Privacy Policy

Last updated on March 5, 2022

OVERVIEW

This Privacy Policy applies to personal information that Kinrate Analytics Ltd processes in its business, including on our websites, namely in the collection and storage of data, as well as on player profiling service, player insight analysis services, market analysis services, recommender services and data licensing.

In our own products and data collection, the Registrar is Kinrate Analytics Ltd, whose data protection officer is CTO Meri-Tuulia Kaarakainen. When we develop and maintain a service for another service provider, the Registrar is our customer, on whose behalf we act as a processor of personal information.

1 PRIVACY BY DESIGN PRINCIPLES

We value privacy. In all our activities, we adhere to the following principles of personal data protection:

  • We minimize the processing of personal information; we only collect and process personal information that are necessary and remove the information when the need for processing has ended.
  • Only limited personnel of Kinrate Analytics Ltd have access to data containing personal data and we use proper access control in all Kinrate Analytics systems .
  • All data transfer takes place over a secure connection.
  • We provide our staff with training and information on data protection issues and ensure that data protection requirements are part of the terms and specifications of the services we procure from third parties.

2 PROCESSING OF PERSONAL INFORMATION

2.1 Categories of personal information

The personal information we collect depend on how you interact with our services. Below you find the types of personal data are specified by the nature of the interaction:

  1. Communication We collect personal information from you, i.e. your email address, company and personal name, when you send us a message through our website.
  2. Purchase of the service We process your personal information (company, contact person, email, phone number and billing information) when you obtain services from us through our website and subsequent communications.
  3. Interaction with our free-to-use services When you interact with the free-to-use services offered on our website, such as player type profiling and game recommender, we collect log information from the feeds provided to those services. The data collected in this way is not identifiable as such and is not associated with, for example, an IP address, i.e. it is anonymous to us.
  4. Surveys If you participate in our surveys, either conducted by us or our client (in which case the client submits the survey responses to us for analysis), we process your personal information; namely age, gender and country. This information is anonymous in nature and we or no one else can identify you from our data.
  5. Business Development and Strategic Partnerships We may collect and store personal information, such as name, company, email and phone number, in connection with the exploration of potential business and cooperation opportunities.
  6. Automatic Data Collection We may collect certain information automatically when you use our website and free-to-use services. This information may include your Internet protocol (IP) address, user settings, cookie or other unique identifiers, details about your browser, operating system or device, location information (including inferred location based off of  your IP address), Internet service provider,  and information about how you interact with and use our services. However, when cookies other than strictly necessary are used in our web service, we will notify you and ask for your permission separately.
  7. Analytics We may also use service providers to collect and process analytics information on our websites.

2.2 Processing of personal information

We use personal information for following purposes:

Service providing, such as:

  • Providing recommendations
  • To fulfill contracts and orders
  • Answering questions, comments and other requests
  • Responding to customer support requests.
  • Providing access to certain functions and features of our services

Administrative purposes, such as:

  • Communication
  • Enforcing our agreements
  • Complying with our legal obligations
  • Pursuing legitimate interests, such as authentication and verification, network and information security, anti-fraud and quality assurance
  • Tracking interest and commitment to our services and improving our services
  • Development of new products and services

Marketing, such as:

  • We may use aggregated personal information to customize content and advertisements on our website
  • We may target direct marketing via email of our products to registrants who have authorized this

2.3 The legal justification for processing

Most of the processing of personal data is based on the execution of a contract (Article 6(1)(b) of the GDPR), i.e. the fulfillment of an order or other request. The processing of personal data may also be based on the consent of the data subject (Article 6(1)(a)), for example when we receive questionnaire responses from respondents. The processing of personal data may sometimes also be based on the fulfillment of our legal obligation (Article 6(1)(c)) or on the controller’s legitimate interests (Article 6(1)(f)), for example in the case of marketing purposes.

2.4 Automated decision making

Kinrate Analytics Ltd does not use automatic decision-making. However, we use profiling in our websites to determine respondents’ personal player persona as well as providing the user with game recommendations to suit his or her preferences. The user has the opportunity not to use these services at any time.

2.5 DATA SOURCES AND RETENTION

The personal data has been received from the customers or obtained in connection with their use of Kinrate Analytics services. Kinrate Analytics also receives survey responses directly or through the customer. These are always stored in the database in anonymous form, which is why they are not considered personal data under data protection law. Personal data may also originate from Kinrate Analytics representatives based on their business interactions with the data subjects.

The personal information is retained for as long as, and for no longer than, necessary to achieve the purposes for which it was collected, such as during a customer relationship or while meeting a communication need. Anonymized survey responses will be retained for the time being.

2.6 DISCLOSURE AND TRANSFER OF DATA

There are no regular disclosures of personal data. Disclosure of personal data can only be made in cases required by law as well as for the collection of our debts.

Kinrate Analytics Ltd does not share personal information in its possession with third parties while providing services. To the extent that our services contain data, the personal information it contains is anonymized or aggregated, and therefore not personal information within the meaning of data protection law.

If we are involved in a merger, acquisition, financial due diligence, reorganization, bankruptcy, corporate reorganization, purchase or sale of assets, or transfer of a service to another service provider, personal information may be sold or transferred as part of such a transaction as permitted by law and / or agreement.

The data held by Kinrate Analytics is located in data centers in Finland and Belgium and personal data is not transferred outside the European Union or the European Economic Area.

3 SUBJECTS’ PRIVACY RIGHTS

According to the European Union’s General Data Protection Regulation (GDPR), data subjects have the right:

If you would like to use your rights, please contact us as instructed below.

4 SECURITY OF PERSONAL INFORMATION

We are committed to ensuring that your personal information remains secure. To prevent unauthorized access or disclosure, we have put in place appropriate physical, electronic, and administrative procedures to protect and safeguard the information we collect. In addition, we are committed to the principle of privacy by design in all our development and system architecture.

Despite best practices, there is always a risk of security breaches. The GDPR provides that if a personal data breach may cause a risk to the rights and freedoms of natural persons, the supervisory authority must be notified. In the case of such security breaches, Kinrate Analytics will report to the Finnish Office of the Data Protection Ombudsman without undue delay and not later than 72 hours after become aware of the personal data breach. In the event of an illegal security breach, Kinrate Analytics will send a report to its website and through the service if the security breach compromises your privacy or personal information. Kinrate Analytics may also temporarily shut down the service to protect your personal information.

5 PERSONAL INFORMATION ABOUT MINORS

Our services are not directed to minors, and thus we do not knowingly collect personal information from children. If you notice that your child has provided us with personal information without your consent, please contact us as instructed below. Anyhow, minors can use our free-to-use the profiling and recommender services on our websites, which, however, do not collect any identifiable information about their users.

Minors can sometimes be the subjects of our surveys as survey respondents. Even then, however, our survey does not target children under 13 years of age.

6 CHANGES TO OUR PRIVACY POLICY

We periodically review this Privacy Policy to keep it up to date. If significant changes are made to this Privacy Policy, we will notify data subjects as required by applicable law.

7 CONTACT US

For any personal data protection or privacy issues, do not hesitate to contact us: info@kinrateanalytics.com.