Privacy Statement

VALUES AND PRICINPLES OF TACTIC GROUP CONCERNING DATA PROTECTION

Tactic Games Oy provides its consumers with products and services that offer unforgettable moments of togetherness, memorable experiences and feelings of joy, excitement and success. We also feel very strongly about protecting our customers’ privacy, and one of our key values is taking great care and extensive measures to protect our customers’ data. We have therefore prepared and re-stated data protection principles that concern the entire Tactic Games Group.

Introduction

Tactic Games Oy, P.O. Box 4444, 28101 Pori and its subsidiaries and branches (hereafter Tactic, we, us, our or ours) is the controller of personal data and is committed to protecting and respecting the privacy and personal integrity of data subjects when they use Tactic products and services, browse the Tactic website or use our applications. This document lays down the data protection principles according to which Tactic processes personal data.

Our personal data registers and privacy policies

A separate privacy policy has been prepared for each register containing personal data.

Legal basis of our data registers and purpose of processing personal data

The legal basis of processing personal data pursuant to the EU General Data Protection Regulation is:

– the legitimate interest of the controller;

– the data subject’s consent;

– the agreement to which the data subject is a party, or

– obligation with a legal or regulatory basis

The purpose for processing personal data is described individually in the privacy policy of each register. The data will not be used for automated decision-making or profiling.

 Data register content and period of storage of personal data

Information stored in our data registers may include the following: name, company/organisation, role in the organisation, contact details (telephone number, email address, address), product/service orders and any changes thereto, invoicing information, and other information related to the customer relationship and the products/services ordered.

A detailed description of the information stored in our registers, including information on the period of storage, can be found in the privacy policy of each register. Our guiding principle of data retention is that data is stored only for the duration necessary and appropriate for the purpose of data processing and the data subject.

Regular sources of information

We receive the data we store in our registers via webforms, email messages, telephone, agreements, customer meetings and other situations where a customer or a representative of a stakeholder discloses information.

Regular disclosure of information and transfer of information outside the EU or EEA

Information is not disclosed regularly to third parties. Information may only be published insofar as agreed with the customer.

The controller may transfer the data also outside the European Union or the European Economic Area. In such cases, transfers are made solely on business grounds and only as regards the data of the customers/stakeholder representatives involved in the business transaction in question.

Data register security

We handle our registers with due care and apply appropriate security measures to protect data processed by means of information systems. If register data is stored on an internet server, appropriate physical and digital information security measures are taken to protect the related equipment. The controller ensures that the stored data and the server user rights and other information critical for the protection of personal data are treated confidentially and only by employees whose duties involve processing such data.

 The right to access and the right to rectify

Every data subject has the right to access the personal data that has been collected on him or her and to require the rectification or completion of any inaccurate personal data. Requests to access personal data or to rectify inaccurate data must be submitted in writing to the controller. If necessary, the controller may request the provision of additional information to confirm the identity of the data subject. The controller responds to the request at the latest within one month as stipulated in the GDPR.

Other rights of the data subject related to the processing of personal data

The data subject has the right to request the erasure of personal data concerning him or her (“the right to be forgotten”). Moreover, the data subject has all the other rights provided for in the GDPR, including the right to restriction of processing of personal data in certain circumstances. Requests must be sent to the controller in writing. If necessary, the controller may request the provision of additional information to confirm the identity of the data subject. The controller responds to the request at the latest within one month as stipulated in the GDPR.

Tactic Games’ websites

While a person is browsing Tactic Games’ websites, the browsing person’s computer operating system, Internet Protocol (IP) address, access times, browser type and language and referring website addresses may be logged automatically. We may use this information to monitor, develop and analyse the use of that website.

We and our marketing and outsourcing partners, affiliates, or analytics service providers use technologies such as cookies, beacons, scripts, and tags to identify a user’s computer/device and to “remember” things about that user’s visit, such as the user’s preferences or a user name and password. Information contained in a cookie may be linked to the user’s personal information, such as the user’s user ID, for purposes such as improving the quality of our websites, tailoring recommendations to interests, and making the website easier to use. A user can disable cookies at any time, although they may not be able to access or use features of that website after doing so.

Tactic websites and digital services may contain links to the websites of our online partners, advertisers and group companies. If a user follows a link to one of these websites or uses third-party services, the user must be aware that these websites have separate privacy policies and Tactic does not take responsibility for their data processing procedures.

We may feature advertisements served by third parties that deliver cookies to a person’s computer/device so the content the person accesses and advertisements the person sees can be tracked. Since the third party advertising companies associate the person’s computer/device with a number, they will be able to recognize the person’s computer/device each time they send the person an advertisement. These advertisers may use information about the person’s visits to our Service and third party sites and applications in order to measure advertisement performance and to provide advertisements about goods and services of interest.

Our Services may contain third party tracking tools from our Service providers. Such third parties may use cookies, APIs, and SDKs in our Services to enable them to collect and analyse user information on our behalf. The third parties may have access to information such as a person’s device identifier, MAC address, IMEI, locale (specific location where a given language is spoken), geo-location information, and IP address for the purpose of providing their services under their respective privacy policies. Our privacy policy does not cover the use of tracking tools from third parties. We do not have access or control over these third parties.

We may feature advertising within our Services or Sites. The advertisers may collect and use information about users of those Services and Sites, such as a person’s Service or Site session activity, device identifier, MAC address, IMEI, geo-location information and IP address. For more information on our partners within the Services and Sites and how to opt out, contact info(at)tactic.net.

In addition, a person may see our digital games advertised in other Services or Sites. After clicking on one of these advertisements and installing our digital game, the person will become a user of our Service. In order to verify the installs, a device identifier may be shared with the advertiser.

Mobile Analytics

We use mobile analytics software to allow us to better understand the functionality of our Mobile Software on devices. This software may record information such as how often a person uses the application, the events that occur within the application, aggregated usage, performance data, and where the application was downloaded from. We do not link the information we store within the analytics software to any personal information a person submits within the mobile application.

Digital games

Whenever a person plays our digital games, we collect some data about that person’s interactions with the game. This information may be associated with the person’s player ID, IP address or device ID for the purpose of providing one our Services and improving them. With the person’s permission, we will also collect the person’s exact location so that we are able to match the person with other players in the area.

Under-aged persons

We take the safety and protection of privacy of children extremely seriously; we do not target marketing or request for personal data from children under the age of 18 without the confirmed consent of their parents.

Data protection related impact assessment

Our data processing operations do not involve a high risk as defined in the GDPR, and therefore we, as the controller, are not obliged to carry out a data protection impact assessment.

However, we have conducted and continue to conduct regular thorough assessments of personal data processing related risks.

Contact information

Please send any questions, comments or requests you may have concerning this privacy policy to olli.kivela(at)tactic.net.

We operate in compliance with the EU General Data Protection Regulation (2016/679) and are bound by it and the act complementing the EU General Data Protection Regulation (2018/218) and the Act on Electronic Communications Services (2014/917).

Period of validity and changes

This privacy policy was last re-stated on May 24, 2018, and it remains valid until further notice. We will publish any changes to these data protection principles in due time before their entry into force, and advise persons whose data is contained in our registers of any alternatives they may have on account of the changes.