On May 25, 2018 the General Data Protection Regulation enters into force in the EU. GDPR is directly binding and applicable in all EU countries.
Q. What is the GDPR?
The General Data Protection Regulation (GDPR) is the EU regulation on data protection and privacy that covers all individuals in the European Union. The GDPR aims primarily to give individuals control over their personal data and simplify the regulatory environment for businesses by unifying the laws within the EU. The GDPR does not require national governments to pass any enabling legislation and, therefore, it is directly binding and applicable.
The GDPR provides the following rights for individuals:
- The right to be informed
- The right of access
- The right to rectification
- The right to erasure
- The right to restrict processing
- The right to data portability
- The right to object
- Rights in relation to automated decision making and profiling.
In the case of a GDPR-related request, the following information will be requested:
- The player ID
- The player kingdom
Q. Why does the GDPR affect DECA users?
The GDPR affects all EU customers, as well as companies located in the EU. As our company is located in the EU, DECA wants to make sure that it provides all its players with the rights that the GDPR introduces, e.g., we inform you about how we are using your data in detail in our new version of the Privacy Policy, we will provide you with the copy of your personal data or delete your account (together with the personal data about you) upon your request.
Q. Why does the GDPR / the new EU data protection laws affect me personally?
As a natural person, whose data is processed, you are considered as the “data subject” under the GDPR. Though the whole document is worth reading (here), we think that the most important for you is its Chapter 3 “Rights of the data subject”, which lists your rights and explains how you can exercise them. E.g., it describes that you have the right to get transparent information about how your data is used, get access to a copy of your data, request correction and deletion of your personal data.
Q. I am playing from [any non-EU country]. Why the Privacy Policy applicable to me was changed because of the EU laws?
If you are playing from outside of the EU, then besides the GDPR, we also respect the rights granted to you with regard to your personal data under the applicable laws. At the same time, we also provide you with the rights that the GDPR stipulates. It is your choice to which extent you want to exercise them, and the rights do not create any additional obligations for you.
Q. Does DECA store any personal data about me?
DECA stores about users of its products certain data that is considered to be “personal” under the GDPR. It doesn’t mean the same data will fall under “personal data” or similar definition under other countries’ laws. Still, even if you are from outside of the EU we use the data in accordance with the GDPR and provide you with such rights with regard to your data, as the GDPR may require.
Please have a look at section 4 “Information we collect” of the new version of our Privacy Policy available here.
Q. How can I see what personal data DECA stores about me?
To learn which categories of data DECA stores about you, please refer to the new version of our Privacy Policy available here.
Q. I have read the privacy policy and do not agree with how you are using my data. How can I stop you from such use?
As of 25/05/2018, you will be able to object.
You will be able to express your objections by submitting a ticket and we will pass it to the competent department for proper reaction.
Q. Are you sharing my personal data with third parties?
Yes. We share your data with third parties. The GDPR does not forbid such sharing as long as we have a proper ground for such sharing. We wanted to be as clear as possible about the purposes of sharing your data with third parties and types of the third parties in Section 6 of the new version of our Privacy Policy available here.