English

Mobile privacy policy

Outright Games Ltd. confirmation seal

1.WHO WE ARE

We are Outright Games Limited, a private limited company incorporated in England and Wales (registered company number 10385931), whose registered office is at Unit 54 Merlin House, Meteor Way, Lee-On-The-Solent, Hants, England, PO13 9FU. In this notice, “OG”, “we”, “us” and “our” refer to Outright Games Limited.

In this Policy we refer to the mobile games we publish as the OG Games.

2. WHAT DOES THIS POLICY COVER?

This policy describes our processing of personal data we obtain about:

– players of the OG Games

– parents or guardians of the players of the OG Games

For the purposes of UK and EU data protection law, we are the ‘controller’ of this personal data (meaning that we decide why and how it is processed).

This policy does not describe our processing of personal data relating to people who visit our website. Our processing in relation to our website visitors is set out in a separate privacy policy available here.

We will only collect and process information about you in accordance with this policy and we will only use information collected about you in accordance with applicable data protection laws.

3.TYPES OF PERSONAL DATA WE PROCESS

Data collected through customer support

We collect personal data about you in connection with your use of our customer support. This means information contained in or relating to any correspondence we receive from you including email address, name, any personal data contained in the content and any metadata associated with the correspondence such as the date and time of sending. We obtain this data when you contact us by email or by in-game support link to receive customer support.

Analytics

We use third party providers to analyse the use of our games e.g. to find out how many players reach certain levels. We do this so that we can improve the games we produce. These third party providers will collect certain information within the games, however such data is not linked to any specific individual and therefore it is not considered personal data (as described by privacy laws).

Player Age

We collect the age of players to determine access to certain features of OG Games. Such data is not linked to any specific individual and therefore it is not considered personal data (as described by privacy laws).

4. WHY WE USE PERSONAL DATA

Core processing purposes

The table below explains what data we collect, why we use it (purposes of processing), and our legal bases for such processing.

Your data
Data collected through customer support (please see section 3 above for a more detailed description).
Why we use it/Purpose
Responding to your queries and in order to improve our services (such as where you notify us of a problem or issue) and keeping records of such queries.
Legal basis
Our legitimate interests in providing good products and services to the players of OG Games.

Other processing purposes

In addition to our core processing purposes set out in the table above, we may also process personal data if and to the extent necessary for the following purposes:

a) Purpose
Establishing, exercising or defending legal claims
Legal basis
Our legitimate interests in defending legal claims brought against us, enforcing claims against others and protecting and asserting our legal rights and the legal rights of you and others

b) Purpose
Obtaining or maintaining insurance coverage, managing risks or obtaining professional advice
Legal basis
Our legitimate interests in protecting our business against risks

c) Purpose
Compliance with a legal obligation such as a statutory or regulatory obligation or an order of a court, government body or regulator
Legal basis
Compliance with a legal obligation

d) Purpose
In order to protect your vital interests or the vital interests of another natural person
Legal basis
Protection of vital interests

5. DISCLOSURE OF YOUR PERSONAL DATA

We may share the personal data described in this notice with the following categories of recipients, where and to the extent necessary for the purposes described in this notice:

Group companies: any member of our corporate group.

Insurers and professional advisers: such as lawyers, accountants and business and marketing consultants, but only if and to the extent necessary for them to carry out the work we engage them to assist us with, for example in relation to a legal claim made against us or obtaining insurance coverage.

Organisations or individuals engaged by us in the course of providing our products and services: such as individual consultants or their personal service companies who provide services to us or assist with providing support services to our end users.

Potential acquirers or investors: if we are involved in a merger, acquisition, or sale of all or a portion of our business or assets, the personal data we hold may be reviewed for the purposes of pre-sale due diligence or included as part of that sale.

Third parties in relation to enforcement: we may also disclose your personal information to third parties in order to enforce or apply the terms of agreements, to investigate potential breaches, or to protect the rights, property or safety of us, our personnel or customers, or others.

App Stores: we may also disclose your personal data, to the extent necessary, to application stores or platforms (such as the Apple AppStore and Google Play Store) as required, for example, in relation to processing refunds or in order to investigate or prevent fraud.

Service providers: We use a number of service providers in connection with our products, services, communications and IT infrastructure, which involves those service providers processing some of the personal data described in this Policy to the extent necessary to provide the relevant services. We currently use the following providers:

1. Provider
Zendesk
Service provided
Cloud-based helpdesk platform that supports businesses covering customer service or technical support.
Type of personal data used
Data collected through customer support.

2. Provider
Email Clients (such as Outlook)
Service provided
Management of emails including receiving and sending emails.
Type of personal data used
Data collected through customer support.

We have contracts with all our service providers to ensure that they treat the personal data they receive in compliance with applicable data protection laws, including that they only process the personal data described in this notice to the extent necessary to provide the services.

There may also be circumstances in which we need to share personal data with other organisations or individuals, such as where disclosure is necessary for the purposes set out in the ‘Other processing purposes’ section above.

In all cases, we will only share personal data with such recipients where and to the extent reasonably necessary for the relevant processing purpose and in accordance with applicable data protection law.

6. DATA RETENTION

We will only hold data about you for as long as necessary, bearing in mind the purpose for which that data was collected, or as otherwise described in this Policy.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

7. SECURITY

We will take commercially reasonable, appropriate technical and organisational measures to ensure a level of security appropriate to the risk that could be encountered via the use of our Games taking into account the likelihood and severity those risks might pose to the rights and freedoms of the players of the Games.

In particular, we will take precautions to protect against the accidental or unlawful destruction, loss or alteration, and unauthorised disclosure of or access to the personal data transmitted, stored or otherwise processed by us.

8. INTERNATIONAL DATA TRANSFERS

Where necessary, there are agreements in place to ensure that personal data is transferred using appropriate safeguards that meet the requirements of data protection laws. Such appropriate safeguards may include standard data protection clauses adopted by a national data protection regulator and/or those approved by the European Commission, such as the European Commission’s standard contractual clauses, or other appropriate measures.

If you would like to find out more about these safeguards or if you have any other queries or comments in relation to this Policy, please let us know by emailing us at privacy@outrightgames.com .

9. CHILDREN

We have designed OG Games for the enjoyment of children of all ages, however we only knowingly collect and use personal data relating to children aged 13 and over. Our customer support services are only available for individuals aged 13 and over. If we become aware that a child aged under 13 has provided us with personal data we will delete such data.

We fully appreciate that children need particular protection when their personal data is collected and processed because they may be less aware of the risks involved. As such we only use their personal data for the limited purposes set out in this Policy.

If a parent or guardian becomes aware that their child has provided us with information without their knowledge or approval, they should contact us at: privacy@outrightgames.com

We will seek to delete such information from our files within a reasonable time.

10. YOUR RIGHTS

You have a number of different rights you might be able exercise against us in relation to personal data about you that we process. These are rights to:

• access your personal data

• obtain rectification or erasure of your personal data

• restrict and/or object to processing of your personal data

• have your personal data ‘ported’ to you or another organisation

• complain to a supervisory authority about our processing of your personal data

• withdraw consent to our processing of your personal data (where you have given consent)

The availability of these rights varies depending on the legal basis that we rely on for processing the relevant personal data. Below we have summarised these rights and explained how you can request to exercise them.

Access: You have the right to confirmation as to whether or not we process your personal data and, where we do, access to the personal data, together with certain additional information. That additional information includes details of the purposes of the processing, the categories of personal data concerned and the recipients of the personal data. Providing that the rights and freedoms of others are not affected, we will supply to you a copy of your personal data. The first copy will be provided free of charge, but additional copies may be subject to a reasonable fee.

Rectification: You have the right to have any inaccurate personal data about you corrected and, taking into account the purposes of the processing, to have any incomplete personal data about you completed. We may need to verify the accuracy of the new data you provide to us.

Erasure: You have the right to the erasure of your personal data without undue delay where the personal data are no longer necessary in relation to the purposes for which we collected or otherwise processed them, you successfully object to our processing, you object to our use of your personal data for direct marketing purposes, we have processed your personal data unlawfully, or an applicable law requires the relevant personal data to be erased. However, there are exclusions to the right to erasure, including where we have overriding legitimate grounds to continue processing the relevant personal data or are required to do so by applicable law or where we need it to establish, exercise or defend a legal claim.

Restriction: You have the right to restrict our processing of your personal data where you contest the accuracy of the personal data, our processing is unlawful, we no longer need the personal data for our purposes but you require it to establish, exercise or defend a legal claim, or you have objected to processing, pending the verification of that objection. Where processing has been restricted on this basis, we may continue to store your personal data. However, we will only otherwise process it to establish, exercise or defend a legal claim, to protect the rights of another natural or legal person or for reasons of important public interest or with your consent.

Object: You have the right to object to our processing of your personal data where we rely on legitimate interests as the legal basis for the processing. If you make such an objection, we will cease to process the personal information unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or the processing is for the establishment, exercise or defence of legal claims.

Object to processing for direct marketing purposes: You have the right to object to our processing of your personal data for direct marketing purposes (including profiling for direct marketing purposes).

Data portability: where our processing of your personal data is based on performance of a contract or consent and is carried out by automated means, you have the right to receive your personal data from us in a structured, commonly used and machine-readable format. However, this right does not apply where it would adversely affect the rights and freedoms of others. This right does not apply to our processing because we do not use consent as the legal basis.

Complain to a supervisory authority: If you consider that our processing of your personal data infringes data protection laws, you have a legal right to lodge a complaint with a supervisory authority responsible for data protection. You may do so in the EU member state of your habitual residence, your place of work or the place of the alleged infringement.

Withdraw consent: where any of our processing is based on your consent, you have the right to withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing before the withdrawal.

How to exercise these rights against us: You can exercise any of your rights in relation to your personal data that require any action by us by emailing your request to privacy@outrightgames.com in addition to any other methods specified in this policy.

How to complain to a supervisory authority: To make a complaint to a supervisory authority, you may contact the supervisory authority of your choice using contact details made available by that supervisory authority. Relevant contact details for the UK supervisory authority, the ICO, can be found here: https://ico.org.uk/concerns/.

11. UPDATING INFORMATION

Please let us know if the personal information that we hold about you needs to be corrected or updated.

12. THIRD PARTIES

We may from time to time provide you with hyperlinks to, and details of, third party websites. In general, we have no control over and are not responsible for, the privacy policies and practices of third parties.

13. CARU COPPA SAFE HARBOR

This privacy policy and the CARU icon shown on our website confirm that Outright Games Limited is a valid licensee and participating member in the CARU COPPA Safe Harbor Program (“CARU Safe Harbor”). To protect your privacy, we have voluntarily undertaken this privacy initiative. CARU has reviewed and certified that we meet established online information collection and use practices on Outright Games Limited online properties where this privacy policy is posted.
As part of the CARU COPPA Safe Harbor, we are subject to audits and frequent monitoring of our websites and/or apps and other enforcement and accountability mechanisms administered independently by CARU.
If you have any questions or concerns, please contact us at privacy@outrightgames.com . If you believe that we have not responded to your inquiry or your inquiry has not been satisfactorily addressed, please contact CARU at:

CARU Safe Harbor
Attn: Director
1676 International Drive #550
McLean, Virginia 22102
InfoCaru@bbbnp.org

14. OUR DETAILS

We are Outright Games Limited, a private limited company incorporated in England and Wales (registered company number 10385931), whose registered office is at Unit 54 Merlin House, Meteor Way, Lee-On-The-Solent, Hants, England, PO13 9FU.

We are registered as a data controller with the UK Information Commissioner’s Office. Our data protection registration number is ZA801480.

For enquiries relating to this notice or our processing of personal data, please contact us:

By mail:
Outright Games Limited
Unit 54 Merlin House , Meteor Way
Lee-On-The-Solent, Hants PO13 9FU
England

By email:
privacy@outrightgames.com

You can also contact us using the web contact form or any of the contact details published on the ‘Contact’ page of our website from time to time.

15. CHANGES TO THIS NOTICE

This Policy was updated on December 2024.

We may make changes to this Policy in the future, which will be posted on this page. You should check this page from time to time to ensure you are aware of any changes.