Data protection declaration
The following information describes the service provider's data processing and data usage guidelines for entertainment products by the gamigo AG, henceforth to be referred to as gamigo.
1. Personal data
The user information defined in this guideline as personal data covers all data which relates to natural persons or which allows information to be associated with a particular person. This includes, for example, the name, date of birth and email address. Any statistical data collected in addition to this which cannot be associated with a particular person is not personal data.
2. Data usage
Personal data is saved and processed when visiting gamigo's websites to provide login services and more secure access to the games, for example. The data described below shall be collected on a voluntary, contractually agreed-upon basis as well as on a legal basis for the individual types of contracts or individually used functions. There is no contractual or legal obligation to provide personal data. Should that be the case, however, it will not be possible to use gamigo's services. If the data is collected and used for pursuing gamigo's legitimate interests, then these legitimate interests will depend on data protection in the pursuit of economic interests. The legal bases for data protection are art. 6 paragraph 1 sentence 1 let. a) (consent), let b) (fulfilling the agreement), let. c) (commercial and tax-related retention requirements) and let. f) (performing legitimate interests) GDPR.
2.1. Using the websites
When accessing gamigo's websites, data is automatically forwarded to gamigo via the internet browser, which includes the Internet Protocol Address (IP-Address), date and time of access, access status/HTTP status code, browser type, its version and the operating systems and the language used. This information is saved in log files and is necessary for matching the website's language settings or for forwarding to the corresponding website, for recognising and fixing technical problems and avoiding so-called hacking attacks and preventing them in advance. The data is saved in accordance with all legal provisions.
2.2. Using the gaming service
To provide gamigo's gaming service and guarantee account security, it is necessary to process personal data. This data is needed during registration and later when the gaming service is used for providing user-specific gaming accounts.
It is necessary to register for the desired game to use gamigo's gaming service, although the type of data accessed during registration can differ from game to game. In addition to an email address, a username and password are also required for accessing the games, although other information such as a user's actual name, age, address or telephone number and possibly also payment details for carrying out the services offered that the user wishes to avail himself / herself of. The data will only be used for carrying out the service. Mandatory information is marked as being such.
2.2.2. Social Games
Some of the gaming services can be accessed via social networks such as Facebook. When using gamigo's gaming services through such third-party providers, henceforth to be referred to as “Social Games”, the user registers for the gaming service by linking the social media account with the gamigo account system. The data supplied by the third-party provider and approved by the customer, such as name, profile picture, age, gender, language or email address are used as contact data. Additional information, such as the data supplied by third-party providers, can be found in the corresponding data protection conditions for the social network in question.
2.2.3. Emailing and newsletter
When registering for a product, gamigo uses the email address provided by the customer during registration to send any product-specific information such as game updates or events, account and payment-specific information such as password changes or payment confirmations. Furthermore, gamigo also offers customers a newsletter they can subscribe to, both during registration and in their private account, which is sent to the email address provided by the user. The newsletter contains product-specific information on gamigo offers. If the customer has given his / her consent, then the newsletter will also contain information on other products from the group of companies, including their content, product events and product updates, as well as information on events such as parties and industry trade fairs. If consent has been given, then the newsletter may also contain third-party product placements or information on fan articles such as mugs with motifs for a specific product. It is possible to unsubscribe from the newsletter at any time, free of charge, via the unsubscribe link contained in the newsletters. Emails and newsletters are sent by service providers on behalf of gamigo. Pictures and graphics in the emails and newsletters are accessed by the gamigo servers when opened. In addition, email and newsletters also contain so-called tracking pixels. These are pixels that match a file, which are retrieved when the email or newsletter is opened by the service provider commissioned by gamigo. When the emails that have been sent are opened, information is also sent to gamigo, which gamigo evaluates for statistical purposes and which serves to optimise the technology and content of gamigo's services. The information forwarded consists, for example, of the user's anonymous IP address, language and hardware used.
3. Voluntary information
gamigo offers the customers on some of its services the option to personalise their account and to provide additional data, such as name, hobby or gender. The information provided by the customer can be adapted directly in the account field by the customer and deleted or indirectly adapted or removed via support message from the gamigo support department.
4. Fraud prevention
So as to allow all customers to have a pleasant playing experience, gamigo endeavours to ensure compliance with the terms and conditions and game rules and, to this end, processes the data required. Therefore, the game clients provided may, amongst other things, contain an additional programme for preventing tampering so that tampering with client-server communications and other well-known technical tampering methods, such as cheat programmes and hacks, can be detected and prevented. This technical data will only then be forwarded to the game servers when tampering is established by means of the relevant programme. The data collected by the programmes will not be used beyond the purposes mentioned. The installation of any additional software to prevent program manipulation is not usually identified. It is only possible for the software to be uninstalled from the gaming client in a few cases and tends to lead to the gaming client crashing. Customers will be informed of any actions of this nature being carried out when the software is launched.
If the customer's consent is required for a specific purpose for using the personal data, then this shall be saved along with the date and time, for demonstrative purpose, in the event of it being granted. Any consent granted can be revoked here and here at any time, free of charge. Any customers under 16 years of age require the consent of their parent or legal guardian.
6. Recipient of Personal Data
To achieve the processing purposes described above, we pass on personal data to various categories of recipients. The concrete passing on of personal data about you depends largely on which of our services you use.
We share personal data with the following categories of service providers as processors: service providers in the context of fraud and manipulation prevention, to service providers to conduct surveys, to service providers for analysis services, to payment service providers, to service providers for sending newsletter, to service providers for advertising services, data centers, as well as to subsidiaries and affiliated companies within the meaning of Sec. 15 AktG (German Stock Corporation Act). The transfer of the personal data to the respective recipient as processor is lawful under Art. 28 GDPR.
We pass on personal data to the following categories of service providers as independent controllers: Lawyers, authorities, the police, payment service providers, and providers of “social logins.
7. Forwarding the data outside the European Union and European Economic Area (third countries)
Service providers in third countries are also accessed for providing gamigo's services, although data will only be forwarded to recipients in third countries which offer an appropriate level of data protection, such as by means of self-certification for a non-European service provider in accordance with the EU US Privacy Shield or the agreement of so-called EU standard contract clauses for the European Union with the recipient. Furthermore, the customer's consent can be included when forwarding the data to third countries. An overview of service providers outside the European Union, the European Economic Area and a copy of the agreed-upon regulations for ensuring an appropriate level of data protection can be queried via the “Contact and Rights” section (12.) for the contact details that have been provided.
8. Duration of data storage
gamigo only saves personal data for the legally or contractually permitted or agreed-upon purposes for the required or prescribed duration that is technically, legally or contractually necessary. Once the purpose or any obligation ceases to apply for storing the data, the customer data is deleted or made anonymous.
10. Analysis service via Google Inc.
Gamigo uses a variety of different web analysis services from Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, henceforth referred to as Google, for analysing website usage.
10.1. Google Universal Analytics
Google Universal Analytics is a widely used Google web analysis service. The methods provided by Google Universal Analytics allow a cross-device analysis of website usage by means of cookies. The information on website usage generated in this way is, as a rule, transferred to a Google server in the United States and also saved there. Google uses the information collected to analyse website usage, to create reports and to make services available for market research and website optimisation purposes on gamigo's behalf. The IP address automatically sent to Google is not merged with other Google data and only used by gamigo for statistical assessments. Google's processing of the data can be prevented by means of a browser add-on. In the event of a mobile end device being used, there is the option of deactivating Google Analytics over the following link. The opt-out cookie that this places on the end customer's device prevents data collection on the corresponding device as long as the cookies are made available to the browser being used. This does not, however, prevent data being collected by Google. You can find further information on Google Universal Analytics under Google's data protection information.
10.2. Google “remarketing and similar target group function”
Gamigo uses Google's remarketing function, which is a function that allows a website's visitors to be addressed with personalised and interest-based advertising as soon as they visit another Google Display Network website. To this end, Google cookies are used for carrying out the analysis of website usage, which is used as the basis for settings for the online interest-based advertising. To carry out the process, Google deposits a small file with a code number on the customer's end device by means of which visits to websites and anonymised data for using said websites can be collected. As soon as visitors have agreed to linking their Google web and app processes with their Google account and as soon as information from their Google account is used for displayed notices, Google shall use the data from these registered users together with Google Analytics data to create and define target groups for cross-device remarketing. In this way, website visitors are also targeted across their devices with personalised interest-based adverts. If any other websites are subsequently accesses on the Google Display network, then the adverts will be displayed, which, in all likelihood, will take the products and information into account that were previously visited by the user. If the customer does not want Google's remarketing function then this can, in principle, be deactivated by adjusting the relevant settings under http://www.google.com/settings/ads. Google's cookie usage can also be permanently deactivated under the following links for managing Google cookies.
You can find more information on Google Remarketing under Google's data protection information.
10.3 Additional Google Analytics functions for displaying adverts
The following Google Analytics functions are used on gamigo's websites to display adverts:
• Report editor on the Google Display Network
• Integrating the Double Click Campaign Manager,
• Google Analytics Reports for services depending on demographic characteristics and interests.
The report functions mentioned are for assessing and using the data collected by Google in the context of interest-based advertising as well as visitor data from third-party service providers in Google Universal Analytics, such as age, gender and interests. This makes it possible for the end customer to deactivate Google Analytics for display advertising at any time, and to modify the notices in the Google Display network using the settings at https://www.google.de/settings/ads.
You can find more information on the Google Analytics functions for display adverts under Google's data protection information.
11. Social network plugins
Social network plugins, so-called “social plugins”, such as Facebook, twitter or google+ are used on gamigo's websites. After activating these social plugins, it is possible for the customer to directly share our websites' content on social networks. Personal data is not processed by using the socials plugins just as a result of their placement on gamigo's websites. To prevent data being transferred to the United States without the customer's knowledge, gamigo employs the so-called Shariff solution. This means that no personal data is sent to the provider of the social plugins and saved when visiting the websites, unless the social plugins have been actively clicked on by the customer.
If one of gamigo's websites is accessed, then a direct connection can be established via the browser with the corresponding social network's servers if the corresponding social plugin is clicked on. This will result in the contents of the social network's plugin being forwarded directly to the customer's browser and, by means of this, being integrated into the relevant website. If the customer is registered on the social network in question, then the social network will be able to associate the visit with the customer's corresponding account. If the customer does not want his / her account to be associated, then the customer must log out of the social network account and delete the relevant cookies before visiting gamigo's websites. If the customer does not have an account with the social network that has the clicked upon social plugins, then the social network in question may, despite this, process the IP address. gamigo does not have any influence on the extent of the data which the social network in question collects with the help of its plugins and is only providing information on the basis of its current knowledge. The extent and purpose of data collection, as well as how the data is processed and used by social networks, and information on rights and possible settings for protecting privacy, can be found in the corresponding social network's data protection information.
12. Contacts and rights
The following party is responsible for processing personal data:
Behringstraße 16 b
Phone: +49 (0)40 411 885 0
Fax: +49 (0)40 411 885 255
Customers who wish to object to their data being processed can send this objection to the contact details above by email or by post. This also applies to exercising any rights to information, to correcting, deleting their data or limiting the processing of their data, as well as the right to transfer their personal data. If consent has been given to process the personal data, then this may be withdrawn at any time and apply to the future. The legality of any consent granted for processing data prior to such an objection being received shall remain unaffected.
Customers have the right to submit a complaint to the data protection authority. The competent data protection authorities are those at the customer's place of residence as well as those responsible for gamigo, under the following address:
Freie und Hansestadt Hamburg
Der Hamburgische Datenschutzbeauftragte für Datenschutz und Informationsfreiheit
Ludwig-Erhard-Str. 22, 7. OG
Phone: 040/428 54-40 40
Fax: 040/428 54-40 00
13. Data protection
Gamigo implements up-to-date measures to guarantee data protection and to protect your personal data from risks in the event of the data being transferred as well as third parties becoming aware of it. It also regularly checks if the relevant security provisions are state of the art.
14. State of the data protection declaration and scope of application
As of December 2022