PRIVACY POLICY

PRIVACY AND DATA POLICY | ISSUED BY FIREPROOF STUDIOS LTD | Last Updated: 24 May 2018

1. INTRODUCTION AND GENERAL TERMS

These terms apply to the use of games and other products developed by Fireproof Studios Ltd (also known as Fireproof Games) (‘Fireproof’ / ‘we’ / ‘us’). Our registered office is at Hays House North Wing, Ground Floor, Millmead, Guildford, Surrey, England, GU2 4HJ. We are a company registered in England, with company number 06687549.

This privacy and data policy (“Privacy Policy”) applies and has effect in respect of all games, related online services (including online network play connectivity and interactivity) and other software and products made available by us (together the “Game(s)”), as well as any other online features relating to the Games including our website (https://www.fireproofgames.com) (the “Website”), downloads (https://www.fireproofgames.com/downloads (the “Downloads”) and user support Centre (https://www.fireproofgames.com/help-portal) (the “Support Centre”). Together the Game(s), the Website, the Downloads and the Support Centre are referred to as the “Online Services”.

If you have any questions or comments about this Privacy Policy, please contact us at [email protected]

We are committed to protecting and respecting your privacy. The Privacy Policy explains the basis on which personal information we collect from you will be processed by us or on our behalf. Where we decide the purpose or means for which personal data you supply through these Online Services is processed, we are the “data controller.” We will comply with all applicable data protection laws, including the General Data Protection Regulation 2016/679.

Please read this Privacy Policy carefully as it contains important information about the following:

What information we may collect about you;
How we will use information we collect about you;
Whether we will disclose your details to anyone else; and
Your choices and rights regarding the personal information you have provided to us.

This Privacy Policy forms a part of and should be read in conjunction with our terms of use, which can be found at https://www.fireproofgames.com/terms-use.

The Online Services may contain hyperlinks to services owned and operated by third parties. These third party services may have their own privacy policies and we recommend that you review them. They will govern the use of personal information that you submit or which is collected by cookies and other tracking technologies whilst using these services. We do not accept any responsibility or liability for the privacy practices of such third party services and your use of these is at your own risk.

We may make changes to this Privacy Policy in future, which will be posted on this page. You should check this page from time to time to ensure you are aware of any changes. Where appropriate we may notify you of changes through the Games.

2. INFORMATION WE MAY COLLECT ABOUT YOU

We collect and process the following information which may include your personal data.

Contact information provided by you when you contact us or use the Support Centre

(“Contact Information”)

We may ask you for, or you may submit, certain contact information to us whenever you contact us through the Support Centre or via [email protected].

This may include:

Your email address;
Your telephone number; and
Your name.

Information provided by you when you respond to a job vacancy on our Website

(“Job Vacancy Information”)

We may ask you for, or you may submit, certain information to us whenever you respond to a job vacancy or apply for a job through the Website. This will normally include your CV or a portfolio of your work which may contain personal and non-personal information such as:

Your name;
Your date of birth;
Your email address;
Your qualifications;
Details of your previous work and/or employment; and
Any other information you include in your CV.

Information collected for the purposes of providing analytics

(“Analytics”)

We may collect technical information about your use of the Online Services through the use of tracking technologies and analytics.

Personal data we may collect includes the following:

Your Device ID;
Your device operating system & version;
Your device make and model;
Game play attempts, progression and results;
Session game time start, end and duration;
The country of your Device;
Any in-game purchases you have made (The Room Pocket only);
The time, date and install source of your first download; and
Identification of crashes and defects.

We use the following third party analytics providers:

Flurry, Google Analytics & Unity Analytics

Flurry, Google and Unity may collect analytics data on our behalf and in accordance with our instructions, and their applicable privacy notice. If you would like to find out more about the way they collect and process this information this is likely to be set out in their privacy policies and/or terms and conditions. Please refer to:

https://developer.yahoo.com/flurry/legal-privacy/terms-service/flurry-analytics-terms-service.html?guccounter=1

https://policies.google.com/privacy

https://unity3d.com/legal/privacy-policy

Facebook and Twitter

If you post or upload any content about the Games on Facebook or Twitter, this will be under Facebook and Twitter’s privacy policies which can be found at https://www.facebook.com/full_data_use_policy and https://twitter.com/en/privacy.

3. WHY WE COLLECT INFORMATION ABOUT YOU

To provide our Games to you

We will use information about you (including Analytics) for delivering our Games to you under the terms of use agreed between us. The processing of information in this way is necessary for us to record your progress and current status within a Game, and to ensure the Games deliver the features promised and function properly, so that you have the best experience when playing any one of our Games.

To help us improve the Online Services and fix any problems

We may process information about you (including Analytics) so that we can analyse and improve our Games and Online Services.

This processing is also necessary for us to pursue our legitimate interests of (i) ensuring that our Online Services function properly so that you and other users have the best experience when playing any of our Game(s) and using the other Online Services; (ii) improving the quality of our Online Services, and providing a better experience to our users; and (iii) identifying and correcting any bugs in the Games and Online Services.

Cookies

A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.

We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve the Online Services in order to tailor them to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.

Overall, cookies help us provide you with a better Website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.

You can choose to accept or decline cookies.

To respond to your enquiries and requests for support

We may process Contact Information so that we are able to properly respond to your enquiries and support requests either via the Support Centre or through [email protected] , in accordance with the terms of use agreed between us.

To fill any job vacancies

We may process Job Vacancy Information so that we are able to take steps prior to entering into a contract with you, including assessing your skills, qualifications and suitability for the role and/or communicating with you about the recruitment process. We may also need to process this information to enter into a contract with you.

We also have a legitimate interest in processing Job Vacancy Information during the recruitment process and for keeping records of the process. Processing data from job applicants allows us to manage the recruitment process more efficiently, assess and confirm a candidate’s suitability for employment and decide to whom to offer a job.

To prevent fraud and illegal activity

We process personal data for our legitimate interests of ensuring that any use of the Online Services is lawful and non-fraudulent, does not disrupt the operation of our services, does not harass our staff or other individuals, to enforce our legal rights and to comply with our legal obligations.

Where we reasonably believe that you are or may be in breach of any applicable laws or our terms of use, we may use your personal information to inform relevant third parties such as your law enforcement agencies about the content.

We work with the Digital Content Stores (listed below) to assist us with fraud prevention and the detection of any illegal activity (e.g. to verify in-app purchases made).

4. DATA SHARING

We will share your information with third parties only in the ways that are described in this Privacy Policy

Group members, personnel, suppliers or subcontractors: We keep your information confidential, but may disclose it to any member of our group (which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the Companies Act 2006), our personnel, suppliers or subcontractors insofar as it is reasonably necessary for the purposes set out in this Privacy Policy. However, this is on the basis that they do not make independent use of the information, and have agreed to safeguard it.

Merger or acquisition: If we are involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified via, account message and/or a prominent notice on our website of any change in ownership or uses of this information, as well as any choices you may have regarding this information.

Required by law: In addition, we may disclose your information to the extent that we are required to do so by law (which may include to government bodies and law enforcement agencies); in connection with any legal proceedings or prospective legal proceedings; and in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention).

Enforcement: We may also disclose your personal information to third parties in order to enforce or apply the terms of agreements, to investigate potential breaches, or to protect the rights, property or safety of Fireproof, our customers, or others.

Digital Content Stores: Where the Games are downloaded through Steam, Xbox Live, PSN, Google Play, iTunes/Apple App Store, Oculus Store, Nintendo Switch eShop and/or Amazon App Store we may disclose your personal information to Valve Corporation, Microsoft, Sony, Google, Apple, Facebook, Nintendo and/or Amazon respectively for the purposes of facilitating any payments made through these platforms.

Support Centre: We use two third party platforms provider called Freshdesk and Salesforce Desk to manage any support requests, queries and issues raised by users which are sent to [email protected]. Further details about the way in which Freshdesk and Salesforce Desk may collect and process your information can be found in their terms at https://www.freshworks.com/privacy and https://www.salesforce.com/uk/company/privacy/.

5. YOUR RIGHTS IN RELATION TO PERSONAL DATA WHICH WE PROCESS RELATING TO YOU

You have the following rights over the way we process personal data relating to you, as set out in the table below. We aim to comply without undue delay, and within one month at the latest.

To make a request, please let us know by sending an email to [email protected].

Ask for a copy of data we are processing about you and have inaccuracies corrected

You have the right to request a copy of the personal information we hold about you and to have any inaccuracies corrected.

We will use reasonable efforts to the extent required by law to supply, correct or delete personal information held about you on our files (and with any third parties to whom it has been disclosed to).

Object to us processing data about you

You can ask us to restrict, stop processing, or to delete your personal data if:
You consented to our processing the personal data, and have withdrawn that consent;
We no longer need to process that personal data for the reason it was collected;
We are processing that personal data because it is in the public interest or it is in order to pursue a legitimate interest of Fireproof or a third party, you don’t agree with that processing, and there is no overriding legitimate interest for us to continue processing it;
The personal data was unlawfully processed;
You need the personal data to be deleted in order to comply with legal obligations;
The personal data is processed in relation to the offer of a service to a child.

Obtain a machine readable copy of your personal data, which you can use with another service provider

If we are processing data in order to perform our obligations to you, or because you consented, or if that processing is carried out by automated means, we will help you to move, copy or transfer your personal data to other IT systems.
If you request, we will supply you with the relevant personal data in a commonly used, machine-readable and interoperable format where it is technically feasible, you can ask us to send this information directly to another IT system provider if you prefer.

Make a complaint to a Supervisory Authority

If you are unhappy with the way we are processing your personal data, please let us know by contacting us via the support services.
If you do not agree with the way we have processed your data or responded to your concerns, an alternative is to submit a complaint to a Data Protection Supervisory Authority.

6. DATA RETENTION

We will hold your personal information on our systems for as long as is necessary for the relevant service, or as otherwise described in this Privacy Policy.

We will hold Job Vacancy Information for a period of two years so that we can contact previous candidates when any new job opportunities arise at Fireproof which we think would be of interest or suitable for them.

We will hold any correspondence sent to [email protected] or via the Support Centre (which may include Contact Information) for a period of 12 months so that we can refer back to any previous support/help requests made by users in order that we are able to offer our users the best level of support and help.

At the end of these periods or once you withdraw your consent, your data is deleted or destroyed.

7. CHILDREN

We do not use our Online Services to knowingly solicit information from or market to children under the age of 13. Our terms of use prohibit users aged under 13 years from accessing our Online Services. In the event that we learn that we have collected personal information from a child under 13 years of age we will delete that information as quickly as possible. If you believe that we might have any information from or about a child under 13 years of age please contact us at [email protected].

8. SECURITY

We will take all reasonable technical and organisational precautions to prevent the loss misuse or alteration of your personal information.

Please be aware that, although we endeavour to provide reasonable security for information we process and maintain, no security system can prevent all potential security breaches.

9. INTERNATIONAL DATA TRANSFERS

It is possible that your personal information may be transferred outside of the EEA by Valve Corporation, Amazon, Flurry, Google, Unity Analytics, Freshdesk or Salesforce Desk. We recommend that you refer to the privacy policies and/or terms and conditions of these third parties if you are concerned about your data being transferred outside the EEA.

In respect of The Room Pocket only, where you make an in-Game purchase via iTunes, the confirmation that your purchase is valid as required by Apple for such purchases will be processed using servers hosted in Singapore in the event that there is a problem with the servers hosted in Ireland.

Where we transfer your information outside of the EEA, we have agreements in place with those parties which include standard data protection clauses adopted by a data protection regulator and approved by the European Commission to ensure that appropriate safeguards are in place to protect your personal data. If you would like to find out more about these safeguards, please let us know by writing to [email protected].

CONTACT INFORMATION

All questions, comments or enquiries should be directed to Fireproof at [email protected]. We will endeavour to respond to any query or questions within three business days.

Fireproof GDPR Statement

What is GDPR?

The General Data Protection Regulation (GDPR) is an European Union (EU) regulation (2016/679) that enhances current data protection laws and rights for EU citizens. This enhances data protection rights for data subjects and obligates companies to be more transparent.

When will the GDPR take effect?

The General Data Protection Regulation (GDPR) comes into force on the 25th of May 2018.

Why does this affect me?

GDPR applies to anyone who holds or processes the data of an EU citizen, regardless of whether you are based in the EU or a third country, and enhances the data rights of all EU citizens. More information can be found on the EU’s website.

Fireproof Studios Ltd as a controller and a processor

Data controllers are companies that decide how personal data is collected, used or tracked from EU citizens. FIREPROOF STUDIOS LTD as a controller when collecting and using your personal information.

Data processors are companies that process data on behalf of data controllers. We will be ready for the GDPR as both a data controller and when acting as a data processor on your behalf.

How is Fireproof Studios Ltd. preparing for GDPR?

We have updated our terms and conditions and privacy policy.
We have updated internal processes to ensure your updated rights are protected for the GDPR.
We have nominated a Data Protection Team who are responsible for GDPR compliance within FIREPROOF STUDIOS LTD. You can talk to them here [email protected].
We are ensuring any vendors or third party companies we use are also GDPR compliant.
We are ensuring we are compliant in international security standards (ISO 27001).
We are training all staff on the requirements of GDPR and data privacy procedures.

Does the GDPR require storage of personal data in the EU?

No, however GDPR does set out conditions for the transfer of personal data outside of the EU. An array of mechanisms exist to allow for data to flow from the EU to third countries securely, and without loss of the data subjects fundamental rights, the most common of which is via an adequacy decision or via the EU-US Privacy Shield.

What is an adequacy decision?

An adequacy decision allows for data to flow from an EU country to a third country on the basis that the data protection regulation in that third country is sufficiently adequate to safeguard the rights of an EU data subject. Once the EU commission has determined that a country has sufficiently adequate data protection legislation in place, transfers may occur between the EU and the third country as if the country was an EU member state.

What is the EU-US Privacy Shield?

The EU-US Privacy Shield is a framework which allows for data transfers from the EU to the US whilst protecting the rights of EU data subjects. This ensures that EU subjects whose data is transferred to the US maintain their fundamental data protection rights, whilst obligating companies who receive data from the EU to comply with strong data protection requirements.

Where is my data stored?

If you are a British or EU citizen and have informed us as such, your Personal Data will be stored, processed or transferred to/on servers based in the European Economic Area (“EEA”), on servers based in countries which comply with the European Commission’s adequacy decisions or in the US in accordance with the EU-US Privacy Shield.

If you are not a British or EU citizen and have informed us as such, your personal Data will be stored, processed or transferred to/on servers based in Australia, on servers based in the European Economic Area (“EEA”), on servers based in countries which comply with the European Commission’s adequacy decisions or in the US in accordance with the EU-US Privacy Shield.

When using third party providers to support the services we provide to you, we ensure that any third party is fully compliant with the GDPR as required by law.

How to I make a query in relation to my data?

If you have any queries regarding any of your or your client’s personal data you can contact us at [email protected] with your request. We will respond within 30 days of us receiving your message.

When will Fireproof Studios Ltd. be ready for GDPR compliance?

Fireproof Studios Ltd. will be fully compliant with GDPR when it comes into force on the 25th May 2018.

Are you registered with a Data Protection Authority?

Yes, we are registered with the Information Commissioner’s Office in the United Kingdom. Our registration number is ZA055154

Any other Questions?

If you have any further questions, feel free to contact the Data Protection Team at Fireproof Studios Ltd. who can be found by emailing [email protected].