Rovio Business Partners Privacy Notice

Page

ROVIO BUSINESS PARTNERS PRIVACY NOTICE

Last updated: January 31, 2024.

This notice explains how Rovio (referred to as “we” in this document) processes the personal data of its business partners or their representatives (referred to as “you” in this document), and what rights you have if we are processing your personal data.

In this notice, the phrase “your data” is used when referring to personal data that relates to you as an identified or identifiable person.

1 Data controller

By “data controller”, we mean an entity that determines how and why personal data is processed. With regard to the activities described in this notice, we are the data controller. Our company name is Rovio Entertainment Corporation.

2 Contact information

In matters related to this notice, you can reach us at privacy@rovio.com.

We have also designated a Data Protection Officer (“DPO”) to oversee matters related to data protection at Rovio. If you have any questions or concerns about the way we use your data, you may contact our DPO at any time by email to dpo@rovio.com.

3 Why do we process data and on what basis?

We process your personal data to manage our business relationship with you and for other purposes related to running our business operations, including for example the following purposes:

  • responding to enquiries from existing and prospective business partners,
  • negotiating and fulfilling agreements with existing and prospective business partners (including enforcing agreements where necessary),
  • managing advertising campaigns, content productions, and other work projects (including related contracting and project related communications) with our business partners,
  • retaining records of our business operations (including the archiving of agreements and other documents relevant to the business),
  • building and managing our relationships with existing and prospective business partners,
  • communicating with existing and prospective business partners (including by sending marketing communications),
  • analyzing the performance of our operations and conducting business planning and reporting, and
  • other purposes related to and compatible with the above.

Our processing of personal data for these purposes is based on our legitimate interest to conduct our brand licensing operations and related business activities. With respect to information relevant to executed agreements and related payments, processing may be necessary for the performance of the agreement or for compliance with our legal obligations to maintain records for accounting, product liability, and other similar purposes.

We do not use your data to make automated decisions which significantly affect you. By an “automated decision”, we mean a decision made by an information system without any human intervention.

4 What data do we process?

We may process the following data relating to you:

  • full name,
  • information about the company you represent and your role there,
  • contact information for business purposes (such as an email address, street address, or phone number), and
  • your business communications with us (including content, attachments, and metadata).

We do not expect or intend to collect or otherwise process any special categories of data relating to you. By “special categories of data,” we mean genetic, biometric or health information, information revealing racial or ethnic origin, sex life or sexual orientation, political opinions, religious or philosophical beliefs or trade union membership, or information about your criminal offences or convictions. Please do not provide this kind of information to us.

5 Where do we collect data from?

We collect data either directly from you (or the company you represent), from our agents and other business contacts, or from publicly available sources such as professional networking websites or the website of the company you represent.

6 Who do we share data with?

We may share your personal data with the following types of recipients:

  • other companies in the Rovio group,
  • persons or companies outside the Rovio group that provide services to us (including our licensing and sales agents, hosting providers, and software or platform providers),
  • prospective or actual buyers (including their agents or advisors) in the context of a planned or actual acquisition, merger, or other business restructuring,
  • competent courts of law or other government authorities where we believe disclosure is necessary as a matter of applicable law or regulation,
  • any person or entity where we believe disclosure is necessary to exercise, establish or defend our legal rights or to protect your or another person’s vital interests, or
  • with any other person or entity with your consent.

We may transfer your data outside of the European Union (“EU”) and the European Economic Area (“EEA”). The countries to which transfers are made may have data protection laws that differ from the laws of your country. In these cases, we will ensure that appropriate safeguards are in place to protect your data. These safeguards may include compliance with the European Commission’s standard contractual clauses for transfers of personal data. Upon request, we can provide you a copy of the European Commission’s standard contractual clauses and further details on the applicable safeguards.

7 How long do we keep data?

We will keep your data for as long as necessary to achieve the purpose(s) for which it was collected. Typically, this will at least correspond to the duration of our business relationship with you (or the company you represent). However, we may need to retain data longer than that for accounting, product liability, or other similar purposes, if we had a contractual relationship with you (or the company you represent).

8 How do we keep data secure?

We have adopted measures to provide your data a level of security appropriate for the degree of risk involved with the processing activities outlined in this notice. These measures are designed to protect your data against accidental or unlawful destruction, loss, or alteration as well as unauthorized disclosure or access. The specific measures we employ vary from one service or system to another, but typically include, for example, encryption at rest and in transit, controls to limit access to services or systems that contain personal data, contractual safeguards with third parties who process your data, and maintaining procedures to handle any suspected security incidents.

9 Your rights

If we are processing your personal data, you have the right to:

  • access, correct, or request the deletion of your personal data,
  • request us to restrict our processing of your personal data,
  • object to our processing of your personal data to the extent our processing is based on our legitimate interests, or
  • where technically feasible, request that we give you a copy of the personal data you have provided to us in machine-readable format.

Please also note that you will be provided an option to opt out of receiving our marketing communications each time we send such communications to you.

To exercise any of the rights outlined above, you may contact us using the contact information provided above under the section titled “Data controller”. To fulfill your request, we need to confirm your identity to verify your right to make the request, which may involve requesting additional information from you. While we will usually not do so, we reserve the right to charge an appropriate fee from you for the exercise of your rights where permitted by applicable law or regulation.

Finally, you always have the right to lodge a complaint with your local data protection authority (such as the Office of the Data Protection Ombudsman in Finland) regarding our processing of your data. However, we ask that you reach out to us first to allow us to address your concerns.

10 Changes

We may update this notice from time to time, for example due to changes in our operations or the legal obligations that apply to us. Updates will be made available here. We will inform you of any changes made by means that are appropriate considering the significance of the changes.