RODO | Gamehag
  • Sign in Sign up

    Get more

    Collect the rewards

    Community

    How it works

    GPRD

    Owner of Gamehag.com Portal / Personal Data Controller : „Gaming sp. z o. o.”, ul. Romana Abrahama 18, 61-615 Poznań NIP: 7831749141 REGON: 365698526 by the District Court entered into the Register of Entrepreneurs of the National Court Register kept by the District Court Poznań - Nowe Miasto and Wilda in Poznań, 8th Commercial Division, under KRS number 000064337

    GDPR - INFORMATION OBLIGATION

    Dear Sir/Madam,

    On 25 May 2018 Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation so called „GDPR”) enters into force.

    The mentioned act of European law, which will apply directly in all European Union countries as of 25 May 2018 regulates the processing of personal data throughout Europe. It's about to protect your information.

    However, it should be remembered that the aim of the GDPR is not to block the movement of personal data. On the contrary, this data is necessary, e.g., that we could sign an agreement with you or send you our offer. However, owing to the GDPR, you have more control over who and how processes your personal data.

    As for the entry of the GDPR into force, certain information obligations have arisen on our side, which we hereby comply with by providing you with information required by the GDPR.

    [Role of the Gaming Sp. z o. o. in the context of GDPR]

    As defined by GDPR the Gaming sp. z o. o. processes your personal data acting as the Personal Data Controller ( „Controller”, „PDC”).

    [Purpose: contract performance]

    The Controller processes your personal data for the purpose of execution of the contract/ provision of services by electronic means, including, in particular, for providing technical support - technical assistance, ensuring the security of services provided by electronic means (including possible transactions) and adjusting the Portal to individual preferences and expectations of the user.

    • The legal basis for the processing of personal data is:
      • Art. 6(1b) of GDPR - processing is necessary for the performance of a contract, to which the data subject is party, or in order to take steps at the request of the data subject prior to entering into a contract;
    • The following data is processed in particular:
      • User IP
      • Email address
      • Sex
      • Name and surname
      • Date of birth
      • Address of residence
      • User photo ("avatar")
      • Bank account No.
      • Country of origin
      • City/ Town
      • Time zone
      • Type of web browser
      • Type and version of the operating system
      • Phone type and model
      • Type and version of the mobile operating system

    [Purpose: legitimate interests]

    The Controller also processes your data to promote/ marketing own products or of Trusted Partners, and to better adjust services to your individual preferences.

    • The legal basis for the processing of personal data is:
    • Art. 6(1f) of GDPR - processing is necessary for purposes arising from legitimate interests pursued by the Controller or by a third party, except when the interests or fundamental rights and freedoms of the data subject, requiring the protection of personal data, prevail over those interests, in particular when the data subject is a child.

    • The following data is processed in particular:
      • User IP
      • Email address
      • Sex
      • Name and surname
      • Date of birth
      • Address of residence
      • User photo ("avatar")
      • Bank account No.
      • Country of origin
      • City/ Town
      • Time zone
      • Type of web browser
      • Type and version of the operating system
      • Phone type and model
      • Type and version of the mobile operating system

    [Profiling]

    The above data together with other "technical" data obtained during use of the Portal (which also includes data obtained through the use of Cookies), can be used to profile individual preferences of users, in accordance with the idea of ​​functionality of this type Portals (e.g. preferences for offered digital products). It can also be used to create aggregated statistics. The data may also be used for marketing purposes on the basis of Art. 6(1f) of GDPR, including the purpose of displaying advertisements adequate to the user's interests.

    • Cookies
      • gh_aff - Your ACLID;
      • laravel_session - Identifies and saves the user session on the portal.
      • gh_ref - Saved only when the user has entered another user's referring link, the user ID who recommended the site is saved.
      • gh_camp - Indicates our ID for a given campaign conducted on Google Analytics.
      • gh_recommend - Saves the previous website of a given user.
      • gh_campclick - Your own GCLID if it comes from a campaign saved in Google Analytics.
      • gh_clid - GCLID.
      • __cfduid - Used to identify individual customers with a shared IP address and apply security settings for individual customers from Cloudflare
      • XSRF_TOKEN - Individual ID of each session on the portal.
      • _ga - Used to distinguish users for the purposes of gathering information about visits on the website by Google Analytics.
      • _gid - Used to distinguish users by Google Analytics
      • _gat - It is used by Google Analytics to throttle request rate for own servers.
      • Timezone - Saves information about the user's time zone.
      • _OneSignal_session - Saved when the user allows the website to send browser notifications.
    • Google Analytics
    • The Controller may use the Portal for profiling technology under the name Google Analytics or other similar systems from external suppliers. In particular, Google Analytics mainly uses its own Cookies to report user interactions on the websites of Google Analytics customers (in particular our Portal). Google advertising Cookies are used to support Google Analytics Advertising Features (such as remarketing) on ​​Google Display Network services, e.g. AdWords. You can learn more about this technology, additional Cookies that it uses, and how to disable this technology on the websites concerning data security published by an external manufacturer of this technology at: https://support.google.com/analytics/answer/6004245?hl

    [Processing time]

    Your personal data will usually be processed for the duration of the contract (e.g. for the provision of services by electronic means via the Portal) - for the purpose of performing the contract (Art. 6(1b) of the GDPR), as well as for purposes resulting from legitimate interests conducted by the Controller or by a third party (Art. 6(1f) of the GDPR).

    After performance/ completion of the contract (e.g. deleting an account in the Portal), the data will be still processed - however for archiving purposes, including pursuant to art. 74 of the Accounting Act of 29 September 1994 (Art. 6(1c) of the GDPR).

    [Passing on to other entities]

    Your personal data may be transferred to other entities in order to perform the contract/ service (Art. 6(1b) of the GDPR) as well as for the purposes set out in Art. 6(1f) of the GDPR and for marketing purposes (in the case of an appropriate legal basis, e.g. consent or in pursuit of objectives arising from legitimate interests pursued by the Controller or by a third party).

    The Controller declares that they shall not transfer the Data to a third country or an international organisation, i.e. outside the European Economic Area ("EEA"). The Controller also declares that they shall not use subcontractors who provide data outside the EEA. In the event that the situation changes, in the event of necessity to use subcontractors or partners from outside the EEA, the Controller declares that with the help of appropriate contracts, they shall ensure that such third parties adequately meet the requirements of the GDPR.

    [Data recipient categories]

    The Controller may share personal data only to entities authorised to obtain it on the basis of legal provisions and/ or relevant agreements, including personal data processing agreement.

    In addition, your personal data may be, in particular, transferred to processors at the request of the Controller, including to IT service providers, hosting service providers, paying agents (e.g. electronic payments), companies that carry out advertising mailings, marketing agencies (if the right legal basis exists, e.g. consent or e.g. in pursuit of objectives arising from legitimate interests pursued by the Controller or by a third party - Art. 6(1f) of the GDPR), etc.

    The above-mentioned entities process data on the basis of appropriate personal data processing agreements entered into with the Controller, and the transfer of the data is covered by security measures and control on the part of the Controller as Personal Data Controller.

    The processing of personal data for marketing purposes takes place either on the basis of appropriate consent (Art. 6(1a) of the GDPR), or in connection with the occurrence of other legal bases than consent - e.g. Art. 6(1f) of the GDPR.

    [Legal bases, including other than consent]

    The often abused consent to the processing of personal data is only one of many possible legal bases for the processing of personal data. There are many other legal bases for the processing of personal data, other than the consent of the persons whose data will be processed. In particular, personal data may be processed in order to perform a contract, or e.g., where processing is necessary for purposes arising from legitimate interests pursued by the Controller or by a third party. Legal bases for processing personal data are regulated by art. 6 of the GDPR.

    [Your rights]

    • You can get information on whether we process your personal data.
      • If so, you can access them, e.g. ask for a copy. You can also receive detailed information including but not limited to what your data is being processed and for what purpose, to whom it is transferred. If you have not provided the data yourself to this company/ institution, you can also ask for information from where it was transferred to this particular company
      • You can also ask to delete or limit the processing of your data. Of course, not in every case. When we have a contract concluded with you, we can process it in accordance with the law and your request will not be effective. However, if it is processed unlawfully or there are no bases to process it - your data should be deleted
      • If you feel that your rights are being violated, you can complain to the supervisory body handling with the protection of personal data​.
    • In addition, if the Controller processes your personal data:
      • You have the right to access your personal data and the right to request its rectification, deletion or limitation of its processing;
      • Where the basis for the processing of your personal data is the premise of a legally legitimate interest of the Controller, you have the right to object to the processing of your personal data;
      • In particular, you have the right to object to the processing of data for direct marketing and profiling purposes;
      • Where the basis for the processing of your personal data is consent, you have the right to withdraw your consent. The withdrawal of consent does not affect the lawfulness of the processing that was made on the basis of consent before its withdrawal.
      • To the extent that your data is processed for the purpose of entering into and executing a contract or processed on the basis of consent, you have the right to transfer data, i.e. to receive your personal data from the Controller in a structured, commonly used machine readable format.
      • In order to exercise the above rights, please contact the Data Controller or the Data Protection Officer (if appointed), using the above-mentioned contact details or the appropriate form on the website https://gamehag.com/contact

    [Information about the requirement to provide data]

    To the extent that the processing of your personal data takes place in order to conclude and execute the contract with the Controller, providing the data is necessary to conclude the contract. Providing personal data is voluntary, however, it is not possible to enter into and execute the contract without providing it. Providing personal data for marketing purposes is voluntary, however, the processing of personal data for marketing purposes may also take place under a different legal basis than consent, e.g. based on Art. 6(1f) of the GDPR.