For the purpose of any applicable data protection and privacy legislation, the data controller is 1939 Games ehf. of Hólmaslóð 8, 101 Reykjavik, Iceland.
We collect personal data from the users of our Services. What personal data is collected about you depends on your use of our Services.
When you use our Sites, we gather information about your computer, including the following information:
We also collect information regarding customer traffic patterns and Site usage, which may be stored with an IP address, including details of:
Account and purchasing
When you create an account or otherwise purchase Services from 1939 or our business partners, you are required to submit the following information:
If you do not provide this data, we may not be able to provide you with the requested products or services. We may also ask you for information when you enter a competition or promotion sponsored by us, or our business partners, or when you report a problem with our Services.
When using a Game, we collect the following personal data relating to your player account:
We also collect your gameplay information, meaning any information relating to your play or use of a Game, including your:
We may monitor your Game hardware solely for the purpose of establishing whether in playing the Game you are using software created or approved by 1939, or whether you are using unauthorized software created by you or a third party in contravention of the applicable Terms of Service, including your:
As a general rule we collect personal data directly from you or indirectly, such as from your activity on our Sites and Games. We may however collect information about you from third parties through Web Analytics.
To contact you
We may use your personal data to contact you. For example, we may send you e-mail messages under the following circumstances:
It may be necessary for us to contact you for the performance of our Service, but also for the purposes of our legitimate interests of maintaining our business relationship.
To provide services
When you create an account or otherwise purchase Services from 1939 we use the personal data provided to verify your identity and age and to provide services and carry out our obligations arising from any contract between you and 1939. The same applies to the personal data provided in relation to your player account.
The processing of players’ gameplay information is necessary for us to perform our contract with players of the respective Games. The information may also be necessary for maintaining, operating, administrating and supporting our Services, for example through Customer Support and Quality Assurance.
Moreover, the processing of gameplay information furthers 1939’s legitimate interests of reviewing, researching and developing our Services.
The monitoring of your Game hardware furthers 1939’s legitimate interest of monitoring whether you are using unauthorized software in contravention of the applicable Terms of Service.
For marketing purposes
We may use your personal data for marketing purposes, based on our legitimate interest. For example, we may use your e-mail address to send you messages about new offerings and features of 1939 and to market and offer 1939’s products and services which we think you might be interested in.
We may also ask for your consent to send you marketing for the products and services of our business partners. When the collection and processing of your personal data is based on your consent, you can always withdraw the consent. All communications relating to such withdrawal shall be directed to our Data Protection Team.
1939 may disclose your personal data to third party contractors, consultants and suppliers in relation to their work for us. Personal data may for example be disclosed to external parties which provide us with IT services. We may also transfer your contact data to third party social media platforms, who provide us with marketing services.
1939 may disclose your personal data to law enforcement or other government officials, as 1939, in its sole discretion, deems necessary or appropriate to investigate or resolve possible crimes or to respond to judicial, regulatory, agency or similar inquiries. Disclosure may also be necessary in emergency situations and to ensure the rights and safety of customers, 1939 staff or third parties.
If the ownership or control of all or part of our Services changes, we may transfer your personal data to the new owner.
We may collect aggregated demographic information about our users, such as age, interests, etc. We may share certain aggregated demographic information with our business partners regarding the users of the Services. The aggregated information that we provide is not directly linked to you or any other identifiable person.
Our contractors, consultants and suppliers may also be located outside the EEA.
However, we only transfer your personal data to countries outside the EEA if such transfer is permitted under the applicable privacy legislation.
Except as otherwise permitted or required by applicable law or regulatory requirements, we are committed to retaining your personal data only for as long as it is necessary to fulfill the purposes for which the personal data was collected.
We will however delete all data that is no longer necessary after a reasonable period. We will also delete your data upon your request. We may keep your information for longer for research or statistical purposes. If we do, we will make sure your information is anonymised and non-traceable to you as a person. We will also keep it for longer if we may not delete it for legal or regulatory reasons.
We take precautions to protect your personal data from loss, unauthorized access, copying, use, modification or disclosure.
1939’s security measures include industry-standard technology and equipment to help protect your personal data, and we maintain security measures to allow only the appropriate personnel and third parties access to your personal data.
Where we have given you (or where you have chosen) a password that enables you use/access the Services, you are solely responsible for keeping this password confidential. We ask that you not share your password with anyone.
1939 is committed to ensuring your rights under the European Data Protection Legislation.
You can view and rectify some elements of your personal data on your online account system, or request that our Data Protection Team rectify your data.
You have the right to access the personal data 1939 has collected about you and to be informed about the purpose of its collection. You may also be entitled to a copy of the personal data undergoing processing. Furthermore, you may under certain circumstances and where technically feasible, have the right to request us to transfer your personal data to a third party.
You may also have the right to request us to restrict the processing of your personal data, for example if you object to its processing, but prefer the data not to be erased.
If the processing of your personal data is based on 1939 legitimate interests, you have the right to object to the processing, following which we must stop the processing unless we demonstrate a compelling legitimate ground for the processing which override your interests.
In certain instances, you have the right to have your personal data erased, such as where the data is no longer necessary in relation to the purpose for which they were collected or otherwise processed, or if you withdraw your consent.
Your rights to access, erasure, restriction and portability of data are however not absolute. In those instances where we cannot accept your request, we will inform you of the reasons why, subject to any legal or regulatory restrictions.
Please refer all requests concerning your rights to our Data Protection Team, contactable via firstname.lastname@example.org.
The Sites may contain links to other websites. We are not responsible for and shall not have any liability arising from the privacy practices or the content of other websites.
If you are unsatisfied with our response, you are entitled to make a written submission to the respective data protection authorities, including the Icelandic Data Protection Authority (www.personuvernd.is).