Effective date: March 30th, 2021
GamerSafer Inc revolutionizes game matching and players management systems using tools developed to address the root causes of crimes, frauds and disruptive behaviors without compromising user experience. In this policy, “GamerSafer,” “we,” or “us,” refers to GamerSafer Inc. and its Affiliates, which shall mean subsidiaries, parent companies, joint ventures and other corporate entities under common ownership.
For purposes of the European General Data Protection Regulation (the “GDPR”), GamerSafer is the “data controller” of your personal information. Our data protection officer can be contacted at firstname.lastname@example.org
collect, store, use, and manage information, including personal data, that you provide to us or we collect about you when you use the Service.
• Information we collect about you
• Your Face Scan and How We Handle This Biometric Data
• Ad identifiers, cookies, and similar technologies
• How we use the information we collect and our legal bases for processing it
• Sharing of your information
• Our policies concerning children
• Your rights and how to access, update, and manage your personal information
• Opting out of push and local notifications
• How long we keep your information
• Privacy policies of linked sites
• Security of your information
• International transfers of your personal information
• Contact information
2. INFORMATION WE COLLECT ABOUT YOU
The personal information we collect or have about you will either be provided by you directly, come from other sources or will be collected from your activity on our website or App and use of the Service as set out below.
(a) Information we collect from you directly
When you interact with the Service, at www.gamersafer.com, or any other GamerSafer – owned or partner website, or download the Service from a third-party app store, we will collect and store information from you directly as described below, to the extent it is available to us.
(i) Registration information
We provide a typical registration flow where we will collect the following information from you:
• E-mail address;
• First and last name;
• Profile picture;
• Birth date;
• State (for some countries);
• Username; and
We may also offer you the option to complete a user profile with gaming related preferences and none of this information is visible to any other Service user. We may also request additional personal information that could be temporarily stored just to verify the account creation authenticity.
(ii) When you access our Services on a Mobile Device or use the App
If you access the Service or use the App, we can collect the following information about you, to the extent it is available:
• Device ID;
• MAC Address;
• Connection type;
• Operating system;
• Device name; and
• IP Address.
When you use our Services, we will also collect information about the ways in which you use and interact with our Services, such as when and for how long your device is logged into our App, Service features you access, and in-app purchases you make.
We also collect pseudonymous usage statistics about your interactions with the Service. This information is typically collected through the use of server log files or web log files (“Log Files”), mobile device software development kits and tracking technologies like browser cookies to collect and analyze certain types of technical information.
(iii) When you request us to connect your account with another partner
If you choose to connect your GamerSafer account with another 3rd party partner, this process may require you to provide additional data about you, including but not limited to your account ID for that specific partner/service, it password, additional personal information to supplement the registration process.
(iv) Payment information
We will also collect some purchase information (which is comprised of transaction history, including what you have purchased, the price, and the date). Note that your in-app purchase transactions are processed by third-party payment processors, such as Apple (for purchases on iOS devices), Google (for purchases on Android devices), or Amazon (for purchases on Kindle devices), or others. These third-party payment processors do not share your financial information, like credit card numbers, with us. We also do not store or keep any kind of financial information.
(v) Customer Support correspondence
When you ask for assistance from our Customer Support team, we will collect and store:
• Your name and e-mail address;
• Information about your activity on the Service;
• Your user name or ID number; and
• Any correspondence connected to the assistance provided to you
(b) Information we collect from other sources
We will collect or receive information from the following other sources (i) other gaming related information providers, including partners you choose to share your information with us and (ii) other Service users who choose to upload their email contacts.
3. YOUR FACE SCAN AND HOW WE HANDLE THIS BIOMETRIC DATA
(a) What we collect
You have to opt-in to our proprietary method of verifying the existence of a real user behind the account creation to provide a better and safer user experience for you (preventing fake or duplicated accounts creation and to enforce our terms of service). When you consent to biometric verification, our App scans your face and measure up to fifty data points also called facial landmarks. Those multiple coordinates are translated into a unique code, that cannot be reverse engineered and regenerate your facial characteristics. This unique code is generated every time a face scan is used and through a probabilistic analysis our system determines the face matching with the account holder reference. To increase the safety and security of our solution, our system may request you to re-scan your face randomly and even prompt you to follow specific validation steps to prevent the system exploitation by fraudsters and or artificial intelligence generated images.
We keep the profile picture and the unique code generated as reference for the biometric comparison for as long as you have an active account, we also keep temporarily (up to ninety days) further face scans used for login processes and specific consent collections.
(b) What we do with your face scan
Although we associate data from your scan with your account, upon login, to verify your identity, our scan of your face is not shared with any developer or third-party company.
We do not sell, lease, trade, or otherwise profit from a user’s facial scan.
We may anonymize your face scan and train our computer vision models to improve our system accuracy and deliver a better service to you.
(c) How long we retain your face scan
If the user’s account has been inactive for two years, we will automatically delete any facial images that we have in our possession.
4. HOW WE USE THE INFORMATION WE COLLECT AND OUR LEGAL BASES FOR PROCESSING IT
will use information collected from you in any one or more of the following ways:
• To create your Service accounts and allow access to our Services;
• To identify and suggest connections with other users;
• To provide technical support and respond to user inquiries;
• To notify users of in-Service updates;
• To solicit input and feedback to improve GamerSafer Services and customize your user experience;
• To inform users about new services or promotional offers;
• To engage in commonly accepted practices, such as contacting you at the email address we have on file if you are a potential winner in a sweepstakes; and
• To improve and develop our products and Services.
One important use of your information is communication. If you have provided your e-mail address to us, we’ll use it to (i) respond to customer support inquiries, (ii) keep you informed of your in-Service activity, notifications about in-Service status and requests, and (iii) provide you with details of our similar Services, unless you have asked us to stop sending you our marketing material or opted out from our electronic marketing communications. If you are not a current user, we will send promotional e-mail messages and promotional messages directly or in partnership with third parties only if you have provided your prior consent in accordance with the relevant laws and regulations for us to do so.
5. SHARING OF YOUR INFORMATION
We will not sell or rent any personal information about you with or without your prior consent.
We will not share any personal information about you without your prior consent.
Please be aware that the US and other jurisdictions may have a lower standard of data protection laws than your own jurisdiction. We will share your personal data with third party recipients (i.e., parties other than GamerSafer) including outside the European Economic Area, in the following circumstances:
(a) Third party service providers
We provide your information to third party recipients. These categories of recipients include:
• Hosting providers to store the personal data you provide and for disaster recovery services, as well as for the performance of any contract we enter into with you;
• Email delivery providers that provide us with email delivery services;
• Other gaming related platforms such as game publishers, game developers and Esports organizations (we will not share about you without your prior consent).
We direct all such third-party recipients to maintain the confidentiality of the information disclosed to them and to not use your information for any purpose other than to provide services on our behalf.
(b) Sale or merger
In the event that we undergo a business transition, such as a merger, acquisition by another company, or sale of all or a portion of its assets, we may transfer all of your information, including personal data, to the successor organization in such transition. In such case, we will first notify you in accordance with local law requirements,
if any, regarding those items of personal data that will be transferred, the name and contact details of the recipient, and inform you of how you can withdraw consent thereto.
(c) Safety, security and compliance with law
Your information, and the contents of all of your online communications and activities (including without limitation service usage, log history, player reports, player analytics, and IP addresses) may be accessed and monitored as necessary to provide the Service and may be disclosed: (i) when we have a good faith belief that we are required to disclose the information in response to legal process (for example, a court order, search warrant or subpoena); (ii) to satisfy any applicable laws
or regulations; (iii) where we believe that the Service is being used in the commission of a crime, including to report such criminal activity or to exchange information with other companies and organizations for the purposes of fraud protection and credit risk reduction; (iv) when we have a good faith belief that there is an emergency that poses a threat to the health and/or safety of you, another person or the public generally; and (v) in order to protect our rights or property.
6. OUR POLICIES CONCERNING CHILDREN
We care about Children’s privacy rights and safety; we encourage children to use our Services once the core value of that is to help our gaming partners to create inclusive and secured environments and experiences for all players.
The Children definition varies per country and sometimes per state, to apply the proper regulation we always consider the location where the user is based (information collected during the account registration process).
account for the children.
The registration process will first, collect and verify the adult account and them with the consent advance to children account creation.
(a) Parental Consent and Verifiable Parent Consent
Balance data minimization and safety is at the core of our services and principles, with that on mind we will conduct, at our best capacity balancing data minimization and safety, the data collection to verify the engagement, support and consent of parents, legal responsible, guardian or other responsible adult to the children account creation and service usage.
Parental consent flow will be initialized any time the children start any process that could lead to any information usage outside of initial consent provided by the parent. Including but not limited to the connection of the children account with a new 3rd party partner/platform, transactions that our partners needs parental consent,
any suspicious activities with the account that could be a threat to the user or to other users.
The definition of verifiable parental consent varies per country and sometimes per state. In the US we follow FTC guidelines, using “face match to verified photo identification” (FMVPI) as a method to verify the person providing consent for a child to our service. This requires a scan of a government issue ID during the registration process (this information is not stored, and just used to verify the adult account information).
(b) Parental Choices and Controls
At any time, parents can refuse to permit us to collect further personal information from their children in association with a particular account and can request that we delete from our records the personal information we have collected in connection with that account. Please keep in mind that a request to delete records may lead to a termination of an account.
We offer two methods to allow parents to access, change, or delete the personally identifiable information that we have
collected from their children:
1. Parents can request access to and delete their child’s personal information by logging on to the child’s account through our APP. Parents will need their child’s username and password. The Your Account home page explains how to recover a password if your or the child cannot recall it.
2. Parents can contact us to request access to, change, or delete their child’s personal information by sending an email to us at email@example.com. A valid request to delete personal information will be accommodated within a reasonable time.
In any correspondence such as e-mail, please include the child’s username and the parent’s email address and parent’s username. To protect children’s privacy and security, we will take reasonable steps to help verify a parent’s identity before granting access to any personal information.
If you believe that we might have information from or about a child that violates that policy, please contact us.
Even though data privacy regulations have their own age boundaries for child definition, if we have any evidence that an user above that age reference is not fully capable of understanding the implications of consent of their data usage, we may request the support of any other legal responsible, parent or guardian to proceed with the consent.
Any tentative of system exploitation, personification, fraud or any tentative to imply a different age (from adults or from child) to overcome our verification process is a breach of our Terms of Service.
7. YOUR RIGHTS AND HOW TO ACCESS, UPDATE, AND MANAGE YOUR PERSONAL INFORMATION
(a) Other methods of accessing or controlling your information
If you no longer want GamerSafer to make active use of your information, you can delete your account from the App (there is this option inside Account menu), you may alternatively send an e-mail to firstname.lastname@example.org . Place “Delete My Account” in the subject line and include your first name, last name, e-mail address and username from which you access our Services in the body of the e-mail. If you do so, you will no longer have access to the App or Services associated with your account.
Please note that if you ask us to delete your account any unused virtual items, subscription, tickets will be lost and we may not be able to restore them in the future. We will respond to your request within thirty (30) days. GamerSafer may use your information unless and until you send us such a request. Please note that your information, for example those records pertaining to payments or customer service matters, may be retained for legal and accounting purposes. If you have sent or posted content on the Service, we may not be able to delete it.
• If you wish to review, change or correct the information we have about you, e-mail us at email@example.com.
• You can turn off push notifications and local notifications by visiting the “notifications” page within the relevant Service.
(b) European Countries Users’ Rights
If you are located in a country in the European Union, the European Economic Area, or Switzerland, you have certain rights in relation to the personal data we hold about you, which we detail below, and which are subject to exemptions under applicable data privacy laws. Some of these only apply in certain circumstances as set out in more detail below. We also set out how to exercise those rights. Please note that we may require you to verify your identity before responding to any requests to
exercise your rights. We will respond to a request by you to exercise those rights without undue delay and at least within one month (although this may be extended by a further two months in certain circumstances). To exercise any of your rights, please send an email to firstname.lastname@example.org. We may decline to process requests in certain circumstances, such as where requests are manifestly unfounded or excessive or requests that jeopardize the privacy of others.
Find Out More
(i) Deletion of your personal data
In some circumstances, you may request that we erase some of the personal data we hold about you. Should you wish to have your personal information deleted, please contact us at email@example.com.
Please provide as much detail as possible on your reasons for the request to assist us in determining whether you have a valid basis for erasure. Please note that in order to process your request you must delete our App from your mobile devices and clear our cookies from any device where you have used our App. When we delete any information, it will be deleted from our active databases but may remain in our archives. Please note, however, we may still retain some or all of that information for other purposes such as maintaining financial records, protecting or enforcing legal rights, maintaining marketing suppression lists or for technical reasons such as maintaining technical security or our database integrity. We may also retain your information in an anonymized form.
(ii) Access and portability
You have a right to know what information we hold about you and in some cases to have the information communicated to you. If you wish to exercise this right please contact us at firstname.lastname@example.org and let us know that you wish to exercise your right of access and what information in particular you would like to receive. Please note that we may not be able to provide all the information you ask for, for instance if the information includes personal information about another person.
In some circumstances, you may request the data we process based on consent or to perform our contract with you in a structured, commonly used and machine-readable format or to request we transfer such personal data to another party. Your rights are subject to exemptions under applicable data privacy laws.
If you wish for us to transfer the personal data to another party, please ensure you detail that party and note that we can only do so where it is technically feasible. We are not responsible for the security of the personal data or its processing once received by the third party.
We also may not provide you with certain data if providing it would interfere with another’s rights (e.g. where providing the personal data we hold about you would reveal information about another person or our trade secrets or intellectual property) as permitted under applicable data protection rights.
You have the right to correct any personal data held about you that is inaccurate. Where you request correction, please explain in detail why you believe the personal data we hold about you to be inaccurate or incomplete so that we can assess whether a correction is required.
(iv) Restriction of processing to storage only
You have a right to require us to stop processing the personal data we hold about you other than for storage purposes in certain circumstances, e.g. whilst we are considering whether it should be corrected or deleted or, based on your objection, whether we should permanently stop processing. Please note, however, that if we stop processing the personal data, we may use it again if there are valid grounds for us to do so (e.g. for the defense of legal claims or for another’s protection).
· We are processing the data we hold about you on the basis of our legitimate interest and you object to such processing. Please provide us with detail as to your reasoning so that we can assess whether there is a compelling overriding interest in us continuing to process such data or we need to process it in relation to legal claims.
· We are processing the data on the basis of historical/scientific research or statistics and you have a particular reason to object. Your right would not apply where we have been tasked with and it is necessary for us to undertake such processing in the public interest.
In the event that you wish to make a complaint about how we process your personal data, please contact us in the first instance at email@example.com and we will endeavor to deal with your request. This is without prejudice to your right to launch a claim with the data protection supervisory authority in the EU country in which you live or work where you think we have infringed data protection laws.
(c) California Residents
This section applies only to California residents. It describes how we collect, use and share Personal Information of California residents in operating our business, and their rights with respect to that Personal Information. For purposes of this section, “Personal Information” has the meaning given in the California Consumer Privacy
Act of 2018 (“CCPA”) but does not include certain de-identified or aggregated information, information publicly available in government records, or certain information
excluded from the CCPA’s scope.
Your California privacy rights. As a California resident, and upon your verifiable consumer request, you have the rights listed below. However, these rights are not absolute, and in certain cases we may decline your request as permitted by law.
• Information. You can request the following information about how we have collected and used your Personal Information during the past 12 months: the categories of Personal Information that we have collected; the categories of sources from which we collected Personal Information; the business or commercial purpose for collecting and/or selling Personal Information; the categories of third parties with whom we share Personal Information.
• Access. You can request a copy of the Personal Information that we have collected about you during the past 12 months.
• Deletion. You can ask us to delete the Personal Information that we have collected from you. Note that there are a number of exceptions, and we need certain types of information so that we can provide our Services to you. If you ask us to delete some or all of your information, you may no longer be able to access or use the Services.
• Nondiscrimination. You are entitled to exercise the rights described above free from discriminatory practices prohibited by California law.
Exercising your rights. You may exercise your California privacy rights described above by emailing us at firstname.lastname@example.org, or by contacting us via the “Contact Us” link on our website or in our App.
We will need to confirm your identity and California residency to process your requests to exercise your information, access or deletion rights. We cannot process your request if you do not provide us with sufficient detail to allow us to understand and respond to it.
Response Timing. We aim to respond to a consumer request for access or deletion within 45 days of receiving that request. If we require more time, we will inform you of the reason and extension in writing.
Personal Information that we collect, use and share. We describe the sources from which we collect Personal Information in Section 2 (Information We Collect About You) and the business and commercial purposes for which we collect this information in Section 4 (How We Use The Information We
Collect) and Section 5 (Sharing Of Your Information) above.
8. OPTING OUT OF PUSH & LOCAL NOTIFICATIONS
When you install our Apps on your mobile device you can choose to receive push notifications. Where you opt to receive push notifications, will send push notifications to your mobile device to provide Service updates and other relevant messages. You can turn off push notifications by visiting the “options” or “settings” page within the relevant Service. You may also receive local notifications. You can turn off local notifications by visiting the “options” or “settings” page within the relevant Service.
9. HOW LONG WE KEEP YOUR INFORMATION
We retain your personal data for the duration of your account, as long as reasonably necessary to provide you the services, and for such periods necessary to comply with the law.
In the event you request deletion of your personal data in accordance with the process explained above, we will delete it as specified above. Please note that we may retain information needed to resolve disputes, enforce our user agreements, protect our legal rights, and comply with technical and legal requirements and constraints. For example, we may retain records pertaining to payments or customer service matters. If you have sent or posted content on the Service, we may not be able to delete it.
10. PRIVACY POLICIES OF LINKED SITES
Our Services may contain links to third-party websites. We are not responsible for the privacy practices or the content of such websites. If you have any questions about how these other websites use your information, you should review their policies and contact them directly.
11. SECURITY OF YOUR INFORMATION
We implement reasonable security measures to protect the security of your information both online and offline, and we are committed to the protection of customer information. While we take reasonable precautions against possible security breaches of our Services and our customer databases and records, we cannot guarantee that unauthorized access, hacking, data loss, or other breaches will never occur. Unfortunately, the transmission of information over the Internet is not completely secure. Although we strive to protect your personal data, we cannot guarantee the security of your data while it is being transmitted to our site; any transmission is at your own risk. Once we have received your information, we have procedures and security features in place to try to prevent unauthorized access. We urge you to take steps to keep your personal information safe (including your account username and password), and to log out of your account after use. If your account is hacked, this may lead to unauthorized access to our Services, so be careful to keep your account information secure. If you have questions about the security of our Services, please contact us at email@example.com.
12. INTERNATIONAL TRANSFERS OF YOUR PERSONAL INFORMATION
As you are contracting for the Services with GamerSafer, which is a US company, any information you provide to us, or that we collect through your use of the Services that is necessary to provide you the Services, will be stored, processed, and transferred within, or to, the United States. As a result, your information could be accessed by
14. CONTACT US
Australia: You can opt out of receiving commercial electronic messages (such as emails) from us at any time by contacting firstname.lastname@example.org. Your consent to disclosure outside Australia under this policy means that we will not be accountable to you under the Privacy Act for acts and practices of recipients outside Australia.
Canada: Personal information maintained and processed by us and third-party service providers in the U.S. and other foreign jurisdictions may be subject to disclosure pursuant to a lawful access request by U.S. or foreign courts or government authorities. We will not provide your information to third parties for marketing purposes without your prior consent. For more information about our privacy practices; to access, update or correct inaccuracies in your personal information; or if you have a question or complaint about the manner in which we or our service providers treat your personal information, please contact email@example.com.