MINORS We take it very seriously to protect the safety and privacy of children online and we do not knowingly market to or solicit personal data from children under the age of 16 without obtaining verifiable parental consent.
WHAT PERSONAL DATA DO WE COLLECT FROM YOU?
When you access, connect to, sign up to, participate in, create an account for, make individual purchases within or otherwise use our Services, we may collect personal data about you. The personal data we collect will depend on the circumstances and the Services you are using, but could consist of the following:
Personal data that you actively provide to us • Name, e-mail address, phone number and postal address.
• Gender (in most cases optional)
• Date of birth or social security number.
• Payment or paypal account details.
• User identification, password, secret questions and answers.
• Information requested by us from you when you report a problem with our Services.
• Your correspondence address if you contact us.
• User information that you choose to provide for research purposes (ratings, reviews, response to surveys and other requests).
• Any other information that is provided at the time of registration for the use of our Services, connection to our Services or requesting additional services from us.
User generated personal data • Computer and software information, such as your unique ID, operating system, browser type, connection speed and internet service provider; • Details of your visits to our Services including but not limited to data traffic and other communication data and the resources to which you have access.
We may also collect other information regarding your use of our Services through cookies and other similar technologies. You can find out more about this in our Cookies Policy on our website.
Personal data obtained from third parties We may supplement the information that we collect from you with information that we receive from third parties and through your use of websites, products or services of other companies within our group, Modern Times Group MTG AB (“MTG”). It can also include information from third parties that collect consumer information including demographic and interest data. We may then combine this information with your personal data to help us predict your preferences, to direct marketing offers that might be more relevant to you, and to help us better analyze customer information for business modeling purposes. Lastly, we may obtain credit information about you from outside credit reporting agencies to help us with customer authentication and credit-related decisions.
What happens if you connect your social network to our Services? You can use your social network account, for example your Facebook account, to connect to some parts of our Services, such as when you create an account within our Services. If you choose to do so, we will gather certain information about your social network account for the purposes described under “WHY DO WE COLLECT YOUR PERSONAL DATA”. We will only collect such personal data that is necessary to perform the Services you are requesting by signing in with your social network account.
WHY DO WE COLLECT YOUR PERSONAL DATA?
A) For the sake of our contractual relationship:
• For the provision of our Services to you, including to fulfill your requests, improve your experience of our Services and to administer our contractual relationship with you.
• To ensure that content from our Services is transmitted to you and your device in the most efficient way.
• To personalize your experience of our Services based on your usage e.g. recommending content that may be of interest to you.
• To handle payments for your account.
• To provide order and invoice information to you.
• To communicate with you regarding your subscription, your account or the purchase of our Services.
• To send mobile push recommendations to you of content to which you have subscribed.
• To allow you to use our applications on social media, provided that you select to use them in accordance with your security settings.
• To notify you about changes to our Services.
• To conduct surveys in order to improve your interaction with our Services.
• To provide offers, news, information, products or services that you request from us.
• To carry out analysis on an aggregated level to improve our products and services.
B) For our legitimate purposes:
• To share your information with other entities within the MTG group when it is necessary for administrative purposes or for the provision of our Services to you.
• To use IP-address, device identifiers or other information necessary to block disruptive use or Services, for the reason of protecting our Services or otherwise enforcing or applying our Terms and Conditions.
• To provide information in a merger & acquisition processes, for the reasons of business and strategic management.
• To provide you with offers, news, information, products or services that we believe may be of interest to you, including tailoring advertising so that it relates to your likely interests.
• For analysing and statistical purposes.
• For the establishment, exercise or defense of legal claims
C) For marketing purposes:
• To send you our newsletter, if you have agreed thereto, which may also contain offers, news or information related to our Services and/or other products or services within the MTG group which we believe may be of interest to you. Please note that you can unsubscribe at any time from our newsletter by changing your account preferences on your account page or by clicking the “unsubscribe” link in the newsletter.
D) We may also process your personal data if it is necessary for us to comply with a legal obligation or authority decision.
What legal ground in GDPR is the processing of your personal data based on?
The processing of personal data for the purposes described under:
– point (A) is necessary for the performance and conclusion of our contract with you;
– point (B) is necessary for our legitimate interest of developing, administering, protecting and marketing our Services as well as from a business and strategic management perspective;
– point (C) will only occur if we have received your consent to such processing;
– point (D) is necessary to comply with a legal obligation or authority decision.
Is it mandatory for you to provide your personal data?
Personal data that we request from you and that is marked “mandatory” in anyway, for example by using the * symbol, is required for us to provide our Services (for statutory, contractual, administrative, technical or similar reasons). However, some of the personal data may be required only in the event that you use specific features, turn on optional parts of the Service or request certain resources, offerings, promotions, programs, etc. from us or our partners, as will be further indicated prior to collecting such personal data from you.
WHO MIGHT WE SHARE YOUR PERSONAL DATA WITH?
Partners and advertisers We may share your personal data with our partners and advertisers but only when you have requested it or provided your consent for us to do so. We may also use aggregate information to monitor usage of our Services in order to help us improve and develop our Services, and we may provide such aggregate information to third parties e.g. content partners or advertisers. This aggregate information does not include personal data and cannot be linked to you.
Third parties for security or other legitimate reasons We may also disclose your personal data to third parties, if we reasonably believe that disclosure of such personal data is necessary:
• to comply with valid legal obligations including subpoenas, court orders, governmental requests or search warrants, and as otherwise authorized by law;
• to protect our rights or property, or the safety of our customers or employees;
• to protect against fraudulent, malicious, abusive, unauthorized or unlawful use of or subscription to our Services and to protect our network, Services, devices and users from such use;
• to advance or defend against complaints or legal claims in court, administrative proceedings and elsewhere;
• to determine credit risk, for reporting purposes or to obtain payment for our Services;
• to outside auditors and regulators
Third party suppliers We may use third party suppliers to perform services for us such as to provide the infrastructure and IT services (including but not limited to data storage), process credit and debit card transactions, to provide customer services, collecting debt analysis and improve data and process customer inquiries and perform other statistical analyzes. In the performance of these services the third party suppliers may have access to your personal data but is only authorized to process it strictly on our behalf and in accordance with our instructions.
WHERE DO WE PROCESS YOUR PERSONAL DATA?
HOW LONG DO WE KEEP YOUR PERSONAL DATA?
We will only keep your personal data for as long as we consider necessary for the fulfilment of our purposes, that we have described above under “WHY DO WE PROCESS YOUR PERSONAL DATA”, after which we will securely delete or in some cases anonymise your personal data. We do regular status checks to review when personal data needs to be deleted. However, as we process your personal data for various purposes, the actual period for which the personal data will be stored will depend on the circumstances.
Typically, the following retention periods apply:
– For the personal data related to an employment agreement: 5 years after termination of the employment agreement for data necessary for the Tax Authorities;
– For the personal data for which subjects have given consent: for the period for which they gave their consent, unless consent is withdrawn prelimanary.
HOW DO WE PROTECT YOUR PERSONAL DATA?
Safeguarding your personal data is a priority for us. Any personal data that you provide to us is stored on secure servers and we use rigorous procedures to protect against loss, misuse, unauthorized access, alteration, disclosure, or destruction of your personal data. Any payment transactions will be encrypted by industry-standard technology and be subject to PCI security standards.
Although we work hard to protect your personal data, we cannot guarantee that our safeguards will prevent every unauthorized attempt to access, use or disclose personal data. However, we maintain security and incident response plans in the event of a physical or technical incident to handle this in a timely manner and limit any negative effect of such incident.
HOW CAN YOU ACCESS YOUR PERSONAL DATA?
We understand that you may at times need further information from us regarding your personal data and how it is processed or that you may wish to update or correct the personal data you have provided us with. In light hereof, you have inter alia the following rights:
• Right to access your personal data: you have the right to obtain confirmation from us as to whether or not personal data concerning you are being processed, and, where that is the case, access to the personal data and information. • Right to rectification of personal data: if you find that personal data that we process about you is inaccurate, you have the right to have us correct such personal data.
• Right to erasure of personal data (right to be forgotten): under certain circumstances, such as if your personal data has been unlawfully processed or you have withdrawn your consent (if the processing of your personal data is based on consent), you have the right to request and obtain erasure of your personal data from us.
• Right to restriction of processing: under certain circumstances, such as if you question the accuracy of your personal data or you have objected to our legitimate purpose to process your personal data, you have the right to request that we restrict the processing of your personal data until a solution has been found.
• Right to object to processing: under certain circumstances, such as if you question the our legitimate interest to process your personal data, you have the right to object, on grounds relating to your particular situation, to such processing.
• Right to data portability: if your personal data is processed by automated means based on your consent or for the fulfilment of our contractual relationship, you have the right to request that we provide you with your with personal data on a machinereadable format for transmission to another data controller.
• Right to lodge a complaint with a supervisory authority: you have the right to lodge a complaint regarding our processing of your personal data with your supervisory authority.
If our processing of your personal data is based on your consent, you have the right to withdraw such consent at any time (this will however not affect the processing based on your consent before its withdrawal) by contacting us or by updating the settings in our Services (where applicable).
Please contact us using the contact details provided below to make a request in respect of your rights. We will use commercially reasonable efforts to respond to your request within 30 days of receiving such request. If we cannot honour your request within the 30-day period, we will let you know the reasons why and when we expect to be able to fulfil your request.
The data protection officer in respect of the Services may be contacted by email at firstname.lastname@example.org.