This policy describes the personal information we, IO Interactive A/S, as the data controller collect when you play our games, how we use the information, and what choices you have.
We want our collection of information to be simple, understandable and secure. Therefore, we have broadened the scope of the European General Data Protection Regulation (“GDPR”) and applied the new standards for the handling of European citizens’ personal information to you no matter where you are situated in the world.
1. WHEN YOU CONNECT TO OUR GAMES
These days, whenever you connect to an online game, there is certain information that needs to be collected. The same is true for our games, and for this purpose we collect information to establish and maintain your connection to our games, the information includes:
1.1 Connection Information. When you connect to our games, our servers automatically collect some information. This information includes your Internet Protocol address, your chosen platform that you access such game with, the date and time of your request, and information about your ownership of such game. Our legal bases for the processing of this information is GDPR Art. 6 (1) (b).
1.2 Device Information. We may collect information about the device you are using to access our websites or play our games, including what type of device it is, what operation system you are using, your device settings, unique device identifiers, and crash data.
Whether we collect some or all this information depends on what type of device you are using and its settings. Please check the policies of your device manufacturer or software provider to learn more about what information your device makes available to us. Our legal bases for the processing of this information is GDPR Art. 6 (1) (b).
2. WHEN YOU PLAY OUR GAMES
A big aspect of our games is the online component where you can compete with other players. We want this experience to be fair and ensure that you do not have to suffer playing against any cheaters. Furthermore, we want to provide comparable results for you such as scoring and features associated with playstyle. For this purpose, we are collecting information such as:
2.1 Game Log Information. When you play our games, we collect information about how you used such game, this includes your game session information, gameplay events, gameplay statistics, if you unlocked progression items, and scores. Our legal bases for the processing of this information is GDPR Art. 6 (1) (b).
2.2 Profile Information. We create a persistent profile that is personal to you. This profile is used to track your progression over time, expose statistics, and populate menus with progression information. The information collected for the purposes of this profile includes current progression on different systems such as location mastery tracks and challenges, items and features unlocks, profile statistics, played content including completed and failed elusive targets, content created by you such as contracts, and contracts moderation reports.
Depending on the policies of your platform, we are collecting information about your friend list and content owned associated with your platform. Please check the policies of your device manufacturer or software provider to learn more about what information your device makes available to us. Our legal bases for the processing of this information is GDPR Art. 6 (1) (b).
2.3 Usage Statistics Information. We are always striving to improve our games. To do this, we collect information about how you use such game for business intelligence, content improvement and content commendation. For this purpose, we collection information such as your connection information including IP address and game identifiers, the content that you played, your performance information such as score and progression events, and your selected gameplay events such as target kills or your deaths. Our legal bases for the processing of this information is GDPR Art. 6 (1) (b).
2.4 Service Monitoring. We are constantly monitoring our games to offer the best availability possible. For this purpose, we are temporarily storing operational information that can be related to you. This information contains information such as HTTP request information containing your Internet Protocol address, timing, identifiers, latency and response code, and internal server errors triggered by your requests. We also might use the previously described usage statistics information or the profile information to investigate and resolve customer issues and service monitoring alerts. Our legal bases for the processing of this information is GDPR Art. 6 (1) (b).
3. STORAGE AND TRANSFERRING OF YOUR INFORMATION
The protection and integrity of your information is important for us. Therefore, we have safeguarded it by storing it within highly encrypted data centres in the European Union hosted by Microsoft Azure.
We will not share this information, we will, however, create completely anonymized aggregated data based on your information and share it with our partners for marketing and usage statistic purposes.
4. YOUR CHOICES ABOUT YOUR INFORMATION
With some specific limitations or conditions, you have the following rights:
You have the right to access your information, and you may request to have it deleted (GDPR Art. 15 and 17). If you wish to do either, please visit https://personal.hitman.io. Please see section 5 for more details on deletion. Because of technical reasons you will not have the option to request correction of your information. Please contact us at firstname.lastname@example.org should you have any compelling reasons for a rectification.
You have the right to object to the processing of your information and have the processing of your information restricted (GDPR Art. 18).
You have the right to receive your information in a structured, commonly used and machine-readable format, and you have the right to transmit that information to another controller, including to have it transmitted directly, where technically feasible (GDPR Art. 20).
Unless otherwise stated in the above, you can take steps to exercise these rights by contacting us at email@example.com.
5. INFORMATION RETENTION AND DELETION
5.1 Retention. Unless otherwise specified in this policy, we store your information until it is no longer necessary for you to play our games or until you request to have your information deleted – whichever comes first. This is a case-by-base determination that depends on things like the nature of the information, why it is collected, and relevant legal or operational retention needs.
5.2 Game Information Deletion. When you request to have your information deleted, we delete everything associated with you, including your online progress in any of our games. Please note that your information will be deleted in its entirety, and that it is not possible for us to distinguish between information collected by our games. Consequently, it is not possible to request your information from HITMAN (2016) deleted whilst retaining your information in HITMAN 2 (2018). We will not be able to restore any deleted information. The user generated content that you have created may not be deleted, but you will not be associated with that content anymore.
6. MANDATORY INFORMATION
7. INFORMATION ABOUT CHILDREN
As our games require you to be of a mature age, we do not knowingly collect any information from children under 18. If you become aware that a child has provided us with information without parental consent, please contact us by mailing firstname.lastname@example.org. If we become aware that a child under 18 has provided us with information without parental consent, we will take steps to remove the data.
8. HOW WE NOTIFY YOU OF CHANGES TO THIS POLICY
We may update this policy from time to time, so please review it frequently. We will notify you before we make any material changes to this policy and give you the opportunity to review the revised policy before the changes take effect.
9. HOW TO CONTACT US
Should you have any questions or comments, you are welcome to direct them to email@example.com or by mailing IO Interactive A/S, Gammel Moent 2-4, 1117 Copenhagen, Denmark, Att.: General Counsel, Alexander Patrick Strandlod. You also have the right to lodge a complaint with a data protection supervisory authority, e.g. The Danish Data Protection Agency.
Last Updated: December 2018  (GAME)