Zee Games Studio SRL is committed towards protecting the privacy of our users when we process personal data and consider this for all business processes. Zee Games Studio SRL observes the strict data protection guidelines. Data protection provisions apply to all services offered in our games operated by Zee Games Studio SRL but not to pages or services belonging to other providers/social networks and services that the game may include. In this respect, the data provision conditions of the relevant provider shall apply.
We use the term "personal data" in the sense of Article 4 of the General Data Protection Regulation ("GDPR").
Who we are
Zee Games Studio SRL is a Romanian company, represented by its General Director Radu Claudiu, and located at Str. Pecetei, Bucharest, Romania.
If you have questions specifically about data privacy, you can contact us using firstname.lastname@example.org.
What personal data do we collect?
We collect personal data from you when you login with your Facebook account. The following categories of data are processed by us:
● Data for access management (email, name)
e.g. e-mail address, full name (but also e.g. social network identifier if you connect through your social network account)
● Customisation data
e.g. your display name, your avatar
● Data about your game progress
e.g. your level, quest status, the number of in-game resources you have
● Data about your preferences
e.g. sound on/off
● Data about individual payments in our games
e.g. if you buy in-game currency/resources using our shop
● Personally identifiable data
e.g. your name
The way we process these data, why and on what legal basis we do this are explained below.
Sensitive data in the GDPR are the so-called "special categories of personal data", e.g. on your racial or ethnic origin, your health, or your political opinions.
We do not collect any sensitive data from you.
Data from children
If you are younger than 16, you need to obtain a clear consent of your parent or guardian if you are willing to use our games. A parent or a guardian can at any time exercise all the applicable rights available by law and those listed in this Data Policy on your behalf.
What do we process your data for?
We only process a user’s personal data in compliance with the relevant data protection regulations. This means that a user’s data shall only be processed if the user has given his or her legal permission for us to do so.
This is the case especially then when data processing is required in order for us to be able to provide our contractual and online services, or when required by law, we are in possession of the consent of the user, and when it is collected for the sake of our legally legitimate interests (i.e. interest in the analysis, optimization, and economic operation and safety of our online product as per Article 6 (1) (f) of the GDPR, in particular with regard to range measurement, the creation of profiles for advertising and marketing purposes, as well as the collection of access data and the use of the services of third-party providers).
We feel obligated to point out that Art. 6 (1) (a) and Art. 7 of the GDPR serve as the legal basis for consent, Art. 6 (1) (b) of the GDPR serves as the legal basis for processing for the performance of services and the performance of contractual measures, Art. 6 (1) (c) of the GDPR serves as the legal basis for processing in order to fulfill our legal obligations, and Art. 6 (1) (f) of the GDPR serves as the legal basis for processing in order to safeguard legitimate interests.
Additionally, your country and language is used to provide you with a localisation of our games - we will try to serve you content in your language and our in-game shop in your local currency.
Payments and invoices
If you want to buy in-game currency in our in-game shop, your interaction will usually be with third-party payment processors. In either case, if a payment was successful, we get this information as a digital invoice, which we store to fulfil legal requirements (Article 6.1.c GDPR), to retain them in the case of legal dispute (legitimate interest; Article 6.1.f GDPR), and to optimise our web presence for you (legitimate interest; Article 6.1.f GDPR).
These invoices contain data on what item you purchased, how much you paid for the item and what method you used to pay us with. We do not store information that could be used to make a payment on your behalf.
Security and fraud prevention
(legitimate interest; Article 6.1.f GDPR)
We don't store data such as your IP address and certain device information when you access our games and interact with those.
Optimisation of games and campaigns
(legitimate interest; Article 6.1.f GDPR)
We don't track information about your behaviour and preferences.
Over the course of campaign optimisation, we share some of these data with third-party trackers (listed below).
Are you required to share your personal data with Zee Games Studio SRL?
There are some data we require from you:
● Data needed to fulfill our contractual obligations and the associated services
Data you explicitly make available: Data for access management, Personally identifiable data (where applicable), Data about your preferences (opt-in/opt-out).
Data you supply by browsing our game: Network data, Data about your game progress.
● Data that we are legally required to store
Data you supply by making a purchase: Data about individual payments in our games.
Without these personal data we cannot provide our services to you.
We do not use your personal data for any automated individual decision-making that would have legal or otherwise similarly significant effects on you.
How long do we store your data?
For data that we store for legal reasons, we retain the data as long as legally required of us (up to ten years).
For data that we store in consideration of legal disputes, we retain the data as long as legally permissible. This may be up to 30 years.
Where do we store your data and who do we share it with?
Your personal data within Zee Games Studio SRL.
Your personal data is processed only by the people necessary for us to pursue our legitimate interests, or to comply with our contractual or legal obligations.
Your personal data outside of Zee Games Studio SRL.
We share your data only where it is legally permissible to do so, either when it's required to fulfil contracts you may have with us (Article 6.1.b GDPR) or on basis of legitimate interest (Article 6.1.f GDPR).
We share your personal data only if you have given us permission to do so, in aggregate or anonymised form (preventing the data from being linked to other data you may have supplied elsewhere), or with providers that are contractually obliged to treat your data with care.
We exchange data with providers in the following categories:
● Hosting and content distribution providers. These typically have no direct access to our systems, but provide network infrastructure that will necessarily process your IP address to deliver our assets.
● Payment providers. When you make a payment through a payment provider, we will get invoice information from these providers. Any payment details needed to actually make a payment on your behalf is handled only by the payment providers, not by us.
● Social network operators. These are only relevant if you're playing our games through their websites or explicitly choose their logins. For more information, please refer to the operators' documentation.
● Crash reporting. Our mobile games embed crash reporting functionality. The crash reports contain only anonymous information. Nonetheless, you can opt-out of this in the settings of the application.
The providers we use are contractually bound to treat your data with the utmost care. Whenever the process allows, we anonymise or pseudonymise your data.
Under no circumstances do we sell your data to third parties.
Information regarding your rights
We are committed to complying to the General Data Protection Regulation (GDPR) - one of the strictest Data Privacy regulation in the world. This affords you several inherent rights to your personal data.
You have the right to...
● ...request access to your personal data (Article 15 GDPR) in a portable format (Article 20 GDPR),
● ...request correction of your personal data (Article 16 GDPR),
● ...request restriction of the processing of your personal data (Article 18 GDPR),
● ...request deletion of your personal data (Article 17 GDPR),
● ...withdraw consent for your processing of data, when we do this in accordance with a legitimate interest (Article 7.3 and Article 21 GDPR),
You can easily ask us to delete your data (which is only possible with the full deletion of your game account): please contact us either through the support widget on our website, or by contacting us via email (email@example.com). If you contact us, please understand that we may need to ask you to prove your identity - after all, you wouldn't want a random stranger to get access to your data/delete your profile, and neither do we.
Note that it may take up to a month for us to process a request of yours. Should there be any delay, we will of course let you know.
You can find additional legal information in the Articles 7.3, 15 – 21 and 77 of the GDPR.
Your right to access, correct and erase your personal data
(Articles 15, 16, 17 and 20 GDPR)
At any time, you can request information on whether your personal data is processed by Zee Games Studio SRL or not, what the conditions of such processing are, and to receive a copy of your personal data. More specifically, you can request information about:
● the purposes for which the data are processed,
● the categories of personal data that are processed,
● the categories of recipients with whom we have shared the data,
● the intended duration of storage,
● your rights in regards to this data (correction, erasure, restriction, withdrawal of consent, and lodging a complaint with the supervisory authority),
● the source of the data in cases where we did not obtain it from your direct interactions with us,
● and the existence of any automated decision-making based on this data, including profiling, and your right to request meaningful information about the algorithms involved.
If you make this request electronically, the information will be provided in a commonly used electronic form. Should you make this request several times, we may ask a fee of you to cover administrative costs.
You also have the right to instruct us to correct any personal data that is inaccurate.
Lastly, you have the right to ask us to erase your personal data, if there are no legal reasons for us to retain it (such as freedom of expression, legal requirements, public interest or if required as evidence in legal disputes) and one of the following reasons applies:
● your personal data is no longer necessary considering the purposes for which it was collected or processed;
● you wish to revoke your consent having served as the basis for the processing and there is no other basis justifying such processing;
● your personal data has been the subject of unlawful processing;
● your personal data should be erased pursuant to a legal requirement.
When we delete data that we've made public over the course of offering our services to you, we will not contact any third party providers that may have this information cached, we can provide you the contact and names of any third-party provider and you may contact them to erase your data fully.
Right to the restriction of processing of personal data
(Article 18 GDPR)
You can assert your right to limit the processing of your personal data when:
● you contest the accuracy of your personal data, during the time necessary to verify the accuracy of such data;
● the processing of your personal data is unlawful but you oppose the erasure thereof and instead demand the limitation of processing;
● when we no longer need your personal data but you still need such personal data for the establishment, exercise or defense of legal claims.
Right to personal data portability
(Article 20 GDPR)
You have the right to receive personal data you have provided to us in a structured, commonly used and machine-readable format, and to transmit such data to another controller without hindrance from Zee Games Studio SRL.
Right to revoke consent
(Article 7.3 and 21 GDPR)
We only process your personal data with your consent, unless the data processing is otherwise required. You may revoke your consent at any time by changing the settings associated with your account (or by deleting your account outright, if you prefer).
Please note that a revocation of your consent does not affect the lawfulness of processing carried out prior to such revocation.
Facebook are based in the US, are committed to the Privacy Shield Framework and offer opt-out instructions on https://www.facebook.com/help/568137493302217
Google are based in the US and are committed to the Privacy Shield Framework.
Google Ads (a/k/a Google Remarketing) and AdMob
Google offer opt-out instructions for Google Ads and AdMob on https://adssettings.google.com/authenticated
Google offer opt-out instructions for Google Analytics on https://tools.google.com/dlpage/gaoptout.
Your IP address is masked when it is sent to Google Analytics.
For further information, see https://www.google.com/analytics/terms/
We make use of the widespread SSL (Secure Socket Layer) encryption method to deliver our site securely when you visit it, in conjunction with the highest level of encryption supported by your browser.
You can tell when any single page at our website is transmitted in encrypted form by the closed presentation of the lock (or key) symbol in your browser’s status bar.
We also take appropriate technical and organizational security measures to protect your data against destruction, accidental or intentional manipulation, partial or total loss, or against the unauthorized access by third parties. Our security measures are continuously improved upon in accordance with technological developments.
If you have any questions or concerns about data privacy, you can contact us at firstname.lastname@example.org.