| 1. INTRODUCTION | |||||
|---|---|---|---|---|---|
| Who are we? | We are Aonic AB (Publ), a public limited liability company incorporated in Sweden with its registered office at Västra Trädgårdsgatan 15 111 53 Stockholm, Sweden and registration number 559335-7527 (“Megabit”, “we” or “us”), and we are a video games publisher. Where we decide the means or purpose of processing your personal data, we are the data controller. | ||||
| What’s this notice about? | This notice explains how we process your personal data as a data controller when We update this notice from time to time so please check back in. Other apps and websites provided by third parties but linked to within our Services will | ||||
| How do you contact us? (if you have questions about this notice or to exercise your rights) | Write to us at: dataprotection@megabit-publishing.com If we can’t resolve your issue, and you:
| ||||
| What are your rights? | You have the following rights, although these rights may be limited in some circumstances:
If we rely on consent to process data, or send direct marketing, you can withdraw consent by email to the address above. You may enjoy additional rights depending on where you are based. For reference, you are based in:
| ||||
| What information do we not knowingly collect or process? | We do not knowingly collect or otherwise process “special category data”, or data from children under 18 years of age. By using the Services, you represent that you are at least 18 or that you are the parent or guardian of such a minor and consent to such minor dependent’s use of the Services. | ||||
| 2. YOUR PERSONAL DATA AND HOW WE USE IT | |||||
Your data | How we use it | Sources and recipients | Retention Rules | ||
Enquiry Data
| We process this information to respond to your support requests, your requests to “Publish With Us”, your requests to obtain game keys, and other enquiries. Legal basis We use this data to pursue our legitimate interests, including: (a) our interest in responding to enquiries to ensure smooth operation of our business and Services; (b) review the pitch you submit to us in order to evaluate it, and decide whether to progress the conversation with you in relation to the publishing of your proposed game; (c) review your request to decide whether to provide with a game key; and (d) to understand our customers and improve our Services, by taking on-board your feedback. More information You are under no obligation to provide us with this information, but if you do not, we may not be able to respond to your enquiry or support request. | Sources We collect this data directly from you. Recipients We use Craft CMS in order to receive, log and respond to your enquiries. | We hold this Enquiry Data for as long as necessary for the purposes described in this section, and until it is no longer useful. | ||
Analytics & Security
Where you access the Service using a mobile device, in addition to the above:
| We may use software to collect usage data to understand from where and how people use and interact with our Services, to help improve and maintain our Services, and Legal basis We process this data if you have given your consent. We may also use session and user ID cookies as described further in section 3 ‘Cookie, Analytics and Similar Technologies’ of this policy, in pursuit of our (and your) legitimate interests in ensuring our Services and your data are secure. | Sources We collect this data using tracking technologies. For more information on how we use tracking technologies to collect this data, please see section 3 ‘Cookie, Analytics and Similar Technologies’ below. Recipients We use Google Analytics and Meta Pixel to collect usage data and provide us with analytics. | We hold this Usage Data for 26 months from the day in which it is collected. | ||
Newsletter Data
| We process this information to send you updates on our Services and business if you are subscribed to the Megabit newsletter. Legal basis We process this data if you have given your consent. | Sources We collect this information when you subscribe to the Megabit newsletter through third party services, such as Mailchimp. Recipients Newsletter platforms, such as Mailchimp. | We hold this Newsletter Data for as long as necessary for the purposes described in this section, or until the day in which you unsubscribe from the Megabit newsletter. | ||
| Where explicit retention periods are not described above, we hold data for as long as necessary bearing in mind the purpose for which it was collected. To determine the appropriate period, we consider the amount, nature, and sensitivity of the data, the potential risk of unauthorised access, and legal requirements. | |||||
| 3. COOKIES, ANALYTICS AND SIMILAR TECHNOLOGIES | |||||
Cookies, pixels and other technologies store and access data on your device to help websites and apps work. This table explains their purpose, how long they last, and who else can access their data. We get your consent to use them unless they’re essential for our sites, apps or services. Settings to disable certain similar technologies: Windows Advertising ID | iOS and Mac OS Ad Tracking | Google Analytics | Your Ad Choices. | |||||
Cookie/Similar Technology | Duration | Purpose | Access | ||
| reCAPTCHA (rc::a) | Persistent Cookie | Bot detection provided by Google. | |||
| __cf_bm | 30 minutes | Bot detection provided by Cloudflare. | Cloudflare | ||
| _ga_# | 2 years | Used to distinguish individual users by means of designation of a randomly generated number as client identifier, which allows calculation of visits and sessions. | |||
| _ga | 2 years | Measure and analyse activity on the Services, including how users interact with the Services. | |||
| aka_debug | 1 session | Used to for video functionality on the website and collects statistical information including how many times the video is displayed and what playback’s settings. | Vimeo.com | ||
| __cf_bm | 30 minutes | Used for mitigating risk associated with spam and bot traffic | Vimeo.com | ||
| CraftSessionId | Session Cookie | Used for web functionality, including to maintaining user sessions, store authentication information, among others. | Craft CMS | ||
| CRAFT_CSRF_TOKEN | Session Cookie | Used to prevent cross-site request forgery attacks. | Craft CMS | ||
| _cfuvid | 30 minutes from the last activity by user | Used to distinguish individual users behind shared IP addresses, to prevent accidental sharing of information. | Cloudflare | ||
| _fbp, Meta Pixel | 180 days | Used to collect usage data, to provide analytics for marketing and advertising purposes. | Meta | ||
| 4. TRANSFERS AND DISCLOSURE | |||||
| Transfers | Where we use data processors outside the UK and European Economic Area, and (or otherwise) transfer personal data to a country which does not provide an adequate level of protection, we use contracts approved by the European Commission or UK authorities which give personal data the same protection it has in Europe / the UK. For more information drop us a line using the contact details at the start of this notice. | ||||
| Disclosure | Other than as set out above, we may disclose your personal data:
| ||||
| 5. IF YOU ARE BASED IN CANADA | |||||
If you are based in Canada, the following section applies to you: We may process your information if you have given us specific permission (i.e., express consent) to use your personal information for a specific purpose, or in situations where your permission can be inferred (i.e., implied consent). You can withdraw your consent at any time by writing to us at: dataprotection@megabit-publishing.com. In some exceptional cases, we may be legally permitted under applicable law to process your information without your consent, including, for example:
| |||||
| 6. IF YOU ARE A RESIDENT OF CALIFORNIA, US (CCPA) | |||||
A. What categories of personal information do we collect? We have collected the following categories of personal information in the past twelve (12) months: | |||||
| Category | Examples | Collected | |||
| Identifiers | Contact details, such as real name, alias, postal address, telephone or mobile contact number, unique personal identifier, online identifier, Internet Protocol address, email address, and account name. | YES | |||
| Personal information defined in the California Customer Records statute | Name, contact information, education, employment, employment history, and financial information. | YES | |||
| Protected classification characteristics under state or federal law | Gender and date of birth. | NO | |||
| Commercial information | Transaction information, purchase history, financial details, and payment information. | NO | |||
| Biometric Information | Fingerprints and voiceprints. | NO | |||
| Internet or other similar network activity | Browsing history, search history, online behaviour, interest data, and interactions with our and other websites, applications, systems, and advertisements. | YES | |||
| Geolocation Data | Device Location. | YES | |||
| Audio, electronic, visual, thermal, olfactory, or similar information | Images and audio, video, or call recordings created in connection with our business activities. | NO | |||
| Professional or employment-related information | Business contact details in order to provide you our Services at a business level or job title, work history, and professional qualifications if you apply for a job with us. | NO | |||
| Education Information | Student records and directory information. | NO | |||
| Inferences drawn from collected personal information | Inferences drawn from any of the collected personal information listed above to create a profile or summary about, for example, an individual’s preferences and characteristics. | NO | |||
| Sensitive personal information | NO | ||||
Please note that we may also collect other personal information outside of these categories through instances where you interact with us in person, online, or by phone or mail in the context of providing our Services (for example, personal information you include in the enquiries you submit to us). B. How do we use and share your personal information? Will your information be shared with anyone else? For more information on what personal information we collect, where we collect it from, how we use it and the business purpose for any such use, the retention periods that apply, and who we share your personal information with, please refer to section 4 and to section 2 of this notice as set out above (including the section titled “YOUR PERSONAL DATA AND HOW WE USE IT”). C. Will your information be shared with anyone else? We may use your personal information for our own business purposes, such as for undertaking internal research for technological development and demonstration. This is not considered to be "selling" of your personal information. We have not disclosed, sold, or shared any personal information to third parties for a business or commercial purpose in the preceding twelve (12) months. We will not sell or share personal information in the future belonging to website visitors, users, and other consumers. | |||||
| California Civil Code Section 1798.83 & Under Minors | |||||
California Civil Code Section 1798.83, also known as the "Shine The Light" law permits our users who are California residents to request and obtain from us, once a year and free of charge, information about categories of personal information (if any) we disclosed to third parties for direct marketing purposes and the names and addresses of all third parties with which we shared personal information in the immediately preceding calendar year. If you are a California resident and would like to make such a request, please submit your request inwriting to us using the contact information provided below. If you are under 18 years of age, reside in California, and have a registered account with the Services, you have the right to request removal of unwanted data that you publicly post on the Services. To request removal of such data, please contact us using the contact information provided below and include the email address associated with your account and a statement that you reside in California. We will make sure the data is not publicly displayed on the Services, but please be aware that the data may not be completely or comprehensively removed from all our systems (e.g., backups, etc.). | |||||
| CCPA Privacy Notice | |||||
This section applies only to California residents. Under the California Consumer Privacy Act (CCPA), you have the rights listed below. The California Code of Regulations defines a “resident” as:
All other individuals are defined as "non-residents." If this definition of "resident" applies to you, we must adhere to certain rights and obligations regarding your personal information. Your rights with respect to your personal data A. Right to request deletion of the data — Request to delete You can ask for the deletion of your personal information. If you ask us to delete your personal information, we will respect your request and delete your personal information, subject to certain exceptions provided by law, such as (but not limited to) the exercise by another consumer of his or her right to free speech, our compliance requirements resulting from a legal obligation, or any processing that may be required to protect against illegal activities. B. Right to be informed — Request to know Depending on the circumstances, you have a right to know:
In accordance with applicable law, we are not obligated to provide or delete consumer information that is de-identified in response toa consumer request or to re-identify individual data to verify a consumer request. C. Right to Non-Discrimination for the Exercise of a Consumer’s Privacy Rights We will not discriminate against you if you exercise your privacy rights. D. Right to Limit Use and Disclosure of Sensitive Personal Information We do not process consumer's sensitive personal information. Verification process Upon receiving your request, we will need to verify your identity to determine you are the same person about whom we have the information in our system. These verification efforts require us to ask you to provide information so that we can match it with information you have previously provided us. For instance, depending on the type of request you submit, we may ask you to provide certain information so that we can match the information you provide with the information we already have on file, or we may contact you through a communication method (e.g., phone or email) that you have previously provided to us. We may also use other verification methods as the circumstances dictate. We will only use personal information provided in your request to verify your identity or authority to make the request. To the extent possible, we will avoid requesting additional information from you for the purposes of verification. However, if we cannot verify your identity from the informational ready maintained by us, we may request that you provide additional information for the purposes of verifying your identity and for security or fraud-prevention purposes. We will delete such additionally provided information as soon as we finish verifying you. Other privacy rights
To exercise these rights, you can contact us by email at dataprotection@megabit-publishing.com, or by referring to the contact details at the bottom of this document. If you have a complaint about how we handle your data, we would like to hear from you. | |||||