RIGHTS
As the person concerned, you are entitled to exercise your rights against us. In particular, you have the following rights:
In accordance with Article 15 GDPR and Section 34 BDSG, you have the right to request information as to whether or not, and to what extent, we process personal data about you. You have the right to have us correct your data in accordance with Article 16 GDPR. You have the right to have us delete your personal data in accordance with Article 17 GDPR and Section 35 BDSG. You have the right to have the processing of your personal data restricted in accordance with Article 18 GDPR. You have the right, in accordance with Article 20 GDPR, to receive the personal data concerning you that you have provided to us, in a structured, commonly used and machine-readable format and to transmit this data to another controller. You can exercise your rights by contacting us via email at: Paul.Vella@psgamesonline.com 27. MINOR’S PRIVACY
The Service is not targeted towards, nor intended for use by anyone under the age of 16. We do not collect personal data from any person we know is under the age of 16.
21. DATA PROTECTION OFFICER
You can reach our data protection officer at:
PS Games P/L
c/o Data Protection Officer
478 Nepean Hwy.,
Chelsea, Victoria, Australia, 3196
29. COMPLAINTS TO GOVERNMENT AUTHORITIES
If you believe that the processing of your personal data constitutes an infringement of the provisions of the GDPR, you have the right to lodge a complaint with a supervisory authority in accordance with Article 77 GDPR.