Privacy Policy 1. September 2018

We, Supertreat GmbH (“Supertreat“, “weorus), are committed to protecting your personal data (“data“) by complying with applicable data protection laws, including the General Data Protection Regulation (EU) 2016/679 (“GDPR“).

This Privacy Policy describes how we, as data controller, process your data in connection with the use of our app “Solitaire – Grand Harvest” (in German: “Solitär – Goldene Ernte”) for iOS and Android devices (“Apps“)or any interaction you have with us (hereinafter collectively referred to as “Services“).In this Privacy Policy “you” shall mean anyone who downloads and/or uses any of our Apps.

  1. What data do we process for what purpose and on what legal basis?

Your Data is processed by Supertreat as data controller. We process Data provided by yourself (respectively your device) or our service providers and advertising partners (see section 2 below), or generated within our Services for the purposes and on the legal bases stated below:

a. Use of Apps:

When using our Apps, we may process the following Data:

  • IP address;
  • app development platform data (instance IDs, app user ID and analysis data);
  • player data (such as credits, VIP points, purchases, level starts, level wins, time of last harvest, number of free rounds and finished tutorials);
  • crash traces;
  • device data (such as operating system, model, brand, operating system version, CPU architecture and RAM size);
  • device settings (language and region); and
  • advertising data (advertising ID/identifier, Android ID and identifier for vendor).

We may process this data in order to provide you with our Apps and ensure their optimal use through progress backups, synchronization and use and error analysis. We may further process this data for advertising tracking in order to be able to track whether users have installed our Apps after having been served with an advertisement and to be able to account specifically with advertising partners on the basis of successfully recruited users.

In our Apps you have the option to connect to Facebook and thereby synchronize your progress over multiple devices or to restore your progressafter having deleted our Apps on any of your devices. By connecting to Facebook via our Apps you will also be able to see the progress of your Facebook friends and invite others to play our Apps. When you connect our Apps to Facebook we also process your app-scoped Facebook user ID and user name.

b. User support

If you use the support option within our Apps, we may process the following data: email address, name and further contact details you provide, support log files, support ticket ID, support contact and support request.

c. Mailing list

If you join ourmailing list, we may process the following data: email address and newsletter subscription.

The legal basis for our processing of your data is our legitimate interest in enabling the operation of our Services.

The provision of your data for the above purposes is voluntary; this means that you are neither legally nor contractually obliged to do so. However, if you do not provide your data, you will not be able to use our Services.

  1. To whom do we disclose your data?

For the purposes mentioned in section 1 above, we may disclose your data to the following categories of recipients:

  • customer support software providers (currently: Freshworks Inc.);
  • web hosting providers (currently: World4You Internet Services GmbH);
  • app development platform and analytics service providers (currently: Google Ireland Ltd. and Google LLC (incl. their fully owned US subsidiaries); and
  • advertising partners (currently: Facebook Inc., Apple Distribution International, AppsFlyer Ltd., AdColony Inc., GlobalWide Media Ltd., ironSource Mobile Ltd., Liftoff Mobile Inc., AppLovin Corporation, Vungle Inc., Unity Technologies Finland Oy, Chartboost Inc. and Crossinstall Inc.).

In the event that Supertreatundergoes a business transition like a merger, acquisition by another company or sale of all or part of its assets, we may also disclose your data to the successor organization or the acquirer of the assets.

Some of the recipients listed above are seated outside of the EU. However, we only disclose your data

  • to recipients in countries that provide an adequate level of data protection according to a decision by the European Commission; or
  • to recipients in the US who are certified according to the EU-US Privacy Shield Framework approved by the European Commission; and
  • if we have taken measures to ensure that the recipients provide an adequate level of data protection. For example, in such case, we may use standard contractual data protection clauses approved by the European Commission.

For further information on these safeguards or to obtain a copy of them, please contact us by using our contact details provided in section 5 below.

  1. How long do we store your data?

Your data will only be stored for as long as it is necessary to achieve the processing purposes described in section 1 above or otherwise to fulfil our contractual or statutory obligations. We therefore store your data, depending on the purpose of the processing, only for the period for which storage is prescribed (i.e. for the duration of statutory retention obligations) or permitted by law (i.e. until the expiry of limitation periods for potential legal claims or as long as we have a legitimate interest).

  1. What rights do you have with regard to your data?

According to the GDPR, you as the data subject have the following rights with regard to your data processed by us:

  • access to the data we process about you;
  • rectification of inaccurate data;
  • data portability;
  • restriction of processing; and
  • erasure (“right to be forgotten”).

If your data is processed on the basis of our legitimate interest, you also have the right to object to the processing of your data at any time on grounds relating to your particular situation.

To exercise the above rights, please contact us by using our contact details provided in section 5 below.

If you believe that our processing of your data violates applicable data protection laws or that any of your data protection rights mentioned above has been otherwise violated, please contact us using the contact details provided in section 5Fehler: Referenz nicht gefunden below so that we can learn of your concerns and address them accordingly. However, you also have the right to complain to a competent supervisory authority.

  1. Our contact details

Our contact details are as follows:

Supertreat GmbH
Herrengasse 9
8010 Graz
Austria

Email: legal@supertreat.net