1.1. Controller – Reikon Games spółka z ograniczoną odpowiedzialnością with its registered office in Warsaw (ul. Lipska 10/2, 03-904 Warsaw).
1.2. Personal Data – any information relating to an identified or identifiable natural person who can be identified by reference to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person, including the IP of a device, location data, Internet identifier and information collected through cookies and other similar technology.
1.3. Policy – this Privacy Policy.
1.4. GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC.
1.5. Website – an online service operated by the Controller at: www.reikongames.com.
1.6. User – each natural person visiting the Website or using one or several services or functionalities described in the Policy.
2.1. In connection with the use of the Website by the User, the Controller will collect data within the scope necessary for the rendering of the specific services on offer and collect information about the User’s activities while using the Website. The detailed rules for and purposes of the processing of Personal Data collected during the use of the Website by the User are described below.
USE OF THE WEBSITE
3.1. The Personal Data of all of the persons using the Website (including the IP address and other identifiers and information collected through cookies or other similar forms of technology) will be processed by the Controller:
3.2. The User's activity on the Website, including his/her Personal Data, is recorded in system logs (a special computer programme used to store a chronological record containing information on events and actions that concern the IT system used to provide services by the Controller). The information collected in the logs is processed primarily for purposes related to the provision of services. The Controller also processes them for technical, administrative purposes, for the purposes of ensuring the security of the IT system and the management of this system - in this respect, the legal basis for processing is the Controller's legitimate interest (Article 6(1)(f) of the GDPR).
E-MAIL CORRESPONDENCE
3.3. Personal Data, which is shared by the User in email correspondence addressed to the Controller, and is not related to the services provided or other existing contracts, is processed only for the purpose of communication and addressing the matter to which the correspondence relates.
3.4. Personal Data will be processed for:
3.5. The Controller only processes Personal Data relevant to the matter to which the relevant correspondence relates. The entire correspondence will be stored in a manner ensuring the security of Personal Data (and other information) contained therein, and such data will only be disclosed to authorised persons.
CONTACT THROUGH SOCIAL MEDIA
3.6. Where correspondence is addressed to the Controller via social media that is not related to the services provided to the sender or any other contract entered into with the sender, the Personal Data contained in that correspondence is processed for the sole purpose of communication and resolution of the matter to which the correspondence relates.
3.7. Personal data will be processed for:
COLLECTION OF DATA IN THE CONTEXT OF BUSINESS CONTACTS
3.8. In connection with its business activities, the Controller also collects personal data in other cases - e.g. during business meetings, events or by exchanging business cards - for the purposes of initiating and maintaining business contacts. The legal basis for the processing in this case is the Controller's legitimate interest (Article 6(1)(f) GDPR) in networking in connection with its business activities.
4.1. The Controller processes Personal Data of Users visiting the Controller's profiles maintained on social media (Facebook, LinkedIn, Twitter). This data is processed exclusively in connection with the running of the profile, including for the purpose of informing Users about the Controller's activities and promoting various events, services and products. The legal basis for the Controller's processing of Personal Data for this purpose is the Controller's legitimate interest (Article 6(1)(f) of the GDPR) in promoting its own brand.
5.1. The timeframe for processing Personal Data by the Controller depends on the purpose of such processing. In principle, Personal Data should be processed during the time of rendering services until the withdrawal of consent to the processing of Personal Data or the submission of an effective objection against the processing of Personal Data in cases where the legal basis for the processing of such data is the Controller pursuing it legitimate interests.
5.2. The timeframe for the processing of Personal Data may be extended if the processing is required to establish and to enforce any claims or to defend against any claims, and after such time, only in the event, and to the extent, that it is required by law. After the lapse of the timeframe for processing Personal Data, such data will be irrevocably deleted or anonymised.
6.1. The User has the right to access the content of the personal data and to request their rectification, erasure, restriction of processing, the right to transfer and the right to object to the processing of personal data, as well as the right to lodge a complaint with the supervisory authority in charge of the protection of Personal Data.
6.2. Insofar as the User's personal data are processed on the grounds of consent, the consent may be withdrawn at any time by contacting the Controller.
6.3. The User has the right to object to the processing of personal data for marketing purposes if the processing is carried out in connection with the Controller's legitimate interest, and also - for reasons related to the User's particular situation - in other cases where the legal basis of personal data processing is the Controller's legitimate interest (e.g., in connection with the pursuit of analytical and statistical purposes).
7.1. In connection with the performance of services, Personal Data will be disclosed to third parties, including specifically to suppliers responsible for servicing IT systems.
7.2. The Controller reserves the right to disclose selected information concerning Users to the relevant authorities or third parties that submit requests for such information, on the relevant legal basis and in accordance with applicable laws.
8.1. The level of protection of Personal Data outside the European Economic Area (EEA) differs from the level secured pursuant to EU law. For this reason, the Controller will transfer Personal Data outside the EEA only if it is necessary and with the assurance of an adequate level of protection, mostly through:
8.2. The Controller will always inform about the intention to transfer Personal Data outside the EEA at the stage of data collection.
9.1. The Controller carries out a risk analysis on an ongoing basis to ensure that Personal Data is processed in a secure manner – ensuring, in particular, that only authorised persons have access to such data and only to the extent that this is necessary for the performance of the Controller’s duties. The Controller ensures that all operations conducted in connection with Personal Data are recorded and performed only by authorised employees and contractors.
9.2. The Controller will take all necessary actions to ensure that its subcontractors and other cooperating entities also apply appropriate security measures whenever they process Personal Data on behalf of the Controller.
10.1. The Controller may be contacted at the office address: ul. Lipska 10/2, 03-904 Warszawa.
10.2. The Controller has appointed a Data Protection Officer who may be contacted by email: rodo@reikongames.com in any matter concerning the processing of Personal Data.
11.1. This Policy will be verified on an as-needed basis and updated, if required.