1. AN OVERVIEW ON DATA PROTECTION
1.1 General information
1.2 Data Recording
How do we collect your data?
On the one hand, your data is collected by you communicating it to us. This may be data that you enter in a contact form, for example. Other data is automatically collected when you download and use our games.
What are the purposes we use your data for?
What rights do you have as far as your information is concerned?
You have the right to receive information about the source, recipients and purposes of your archived personal data at any time without having to pay a fee for such disclosures. You also have the right to demand that your data are rectified or eradicated. Please do not hesitate to contact us at any time under the address disclosed on the imprint of this website if you have questions about this or any other data protection related issues. You also have the right to log a complaint with the competent supervising agency.
Analysis tools and tools provided by third parties
If you download and use our games, your usage data may be statistically analyzed.
Such analyses are performed primarily with what we refer to as analysis programs. The analyses of your usage data are usually conducted anonymously; i.e. the patterns cannot be traced back to you.
2. GENERAL AND MANDATORY INFORMATION
2.1. Data Protection
We herewith advise you that the transmission of data via the Internet (i.e. through e-mail communications) may be prone to security gaps. It is not possible to completely protect data against third party access.
2.2. Information about the responsible party
The responsible party (referred to as the „controller” in the GDPR) is the natural person or legal entity that single handedly or jointly with others makes decisions as to the purposes of and resources for the processing of personal data (e.g. names, e-mail addresses, etc.).
The controller according to data protection laws is:
Kolibri Games GmbH
Hallesches Ufer 60
If you have any questions or suggestions about data protection, you can send us an email to firstname.lastname@example.org
Our data protection officer can be reached at the following address:
Dominik Fünkner, Leopoldstr. 21, 80802 München, www.datenschutzexperte.de
3. COLLECTION AND USE OF YOUR DATA
3.1. Facebook Highscore
You do not need to register in order to play our games. You can however voluntarily connect your game with your Facebook account in order to participate in the Facebook Highscore.
If you connect your Facebook account with our game, the following data is shared with us:
- Profile picture
- Date of birth (if indicated by Facebook)
- Place of residence (if indicated by Facebook)
Please note: If you participate in the Facebook Highscore, your friends can also see that you play our game and you will also be displayed in the Highscore of your friends. In addition, when your Facebook account is connected, a list of your friends who also participate in Facebook Highscore and who have connected their Facebook account with their game is shared.
You can cancel the connection with your Facebook account at any time by logging into Facebook and selecting the “Settings” option. The connection between Facebook and the app can be deleted under “Apps and Websites.”
We collect this data in order to provide our app to you and to be able to connect your account if desired, Article 6(1)(b) GDPR.
To the extent that we, as described above, process your data for the purposes of providing the functions of our app, you are contractually required to provide us with this data. Without this data, we are not able to provide these functions to you.
You are not required to provide the above voluntary information. Without this data, however, we are not able to provide these functions of our app to you.
3.2. Support requests
If you send support requests to us by email, via chat within the game or via messages within social media platforms, we collect and process the data from your request in order to be able to provide a response. For this purpose, it may also be necessary for you to provide us with information about your end device so that we can process the request and resolve any technical problems that may exist.
We collect this data in order to provide our app to you and to be able to process your request, Article 6(1)(b) GDPR.
You are not required to provide the above voluntary information. In particular, you are free to send the request to us under a pseudonym, without giving your real name.
Our app uses the following permissions:
|Autostart||Necessary for sending notifications to the user|
|Network connection display||Receives information regarding the existence of and connection to networks.|
|Google Play billing service (Android)||Allows the user to purchase in-game products.|
|Full access to the network||Necessary for sending data to the Internet.|
|Location||Necessary to provide contextually relevant and/or personalized customer experiences|
|Search & Siri suggestions (iOS)||If this function is enabled, information from the game can be displayed when searching, looking things up, and when keyboards are displayed, and Siri can learn from use of the app and make suggestions.|
|Notifications (symbols, tones, banners, control of vibration)||If notifications are enabled in the settings, these can be sent to the player in order to display important events over the course of the game.|
|Background updates||If this function is enabled, background updates can take place.|
|Mobile data||The player can allow access to mobile data so that it can use all the functions of the game without being connected to Wi-Fi.|
|Access to local storage||The app characterizes the local storage and accesses it in order to be able to execute the services.|
5. PSEUDONYMOUS USER PROFILE
We collect this data on the basis of a legitimate interest in needs-oriented design, for statistical evaluation, efficient marketing of our app, and the fact that your legitimate interests do not prevail under Article 6(1)(f) GDPR.
6. ADVERTISING NETWORKS
We use the following advertising networks in order to be able to integrate advertising within our free-of-charge apps. These collect the data described below for the purpose of providing personalized advertising:
|Advertising network||Provider||Type of data|
|AppLovin||AppLovin Corporation, 849 High Street, Palo Alto, CA 94301, USA||Device make, model and operating system; Device properties related to screen size & orientation, audio volume and battery, device memory usage; Carrier;
Operating system; Country, time zone and locale settings (country and preferred language); Network connection type and speed;
|AdColony||AdColony Inc. 1888 Century Park East, Suite 1450, Century City, CA 90067
|IP address, device advertising identifiers, the type of phone or other mobile device used, the operating system, the date and time a particular ad is served, whether one of the ads facilitated by them was delivered and, if applicable, a record if that ad was “clicked” or if it originated from a follow-up action to a third party such as a “conversion” event, combined with personal data to help AdColony optimize and/or refrain from advertising for a mobile application that has already been downloaded onto a device.
|Chartboost||Chartboost Inc., 85 Second Street Suite 100, San Francisco, CA 94105, USA||Language, operating system, device type, IP address, MAC address, device ID, IDFA, Google Advertising ID, Android ID, statistics on video ads that have been viewed, length of use of an app, data regarding in-app purchases
|Facebook Ads||Facebook Inc., 1601 Willow Road, Menlo Park, CA 94025, USA||Device attributes (operating system, hardware, software versions, etc.), processes on the device, identifiers (unique identifiers, device IDs, and other identifiers), device signal (Bluetooth, WLAN, etc.), device settings data (GPS, camera, photos), network and connections (mobile radio or Internet provider, language, time zone, IP address, etc.), cookie data.
|Unity Ads||Unity Technologies ApS, Vendersgade 28, Sal 1, Kobenhavn, 1363, Denmark||Device information, IP addresses, device identifiers, combined with Unity Analytics to personalize advertising.|
|IronSource||IronSource Ltd., 28 Lilienblum, Tel Aviv, 6513307, Israel||Device type (manufacturer and model), operating system, IP address, Android Identifier, and/or IDFA, time zone, language settings, type of internet connection, geographic information on the device, type of advertising, content of advertising, post-click information related to advertising.
|Vungle||Vungle Inc., 185 Clara Street San Francisco, CA 94107, USA||IP address, Android ID, MAC address, IFA, UDID, activity and page visits, language, device information, time zone and city, geographic information, operating system, information about installed apps, and already viewed advertising.
|Tapjoy||Tapjoy Inc, 353 Sacramento Street, San Francisco CA 94111, USA
|Device identifiers, information about the device itself, information about the internet connection used to access our services, information about the app and the SDK, location-related information, ad-related information, survey information, information from advertisers or publishers.|
|Mintegral||Mintegral International Limited, Room 701 A, 7th F. OfficePlus @ Prince Edward 794-802 Nathan Road, Kowloon HongKong||Personal information including the following: device make, device model, operating system (e.g.iOS), device type (e.g. smartphone, tablet, etc.), device properties related to screen size, orientation and battery, carrier, name and properties of mobile application through which a consumer interacts with the Mintegral Services or services provided by Mintegral’s business partners, country, time zone and locale settings (country and preferred language), network connection type, IP address, Internet browser user-agent used to access the Advertising Services, , network provider, SDK version, timestamp, API key (identifier for application), application version, iOS Identifier for advertising, OS version of device, network status such as WiFi, the geo-location of the device and the Identifier for Advertising (IDFA) or the Google Advertising ID AAID, GAID, etc., international mobile equipment identity (IMEI), , the content type of the ad (what the ad is about, e.g. games, finance, entertainment, news), the ad type (e.g. whether the ad is a text, image, or video based ad), device event information such as crashes, system activity, hardware settings, browser type, browser language, the date and time of your request and referral URL.|
You can object to the use of personalized advertising by making the following settings depending on your device type: On iPhone or iPad, first open “Settings,” tap on “Privacy,” and open “Advertising.” Here you can enable “Limit Ad Tracking.” If you use devices with Android and Google Play Services, first open “Google Settings,” tap on “Advertising,” then open “Disable interest-related ads,” then tap on “OK.”
Use of the aforementioned advertising networks and the transmission of the data mentioned is based on our legitimate interest in recouping our investments for operation of our app through advertising and the fact that your justified interests are not overriding, Article 6(1)(f) GDPR.
7. CHANGES OF PURPOSE
Your personal data is only processed for purposes other than those described is only done if a legal provision allows this or you have granted your consent to the changed purpose of data processing. In the event of further processing for purposes other than those for which the data was originally collected, we will notify you regarding those other purposes before further processing, and we will provide you with all other information relevant to this.
8. AUTOMATED INDIVIDUAL DECISIONS OR PROFILING MEASURES
We do not use automated processing for making decisions or profiling.
9. DISCLOSURE OF DATA
As a matter of principle, your personal data will not be disclosed to others without your explicit prior consent, except in the following circumstances:
- To provide our services, we outsource work to outside companies under contract and to service providers (“processors”). In such cases, personal data will be transferred to such processors to allow further processing to take place. These processors are carefully selected and regularly reviewed by us to ensure your privacy. Processors may only use data for the purposes specified by us. Moreover, processors are contractually bound to process your data only in accordance with this data protection policy and with German data protection laws.Transfer of data to processors is based on Article 28(1) GDPR. Alternatively, transfer can be warranted on grounds of our legitimate interest in the economic and technical benefits of using specialized processors, and due to the fact that your rights and interests in protecting your personal data do not prevail under Article 6(1)(f) GDPR.
- We also process data in countries outside the European Economic Area (“EEA”).For the US, the European Commission resolved by decision of July 12, 2016 that under the rules for the EU-U.S. Privacy Shield an adequate degree of data protection exists (adequacy decision, Article 45 GDPR). Additional information – including information about certification of our service providers – is available at https://www.privacyshield.gov.In order to ensure protection of your personal privacy rights within these data transfers, we employ the standard agreement clauses of the EU Commission in accordance with Article 46(2)(c) GDPR for the development of contractual relations with third countries. These are available at http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2010:039:0005:0018:DE:PDF, alternatively you can also request these documents from us by using the contact options specified below.
10. DELETION OF YOUR DATA
We will delete or anonymize your personal information as soon as it is no longer needed for the purposes for which we collected or used it in accordance with the preceding paragraphs. As a rule, we store your personal data as long as you use the site or for the term of any applicable contract, unless the data must be kept longer for legal reasons, for criminal prosecution, or to secure, assert, or enforce legal claims.
If data must be kept for legal reasons, it is blocked. The data is then no longer available for further use.
11. AGE LIMITS
To use our services you must confirm full legal capacity or, in case of restricted legal capacity, obtain the consent of your legal guardian. We do not knowingly collect or ask for personal information from children. In case you can’t confirm full legal capacity, please do not send us any data about yourself, including name, address or email address. If we learn that we have collected personal data of a child, we will delete these as soon as possible. If you think that we might have data from a child, please contact us at email@example.com.
12. YOUR RIGHTS AS A DATA SUBJECT
12.1. Right to information
You are entitled at any time, upon request, to obtain information from us about your personal data within the scope of Article 15 GDPR. To request such information you may submit an application by mail or by email to the address given above.
12.2. Right to rectification of inaccurate data
You have the right to demand that we correct forthwith any inaccurate personal data concerning you. For this purpose, please use the contact addresses listed above.
12.3. Right to deletion
12.4. Right to restriction of processing
You have the right to demand that we restrict processing in accordance with Article 18 GDPR. This right applies especially if we are not in agreement with the user concerning the accuracy of any personal data. The right persists for the time required to verify its accuracy. In addition such right applies in the following cases: if the user is entitled to demand deletion but instead demands restricted processing; if the data is no longer required for the purposes we are pursuing, but the user needs them in order to assert, exercise or defend legal claims; and if an objection has been raised but its successful exercise is still disputed between us and the user. To assert the aforesaid right, please use the contact addresses listed above.
12.5. Right to data portability
You have the right to demand from us whatever personal information you may have given us. Pursuant to Article 20 GDPR, at your request we must provide you with such information in a structured, commonly used and machine-readable format. To assert the aforesaid right, please use the contact addresses listed above.
12.6 Right to object
12.7. Right to appeal
You also have the right to contact the competent supervisory authority if you have a complaint. The competent supervisory authority is:
Berlin Commissioner for Data Protection and Freedom of Information
Last updated: April 2, 2020