Last updated on March 5, 2022
In our own products and data collection, the Registrar is Kinrate Analytics Ltd, whose data protection officer is CTO Meri-Tuulia Kaarakainen. When we develop and maintain a service for another service provider, the Registrar is our customer, on whose behalf we act as a processor of personal information.
1 PRIVACY BY DESIGN PRINCIPLES
We value privacy. In all our activities, we adhere to the following principles of personal data protection:
- We minimize the processing of personal information; we only collect and process personal information that are necessary and remove the information when the need for processing has ended.
- Only limited personnel of Kinrate Analytics Ltd have access to data containing personal data and we use proper access control in all Kinrate Analytics systems .
- All data transfer takes place over a secure connection.
- We provide our staff with training and information on data protection issues and ensure that data protection requirements are part of the terms and specifications of the services we procure from third parties.
2 PROCESSING OF PERSONAL INFORMATION
2.1 Categories of personal information
The personal information we collect depend on how you interact with our services. Below you find the types of personal data are specified by the nature of the interaction:
- Communication We collect personal information from you, i.e. your email address, company and personal name, when you send us a message through our website.
- Purchase of the service We process your personal information (company, contact person, email, phone number and billing information) when you obtain services from us through our website and subsequent communications.
- Interaction with our free-to-use services When you interact with the free-to-use services offered on our website, such as player type profiling and game recommender, we collect log information from the feeds provided to those services. The data collected in this way is not identifiable as such and is not associated with, for example, an IP address, i.e. it is anonymous to us.
- Surveys If you participate in our surveys, either conducted by us or our client (in which case the client submits the survey responses to us for analysis), we process your personal information; namely age, gender and country. This information is anonymous in nature and we or no one else can identify you from our data.
- Business Development and Strategic Partnerships We may collect and store personal information, such as name, company, email and phone number, in connection with the exploration of potential business and cooperation opportunities.
- Automatic Data Collection We may collect certain information automatically when you use our website and free-to-use services. This information may include your Internet protocol (IP) address, user settings, cookie or other unique identifiers, details about your browser, operating system or device, location information (including inferred location based off of your IP address), Internet service provider, and information about how you interact with and use our services. However, when cookies other than strictly necessary are used in our web service, we will notify you and ask for your permission separately.
- Analytics We may also use service providers to collect and process analytics information on our websites.
2.2 Processing of personal information
We use personal information for following purposes:
Service providing, such as:
- Providing recommendations
- To fulfill contracts and orders
- Answering questions, comments and other requests
- Responding to customer support requests.
- Providing access to certain functions and features of our services
Administrative purposes, such as:
- Enforcing our agreements
- Complying with our legal obligations
- Pursuing legitimate interests, such as authentication and verification, network and information security, anti-fraud and quality assurance
- Tracking interest and commitment to our services and improving our services
- Development of new products and services
Marketing, such as:
- We may use aggregated personal information to customize content and advertisements on our website
- We may target direct marketing via email of our products to registrants who have authorized this
2.3 The legal justification for processing
2.4 Automated decision making
2.5 DATA SOURCES AND RETENTION
The personal data has been received from the customers or obtained in connection with their use of Kinrate Analytics services. Kinrate Analytics also receives survey responses directly or through the customer. These are always stored in the database in anonymous form, which is why they are not considered personal data under data protection law. Personal data may also originate from Kinrate Analytics representatives based on their business interactions with the data subjects.
The personal information is retained for as long as, and for no longer than, necessary to achieve the purposes for which it was collected, such as during a customer relationship or while meeting a communication need. Anonymized survey responses will be retained for the time being.
2.6 DISCLOSURE AND TRANSFER OF DATA
There are no regular disclosures of personal data. Disclosure of personal data can only be made in cases required by law as well as for the collection of our debts.
Kinrate Analytics Ltd does not share personal information in its possession with third parties while providing services. To the extent that our services contain data, the personal information it contains is anonymized or aggregated, and therefore not personal information within the meaning of data protection law.
If we are involved in a merger, acquisition, financial due diligence, reorganization, bankruptcy, corporate reorganization, purchase or sale of assets, or transfer of a service to another service provider, personal information may be sold or transferred as part of such a transaction as permitted by law and / or agreement.
The data held by Kinrate Analytics is located in data centers in Finland and Belgium and personal data is not transferred outside the European Union or the European Economic Area.
3 SUBJECTS’ PRIVACY RIGHTS
According to the European Union’s General Data Protection Regulation (GDPR), data subjects have the right:
- to obtain information on the processing of their personal data;
- of access to their data;
- to rectification of their data;
- to the erasure of their data and to be forgotten;
- to restrict the processing of their data;
- to data portability;
- to object to the processing of their data, and
- not to be subject to a decision based solely on automated processing.
If you would like to use your rights, please contact us as instructed below.
4 SECURITY OF PERSONAL INFORMATION
We are committed to ensuring that your personal information remains secure. To prevent unauthorized access or disclosure, we have put in place appropriate physical, electronic, and administrative procedures to protect and safeguard the information we collect. In addition, we are committed to the principle of privacy by design in all our development and system architecture.
Despite best practices, there is always a risk of security breaches. The GDPR provides that if a personal data breach may cause a risk to the rights and freedoms of natural persons, the supervisory authority must be notified. In the case of such security breaches, Kinrate Analytics will report to the Finnish Office of the Data Protection Ombudsman without undue delay and not later than 72 hours after become aware of the personal data breach. In the event of an illegal security breach, Kinrate Analytics will send a report to its website and through the service if the security breach compromises your privacy or personal information. Kinrate Analytics may also temporarily shut down the service to protect your personal information.
5 PERSONAL INFORMATION ABOUT MINORS
Our services are not directed to minors, and thus we do not knowingly collect personal information from children. If you notice that your child has provided us with personal information without your consent, please contact us as instructed below. Anyhow, minors can use our free-to-use the profiling and recommender services on our websites, which, however, do not collect any identifiable information about their users.
Minors can sometimes be the subjects of our surveys as survey respondents. Even then, however, our survey does not target children under 13 years of age.
7 CONTACT US
For any personal data protection or privacy issues, do not hesitate to contact us: firstname.lastname@example.org.