Privacy Policy

Calumma Games GmbH

This Privacy Policy explains the processing of your personal data in the context of the use of our computer games for mobile devices (hereinafter: “Mobile Games”) by you as a private individual (hereinafter: “User”) as well as your rights under the EU General Data Protection Regulation (“GDPR”). The controller (Art. 4 No. 7 GDPR) is Calumma Games GmbH, Friedrichstraße 79, 10117 Berlin, Germany (“we” or “Calumma”).

1. PURPOSES OF PROCESSING

1. Data processing for the provision of the Mobile Games

1. We process so-called access data in order to technically enable the operation of the Mobile Games. The access data includes the IP address, device ID, device type, device-specific settings and app settings as well as app properties, the date and time of access, time zone, the amount of data transferred and the information as to whether the data exchange was complete, app crash, browser type and operating system.
2. No registration is required to play the Mobile Games. In order to display your scores on an ongoing basis, we collect data about game participation, such as player name, level, results, virtual currencies and items.
3. The legal basis for the data processing described in this section 1.1 is Art. 6 (1) b) GDPR. Calumma processes the data listed in order to provide you with the Mobile Games and to fulfill our contractual obligations arising from our Terms of Use. Your data will only be stored to the extent necessary for the provision of the Mobile Games. Insofar as the storage of information in your terminal equipment or access to information that is already stored in the terminal equipment is absolutely necessary for the processing of the data, Section 25 (2) No. 2 of the German Data Protection Act (TTDSG) is the legal basis for this.
4. Please note that when downloading the Mobile Games, the required information may be transmitted to the App Store, including your Username, e-mail address and customer number of your account, time of download, payment information and the individual device identification number. We have no influence on the collection and processing of this data, which is carried out exclusively by the App Store you have selected. Accordingly, we are not the controller for this collection and processing; the App Store is the sole controller for this.

2. Registration via third-party services

In the Mobile Games, you have the option of registering with your account with an external third-party provider (in particular Facebook, Google Play, Apple Game Center, TikTok or Amazon Play Circle). This synchronizes data about your game participation (e.g. player name, levels, results, virtual currencies and items) with other devices. Your account ID is transmitted to us by the external third-party provider of the respective service so that we can link the aforementioned data with your account with the respective service. If you have a public profile picture with the respective third-party provider, we can display this as a player profile picture in the Mobile Games. The legal basis for the aforementioned data processing is your consent (Art. 6 (1) a) GDPR).

3. Newsletter and notifications

You can provide Calumma with your e-mail address or another electronic address in order to be kept up to date about the respective Mobile Game. 

5. With your consent, you can subscribe to our newsletter, which Calumma uses to inform you about interesting offers. The only mandatory information is your e-mail address. Calumma uses a so-called double opt-in procedure to verify your registration and to rule out any possible misuse of your e-mail address: After your registration, Calumma will send an e-mail to the e-mail address provided, in which Calumma asks you to confirm that you wish to receive the newsletter. If you do not confirm your registration within [48 hours], your information will be blocked and automatically deleted after one month. In addition, we store the IP addresses you use and the times of registration and confirmation. After your confirmation, we store your e-mail address for the purpose of sending you the newsletter (legal basis is Art. 6 (1) a) GDPR). You can withdraw your consent to receive the newsletter at any time and unsubscribe from the newsletter. You can declare your revocation by clicking on the link provided in every newsletter e-mail or by sending a message to the contact details given in the imprint.
6. In order to send you push notifications about current events relating to Calumma's Mobile Games (such as updates, scores or new features), we will ask you for your consent at the beginning of use (legal basis is Art. 6 (1) a) GDPR). You can unsubscribe from receiving push notifications at any time and withdraw your consent by unsubscribing from push notifications via your device settings.

4. Use of software developer kits

We have implemented some services using SDKs (software developer kits). Some of the various SDKs process personal data of Users by establishing a direct connection between the end device and the provider of the SDK when they visit the Mobile Games. In particular, we have integrated social media services, which we use to log in or display advertising, via SDKs of the social media services. In doing so, data is transmitted from your end device to the respective provider (e.g. IP address, SDK version, device information). The legal basis is Art. 6 (1) a) GDPR. 

5. Marketing and analytical measures

With your consent (Art. 6 (1) a GDPR), we use various services for marketing and analytical measures. 

7. In-house Analytics-Tool

We use our own analytics tool to collect and evaluate certain User data (e.g. device information, levels, game status, in-app purchases, pop-ups, interactions with advertisements, User ID) in aggregated form and use it to operate and further develop the Mobile Games.

8. Singular

We use Singular as a tracking tool (e.g. IP address, Apple ID for Advertising (IDFA), Google Android ID, Advertising ID for Android (AIFA), geolocation data) to collect data for the purpose of evaluating analytical and marketing measures for the app. Further information can be found in Singular's privacy policy https://www.singular.net/privacy-policy/.

Singular is a service of Singular Labs, Inc, 181 South Park Street, Unit 2, San Francisco, CA 94107, USA. Singular acts as our processor. As data is transferred to the USA, we have concluded the EU standard contractual clauses with Singular for these data transfers.

9. Meta Events Manager

Meta Events Manager is an analytics service provided by Meta Platforms Ireland Limited (Merrion Road, Dublin 4, D04 X2K5, Ireland) (“Meta”). By integrating the Meta Pixel and/or Meta's SDK, we use Meta Events Manager to obtain information about your behavior and interactions when using the Mobile Games and to evaluate it for analytical purposes. Further information can be found in Meta's privacy policy at https://www.facebook.com/privacy/policy.

Meta acts as our processor. As data may be transferred to the USA in exceptional cases, we have concluded the EU standard contractual clauses with Meta for these data transfers. Meta is also certified in accordance with the EU-U.S. Data Privacy Framework.

10. Google Firebase

We use an SDK from Google Firebase to collect data as part of tracking for the purpose of evaluating promotional and marketing measures for the app. The SDK is used to aggregate and analyze events and other app-specific data. Further information can be found in Google's privacy policy at https://policies.google.com/privacy?hl=de.

Google Firebase is a service of Google LLC from the USA. For the European area, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”) is responsible for the Google services. Google acts as our processor. As data may be transferred to the USA in exceptional cases, we have concluded the EU standard contractual clauses with Google. In addition, Google is certified in accordance with the EU-U.S. Data Privacy Framework.

6. Other purposes for which we process your personal data

We process your personal data:

• to fulfill contracts and in the context of existing or new business relationships. Legal basis: Art. 6 (1) b) GDPR.
• to meet our legitimate interests (Art. 6 (1) f) GDPR), including the following:

• Conclusion of corporate transactions (e.g. restructuring, asset deals, merger)
• Protection of our rights or property, enforcement of our terms of use and legal notices, and establishment, exercise and defense of legal claims

• to fulfill our legal obligations, court orders or administrative decisions. The legal basis is Art. 6 (1) c) GDPR.

2. RECIPIENTS OF PERSONAL DATA

In addition to the recipients of personal data mentioned above, we also use other companies that process personal data on our behalf, for example for hosting (in particular Amazon Web Services (AWS) LLC, P.O. Box 81226, Seattle, WA 98108-1226, USA), technical support for Mobile Games, sending newsletters or for analysis and advertising purposes. These service providers only process the data on our behalf as processors (Art. 28 GDPR).

In addition, we transfer personal data to third parties if this is required by law, if this is necessary for the assertion and defense of legal claims or if third parties provide certain services for us (e.g. lawyers, tax consultants).

Insofar as we transfer personal data to third countries outside the European Economic Area (EEA), we ensure an adequate level of data protection to comply with the requirements of European law (this is usually done with the help of EU standard contractual clauses of the European Commission and, if necessary, other appropriate guarantees, e.g. in the case of data transfer to the USA on the basis of the adequacy decision for the EU-U.S. Data Privacy Framework).

3. DURATION OF DATA STORAGE

Unless a specific duration of data storage is specified in this data protection notice, we will only process your data for as long as is necessary for the respective purposes or as long as there are statutory retention obligations (e.g. Section 257 of the German Commercial Code (HGB) or Section 147 of the German Fiscal Code (AO)). Your data will be routinely deleted after the respective processing purpose has ceased to apply and the retention obligations have ended. As a rule, we store your personal data for the duration of the usage or contractual relationship via the Mobile Games.

4. YOUR RIGHTS

You can request access to the personal data stored by us. If you have provided personal data on the basis of a contract or consent, you have the right to receive this data in a standardized and machine-readable format.

To the extent permitted by the GDPR, you may also request the erasure, rectification or restriction of the processing of your data.

You can withdraw your consent at any time without affecting the lawfulness of processing based on your consent before its withdrawal.

You can object to the processing of data processed on the basis of our legitimate interests at any time under the conditions of the GDPR.

5. CONTACT; COMPLAINT TO THE SUPERVISORY AUTHORITY

Please address your questions or concerns regarding the processing of your personal data to

Calumma Games GmbH, privacy@calumma.gg or at Friedrichstraße 79, 10117 Berlin, Germany, for the attention of the data protection officer

If you have any questions or concerns regarding the data processing, you can also contact a supervisory authority. The competent supervisory authority for Calumma is

Berlin Commissioner for Data Protection and Freedom of Information

Alt-Moabit 59-61

10555 Berlin

mailbox@datenschutz-berlin.de