Last update: June 1st, 2020
DNE has always taken care to ensure that we do not knowingly collect or process the data of children. Where applicable, we will seek the consent of a parent or legal guardian before allowing access to our Services. The minimum age for using our Services is either 16 or the minimum age required by law for the collection and processing of the data from children. If we have unknowingly collected data from a child, their parent or legal guardian may contact the Data Controller to request prompt deletion of the data.
Whatever the activity may be, we will only collect personal data to the extent deemed reasonably necessary to fulfil your requests and our legitimate business objectives.
This Policy complies with French Act no.78/17 of 6 January 1978 on Information Technology, Data Files and Civil Liberties as well as the General Data Protection Regulation (GDPR) which takes effect on May 25, 2018 and covers all individuals in the European Union. GDPR is applicable to all citizens of the EU, and its regulations apply to all businesses that do business with citizens of the EU.
DON’T NOD ENTERTAINMENT S.A. is a French joint-stock company, registered with the Trade and Companies Registry of Paris, under number 504 161 902, with registered offices located at à Métropole 19, 134-140 rue d’Aubervilliers, 75019 Paris, France.
DNE processes personal data concerning you as a Data controller. You can contact us either by email, at the following address: firstname.lastname@example.org, or by post, at the following address: DON’T NOD ENTERTAINMENT SA – Métropole 19, 134-140 rue d’Aubervilliers – 75019 Paris – France.
We collect two types of information about you: “Identifying Data” (personal data) and “Non Identifying Data”.
Identifying Data means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data). It refers to information that lets us know the specifics of who you are.
We generally collect information in three ways: (A) you voluntarily provide information to us, such as by signing up for newsletter, (B) we collect information automatically from your use of the Services, such as through cookies or our games and other software, and (C) other parties, such as game console platforms and social networks, may provide information to us. Each of these methods is described in more detail below.
(A) Information you provide
We collect personal data about you when you voluntarily provide it to us. You provide certain personal data (mostly identity data such as your first and last name, mailing address (including zip code), e-mail address, job title and department, telephone and facsimile numbers and all personal data you choose to share) to us when you (a) sign up to a newsletter; (b) contact us about consumer comments or complaints; (c) contact our customer service or technical support; (d) send e-mail messages, submit forms, or transmit other information by telephone or letter; or (e) post any content/comment on DNE’s social networks. In addition of identity data we may collect demographic information such as your age, gender, favorite styles of gaming and the device you own.
(B) Information we collect automatically
We also collect certain other technical data (some of which is personal data) when you use our Services. We typically aggregate this data and use it in statistical form to determine trends among groups of users, rather than using it to identify individuals. If a combination of information that we collect does identify you as an individual, we will treat the combined information as personal data.
We collect information automatically through technologies such as web browsers, cookies, web beacons, etc. We use the information for purposes such as modifying or improving features, managing advertising, addressing technical issues, preventing misuse of our services, and conducting data analytics. The type of information that we automatically collect may vary, but generally includes (a) technical information about your computer, device, hardware, or software you use to access the Internet or our services, such as IP address or identifier information for your device (such as device make and model, information about device operating systems and browsers, or other device or system related specifications); (b) usage information and statistics about your interaction with the Services, which may include the URLs of our website that you have visited, URLs of referring and exiting pages, page views, time spent on a page, number of clicks, platform type, the application you used or the game you played, how long you used or played it and when, and other usage statistics; (c) crash reports, which may be automatically generated when a game or application crashes and includes information about your system and the crash; (d) information that facilitates a safer and more personalized experience, such as user identification provided in connection with your application use or game play, saved preferences, game progress, and device identifiers or usage information for authentication and fraud prevention purposes ; and (e) the location of your device, such as may be derived from your device’s IP address.
Internet protocol addresses
An Internet Protocol (“IP”) address is the unique number assigned to your server or Internet Service Provider (“ISP”). DNE may track such IP addresses for system administration, to report aggregate information, site tracking, security purposes, or to prevent our servers from being abused.
DNE may collect information in the form of logs: files that record website activity and gather statistics about web users’ browsing habits. For most websites, these entries are generated anonymously, and help DNE determine (among other things) how many and how often users visit our website, which pages they visit, and other similar navigational data. However, certain log files may contain personal data which we may use in accordance with this Policy.
Web beacons are small pieces of data that are embedded in images on the pages on some of our website. We may use beacons to analyze the traffic patterns on our website, such as the frequency with which users visit various parts of our website, or in HTML e-mails that we may send to our users to determine whether those e-mails are opened or whether the links in the e-mails are followed. Certain data obtained from beacons may contain personal data which we may use in accordance with this Policy.
(C) Information we receive from others
We are also working closely with third parties (including, for example, business partners, service providers, advertising networks and analytics providers) and may receive information about you from them. This may be combined with other information you provide to us, as described above.
We may also collect personal data on third party network, platform or service: by playing a DNE game through another third party platform such as a gaming console or mobile device operator, social network, you are authorizing DNE to (1) collect, store, and use, in accordance with this Policy, any and all personal information that you agreed the social network or other third party platform could provide to DNE based on your settings on the third party social network or platform and (2) share any and all of your personal information with the social network or other third party platform, through the social network/third party platform’s Application Programming Interface (API). Your agreement to this takes place when you connect with the third party network, platform or service via our products and/or services, and/or when you connect with, “accept” or “allow” (or similar terms) one of our applications through a social network, or other third party platform or service.
The legal grounds of our data processing
We process data only if at least one of the following applies:
As a general matter, we use (A) and share (B) the information we collect (either individually or in combination with other information collected as described in this Policy) to help us customize, analyze, improve and provide the Services where we have an appropriate basis to do so.
We may use the information (all types combined) we collect about you for various purposes, such as to:
Unless relevant legal provisions mandate a different data retention period, we will store your personal data for the duration necessary to process it according to this Policy. We archive your personal data during the entire statutory period of limitations.
The personal data that we collect, as well as those that will be collected subsequently is intended for us in our capacity as data controller.
We ensure that only authorized persons have access to this data. Some personal data may be sent to third parties or to legally authorized authorities in order to meet our legal, regulatory or contractual obligations (as described below).
When sharing your information with our technical service providers and/or subcontractors for proper operation of our website, we are committed to ensuring these technical service providers and/or subcontractors comply with the terms in this Policy. If DNE subcontracts all or part of the processing of personal data to processors, DNE will require that its processors provide contractual guarantees on the security and confidentiality of personal data by means of technical data protection measures and appropriate human resources.
If disclosing personal data is required by law or necessary for protecting the security of our website, we may disclose any information collected, without time limits. We will ensure that any such disclosure remains within the limits permitted by law and within the scope authorized, and we will only do this if we believe in good faith it is necessary for: (i) protecting your security, including the security of your property; (ii) protecting the security of our website or third-party websites.
You understand that when you use the Services, any information you post in any interactive areas of the Services, as well as any information you share with individuals through public or private groups, as well as any information you share with individuals through the Services or through social network sites or other social feeds, will be available to other users and in some cases may be publicly available. We recommend you be cautious about giving out personal data to others or sharing personal data in public or private online groups. Except to the extent required by applicable law, we are not responsible for the actions of third party service providers or other third parties, nor are we responsible for any additional information you provide directly to any third parties.
Maintaining the security and confidentiality of your information is of utmost concern to us. That’s why we implement appropriate administrative, technical, and physical safeguards, with regard to the nature of the data we process and the risks of the processing, to protect your personal data from accidental, unlawful, or unauthorized destruction, loss, alteration, access, disclosure, or access / use by non-authorized third parties and other unlawful forms of processing, in compliance with data protection regulations. We also strive to limit access to personal data to employees or contractors performing a legitimate business function.
We carry out periodic reviews of our security procedures with a view to implementing new and updated technologies where appropriate. However, despite the wide range of initiatives and measures in place, no security protocol is perfect, infallible or impenetrable.
We strive to provide you with choices regarding certain personal data uses, particularly around communication and marketing. If you subscribe to our newsletter and indicate that you are interested in receiving offers or information from us, we may occasionally send you direct emails about our products and services that we feel may be of interest to you. If, at any time, you wish to opt-out of receiving information from us about new products, services, or promotions, you can do so. Just send an email to email@example.com. Be sure to type “opt-out” in the subject line, and include your full name, and email address in the message. In addition, along with almost every communication sent to you, we provide you the opportunity to discontinue receiving future communications (i.e., unsubscribe).
Other examples of your choices include:
You may also exercise and amend your choices by sending an email to us as detailed in the “How to Contact Us” section below.
Data protection law provides “Data Subjects” with numerous rights, including the right to: access, rectify, erase, restrict, transport, and object to the processing of, their personal data. Data Subjects also have the right to lodge a complaint with the relevant data protection authority if they believe that their personal data is not being processed in accordance with applicable law.
When you will request for information from us, you will obtain confirmation as to whether or not your personal data is being processed and where this is the case, access to your data and the following information: i) the purposes of the processing; ii) the categories of personal data in question; iii) the recipients or categories of recipient to whom the personal data have been or will be disclosed; iv) where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period; v) the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing; vi) the right to lodge a complaint with a supervisory authority; vii) where the personal data is not collected from the data subjects, any available information as to its source; viii) the existence of automated decision-making, including profiling, and in this case, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.
Your right of access to and rectification of your data
You may request copies of your personal data. If you would like to make a subject access request (also called “SAR”) for copies of the personal data we hold about you, you may do so by writing to the Data Controller whose contact details are above. The request should make clear that a SAR is being made. You may also be required to submit a proof of your identity.
You can ask us to, as the case may be, rectify or complete personal data that is inaccurate, incomplete, equivocal or expired.
Your right to erasure of your data
You can ask us to erase your personal data where one of the following grounds applies: i) the personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed; ii) you withdraw the consent you have previously given; iii) you object to the processing of your personal data and there is no legal reason for such processing; iv) the processing of personal data does not comply with the provisions of the applicable laws and regulations.
However, the exercise of this right will not be possible when the retention of your personal data is necessary for compliance with laws and regulations and in particular for example for the establishment, exercise or defense of legal claims.
Your right to restriction of processing
You may request restriction of processing of your personal data in the following scenarios: i) if you want us to establish the data’s accuracy; ii) where our use of the data is unlawful but you do not want us to erase it; iii) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or iv) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
Your right to object to data processing
You have the right to object to the processing of personal data concerning you when the processing is based on the legitimate interest of the controller.
Your right to data portability
You have the right to portability of your personal data. The data on which this right can be exercised is: i) only your personal data, which excludes anonymized personal data or data that does not concern you; ii) declarative personal data and personal data relating to our functioning as mentioned above;
iii) personal data that does not adversely affect the rights and freedoms of others such as those protected by trade secrets.
This right is limited to processing based on consent or contract as well as to personal data that you have personally generated. This right does not include derived or inferred data, which is personal data created by DNE.
Your right to withdraw your consent
When the data processing we carry out is based on your consent, you may withdraw it at any time. We will then stop processing your personal data but this will not affect the lawfulness of processing based on your previous consent. Please note that if you withdraw your consent, you may not be able to benefit certain service features for which the processing of your personal data is essential.
Your right to lodge a complaint with a supervisory authority
You have the right to lodge a complaint with the French data protection authority (CNIL) on the French territory without prejudice to any administrative or judicial remedy. We suggest that you contact us about any questions or if you have a complaint in relation to how we process your personal data.
All the rights enumerated above can be exercised by sending a request, together a copy of an ID document, to DON’T NOD Entertainment S.A. by post to Métropole 19, 134-140 rue d’Aubervilliers, 75019 Paris, France or email at firstname.lastname@example.org.
Regarding the exercise of your right of information, we are not required to provide you with information where: i) you already possess the information; ii) the recording or disclosure of your personal data is expressly laid down by law; iii) the provision of information to you proves to be impossible; iv) the provision of information to you would involve a disproportionate effort.
For any questions about this Policy, contact us by post to the following address:
DON’T NOD Entertainment S.A.
Métropole 19, 134-140 rue d’Aubervilliers,
75019 Paris, France
Email : email@example.com
Unless specifically requested by you, the personal information sent to the email or postal address above will not be used to send you marketing communication.