Last updated: June 25th, 2018
This Privacy Notice explains how Rovio Entertainment Corporation (“Rovio” or “we”) collect, share and use personal information about you, and how you can exercise your privacy rights.
This Privacy Notice applies to personal information that we collect when we conduct voluntary game testing and user research collectively as “Research”)
1. WHAT PERSONAL INFORMATION DOES ROVIO COLLECT?
The personal information we may collect about you through the Research falls into the following general categories:
1.1. Information that you provide voluntarily
We ask you to provide your personal data voluntarily. For example, we may ask
- your name, email address or other contact details
- when video recording a game play your voice, face and expressions
- any information you submit to us during Research such as discussions, your comments, feedback and recordings, your expressions and emotions.
The personal information that you are asked to provide, and the reasons why you are asked to provide it, will be explained to you when we ask you to provide your personal information.
We do not collect personal data from other sources than from you.
1.2 No special categories of information
We do not request or intend to collect any "special categories of information" such as any information on health, race, religion, political opinions or philosophical beliefs, sexual preferences or orientation.
However, we may collect your race or ethnic background when we would capture your face when video recording a game play.
2. HOW WE USE YOUR PERSONAL INFORMATION
We use your personal information for the following purposes:
- to conduct feedback and game or prototype playtesting, user experience research
- to contact and communicate with you about the Research
- to understand how the game feels to play, what kind of emotions and reactions it creates.
- to develop user experience or our games
- to comply with our legal obligations
- to exercise, establish or defend our legal rights, or to protect your vital interests or those of any other person
You may also opt-out from receiving communications from us.
3. LEGAL BASIS FOR PROCESSING PERSONAL INFORMATION
We will normally collect personal information from you only where (i) we have your consent to do so; (ii) we need the personal information to perform a contract with you, (iii) the processing is in our legitimate interests and not superseded by your rights.
If you have questions about, or require, further information concerning the legal basis for collecting and using your personal information, please contact us using the contact information provided in the “How to contact us” section below.
4. WHO DOES ROVIO SHARE MY PERSONAL INFORMATION WITH?
We may share your personal information with the following types of recipients:
(a) With companies in our business group, third-party service providers and partners who provide data processing services to us (for example, to outsourced IT management, hosting and communication services, and/or analyze the Research results) or communicated to you when we collect your personal information. A list of current companies in our business group and a list of our current service providers and partners is available here discussed in Section 14 below.
(b) With any competent law enforcement body, regulatory authority, government agency, court of law or other third party where we believe disclosure is necessary (i) as a matter of applicable law or regulation, (ii) to exercise, establish or defend our legal rights, or (iii) to protect your vital interests or those of any other person
(c) With a potential or actual buyer (and its agents and advisers) in connection with any proposed or actual purchase, merger or acquisition of any part of our business, provided that we inform the buyer it must use your personal information solely for the purposes disclosed in this Privacy Notice
(d) With any other person, with your consent for such disclosure.
5. HOW DOES ROVIO KEEP MY PERSONAL INFORMATION SECURE?
We use appropriate technical and organizational measures designed to protect the personal information that we collect about you and process. The measures we adopt are designed to provide a level of security appropriate for the degree of risk involved with processing your personal information. Specific measures include encrypting your personal information in transit and at rest, firewalls and passwords. Only those of our employees who have the right to handle personal information as part of their work are entitled to access the personal information. All users have their own user account and password in the system.
6. INTERNATIONAL DATA TRANSFERS
We store your personal information within EU/EEA area. However, your personal information may be transferred to, and processed in, countries other than the country within EU/EEA area. These countries may have data protection laws that are different from the laws of your country. In such circumstances, we ensure appropriate safeguards are in place so that your personal information will remain protected in accordance with this Privacy Notice. This includes complying with the European Commission’s Standard Contractual Clauses for transfers of personal information among companies in our business group and third-party service providers and partners, which require all members of our business group to protect the personal information they process from the EEA in accordance with European Union data protection law. It also includes the transfer of personal information to third-party service providers and partners that are certified under the EU-US Privacy Shield.
The Standard Contractual Clauses can be provided on request. We have implemented similar appropriate safeguards with our third-party service providers, and partners and further details can be provided upon request.
7. DATA RETENTION
We only keep your personal information as long as is necessary for using the information. Personal information is erased from the register when a you ask for it to be erased.However, we retain the data for a period of maximum of three (3) years from the end of the calendar year it was collected and we erase data at the beginning of the year immediately following the third year of storage if not earlier erased.
However, we will anonymize data when there is no need to restore identifiable data.
8. YOUR DATA PROTECTION RIGHTS
You have the following data protection rights:
(a) To access, correct, update or request deletion of your personal information by contacting us using the information in the "How to Contact Us" section below.
(b) If we are processing your personal information with your consent, you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect the processing of your personal information conducted pursuant to lawful processing grounds other than consent. You may do so by contacting us using the details at "How to Contact Us" heading below.
(c) To object to the processing of your personal information (which is processed on the grounds of legitimate interests), ask us to restrict processing of your personal information or request portability of your personal information. Again, you may do so by opting out of personalized offers based on in-game behavior, or by contacting us using the information in the "How to Contact Us" section below.
(d) You have the right to file a complaint with a data protection authority about our collection and use of your personal information. For more information, please contact your local data protection authority.
We will respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.
9. AGE LIMIT
When we process data under your consent we will ask for consent from your parent or legal guardian in case you are below the age where consent can be given by yourself.
10. UPDATES TO THIS PRIVACY NOTICE
We may update this Privacy Notice from time to time in response to changing legal, technical or business developments. When we update our Privacy Notice, we will take appropriate measures to inform you, in accordance with the significance of the changes we make.
11. HOW TO CONTACT US
Data controller: Rovio Entertainment Corporation, Keilaranta 7, 02510 Espoo, Finland. Email: firstname.lastname@example.org.
12. ROVIO SUBSIDIARIES, THIRD PARTY SERVICE PROVIDERS AND SUBCONTRACTORS
Rovio Sweden Ab
Selected research projects of analyzing recorded data
IT system hosting and storage service