PLAION is serious about protecting users’ privacy and personal data. Our data protection practices comply with the legal regulations of the respective country of residence and the EU General Data Protection Regulation (GDPR). We process your data only for the purposes described herein. We will only collect the information we need to provide our services to you and to pursue our legitimate interests. We shall only send you advertising or share your information with third parties if legally allowed to do so or with your explicit consent . Furthermore, we process your data if we are obliged to do so by law.
If you have further questions or comments regarding privacy or to assert your legal rights, please contact PLAION’s Data Protection Officer
Mr. Yao Zhou
to reach below
Lochhamer Str. 9
Tel .: +49 (0) 89 24 24 5 235
Fax .: +49 (0) 89 24 24 5 3 235
1. What types of data do we collect?
What data PLAION collects depends on the Services you use. We collect personal as well as non-personal data.
Personal Data means any information relating to an identified or identifiable natural person. Personal Data is one that identifies you directly or indirectly (also in conjunction with other data) and that can be used to contact you online or offline.
Examples of personal data are: Name, address, phone number, email address, user ID, IP address, location, payment information (credit card number, bank details).
B. Non-personal Information
Non-personal data cannot be used to identify or contact you. We may collect and store information locally on your device, using mechanisms like cookies, browser web storage (including HTML 5) and application data caches when you use our website (see below for details).
2. How does PLAION collect Personal Data?
The information that you provide directly to us will be apparent from the context in which you provide the data. In particular, we collect data as follows:
When you participate in online multiplayer games, your game-related profile information, game data, and stats are public. You can interact with your teammates in a variety of ways. We log the game data to ensure the stability and security of our systems, technical improvement of our games and for backup purposes. Personal Data can also be stored in this process. We have a legitimate interest in this pursuant to Art. 6 para. 1 lit. f GDPR. These data are collected only for the purposes stated above and will not be passed on to third parties.
In order to use certain Services, anonymous Telemetry data must be linked to Personal Data such as your user account. Such linking only takes place if and to the extent that you register an account and link a certain game or software to it.
We collect information about which games are played, information about the play time and which advertisements or links are clicked on. Personal identification is based on the data stored in the cookie, provided that you have consented to the storage of cookies.
For more information see Cookies / Pixels.
Log file data
When you visit our websites, access data is recorded in the log file on our servers. We record: Internet protocol, address / IP address, page from which the file was requested, date, time, browser type and operating system, page visited, data transfer, access status (file transfer, file not found, etc.).
We use the log files to ensure the functionality of the website, to monitor traffic on our websites, to resolve technical issues, and to generate statistics that help us tailor our services to your needs. This is our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR.
We do not store this data together with other Personal Data. If it comes to an abuse of our websites, we can block IP addresses, if necessary. The data is stored only for a limited period of time and only for as long as necessary to ensure the safety and functionality of our websites.
Cookies / Pixels
- to offer our Services;
- to ensure that our websites function properly;
- to further develop our Services;
- learn more about our users and their interests;
- and to make interesting offers and inform about our Services.
Cookies are small files that are used in your internet browser to track movements within web pages and to allow analysis of web page usage. We may connect cookie information with Personal Data.
Technically necessary cookies
The processing of Personal Data using Cookies and similar tracking technologies serves our legitimate interest and is based on Art. 6 para. 1 lit. f GDPR.
Analysis, tracking and advertising cookies
PLAION uses its own metrics analysis tools and other analytic technologies when you use our online products and services or play our games on your PC, console and mobile device. These data are anonymous and not personal.
We set this type of cookies only with your prior consent, Art. 6 para. 1 lit. a GDPR. When you visit our website for the first time, you can give or refuse your consent via a tool (consent tool). Here you will also find detailed information about the cookies we use.
Third party cookies
Third party advertising services
We only set these types of cookies with your prior consent (see Analysis, tracking and advertising cookies).
Google stores data on its own Google servers around the world. Most of them are located in the USA. At https://www.google.com/about/datacenters/locations/?hl=de you can find out exactly where the Google servers are located. If you have consented to the use of Google tools (see analysis, tracking and advertising cookies) and we transmit data to Google in the USA, your personal data are protected by separate order processing agreements, which include standard contractual clauses approved by the EU commission to ensure the security of your data, between Google and PLAION (for more information see Section 5.).
Information of the third party provider: Google Ireland Limited, Google Building Gordon House, Barrow St, Dublin 4, Ireland.
Google’s retargeting tools
Our websites use Google Inc.’s Google AdSense Resale Technology, 1600 Amphitheater Parkway Mountain View, CA 94043, USA (“Google”). This technology enables targeted ads to be shown to users who have already visited our online services and are interested in our services. Likewise users who are similar to the visitors of our websites can be addressed. Advertising is displayed using cookies. The information generated by the Cookie about the use of the website is transmitted to Google’s servers in the USA and stored there. If the IP address is transmitted, it will be shortened by the last 3 digits. With Cookies, the user behavior on a website can be analyzed and then used to deliver targeted product recommendations and advertising based on the interests of the user.
Google Tag Manager
PLAION uses the Google Tag Manager. Google Tag Manager is a solution that allows marketers to manage web page tags from one interface. The Tag Manager tool itself (which implements the tags) is a cookie-less domain and does not collect personally identifiable information. The tool triggers other tags, which may collect data. Google Tag Manager does not access this data. If disabled at the domain or cookie level, it will remain in effect for all tracking tags implemented with Google Tag Manager.
Google Tag Manager FAQ: https://www.google.com/intl/de/tagmanager/faq.html
If you have given your consent, this website uses Google Analytics, a web analysis service of Google LLC. The responsible service provider in the EU is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).
Scope of processing
We use the function ‘anonymizeIP’ (so-called IP-Masking): Due to the activation of IP-anonymization on this website, your IP-address will be shortened by Google within member states of the European Union or in other signatory states of the Agreement on the European Economic Area. Only in exceptional cases the full IP address will be transferred to a Google server in the USA and shortened there. The IP address transmitted by your browser within the framework of Google Analytics is not merged with other data from Google.
During your website visit the following data will be collected:
- the pages you call up, your “click behavior“
- Achievement of “website goals” (conversions, e.g. newsletter registrations, downloads, purchases)
- Your user behavior (for example clicks, dwell time, bounce rates)
- Your approximate location (region)
- Your IP address (in abbreviated form)
- technical information about your browser and the end devices you use (e.g. language settings, screen resolution)
- your internet provider
- the referrer URL (via which website/advertising medium you came to this website)
Purposes of processing
On behalf of the operator of this website, Google will use this information to evaluate your pseudonymous use of the website and to compile reports on website activity. The reports provided by Google Analytics serve to analyze the performance of our website and the success of our marketing campaigns.
The data recipient is
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
as data processor. For this purpose we have concluded a contract with Google. Google LLC, headquartered in California, USA, and, if applicable, US authorities can access the data stored at Google.
Transfer to third countries
A transfer of data to the USA cannot be excluded.
Duration of storage
The data sent by us and linked to cookies is automatically deleted after 14 months. Data is automatically deleted once a month as soon as the storage period is reached.
You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by
- not giving your consent to the setting of the cookie or
- downloading and installing the browser add-on to disable Google Analytics HERE LINK TO OPT OUT INSERT.
By setting your browser software accordingly you can also prevent the storage of cookies. If your browser is set to refuse all cookies, the functionality of this and other websites may be limited.
For more information, see Cookies.
More information about the Terms of Service and Privacy can be found at
PLAION uses social media plugins. For example, the “Like” button from Facebook. These plugins are operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”). The plugins can be identified by one of the Facebook logos.
When an user accesses one of our web pages containing one of these plugins, the internet browser connects directly to the Facebook servers. Facebook sends the contents of the plugins directly to the user’s browser and back.
If you have activated scripts in your browser and have not installed a script blocker, your browser will forward your Personal Data to Facebook without any separate request. If logged-in, an immediate assignment of the data to the Facebook profile is possible. Since we have absolutely no control over the amount of data that Facebook collects with the help of these plugins, we would like to inform the user about our current level of knowledge:
If you do not want Facebook to collect data from the PLAION website and link it to the information stored on Facebook, please log out of your Facebook account before visiting our websites and block the execution of Facebook script content in your browser.
If you are not logged in to Facebook or have not (yet) agreed to your data being collected and used, you should not click on Facebook plug-ins.
PLAION also uses Facebook Pixels. The Facebook Pixel is part of the code implemented in our website. Its goal is to show conversions (it shows which devices were used by a user in an action) to create a so-called lookalike audience (i.e., to reach users with advertisements that have features similar to other customers and to generate comprehensive statistics on the use of our website.
When you visit our website, the Facebook Pixel creates a direct link to the Facebook servers. In this case, the Facebook server will be informed that you have visited our website and Facebook will assign this information to your personal Facebook profile. This process is designed to evaluate the effectiveness of Facebook advertisements for statistical and market research purposes and may help to optimize future advertising efforts.
We only set these types of cookies with your prior consent (see Analysis, tracking and advertising cookies)
For more information see Cookies.
Further information about the collection and use of your personal data via Facebook as well as your rights and options can be found here:
When you visit our Facebook pages, Facebook save cookies on your device. The data collected includes the age group, gender, education, occupation, relationship status and other information that is publicly available on your Facebook profile. This serves Facebook and us to find out more about your interests and hobbies and to make you more suitable offers.
PLAION, as the operator of the website, does not have access to the data, but only to the summarized page insights. This summary provides PLAION with important trends, without disclosing any details that could identify you (please note that PLAION may use your profile picture in Insights). Media may be able to associate your profile picture in Insights with your “likes” for the page, if you have “liked” our site and set your “like” preferences for pages to “public”).
Facebook Ireland and PLAION have entered into an agreement that specifies which of both companies fulfills which obligation under the GDPR.
Facebook Ireland is responsible for providing you with information about the processing for Page Insights and to enable you to exercise your rights under the GDPR. Exercise your rights. According to the GDPR, you have the right of access, rectification, portability and deletion of the data, as well as to object to the processing of the data and to the restriction of the processing thereof. In your Facebook settings you can learn more about these rights. You may also contact Facebook Ireland’s Privacy Officer, whose contact details can be found in the Facebook Ireland Data Policy. It is further agreed that the Irish Data Protection Commission is the lead supervisory authority that oversees processing for Page Insights. You always have the right to lodge a complaint with the Irish Data Protection Commission (see at www.dataprotection.ie) or with any other supervisory authority.
For more information see Cookies.
Service provider information:
Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland
User information for Facebook Insight:
Twitter conversion tracking
We use Twitter Inc.’s conversion tracking service, 795 Folsom St., Suite 600, San Francisco, CA 94107, USA (“Twitter”). This tracking records when a user of our website clicks on a link posted by Twitter. In this way, we and Twitter can see if a login has taken place. The identity of the user remains anonymous. In addition, we use the Tailored Audiences Service from Twitter. This allows us to approach our website users with targeted ads. To do this, Twitter uses a code snippet (tag) that we have integrated into our website. During this process, no personal data will be collected. Tailored Audiences is also used to create meaningful target lists.
This is also our legitimate interest in processing your data.
You can customize your privacy settings for custom ads at this link: https://support.twitter.com/articles/20170405-your-privacy-controls-for-tailored-ads
Twitter also supports “Do not track” (DNT). If you have activated this option in your browser, Twitter will not receive browser-related information (browser cookie ID) from web partners with which it can tailor ads for you.
Restrict / Deactivate cookies
Most browsers are automatically set to accept cookies. If you do not wish to have cookies stored on your computer or to be informed about their storage, you can prevent the installation of cookies by adapting your browser software accordingly. In your browser settings, activate the option “Do not accept cookies” or “Do not track” (different depending on your browser). The instructions of your browser manufacturer will give you more information on how this works. However, we would like to point out that by preventing Cookies you may not be able to use all the functions of the website to the fullest extent.
Some of our websites also use flash cookies – also known as “locally shared items” – on our websites. Flash cookies are small files, much like browser cookies, and are used to customize the design of web pages and store those requests. Flash cookies only collect aggregated data. Like normal cookies, flash cookies are small files on your computer. You can prevent flash cookies by adjusting your settings in the Macromedia website privacy settings panel at www.macromedia.com.
You can register for some of our Services by creating an account on the website or in games. Registration requires the provision of your name, username, e-mail address, age, and a self-selected password. The provision of any other information is voluntary. For the registration we use the so-called double opt-in procedure, i.e. you will receive an e-mail in which you must confirm that you are the owner of the specified e-mail address and wish to create the account.
We only store the data for as long as we need them to provide the respective Services. In general, the data you provide, as well as the time of your registration for the Services and your IP address will be stored by us until you delete your account or until you make changes to your data (e.g., change your e-mail address). Your password will only be stored in hashed form (i.e., neither we nor our Partners can access the actual password).
We collect and use the data to the extent necessary to create the account and to provide the Services. The registration requires you to accept our Terms of Service and Use, which constitute a contract between you and us. Therefore, the data processing is based on Art. 6 para. 1 lit. b GDPR (performance of contract).
D. Advertising / Newsletter
With your consent, we will be happy to send you our newsletter. To do this, you must register for our newsletter. More details on the content of the newsletter in question are explained in the declaration of consent or on the registration page.
You can sign up for our free newsletter on our websites. For the registration to our newsletter we use a double opt-in procedure for GDPR compliance provided that GDPR applies to the country from which you are registering. After your registration, we will send you a message to the specified e-mail address with a link that you can click to confirm that you wish to receive the newsletter. If you do not confirm your registration within 24 hours, your details will not be used to send the newsletter and will be deleted after one week. In addition to your e-mail address, we collect and save the time of the submission of your consent. Only then can we document that you have voluntarily registered.
We also point out that we evaluate your user behavior when sending the newsletter, i.e., we can see if you open the newsletter or click on links contained in the newsletter. For this evaluation, our newsletter includes a so-called “web beacon”. This is a pixel-sized file that we use to analyze the reach and success of our newsletter and tailor it to your needs. For the evaluations, we link the aforementioned data and the web beacons with your e-mail address and an individual ID. Links contained in the newsletter also contain this ID. The IDs are linked with further personal data from you including your name, Account and user profile, country, and technical data such as browser and operating system. By evaluating this data, we can assess the general use of the newsletter and gain insights into which content and parts should be further improved and developed according to user habits. This helps us to further personalize the newsletter to your interests and preferences.
Your data will only be used to send, evaluate, and personalize newsletters. We store your data only as long as the subscription to the newsletter is active.
If you’re receiving our newsletter in the European Union or the European Economic Area, Switzerland, or the UK, the legal basis for the related data processing is Art. 6 para. 1 lit. a GDPR or the corresponding provision in the Swiss and UK legislation, as the newsletter is only sent and evaluated with your consent. You can revoke your consent and cancel the subscription at any time with effect for the future. You will find a unsubscribe link in each newsletter.
E. E-mail contact / Contact form / Customer service
You can contact us by e-mail or through our contact form at any time and contact our support team. In this case, the Personal Data transmitted by e-mail or with your inquiry will be stored. The data is used exclusively for communication.
The basis for the processing is our legitimate interest to respond to your request as requested and is based on Art. 6 para. 1 lit. f GDPR.
The data will be deleted as soon as it is no longer necessary for the purpose of its collection.
You can object to the storage of your data at any time. However, a proper response to your inquiry can then no longer be guaranteed in individual cases.
F. Public information (online multiplayer games, community forum, blogs, Facebook, Twitter, etc.)
For all public information, including user-generated content, the following applies:
You can decide whether to post information about yourself on PLAION websites or in games, in public online chat rooms, blogs, forums, message boards, or similar communications channels or other social media platforms. Everyone can have access, view or use this public information. Information that you provide in this form is public information and you must not expect privacy or confidentiality.
Please make sure your privacy settings and behavior reflect your attitude.
You can delete posts in PLAION forums or message boards yourself at any time.
You may object to your data being processed by PLAION at any time or revoke your consent. For more information, see Your legal rights.
G. Sales of products
For the distribution or sale of PLAION or its Partner’s products we process Personal Data which we have collected directly from you or which has been collected by our Partner and subsequently transmitted to us. This information is necessary to process the payment and deliver the products.
Payment data will be transmitted to our payment service providers for processing payments. For delivery, your data (name, address) must be transmitted to the delivery company. Other Personal Data such as telephone number or e-mail address, which can ensure a smooth delivery process, we transmit only after your express consent. You can revoke your consent at any time.
Inventory, usage and statement data are, if necessary, also processed beyond the fulfillment of a contract. PLAION reserves the right to save IP addresses and log files for a limited period of time after using the website. This is to monitor and control that you comply with our terms and conditions, in particular to ensure proper execution of the payment you have authorized. This process serves, in particular, to prevent or clarify cases of abuse and, in certain cases, to transmit this data to the competent authorities. To enforce regulatory compliance, IP addresses and console IDs, if available, can be used to personally identify you. Incidentally, any other evaluation of the data takes place anonymously. If no law enforcement action is taken and no no preliminary proceedings for abuse has been initiated, the IP addresses, log files and related Internet information will be stored for a maximum of six months under our statutory data retention obligation.
H. Mobile tracking technologies
In our mobile apps we use so-called mobile tracking technologies. We use these services to collect data about the use of our apps so we can constantly improve our offerings. When using our apps, the data you submit will be collected and analyzed.
In this regard, the following data is compiled: IP address that is immediately anonymized, MAC address, anonymized device ID (identifier for advertisers – IDFA or Google Advertiser ID – GAID), browser type, language settings, ISP, network status, time zone , URL of entry and exit pages, date of access and time, clickstream data and other statistical information about the use of our services.
A direct individual identification based on this data is not possible. The data collected in this way is used to create anonymous user profiles. The data collected by the tracking technologies will not be used to personally identify a visitor to our web pages without his express consent. The capture and storage of the data can be disabled at any time with future effect by adjusting your mobile device’s settings as follows:
If it’s an Apple mobile device (IFDA): Open your mobile device settings (such as iPhone or iPad) and select the “Privacy” menu item. Under “Advertising,” you can turn off ad tracking.
For Android devices: Open the settings in your app list and tap the “Show” button. If the ad window is open, you can disable the Google Advertising ID.
You can also reset your IFDA or Google Ad ID or assign a new one in the settings.
- Lawful grounds for the processing of your Personal Data
Insofar as we obtain the consent for processing of Personal Data, Art. 6 para. 1 lit. a GDPR serves as lawful ground.
If the processing of Personal Data is necessary for the performance of a contract to which you are a party to, Art. 6 para. 1 lit. b GDPR serves as lawful ground. This also applies to processing activities prior to entering into a contract.
Insofar as processing of Personal Data is required to fulfill a legal obligation we are subject to, Art. 6 para. 1 lit. c GDPR serves as lawful ground.
Insofar as processing of personal data is necessary for the performance of a task carried out in a vital interest of the data subject or another natural person, or in the public interest, Art. 6 para. 1 lit. d and lit. e GDPR serve as lawful ground for processing.
If processing is necessary to pursue our legitimate interests, and if your interests, fundamental rights and freedoms do not prevail over our interest, Art. 6 para. 1 lit. f GDPR serves as lawful ground for processing. Our legitimate interests include, inter alia, the assertion, exercise or defense of civil claims or the operation of our websites.
3. How long will your Personal Data be stored
We will process and store Personal Data no longer than necessary for the purposes for which they have been collected. Subsequently, the Personal Data will be deleted in accordance with the statutory provisions.
In general, your Personal Data will be stored during the term of our contractual relationships. However, in some cases, Personal Data may be stored for longer due to EU regulations, laws or other regulations to which we are subject or for as long as the retention of Personal Data is required due to other legal reasons (e.g. in accordance with Art. 17 para. 3 GDPR). This may include keeping your Personal Data after you have deactivated your account for the necessary period for us to pursue legitimate business interests, comply with (and demonstrate compliance with) legal obligations, resolve disputes or enforce our agreements. If there are legitimate reasons opposing a deletion, for instance statutory retention or storage periods, processing of these data will be limited. In such case the data will be erased as soon as the reason for further storage ceases to exist, for example if the statutory retention period expires.
Is the right to process Personal Data based on your consent in accordance with Art. 6 para. 1 lit. a GDPR the data will be deleted as soon as the purpose of the storage is canceled or if you revoke your consent. A revocation is possible at any time. The revocation of your consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.
Please contact our Data Protection Officer for any inquiries. For more information please see Your legal rights.
4. How do we disclose Personal Data?
Transfer to our service providers
Transfer to affiliated companies and other third parties
Insofar as it is necessary for internal administrative purposes or our business operations or in case we have obtained your consent, we may share your Personal Data globally with companies of the PLAIONGroup (to affiliates, subsidiaries and the parent company). When transferring and using the data, we always comply with data protection regulations and the scope of your consent. The affiliated companies may – insofar as they are entitled to do so or you have consented – also use the data for their own purposes, e.g. direct advertising for their own services.
Due to the corporate structure, PLAIONhas a legitimate interest in the transfer of Personal Data within the group to the extent necessary for administrative or operational services pursuant to Art. 6 para. 1 lit. f GDPR.
Any other transfer to third parties will only take place if this is necessary for the fulfillment of the purpose of the contract, we can invoke our legitimate interest or you have given us your consent.
Transfer for legal or law enforcement reasons
PLAIONmay also disclose Personal Data to law enforcement or the relevant civil authorities to enforce legal rights and to comply with the law, or to comply with a decision by a government or other competent authority, or if we have reason to believe that disclosure is required to respond to potential or actual violations or interference with our rights, property, reputation, business operations, users or others who may be harmed, or if we believe disclosures are required to protect our rights or us against fraud, or to comply with any PLAIONlawsuit, court order or legal process served.
In the context of corporate transactions (acquisition, sale, restructuring of companies or company shares), third parties may gain access to your Personal Data. Disclosure for this purpose serves our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR.
5. Do we transfer Personal Data internationally?
We are a global business. Personal Data may be stored and processed in any country where we have operations or where we engage service providers. We may transfer Personal Data that we maintain about you to our Partners, service providers and other recipients in countries other than the country in which the Personal Data was originally collected, including the United States. Those countries may have data protection rules that are different from those of your country.
If you are located in the European Economic Area or Switzerland, we comply with applicable laws to provide an adequate level of data protection for the transfer of your Personal Data to the USA and to other countries outside of the European Economic Area (“Third Countries”). Please note that some Third Countries, including the USA, do not guarantee an adequate level of data protection. Transferring data to these Third Countries may therefore involve additional risks for your privacy rights. For example, the enforcement of your rights can be more difficult in these Third Countries.
However, we use our best efforts to ensure that an international data transfer to Third Countries is governed by an adequate data transfer mechanism based on a risk assessment regarding the transfer. We rely on one or more of the following mechanisms: EU Standard Contractual Clauses with a data recipient outside the European Economic Area, and/or verification that the European Commission has adopted an adequacy decision in accordance with Art. 45 GDPR for the respective Third Country.
Third party products and/or services
For further information about the EU Standards Contractual Clauses, please contact our Data Protection Officer by email to firstname.lastname@example.org.
Protecting the privacy of children is particularly important to us. PLAION understands that parents, guardians or other adults often use our family services, including for use by minors. If a minor under the age of 16 (or below the minimum age in the Member State concerned, which can be lower) submits Personal Data to PLAION and we learn that such Personal Data contains information of a child below 16 (or below the minimum age in the area, which could be lower) and there is no effective consent, we will delete the data as soon as possible. It is our policy to comply with any applicable law protecting minors.
The consent of children under the age of 16 is only lawful if the parents have given their consent. Each member state of the EU can reduce the age to a maximum of 13.
PLAION, taking into account the available technology, makes efforts to make sure that the parents have given their consent to children. Nevertheless, we would like to make parents aware that age verifications can be technically bypassed. Please do not leave your children unattended on the Internet and explain their importance to the proper handling of their data.
We adhere to generally accepted industry standards to protect personal and non-personal data for both transmission and storage.
All PLAION employees are required to comply with data security and privacy policies, and have appropriate instructions and are trained on a regular basis.
For payment transactions, your data is encrypted using the SSL process. Our employees and or payment providers are not authorized to request further user data such as bank details or passwords.
Persons requiring access for technical, business, or editorial maintenance of the server and portal are legally bound by a confidentiality and non-disclosure agreement
Please note, however, that no electronic communication or electronic storage method is completely secure. We remind you that despite our high standards, information that you voluntarily provide in the internet is never guaranteed to be 100% secure. There is always the danger that third parties will gain unauthorized access. While we strive to use all commercially reasonable means to protect your personal information, we cannot guarantee absolute security.
8. Non-liability for third parties
9. Your legal rights
A. European Economic Area / GDPR
You can revoke a given consent at any time. To ensure the security and integrity of your Personal Data, we may ask you for additional information in justified cases to verify that you are the owner of that data. The revocation of consent does not affect the legality of the processing carried out on the basis of the consent until the revocation.
You can also request information from us at any time as to which Personal Data we process from you (Right of Access, Art. 15 GDPR). Insofar as the data concerning you is incorrect or incomplete, you have a Right of Rectification (Art. 16 GDPR). In certain cases, you have the right to request a restriction of processing. Details can be found in Art. 18 para. 1 GDPR.
You can demand that the Personal Data concerning you shall be deleted immediately (Right to Erasure, Art. 17 GDPR). In particular, we are required to immediately erase this information if the data is no longer necessary for the purposes for which it was collected or if you revoke your consent. Further deletion obligations can be found in Art. 17 para. 1 GDPR.
If you have the right to rectify, delete or restrict the processing by us, we are obliged to notify all recipients to whom your personal data have been disclosed of this correction or deletion of the data or restriction of processing, unless this proves to be impossible or involves a disproportionate effort (Notification Obligation, Art. 19 GDPR). You also have the right at any time, for reasons arising from your particular situation, to prevent and object the processing of your Personal Data, pursuant to Art. 6 para. 1 lit. e or f GDPR.
You also have the right to receive personally identifiable information you provide to us in a structured, common and machine-readable format. You also have the right to transfer this data to another person without hindrance (Right to Data Portability, Art. 20 GDPR).
Please note that in we may reasonably ask you for additional information to verify that you are the owner of this data. This is for the security and integrity of your data.
Without prejudice to any other administrative or judicial remedy, you have the right to file a complaint to a supervisory authority, in particular in the Member State of residence, place of work or place of alleged infringement, if you believe that the processing of the personal data concerning you is violates the GDPR.
Please direct your data protection request to the Data Protection Officer of PLAION.
B. California residents’ rights / CCPA
We are regulated under the California Consumer Privacy Act (“CCPA”), which applies to California residents.
Under the CCPA, California residents have several important rights:
- Right to Know: You can ask us what Personal Data we hold about you and request a copy. This includes:
- The type and specific pieces of personal data we have collected;
- The types of sources we collect the data from;
- The purpose for collecting your Personal Data;
- The third parties we share that data with.
- Right to Delete: You can request that we erase your Personal Data. There are some exceptions to this right, if we:
- Need to complete the transaction for which the Personal Data was collected or if there is an ongoing business relationship or contract with you;
- Detect security incidents and protect against malicious, deceptive, fraudulent, or illegal activity;
- Need to identify and repair errors affecting Service functionality;
- Exercise free speech or ensure another consumer can exercise (or another lawful right);
- Need to comply with the California Electronic Communications Privacy Act
- Engage in research in the public interest;
- Enable solely internal uses that are in line with your expectations for using your Personal Data;
- Need to comply with a legal obligation;
- Otherwise use your Personal Data internally, in a way that’s compatible with the reason we collected it in the first place.
- Sale of your Personal Data: We don’t sell any of your Personal Data for any purposes.
- Other Rights: California residents also have the right to request information about our disclosure of Personal Data to third parties for direct marketing purposes during the calendar year before your request. This request is free and may be made only once a year.
We won’t discriminate against you for exercising any of the rights listed above.
If you would like to exercise any of those rights, please contact our Data Protection Officer and email us at email@example.com. To ensure the security and integrity of your data, we may ask you for additional information in justified cases to verify that you are the owner of that data.
C. Brazilian residents’ rights / LGPD
We are regulated under the Lei Geral de Proteção de Dados (“LGPD”), which applies to Brazilian residents.
Under the LGPD, Brazilian residents have several important rights:
- Know when we use your Personal Data
- Access your personal data, correct any errors, or delete your Personal Data
- Anonymize, block, or delete data that we don’t need or are not processing in compliance with the LGPD
- Request we transfer your Personal Data to another provider
- Be informed about who we share your Personal Data with
- Be informed about your ability to deny consent and any consequences
- To revoke your consent
These rights apply to any personal data collected or processed in Brazil, as well as any Personal Data processed for the purpose of providing goods or services in Brazil.
If you would like to exercise any of those rights, contact our Data Protection Officer an email us at firstname.lastname@example.org. To ensure the security and integrity of your Personal Data, we may ask you for additional information in justified cases to verify that you are the owner of that data.
If you have any questions, concerns or remarks about data privacy, please contact our Data Protection Officer by email to email@example.com.