Thank you for visiting our website and even bigger thanks if you are going to download or have downloaded one of our games!
Who we are
Why you need to read this
It’s a bit like telling you to eat your vegetables. We want to do what’s best for you. When you visit our website or download our games, you will be giving us your information in a variety of ways as described in this policy (your personal data). This isn’t about giving you the small print. It is our commitment to you that we want to protect and respect your privacy. We want to try and make it as clear as possible to you what you are agreeing to when you visit our site and when you download our games. If you have any questions, just email us at firstname.lastname@example.org and we will try and answer them!
We may need to update this Policy at any time and without notice, so be sure to check this Policy regularly to understand how we use your information.
We’re sorry but it is a condition of using our site and playing our games that you need to agree with this policy and how we use your data for our legitimate business purposes as described below. If you don’t, please do not play them.
If you choose to play our games and/or use our service from outside the UK, you do so at your own risk with the understanding that personal information collected from the service may be processed in a country whose privacy laws may be less protective than those in the UK.
So what information will you collect about me and why do you need it?
We will collect and process the following data about you:
Obvious information you give us. This is information about you that you give us by:
- filling in forms on our site www.playstack.com including our mobile apps (for example when you fill in our contact us form, register an account with us, subscribe to our newsletters and promotions; fill in a profile on a game or enter one of our competitions or surveys); or
- using our site (for example by participating in discussion boards or other social media functions on our site); or
- corresponding with us by phone, e-mail or otherwise (for example if you report a problem with our website or one of our games).
You know what information you are giving us and why we need the information as you are filling in the forms and requesting us to do things for you! But as a gentle reminder, this may include your name, address, e-mail address and phone number, location data and any profile information you may give us if you set up a profile on one of our interactive multi player online games. Ultimately, we need this information to provide you with our games and our service, to comply with the contracts we may have with you and to notify you about changes to our service. These are our legitimate business reasons.
Less obvious information we collect about you.
In case you are interested (you’re probably not), this information boils down to technical information including: the IP address used to connect your device to the Internet, anonymous user ID, the full URL, the clickstream to, through and from our site (including date and time), products you viewed or searched for, page response times, errors, length of visits to certain pages, server log files, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, the platform and device you are using, SDK version, timestamp, API key, application version, device identifier, iOS Identifier for Advertising, Media Access Control (MAC) address, International Mobile Equipment Identity (IMEI), Model, manufacture and OS version of device, locale (specific location where a given language is spoken), time zone, network status (WiFi, etc.), location information (not sufficient to derive city and street names), gender, events, and page views, device type, chat history, transaction history and time zone of the player and how you play our game and site. We may receive back aggregated and anonymous data.
Also, how much of your data we use for these less obvious purposes can depend on your age. We will not target children inappropriately with in game advertising for example.
If we become aware that anyone under the age of 13 has registered with us and provided us with personal information, we will take steps to terminate that person’s registration and we may retain your email and IP address to ensure that you do not try to get around our rules by re-registering.
Are you going to try and flog me something I don’t want or sell my data to random third parties?
No. If, and only if, you have ticked a box to tell us you want us to market our products and services to you or to share your information with third parties then we will in the manner you have consented to only.
We use information we collect about you in various ways, like sending marketing communication about our other games and services based on your interests in the games you play or advertising within third party apps and Internet-connected devices.
What information we use for marketing & advertising
- Ad identifiers and other non personal information collected from your device
- Your age, country or region and gender
- Other demographic and interests based information that we may acquire from third parties who have obtained your consent or have a legal right to share that information with us
You can opt out of internet based marketing and advertising on mobile applications by updating the privacy settings on your device by selecting “limit as tracking” (iOS) or “opt out of internet based ads” (Android). You may still see some marketing & advertising in game, but those ads will not be targeted using any information we hold about you.
Do any third parties get my information from you?
We use some third party contractors and share your information with them as outlined above.
In addition, we have some corporate stuff to tell you about. We hope we will grow big. So eventually, we may have a number of different group companies (we will all be owned by the same company though). If this happens, we may want to share your information around our group so they can use it for the same internal purposes as we do described above (for example we might want to store our data on one server). It is possible we could sell our business to a third party or re-organise our business or become insolvent. In that scenario, our database of customers is one of the biggest parts of that business and so we would need to share it with the third party buyer and their advisers.
We will cooperate with all third parties to enforce their intellectual property or other rights. We will also cooperate with law enforcement requests from within or outside your country of residence. This may include disclosing your personal information to government or law enforcement agencies, or private parties, when we have a good faith belief that disclosure is required by law or when we, in our discretion, believe that disclosure is necessary to protect our legal rights, or those of third parties and/or to comply with a judicial proceeding, court order, fraud reduction or legal process served on us. In such cases, we may raise or waive any legal objection or right available to us. The legal basis for collecting this information is under Art 6 para 1(f) GDPR
From time to time, we may also share your information where we have the consent to do so;
- In order to provide services to you;
- Where it is necessary to carry out your instructions (e.g. to process a payment);
- Product and Service Improvements
- Where your data is in an anonymous and aggregated format i.e. you cannot be identified from it;
- Information we receive from or send to other sources. Sometimes, other people give us data about you which we may need for our legitimate business purposes or we may send data to them. This may happen when you use another website that we link to. For example, we may link through to third party payment providers. They tell us that you have paid for your products. We also might engage third party contractors to provide us with technical or delivery services that are related to your account with us. We may have to conduct credit referencing checks where this is a condition of entering into a contract with you. These third parties are our ‘data processors’ and we will always oblige them to protect your data in accordance with these terms whenever they process it.
- Occasionally, we enter partnerships with third parties to exchange information about you where we think it will give you an opportunity to get a great product or service but we will ALWAYS ask for your express permission to do this.
- We may use providers of analytical services or advertising network and search engine providers. We do not disclose information that identifies you as an individual, but we will provide them with aggregate anonymised information about our users (for example, we may inform them that 500 men aged under 30 have clicked on their advertisement on any given day or use that aggregated information to help them reach a particular demographic in our audience if and when we show you ads).
- If you have registered on one of our partner websites, such as Facebook, please remember you are linking the information are giving us with the information on that website so please read their privacy policies also and remember we may connect your two profiles. Also, if we offer you the opportunity to invite a friend to play a game by using the contacts from a social network service (e.g. your Facebook friends or Gmail contacts) then we will only use those contacts to send them that invitation.
Our games do use third party tools such as AppsFlyer and Delta DNA which use unique identifiers to collect anonymised information about our players so we can analyse their behaviour when they play our games. We also use unique identifiers that track when users download an app after seeing an advert for one of our games. For more information please visit https://deltadna.com/privacy/ and https://www.appsflyer.com/privacy-policy/.
What are cookies and what ‘cookies’ does Playstack use?
A cookie is a piece of text stored on the hard drive of your computer, mobile or other portable device (‘device’) by your web browser. Broadly, this tool distinguishes you from others without identifying you by name, although our website does not collect information about registered users. If you would like to know more about cookies, including flash cookies/local storage devices, the following websites provide useful information: www.allaboutcookies.org, and www.youronlinechoices.eu. The legal basis for using security and session cookies is the provision of the service you have requested (Art. 6 para. 1 (b) GDPR).
You may set your browser and your mobile settings to block cookies and local storage devices, but if you do so, you may not be able to play our games.
Where we store your personal data and for how long?
The data that we collect from you will be kept here in the EU. However, we use Amazon Web Services to provide us with various cloud based computing products which help us use your data including storage of your data and the provision of a content delivery network. The data centres we use are based in the EU. The US does not have data protection laws equivalent to those in the EEA at present. But we are working with Amazon and Amazon are working with the US Government to sign up to the EU/US Privacy Shield which will agree certain data protection responsibilities to its operations in the US.
If we ever engage processors outside the EEA, we will ensure they are contractually bound to take all steps reasonably necessary to ensure your data is treated securely and in accordance with this policy.
We only store your data for as long we need it. Storing data costs us money! Examples of timeframes that we may use to assess when we will delete your data are when you have been an inactive customer for two years or when we consider that the risk of any legal claim is negligible. We will also delete your data on your request though we may hold a list of the ‘opt out’ requests to administer your request.
Being safe and how we protect your data
All information you provide to us is stored on our behalf by Amazon Web Services and is therefore protected by their extremely rigorous security standards. Whenever we process data, we also use a variety of standard good practice security measures including requiring encryption, SSL certificates, HTTPS and ISO270xx compliance from our partners. Unfortunately, the transmission of information via the internet is not completely secure and we cannot guarantee that data breaches will never occur. Please keep your password safe at all times and log out of inactive sessions. Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
For safety purposes, we may require players to verify their accounts (because we want to make sure you are not a robot or under 13) and we might ask for your phone number, separate email address or for other ways for a parent to verify they have consented to you using our service. Don’t worry! This is only to make sure you are not a robot and that you stay safe online. We won’t use this information for unexpected reasons. Many of our games are for general audiences and we do not knowingly collect information from children – players that identify themselves are under 13 are not permitted to play our games. If you are a parent and are permitting your child to play the games then please review the nature of the games properly and we’d urge you to familiarise yourselves with the safety advice for children online – see: https://www.nspcc.org.uk/preventing-abuse/keeping-children-safe/online-safety/
We also do not recommend that you put email addresses, URLs, phone numbers, full names or addresses, credit card details or other identifying or sensitive information in any online chat function or profile.
Your rights under GDPR
- Right of access. You have a right to know what information we hold about you and in some cases to have the information communicated to you. If you wish to exercise this right please contact us letting us know that you wish to exercise your right of access and what information in particular you would like to receive. We reserve the right to ask for reasonable evidence to verify your identity before we provide you with any information. Please note that we may not be able to provide all the information you ask for, for instance if the information includes personal information about another person. Where we are not able to provide you with information that you have asked for, we will endeavour to tell you why. We will try to respond to any request for a right of access as soon as possible, but we will always do so within 1 month of receipt of your request and verification of your identity.
- Right to correct personal information. We try to keep the information that we hold about you accurate and up to date. Should you realise that any of the information that we hold about you is incorrect, please let us know at email@example.com and we will correct it as soon as we can.
- Data deletion. In some circumstances you have a right to have some of the personal information that we hold about you deleted. Should you wish to have any information about you deleted, please let us know at firstname.lastname@example.org. Please note that in order to process your request you must delete our games from your mobile devices and clear our cookies from any device where you have played our games in a web browser. Where we delete personal information about you, we may still retain some or all of that information for other purposes such as maintaining financial records, protecting or enforcing legal rights, maintaining marketing suppression lists or for technical reasons such as maintaining technical security or our database integrity. We may also retain your information in an anonymised form. In some instances, personal information about you that is visible through gameplay such as username, avatar, your high scores and any chat messages may be cached on other players’ devices and we may not be able to remove or update that data from those devices, for example if that device is not connected to a wifi network.
- Data portability. In some circumstances, you may have the right to request that data which you have provided to us is provided to you, so you can transfer this to another data controller.
- Restriction of processing. In some cases, you may have the right to request a restriction of the processing of your personal data, such as when you are disputing the accuracy of your data held by us.
- Right to object. You have the right to object to the processing of personal data about you which is processed on the grounds of legitimate interests
- Direct marketing opt out. If you have elected to receive direct marketing communications from us, you can change your mind at any time by following the opt out link in any marketing communication that is sent to you. If you have elected to receive more than one type of marketing communications from us, you may need to opt out of all of them individually. It may take a few days for us to update our records before any opt out is effective.
The legal basis for processing your data
In each case where we process your information, we do so lawfully in accordance with one of the legal basis set out under European data protection law. The legal basis which we rely upon are the following:
- Contractual Necessity. This covers data used by us in order to provide you with Services that you have requested – and that we have agreed – to provide to you, such as our games, customer services, community functionality and third party social network connectivity;
- Legal Obligation. This covers data used by us to comply with a legal obligation, such as the prevention of crime or fraud or to maintain records relating to tax;
- Legitimate Interests. This covers data used by us for purposes that are not harmful to your privacy and can be reasonably expected within the context of your use of our Services, such as Marketing, Advertising, analytics and research and optimisation of our games and player experience and other Services; and
- Consent. Where we ask for your consent to use your data for a particular purpose, we will make this clear at the point of collection and we will also make clear how you can withdraw your consent.
If you need to get in touch you can do so either by email to: email@example.com, or in writing to Data Compliance Officer, Playstack Ltd, 56A Poland Street, London, W1F7NN, United Kingdom; and please ensure you include specific details on your request and the best way for us to get back in touch.
Well done! You’ve read the whole thing, or just skipped to the end. Remember that this document is here to help you understand our commitment to protect your data and privacy, and to ensure you know how we are using any information we collect or need to store. If you have any questions or need more information, please do get in touch…