What data we hold
As an end user of the apps we distribute, we will process the following personal information about you:
- Your phone number if you are billed via mobile operator billing connections. It is only obtained explicitly as part of a purchase directly involving an operator connection and is provided to us by the mobile operator itself or its designated payment processor as part of the initial purchase flow. This is to fulfill contractual obligations with you. It is automatically deleted when no longer needed. Note that this may see us retaining your phone number for the duration of your use of the game. We do this in order to ensure we can find your purchase if you contact us with a customer care query.
- We use Android ID to authenticate your device and game combination. Android ID is a randomly generated sequence which on its own is not personally identifiable.
- If you have explicitly granted permission on an operating system level then we may authenticate your device and game combination using the imei, imsi or Android serial.
- We use your IP address to determine your location for the purposes of a) providing a localised end-user experience – it is legitimate for us to try and improve your experience, b) correctly determining applicable local taxes (in which country was the transaction executed) – this is a legal obligation on us or c) for the purpose ensuring games are used and purchased in accordance with applicable distribution agreements and our obligations towards our game developer and app store customers.
- We process your device make, mode and operating system version. This helps us with error tracking and resolution, maximising the functionality for your device, and also strategy planning, all legitimate things for a business to do.
- Transaction IDs are generated as part of payment events and are used to identify payment transactions within the Flexion platform and/or between the Flexion platform and a 3rd party payment platform. IDs may be internally generated or passed to Flexion by the 3rd party.
- If you give us a call or make contact by email, for example, if you contact our customer support team, we will collect your name, email address, telephone numberso we can deal with your enquiry. We may ask for additional details as part of resolving your query. We keep a record of enquiries received, so that we know what we have said to whom. This is a legitimate thing for a business to do.
Details of the personal data captured from our website and processed is below:
- Our website, like many others, uses Google Analytics, a web analytics tool provided by Google, to collect information about how visitors use our site. We use the information to compile reports and to help us improve the site. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited. Google can provide more details about their cookies.
- We may use the logs from our servers to assist in our firm's security, as well as to determine visitor behaviour and help us plan our strategy (e.g. such as working out which pages on the site are most popular, or whether particular events have caused an increase in traffic). We have legal and regulatory obligations to protect our clients and their information and strategy planning is a legitimate thing for a business to do.
Transfers of your data outside the EEA
We do not transfer or process data in countries or organisations deemed to have inadequate protection of data by the EU.
We also have a small number of companies providing services to us. These are our processors and we have confirmed that they all meet the requirements of EU data protection laws.
- All our laptops are password protected, as are our phones.
- Our servers and desktop computers are protected by physical security.
- The ability to log on to all these devices is restricted to members of staff, each having their own unique log on credentials.
- Landline phone calls are not encrypted.
- If you have particular security requirements, please call us to discuss how we can support you.
You have lots of rights in respect of our processing of your personal data. The relevant rights are:
- Request a copy of your personal data and information about our processing of it
- Request that we delete information on you if we do not need to hold it
- Request that we correct any personal data that we hold on you
- Request that we stop processing your data, for certain things, eg marketing although we can still hold it (we have to put it on a suppression list to make sure we don’t accidentally contact you again for example)
- Request that we move your data to another organisation’s IT system electronically
- If you want to exercise any of these rights, please just contact us on firstname.lastname@example.org
- You also have the right to lodge a complaint about our processing with a supervisory authority — in the UK that is the ICO whose details are here: https://ico.org.uk/global/contact-us/postal-addresses/CONTACT US
Our address is: Unit G5, Harbour Yard, Chelsea Harbour, London, SW10 0XD, United Kingdoms
If you want to talk to us about this, the person in charge of Data Protection is Andreas Mac Mahon