PRIVACY AND DATA POLICY | ISSUED BY FIREPROOF STUDIOS LTD | Last Updated: 24 May 2018
1. INTRODUCTION AND GENERAL TERMS
These terms apply to the use of games and other products developed by Fireproof Studios Ltd (also known as Fireproof Games) (‘Fireproof’ / ‘we’ / ‘us’). Our registered office is at Hays House North Wing, Ground Floor, Millmead, Guildford, Surrey, England, GU2 4HJ. We are a company registered in England, with company number 06687549.
The Online Services may contain hyperlinks to services owned and operated by third parties. These third party services may have their own privacy policies and we recommend that you review them. They will govern the use of personal information that you submit or which is collected by cookies and other tracking technologies whilst using these services. We do not accept any responsibility or liability for the privacy practices of such third party services and your use of these is at your own risk.
2. INFORMATION WE MAY COLLECT ABOUT YOU
We collect and process the following information which may include your personal data.
Contact information provided by you when you contact us or use the Support Centre
We may ask you for, or you may submit, certain contact information to us whenever you contact us through the Support Centre or via firstname.lastname@example.org.
This may include:
Information provided by you when you respond to a job vacancy on our Website
(“Job Vacancy Information”)
We may ask you for, or you may submit, certain information to us whenever you respond to a job vacancy or apply for a job through the Website. This will normally include your CV or a portfolio of your work which may contain personal and non-personal information such as:
Information collected for the purposes of providing analytics
We may collect technical information about your use of the Online Services through the use of tracking technologies and analytics.
Personal data we may collect includes the following:
We use the following third party analytics providers:
Flurry, Google Analytics & Unity Analytics
Flurry, Google and Unity may collect analytics data on our behalf and in accordance with our instructions, and their applicable privacy notice. If you would like to find out more about the way they collect and process this information this is likely to be set out in their privacy policies and/or terms and conditions. Please refer to:
Facebook and Twitter
If you post or upload any content about the Games on Facebook or Twitter, this will be under Facebook and Twitter’s privacy policies which can be found at https://www.facebook.com/full_data_use_policy and https://twitter.com/en/privacy.
3. WHY WE COLLECT INFORMATION ABOUT YOU
To provide our Games to you
To help us improve the Online Services and fix any problems
We may process information about you (including Analytics) so that we can analyse and improve our Games and Online Services.
This processing is also necessary for us to pursue our legitimate interests of (i) ensuring that our Online Services function properly so that you and other users have the best experience when playing any of our Game(s) and using the other Online Services; (ii) improving the quality of our Online Services, and providing a better experience to our users; and (iii) identifying and correcting any bugs in the Games and Online Services.
A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve the Online Services in order to tailor them to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.
Overall, cookies help us provide you with a better Website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
You can choose to accept or decline cookies.
To respond to your enquiries and requests for support
To fill any job vacancies
We may process Job Vacancy Information so that we are able to take steps prior to entering into a contract with you, including assessing your skills, qualifications and suitability for the role and/or communicating with you about the recruitment process. We may also need to process this information to enter into a contract with you.
We also have a legitimate interest in processing Job Vacancy Information during the recruitment process and for keeping records of the process. Processing data from job applicants allows us to manage the recruitment process more efficiently, assess and confirm a candidate’s suitability for employment and decide to whom to offer a job.
To prevent fraud and illegal activity
We process personal data for our legitimate interests of ensuring that any use of the Online Services is lawful and non-fraudulent, does not disrupt the operation of our services, does not harass our staff or other individuals, to enforce our legal rights and to comply with our legal obligations.
We work with the Digital Content Stores (listed below) to assist us with fraud prevention and the detection of any illegal activity (e.g. to verify in-app purchases made).
4. DATA SHARING
Merger or acquisition: If we are involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified via, account message and/or a prominent notice on our website of any change in ownership or uses of this information, as well as any choices you may have regarding this information.
Required by law: In addition, we may disclose your information to the extent that we are required to do so by law (which may include to government bodies and law enforcement agencies); in connection with any legal proceedings or prospective legal proceedings; and in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention).
Enforcement: We may also disclose your personal information to third parties in order to enforce or apply the terms of agreements, to investigate potential breaches, or to protect the rights, property or safety of Fireproof, our customers, or others.
Digital Content Stores: Where the Games are downloaded through Steam, Xbox Live, PSN, Google Play, iTunes/Apple App Store, Oculus Store, Nintendo Switch eShop and/or Amazon App Store we may disclose your personal information to Valve Corporation, Microsoft, Sony, Google, Apple, Facebook, Nintendo and/or Amazon respectively for the purposes of facilitating any payments made through these platforms.
Support Centre: We use two third party platforms provider called Freshdesk and Salesforce Desk to manage any support requests, queries and issues raised by users which are sent to email@example.com. Further details about the way in which Freshdesk and Salesforce Desk may collect and process your information can be found in their terms at https://www.freshworks.com/privacy and https://www.salesforce.com/uk/company/privacy/.
5. YOUR RIGHTS IN RELATION TO PERSONAL DATA WHICH WE PROCESS RELATING TO YOU
You have the following rights over the way we process personal data relating to you, as set out in the table below. We aim to comply without undue delay, and within one month at the latest.
To make a request, please let us know by sending an email to firstname.lastname@example.org.
Ask for a copy of data we are processing about you and have inaccuracies corrected
You have the right to request a copy of the personal information we hold about you and to have any inaccuracies corrected.
We will use reasonable efforts to the extent required by law to supply, correct or delete personal information held about you on our files (and with any third parties to whom it has been disclosed to).
Object to us processing data about you
Obtain a machine readable copy of your personal data, which you can use with another service provider
Make a complaint to a Supervisory Authority
6. DATA RETENTION
We will hold Job Vacancy Information for a period of two years so that we can contact previous candidates when any new job opportunities arise at Fireproof which we think would be of interest or suitable for them.
We will hold any correspondence sent to email@example.com or via the Support Centre (which may include Contact Information) for a period of 12 months so that we can refer back to any previous support/help requests made by users in order that we are able to offer our users the best level of support and help.
At the end of these periods or once you withdraw your consent, your data is deleted or destroyed.
We will take all reasonable technical and organisational precautions to prevent the loss misuse or alteration of your personal information.
Please be aware that, although we endeavour to provide reasonable security for information we process and maintain, no security system can prevent all potential security breaches.
9. INTERNATIONAL DATA TRANSFERS
It is possible that your personal information may be transferred outside of the EEA by Valve Corporation, Amazon, Flurry, Google, Unity Analytics, Freshdesk or Salesforce Desk. We recommend that you refer to the privacy policies and/or terms and conditions of these third parties if you are concerned about your data being transferred outside the EEA.
In respect of The Room Pocket only, where you make an in-Game purchase via iTunes, the confirmation that your purchase is valid as required by Apple for such purchases will be processed using servers hosted in Singapore in the event that there is a problem with the servers hosted in Ireland.
Where we transfer your information outside of the EEA, we have agreements in place with those parties which include standard data protection clauses adopted by a data protection regulator and approved by the European Commission to ensure that appropriate safeguards are in place to protect your personal data. If you would like to find out more about these safeguards, please let us know by writing to firstname.lastname@example.org.
All questions, comments or enquiries should be directed to Fireproof at email@example.com. We will endeavour to respond to any query or questions within three business days.
© 2018 Fireproof Studios Ltd. All trade marks are the property of the relevant owners. All rights reserved.
Fireproof GDPR Statement
What is GDPR?
The General Data Protection Regulation (GDPR) is an European Union (EU) regulation (2016/679) that enhances current data protection laws and rights for EU citizens. This enhances data protection rights for data subjects and obligates companies to be more transparent.
When will the GDPR take effect?
The General Data Protection Regulation (GDPR) comes into force on the 25th of May 2018.
Why does this affect me?
GDPR applies to anyone who holds or processes the data of an EU citizen, regardless of whether you are based in the EU or a third country, and enhances the data rights of all EU citizens. More information can be found on the EU’s website.
Fireproof Studios Ltd as a controller and a processor
Data controllers are companies that decide how personal data is collected, used or tracked from EU citizens. FIREPROOF STUDIOS LTD as a controller when collecting and using your personal information.
Data processors are companies that process data on behalf of data controllers. We will be ready for the GDPR as both a data controller and when acting as a data processor on your behalf.
How is Fireproof Studios Ltd. preparing for GDPR?
Does the GDPR require storage of personal data in the EU?
No, however GDPR does set out conditions for the transfer of personal data outside of the EU. An array of mechanisms exist to allow for data to flow from the EU to third countries securely, and without loss of the data subjects fundamental rights, the most common of which is via an adequacy decision or via the EU-US Privacy Shield.
What is an adequacy decision?
An adequacy decision allows for data to flow from an EU country to a third country on the basis that the data protection regulation in that third country is sufficiently adequate to safeguard the rights of an EU data subject. Once the EU commission has determined that a country has sufficiently adequate data protection legislation in place, transfers may occur between the EU and the third country as if the country was an EU member state.
What is the EU-US Privacy Shield?
The EU-US Privacy Shield is a framework which allows for data transfers from the EU to the US whilst protecting the rights of EU data subjects. This ensures that EU subjects whose data is transferred to the US maintain their fundamental data protection rights, whilst obligating companies who receive data from the EU to comply with strong data protection requirements.
Where is my data stored?
If you are a British or EU citizen and have informed us as such, your Personal Data will be stored, processed or transferred to/on servers based in the European Economic Area (“EEA”), on servers based in countries which comply with the European Commission’s adequacy decisions or in the US in accordance with the EU-US Privacy Shield.
If you are not a British or EU citizen and have informed us as such, your personal Data will be stored, processed or transferred to/on servers based in Australia, on servers based in the European Economic Area (“EEA”), on servers based in countries which comply with the European Commission’s adequacy decisions or in the US in accordance with the EU-US Privacy Shield.
When using third party providers to support the services we provide to you, we ensure that any third party is fully compliant with the GDPR as required by law.
How to I make a query in relation to my data?
If you have any queries regarding any of your or your client’s personal data you can contact us at firstname.lastname@example.org with your request. We will respond within 30 days of us receiving your message.
When will Fireproof Studios Ltd. be ready for GDPR compliance?
Fireproof Studios Ltd. will be fully compliant with GDPR when it comes into force on the 25th May 2018.
Are you registered with a Data Protection Authority?
Yes, we are registered with the Information Commissioner’s Office in the United Kingdom. Our registration number is ZA055154
Any other Questions?
If you have any further questions, feel free to contact the Data Protection Team at Fireproof Studios Ltd. who can be found by emailing email@example.com.