Last update: 8 June 2022
InnoGames GmbH (“InnoGames”) is committed to protecting the privacy and security of your personal data.
This privacy policy describes how we collect and use your personal data when you use our mobile apps, online games as well as portals and websites.
It applies to all end users, including paying and non-paying users.
InnoGames GmbH (“InnoGames”, “We”, "Us") is the data controller in respect of your personal data and is committed to protecting the privacy of your personal data when you visit one of our websites, install one of our mobile apps and interact with our social media presences (together the “Services”). This privacy notice (the "Notice") will help you understand what personal data we collect about you, why we collect it, how we process it and when we delete it. This Notice will also clarify how you can exercise your rights when you trust us to handle your personal data. We ask that you take a moment to read this Notice carefully and familiarize yourself with its content. If you have any questions, you are welcome to contact us by using the contact information provided at the end of this Notice.
Please note that our Services may contain links to external websites of other companies. If you follow a link to any of these websites, you should be aware that they have their own privacy notice and that we do not assume any liability for their processing of your personal data. Therefore, please make sure to read their privacy notices.
We offer our Services only to players who are at least 16 years old. Hence, we do not market to or solicit personal data from persons under the age of 16. If you are below the age of 16, please obtain the consent of your legal guardian before using our Services.
The controller in line with the General Data Protection Regulation and other national data protection laws of the member states, as well as other legal data protection provisions, is:
InnoGames GmbH
Friesenstraße 13
20097 Hamburg
Fax: +49 40 7889335-200
E-Mail: [email protected]
Website: www.innogames.com
The data protection officer of the controller is:
Lawyer and bar-certified specialist in information technology law
Dr. Christian Rauda
GRAEF Rechtsanwälte Digital PartG mbB
Jungfrauenthal 8
20149 Hamburg
E-Mail: [email protected]
Website: www.graef.eu
In general, we process only the personal data which you disclose to us when using one of our Services. Personal data means any information relating to an identified or identifiable natural person. When you register as a user on one of our websites or in one of our apps, you only have to provide a username, email address and, if applicable, a password. When registering for certain Services such as mobile apps, usernames and email addresses are not collected during registration but only later during the use of the Service. We always store the password you have chosen in hashed form, which never allows for an inference of the actual password.
In the context of implementing a contract you have concluded with us, particularly in the context of fee-based Services you have chosen, the disclosure of further data, such as your full name, physical address, payment information may be required. It is sometimes also necessary to request further personal data for the purposes of processing your inquiries or providing you with support. InnoGames will handle this data confidentially and in compliance with the applicable data privacy provisions. As a matter of principle, InnoGames will not disclose personal data to third parties without your consent, unless there is a specific legal basis of doing so.
Insofar as we obtain the consent of the data subject for processing of personal data, Art. 6(1)(a) of EU General Data Protection Regulation (GDPR) serves as the legal basis for personal data processing.
In personal data processing required for the fulfilment of a contract of which the data subject is a party, Art. 6(1)(b) GDPR serves as the legal basis. This also applies to the processing required in order to carry out pre-contractual actions.
Insofar as personal data processing is required for the fulfilment of a legal obligation which our company is subject to, Art. 6(1)(c) GDPR serves as the legal basis.
In the event that vital interests of the data subject or another natural person require personal data processing, Art. 6(1)(d) GDPR serves as the legal basis.
If processing is required to protect the legitimate interests of our company or of a third party, and if the interests, fundamental rights, and freedoms of the data subject do not prevail over the interests mentioned first, Art. 6(1)(f) serves as the legal basis for processing.
The personal data of the data subject are deleted or blocked as soon as the purpose of storage no longer exists. In addition, such storage may occur if this is provided for by the European or national legislator in EU regulations, laws or other regulations to which the controller is subject. The blocking or deletion of data also occurs when the storage period prescribed in the abovementioned regulations lapses, unless further storage of the data is required for conclusion or fulfilment of a contract.
InnoGames makes reasonable efforts to prevent unauthorized access to your personal data as well as unauthorized use or falsification of these data and to minimize the corresponding risks. However, the provision of personal data, whether it be in person, over the phone or over the Internet, always involves risks and no technological system is completely free of the possibility of being manipulated or sabotaged.
InnoGames processes the information collected from you in accordance with German and European data protection law. All employees are obliged to comply with data secrecy and data protection provisions and are instructed in this regard. Your data are transmitted in an en-crypted form using the SSL method.
Each time one of our Services is accessed, our system automatically collects data from the system of the accessing computer.
When accessing a website, the following data is collected:
When accessing a mobile app, the following data is collected:
The date, time and IP address are also stored in the log files. If an error occurs during the use of our Services and we want to rectify this, we may also collect other data, e.g., Player ID and username.
The legal basis for the temporary storage of data and log files is provided by Art. 6(1)(f) GDPR.
The temporary storage of the IP address by the system is necessary to allow delivery of the Services to the computer of the user. For this purpose, the user's IP address must be stored for the duration of the session.
The storage in log files is done to ensure the functionality of the Services. In addition, the data is used by us in order to optimize the website and to ensure the security of our information technology systems. Evaluation of the data for marketing purposes does not take place in this context. Only a statistical evaluation of datasets takes place.
InnoGames reserves the right to store IP addresses and log files for a maximum period of 30 days after the Service is used to monitor compliance with the terms of use and game rules. In particular, this procedure is used to prevent any cases of abuse or to resolve them and, on a case-by-case basis, to pass on the data for this purpose to investigative authorities. Apart from that, any other analysis of data is done in anonymous form as much as possible. After the end of this period, the IP address and log files are deleted, unless there are mandatory statutory storage requirements or specific prosecution- and abuse investigation proceedings pending. them and, on a case-by-case basis, to pass on the data for this purpose to investigative authorities. Apart from that, any other analysis of data is done in anonymous form as much as possible. After the end of this period, the IP address and log files are completely deleted, unless there are mandatory statutory storage requirements or specific prosecution- and abuse investigation proceedings pending.
These purposes also constitute our legitimate and predominant interest in data processing according to Art. 6(1)(f) GDPR.
The data are deleted as soon as they are no longer necessary to fulfil the purpose of their collection. In the case when data are collected for the purpose of making the website availa-ble, this is the case when the respective session is over.
Log files which contain personal data are generally deleted after seven days at the latest. Additional storage is possible in the case of so-called error logs which allow us to fix errors. These error logs are deleted after maximum 30 days, collected IP addresses are anonymized after 30 days.
The collection of data for the purpose of making the website available and the storage of the data in log files is essential for the operation of the website. As a consequence, there is no objection possibility on the part of the user.
On our website, a contact form is available which can be used to contact us electronically. Should a user choose this option, the data entered in the input mask will be transmitted to us and stored. These data are:
Additionally, at the point of sending the message, the following data are stored:
For the processing of the data, reference is made to this privacy notice in the context of the submission process.
Alternatively, it is possible to contact us via our provided email addresses. In this case, the personal data of the user transmitted with the email are stored.
Alternatively, you can contact us via our support tool integrated into our Service. It will then store your user data and the content of the support inquiry as well as the time of the inquiry.
No data are transmitted to third parties in this context. The data are used exclusively for the processing of the conversation.
Legal basis for data processing is Art. 6(1)(f) GDPR. If the e-mail contact is aimed to conclude a contract or serves the contract execution, additional legal basis for the processing is Art. 6(1)(b) GDPR.
The processing of the personal data serves us only to process the contact and the support request. The other personal data processed during the submission process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.
The data are deleted as soon as they are no longer necessary to fulfil the purpose of their collection.
At any time after contacting us, you have the option to object to personal data processing, regardless of whether this was done via a contact form, email or support tool. In such a case, the conversation cannot continue, and your concern may not be conclusively handled. If you wish to delete all personal data stored in the course of contacting us, you have the possibility to delete your account yourself at: https://goodbye.innogames.com/login . Moreover, we will automatically delete your account if you have not logged in to a game or game forum in three years. This shall not apply if mandatory statutory retention requirements preclude this.
You can subscribe on our websites or in our games for a newsletter on the respective game. For this, we require your email address.
In addition, we must verify, taking into consideration the relevant legal regulations, that you are the actual owner of the provided email address and wish to receive the newsletter. For this purpose, we send you a validation email.
Our newsletters contain a pixel-size image (tracking pixels), which is retrieved by a server of the newsletter sender when the newsletter is opened. As part of this retrieval, technical information, such as information about your browser or operating system, as well as your IP address, location, and time of retrieval, is collected. This information is anonymized and evaluated independently of the individual.
Since the submission and receipt of the newsletter depend on your consent, you can revoke this consent for collection and storage of your data at any time without providing the reasons for it. For this purpose, use the unsubscribe link which can be found at the end of our newsletter.
Additionally, you have the option to opt-out of receiving newsletters in the Data Usage Window inside any of our games under “Settings”.
If you have selected the appropriate settings on your device, InnoGames can send push notifications to your mobile device to give you updates for games and other relevant news.
The legal basis for data processing in the presence of a contract is Art. 6(1)(b) GDPR.
Push notifications are special notifications which are displayed directly on your mobile device. The notifications contain, for instance, the information that one of your buildings in the game has been completed. As a rule, push notifications contain short messages which focus on the essential.
The messages are stored within our push gateway for up to 21 days. The messages are also stored in anonymized form in our event tracking system for an indefinite amount of time. To our knowledge, messages may be stored by the supplier of your mobile device.
You can switch off the push notifications as follows:
Open Settings > Apps & notifications > Notifications > App notifications > Name of the app. On this screen you can control if and how Push Notifications are shown to you.
Open settings > Notifications > Name of the app. On this screen you can control if and how Push Notifications are shown to you.
Additionally, you have the option to opt-out of receiving push notifications in the Data Usage Window inside any of our games under “Settings”.
In order to ensure that you receive the most relevant information and the best service when you visit one of our websites, data will be collected through the use of cookies. It helps us (and other authorized third parties) to provide you with a personalized experience when you visit our website, and it also allows us to improve our service and ensure that you will easily find what you want.
Cookies are small pieces of data (text files) that are sent to your browser from a web server and stored on your device so that the website can recognize your device. There are two types of cookies, permanent (or “persistent”) and temporary (or “session”) cookies. Permanent cookies are stored as a file on your computer or mobile device for a longer period of time. Session cookies are temporarily placed on your computer when you visit our website but are erased when you close the browser. If you do not want to accept cookies, you can adjust the settings in your web browsers security preferences, see more information on this below.
We and our service providers may use the following categories of cookies:
These cookies are strictly necessary for us to provide our Services. For example, we may use these cookies to authenticate and identify our members when they use our Site so we can provide our Services. Without these cookies we would not be able to recognize you and you would not be able to access our Services. They also help us to enforce our Terms and Conditions and maintain the security of our Services.
These cookies are not strictly necessary but allow us to personalize your online experience of our website. For example, they allow us to remember your preferences and mean that you do not need to re-enter information you have already provided e.g., when signing-up to our Services. We also use these cookies to collect information (e.g., popular pages, viewing patterns, click-throughs) about our visitors' usage of our Services so that we can improve our services and conduct market research. If you choose to delete these cookies, you will have limited functionality of our Services.
These cookies use information about your usage of our website and other websites, e.g., the pages you visit or your response to ads, to deliver ads that are more tailored to you, both on and off our Site. These types of ads are called “Interest-Based Advertising.” Many of these types of cookies belong to our service providers. For third party advertisers, see more below.
The legal basis for personal data processing with the use of cookies is Art. 6(1)(f) GDPR.
We use the information from cookies to make our website user-friendly and enable us to provide you with personalization features (first-party cookies). We may also pass on information from cookies to several authorized third parties to deliver services they provide on their website (third-party cookies).
We may use session cookies to allow you to move between pages on our website without having to re-enter information.
Permanent cookies are used in several ways, including:
We (and our authorized third parties) may use non-personal information from both permanent cookies and session cookies for statistical purposes as follows:
We set and read our own cookies to provide the following functions (first-party cookies):
To provide you with ‘remember me’ functionality: We allow users to log into the game via this cookie. This can be disabled by deselecting “Remember Me” on manual login. If you select the "Remember Me" function, a permanent cookie will be installed in the device you are using, so that you do not need to log in again when browsing the Services. If you log out of a Service, the cookie will be deleted again.
To ensure the right language version of the game is shown to you.
To allow us to optimize our landing pages and improve our marketing: we store details of the landing page you visited as well as an identifier in a cookie.
We set a cookie to record your decision about 3rd party tracking snippets and cookies.
We also use several third-party cookies as part of our Services. These cookies are governed by the respective sites and are not controlled by us. You can switch off the installation of some of these cookies in your general browser settings, for others you will need to go to the respective websites and follow the instructions provided.
For instance, it is checked which language version you use to access our Services. If you became aware of our Services through one of our partners, we store the information on who the partner is.
Third party advertisers: We may use advertisers, third party ad networks, and other advertising companies to serve advertisements on our Services. Please be advised that such advertising companies may gather information about your visit to our Services or other sites to enable such advertising companies to market products or services to you, to monitor which ads have been served to your browser and which webpages you were viewing when such ads were delivered. If you would like more information about third party advertisers, please click here. Please note that the collection and use of information by third party advertisers is not covered by this privacy notice.
In the abovementioned purposes, our legitimate interest also consists in personal data processing according to Art. 6(1)(f) GDPR.
The data are deleted as soon as they are no longer necessary to fulfil the purpose of their collection.
If you do not want these cookies to be stored on your computer or wish to be informed of their storage, you can prevent the installation of cookies by a corresponding adjustment to your browser software by selecting the option "do not accept cookies" in your browser settings or declining the use of third party tracking on the first visit to the website. Your browser manufacturer's instructions will give you more details on how this works or see https://www.aboutcookies.org. You can also opt-out of receiving third-party cookies in general at http://www.youronlinechoices.com. However, we would like to point out that by preventing cookies, you may find that you cannot use all the website's functions to the full extent.
Open the settings in your app list and tap on the “Ad” button. Once you have opened the ad window, you can disable the Google Advertising ID.
Open the settings on your mobile end device (e.g. iPhone or iPad) and select the menu option “Data protection”. Under the option “Advertising”, you can switch off the ad tracking.
Additionally, you have the option to opt-out of using third-party tracking in the Data Usage Window inside any of our games under “Settings”.
InnoGames will only transfer your personal and/or billing-related data to third parties, in the sense of companies cooperating with InnoGames or external service providers, insofar as this is required for the fulfilment of the contract, for payment processing as well as for the pro-tection of other users and is legally permitted or prescribed.
This applies in particular to the processing of payments made via external service providers chosen by you (e.g., banks, credit card companies, payment service providers such as Allopass, Amazon, Apple, Boacompra, Boku Payments, DaoPay, Facebook, Google, HiPay, Mobiyo, PayPal, Samsung, Sofortüberweisung, Worldpay). Your legally protected interests will be considered in accordance with the statutory provisions. The external service providers are required to treat your data confidentially and securely and may only use your data to the extent necessary to fulfil their task.
In the event of payment delay, we may commission a debt collection agency or a lawyer to collect the outstanding debt. For this purpose, the necessary data will be passed on and used in compliance with all data protection guidelines.
In addition, your personal information will be shared if it is necessary to protect other users or to counter threats to state or public security or to prosecute criminal offences and if is permitted by statutory data protection provisions. Your protectable interests will be considered in accordance with the statutory provisions. Please note that InnoGames may be obliged to disclose data due to statutory provisions or, for instance, a judicial order (e.g. disclosure to investigative authorities). Disclosure always occurs only insofar as it is necessary and legally permitted or prescribed.
Our games offer the possibility to log in to our Services via third-party login services. If you use them, an additional registration for our Services is not necessary. You will be redirected to an external service where you can log in with your account. This links your account on the external service with a guest account on our Services. Through the link, we automatically receive personal data from the external service. The following data is transferred to us: Your email address used to register with the external service and any additional information you select to share during authentification. When using Sign-in with Apple you can additionally choose whether we receive your actual email address or a randomly generated email address that links to your account. The following social logins are available on our Services:
We offer you the possibility to log in to our services via your Apple account. This is a service of Apple Distribution International Ltd. (Hollyhill Industrial Estate, Hollyhill, Cork, Ireland). Further information: https://support.apple.com/en-us/HT210318
We offer you the possibility to log in to our services via your Facebook account. This is a service of Meta Platforms Ireland Ltd. (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland). Further information: https://www.facebook.com/help/2230503797265156.
We offer you the possibility to log in to our services via your Google account. This is a service of Google Ireland Ltd. (Gordon House, 4 Barrow Street, Dublin, Ireland). Further information: https://support.google.com/accounts/answer/10130420.
The legal basis for this processing is initiation or performance of contract according to Art. 6(1)(b) GDPR. We have entered into data processing agreements with the third-party login services.
The third-party login services help us to simplify login for new users who do not wish to create a new account on our Services.
The data is retained for as long as your account with our Services exists.
You can object to this processing by unlinking your account on the third-party login service from your guest account on our Services. Further information can be found at:
You can delete any data stored during processing on our Services by deleting your account as described below at XV.4.
Our game landing pages use Fraudshield. Fraudshield is a fraud detection service offered by 24metrics GmbH (Tieckstraße 25, 10115 Berlin, Germany). When you visit one of our game landing pages, Fraudshield processes personal data such as your IP address relevant to identifying advertising fraud (“ad fraud”). This is done by placing a functional cookie in the cache of your browser which communicates with 24metrics. As part of this relevant personal data is transmitted to 24metrics. 24metrics transmits a threat assessment based on this data to us.
The legal basis for this processing is initiation or performance of a contract according to Art. 6(1)(b) GDPR. We have entered into a data processing agreement with 24metrics.
The service helps us to detect, investigate and prevent fraudulent conduct such as bots/emulators, click spam, IP duplication, proxies/VPNs that are in breach of our Terms and Conditions.
The data is retained for 6 months.
You cannot object to this processing or request deletion of data because this is a mandatory security measure.
The “Career” section of innogames.com uses Google Analytics. Additionally, our mobile apps use Google Analytics for Firebase. Google Analytics and Google Analytics for Firebase (collectively “Google Analytics”) are services offered by Google Ireland Ltd. (Gordon House, 4 Barrow Street, Dublin, Ireland). When you visit the “Career” section of innogames.com or access our Services via a mobile app, Google Analytics processes your personal data.
The following data is processed by Google Analytics: App-instance identifier, IP address. Further information: https://support.google.com/analytics/answer/6004245. The following data is processed by Google Analytics for Firebase: App opens, app updates, device model, first launch, geography, in-app purchases, number of users and sessions, operating systems, session duration. Further information: https://support.google.com/firebase/answer/6318039.
Both Google Analytics and Google Analytics for Firebase use IP anonymization. This means that the last octet of your IPv4 address or he last 80 bits of your IPv6 address – as applicable – will be set to zeros in memory shortly after being sent to Google Analytics. The full IP address is never written to disk in this case.
The legal basis for this processing is Art. 6(1)(f) GDPR. We have entered into a data processing agreement with Google.
The service helps us to analyze the performance of marketing campaigns and generate performance reports.
The data will be retained by Google Analytics for 14 months.
The personal data is retained by Google for a maximum of fourteen months or as needed to provide you services. No personal data is retained by InnoGames, unless you have actively communicated with us.
The data will be retained by Google for 26 months; due to the abbreviation of the IP addresses, no personal data will be stored.
You can opt-out of the processing, object to the processing or request deletion of your data in our Privacy Settings.
You have the option of preventing the storage of cookies on your device by configuring your browser accordingly. There is no guarantee that you will be able to access all functions of this website without restrictions if your browser does not allow cookies. Furthermore, you can use a browser plug-in to prevent the information collected by cookies (including your IP address) from being sent to and used by Google. The following link takes you to the required plug-in: https://tools.google.com/dlpage/gaoptout. More information on how Google uses your data, can be found here: https://support.google.com/analytics/answer/6004245.
Google Firebase is a service provided by Google Ireland Limited (Gordon House, 4 Barrow Street, Dublin, Ireland). Firebase is a development platform for mobile and web applications. Firebase offers us a software development kit. The service uses the Firebase SDK that we implemented in the code of the Game. The SDK sends general information and information – demanded by the subsidiary services of Firebase we use– to a Google server and is stored there. Firebase provides tools and infrastructures that makes it possible to provide simple and more efficient functions using programming interfaces on various platforms. For data privacy reasons we do not use all of Firebase subsidiary services. We use the following services: Firebase Realtime Database, Firebase Hosting and Crashlytics. We use Google Firebase Realtime Database to track in-game-events on all mobile devices in order to create user related statistics of activity. Those statistics include average playtimes, crashes in statistic values. We use Firebase Hosting to create and send push notifications to the player. We use Crashlytics to measure the stability and compatibility of our current game version.
The use of Firebase Realtime Database, Firebase Hosting and Crashlytics data processing takes place on the basis of legal grounds, such as the performance of contract, by ensuring operability, availability and playability of the games for all players according to Art. 6(1)(b) GDPR. Additionally, we have entered into a data processing agreement with Google.
The Firebase services are essential to operate our games. Firebase measures performance on different versions of devices and player’s reaction to version changes, etc. Crashlytics is necessary to improve the stability of our games and to enhance performance by collecting system information, game data from a device where a crash occurred. Firebase Realtime Database help us to understand the overall user behavior. It enables us to see a statistical overview of how many players archived what kind of progress in the game or purchased premium-services in the Store, It lets us define what specific category of behavior we want to track. That knowledge helps us to refine, improve and edit the game in the favor of the players. We use Firebase Hosting Players to notify the player and to enhanced user experience when we adapt our games.
The personal data is retained by Google for a maximum of fourteen months or as needed to provide you services. No personal data is retained by InnoGames, unless you have actively communicated with us.
You can opt-out of the processing, object to the processing or request deletion of your data in our Privacy Settings.
The “Career” section of our company website and our LinkedIn company page use LinkedIn Analytics. LinkedIn Analytics is a web analysis service of LinkedIn Ireland Unlimited Company, (Wilton Plaza, Wilton Place, Dublin 2, Ireland). When you visit the Career section on our website, LinkedIn processes your personal data. This is done by placing a functional cookie in the cache of your browser which communicates with the LinkedIn servers. If you are a LinkedIn user, LinkedIn will transmit an anonymized summary of your personal data to us for statistical purposes. When you visit our company page on LinkedIn, LinkedIn processes your personal data and transmits an anonymized summary of your personal data to us for statistical purposes. When you communicate with us on LinkedIn pages or postings, LinkedIn will also transmit to us your profile name. For more information, please refer to the LinkedIn privacy notice at https://www.linkedin.com/legal/privacy-policy.
The legal basis for this processing is legitimate interest according to Art. 6(1)(f) GDPR. Additionally, we have entered into a data processing agreement with LinkedIn.
The service helps us to understand how our Career section and Linkedin page are being used and how effective our job postings are. It also helps you to interact with us regarding hiring opportunities.
The personal data is retained by LinkedIn for as long as your LinkedIn account is in existence or as needed to provide you services. No personal data is retained by InnoGames, unless you have actively communicated with us on our LinkedIn page. In this event, your personal data is stored until you delete the communication or your LinkedIn account.
You can opt-out of the processing, object to the processing or request deletion of your data in your LinkedIn Privacy Settings or at https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
We use mobile tracking technologies. For this we use the services of Singular Labs, Inc. (181 South Park Street, Unit 2, San Francisco, CA 94107, USA). With the help of these services, we collect statistical data about the use of our services to continually improve them. When you use our apps or websites, your device sends us information that we collect and analyze. The following data is collected: anonymized IP address, anonymized Apple’s ID for Advertisers (IDFA) or Google Advertising ID (GAID), and geo-location information, data regarding the behavior and usage patterns of the end-users of mobile applications. There are no direct personal identifiers. The data collected in this way is used to create anonymous user profiles. The data collected with the tracking technology will not be used to personally identify the user of our services without the express consent of the person concerned. For more information, please refer to the Singular Labs privacy policy at: https://www.singular.net/privacy-policy/.
The legal basis for this processing is Art. 6(1)(f) GDPR. We have entered into a data processing agreement with Singular Labs.
The purpose is to improve your user experience with our services and to make our offer more attractive to you. In addition, the data collected is used to analyze the performance of marketing campaigns and generate performance reports.
The data will be retained by us for the duration of use of the service. Singular Labs will retain your inquiry information, analytics Information and contact information for as long as necessary for business purposes, and thereafter as needed for record-keeping matters.
Data collection and storage can be halted at any time with future effect by configuring your mobile device as described above at IX.5. You can also object or request deletion of your data to Singular Labs by contacting them at [email protected].
InnoGames uses different advertising networks to promote its Services on other publisher’s apps and websites. The advertising networks show our banner, interstitial or video ads. The networks are compensated for every install. To determine the amount of compensation, the network needs to allocate which app user, that saw the ad, became a player. So InnoGames and the network compare user and the new players information in an automated process, to find out how many installs the network archived and to determine the compensation of the network. This process takes place fully automatically. The user data is collected by the advertising network’s cookie or SDK that is placed on our website or app. To find out more about the collected data, please follow the link of the network below. Player data is collected by us in the event that a player uses our website or installs our app after clicking on of the network’s links. Then the network sends the user data into the Adjust tool. Adjust automatically matches identifying information of the player and then sends information of the network to automatically validate the install and therewith the compensation. Players who successfully registered for or installed the game will be added to a list by InnoGames to stop them from receiving further advertising.
We forward your anonymized Device ID (IDentifier For Advertisers - IDFA or Google Advertiser ID - GAID) to some of our marketing partners within and outside of Europe (e.g. in the USA), in order to generate advertising for certain user groups with the help of our partners or to exclude users from certain advertising efforts. You can revoke data collection, storage, and transfer by applying your mobile device settings as described above.
On grounds of our legitimate interests in and for these purposes of analysis, optimization and economic operation of our Services, our services use the so-called “Facebook Pixel” by the Facebook social network, operated by Facebook Inc., 1601 S. California Ave., Palo Alto, CA 94304, USA or, if you are an EU resident, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”).
The Facebook pixel is a code snippet placed on our website.
Facebook Pixel allows Facebook to identify the visitors of our online content as a target group for displaying advertisement (known as “Facebook ads”). Accordingly, we use Facebook Pixel to display our posted Facebook ads only to Facebook users who have shown an interest in our services or who share certain factors (such as interests in certain topics or products determined on the basis of visited web pages), which we transmit to Facebook (which is known as Custom Audiences). Facebook Pixel also helps us understand the effectiveness of Facebook ads for statistical and market research purposes, by showing whether users have been redirected to our services after clicking on a Facebook ad (known as conversion, and allowing to determine on which devices a user is performing an action), in order to create so-called lookalike audiences or statistical twins (i.e. to broadcast ads to target groups that are similar to existing customers) and to obtain comprehensive statistics about the use of the website. Facebook Pixel establishes a direct connection to the Facebook servers when you visit our website. This way, the Facebook server is notified that you have visited our website and Facebook assigns this information to your personal Facebook user account. Furthermore, Facebook Pixel collects all information about in game events like purchases and transactions. For data protection, the transaction amount gets multiplied by a simple factor. The pseudonymized transaction value will be sent to Facebook servers.
For further information about the collection and use of data by Facebook and your privacy protection rights and options, please see the Facebook data protection policy at https://www.facebook.com/about/privacy/update. For specific information and details about Facebook Pixel and how it works, please visit the Facebook help section at https://www.facebook.com/business/help/651294705016616. You can disable this function as shown at https://de-de.facebook.com/business/help/1415256572060999?helpref=uf_permalink or at https://www.facebook.com/settings?tab=ads. You must be logged into Facebook to do this.
DoubleClick is a service of Google Ireland Ltd. (Gordon House, 4 Barrow Street, Dublin, Ireland (“Google”)). DoubleClick uses cookies to display advertisements relevant to you. Your browser is assigned a pseudonymized identification number (ID) to check which ads have been displayed in your browser and which ads have been interacted with. These cookies do not contain any personal information. The use of DoubleClick cookies only allows Google and its partner websites to display ads based on previous visits to our site or other websites on the Internet. The information generated by cookies is transmitted by Google to a USA-based server and stored for analysis. You can reject the use of cookies by selecting the appropriate settings on your browser. However, please note that this may limit the full functionality of our website for you. You can also prevent Google from collecting and processing cookie-generated data about your use of the website by disabling the use of cookies in your browser settings (see above). You can also opt out of the collection and categorization of interest-based information by disabling it on the DoubleClick cookie settings page at: https://support.google.com/ads/answer/7395996
InnoGames uses the advertising display services of the external vendor Xandr Inc., 28 West 23rd Street, 4th Floor, New York, NY 10010, USA, https://www.appnexus.com („AppNexus“). For this purpose, we have implemented the AppNexus tracking pixel (i.e., a code snippet) on our website. The tracking pixel allows players' actions to be tracked on our website. No personal reference is established. Only statistical information is collected and transmitted to Ap-pNexus. This is intended to optimize advertising campaigns and to broadcast advertisements of interest to Internet users. Should wish otherwise, you can disable the AppNexus tracking by tapping the opt-out button at https://www.appnexus.com/en/company/platform-privacy-policy#choices. For more information on data protection at AppNexus, please visit: https://www.appnexus.com/en/company/platform-privacy-policy.
Rakuten Advertising is a third-party company that uses cookies on the website in order to to serve personalized advertisements to end users, to analyse and create online behavioural advertising, and to prevent fraud. This is a service of Rakuten Marketing Europe Ltd, located on the 71 Queen Victoria Street, 7th Floor, London, England, EC4V 4AY. If you wish to access, correct, update or request deletion of your personal information you can do so by filling out the form located here: https://go.rakutenmarketing.com/hubfs/legal-notices/Data-Subject-Rights-Request-Confirmation-ofIdentify.pdf and providing the verification information as stated on the form. Alternatively, you can contact them by using the contact details provided in the Contact Information section of their Privacy Policy. You can view their privacy policy at this address: https://rakutenadvertising.com/legal-notices/services-privacy-policy/.
Our newsletters are sent by an email marketing platform provided by Episerver GmbH (Wallstraße 16, 10179 Berlin). The e-mail addresses of our newsletter recipients and other data described in this notice are temporarily stored for this purpose on Episerver servers in data centers within Germany. Episerver uses this information to send and assess newsletters on our behalf. Episerver may also use this information to improve its own services, such as technically optimizing newsletter dispatch and presentation. However, Episerver does not use the data of our newsletter recipients to write to them, and never forwards the information to third parties if not legally required. The privacy notice of Episerver applies: https://www.episerver.com/legal/privacy-statement. .
Our newsletters contain a pixel-sized image (pixel code) that is retrieved by an Episerver server when the newsletter is opened. Technical information is collected as part of this retrieval, such as information about your browser or operating system and the place and time of retrieval. This information is anonymized and assessed without personal information.
Our websites use maps from Google Ireland Ltd. (Gordon House, 4 Barrow Street, Dublin, Ireland). When you access one of our pages featuring a relevant map, map content is retrieved from Google's servers. If you are signed in with your Google account, Google can merge your browsing behaviour with other information. The use of Google Maps is in the interest of an easy-to-understand representation of our Services. This constitutes a legitimate interest within the meaning of Art. 6(1)(f) GDPR. The privacy notice of Google applies: https://policies.google.com/privacy.
Our Services use challenge-response tests (“CAPTCHA”) by Google Ireland Ltd. (Gordon House, 4 Barrow Street, Dublin, Ireland). When you access a Service featuring a form or other way to input information, a CAPTCHA is retrieved from Google’s servers. The CAPTCHA analyzes your input behavior based on various characteristics (e.g., IP address, length of stay, mouse movements) to discern if you are a human or a machine. If you are signed in with your Google account, Google may be able merge your browsing behavior on our Service with other information. The use of Google reCAPTCHA is in the interest of preventing automated fraud and spam attacks on our Services. This constitutes a legitimate interest within the meaning of Art. 6(1)(f) GDPR. The privacy notice of Google applies: https://policies.google.com/privacy.
Litmus is a service provided by Litmus Software, Inc. (675 Massachusetts Ave., 10th Floor, Cambridge, MA 02139, USA) for analyzing emails. The newsletters contain a pixel-sized image (pixel code) that is retrieved by a Litmus server when the newsletter is opened. Technical information is collected as part of this retrieval, such as information about your browser or operating system, and the place and time of retrieval. This information is anonymized and assessed without personal information. The privacy notice of Litmus applies:
Mailgun is a service provided by Mailgun, Inc. (620 Folsom St, Ste 100, San Francisco, CA 94107, USA) for sending our e-mails. This service may also collect information about the date and time when messages were read by the user and when the user interacts with incoming messages (such as by clicking on links contained in them). The privacy notice of Mailgun applies: https://www.mailgun.com/privacy.
Our websites use videos from YouTube, a service of Google Ireland Ltd. (Gordon House, 4 Barrow Street, Dublin, Ireland). In doing so, we use the “Privacy-enhanced mode” option made available by YouTube. By loading one of our sites via a YouTube video, contents from YouTube will be loaded. If you are logged on to your YouTube account, YouTube shall have the possibility to amalgamate your navigation behavior with other data. The use of You-Tube videos serves the purpose of offering an easy-to-understand representation of our Services. The privacy policy of YouTube applies: https://www.google.de/intl/de/policies/privacy/.
If your personal data are processed, you are a data subject as defined by the GDPR, and you have the following rights before the controller:
You can request the controller to provide you with a confirmation of whether personal data concerning you are being processed by us.
If such processing should exist, you can demand that the controller provide you with the following information:
You shall be entitled to demand information as to whether the personal data concerning you are being transferred to a third country or to an international organization. In this regard, you can demand to be briefed on the applicable guarantees pursuant to Art. 46 GDPR associated to said transfer.
We shall respond to inquiries within a month upon receipt of the request.
You also have the right to rectification and/or completion before the controller, provided that the processed personal data concerning you are incorrect or incomplete. The controller shall have the obligation to implement the rectification immediately.
Under the following circumstances, you may claim the restriction of the processing of the personal data concerning you:
If processing has been restricted, such personal data shall, with the exception of storage, only be processed either with your consent; for the purposes of asserting, exercising, or defending legal claims; for the protection of the rights of another natural or legal person; or for reasons of important public interest of the Union or of a Member State.
If the processing restriction was imposed under any of the above circumstances, you will be briefed by the controller before the restriction is lifted.
You shall have the possibility to erase your account yourself at: https://goodbye.innogames.com/login. We will then erase all your personal data, provided that we are not legally mandated to storing them. After three years of inactivity, we will also erase your account with us.
You have the right to claim that the controller erases all personal data concerning you without undue delay, and the controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies:
If the controller has made public the personal data concerning you and is obliged, pursuant to Art. 17(1) GDPR, to erase the personal data, the controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers who are processing the personal data that you, as data subject, have requested the erasure by said controllers of any links to, or copy or replication of, this personal data.
The right to erasure shall not apply whenever the processing is required for the purposes of:
If you assert the right to rectification, erasure, or restriction of processing before the controller, the latter has the obligation to notify all recipients to whom the personal data concerning you were disclosed of this data rectification, erasure, or the restriction of its processing, unless this should prove impossible or associated with a disproportionate cost.
You have the right to be informed of these recipients by the controller.
You have the right to receive the personal data concerning you which you have provided to the controller in a structured, accessible, and machine-readable format. Furthermore, you have the right to transfer this data to another controller without restriction from the controller to whom the personal data had been provided, provided that
In exercising this right, you have the further right to request that the personal data concerning you be directly transferred by one controller to another, provided that this is technically feasible. The liberties and rights of other persons may not be compromised by these actions.
The right of data portability shall not apply to processing personal data which is required for the performance of a task carried out in the public interest or in exercise of public authority vested in the controller
You have the right to object to personal data processing concerning you on grounds relating to your particular situation, at any time, on the basis of Art. 6(1)(e) or (f) GDPR, including profiling based on those provisions.
The controller shall no longer process the personal data unless the controller demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms, or for the assertion, exercise or defense of legal claims.
If personal data are processed for direct marketing purposes, you shall have the right to object at any time to processing of personal data concerning you for said marketing purposes, including profiling to the extent that it is related to such direct marketing.
If you object to processing for direct marketing purposes, personal data concerning you shall no longer be processed for such purposes.
In the context of the use of information society services, and notwithstanding Directive 2002/58/EC, you may exercise your right to object by using automated means which use technical specifications.
You have the right to withdraw your declaration of consent under data protection law at any time. Withdrawal of consent shall not affect the lawfulness of data processing based on consent effective prior to its withdrawal.
You shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly affects you in a significant manner. The above shall not apply if the decision
Decisions referred to in paragraph 2 shall not be based on special categories of personal data referred to in Article 9, Para. 1 GDPR, unless Article 9, Para. 2, lit. (a) or (g) applies and suitable measures are in place to safeguard your rights and freedoms and legitimate interests.
In the cases referred to in points (1) and (3), the data controller shall implement suitable measures to safeguard your rights and freedoms and legitimate interests, entailing, at a minimum, the right to obtain human intervention on the part of the controller, to express his or her point of view and to contest the decision.
Without prejudice to any other administrative or judicial remedy, you shall have the right to lodge a complaint with a supervisory authority, in particular in the Member State of his or her habitual residence, place of work or place of the alleged infringement if you consider that personal data processing relating to you infringes the GDPR.
The supervisory authority with which the complaint has been lodged shall inform the complainant on the progress and the outcome of the complaint including the possibility of a judicial remedy pursuant to Article 78 of the GDPR.
InnoGames may alter these data protection provisions at any time. InnoGames shall notify any such changes through appropriate channels.
© Copyright InnoGames 2007-2022. All rights reserved.