AUTH4PLAY
PRIVACY NOTICE
PRIVACY NOTICE
Last update: 06/10/2021
Introduction
Auth4Play is a privacy-oriented instrument and we take personal data protection seriously. Thus, we have adopted this Privacy Notice to make the processing of Your personal data fair, lawful, and transparent.
This Privacy Notice is applicable to the processing of personal data in the context of using the website https://auth4play.com/ (“Website”) or while using Auth4Play on our Customers’ websites and/or mobile apps.
We notify You that we will process Your personal data in accordance with the provisions of Regulation (EU) 2016/679 (“GDPR”) for the purposes and on legal bases stated in this Privacy Notice.
In this Privacy Notice we are willing to inform You the following:
This Privacy Notice is an integral part of our Terms of use, and all terms used in this Privacy Notice have the same meanings as in our Terms of use. Other terms should be interpreted according to the provisions of the GDPR.
This Privacy Notice is applicable to the processing of personal data in the context of using the website https://auth4play.com/ (“Website”) or while using Auth4Play on our Customers’ websites and/or mobile apps.
We notify You that we will process Your personal data in accordance with the provisions of Regulation (EU) 2016/679 (“GDPR”) for the purposes and on legal bases stated in this Privacy Notice.
In this Privacy Notice we are willing to inform You the following:
- Our contact details;
- Company’s role in personal data processing;
- Personal data we process and sources of personal data;
- Purposes and legal bases for processing;
- Period for storage of Your personal data;
- Recipients of Your personal data;
- International data transfers;
- Your rights as a data subject.
This Privacy Notice is an integral part of our Terms of use, and all terms used in this Privacy Notice have the same meanings as in our Terms of use. Other terms should be interpreted according to the provisions of the GDPR.
Our contact details
We are IDPIXEL INFORMATION TECHNOLOGY LIMITED, a legal entity, incorporated under the legislation of the Republic of Cyprus, with its registered number HE 419191 and legal address: 9 Vasili Michailidi, 3026, Limassol, Cyprus (“Company”, “we”).
If You have any questions regarding the processing of Your personal data, You can always contact us by sending an email to support@auth4play.com or to our registered address.
If You have any questions regarding the processing of Your personal data, You can always contact us by sending an email to support@auth4play.com or to our registered address.
Company’s role in the personal data processing
For the processing of Your personal data, when You access and use our Website, we act as a data controller within the meaning of the GDPR. In this case, we determine the purposes and means of the processing of Your personal data and take primary responsibility.
For the processing of End users’ personal data, when You use Auth4Play on our Customers’ websites and/or mobile app we act as a processor and process personal data on behalf of our Customers.
If You are an End user of our Customer and are concerned about processing of Your personal data by such Customer or want to exercise Your rights as a data subject, please contact such Customer directly.
For the processing of End users’ personal data, when You use Auth4Play on our Customers’ websites and/or mobile app we act as a processor and process personal data on behalf of our Customers.
If You are an End user of our Customer and are concerned about processing of Your personal data by such Customer or want to exercise Your rights as a data subject, please contact such Customer directly.
Children’s personal data
We work globally and provide our Services to Customers which operate in different sectors and industries (gaming, gambling, e-commerce, etc.). We acknowledge that there may be some legal restrictions on the age of End users that have the right to log in to and use our Customers’ website and/or mobile app.
We inform You that our Customers that provide You with their services or products are primarily responsible for compliance with these legal requirements. However, if You are a parent or other holder of parental responsibility and believe that we process personal data of a child unlawfully, please contact us. We will try to understand Your issue and make our best efforts to protect the rights of a child.
We inform You that our Customers that provide You with their services or products are primarily responsible for compliance with these legal requirements. However, if You are a parent or other holder of parental responsibility and believe that we process personal data of a child unlawfully, please contact us. We will try to understand Your issue and make our best efforts to protect the rights of a child.
Personal data we process and sources of personal data
Within the scope of this Privacy Notice, we collect and process different categories of personal data, including:
1. Personal data processed by the Company as a controller
Technical data. In the course of Your access and use of the Website, we automatically collect from Your browser and process the following personal data:
- IP address, information about your location, information about your mobile operator or Internet provider;
- data related to your device: its operating system, browser type, and version, screen resolution, set time zone, language settings, device type: its model and manufacturer (if applicable);
- information about your browsing session and any interaction with the Website interface (for example, the number of pages you visited, the number of pages you clicked);
- information about the source from which you visited the Website;
- cookie data.
Contact data. When You contact us with general questions about Auth4Play, our Company, Services, or this Website or with the aim to order our Services we may collect and process the following personal data:
- Your name;
- Your email;
- Name of the organization You represent;
- Other data voluntarily provided by You.
Search data. When You contact us on behalf of the organization interested in our Services, we may conduct an independent search and analysis of information about Your company and You from open sources. We may collect the following data:
- User identifier (UID);
- Your public account information available on Social networking services. This data may include Your first name, last name, gender, date of birth, state, city, email, telephone number, photo, date of the account creation. We will collect only those data that You have authorized for sharing from Your public account.
Purposes and legal bases for processing
We adhere to purpose limitation and lawfulness principles. So, we collect and process Your personal data for specified, explicit, and legitimate purposes and on appropriate legal bases. In this part of the Privacy Notice, You can find the description of legitimate purposes and legal bases for processing we carry out as a controller.
| Legitimate purpose | Personal data | Legal basis |
|---|---|---|
| Making our Website available and usable | Technical data | Our legitimate interest according to Article 6 (1)(f) of the GDPR.
Our legitimate interest is to give You access to our Website and its complete functionality. |
| Ensuring the correctness of the Website operation and security | Technical data | Our legitimate interest according to Article 6 (1)(f) of the GDPR.
Our legitimate interest is to keep our Website working correctly and properly as well as prevent and eliminate any external threats to the Website. |
| Making our Website better | Technical data | Our legitimate interest according to Article 6 (1)(f) of the GDPR.
Our legitimate interest is to make our Website as good and convenient for You as possible. |
| Communication with You | Contact data
Search data Technical data |
Our legitimate interest according to Article 6 (1)(f) of the GDPR.
Our legitimate interest is to maintain communication with You both on general matters and in negotiations before entering into the contract with the organization You represent. |
| Understanding the context of future business relations with prospective Customers | Contact data
Search data |
Our legitimate interest according to Article 6 (1)(f) of the GDPR.
Our legitimate interest is to understand and anticipate how to work with prospective Customers. |
Additionally, we conduct the processing of personal data while rendering Services to our Customers. If You log in to our Customers’ websites and/or mobile apps with the use of Auth4Play plugin we shall process Data received from Social networking services on behalf of our Customers and based on their instructions.
In this case, we act as a processor and do not determine the purposes of such processing activities. Our role is to transfer Data received from Social networking services to the respective Customer.
If You are concerned about the processing of Your personal data by such Customers, please read the privacy policy/notice on their websites and/or mobile apps or contact them directly.
In this case, we act as a processor and do not determine the purposes of such processing activities. Our role is to transfer Data received from Social networking services to the respective Customer.
If You are concerned about the processing of Your personal data by such Customers, please read the privacy policy/notice on their websites and/or mobile apps or contact them directly.
Period for storage of Your personal data
According to the principle of storage limitation, we guarantee that we will not keep Your personal data longer than it is necessary to achieve the purposes stated above.
An explicit storage period for different categories of personal data:
Technical data (except for cookie data). We will store these personal data no longer than 14 (fourteen) months from Your last visit to the Website.
Contact data and Search data. We need these personal data during our communication with You. When the purpose of our communication with You is reached, we erase these data.
Data received from Social networking services. We do not use or otherwise process Data received from Social networking services for our own purposes, so we will store these personal data no longer than it is necessary to complete our obligations as a processor.
Cookies. The storage period for cookies is stated in our Cookie Notice.
An explicit storage period for different categories of personal data:
Technical data (except for cookie data). We will store these personal data no longer than 14 (fourteen) months from Your last visit to the Website.
Contact data and Search data. We need these personal data during our communication with You. When the purpose of our communication with You is reached, we erase these data.
Data received from Social networking services. We do not use or otherwise process Data received from Social networking services for our own purposes, so we will store these personal data no longer than it is necessary to complete our obligations as a processor.
Cookies. The storage period for cookies is stated in our Cookie Notice.
Recipients of Your personal data
We notify You that we will share Your personal data with the following recipients:
- Employees, contractors, agents, affiliates, external consultants. To service our Website and conduct our business we may engage such persons entering into contracts with them. We ensure You that these persons have committed themselves to confidentiality.
- IT services providers. We use hosting provider services, cloud services, analytics services, and other technical solutions to maintain our Website and organize business processes. Accordingly, they may have access to Your personal data, previously encrypted by the Company.
We currently use Google Cloud and Cloudflare services, but we may involve other IT service providers in the future.
Google. Google Cloud services are provided by Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA.
Cloudflare. Cloudflare, Inc. 101 Townsend St, San Francisco, CA 94107, USA provides services for Website security. - Our Customers. As stated above we transfer Data received from Social networking services to our Customers according to our contractual obligations.
International data transfers
We primarily store Your personal data within the EEA; however, we may share Your personal data with the recipients outside the EEA. Nevertheless, we guarantee that Your personal data are subject to appropriate safeguards (such as the European Commission adequacy decisions or standard contractual clauses with the recipients) and treated securely and in accordance with this Privacy Notice and the GDPR.
Your rights as a data subject
As a controller in some processing activities we undertake to exercise Your data subject rights in accordance with the GDPR, namely:
The right to access (Article of the 15 GDPR). You have the right to receive confirmation from us as to whether Your personal data are being processed, as well as to receive a copy of Your personal data.
Right to rectification (Article 16 of the GDPR). You have the right to request the rectification of Your personal data if the data are inaccurate, as well as the complete the data if the data are incomplete.
Right to erasure (Article 17 of the GDPR). You have the right to request the erasure of Your personal data. This right applies if:
Right to restriction of the processing (Article 18 of the GDPR). You have the right to request the restriction of the processing of Your personal data in the following cases:
Right to lodge a complaint (Article 77 of the GDPR). You can always contact us with any questions regarding the processing of Your personal data. However, if You believe that Your rights have been violated, You can file a complaint with the Commissioner for Personal Data Protection of the Republic of Cyprus (jurisdiction of our registration). Commissioner's website: http://www.dataprotection.gov.cy.
If you are within the EU You have the right to lodge a complaint with a supervisory authority, in particular in the Member State of Your habitual residence or place of work. You can find the list of data protection authorities in the EEA at https://edpb.europa.eu/about-edpb/about-edpb/members_en.
The right to access (Article of the 15 GDPR). You have the right to receive confirmation from us as to whether Your personal data are being processed, as well as to receive a copy of Your personal data.
Right to rectification (Article 16 of the GDPR). You have the right to request the rectification of Your personal data if the data are inaccurate, as well as the complete the data if the data are incomplete.
Right to erasure (Article 17 of the GDPR). You have the right to request the erasure of Your personal data. This right applies if:
- Your personal data is no longer required for the purposes for which they were collected;
- Personal data are processed unlawfully;
- We do not need to store Your personal data in order to comply with applicable law;
- In other cases where deletion is required or permitted by applicable law.
Right to restriction of the processing (Article 18 of the GDPR). You have the right to request the restriction of the processing of Your personal data in the following cases:
- If You contest the accuracy of Your personal data, we will restrict the processing of such data until we verify their accuracy;
- If You object to the processing of personal data on the basis of our legitimate interest, we will restrict the processing of such data until the legitimate interest is confirmed;
- If the processing is unlawful, You can object to the deletion of personal data and request the restriction of their use instead;
- If we no longer need personal data, but You need it to establish, exercise, or defense legal of the legal claims.
Right to lodge a complaint (Article 77 of the GDPR). You can always contact us with any questions regarding the processing of Your personal data. However, if You believe that Your rights have been violated, You can file a complaint with the Commissioner for Personal Data Protection of the Republic of Cyprus (jurisdiction of our registration). Commissioner's website: http://www.dataprotection.gov.cy.
If you are within the EU You have the right to lodge a complaint with a supervisory authority, in particular in the Member State of Your habitual residence or place of work. You can find the list of data protection authorities in the EEA at https://edpb.europa.eu/about-edpb/about-edpb/members_en.
Privacy Notice updates
We are stable in our desire to increase the personal data protection of our Users and End users. Since we reserve the right to update, modify and amend this Privacy Notice to be usually compliant with the data protection laws. The current version of the Privacy Notice will be posted on the Website.
Cookie Notice
Cookies are snippets of data that can be installed on Your internet web browser when You visit the Website. We use some types of cookies, but we are not interested in identifying You as an individual with the data from cookies.
We use the following cookies:
We use the following cookies:
| Name of Cookie | Type of Cookie | Storage period | Purpose of use |
|---|---|---|---|
| PHPSESSID | Functionality Cookie |
Session | This Cookie helps to provide functions across pages. |
| _csrf | Security Cookie |
Session | This Cookie helps to protect the Website against attacks. |