Calumma Games GmbH
This Privacy Policy explains the processing of your personal data in the context of your use of our computer games for mobile devices (hereinafter: "Mobile Games") as private individuals (hereinafter: "Users") and your rights under the EU General Data Protection Regulation ("GDPR"). The controller responsible for the processing (Art. 4 No. 7 GDPR) is Calumma Games GmbH, Friedrichstraße 79, 10117 Berlin, Germany ("we" or "Calumma").
1.1.1. We process so-called access data to technically enable the operation of the Mobile Games. Access data includes the IP address, device ID, device type, device-specific settings and app settings, as well as app properties, the date and time of access, time zone, the amount of data transferred and the notification of whether the data exchange was complete, app crashes, browser type and operating system.
1.1.2. No registration is required to play the Mobile Games. In order to continuously display your game progress, we collect data on game participation, such as player name, level, results, virtual currencies and items.
1.1.3. The legal basis for the data processing described in this Section 1.1 is Art. 6 (1) b) GDPR. Calumma processes the listed data to provide you with the Mobile Games and to fulfil our contractual obligations arising from our Terms of Use. Your data is stored only insofar as this is necessary for the provision of the Mobile Games. Insofar as the processing of data requires the storage of information on your terminal device or access to information already stored on the terminal device, § 25 (2) No. 2 TTDSG is the legal basis.
1.1.4. Please note that when downloading the Mobile Games, the required information may be transferred to the app store, including username, email address and customer number of your account, time of download, payment information and the individual device identifier. We have no influence on the collection and processing of this data; it is carried out exclusively by the app store you have selected. Accordingly, we are not responsible for this collection and processing; the responsibility lies solely with the app store.
In the Mobile Games you have the opportunity to sign in with your account at an external third-party provider (in particular Facebook, Google Play, Apple Game Center, TikTok or Amazon Play Circle). This synchronizes data about your game participation (e.g. player name, level, results, virtual currencies and items) with other devices. In order for us to link the aforementioned data with your account at the respective service, your account ID is transmitted to us by the external third-party provider of the respective service. If you have a public profile picture with the respective third-party provider, we may display it in the Mobile Games as a player profile picture. The legal basis for the aforementioned data processing is your consent (Art. 6 (1) a) GDPR).
1.3.5. With your consent, you can subscribe to our newsletter, with which Calumma informs you about interesting offers. The only mandatory information is the email address. To verify your registration and exclude possible misuse of your email address, Calumma uses a so-called double opt-in procedure: After your registration, Calumma sends an email to the specified email address asking you to confirm that you wish to receive the newsletter. If you do not confirm your registration within 48 hours, your information will be blocked and automatically deleted after one month. In addition, we store your IP addresses and times of registration and confirmation. After your confirmation, we store your email address for the purpose of sending the newsletter (legal basis is Art. 6 (1) a) GDPR). You can revoke your consent to subscribe to the newsletter at any time and unsubscribe from the newsletter. You can declare the revocation by clicking on the link provided in each newsletter email or by sending a message to the contact details given in the imprint.
1.3.6. In order to send you push notifications about current events regarding the Mobile Games of Calumma (such as updates, game scores or new features), we will ask for your consent at the beginning of use (legal basis is Art. 6 (1) a) GDPR). You can unsubscribe from receiving push notifications at any time and revoke your consent by turning off push notifications in your device settings.
We have implemented some services using SDKs (Software Developer Kits). The various SDKs partially process personal data of users by establishing a direct connection between the device and the SDK provider when visiting the Mobile Games. In particular, we have integrated social media services, which we use for login or to display advertising, via SDKs of the social media services. Data is transmitted from your device to the respective provider (e.g. IP address, SDK version, device information). The legal basis is Art. 6 (1) a) GDPR.
With your consent (Art. 6 (1) a GDPR), we use various services for marketing and analytics purposes.
1.5.7. In-House Analytics Tool
We use our own analytics tool to collect, evaluate and use certain user data (e.g. device information, level, game score, in-app purchases, pop-ups, interactions with advertisements, user ID) in aggregated form for the operation and further development of the Mobile Games.
1.5.8. Singular
We use Singular as a tracking tool (e.g. IP address, Apple ID for Advertising (IDFA), Google Android ID, Advertising ID for Android (AIFA), geolocation data) to collect data for analysis and marketing purposes for the app. Further information can be found in Singular's privacy policy at https://www.singular.net/privacy-policy/.
Singular is a service of Singular Labs, Inc., 181 South Park Street, Unit 2, San Francisco, CA 94107, USA. Singular acts as our data processor. As data is transferred to the USA, we have entered into the EU Standard Contractual Clauses with Singular for these data transfers.
1.5.9. Meta Events Manager
Meta Events Manager is an analytics service of Meta Platforms Ireland Limited (Merrion Road, Dublin 4, D04 X2K5, Ireland) ("Meta"). Through the integration of the Meta Pixel and/or the Meta SDK, we use the Meta Events Manager to gain information about your behaviour and interactions when using the Mobile Games and to evaluate this for analytical purposes. Further information can be found in Meta's privacy policy at https://www.facebook.com/privacy/policy.
Meta acts as our data processor. As data may be transferred to the USA in exceptional cases, we have entered into the EU Standard Contractual Clauses with Meta for these data transfers. In addition, Meta is certified under the EU-U.S. Data Privacy Framework.
1.5.10. Google Firebase
We use a Google Firebase SDK to collect data within the framework of tracking for the evaluation of promotional and marketing measures for the app. The SDK is used to aggregate and analyse events and other app-specific data. Further information can be found in Google's privacy policy at https://policies.google.com/privacy?hl=en.
Google Firebase is a service of Google LLC from the USA. For the European area, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google") is responsible for Google services. Google acts as our data processor. As data may be transferred to the USA in exceptional cases, we have entered into the EU Standard Contractual Clauses with Google. In addition, Google is certified under the EU-U.S. Data Privacy Framework.
We process your personal data:
In addition to the above-mentioned recipients of personal data, we also use other companies that process personal data on our behalf, for example for hosting (in particular Amazon Web Services (AWS) LLC, P.O. Box 81226, Seattle, WA 98108-1226, USA), technical support of the Mobile Games, the sending of newsletters or for analysis and advertising purposes. These service providers process the data only on our behalf as processors (Art. 28 GDPR).
Furthermore, we transmit personal data to third parties if this is required by law, if this is necessary for the assertion and defence of legal claims, or if third parties provide certain services for us (e.g. lawyers, tax advisors).
Insofar as we transfer personal data to third countries outside the European Economic Area (EEA), we ensure an appropriate level of data protection in compliance with European law requirements (this is usually done by means of the EU Standard Contractual Clauses of the European Commission and, where applicable, further appropriate safeguards, e.g. for data transfers to the USA on the basis of the adequacy decision for the EU-U.S. Data Privacy Framework).
Unless a specific duration of data storage is specified in this Privacy Policy, we process your data only for as long as this is necessary for the respective purposes or as long as legal retention obligations (e.g. § 257 HGB or § 147 AO) exist. After the respective processing purpose ceases to apply and after the expiry of the retention obligations, your data is routinely deleted. As a rule, we store your personal data for the duration of the use or contractual relationship regarding the Mobile Games.
You may request information about your stored data. If you have provided personal data on the basis of a contract or consent, you have the right to receive this data in a standardised and machine-readable format.
To the extent permitted by the GDPR, you may also request the deletion, rectification or restriction of the processing of your data.
You may revoke your consent at any time without affecting the lawfulness of the processing that was carried out on the basis of your consent before its revocation.
You may object at any time to the processing of data that is processed on the basis of our legitimate interests, subject to the conditions of the GDPR.
Please direct your questions or concerns regarding the processing of your personal data to:
Calumma Games GmbH, privacy@calumma.gg or at Friedrichstraße 79, 10117 Berlin, Germany, attn. Data Protection Officer
If you have questions and possible concerns regarding data processing, you may also contact a supervisory authority. The competent supervisory authority for Calumma is:
Berliner Beauftragte für Datenschutz und Informationsfreiheit
Alt-Moabit 59-61
10555 Berlin
mailbox@datenschutz-berlin.de