The following information will give you an easy overview of what happens to your personal data when you play our games or use our Website. Please read the following definitions to better understand how we process your data.
– Controller – Titan Gamez sp. z o.o. with its seat in Warsaw 00-712, 76 Bluszczańska Street paw. 6.
– Personal data or Data – information about a natural person identified or identifiable by one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity, including device IP, location data, internet identifier and information collected through cookies and other similar technology.
– GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC.
– Website – the Website operated by the Controller at https://titangamez.com/.
– User – any natural person visiting the Website or using one or more services or functionalities described in the Policy.
HOW DO WE COLLECT YOUR DATA?
We collect data when you provide it to us yourself, by using our services or visiting our Website. For example, this may be data that you enter in a contact form or register for one of our services. Other data is collected automatically when you download and use our games.
WHAT PURPOSES DO WE USE YOUR DATA FOR and what is the legal basis for this?
We use your information to provide you with access to our games and our services. We also collect information about how you use our services or play our games for statistical and analytical purposes. Data collected by the Controller when the User uses or downloads games may be used in order to enable the User to play the game in question (in which case the legal basis for the processing is that the processing is necessary for the performance of the contract), as well as for statistical or analytical purposes (in which case the legal basis for the processing is the Controller’s legitimate interest in carrying out analyses and statistics in order to improve the services and functionalities offered).
In connection with the User’s use of the services (including the Website), the Controller collects data to the extent necessary to provide the particular services offered, as well as information about the User’s activity on the Website. The detailed principles and purposes of the processing of Personal Data collected during the use of the Website by the User are described below.
PURPOSES AND LEGAL BASIS OF DATA PROCESSING ON THE WEBSITE
USING THE WEBSITE
Personal data of all persons using the Website (including IP address or other identifiers and information collected through cookies or other similar technologies), are processed by the Controller:
- for the purpose of providing electronic services in terms of making the content collected on the Website available to Users – then the legal basis for processing is the necessity of processing for the performance of the contract;
- in order to possibly establish and assert claims or defend against claims – the legal basis of the processing is the Controller’s legitimate interest in being able to defend its business interests;
The User’s activity on the Website, including his/her Personal Data, are recorded in system logs (a special computer programme used for storing a chronological record containing information on events and activities concerning the IT system used for providing services by the Controller). The Controller processes the information collected in this way mainly in connection with the provision of its services and for the purposes related to it. Additionally, the Controller may process data also for technical and administrative purposes, to ensure security of the IT system and to manage the system. In such cases, the personal data are processed by the Controller on the basis of a legitimate interest of the Controller, which consists in providing and improving functionalities offered to the Users.
On the Website, the Controller has provided Users with the possibility to contact him using an electronic contact form. If the User decides to use the form, he will be required to provide Personal Data, which are necessary to handle the enquiry (establish contact with the User, as well as respond to it). Providing data marked as obligatory is required for accepting and servicing the enquiry, and failure to provide such data results in the impossibility of servicing.
Personal data are processed:
- in order to handle an enquiry submitted via the contact form – the legal basis is the legitimate interest of the Controller, which consists in the possibility of responding to enquiries addressed to him;
- in order to possibly establish and assert claims or defend against claims – the legal basis of the processing is the Controller’s legitimate interest in being able to defend its business interests.
The Controller has also provided the Users with a newsletter service. The User interested in receiving information on the Controller’s activities, services or products must provide their e-mail address for that purpose. Providing the data is required in order to provide the newsletter service, and failure to provide the data results in the inability to send the newsletter.
Personal data are processed:
- in order to provide the newsletter service – the legal basis of the processing is the necessity of the processing for the performance of the contract;
- in the case of directing marketing content to the User within the newsletter – the legal basis for processing, including with the use of profiling, is the Controller’s legitimate interest in connection with the consent to receive the newsletter;
- for analytical and statistical purposes – the legal basis of the processing is the Controller’s legitimate interest consisting in conducting analyses of the Users’ activity on the Website in order to improve the applied functionalities;
- in order to possibly establish and assert claims or defend against claims – the legal basis of the processing is the Controller’s legitimate interest in protecting your rights.
The Controller processes personal data of Users visiting the Controller’s profiles in social media (Facebook, Twitter). The data are processed in connection with running the profile, including the purpose of informing the Users about the Controller’s activities and promoting various events, services and products. The legal basis for the processing of Personal Data by the Controller for this purpose is its legitimate interest consisting in promoting its own brand.
Cookies are small text files installed on the User’s device when browsing the Website. Cookies collect information which makes it easier to use the Website, e.g. by storing the User’s visits to the Website and their actions.
- Session cookies: are stored on the User’s Device and remain there until the end of the session of the respective browser. The stored information is then permanently deleted from the Device’s memory. The mechanism of session cookies does not allow collecting any personal data or any confidential information from the User’s Device;
- Persistent cookies: these are stored on the User’s Device and remain there until they are deleted. Ending the session of a given browser or switching off the Device does not cause their deletion from the User’s Device. The mechanism of permanent cookies does not allow collecting any personal data or any confidential information from the User Device.
Facebook Pixel is a tool for measuring the effectiveness of advertising campaigns carried out by the Controller on Facebook. The tool allows for advanced data analytics in order to optimise the Controller’s activities also with the use of other tools offered by Facebook. Detailed information on data processing by Facebook can be found under this link: https://.facebook.com/help/443357099140264?helpref=about_content.
Google Analytics cookies are cookies used by Google to analyse your use of the Website, to compile statistics and reports on the Website’s operation. Google does not use the collected data to identify the User, nor does it combine this information to enable identification. Detailed information on the scope and principles of data collection in connection with this service can be found under the link: https://policies.google.com/technologies/partner-sites?hl=ENG.
GOOGLE TAG MANAGER
Google Tag Manager is a script management tool for a website. It can be used to install various types of scripts on the Website. This includes scripts related to consents given by the User, scripts that track User behavior through analytical tools such as Google Analytics, or conversion tracking from advertising systems such as Google Ads. In connection with the use of the tool, Google collects aggregate data on the running of these scripts, without the possibility to identify a specific User. Detailed information about the scope and principles of data collection in connection with this service can be found under the link: https://www.google.com/analytics/terms/tag-manager/.
HotJar is a tool that allows Administrator to conduct analysis of Users activity in the Service, e.g. through surveys or satisfaction studies and through anonymous gathering of information about clicks on particular places in the Service. The tool does not allow for identification of the User. Detailed information on the data collected via HotJar and on how to deactivate User monitoring is available at: https://www.hotjar.com/privacy.
INFORMATION ABOUT THE RESPONSIBLE PERSON
The responsible entity (referred to in the GDPR as „controller”) is the natural or legal person who, alone or jointly with others, makes decisions about the purposes and resources for processing personal data (e.g. names, email addresses, etc.).
The controller of your personal data is:
Titan Gamez sp. z o.o.
with registered seat in Warsaw 00-712, 76 Bluszczańska Street PAW. 6.
If you have any questions or suggestions regarding data protection or the exercise of your rights, you can email us at firstname.lastname@example.org.
DISCLOSURE OF DATA
In connection with the provision of services, Personal Data will be disclosed to external entities, including in particular suppliers responsible for the operation of IT systems, the owner of the Facebook platform and Google.
The Controller reserves the right to disclose selected information concerning the User to competent authorities or third parties who request such information on the basis of an appropriate legal basis and in accordance with the provisions of the applicable law.
DELETION OF USER DATA
We will delete or anonymise your personal data as soon as it is no longer necessary for the purposes for which we collected or used it in accordance with the previous sections. We will generally keep your personal data for as long as you use the Website or for the duration of the contract, unless the data needs to be kept longer for legal reasons, for the purposes of criminal proceedings, or in order to secure, pursue or enforce legal claims, or is required to satisfy our legitimate interests, or until you successfully object to such processing.
To use our services, you must confirm full legal capacity or, in the case of limited capacity, obtain the consent of your legal guardian. We do not knowingly collect or request personal information from children. If you are unable to confirm full legal capacity, please do not send us any personal information, including your name, address or email address. If we become aware that we have collected your child’s personal information, we will delete it as soon as possible. If you believe we may have your child’s information, please contact us at email@example.com
YOUR RIGHTS AS A DATA SUBJECT
RIGHT TO INFORMATION
At any time, upon request, you have the right to obtain information from us about your personal data within the scope of Article 15 of the GDPR. To request such information, you can make a request by post or email to the address above.
THE RIGHT TO RECTIFY INACCURATE DATA
You have the right to request us to immediately correct any incorrect personal data concerning you. To do so, please use the contact addresses given above.
RIGHT TO ERASURE
THE RIGHT TO RESTRICT PROCESSING
You have the right to request that we restrict the processing of your data in accordance with Article 18 of the GDPR. If you exercise this right, the Controller shall cease performing operations on the personal data – with the exception of operations to which the data subject has consented – and their storage, in accordance with the retention rules adopted, or until the reasons justifying the restriction of processing cease to exist (e.g. until a decision is made by a supervisory authority authorising further processing).
RIGHT TO DATA PORTABILITY
On this basis, with regard to data processed in an automated manner in connection with the concluded contract or the granted consent, the Controller issues the data provided by you in a computer-readable format. It is also possible to request the data to be sent to another entity, provided that there are technical possibilities in this respect both on the part of the Controller and the indicated entity.
RIGHT TO OBJECT
Pursuant to Article 21 of the GDPR, you may object at any time to the processing of your personal data, on grounds relating to your particular situation, which is carried out on the basis of a legitimate interest of the Controller (e.g. for analytical or statistical purposes or on grounds relating to the protection of property); your objection in this respect shall contain a statement of reasons.
In addition, you may object to the processing of your personal data for marketing purposes at any time, without having to justify such objection.
RIGHT TO LODGE A COMPLAINT
You also have the right to lodge a complaint with the competent data protection authority – in particular in your EU Member State of habitual residence, place of work or the place where the alleged infringement occurred The competent supervisory authority in Poland is:
Office for the Protection of Personal Data
Stawki street, 200-19, Warsaw firstname.lastname@example.org
RIGHT TO WITHDRAW CONSENT
Where the processing of personal data takes place on the basis of consent given, the data subject shall have the right to withdraw the consent at any time, which shall not, however, affect the lawfulness of the processing carried out before the withdrawal of consent.
SUBMITTING REQUESTS RELATING TO THE EXERCISE OF RIGHTS
All requests concerning the exercise of the above-mentioned rights of data subjects should be submitted:
- In writing to the Controller’s address;
- By e-mail to the following address: email@example.com.
The request should, as far as possible, indicate precisely what is being requested, i.e. in particular:
- Which rights the applicant wishes to exercise (e.g. right to erasure, right to obtain a copy of the data);
- What process the request concerns (e.g. use of a particular service, activity in a particular application, receipt of a newsletter, etc.)
- What are the purposes for which the requested data are processed (e.g. marketing purposes, analytical purposes, etc.).
If the Controller is unable to identify the person making the request solely on the basis of the request made, he will ask the person for additional information. The provision of such data is not mandatory, but failure to do so will result in the request being refused.
The request shall be answered within one month of receipt. If an extension of this period is necessary, the controller shall inform the person making the request of the reasons for such extension.
The period of data processing by the Controller depends on the type of service provided and the purpose of a given processing. As a rule, the data shall be processed throughout the period of provision of the service or realisation of the order until the moment of withdrawal of the consent or effective objection to data processing in cases where the legal basis of data processing is the legitimate interest of the Controller.
The processing period may be extended if the processing is necessary for the establishment and assertion of possible claims or the defence against claims, and thereafter only if and to the extent required by law. After the end of the processing period, the data are irreversibly deleted and anonymised.
The provision of personal data to the Controller is generally voluntary. However, if you choose to use some of our services or games, the provision of personal data is mandatory. Without providing data, some services may not be available and the Controller will not be able to fully respond to your request.