metin2:Gizlilik Politikası

Gf logo.png

Dikkat: Orijinal Anlamını kaybetmemesi için, Gizlilik Politika Metini Türkçeye çevirilmemiş, yayımlandığı dilde bırakılmıştır.

Privacy Policy

Purpose and subject matter of this Privacy Policy

We, Gameforge 4D GmbH (‘Gameforge’ or ‘we’), provide client and browser-based online games. On our platforms, which comprise our internet pages, forums, support, newsletter and online games (‘Gameforge services’), we provide information and exchange about our games and their use. This should be as pleasant, fair and trouble-free as possible for all users. In order to ensure this and the long-term success of our services, Gameforge services are continuously improved.

Here it is unavoidable that information about the individual user and their hardware is collected, stored and ultimately used to fulfil different purposes.

The trust of our community is of the utmost importance to us. In this Privacy Policy (‘Privacy Policy’) covering the Gameforge services we wish to provide you with a complete picture of how we use your personal data and what rights you have with regard to this data. This Privacy Policy provides comprehensive information regarding the ways in which we process your data, what we do with your data and the legal basis upon which we do this.

Your rights and our obligations regarding how we deal with your data have a very high priority for us. We only process your data where absolutely necessary, doing so in a secure and responsible manner, with the greatest care and attention to the legal requirements.

  • 1. Details regarding data controller and data protection officer

We want to live up to your trust. You can contact us for any questions, suggestions or complaints you may have regarding the way we handle your data in general, or with regards to this Privacy Policy in particular.

  • 1.1 Data controller

The data controller responsible for processing personal data is Gameforge 4D GmbH, Albert-Nestler-Strasse 8, 76131 Karlsruhe, Germany. We can be contacted for general enquiries regarding data protection at the address provided, by email at info@gameforge.com, through our ticket support system or by fax message at +49 (0)721 354 808 152. Please submit your deletion requests (as per 6.3) at https://support.gameforge.com/ or via email at info@gameforge.com.

  • 1.2 Data protection officer contact details

You may also contact our data protection officer (Dr. Tobias Gräber, LL.M.) in confidence using the contact details provided above, by email at datenschutz@gameforge.com or by fax message at +49 (0)721 354 808 159.

  • 2. General information regarding data we process and how we collect it

In this section we inform you how we collect your data.

  • 2.1 Legal basis for processing data

We ensure from the moment of collecting your data that this is done in a reliable, transparent and appropriate manner. In judging whether we have the right to collect data, and how this data is to be processed, we orientate ourselves on the requirements of applicable law, in particular on the provisions of the EU General Data Protection Regulation (‘GDPR’), the Data Protection Act of the Federal Republic of Germany and other legal provisions relating to the handling of personal data.

  • 2.2 Data automatically collected by us

When using Gameforge services, system and user-related data is collected automatically and without any further action on the part of the user. For example, when you visit a Gameforge web page, the general specifications of your internet browser (e.g. type and version), time of access and the related IP address (an individual address associated with your internet connection at this time), as well as system configuration details (e.g. screen resolution and operating system version) are collected and recorded in server logs. As a rule, this information is not used to identify a specific internet user.

In the same way, when you log into a Gameforge account (e.g. when logging into a user account for our forums, support or one of our online games), corresponding data may be collected automatically. You can find more information about this in sections 3 to 5.

This data is processed for the purposes of safeguarding the company’s legitimate interests (GDPR Article 6(1)(f)) to ensure the secure and smooth operation of Gameforge services, their optimisation, and for the registration, performance or termination of the user agreement with you (GDPR Article 6(1)(b)).

  • 2.3 Data generated by us

In the process of registering a Gameforge account, and during its subsequent use, we generate data at different times and for different reasons.

This includes an individual username. This identification (e.g. account or character IDs) serves the purpose of pseudonymisation and is required for technical reasons, for example for logging into and using a user account or for saving information concerning payment transactions separately. With regards to the data generated by us, this also includes data which may be recorded by our support team or community management for the purposes of carrying out their tasks. Where there is suspicion that there has been a violation of our rules of the game and Standard Terms of Use, this may include checking and documenting the facts of the case and, if necessary, issuing warnings, but potentially also comments in favour of the user concerned, such as special authorisations permitted in individual cases by the respective rules of the game.

This data is processed for the purposes of safeguarding the company’s legitimate interests (GDPR Article 6(1)(f)) to ensure the secure and smooth operation of Gameforge services, their optimisation, and for the registration, performance or termination of the user agreement with you (GDPR Article 6(1)(b)).

  • 2.4 Data provided by you

The majority of the personal data we process is provided directly by our users. Basic information is collected when registering a Gameforge account (generally your email address and chosen pseudonym to identify your user account, your game characters and other game elements). As a rule, we do not collect any specific data such as the user’s name, date of birth or address. In individual cases (e.g. during competitions) such data may be provided by the user.

The data provided by users also includes the content they have written (for example, texts written in a forum or within the game or other messages sent to us by a user).

Generally, the basic versions of online games offered by us can be used free of charge. However, the user has the option to purchase additional content. For such transactions, users therefore provide us with information that is required by us or our payment service providers in order to complete the payment.

This data is processed for the purposes of safeguarding the company’s legitimate interests (GDPR Article 6(1)(f)) to ensure the secure and smooth operation of Gameforge services, their optimisation, and for the registration, performance or termination of a user agreement (GDPR Article 6(1)(b)).

  • 2.5 Data we collect from external sources

In some cases we receive personal data from third parties. This is primarily the case when using a third-party login (for example, when logging into Gameforge services via a Facebook or Steam account). The data thus obtained shall be limited to what is necessary for the login in question. However, the respective third-party provider is responsible for the scope of the transmitted data. We therefore recommend that you read the data protection regulations of the third-party provider carefully before using a corresponding login option.

This data is processed for the purposes of safeguarding the company’s legitimate interests (GDPR Article 6(1)(f)) to ensure the secure and smooth operation of Gameforge services, their optimisation, and for the registration, performance or termination of the user agreement with you (GDPR Article 6(1)(b)).

  • 2.6 Voluntary provision and processing

The provision of personal data and the associated use of Gameforge services are entirely voluntary. The use of Gameforge services, however, may require the provision and processing of certain data for technical or contractual reasons. For the registration of a user account, for example, the provision of a valid email address is essential and in order to complete a payment transaction, the necessary information must be provided.

For this reason, failure to provide the necessary data may mean that we are unable to provide certain services. Equally certain rights may be exercised in individual cases which mean that we are unable to provide our services to the contractually agreed extent. Should this occur, we will inform the person in question of the consequences in each individual case.

  • 3. Special details regarding scope and purpose

In this section we explain comprehensively in which specific cases we process your data.

The data is processed directly by Gameforge within the territory of the Federal Republic of Germany. Should in individual cases personal data be processed by a different body, such as a company associated with us or a service provider, potentially in a third country (outside of the European Union or the European Economic Area), this will always proceed within the legal framework and on the basis of a contract with the respective third party which stipulates compliance with all relevant data protection regulations.

  • 3.1 Advertising on third-party sites and links to our website

Like many other companies, we advertise our services on external websites. A typical example are banner adverts, which are displayed on third-party websites as a graphic advertising one of the online games we offer and linking to the corresponding Gameforge web page via a hyperlink. Our partners do not provide such advertisements free of charge. The success of the advertising campaign is decisive in calculating the partner’s remuneration. In order to determine this, an ID is generated when a user clicks on the advertisement. This ID is then allocated to the user’s account when they subsequently register for a Gameforge account. This enables us to determine the number of new users we have gained through the campaign in question. Finally, the advertising partner receives a complete overview of these registrations from us and issues us an invoice based on these. In some cases, partners also receive remuneration in the event that a customer completes a payment transaction. However, we do not pass on personal information about individual users to our advertising partners.

When surfing external websites, the site operator may also set cookies (see 3.6) or create a device ID or a fingerprint (an individual value calculated from the sum of different characteristics of a user’s system) that enable the respective provider to track the surfing behaviour of its visitors. We therefore recommend that you always read the data protection provisions of a page you visit carefully.

Gameforge has no interest in tracking the external surfing behaviour of its users. However, we have a legitimate interest in finding out from which websites or through which advertising campaigns our customers have found their way to us and which areas of Gameforge’s services are of particular interest to users (see sections 3.5 and 3.7).

This data is processed for the purposes of safeguarding our legitimate interests (GDPR Article 6(1)(f)) in promoting Gameforge services and the evaluation and billing of our advertising campaigns.

  • 3.2 Visiting our web pages without registering

To the greatest possible extent, the Gameforge web pages can be visited anonymously to gain information about our online games. Registering on the website is only necessary if you wish to use functions that require a Gameforge account. For example, participation in our games or forums is only possible once you register and log into your new Gameforge account. Irrespective of this, personal data may be collected and processed by us without registration in the following instances.

  • 3.2.2 Server logs

In using Gameforge services, server logs are created (see 2.2 and 3.13) which log certain connection and usage activities.

For example, page views, times of access, the registration of a user account and the IP address allocated to your internet connection are recorded for the purposes of identifying and preventing cyberattacks or attempted manipulation, as well as for statistical analysis and the improvement of Gameforge services. Where necessary, other technical details such as the MAC address (the network address of your network adapter) or similar identifying features may be recorded.

This data is processed in pursuit of our legitimate interests (GDPR Article 6(1)(f)) to ensure the smooth and secure operation of the Gameforge services as well as their optimisation.

  • 3.2.3 Downloads

We offer various download options on the Gameforge websites and in connection with other Gameforge services. For example, you may download the contents of this Privacy Policy or download client software necessary for using an online game to your hard drive via your browser. Updates for our online games can also be obtained via the client software or the launcher.

For this purpose, a connection is made between your system and our download servers. The time of the download, the file downloaded and your IP address and other hardware specifications may be recorded for technical reasons, and for the purposes of IT security and optimising Gameforge services.

This data is processed for the purposes of safeguarding the company’s legitimate interests (GDPR Article 6(1)(f)) to ensure the secure and smooth operation of Gameforge services, their optimisation, and for the initiation and performance of the user agreement with you (GDPR Article 6(1)(b)).

  • 3.3 Communication with Gameforge

Our community is welcome to contact us for all general questions relating to Gameforge and Gameforge services. We are also happy to answer questions relating to this Privacy Policy and data protection at Gameforge. There are a number of ways you can contact us. Certain personal data will be recorded when using one of these channels.

In processing this data when you contact us, we exercise our legitimate interests (GDPR Article 6(1)(f)) for the purposes of remaining in contact with you, potential contract partners and others who may contact us. In as far as a message aims at the conclusion of a contract between us and the enquiring person, or for clarifying contractual issues, processing this data may serve as the basis for initiating, executing or terminating a corresponding contract (GDPR Article 6(1)(b)). In individual cases this may be necessary to fulfil a legal obligation we are subject to (GDPR Article 6(1)(c)).

  • 3.3.1 Contacting us by email

We receive the sender’s email and IP address and the contents of the message when an email is sent to us.

  • 3.3.2 Contacting us by fax

When contacted by fax, we receive the sender’s fax number, in addition to the contents of the message.

  • 3.3.3 Contacting us by post

You can of course also contact us by post. In this case we receive the contents of the message and the postal address provided by the sender.

  • 3.3.4 Contacting us via our support department

We provide our users support as described in 3.4.4. When using this Gameforge service, the email address, the IP address, the contents of the messages and such data that arises during the general use of Gameforge web pages are collected.

  • 3.3.5 Contacting us via social networks

We also have a presence on social networks such as Facebook and other external platforms. It is generally possible to contact us via the channels provided there (e.g. private messages or wall postings). In so doing we receive the information which is typically visible when using such messages (e.g. the username used on the social network). We recommend that you read the privacy policy and terms of use of the relevant platform before using this contact method.

  • 3.4. Registering and using a Gameforge account

When using Gameforge services, you can create personal user accounts in accordance with our Standard Terms of Use and the relevant rules of the game. Such Gameforge accounts can be registered for individual Gameforge services such as game pages, forums, support or online games. In the future, it may also be possible to create a central Gameforge account for all Gameforge services.

The respective Gameforge services serve different purposes. Depending on the Gameforge service used, different personal data is therefore processed as a result of registering and using a Gameforge account.

  • 3.4.1 Registering and using an account for our game pages and optional payment processes

The purpose of the game pages is first of all to provide information about the corresponding online game.

As a rule, contracts of use are also concluded between you and us and the subsequent use and management of your Gameforge account is made possible. As part of the registration process, we create a Gameforge account for you with the data you provide and the data we generate, such as an account ID, and record the time of registration. At the end of the process you will receive a message from us to the email address you have provided confirming the registration of your Gameforge account. In addition to the summary of your basic information, this message may contain an activation link that you can use to confirm your email address. This confirmation, the IP address assigned to you and the confirmation time will be stored by us for verification purposes.

In this way, we will also send you contract-related notifications such as confirmation of changes to your password or the email address provided, as well as information about changes to your contract status.

When using the game pages, basic information, usage and (when carrying out an optional payment process) billing data are processed. By basic information we mean the registration information of the Gameforge account, such as its pseudonym, the email address provided, the account IDs and, if applicable, character IDs or comparable characteristics, as well as the time of registration and the encrypted password selected by the user. Usage data comprises information that arises in the context of the actual use of a Gameforge service. This includes the IP address, time of use and the Gameforge pages visited. We use this information to identify suspicious logins and to process your requests for support. We also use this data to ensure compliance with our terms of use and, for example, to detect and prevent inadmissible multiple registrations.

Likewise, payment transactions and thus contracts for the paid acquisition of virtual articles and for the arrangement of fee-based memberships can be concluded via the game pages. To confirm your orders and the respective contract, we will send you a corresponding message to the email address you have provided. When carrying out these optional payment transactions, we work with carefully selected payment service providers to offer you a wide range of common and convenient payment methods. When you carry out such a transaction, billing data is generated. This includes, for example, the IP address and the time of a payment transaction, the premium currency and the quantity ordered. The chosen payment method and associated details such as shortened credit card numbers (when paying by credit card) or encrypted telephone numbers (for telecommunications-based payments in connection with a landline or mobile phone) as well as an individual payment ID are also recorded and stored. This data can also be used by us to detect irregularities and to prevent attempts at fraud. In order to complete a payment transaction, it is also necessary for us to transmit the information required to allocate the transaction to the payment service provider. We may in turn receive additional information from the respective payment service providers, which we require and use solely for reasons related to tax law.

This data is processed in pursuit of our legitimate interests (GDPR Article 6(1)(f)) in the provision of our services and the security of Gameforge services. In addition, the processing procedures described serve to initiate, perform and terminate contracts of use or contracts for the paid acquisition of virtual articles and for the arrangement of fee-based memberships (GDPR Article 6(1)(b))

  • 3.4.2 Registering and using an account for our online forums

The online forums can be an integral part of a game site or an independent Gameforge service. Our forums provide you with a discussion platform and enable exchange with other members of our community. Here publicly accessible forum profiles are created, which can be supplemented by voluntary additional information such as profile pictures, information on place of residence, occupation, gender or age.

Furthermore, publicly available discussion posts and private messages to other forum users can be written. We recommend that you handle your data with care. Only share information with other users that you think is necessary. Keep this in mind especially with regard to sharing images or your contact details.

In addition to such content written by the users, a registered forum account may also be included in a publicly available list of members, which enables forum members to contact each other.

When using the online forums, usage data such as the IP address is collected for technical, security and support reasons and individual data such as a user or contribution ID is generated and stored.

This data is processed in pursuit of our legitimate interests (GDPR Article 6(1)(f)) in the provision of our services and the security of Gameforge services. In addition, the processing procedures described serve to initiate, perform and terminate contracts of use (GDPR Article 6(1)(b)).

  • 3.4.3 Registering and using an account for our ticket support system

In addition to ticket support, you can also contact our support team with questions about Gameforge services and receive help in solving technical or game-related problems. Ticket support works similar to the online forums. However, the tickets written by a user and the answers received (content data) can only be viewed by the user and members of the support team, as well as Gameforge employees whose task it is to process such tickets. A Gameforge account is also required to use ticket support. During registration, information about the registration process is collected, such as the time of registration and the IP address assigned to it. In addition to a user and ticket ID, the contents of the tickets are also stored.

This data is processed in pursuit of our legitimate interests (GDPR Article 6(1)(f)) in providing and optimising our services. In addition, these processing procedures serve to fulfil the contract of use (GDPR Article 6(1)(b)).

  • 3.4.4 Registering and using an account for our online games

Our online games are a central component of Gameforge services. In comparison to other Gameforge services, the majority of data is collected, stored and processed through the use of our games. However, only some of this is personal data. It is also possible to use our online games using a pseudonym. In this case therefore, we generally do not know the identity of the users.

In addition to the above-mentioned basic information and usage data, content data is also processed in connection with the online games. This includes chat messages and in-game messages written by users.

Usage data also includes certain non-technical information about individual game scores, such as completed payment transactions and shop actions, the respective game time, number of logins, character level and level upgrades or information about rule violations, which is automatically collected by our system. In contrast, non-personal technical data such as item IDs, map coordinates and similar game-related information, which is categorised as confidential information protected as part of our trade secrets, is also processed automatically.

We use basic information, content and usage data to determine the popularity of game content and game functions such as shop items, to process your support requests, to check compliance with the terms of use and rules of the game and to detect and sanction any potential illegal actions in an appropriate manner. As in all comparable cases, this includes contacting you by email, issuing a warning and restricting certain functions or terminating the relevant user contract in the event of a corresponding violation. In serious cases, we may also use the relevant data to assert or defend legal claims.

In our browser games in particular, special game functions are possible, such as publicly accessible high scores and overviews, which highlight special game performances and make sanctioned rule violations transparent for all users, showing the misconduct that caused the sanction.

This data is processed in pursuit of our legitimate interests (GDPR Article 6(1)(f)) in the provision of our services and the security of Gameforge services. In addition, the processing procedures described serve to perform and terminate contracts of use or contracts for the paid acquisition of virtual articles and for the arrangement of fee-based memberships (GDPR Article 6(1)(b)).

  • 3.4.5 Needs-optimised design of Gameforge services

In order to provide you with a convenient user experience, we can tailor Gameforge services to your needs. For example, we can submit individual offers to you and place associated advertisements, or we can configure the arrangement and graphic design of control elements of Gameforge services in such a way that is optimised for you.

This data is processed in pursuit of our legitimate interests (GDPR Article 6(1)(f)) in the provision of our services in the most agreeable manner for you.

  • 3.5 Coverage analysis, tracking and analysis

As described in 3.1, we have no interest in monitoring the surfing behaviour of our page visitors, nor do we track what you do on the internet after using Gameforge services.

However, we have a justified interest in the optimisation, further development and demand-oriented design of our services and in being able to better assess the benefits of our advertising measures and to remunerate them in accordance with contractual obligations. This includes information regarding how Gameforge services are used and from which external pages users find their way to us. We also want to learn about which pages are viewed, how often, how long the page takes to display in your browser and how much time is spent viewing a page, so that we can identify errors and further improve Gameforge services.

The Gameforge web pages also use a variety of cookies for these purposes, explained in more detail in section 3.6.

This data is processed in pursuit of our legitimate interests (GDPR Article 6(1)(f)) in the optimisation and smooth operation of Gameforge services and fulfilling the contracts with our partners. In order to optimise Gameforge services and especially the online games for a better user experience, we would like to understand how our services are used and whether optimisations and new functions are successfully accepted.

For example, to determine if a new quest is in need of optimisation, we could measure how many users have already accepted this quest and within what time it was completed, or which quest phases took longer to complete. We can also test which item description for shop items leads to greater popularity among users. Similarly, the number of clicks on a link to an information page and the length of time spent on that page can help us determine whether the website in question is necessary or needs to be improved.

As a rule, the relevant information is aggregated so that we can extrapolate results from the collection of individual data points, which in most cases cannot be traced back to individual users.

When information is not aggregated, your data is generally processed in a pseudonymised form. In certain cases, we may display personalised offers, i.e. adapted to the needs of the individual user, based on individual usage behaviour. It is possible, for example, to offer appropriate equipment items to a user who prefers PvP combat or to hide less interesting quests for a user who prefers a particular type of quest.

  • 3.6 Cookies

Gameforge websites make use of cookies and use a cookie manager which offers you additional information about this topic upon accessing a Gameforge website.

When you open Gameforge web pages in your browser, cookies are saved to your system for their respective lifespans. They are not executable applications and do not contain any elements that can cause damage; instead they hold a sequence of characters relevant to their function. Simply put, cookies are small text files in which information in connection to the opened website is saved.

It is through this that certain functions on Gameforge web pages are made possible. Cookies allow your browser to be recognised when revisiting the site, for example. This makes it easier and more secure to log into a Gameforge account, and allows settings you choose, such as the display language or screen size and orientation in a browser game, to be loaded automatically. Cookies enable us to present Gameforge websites to you in a functional and user-friendly format and in a manner that suits your requirements.

Alongside these technically-required and useful functions (necessary cookies and functionality cookies), cookies also enable us to collect and analyse data regarding the use of Gameforge’s sites (analysis cookies). This allows us to see how frequently a Gameforge web page is visited, how often specific page functions are used, or whether and at what stage errors occur (performance cookies).

Cookies are also used to deliver interest-targeted advertisements (advertising cookies). The information associated with Gameforge cookies is generally saved in a pseudonymised form however, which prevents us from linking it directly to an individual user without the enlistment of further information.

In addition to our cookies (first-party cookies), cookies from third-party providers (third-party cookies) may also be set. For more information regarding these cookies, we recommend you read the data protection policies of their respective providers.

Cookies will be automatically removed from your system regularly, once you leave Gameforge websites or if you end your session by logging out (session cookies). Some cookies may, however, remain stored on your system. To prevent this, you can change your browser settings to block all cookies, permit only specific cookies, or delete all stored cookies completely when the browser is closed. If you wish to make use of these settings, please follow the respective directions provided by your browser. Please note, however, that for technical reasons visiting the Gameforge web pages with such settings may make them partially or wholly inoperable, or otherwise limit the service provided.

In as far as personal data is processed by cookies, this activity is carried out in pursuit of our legitimate interests (GDPR Article 6(1)(f)) in offering and optimising our services. With regard to the remaining cookies and the associated processing, this is done on the basis of your consent, which can be revoked at any time free of charge, which can be provided to us or revoked by making a corresponding selection in our cookie manager (GDPR Article 6(1)(a)).

  • 3.7 Online advertising and customer communication

In order to further increase the awareness of our online games and thereby win new customers or win back former users, we carry out various online-based advertising.

This data is processed in pursuit of our legitimate interests (GDPR Article 6(1)(f)) in the advertising of our services.

  • 3.7.1 Advertising on Gameforge websites

We can display advertisements in selected areas of the Gameforge web pages. As described in 3.1, when a user clicks on these ads and then subsequently registers a Gameforge account, an ID is transferred. This enables us to determine the benefits of internal advertisements and optimise our advertising measures.

  • 3.7.2. Email newsletter and recommendations via email

When registering a Gameforge account and concluding a corresponding user agreement, you must provide your email address. We do not only send contract-related messages to this address, but also information about Gameforge, new online games in our portfolio or adjustments to existing Gameforge services at regular intervals. In order to send you a suitable newsletter, we also use information such as the online game you are using and the account name you have chosen. In aggregated form, we record how often our newsletter has been read and which links contained therein have been opened. This information cannot be used to identify individual users.

We only use Gameforge email addresses such as gameforge@news.gameforge.com. For security reasons, always check incoming emails to see whether we have sent the message in question. If you have any concerns or questions, please contact our support department.

If you do not wish to receive such a newsletter, you can object to the use of your email address for these purposes by clicking on a link contained in each of our newsletters. You do not incur any costs for cancelling the newsletter. This does not apply to any amounts invoiced to you by your internet provider. Further information on your right to object can also be found in section 6.5.

The use of your email address for the purpose of sending the newsletter, and sending the email itself, takes place on the basis of Article 6(1)(f) of the GDPR and Section 7(3) of the Act Against Unfair Competition.

Furthermore, Gameforge services can make it easier for you to recommend the respective service by copying a text provided by us to your clipboard which you can customise and paste into the email program of your choice. You can then enter the address of the recipient you have selected and send the message to them. We do not collect your email address or that of the recipient.

  • 3.7.3 External advertisements

We book various advertising media on external websites such as blogs, games, video portals and social networks. These can include, for example, graphic advertisements, advertising texts or videos, which feature a link to a Gameforge page. By clicking this link you will usually be redirected to a landing page, which can be provided by us or a hosting provider. As described under 3.1, the origin of the page view can be determined to evaluate the success of an advertising campaign and its remuneration.

Our ads can be personalised. Following the entry of a Gameforge-related search term or after calling up a Gameforge web page, you may encounter customised advertisements on external internet pages. This is made possible by the use of cookies and the transfer of pseudonymous identifiers, which were previously converted into hash values, to the respective external site operator. We do not receive any information about users’ individual surfing behaviour.

  • 3.8 Conducting surveys

In order to improve our services, we conduct surveys at various intervals. We use survey tools that are implemented on our servers and as a rule allow voluntary participation in an anonymous form. If personal data is to be collected in individual cases, we draw attention to the voluntary nature of the information in question and to the specific intended use by means of additional data protection provisions.

This data is processed in pursuit of our legitimate interests (GDPR Article 6(1)(f)) in providing and optimising our services.

  • 3.9 Competitions

From time to time we organise various forms of free competitions. Depending on the specific form of such a competition, the processing of participants’ personal data is required for the purpose of checking eligibility, selecting the winners and subsequently sending the prizes. Our terms and conditions for participation in the competition therefore contain additional data protection information.

Hosting competitions serves the pursuit of our legitimate interests (GDPR Article 6(1)(f)) in creating ties to our community. In addition, the processing procedures described serve to perform a possible contract with the participants and winners of the respective competition (GDPR Article 6(1)(b)).

  • 3.10 Integration of external services and plug-ins

To extend the scope of functions and optimise user comfort in some areas on the Gameforge web pages, we use third-party services and related plugins, which make the selected functions of these services available.

For example, we integrate single sign-on functions that enable you to log into a Gameforge account via your external user account with the respective third-party provider.

We also integrate plugins that allow you to play our trailers and gameplay videos without having to leave the Gameforge web pages.

By using the corresponding functions you connect to servers of the respective third-party provider. Personal data such as the IP address, the website currently being accessed and the time of use may be transmitted to the third-party provider. We therefore recommend that you read the data protection regulations of the third-party provider carefully before using the respective function.

This data is processed in pursuit of our legitimate interests (GDPR Article 6(1)(f)) in providing our services.

  • 3.11 IT security measures

Guaranteeing the security of Gameforge services at all times is an important matter to us. To this end we use standard hardware and software solutions for monitoring the security status of our systems in order to identify and defend against malicious activity such as DDoS attacks, malware or unauthorised login attempts and other attempted manipulation. In addition to such measures, we also review our server and system logs.

Executing our IT security measures constitutes pursuit of our legitimate interests (GDPR Article 6(1)(f)) for the purposes of ensuring the availability of our services and the security and the effectiveness of protection of Gameforge services.

  • 3.12 Ensuring compliance with the Standard Terms of Use

In order to provide all users with a balanced, fair and proper gaming experience, we prohibit the use of hacks, bots, cheats and similar instruments and any other illegal activities such as insults, harassment and hate speech in our Standard Terms of Use and game rules. We do not tolerate any violations of the law and because such disruptive actions also massively impair the fun of the game and lead to considerable economic damage, we ensure compliance with our Standard Terms of Use and the rules of the game in an appropriate manner.

Ensuring compliance with our Standard Terms of Use and the applicable rules serves the pursuit of our legitimate interests (GDPR Article 6(1)(f)) in the provision of our services and the security of Gameforge services. In addition, the processing procedures described serve to perform and terminate contracts of use (GDPR Article 6(1)(b)).

  • 3.12.1 Supervising the game and monitoring logs

We use manual controls to ensure compliance with our Standard Terms of Use and rules of the game. To this end, employees and members of the support team participate in our online games and online forums and take immediate action against rule violations. In addition, any reported anomalies are checked by viewing the log files and, if necessary, penalised.

  • 3.12.2 Software solutions

As it would be impossible to continuously supervise the numerous different Gameforge services and game servers as defined in 3.12.1 manually, we also use selected software solutions to detect and prevent violations of our Standard Terms of Use and the rules of the game.

Such software solutions serve exclusively for the detection and exclusion of cheats and hacks, irregular multiple logins as well as the detection and suppression of fraud attempts. To this end, we have implemented appropriate server and client-side protection measures.

If an additional application is installed on the user’s system during the installation of client software, we will inform you of this in a transparent manner during the installation process. The installation can be aborted, which means that the relevant security application will not be installed. It is also possible to uninstall the respective application together with the game client at any time. However, for technical and economic reasons the use of the online game protected in this way cannot then be offered. Once it is successfully installed, the application runs together with the online game and checks the game-related processes and the integrity of the game files during runtime. No further search or monitoring of the system takes place. If an attempted rule violation is detected, it can either be logged and later sanctioned or immediately ended. This is connected with the Gameforge account used for the violation being deregistered and blocked according to the rules specified by us and generally leads to the termination of the relevant user contract. This may also include the detection and blocking of connected Gameforge accounts. The related processing of personal data such as the collection of IP addresses, hardware information and gaming activities, as well as account information, is generally carried out by us. If we commission an external service provider for this, it is done in accordance with the legal requirements and with strict respect for your rights. In addition, we point this out to you transparently during the installation of the relevant online game.

We also use server-side software solutions that detect inadmissible logins and fraud attempts on the Gameforge web pages and block them according to rules specified by us. If actions of this kind are detected, this can also lead to the blocking of the Gameforge account used and associated user accounts or to the blocking of certain functions as well as to the termination of the respective user contract. The commission of an external service provider is done in accordance with the legal requirements and with strict respect for your rights.

In addition, affected users are free to contact us at any time concerning a decision taken based on the protective measures. We will carefully examine the relevant details and inform you promptly of a final decision based on the respective facts and will justify this decision in a transparent manner.

  • 3.13 Processing for statistical purposes

In certain areas of Gameforge services we collect data such as the operating system and version, browser and version, IP address and other relevant system data. We use this data for statistical evaluations, in particular for the purpose of adapting Gameforge services to the users’ needs. Where possible, the data is anonymised and aggregated; otherwise the data is pseudonymised. None of this information is disclosed to third parties.

We process this information for statistical purposes in line with our legitimate interests (GDPR Article 6(1)(f)) for the optimisation of our services.

  • 3.14 Improving Gameforge services

In many cases, personal data is processed for the purposes of improving Gameforge services, for identifying and correcting errors, improving security and improving usability.

We do so in pursuit of our legitimate interests (GDPR Article 6(1)(f)) in terms of providing and optimising our services and the security of Gameforge services.

  • 3.15 Safeguarding other legal interests

In individual instances, we may process personal data to serve other legal interests, such as in cooperation with relevant authorities, or the enforcement, establishment or defence of legal claims.

We act here in line with our legal obligations (GDPR Article 6(1)(c)) or in line with our legitimate interests (GDPR Article 6(1)(f)) for the enforcement, establishment or defence of legal claims.

  • 3.16 No change of purpose

In order to ensure that the purposes stipulated in this Privacy Policy can be pursued sustainably, we reserve the right to change the way in which data is processed to conform to legal or company requirements, for example by optimising our data processing activities, or implementing new processes. This will always be done with the greatest attention and under strict adherence to the legal provisions. We do not intend to change these purposes in a way that is not compatible with the specified purposes without your express consent. In order to maintain the maximum transparency we are striving for, we will display and inform you of relevant adjustments in this Privacy Policy.

  • 3.17 Balance of interests

In as far as we process personal data on the legal basis of Article 6(1)(f) of the GDPR, that being in pursuit of our legitimate interests, we firstly determine our interest in processing the data in question. This is then weighed against the expectable interests of the affected persons. This includes taking into consideration the desired purpose, the form of data processing and the associated risks to the rights and freedoms of the affected persons. At the same time we consider whether the technical and organisational measures taken are sufficient to meet the necessary level of protection. We only process data on this basis where this is the case, and the relevant data is limited to that which is indeed required.

  • 4. Forwarding and transferring personal data

As a rule, your data is only processed directly by us within the territory of the Federal Republic of Germany, and always for the purposes listed in this Privacy Policy. This section details how and why personal data may in certain instances be forwarded or transferred.

  • 4.1 Reasons for forwarding and transferring personal data

Your data will only be internally forwarded or externally transferred where necessary in achieving one of the aims outlined in this Privacy Policy. Any data forwarded or transferred is limited to the amount absolutely necessary.

  • 4.2 Internal and external recipients of personal data

As a rule, your data is passed on internally to the department responsible for the respective processing, which is then processed only by the employee(s) responsible. For example, we can forward a complaint received by post to the responsible support employee. Our employees are trained in the field of data protection, are bound by obligations of confidentiality and data privacy, and are committed by company guidelines and instructions to handle your data in accordance with legal requirements and the contents of this Privacy Policy.

For technical, legal or business reasons it may also be necessary in certain cases to pass your data on to third parties. For instance, it may be necessary that we forward your data to a company associated with us as per Section 15 of the German Stock Corporation Act (currently Gameforge AG, reachable at the address provided above) for the purposes set forth in this Privacy Policy. For example, our financial accounting, legal department and group data protection are organisationally affiliated to our parent company (Gameforge AG).

Furthermore, carefully selected service companies make their data centres available to us for sending our newsletter and integrating payment methods. We also work with service providers who enable us to assess the success of an advertising campaign or support us in avoiding fraud attempts and breaches of the rules. Should it be required by law, we also forward data to the relevant authorities to the necessary extent. If we require external advice from third parties, in particular legal advice, for the purposes of enforcing or defending legal claims, we may also transfer the necessary data to these recipients.

Any transfer is performed exclusively for the purposes detailed in this Privacy Policy with the greatest attention and under strict adherence to the legal provisions, in particular the conclusion of an agreement for processing data by contract as per Article 28(3) sentence 1 of the GDPR.

  • 4.3 Recipients in third countries

Before any personal data is transferred, we check thoroughly that all the legal requirements for the transfer in question are met for the particular case. For this reason, we only transfer data to recipients in third countries (see section 3) when this level of protection for personal data is provided in the country and we are convinced that the respective recipient will handle the received data in compliance with the data protection standard laid out this Privacy Policy. An adequate level of data protection can be expected, for example, where the European Commission has made a decision confirming the country in question meets the standards of data adequacy or the transfer is concluded on the basis of the European Commission’s standard contractual clauses.

  • 5. Data retention

In this section, we explain how long we store the personal data we collect.

We do not retain personal data without purpose. The length of time data is retained is primarily linked to the basic purpose and necessity of storing it. Personal data is therefore only stored in as far as it is required for a specific purpose.

When determining the retention period, we first check whether it is necessary to store the relevant data for the entire term of a contract with the persons concerned. This is particularly the case with basic information such as the registered email address. In individual cases, such as in the case of forum posts, storage may also take place in addition to this for information reasons.

If such permanent storage is not required, we will check the minimum storage period specifically required for the purposes specified in this Privacy Policy. Complaints and support requests, as well as usage data that may result in a rule violation, are stored until it is no longer necessary for asserting, enforcing or defending legal claims or for further support cases. Our standard is the regular statute of limitations of three years in accordance with Section 195 of the German Civil Code. If the data need only be saved for technical reasons for a short time (for example, during your current session), this data will only be stored for the period of use and a maximum of 30 days.

Finally, we check whether any legal retention periods apply, particularly in terms of taxation law (Section 147(3) of the Fiscal Code of Germany) or commercial law (Section 257(4) of the German Commercial Code), which may for example require documents to be stored for a period of six to ten years.

If there is no cause to process the data, the data is no longer required for this purpose, and there are no legal requirements to store the data, we delete it.

  • 6. Your rights

In this section we inform you about the rights individuals have in regard to the processing of their data and how these rights can be exercised.

  • 6.1 Right of access

You have the right to demand confirmation from us regarding whether we are processing your data. If this is the case, you also have the right to demand comprehensive information, a free copy of the data and more information from us.

  • 6.2 Right to rectification

Should the data relating to your person be incorrect or incomplete, you have the right to demand that the data be corrected or completed.

  • 6.3 Right to erasure

You have the basic right to demand the immediate deletion of your data. Legal reasons may however stand in the way of this, in particular the requirement to process the relevant data to fulfil the agreement with you or legal data retention requirements. In individual cases your data may also be required for the establishment, exercise or defence of legal claims. In such instances we will process the affected data strictly in accordance with this purpose, followed by immediate deletion as soon as the relevant reasons for retention no longer apply. We will inform you in such instances accordingly.

  • 6.4 Right to restriction of processing

As an alternative to the deletion of your data, you have the basic right to demand restrictions in how we process your data. If you make use of this right, we are essentially restricted to storing the associated data. Processing the data in other ways is only permissible with your consent, or for the purposes of establishing, exercising or defending legal claims, or to protect the rights of other natural persons or legal entities.

  • 6.5 Right to object

On grounds relating to your situation, you have the right to object to the processing of personal data associated with you, in as far as the specific processing is pursuant to our legitimate interests in accordance with Article 6(1)(f) of the GDPR. Should you have and exercise your right to object, we will no longer process the affected data.

In exceptional cases your right to object may not be exercised, where we have a compelling legitimate reason for processing the data which overrides your interests, rights and freedoms, or for the establishment, exercise or defence of legal claims. This exception does not apply, however, when you object to the processing of your data for direct marketing purposes, including marketing-related profiling. You may exercise your right to object to these purposes at any time.

  • 6.6 Withdrawal of consent

If we are processing data on the basis of the consent you have provided, you can withdraw your consent effective for the future at any time. We will cease processing your data upon receiving withdrawal of your consent and until such time as your consent has been granted once more.

  • 6.7 Right to data portability

If we are processing your data with your consent, or for the purposes of justifying, executing or terminating a contract with you, you have the right to receive the data you have made available to us. The data is provided in a structured, accessible and machine-readable format. In exercising this right, you also have the right to request that your personal data be transferred directly to another controller, so far as this is technically feasible.

  • 6.8 Right to appeal

You have the right to appeal to any European supervisory authority, in particular the one in your place of permanent residence, if you believe that your personal data is being processed by us in violation of the legal provisions. You can find contact information at https://edpb.europa.eu/about-edpb/about-edpb/members_en. You may also contact the supervisory authority responsible for us, that being the Baden-Württemberg State Commissioner for Data Protection and Freedom of Information. These contact details can be found at https://www.baden-wuerttemberg.datenschutz.de/.

  • 6.9 Exercising your rights

You are free to contact us in your preferred way to exercise your rights set out here (see section 1 for details). As we do not collect any plaintext data such as your name or address, and we can only establish your identification via the email address you have linked to your Gameforge account, we recommend that when registering for ticket support, you use the email address of your Gameforge account or link this address to your support account. This ensures that your issue can be dealt with quickly and in an uncomplicated manner. Inform the support team of your concern. Alternatively, you can contact our data protection officer in confidence using your email address. For an uncomplicated assignment, please explain the matter to us as precisely as possible in all cases. If possible, please indicate in particular the online game you are using, the language version, the game server and your account name.

  • 7. Data protection information

In handling personal data, we have made appropriate technical and organisational measures to maintain data security and reduce the risks to the rights and freedoms of the affected persons. This includes the fact that we do not collect any real names or addresses and that we maintain the respective Gameforge accounts using pseudonyms. We also limit the personal data collected and stored to the required minimum, and encrypt it where possible. This applies accordingly when providing and transferring personal data when registering and using a Gameforge account. During payment transactions, for example, your data is transferred in an encrypted form using SSL. Our SSL transfer is THAWTE-certified. Finally, all our employees are informed and trained to maintain data confidentiality and privacy obligations.

  • 8. Information on referrals to third-party services (hyperlinks)

In some places, Gameforge services contain links which redirect users to external websites. If you click on such a hyperlink, you will be redirected to services that are beyond our control and influence. The respective provider is solely responsible for these services. The data protection regulations of the relevant provider apply in each case.

  • 9. Version and changes to this Privacy Policy

This Privacy Policy was last updated on 21st September 2022. We reserve the right to change its contents in order to correct mistakes, improve understandability, provide supplemental information, or for legal reasons. In cases where they are adjusted, the principles outlined in this Privacy Policy and the protection of your personal data will be preserved.