Why are you reading this?
If you are beta tester of the CrossfireX please see the section “Data Provided to Us by Third Parties”.
Personal data is all information relating to an identified or an identifiable natural person. A person is identified when the identity of a specific person can be deduced from the information itself. A person is identifiable when we can make a connection to a specific person using additional information available to us.
Who we are
We are the provider of Smilegate Services and the organization accountable for personal data you provide as part of using the Smilegate Services within the meaning of applicable data protection and privacy laws. We are Smilegate West Inc., 5000 Yonge Street, Unit 1701, Toronto, Ontario, Canada M2N 7E9 (hereinafter: "SGW" "Smilegate West" "we" or "us").
Information on data processing by Smilegate
- Submission data
- Usage data
- Data Provided to Us by Third Parties
- Possible disclosure of your personal data to third parties
- Where is the data stored?
- How do we protect your personal data?
- Use of Smilegate Services by minors
- Your California privacy rights and “Do Not Track”
- Legal bases for processing your personal information
- Your rights
- Data Protection Officer and EU Representative
Information on data processing by Smilegate
In the following sections, we describe which of your personal data will be processed while you use Smilegate Services. For a better understanding, we differentiate between your submission data (data you choose to submit for using our services) and usage data (data automatically collected by us while you use our services).
1. Submission data
a) What submission data is collected and stored?
- E-mail address
b) For what purposes do we collect, process and use submission data?
We ask you to submit your submission data only to send you marketing emails related to Smilegate Services (ex. Newsletters). We will keep you informed about Game and Game-related events in the marketing emails.
c) How long is submission data stored?
We will not keep your submission data for longer than is necessary for the purposes for which we collect it unless we believe that the law or other regulation requires us to preserve it. Where the use is subject to declarations of consent, it will at least continue until receipt of a notification of revocation. You may withdraw your consent to receive the marketing emails from us by following the unsubscribe instructions provided in our emails. Your email address will be stored until you withdraw your consent.
2. Usage data
We automatically collect a range of data as users use our Smilegate Services, in particular on the manner and extent of the use of our services, which requires no action on your part.
a) What data is automatically collected?
Data on Websites automatically collected:
Automatically collected data includes data which is not directly related to your person or associated with your identity, such as the IP address allocated to your device at the time of access (in anonymised form), duration of access, the pages displayed and other data automatically conveyed by your PC, e.g. in the form of log files with information, in particular, your operating system, browser information, language settings, your screen resolution and your internet service provider. The data automatically collected on our websites are not used to identify you personally or to contact you.
b) For what purposes do we collect, process and use usage data?
We use your usage data to facilitate your use of our services, to correct technical problems, to ensure the continuous functioning of our products and services and to improve and further develop these according to the needs of our users. We use the automatically collected usage data as described above under a) for the following purposes:
- to assess the success of marketing measures, in particular conversion rates for advertisements and newsletters;
- to ascertain your approximate location in order to offer country and language specific services and functions as well as statistical evaluations on the use of our services.
c) In what way is data automatically collected?
For the automated collection of usage data, we use technologies such as cookies, in order to collect passive usage data from our website without your active input. These include, in particular:
In addition to the cookies we set during your use of our service, additional cookies may be set, where applicable, by third party providers when you visit our website. This occurs because we have commissioned third parties to collect information for us, for example for statistical usage analysis (e.g. as part of Google Analytics); it also occurs because our sites contain content or advertisements of third parties. Where required, your browser connects, for the purpose of accessing such third party content, directly with the servers of the third party providers, thus enabling those providers to place their own cookies on your end device.
Most browsers are automatically set to accept cookies when visiting a website. You can deactivate cookies or set your browser to display a warning as soon as cookies are sent. However, when cookies are deactivated some sections of our websites will not function properly. You can set your web browser to warn you when there is an attempt to place cookies on your computer or to limit the range of cookies permitted by you.
Under certain circumstances, we also use flash cookies on our sites, also known as "local shared objects", which use Adobe technology. Flash cookies are small files which are similar to the browser cookies described above and are used to store website settings to enable the personalised appearance of the site. You can adapt your settings under the point "Global Storage Settings" on the Adobe website. For further information on the Flash Player security and data protection, visit the Adobe website at www.adobe.com and the Macromedia website at http://www.macromedia.com/support/documentation/de/flashplayer/help/settings_manager.html.
Please note that if you deactivate cookies you might not be able to use some of the features and functions for the use of our services which require cookies. The cookies set by us have a maximum life span of 6 months.
(b) Internet log files
We may also store internet log files, which your PC automatically transmits to our webserver. These log files typically contain information about your computer or your end device, in particular browser type/version, operating system used, URL of the linking websites and date and time of the access.
(c) Analytical metric tool and other technologies
Smilegate uses its own analytical metric tool and third party analytics technologies (see more detailed information below) to collect data when you play our games. These tools and technologies collect information about your computer, browser, your operating system, your use of features and pages, any application software used and information about the manner and extent of use of our games, including game metrics and statistics and your purchasing behaviour.
We use Google Analytics on our websites, a web analytics tool from Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"). Google Analytics uses "cookies" which are stored on your PC and which enable an analysis of your use of our website. The information obtained by the cookies about your use of our website will generally be transmitted to a server in the USA and stored there. We use Google Analytics on our websites, however, with an IP anonymisation tool, with which your IP address, when collected by Google Analytics, will, in member states of the European Union or in other states which are party to the Agreement on the European Economic Area, be masked beforehand, and thus the collected information will be exclusively transmitted by Google in anonymised form. Google uses the collected information to statistically evaluate your use of our website for us, to create reports on website activities and to provide further services related to the website and the internet usage for us. The IP address transmitted by your browser in the scope of Google Analytics will not be combined with other data from Google. Please note that Google Analytics information is often disclosed to marketing agency partners that take the data to optimize marketing campaigns.
You can deactivate the Google Analytics function with a browser add-on, which you can download at https://tools.google.com/dlpage/gaoptout. To do this you must install that browser add-on. This will prevent the analysis information from being sent to Google.
(d) Clear GIFs and tracking pixels
Clear GIFs (also known as web bugs, beacons, tracking pixels or tags) are small graphic images which are placed on a website, a web based document or in an email message. Clear GIFs are invisible to users as they are normally very small (only 1 x 1 pixel) and have the same colour as the background of the website, document or email message. We use Clear GIFs to collect statistical usage data about our websites, functions or other elements of a website. Clear GIFs also enable us to determine, for example, whether users come to our website via an advertisement placed by us and whether they register there or use a specific service. We also might use Clear GIFs in our advertising emails or in newsletters to determine whether you open these and whether you open the links therein. We use the data collected in this way for statistical purposes in order to analyse and improve our advertising campaigns and other customer communications. Where necessary, we also use this information to tailor the advertisements displayed within our Services to your specific interests by assigning you to certain interest groups on the basis of this information.
d) How long is usage data stored?
We don't keep your data forever.
We will not keep your personal data for longer than is necessary for the purposes for which we collect it unless we believe that the law or other regulation requires us to preserve it (for example, because of a request by a tax authority or in connection with any anticipated litigation).
Besides those statutory obligations, we are entitled to store your personal data for specific cases. The end of the storing period depends on the purpose for which we still need your personal data. This means we are storing your personal data at least for the time of a contractual relationship with you as our customer. However, we are permitted to store information, including your personal data, for longer if necessary to bring or defend ourselves against legal claims in court. This retention period relates to the respective periods set forth by a given statute of limitation.
When it is no longer necessary the retain your data, we will delete the personal data that we hold about you from our systems.
3. Possible disclosure of your personal data to third parties
By signing up to play beta test of CrossfireX on Microsoft's Xbox Live Service, you agree that Microsoft (Microsoft Corporation, One Microsoft Way Redmond, Washington 98052-6399 USA) may provide us with your Microsoft user account information. From Microsoft, we receive information including your account, items used, gameplay information, and IP address to provide you with CrossfireX services. We do not receive your credit card number or other financial information.
4. Possible disclosure of your personal data to third parties
Generally, your data is processed exclusively by us and we do not pass on any personal user data to third parties unless we need to do so in order to offer you certain Smilegate Services.
In order to provide these Smilegate Services, we work with service providers (e.g. hosting providers) who may, in the course of providing the respective service, receive and process personal data on our instruction and on the basis of a commissioned data processing agreement.
We may disclose your personal data to our affiliated companies, which are listed on this website: https://www.smilegate.com/en/company/affiliate.asp.
We may disclose your personal data:
- to data protection regulatory authorities;
- in response to an enquiry from a government agency; and
- to other regulatory authorities with jurisdiction over our activities.
Professional advisors and Auditors
We may disclose your personal data to professional advisors (such as legal advisors and accountants) or auditors for the purpose of providing professional services to us.
In the event that we sell or buy any business or assets, we may disclose your personal data to the prospective seller or buyer of such business or assets.
If Smilegate West or substantially all of its assets are acquired by a third party, personal data held by us about our clients and candidates/market participants will be one of the transferred assets.
In certain circumstances, you have the option of sharing information with others yourself as part of the Smilegate Services, e.g. if you give out personal information in a public forum. However, we do not transfer such data to other third parties.
Otherwise, your data will only be passed on in special exceptional cases, where we are obligated or entitled to do so by statute or upon binding order from a public authority.
5. Where is the data stored?
We generally store and process data collected in relation to the use of Smilegate Services on servers located inside Canada.
6. How do we protect your personal data?
a) Efforts to protect your personal data at our systems
We undertake appropriate efforts to protect your personal data and to ensure the security of our systems using the relevant latest technology. To this end, we use, among other things, state of the art encryption methods. At the same time, it should be noted that no type of transmission via the internet or method of electronic data storage is 100% secure. We can therefore offer no guarantee against unauthorized access to our servers and systems.
b) Security issues if you post content in public forums, blogs, chats and profiles
When using the Smilegate Services, from time to time you will be given the option to publish information relating to your person in our online chats, blogs, walls or in user profiles visible to the public or in similar forums on our websites and/or as part of our services. Any Information you disclose in one of these forums is non-encrypted, public information which can be seen by other users of the relevant service and, if published on a website, also by any third parties. In this respect, we cannot ensure the protection or confidential treatment of this information. You should note that all information, shared by you in the scope of these public activities, which enables the identification of your person, can be read, recorded, used and processed by other users in order to send you messages. We accept no responsibility for the information made public by you in these forums which can be used by other users to identify your person. Please also note that in the scope of normal internet activities, in certain circumstances, specific technical information is sent to third parties from your browser, such as advertising networks or analytics companies.
We have no control over the information sent to such networks or third parties by your browser and recommend that you ensure that your browser settings prevent the disclosure of information which you do not wish to share. If you wish to make a video, image or photo publicly available in one of our websites you should note that these could potentially be processed, collected, copied and/or used by other users without your consent.
We assume no responsibility for the videos, images or photos made public by you of your own volition within any Smilegate Services.
7. Use of Smilegate Services by minors
Smilegate Services are intended only for persons 16 or older. If you are under the age of 16, you are prohibited from using the Smilegate Services.
8. Your California privacy rights and "Do Not Track"
If you are located in California, you have certain additional rights.
California Civil Code link 1798.83 permits users who are California residents to request certain information identifying any third party to whom Smilegate may have disclosed, within the past year, personal data pertaining to such user and such user's family for that third party's direct marketing purposes, as well as a description of the personal data disclosed. To request such information, you may contact us using the contact details set out above. Any written inquiry must include "California Privacy Rights Request" in the first line of the description. Please note that we are only required to respond to one request per user each year.
If the California Consumer Privacy Act (CCPA) applies to your information, you can exercise your rights to receive information about our data practices, as well as to request access to and deletion of your information. See the 'Your rights' section below for more information.
California law permits our users who are California residents to be informed as to how we respond to web browser "Do Not Track" settings. We do not respond to "Do Not Track" settings at this time, whether that signal is received on a computer or on a mobile device.
9. Legal bases for processing your personal information
For users located in the EU, there are a number of different ways that we are lawfully able to process your personal information. We have described these below.
a) Where you give us your consent to process your personal information
We are allowed to use your personal information where you have specifically consented. In order for your consent to be valid:
- It has to be given freely, without us putting you under any type of pressure;
- You have to know what you are consenting to – so we'll make sure we give you enough information;
- You should only be asked to consent to one thing at a time – we therefore avoid "bundling" consents together so that you don't know exactly what you're agreeing to; and
- You need to take positive and affirmative action in giving us your consent – for example, we could provide a tick box for you to check so that this requirement is met in a clear and unambiguous fashion.
We currently seek your consent for marketing and advertisement purposes.
Before giving your consent you should make sure that you read any accompanying information provided by us so that you understand exactly what you are consenting to.
You have the right to withdraw your consent at any time, and details can be found in the "Right to withdraw consent" section below.
b) Where processing your information is within our legitimate interests
We are allowed to use your personal information where it is in our interests to do so, and those interests aren't outweighed by any potential prejudice to you.
We believe that our use of your personal information is within a number of our legitimate interests, including but not limited to:
- To handle customer complaints;
- To verify user identity;
- To ensure that our systems run smoothly;
- To protect against improper use or unauthorized use of our Service; and
- To market our services.
We don't think that any of the activities set out above will prejudice you in any way. However, you do have the right to object to us processing your personal information on this basis. We have set out details regarding how you can go about doing this in the "Your rights" section below.
c) Where processing your personal information is necessary for us to carry out our obligations under our contract with you
We are allowed to use your personal information when it is necessary to do so for the performance of our contract with you.
d) Where processing is necessary for us to carry out our legal obligations
As well as our obligations to you under any contract, we also have other legal obligations that we need to comply with, and we are allowed to use your personal information when we need to comply with those other legal obligations.
10. Your Rights
Applicable privacy laws in your country, such as those applicable to users in the EU and Canada, grant you some or all of the following rights in relation to your personal information.
To assert your rights or for questions on the topic of data protection, you can contact us at any time by post at Smilegate West, Inc., 5000 Yonge Street, Unit 1701, Toronto, Ontario, Canada M2N 7E9, or by email at firstname.lastname@example.org. We will be happy to help you. To get in touch with us about any of these rights, please contact us at email@example.com.
We will seek to respond to your request without undue delay, and in any event within one month (subject to any extensions to which we are lawfully entitled). We will not charge you for your first copy as required by law. If you request further copies, we may charge you a reasonable administrative cost as permitted by law. Please note that we may keep a record of your communications to help us resolve any issues which you raise.
a) Right to object
This right enables you to object to us processing your personal information where we do so for one of the following reasons:
- because it is in our legitimate interests to do so (for further information, please see the section "Legal bases for processing your personal information" above);
- to enable us to perform a task in the public interest or exercise official authority;
- to send you direct marketing materials; or
- for scientific, historical, research, or statistical purposes.
b) Right to withdraw consent
Where we have obtained your consent to process your personal information for certain activities (for example, to provide you with marketing and advertisements), you may withdraw this consent at any time and we will cease to use your personal information for those purposes unless we consider that there is an alternative legal basis to justify our continued processing of your personal information for this purpose, in which case we will inform you of this condition.
c) Data subject access requests
You may ask us for a copy of the information we hold about you at any time, and request us to modify, update or delete such information. If we provide you with access to the information we hold about you, we will not charge you for this as required by law. If you request further copies of this information from us, we may charge you a reasonable administrative cost as permitted by law. Where we are legally permitted to do so, we may refuse your request. If we refuse your request we will always tell you the reasons for doing so.
d) Right to erasure
Users in the EU have the right to request that we "erase" your personal information in certain circumstances. Normally, this right exists where:
- The information is no longer necessary;
- You have withdrawn your consent to us using your personal information, and there is no other valid reason for us to continue;
- The personal information has been processed unlawfully;
- It is necessary for the personal information to be erased in order for us to comply with our obligations under law; or
- You object to the processing and we are unable to demonstrate overriding legitimate grounds for our continued processing.
We would only be entitled to refuse to comply with your request for erasure in limited circumstances and we will always tell you our reason for doing so.
When complying with a valid request for the erasure of information we will take all reasonably practicable steps to delete the relevant information.
If we have shared your personal information with third parties, we will notify them about the erasure unless this is impossible or involves disproportionate effort.
e) Right to restrict processing
You have the right to request that we restrict our processing of your personal information in certain circumstances. For example, you may dispute the accuracy of the personal information that we hold about you or you may object to our processing of your personal information for our legitimate interests. If we have shared your personal information with third parties, we will notify them about the restricted processing unless this is impossible or involves disproportionate effort. We will, of course, notify you before lifting any restriction on processing your personal information.
f) Right to rectification
You have the right to request that we rectify any inaccurate or incomplete personal information that we hold about you. If we have shared this personal information with third parties, we will notify them about the rectification unless this is impossible or involves disproportionate effort. You may also request details of third parties to whom we have disclosed the inaccurate or incomplete personal information. Where we think that it is reasonable for us not to comply with your request, we will explain our reasons for this decision.
g) Right of data portability:
Users in the EU have the right to receive your data in a structured, commonly used machine-readable format so that you can transmit your data to another service provider. In effect, this means that you are able to transfer the details we hold about you to another third party. Where technically feasible for us, we may transfer the data for you, if you instruct us to do so.
h) Right to complain:
You also have the right to lodge a complaint with your local supervisory authority. Contact details for the various EU privacy supervisory authorities can be found here depending on your country of residence: http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080. Users in Canada may find contact information for the Office of the Privacy Commissioner of Canada here: https://www.priv.gc.ca/en/contact-the-opc/.
10. Data Protection Officer and EU Representative
EU users may alternatively contact our EU Representative, Dr. Angela Harth, by email to firstname.lastname@example.org.