PRIVACY NOTICE
regarding games published by VTDev Informatics LLC
Effective from: 3 October, 2024
VTDev Informatics Limited Liability Company (registered at: 2083 Solymár, Párkány utca 17., registration number: 13-09-143349; hereinafter: Service Provider) provides the following information regarding data processing during the use of the games available at several online distribution platforms, in accordance with the General Data Protection Regulation of the European Parliament and Council, Regulation 2016/679 (hereinafter: “GDPR”).
1. Definitions
|
Games |
The mobile and desktop applications published by Service Provider on Apple App Store, Google Play Store, Amazon Appstore or Steam.
|
|
Platform
Service Provider
Website |
Online distribution platform for purchasing applications and software (e.g. Steam, Apple App Store).
VTDev Informatics Limited Liability Company, which develops and publishes the games on Platforms.
|
2. What is the purpose of this privacy notice?
In this privacy notice, the Service Provider provides detailed information about the processing of personal data during the use of the Games in accordance with legal regulations.
3. What is the purpose of the data processing?
During the use of the Games, the Service Provider may access users’ personal data for various purposes, such as advertising, saving progress or analytics.
These data processing activities may involve third-party service providers as well.
4. How does this privacy notice apply to users?
If the terms of use for the given game do not specify different conditions, by downloading the Games, the provisions of this privacy notice are automatically acknowledged without the need for any further legal declaration.
5. Who can modify this privacy notice, how and where is it published by the Service Provider?
The Service Provider is entitled to unilaterally modify this privacy notice at any time. The Service Provider publishes the modified privacy notice on the Website in a unified structure with the amendments. This privacy notice is continuously available at https://vtdevinfo.com/privacy.html
6. What categories of personal data do we process, for how long, for what purposes, and on what basis?
Our legal bases for data processing are as follows:
a) Based on Article 6(1)(a) of the GDPR, the user's voluntary consent to data processing („Consent”);
b) Based on Article 6(1)(b) of the GDPR, data processing is necessary for the performance of a contract in which the User, as the data subject, is one of the parties (“Performance of the Agreement”)
c) Based on Article 6(1)(f) of the GDPR, data processing is necessary for the purposes of the legitimate interests pursued by the data controller or by a third party (“Legitimate interest”)
6.1. Data processing regarding the Website
6.1.1. Data processing related to logs of visits (automatic data collection)
In the case of visiting the Website, the Service Provider processes the User’s log data to monitor the operation of the services and prevent misuse.
|
A |
B |
C |
D |
E |
Data category |
Data source |
Purpose of data processing |
Legal basis for data processing |
Data retention period |
|
User’s IP address, date and time of the visit, browser or client software name |
User |
Monitoring and analyzing website traffic, diagnosing issues, ensuring security |
For purposes
GDPR Article 6 (1) (f) Legitimate interest
|
60 days from the date of the User’s visit |
Service Provider does not associate the data arising from the analysis of log files with other information and does not attempt to identify the User. The processed data not sufficient to identify the individual on their own.
6.2. Data processing regarding using the Games
|
A |
B |
C |
D |
E |
Data category |
Data source |
Purpose of data processing |
Legal basis for data processing |
Data retention period |
|
User’s achievements, scores, leaderboard details |
User |
Improving gaming and user experience |
For purposes
GDPR Article 6 (1) (f) Legitimate interest
|
According to privacy policies set out in Section 7.2. |
|
Networked game state |
User |
Supporting multiplayer mode |
For purposes
GDPR Article 6 (1) (f) Legitimate interest
|
According to privacy policies set out in Section 7.2. |
|
Gameplay-related data, save settings |
User |
Saving game progress |
GDPR Article 6 (1) (b): Performance of the agreement
|
According to privacy policies set out in Section 7.2. |
|
Analytics, usage statistics |
User |
Helping Service Provider’s marketing campaign; logging in-app purchases; obtaining crash and exception reports |
GDPR Article 6 (1) (a): Consent
GDPR Article 6 (1) (b): Performance of the agreement
GDPR Article 6 (1) (f) Legitimate interest
|
According to privacy policies set out in Section 7.2. |
|
Location data, device ID, usage statistics, diagnostics* |
User |
Third-party advertising activities |
GDPR Article 6 (1) (f) Legitimate interest
|
According to privacy policies set out in Section 7.2. |
* The provision does not apply to the “Assault Commander Rearmed” application available on Steam platform.
7. Who processes your personal data and who has access to them?
7.1. Data controller
VTDev Informatics Limited Liability Company
Registered seat: 2083 Solymár, Párkány utca 17.
Registry number.: 13-09-143349
E-mail address: privacy@vtdevinfo.com
Employees or other collaborators of the Service Provider access your data only to the extent necessary to perform their job duties.
7.2. Data processors
We engage subcontractors to provide website hosting services (https://megacp.com); mobile and web application development services (https://firebase.google.com/support/privacy); third party advertisement service providers (https://policies.google.com/technologies/partner-sites); services provided by online distribution platform such as services for saving user-generated content (https://www.apple.com/legal/internet-services/itunes/ww/index.html; https://www.apple.com/legal/privacy/en-ww/; https://store.steampowered.com/privacy_agreement/; https://developer.amazon.com/docs/policy-center/privacy-security.html); usage and analytics services (https://unity.com/legal/privacy-policy)
7.3. Data transfer to third countries
Among the data processors we engage, data transfer to the USA-based Google LLC is ensured to comply with the EU-US Privacy Shield framework. Therefore, such data transfers do not qualify as transfers to a third country outside the European Union.
8. Who is the Service Provider’s data protection officer?
The Service Provider is not obliged to appoint a Data Protection Officer (DPO).
9. What rights do you have regarding the processing of your personal data and how do we ensure their exercise?
a) Right of access: You can request information about what data we process, for what purpose, for how long, to whom we disclose it, and where your data originated from.
b) Right to rectification: If your data changes or is recorded incorrectly, you can request that we correct, amend, or update it. Please ensure to regularly review your data and inform us of any changes within 15 days so that our database remains up-to-date and accurate.
c) Right to erasure: In cases defined by law, you can request that we delete the data we hold about you.
d) Right to restriction of processing: In cases defined by law, you can request that we restrict the processing of your data.
e) Right to object: In cases defined by law, you can object to the processing of your data. In such cases, we will not process your data further and will delete it.
f) Right to data portability: By completing the data portability request form attached to this information sheet, you can request the transfer of your data. By exercising this right, you can request that we provide you or directly transfer to another service provider, as specified by you and with your authorization, the types of data defined by law. Please note that data portability requests can only be made for data that you have provided to us, processed with your consent, and processed in an automated manner. Additionally, the transfer to another service provider can only be fulfilled if it is technically and securely feasible.
If you submit the above requests, we will proceed in accordance with the applicable laws and inform you within one month about the measures we have taken based on your request.
g) Right to withdraw consent: When we process your data based on your consent, you have the right to withdraw your consent at any time. However, this withdrawal does not affect the lawfulness of our processing based on your consent before its withdrawal.
h) Right to object to processing based on legitimate interests: If we process your data based on legitimate interests, you have the right to object to such processing. In this case, if the conditions defined by law are met, we will cease processing your data.
i) Right to lodge a complaint: If you believe that our processing of your data violates the law, you have the right to lodge a complaint with the relevant supervisory authority:
name: Nemzeti Adatvédelmi és
Információszabadság Hatóság
post address: 1374 Budapest, Pf. 603.
address: 1055 Budapest, Falk Miksa utca 9-11.
phone: +36 (1) 391-1400
email: ugyfelszolgalat@naih.hu
You can also refer the matter to a court of competent jurisdiction.
10. How do we ensure the security of your data?
Our company's collaborators and employees involved in data processing are authorized, to a predetermined extent and under confidentiality obligations, to access personal data.
We protect personal data through appropriate technical and other measures, ensuring its security, availability, and safeguarding against unauthorized access, alteration, damage, disclosure, and any other unauthorized use.
As part of our technical measures, we employ encryption, password protection, and antivirus software. Our company strives to make processes as secure as possible and adheres to strict regulations to ensure the security of data received by us and to prevent unauthorized access.
11. What do we do if a data protection breach occurs with us?
In accordance with the regulations, we report the data protection incident to the supervisory authority within 72 hours of becoming aware of it and keep a record of data protection incidents. In cases specified by law, we also inform the affected users.
12. When and how do we modify this data protection notice?
If the scope of the data we process or other conditions of data processing change, we will modify this data protection notice within 30 days in accordance with GDPR requirements and publish it on the Website.