Last Updated: December 29, 2020
II. What Information/Personal Data Do We Collect?
A. Information You Provide to Us Directly.
When you interact with a KIXEYE owned website, or download the Service from a third-party app store, we will collect and store information from you directly as described below, to the extent it is available to us. We collect the information that you give us, and the information may include your:
- E-mail address
- KIXEYE account information, such as unique user-name, ID or avatar
- Your ID from various “Social Networks” (including Facebook, Apple iTunes, Google Play, Steam, etc.)
- We may also offer you the option to complete a user profile that is visible to other Service users. Your user profile may include: a profile image; one or more Service username(s); and a KIXEYE user ID number that is created by KIXEYE and used to identify your profile.
- Payment or billing information
- Your messages to us or the Services (chat logs, customer support requests)
- Information that helps us verify it’s actually you, prevent fraud, develop and improve our Services
B. Automatically Collected Information.
We collect other information automatically from your device through cookies and other means (SDKs, tracking pixels etc.) when you use our Services, including, to the extent it is available, and when required, subject to your consent:
- IP Address
- General Location Data Device information (such as device type, model, operating system, browser version, or unique device identifiers for checking device compatibility and IDFA or GAID)
- IDFA means Identifier for Advertisers on Apple and GAID means Google Advertising Identity. These unique identifiers are non-permanent and non-personal, meaning they do not contain sensitive information about you but do allow for consistency across all apps and cross-app tracking. You can opt-out of sharing your device identifier by updating the settings on your device.
- Service communications (in-game messages, chat logs)
- Connection type
C. Information Given to Us by Third Parties.
We may be given access to certain information collected from you by third parties, including Social Networks, through your use of such third party’s services, websites, applications, or other services.
D. Information we Collect Regarding Your Account.
We will create and assign to your device an identifier that is similar to an account number. We will also collect the following information about you, to the extent it is available, and if required, based on your consent:
- Game username;
- Device type; model; operating system; memory; storage;
- Telephone number;
- Country, region, city;
- User name, character name;
- E-mail address; and
- Your contacts to enable you to invite friends to join you in the Service.
When you use our Services, we will collect information about the ways in which you use and interact with our Services, such as when and for how long your device is logged into our games, game features you access and other players you interact with, in-app purchases you make, progress or levels you achieve, and other gameplay activities.
We also collect pseudonymous usage statistics about your interactions with the Service. This information is typically collected through the use of server log files or web log files, mobile device software development kits and tracking technologies like browser cookies to collect and analyze certain types of technical information. Some of the cookies the Service places on your computer are linked to your user ID number(s).
E. Information Gathered Through your participation in Communities
When you use the Service, you will get access to the online gaming community within the Service which gives you the opportunity to communicate or share information not just with us, but also with other users of our Service through:
- Participating in player forums and message boards;
- Posting public comments to other users’ profiles or game boards;
- Sending private messages or invitations to other users, either directly on our websites or to their e-mail accounts;
- Chat with other users; and
- Posting web links.
When you participate in online gaming communities, we access and store information / Personal Data about you. The information we store varies by game / application and is affected by the privacy settings you and your friends establish in that game / application. You can control and find out more about these settings within the application. We will collect the following information:
- Your in-Service username;
- Your device advertiser ID;
- Depending on how you log into the Services, Facebook User ID;
- The IP address of your access devices;
- Your in-game chats and messages; and
- If provided by you, your e-mail address and phone number.
- Submitted Avatars
F. Payment information
We will also collect some purchase information (which consists of transaction history, including what you have purchased, the price, and the date). Note that your in-game and/or in-app purchase transactions are processed by third-party payment processors, such as Apple (for purchases on iOS devices), Google (for purchases on Android devices). These third-party payment processors are the “merchant of record” for your purchases and do not share your financial information, like credit card numbers, with us.
G. Customer Support correspondence
When you ask for assistance from our Customer Support team, we will collect and store:
- Your name and e-mail address;
- Information about your activity on the Service;
- Your user name or ID number; and
- Any correspondence connected to the assistance provided to you
H. Information we Never Collect.
We do not collect any "special categories” of information from or about you. That is racial data or information regarding ethnic origin, sexual practices or orientation, political opinions, religious or philosophical beliefs, union membership, or health data etc.
III. How and Why Do We Use this Information / Personal Data?
We use your Personal Data and non-personal information to:
A. Provide you with our Services.
- Communicate with you according to your preferences, and our Terms of Service.
- Operate, develop, maintain, and improve our Services.
- Provide customer support for the Services.
- Resolve disputes and enforce our Terms of Service.
- Make special/promotional in-game offers available to you
- Collect fees, payments, and other amounts due in connection with the Services.
- Enable you to connect with other players.
- Create a user account to use the Services.
- Provide you with the appropriate version of the Services, including in your preferred language.
- Identify, fix, and troubleshoot bugs and service errors.
- Develop new services.
B. Secure our Services.
- Identify and/or prevent fraud.
- Identify and/or prevent Terms of Service violations, illegal activities or cheating.
- Verify user identities for customer support communications.
- Monitor, ensure and enhance the security of our network and information systems.
C. Personalize our Services or Offer Promotions.
- Provide you with notices, personalized game experience and other offers.
- Communicate with you regarding your areas of interest and respond to your requests.
- Serve, optimize and measure the effectiveness of our marketing campaigns.
- Perform analytics for internal marketing and demographic studies to develop, improve or personalize the Services.
- Save, track your game attributes, progress and stats.
We also use your Personal Data and non-personal information to:
- Comply with legal obligations.
- Exercise, establish, or defend our Terms of Service and other legal rights.
- Instances in which we have a good faith belief of a need to protect the safety, financial or important interest of you, us or any other person.
IV. Who Do We Share this Information / Personal Data With?
A. Third Party Service Providers.
B. KIXEYE Affiliated Companies.
We are a part of the StillFront AB group of companies. We may share your information amongst our subsidiaries, parents, or affiliated companies to deliver and/or improve our Services and extend you personalized experience and offers.
C. A Successor or Acquiring Third Party.
D. As Required by Law.
We may disclose Personal Data if we have a good faith belief we are obliged to do so to:
- Comply with a legal obligation.
- Protect and defend the rights or property of KIXEYE, users of the Services, or others.
- Protect the personal safety, financial or important interest of users of the Services or the public.
- Protect against legal liability.
- Monitor compliance with & enforce our Terms of Service, policies, or forum/community rules.
- Respond to lawful requests by public authorities, including national security or law enforcement agencies.
V. How do we Store and Protect Your Personal Data?
A. Protecting your Personal Data.
We implement reasonable security measures to protect the security of your information both online and offline, and we are committed to the protection of customer/user information. While we take reasonable precautions against possible security breaches of our Services and our customer databases and records, we cannot guarantee that unauthorized access, hacking, data loss, or other breaches will never occur. Unfortunately, the transmission of information over the Internet is never completely secure. Although we strive to protect your Personal Data, we cannot guarantee the security of your data while it is being transmitted to our site; so any transmission is at your own risk. We urge you to take steps to keep your personal information safe (including your account password), and to log out of your account after use. If your account is hacked, this may lead to unauthorized access to your account, so please keep your account information secure.
B. Storing your Personal Data.
VI. Your Privacy Controls
You have control over the collection and use of your Personal Data. You may at any time access or correct your Personal Data, restrict collection or processing of your Personal Data, and in some cases, request the deactivation or permanent deletion of your Personal Data. To request access, correction, restriction, deactivation, or deletion of your Personal Data, contact us at email@example.com. Before we process any request, we may ask that you verify your identity to protect your privacy. This may include communication via the Services platform or other methods of identity verification.
Requests that are unverified, unreasonable or impractical may be rejected. To protect your account, requests for deactivation or deletion of Personal Data require additional verification, which may include a temporary suspension of your account and the Services. Once requests for deactivation or deletion are processed, they are permanent, and the Personal Data and account cannot be restored.
VII. Children Under Age 13
VIII. Third Party Privacy Policies & Practices / Social Networks
IX. Data Retention / Effect of Deletion Requests
X. Legal Bases for European Countries’ Users
If you are located in a country in the European Union, the European Economic Area, or Switzerland, the following are the legal bases which we rely upon in processing your information.
- Contractual Necessity. This covers data used by us in order to provide you with Services that you have requested - and that we have agreed - to provide to you, such as our games, customer services, and chat functionality;
- Legal Obligation. This covers data used by us to comply with legal obligations, such as to maintain records relating to tax or to respond to valid legal requests for certain data;
- Legitimate Interests. This covers data used by us for purposes that can be reasonably expected with your use of our Services and that we do not believe are harmful to your privacy, such as analytics to understand how our users navigate our websites and apps, to keep our websites and apps safe and secure, research and optimization of our Service, to provide a more personalized experience, marketing and advertising; and
Consent. In cases where we process data based on your consent, we will ask for your explicit consent. You may withdraw consent at any time, but that will not affect the lawfulness of the processing of your personal data prior to such withdrawal.
XI. European Countries Users’ Rights
If you are located in a country in the European Union, the European Economic Area, or Switzerland, you have certain rights in relation to the personal data we hold about you, which we detail below, and which are subject to exemptions under applicable data privacy laws. Some of these only apply in certain circumstances as set out in more detail below. We also set out how to exercise those rights. Please note that we may require you to verify your identity before responding to any requests to exercise your rights. We will respond to a request by you to exercise those rights without undue delay and at least within one month (although this may be extended by a further two months in certain circumstances). To exercise any of your rights, please send an email to firstname.lastname@example.org.
We may decline to process requests in certain circumstances, such as where requests are manifestly unfounded or excessive or requests that jeopardize the privacy of others.
A. Deletion of your personal data
In some circumstances, you may request that we erase some of the personal data we hold about you. Should you wish to have your Personal Data deleted, please contact us at email@example.com.
Please note that in order to process your request and ensure deletion you must delete our apps/games from your mobile devices and clear our cookies from any device where you have played our games. You must also remove all Service functionality links within your Social Network accounts. When we delete any information, it will be deleted from our active databases but may remain in our archives. Please note, however, we may still retain some or all of that information for other purposes such as maintaining financial records, protecting or enforcing legal rights, maintaining marketing suppression lists or for technical reasons such as maintaining technical security or our database integrity. We may also retain your information in an anonymized form. See “Data Retention Impact of Deletion” above for more information about requests for deletion.
B Access and portability
You have a right to know what information we hold about you and, in some cases, to have the information communicated to you. If you wish to exercise this right, please contact us at firstname.lastname@example.org and let us know that you wish to exercise your right of access and precisely what information you are requesting. Please note that we may not be able to provide all the information you ask for, for instance if the information includes personal information about another person.
In some circumstances, you may request the data we process based on consent or to perform our contract with you in a structured, commonly used and machine-readable format or to request we transfer such personal data to another party. Your rights are subject to exemptions under applicable data privacy laws.
If you wish for us to transfer the personal data to another party, please ensure you detail that party and note that we can only do so where it is technically feasible. We are not responsible for the security of the personal data or its processing once received by the third party.
We also may not provide you with certain data if providing it would interfere with another’s rights (e.g. where providing the personal data we hold about you would reveal information about another person or our trade secrets or intellectual property) as permitted under applicable data protection rights.
You have the right to correct any Personal Data we have that is inaccurate. Where you request correction, please explain in detail why you believe the Personal Data we hold about you to be inaccurate or incomplete so that we can assess whether a correction is required.
D. Restriction of processing to storage only
You have a right to require us to stop processing the Personal Data we hold about you other than for storage purposes in certain circumstances, e.g. while we are considering whether it should be corrected or deleted or, based on your objection, whether we should permanently stop processing. Please note, however, that if we stop processing the Personal Data, we may use it again if there are valid grounds for us to do so (e.g. for the defense of legal claims or for another’s protection).
You have the right to object to our processing of data about you other than where required to perform under our Terms of Service.
You also have the right to object to our processing of data about you by emailing us at email@example.com if we are processing the data we hold about you on the basis of our legitimate interest and you object to such processing. Please provide us with detail as to your reasoning so that we can assess whether there is a compelling overriding interest in us continuing to process such data or we need to process it in relation to legal claims.
If you wish to make a complaint about how we process your Personal Data, please contact us at firstname.lastname@example.org and we will endeavor to respond to your concerns. This is without prejudice to your right to launch a claim with the data protection supervisory authority in the EU country in which you live or work where you think we have infringed data protection laws.
XII. Your California privacy rights.
Effective January 1, 2020, if you are a California resident, and upon your verifiable consumer request, you have the rights listed below (however, these rights are subject to certain exceptions permitted by law):
- Information. You can request the following information about how we have collected and used your Personal Information during the past 12 months: the categories of “Personal Information” (as contemplated by the CCPA) that we have collected; the categories of sources from which we collected Personal Information; the business or commercial purpose for collecting and/or selling Personal Information; the categories of third parties with whom we share Personal of information so that we can provide our Services to you. If you ask us to delete some or all of your information, you may no longer be able to access or use the Services.
- Nondiscrimination. You are entitled to exercise the rights described above free from discriminatory practices prohibited by California law.
Exercising your rights. You may exercise your California privacy rights described above by emailing us at email@example.com, or the in-game contact methods from time to time. We will need to confirm your identity and California residency to process your requests to exercise your information, access or deletion rights. We cannot process your request if you do not provide us with reasonably sufficient detail to allow us to understand and respond to it.
Response Timing. We aim to respond to a consumer request for access or deletion within 45 days of receiving that request. If we require more time, we will inform you of the reason and extension in writing.
XIII. EU-US and Swiss-US Privacy Shield – Transfers from EU
Any transfer of Personal Data from member states of the European Union, the European Economic Area (Iceland, Liechtenstein, Norway), Switzerland or the United Kingdom (as long as it is treated like an European Union Member State) to any countries where the European Commission has not decided that this third country or more specified sectors within that third country in question ensures an adequate level of protection, shall be undertaken, in particular, through one of the following mechanisms: (i) in accordance with the Swiss-U.S. and EU-U.S. Privacy Shield Principles issued by the U.S. Department of Commerce, both available at https://www.privacyshield.gov/EU-US-Framework (the “Privacy Shield Principles”), or (ii) the Standard Contractual Clauses
With respect to Personal Data received or transferred pursuant to the Privacy Shield Frameworks, KIXEYE Inc. is subject to the regulatory and enforcement powers of the U.S. Federal Trade Commission.
Pursuant to the Privacy Shield Frameworks, EU, UK, and Swiss individuals have the right to obtain our confirmation of whether we maintain Personal Data relating to you in the United States. Upon request, we will provide you with access to the Personal Data that we hold about you. You may also correct, amend, or delete the Personal Data we hold about you. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the United States under Privacy Shield, should direct their query to firstname.lastname@example.org. If requested to remove data, we will respond within a reasonable timeframe.
We will provide an individual opt-out choice, or opt-in for sensitive data, before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use and disclosure of your Personal Data, please submit a written request to email@example.com.
In certain situations, we may be required to disclose Personal Data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
KIXEYE Inc’s accountability for Personal Data that it receives in the United States under the Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles. In particular, KIXEYE Inc. remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process Personal Data on its behalf do so in a manner inconsistent with the Principles, unless KIXEYE Inc. proves that it is not responsible for the event giving rise to the damage.
In compliance with the Privacy Shield Principles, KIXEYE, Inc. commits to resolve complaints about your privacy and our collection or use of your Personal Data transferred to the United States pursuant to Privacy Shield. European Union, United Kingdom, and Swiss individuals with Privacy Shield inquiries or complaints should first contact us at firstname.lastname@example.org.
KIXEYE Inc. has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://bbbprograms.org/privacy-shield-complaints/ for more information and to file a complaint. This service is provided free of charge to you.
If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction.
On July 16, 2020, the Court of Justice of the European Union issued a judgment declaring as “invalid” the European Commission’s Decision (EU) 2016/1250 of 12 July 2016 on the adequacy of the protection provided by the EU-U.S. Privacy Shield. As a result of that decision, the EU-U.S. Privacy Shield Framework is no longer a valid mechanism to comply with EU data protection requirements when transferring personal data from the European Union to the United States. The U.S. Department of Commerce and the European Commission are discussing the potential for an enhanced EU-U.S. Privacy Shield Framework to comply with the July 16, 2020 decision by the CJEU. The Department of Commerce is continuing to administer the Privacy Shield program while those discussions proceed. On September 8, 2020 the Federal Data Protection and Information Commissioner (FDPIC) of Switzerland issued an opinion concluding that the Swiss-U.S. Privacy Shield Framework does not provide an adequate level of protection for data transfers from Switzerland to the United States pursuant to Switzerland’s Federal Act on Data Protection (FADP).
In the interim, in addition to adhering to the Privacy Shield principles, KIXEYE using/relying upon (existing or implementing) the Standard Contractual Clauses with its data processing partners, and it is actively reviewing the operational adequacy of its technical security measures, internal privacy and security protocols to evaluate what, if any, additional safeguards are appropriate with respect to Personal Data.
However, in parallel with these good faith steps by KIXEYE, by using the Services you are consenting to, and accepting the risks associated with the transfer of your Personal Data and non-personal data to the United States and other countries which may not offer the same level of privacy protections as the laws in your country of residence or citizenship. As a result, your information could be accessed by U.S. and other foreign governmental agencies and authorities, or otherwise, in accordance with applicable local laws including local laws authorizing mass and/or covert digital surveillance.
We will provide an individual opt-out or opt-in choice before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use and disclosure of your Personal Data, please submit a written request to email@example.com.
XV. Contact Us