This policy describes the information we, IO Interactive A/S, as the data controller collect when you play our games, when you access our websites and when you create an IOI Account, how we use the information, and what choices you have. We want our collection of information to be simple, understandable and secure. Therefore, we have broadened the scope of the European General Data Protection Regulation (“GDPR”) and applied the new standards for the handling of European citizens’ personal information to you no matter where you are situated in the world.
1. When you connect to our games
These days, whenever you connect to an online game, there is certain information that needs to be collected. The same is true for our games, and for this purpose we collect information to establish and maintain your connection to our games, the information includes:
1.1 Connection Information. When you connect to our games, our servers automatically collect some information. This information includes your Internet Protocol address, your chosen platform that you access such game with, the date and time of your request, and information about your ownership of such game. Our legal bases for the processing of this information is GDPR Art. 6 (1) (b).
1.2 Device Information. We may collect information about the device you are using to access our websites or play our games, including what type of device it is, what operation system you are using, your device settings, unique device identifiers, and crash data. Whether we collect some or all this information depends on what type of device you are using and its settings. Please check the policies of your device manufacturer or software provider to learn more about what information your device makes available to us. Our legal bases for the processing of this information is GDPR Art. 6 (1) (b).
2. When you play our games
A big aspect of our games is the online component where you can compete with other players. We want this experience to be fair and ensure that you do not have to suffer playing against any cheaters. Furthermore, we want to provide comparable results for you such as scoring and features associated with playstyle. For this purpose, we are collecting information such as:
2.1 Game Log Information. When you play our games, we collect information about how you used such game, this includes your game session information, gameplay events, gameplay statistics, if you unlocked progression items, and scores. Our legal bases for the processing of this information is GDPR Art. 6 (1) (b).
2.2 Profile Information. We create a persistent profile that is personal to you. This profile is used to track your progression over time, expose statistics, and populate menus with progression information. The information collected for the purposes of this profile includes current progression on different systems such as location mastery tracks and challenges, items and features unlocks, profile statistics, played content including completed and failed elusive targets, content created by you such as contracts, and contracts moderation reports. Furthermore, depending on the policies of your platform, we are collecting information about your friend list and content owned associated with your platform. Please check the policies of your device manufacturer or software provider to learn more about what information your device makes available to us. Our legal bases for the processing of this information is GDPR Art. 6 (1) (b).
2.3 Usage Statistics Information. We are always striving to improve our games. To do this, we collect information about how you use such game for internal marketing purposes, business intelligence, content improvement and content commendation. For this purpose, we collect information such as your connection information including IP address and game identifiers, the content that you played, your performance information such as score and progression events, and your selected gameplay events such as target kills or your deaths. Our legal bases for the processing of this information is GDPR Art. 6 (1) (b).
2.4 Service Monitoring. We are constantly monitoring our games to offer the best availability possible. For this purpose, we are temporarily storing operational information that can be related to you. This information contains information such as HTTP request information containing your Internet Protocol address, timing, identifiers, latency and response code, and internal server errors triggered by your requests. We also might use the previously described usage statistics information or the profile information to investigate and resolve customer issues and service monitoring alerts. Our legal bases for the processing of this information is GDPR Art. 6 (1) (b).
3. When you access our websites
4. When you create an IOI Account
When we come up with new ideas or develop new products, we want you to be the first to hear about them, therefore, we want to give you the option to create an IOI Account for us to have a direct form of communication. For the purposes of being able to tailor our communication to you, we are requesting information such as your email address, real name, date of birth, gender, country and your marketing mailing preferences. Additionally, we want to offer you a hub for tracking your ownership of our games, therefore, we are offering you the possibility to connect your Steam account, Sony Entertainment Network account or your Xbox Live account with your IOI Account, which will give us access to the account identifiers and your registered products.
5. Storage and transferring of your information
The protection and integrity of your information is important for us. Therefore, we have safeguarded it by storing it within highly encrypted data centres in the European Union hosted by Microsoft Azure. We will not transfer your information otherwise, and we will not share it with any third party. We will, however, create completely anonymized aggregated data based on your information and share it with our partners for marketing and usage statistic purposes.
6. Your choices about your information
With some specific limitations or conditions, you have the following rights:
You have the right to ask to access your information, and you may request us to delete it (GDPR Art. 15 and 17). However, because of technical reasons you will not have the option to request correction of your information.
You have the right to object to the processing of your information and have the processing of your information restricted (GDPR Art. 18).
You have the right to receive your information in a structured, commonly used and machine-readable format, and you have the right to transmit that information to another controller, including to have it transmitted directly, where technically feasible (GDPR Art. 20).
You can take steps to exercise these rights by writing your request to firstname.lastname@example.org
7. Information retention and account deletion
We store your information until it is no longer necessary for you to play our games or until your account is deleted – whichever comes first. This is a case-by-base determination that depends on things like the nature of the information, why it is collected, and relevant legal or operational retention needs.
When you delete your account, we delete everything associated with your account, including your progress, and you will not be able to recover that information later. The user generated content that you have created may not be deleted, but your account name will not be associated with that content anymore.
8. Mandatory information
9. Information about children
As our games requires you to be of a mature age, we do not knowingly collect any information from children under 13. If you become aware that a child has provided us with information without parental consent, please contact us by mailing email@example.com. If we become aware that a child under 13 has provided us with information without parental consent, we will take steps to remove the data.
10. How we notify you of changes to this policy
We may update this policy from time to time, so please review it frequently. We will notify you before we make any material changes to this policy and give you the opportunity to review the revised policy before the changes take effect.
11. How to contact us
Should you have any questions or comments, you are welcome to direct them to firstname.lastname@example.org or by mailing IO Interactive A/S, Gammel Moent 2-4, 1117 Copenhagen, Denmark, Att.: General Counsel, Alexander Patrick Strandlod. You also have the right to lodge a complaint with a data protection supervisory authority, e.g. The Danish Data Protection Agency.
Last updated: May 2018