Processing of our players' and visitors' personal data
Superpog ApS (hereinafter "we" or "us") process personal data about players or visitors at playtopia.com (hereinafter referred to as "you"). We will always process your personal data in a safe and confidential manner in accordance with applicable data protection legislation, and we have implemented appropriate measures to protect the data against the risks involved in the processing.
If you have any questions about the processing of your personal data, if you wish to exercise your rights as described below, or if you wish to complain about or object to our processing, you are welcome to contact the person responsible for our personal data policies by sending a e-mail to [email protected]
1. Purpose, types of personal data and legal basis for processing
We process ordinary personal data about you for the purpose of
- establishing, maintaining and terminating private customer relationships, including
- registering customers in relevant IT systems;
- managing payments, invoicing and bookkeeping;
- marketing our games;
- analysing customer game behaviour and improving games;
- customer service and support; and
- day-to-day communications;
- handling possible claims.
The personal data will normally be provided by you when you register an account with us, through your gaming activity, when you communicate with us, etc.
Our processing of your ordinary personal data is based on:
- Legitimate interests, when carrying out registering customers in IT systems, managing payments, invoicing and bookkeeping, customer service and support, customer care, day-to-day communications, marketing our games (including publishing username when winning prizes), optimisation of sales and marketing activities.
- Performance of contract, when carrying out registering customers in IT systems, managing payments, invoicing and bookkeeping, delivery of prizes to prize winners, publishing marketing material with pictures of the customer on social media and customer service and support.
- Legal obligation, when carrying out bookkeeping activities, including storage of relevant material according to the Danish Bookkeeping Act, reporting gift taxes to the Danish Tax Agency and handling claims (including transferring necessary information to payment service providers, law firms, auditors and debt collectors).
2.1 Storage period
In general, your personal data will be stored as long as they are relevant for a potential, existing or former business relationship with you.Personal data contained in correspondence and inquiries will be stored for up to 3 years after the last date of contact, unless a longer storage period is necessary, e.g. for any ongoing or potential complaints proceedings, disputes or claims pending between you and us.Personal data which must be stored under the Danish Bookkeeping Act or other accounting rules will be deleted 5 years after the end of the relevant financial year.Personal data contained in backup copies will be deleted by routine overwriting (incremental) and cannot be accessed in the usual manner.
2.2 Deletion and anonymisation
If and when you choose to delete your user, or if we find it necessary to delete your user, e.g. in case of breach of our rules, all data about your person will be deleted, the data used in relation to other users will be anonymized so that your data will be presented as "Deleted user" and can therefore not be traced back to you. There may be data such as purchase data and prize data that are not deleted, as it must be included in our bookkeeping, cf. section 2.1. If you have created content in our games, this will also be anonymised. If your user is deleted, it can therefore not be restored.
Your personal data will be accessible only to relevant employees.
The data will be disclosed only to the persons who need them for the purposes stated above or where disclosure is required by law. We may, if relevant for a particular order or purchase, transfer your contact information to third parties, e.g. carriers for carrying out deliveries (e.g. prizes).
We have engaged data processors to process data on our behalf that will get access to your personal data subject to our specific instructions. Some of our data processors are established in the USA, however all are self-certified under the EU-U.S. Privacy Shield arrangement.
4.1 Updating your personal data
We always seek to ensure that your personal data are accurate and updated. In case of changes to your personal data, we kindly ask you to let us know by using the above contact details. If you inform us of any inaccuracies in your personal data, or if we notice such inaccuracies, we will have them rectified or deleted as soon as possible.
4.2 Your rights under the data protection legislation
As a data subject you have a number of rights which you may exercise by contacting us, using the above contact details.
You have the right to request information about which personal data we process and to receive a copy of the data. Further you have the right to data portability (i.e. to receive your data in a structured format) for those of your data which are provided by you and processed by us based on your consent or the performance of a contract.
You also have the right to object to our processing of your personal data and to request rectification or erasure of any data which you believe are incorrect, outdated, etc. Further, you may request a restriction of the processing of your personal data. For some of these rights, e.g. the right to erasure, exercising them requires satisfaction of certain concrete conditions set by data protection legislation.
If you disagree with the way in which we process your personal data, you may file a complaint, using the above contact details. If you disagree with a decision made in any complaint proceedings (or do not wish to complain directly to us), you may also file a complaint with the Danish Data Protection Agency which can be contacted through their website at https://www.datatilsynet.dk/borger/klage-til-datatilsynet/, via e-mail: [email protected] or by phone +45 33 19 32 00.