Effective date: 20 August 2021
We strive to make the use of the Products not only interesting and convenient, but also secure. We highly value the privacy of the information you provide to the Company, and we collect personal information so that you have access to all the functionality of our Products, and so that we can contact you about the use of the Products and improve their operation, making them even more convenient and secure.
The term "personal data" (also referred to as user data or data) is used within the meaning of the General Data Protection Regulation (hereinafter referred to as "GDPR"), subject to the existing international practices on personal data protection in the countries providing an adequate level of protection, and includes any information related to you or identifying you directly or indirectly, in particular by reference to an identifier such as first name, last name, email address, location data, online identifier, etc.
WHY WE COLLECT PERSONAL DATA
Our legal basis for collecting and using Personal Data will depend on the relevant personal information and the specific context in which we collect it, but in any case the data we collect and process is obtained lawfully andon a legal basis.
We process personal data in ways permitted by the applicable personal data protection laws, e.g. by operations that are carried out with or without the use of automation equipment, in particular: we collect, record, organise, structure, store, adapt or change, review, use, disclose (by transmission, dissemination or otherwise making available), compare or combine, restrict, erase or destroy personal data.
We only process your personal data where:
- (1) we need the personal data to fulfil our contractual obligations with you, including ensuring the operation of the Products;
- (2) the processing is in our legitimate interests and does not infringe your rights;
- (3) the processing is necessary to comply with our obligations under applicable legislation; or
- (4) we have your consent to the processing and such processing does not infringe your rights.
If we ask you to provide data as required by the applicable legislation or to fulfil a contractual obligation with you, we will explain this and tell you whether or not providing your personal data is compulsory and explain the possible consequences if you do not provide the data.
Below is a list of the purposes for which we may use your personal data.
1. To enable you to use the Products
We ask you to provide data in order to create an account for you, i.e. profile, and allow you to use the Products (in particular the Game) and to verify and confirm payments made by you to access certain additional elements, parts of the Products and, where applicable, to provide to you a confirmation of receipt of the Products to which you have requested access.
2. To make the Products even more convenient and reliable
User data also helps us to keep our Products stable, to develop and optimise them and to increase your satisfaction with our Products.
We continuously check our Products for errors. If we identify a problem, we review the data we have collected before the problem occurred to help us resolve it more quickly. We can also use the information we collect to improve existing Products and to create new Products, to ensure the security of the Products and your data, including preventing fraud and any abuse, including by sending security alerts.
3. To assess the effectiveness of the Products
We use your data to track, analyse and segment it, including to analyse how our users interact with our Products and other users. For example, we analyse the usage statistics of the Products in order to optimise their internal structure and speed up operations, moderate game chats, Skylore online forum and Freshdesk Skylore (technical support service). For the aforementioned purposes, we also analyse your communications sent by you while using the Products (game chat, messages on the Skylore online forum and in the Freshdesk Skylore (technical support service)).
4. To keep in touch with you
We use your profile information and email, if you have provided it to us, to contact you and send you information on updates, security alerts and to provide technical support to you, including responding to your comments and requests. Moreover, we store your support requests so we can deal with your problems more effectively and quickly. We also use your data to send you newsletters and promotional emails about our Products and services.
You can unsubscribe from promotional emails by following the instructions in them, and you can also opt out of ads based on your interests in mobile apps by checking your device's privacy settings. For more information on ad serving companies and how to opt out of their targeted advertising, please visit NetworkAdvertising page.
WHAT PERSONAL DATA WE COLLECT
1. Data that you share with us yourself:
1.1. Contact details
Email may be required in certain cases to register your profile and to access the Products for use, including to restore your profile and access to the Products, and to contact the customer support.
1.2. Profile data
Username and password. You will need these credentials in order to use the Skylore online forum and Freshdesk Skylore (technical support service) and we can use them to help you reset your password, for example if you forget it. We also may create a specific ID for you when you use the Products.
1.3. Other information that you provide voluntarily
Any data you provide as part of your correspondence in game chats, the Skylore online forum and Freshdesk Skylore.
You should be aware that any visitor of the game chats and forums may read your postings on the forums. Any information you post on the game forum and/or in the game chat, including your name and other profile information, will be available to all visitors to that forum or chat, and we cannot guarantee the security of any such information you disclose in a private message to another forum user or player within the game, since you are providing the information to the third party at your own risk.
2. The data we collect when you use the Products
2.1. Browsers and devices
We record information on the browsers, devices and general location data you use to access our Products, which ensures, for example, automatic updates.
We collect unique identifiers, browser and device type and settings, operating system, and record information about how browsers and devices interact with our services: IP address and identifiers of your device (i.e. device ID as well as advertising ID), crash reports, system activity details, date and time of visit, originating URL (the one from which you visited them).
We receive this data when your device accesses our servers when using the Product, e.g. when you launch it or check for available updates.
2.2. Your activities
We collect information on your activities while using the Products, which includes:
- profile and gameplay data;
- data on how you use the Products, including as part of the gameplay and your interaction with other users of the Products;
- queries you have searched for in the Products;
- data collected through cookies and similar technologies.
All of this allows us to optimise and improve the performance of the Products.
2.3. Your location
When you use the Products, we collect information on your location to a certain degree of accuracy and for this purpose we take your IP address into account. We collect this information to customise and personalise the services we provide to you and for our internal analytics and reporting purposes.
In some countries, including countries of the European Union, the information referred to above in this paragraph may be treated as personal information under the applicable data protection laws.
Access settings (activity tracking)
You can choose in your device settings which activities you would like to share with us as part of your use of the Products.
We collect some of your data even if you are not logged in to your profile, but you can influence this. Such data includes:
- browser settings
you can specify to be notified when a cookie is stored, or you can choose not to store cookies from certain or any domains at all. But please note: cookies are essential for the correct operation of our Products, in particular the website https://skylore.com. If cookies are blocked, the website may work incorrectly.
- device level settings
your device may have its own data collection settings. For example, you can specify exactly how your advertising ID information should be handled in order to provide targeted advertising tailored to your interests, namely by enabling or disabling ad personalisation.
4. Data we collect from our partners
We collect the data we receive:
- when you link to the Product any third-party tools such as Facebook, Google, etc.;
- from the platforms on which the Product (in particular the Game) is hosted and from the payment systems that are required to confirm payments. To learn more about the data we receive from our partners, please visit the websites of our partners;
- for analytics and advertising purposes collected by AppsFlyer, as well as crash reports (including Account ID) collected by Google's Firebase Crashlytics.
As the Products include services from our partners such as: hosting providers (e.g. Leaseweb and Hetzner), CDN providers (e.g. CloudFlare, CDNNow, G-Core), social interaction tools, in-game advertising and analytics (including fraud detection), such partners may have access to your data and process it in accordance with their own privacy policies. We encourage you to check their privacy policies to learn more about their data processing practices. Please check the official web pages of the above partners for more information.
5. Sensitive categories
We do not collect any special (sensitive) categories of your data (such as racial origin, political views, data concerning health or biometric data).
The services are not intended for use by anyone under 13 years of age. If you are under 13, you should not register a profile or communicate any data to us. We do not collect personal data from such persons.
Users between the ages of 13 and 16 should obtain permission from their legal representatives to provide user data before using the Products.
If we become aware that we have collected personal data on behalf of a person under 13 years of age, then (as applicable), we will erase such information with effect from the time we become aware of it. If you have reasons to believe that we have collected such data, please inform us immediately.
YOUR RIGHTS REGARDING PERSONAL DATA
Where permitted under the applicable legislation, you have the following rights in relation to your personal data:
- right of access to your personal data: at any time you can ask us what data we hold about you, why we process it, who we share it with, etc.;
- right to rectification: you may request that we update your personal data if it is incomplete, out of date or incorrect, by sending an email to the address [email protected], stating your account ID and Support ID, or via the game client by logging into your user account and using the in-game menu "Settings -> Information -> Personal Data";
- right to restriction of processing: at any time you have the right to request us to restrict the processing of your data to the extent you consider necessary. For example, if you believe that your data is inaccurate and we need time to check it, we may pause the processing of your data to clarify whether or not this is the case;
- right to erasure: you can ask us to erase some or all of the personal data that we hold about you at any time by sending an email to [email protected] or by submitting your request via the game client by logging into your profile and using the in-game menu "Settings -> Information -> Personal Data".
We will cease processing and destroy the personal data we hold about you within the timeframe required by the applicable personal data protection laws, unless we are required or permitted to retain and/or use your personal data in accordance with the regulatory requirements applicable to us. Remember, if you submit an appropriate erasure request, you will no longer have access to your profile required to access the Products;
- right to data portability (under certain circumstances): if you wish, you can ask us to upload (export) all the personal data we hold in a format that is acceptable for transfer to third parties;
- right not to be subject to a decision based solely on automated processing: if we process your personal data automatically and make certain decisions in accordance with such processing, and this seriously affects you, you can express your opinion and challenge such a decision;
- right to complain to a supervisory authority: you can always make a complaint about how we process your personal data.
If you are a resident of the European Union, you have rights to data protection to an extent no less than that specified in the GDPR.
HOW YOUR PERSONAL DATA IS SHARED
1. What data you share yourself and when
You can share your information with our partners and control the process.
For example, if you leave a review for a Product on Google Play or App Store, your name and picture will appear next to the published review if it was previously uploaded by you to your app store account.
2. What data our company transmits and when
We do not disclose or share user data with companies, organisations or individuals not affiliated with our company. However, there are exceptions, and you can find out more about them below.
In all cases, we adhere to the formal requirements of applicable data protection laws and only share your data with third parties when we are confident that we can protect your privacy and your rights. For example, if the third party is located in a country that has not been recognised by the European Commission as providing an adequate level of personal data protection, we will ensure that we have agreements in place with the relevant third party that include standard data protection provisions approved by the European Commission or other data protection measures recommended by the European Commission.
2.1. Transfer to third parties
We may disclose users' personal data to third parties in the following cases:
- in order to enforce our legitimate interests and contractual obligations between you and the Company. Such third parties include hosting companies, technical support companies and companies detecting fraud related to the use of the Products;
- when you have consented to the transfer of your personal data to them;
- when we assign our rights and obligations under the relevant contract, including in connection with a commercial merger, sale of assets or the Products.
Transfer of your personal data to a third party may only be permitted to a minimum extent and only for the purpose of carrying out the tasks that are appropriate for the objective reason for collection and transfer of the data.
2.2. Statutory Requirements
Like other information technology and telecommunications companies, from time to time our Company receives requests from officials and government bodies for provision of user data.
In such situations, we may give your data to officials and supervisory authorities, but only if we believe in good faith that such natural and legal person have a right to receive, use, retain or disclose such data.
These are usually officials, public bodies and organisations that act within the law to:
- ensure compliance with legal requirements, implement a court judgement or enforce a request from a government agency;
- enforce compliance with the terms of the User Agreement or investigate possible violations thereof;
- detect, deter or otherwise seek to prevent fraud, and work to correct technical or security problems;
- protect the rights, property or safety of the Company, our users or the public as required by the applicable legislation and by the powers vested in them by law.
In any case, we consider all requests carefully and may reject a request if it is drafted in too general terms or in breach of the rules of the applicable legislation.
HOW WE PROTECT YOUR PERSONAL DATA
By collecting your data, we gain valuable information which enables us to identify and automatically remedy security problems in the Products, should they occur. The security of your data is our priority, so we protect it reliably. If your data is at risk, we will surely let you know if there is a problem and tell you how to avoid it.
Our servers are located in the countries of EEA and other regions.
We may apply different measures to protect the collection, transfer and storage of personal data that we collect, depending on the sensitivity of the personal data as well as the level of technological development.
To protect your data, we use physical, electronic and procedural safeguards in accordance with the international standards, review and update our data collection, storage and processing practices, including physical security measures to prevent unauthorised access to our systems, and systematically test technical and information technology equipment for conformity to the security standards.
We do everything we can to protect us and our users from unauthorised attempts to access, alter, disclose or destroy the data we hold.
1. Some of the security measures we take:
- we use encryption to ensure the confidentiality of data during transmission;
- we restrict network access to the Company's servers and arrange physical separation of access to the servers;
- we audit the activities of the users and identify cases of unauthorised access to information in a timely manner;
- we regularly assess the harms and risks of processing personal data;
- we install and use anti-virus software (with virus databases updated);
- we take measures to restrict the circle of persons with access to the servers and databases where personal data is stored, in particular we restrict access to data to our employees, contractors and agents, and we impose strict contractual obligations on them, with sanctions and/or dismissal for breach of these obligations, as personal responsibility is one of our main requirements for the operation of the personal data protection system and a prerequisite for ensuring its effectiveness.
The measures we use are designed to provide a level of security appropriate to the risk of processing your personal data, but please note that online security cannot be guaranteed to be 100% secure.
2. Prevention of abuse
If we detect any attempted hacking of our Product, unlawful use of another person's profile in fraudulent activities or other misuse of our Products which violates our policies, we reserve the right to temporarily restrict access to your profile until the facts are established. Under certain circumstances we may also report the breach to the relevant authorities.
If we think your profile has been hacked, we will try to contact you to let you know and tell you how to protect it.
HOW WE KEEP YOUR PERSONAL DATA
We retain personal data that we collect from you when we have a continuing legitimate business need to do so (for example, to provide you with access to the Products you have requested access to, or to comply with applicable legal, tax or accounting requirements).
We will retain your personal information for as long as necessary to achieve the purpose for which it was collected, as required by the applicable data protection laws, or until you ask us to erase it.
We store collected data for a certain period of time. The length of storage depends on the type of information and how we use it, for example:
- we will retain information on your profile, your email address (if applicable) and information on how often you use our Products until you decide to delete your profile and request us to do so or until we delete the profile ourselves if you do not use it.
We retain some data longer if it is required by law or necessary for the legitimate business purposes, such as tax, legal, accounting purposes, fraud or abuse prevention and/or other purposes. Such data may be retained even after the profile has been deleted.
We store your personal information in different regions, such as the Netherlands, the Federal Republic of Germany and other regions depending on the country of your residence. As your data may be located outside the European Economic Area, which has not been recognised by the European Commission as providing an adequate level of data protection, we guarantee that we take all necessary measures to protect your data and process it in accordance with the applicable data protection regulations.
How data is erased
When we have no ongoing legitimate business need to process your data or you have asked us to erase it, we will either erase or anonymise it, or if that is not possible (for example, because your data has been stored in back-up archives), we will store it securely and isolate it from further processing until such time as it can be erased.
This way, your data disappears completely from our servers or is only stored there in an anonymised form.
We take additional security measures to ensure that your data is not accidentally deleted or erased as a result of unlawful acts, so your data will not be removed from our servers and backup systems immediately after you request it, but after some time, but in any event after no more than 30 calendar days.
- data processing procedures of other companies and organisations that advertise our Products;
- services offered by other natural or legal persons, including products or websites that have our company's Products embedded, and links to which appear in search results or in our services.
3. Company's representative (data protection officer)
In order to comply with the applicable personal data protection laws and to ensure an appropriate level of security in the processing of your data and its professional protection, we have made provision for the appointment of an officer authorised to represent us and our interests in relations connected with our responsibilities for the processing of personal data.
Data protection officer: [email protected].
The data protection officer's responsibilities include, among other things, answering any questions you may have, as well as questions from the regulatory authorities.
4. Requests regarding data protection issues
We respond to all requests we receive from you as natural persons who wish to protect their data protection rights under the applicable data protection laws.
If you make a request, we will have thirty (30) calendar days to respond to you, and in certain cases the period may be extended by two (2) more months. If you want to exercise any of these rights, please contact us. Before we process any request, we may ask you for certain information to verify your identity.
You can email us at [email protected]
For regulatory authorities from the EU: [email protected].