The use of this website may involve the processing of personal information. Our intention is for the following information to provide you with an overview of these processes so that you can understand them. In order to ensure fair processing, we would also like to inform you about your rights under the European General Data Protection Regulation (GDPR)

The use of the products and services we offer may result in the processing of personal data. The term “personal data” under data protection law refers to all information relating to a specific or identifiable person. An IP address can also be considered personal data. An IP address is assigned to each device connected to the internet by the internet service provider, so that it can send and receive data. When you use the website, we collect data that you provide yourself. In addition, when you use the website, we automatically collect certain information about your use of it.

We process personal data in compliance with the relevant data protection regulations of the GDPR. We will only process data where we are legally permitted to do so. When you use this website, we will process personal data only with your consent (Art. 6 paragraph 1 sentence 1 letter a GDPR), for the performance of a contract to which you are a party, or in order to take steps at your request prior to entering into a contract (Art. 6 paragraph 1 sentence 1 letter b GDPR), for compliance with a legal obligation (Art. 6 paragraph 1 sentence 1 letter c GDPR) or if the processing is necessary for the purposes of our legitimate intere sts or the legitimate interests of a third party, except where such interests are overridden by your interests or fundamental rights and freedoms which require the protection of personal data (Art. 6 paragraph 1 sentence 1 letter f GDPR).

Unless otherwise stated in the following sections, we will store the data only as long as necessary to achieve the purpose of processing or to fulfill our contractual or statutory obligations.

Unless otherwise stated in the following sections, data will be processed on the servers of technical service providers commissioned by us for this purpose. These service providers will only process the data after having received express instructions and they are contractually obliged to guarantee adequate technical and organizational measures for data protection.

Insofar as we refer to integrated services of other providers in this Data Protection Declaration, it can be assumed that personal data will be transmitted to the specified headquarters of these providers. These providers may be based in a so-called third country outside the European Union or the European Economic Area. Further information can be found in the sections describing each service.

How do you get my consent?

When you provide us with personal information to complete a transaction, verify your credit card, place an order, arrange for a delivery or return a purchase, we imply that you consent to our collecting it and using it for that specific reason only.

If we ask for your personal information for a secondary reason, like marketing, we will either ask you directly for your expressed consent, or provide you with an opportunity to say no.

How do I withdraw my consent?

If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at anytime, by contacting us at legal@weret.com or mailing us at:

Weret AB

Geijersgatan 1B Göteborg SE 41134, Sweden

We may disclose your personal information if we are required by law to do so or if you violate our Terms of Service.

We use cookies on our website. Cookies are small text files that are stored by your browser when you visit a website. This identifies the browser used and can be recognized by our web server. Insofar as this use of cookies results in the processing of personal data, the legal basis for this is Art. 6 paragraph 1 sentence 1 letter f GDPR. This manner of processing serves our legitimate interest in making our website more user-friendly, effective and secure.

Most of the cookies we use are known as “session cookies”. They are deleted after the end of you visit. Other cookies (“persistent cookies”) are automatically deleted after a specified period, which may vary depending on the cookie. You can delete cookies at any time in the security settings of your browser. You can object in principle to the use of cookies through your browser settings.

In principle, you can enjoy our games without having to provide personal contact data. If you pay for chargeable activities in our games, your personal data will be collected by the corresponding payment service providers listed.

All payment-relevant data, such as your contact and payment data, are initially collected and processed by the corresponding payment provider. The legal basis for this data processing is Art. 6 paragraph 1 sentence 1 letter b GDPR.

For payments, we collect the geolocation of your IP address, which allows us to determine in which country you are located. The legal basis for this data collection is Art. 6 paragraph 1 sentence 1 letter c GDPR, as the processing is necessary for compliance with a legal obligation. The legal obligation arises from Directive 2006/112/EC (MOSS Directive).

We also receive information from payment providers related to payment fraud prevention. The legal basis for this data collection is Art. 6 paragraph 1 sentence 1 letter f GDPR, as the processing serves the legitimate interests of our company.

Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall. When you purchase something from our store, as part of the buying and selling process, we collect the personal information you give us such as your name, address and email address.

When you browse our store, we also automatically receive your computer’s internet protocol (IP) address in order to provide us with information that helps us learn about your browser and operating system.

Payment:

If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.

All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover.

PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.

For more insight, you may also want to read Shopify’s Terms of Service (https://www.shopify.com/legal/terms) or Privacy Statement (https://www.shopify.com/legal/privacy).

Here is a list of cookies that we use. We’ve listed them here so you that you can choose if you want to opt-out of cookies or not.

_session_id, unique token, sessional, Allows Shopify to store information about your session (referrer, landing page, etc).

_shopify_visit, no data held, Persistent for 30 minutes from the last visit, Used by our website provider’s internal stats tracker to record the number of visits

_shopify_uniq, no data held, expires midnight (relative to the visitor) of the next day, Counts the number of visits to a store by a single customer.

cart, unique token, persistent for 2 weeks, Stores information about the contents of your cart.

_secure_session_id, unique token, sessional

storefront_digest, unique token, indefinite If the shop has a password, this is used to determine if the current visitor has access.

We use the “visitor action pixels” from Facebook Inc (1 Hacker Way, Menlo Park, CA 94025, USA, or, if you are based in the EU, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”)) on our website.

This allows user behavior to be tracked after they have been redirected to the provider’s website by clicking on a Facebook ad. This enables us to measure the effectiveness of Facebook ads for statistical and market research purposes. The data collected in this way is anonymous to us, i.e. we do not see the personal data of individual users. However, this data is stored and processed by Facebook, which is why we are informing you, based on our knowledge of the situation. Facebook may link this information to your Facebook account and also use it for its own promotional purposes, in accordance with Facebook’s Data Usage Policy https://www.facebook.com/about/privacy/. You can allow Facebook and its partners to place ads on and off Facebook. A cookie may also be stored on your computer for these purposes.

The legal basis for the use of this service is Art. 6 paragraph 1 sentence 1 letter f GDPR. You can object to the collection of your data by Facebook pixel, or to the use of your data for the purpose of displaying Facebook ads by contacting the following address: https://www.facebook.com/settings?tab=ads.

Facebook is certified under the Privacy Shield Agreement and thus guarantees compliance with European data protection legislation (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).

When you visit our Facebook Pages, which we use to represent our company or individual products or services, some of your personal data will be processed. The sole controller responsible for the processing of personal data is Facebook Ireland Ltd (4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland, “Facebook”). Further information about the processing of personal data by Facebook can be found at https://www.facebook.com/privacy/explanation.

Processing of Page Insights

Facebook provides us with anonymized statistics and insights for our Facebook page, which help us to understand the types of actions that people take on our Page (so-called “Page Insights”). These Page Insights are created based on specific information about individuals who have visited our Page. This processing of personal data is carried out by Facebook and by us as joint controllers. The processing serves our legitimate interest to evaluate the types of actions being taken on our Page and to improve our Page based on these findings. The legal basis for this processing is Article 6 paragraph 1 letter f GDPR. We are in no case able to assign the information obtained via Page Insights to a specific Facebook profile using the “Like” data for our Page.

We have reached an agreement with Facebook to share joint responsibility for the processing, in which the division of data protection obligations between ourselves and Facebook is set out. Details about the processing of personal data for creating Page Insights and the agreement entered into between ourselves and Facebook can be found at https://www.facebook.com/legal/terms/information_about_page_insights_data.

Processing of data that is provided to us via our Facebook pages

We also process data that you make available to us via our Facebook Pages. Such information might be your Facebook user name, your player name in one of our games, contact details or a communication to us. We only process this personal data if we have previously expressly asked you to share this data with us, for example as part of a survey or a competition. This processing will be done by us as the sole data controller.

If you have communicated data to us because you are taking part in a contest, we will only process this if it is necessary to send you a prize. After delivery of the prize, or if you do not win, your data will be deleted. The legal basis for this processing is Article 6 paragraph 1 letter b GDPR.

Personal data that we have collected through surveys will be processed in anonymized form, to ensure that customers are happy with our offers. This processing serves our legitimate interest of continuously improving our offers, and the legal basis therefor is Article 6 paragraph 1 letter f GDPR.

We use the Google Analytics service from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “Google”) to analyze our website visitors. Google uses cookies. The information generated by the cookie about the use of the online product or service by users is generally transferred to a Google server in the USA and stored there. Google will use this information on our behalf to evaluate the use of our online products and services by users, to compile reports on the activities within these online products and services and to provide us with further services associated with the use of these online products and services and the use of the internet. Pseudonymous user profiles can be created from the processed data.

We use Google Analytics only with IP anonymization enabled. This means that Google will truncate the IP address of users within Member States of the European Union or in other states that are party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there.

The IP address transmitted by the user’s browser is not merged with other Google data. Users can prevent cookies from being stored by adjusting the settings to their browser software accordingly.

The legal basis for the use of this service is Art. 6 paragraph 1 sentence 1 letter f GDPR. Users can prevent the collection of data generated by cookies by downloading and installing the browser plug-in that is available at the following link: http://tools.google.com/dlpage/gaoptout?hl=en.

If you visit our website using a mobile device, you can deactivate Google Analytics by clicking on the following link: Click here.

A transmission of your data to the USA cannot be excluded.

Google is certified under the Privacy Shield Agreement and thus guarantees compliance with European data protection legislation (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

On our website we use the marketing and remarketing services of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “Google”). These services allow us to display advertisements in a more targeted manner in order to present advertisements of interest to users. Through remarketing ads and products are displayed to users relating to an interest established by activity on other websites within the Google Network. For these purposes, a code is used by Google when our website is accessed and what are referred to as (re)marketing tags are incorporated into the website. With their help, an individual cookie, i.e. a small file, is stored on the user’s device (comparable technologies may also be used instead of cookies). Cookies can be set by various domains, including google.com, doubleclick.net, invitemedia.com, admeld.com, googlesyndication.com or googleadservices.com. This file records which apps users have visited, which content they are interested in and which offers have been used. In addition, technical information about the browser and operating system, referring websites, the length of the visit as well as any additional data about the use of the online products and services are stored. The IP address of users is also recorded, although we would like inform you that within the framework of Google Analytics, IP addresses within Member States of the European Union or in other contracting states to the Agreement on the European Economic Area are truncated.

All user data will only be processed as pseudonymous data. Google does not store any names or e-mail addresses. All displayed ads are therefore not displayed specifically for a person, but for the owner of the cookie. This information is collected by Google and transmitted to and stored by servers in the USA.

One of the Google marketing services we use is the online advertising program Google AdWords. In the case of Google AdWords, each AdWords customer receives a different conversion cookie. Cookies can therefore not be tracked through the websites of AdWords customers. The information collected by the cookie is used to generate conversion statistics for AdWords customers who have opted for conversion tracking. AdWords customers see the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, they will not receive any information that personally identifies users.

We may include third-party advertisements based on the Google Marketing Service called DoubleClick. DoubleClick uses cookies to enable Google and its partner websites to place ads based on users’ visits to this website or other websites on the Internet.

Google services make use of Google’s Tag Manager. For more information about Google’s use of data for marketing purposes, please see the summary page: https://www.google.com/policies/technologies/ads, Google’s privacy policy is available at https://www.google.com/policies/privacy.

The legal basis for the use of this service is Art. 6 paragraph 1 sentence 1 letter f GDPR. If you wish to object to interest-based advertising by Google marketing services, you can do so using the settings and opt-out options provided by Google: http://www.google.com/ads/preferences.

A transmission of your data to the USA cannot be excluded.

Google is certified under the Privacy Shield Agreement and thus guarantees its compliance with European data protection legislation (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

We use the developer platform called “Google Firebase” as well as the associated functions and services of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “Google”). Google Firebase is a platform for developing apps for mobile devices and websites. Google Firebase offers a variety of features, which are can be found on the following summary page: https://firebase.google.com/products/

The functions include the storage of apps, including users’ personal data, such as content they have created or information regarding their interaction with the apps. Google Firebase also offers interfaces that allow interaction between the users of the app and other services.

The analysis of user interactions is carried out using the analysis service of Firebase Analytics. This service helps us to record our users’ interactions. Events such as the first time an app is opened, the uninstalling of an app, updates, crashes or the frequency of use of the app are recorded. Certain user interests are also recorded and evaluated.

The information processed by Google Firebase may be used with other Google services, such as Google Analytics and Google marketing services. In this case, only pseudonymous information, such as the Android Advertising ID or the Advertising Identifier for iOS, will be processed to identify users’ mobile devices. Additional information on the use of data for marketing purposes by Google can be found on the summary page: https://www.google.com/policies/technologies/ads, Google’s privacy policy is available at https://www.google.com/policies/privacy.

The legal basis for use is Art. 6 paragraph 1 sentence 1 letter f GDPR. If users wish to object to interest-based advertising through Google marketing services, they can use the settings and opt-out options provided by Google: http://www.google.com/ads/preferences.

A transmission of your data to the USA cannot be excluded.

Google is certified under the Privacy Shield Agreement and thus guarantees compliance with European data protection legislation

(https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

We use the conversion and tracking tool Bing Ads from Microsoft Corporation (One Microsoft Way, Redmond, WA 98052-6399, “Microsoft”) as part of our website. Microsoft stores a cookie on the user’s computer to enable an analysis of the use of our online services. The prerequisite for this is that the user has accessed our website through an ad from Microsoft Bing Ads. This enables Microsoft and us to know that someone has clicked on an ad, has been redirected to our online services and has reached a predetermined target page. We only see the total number of users who clicked on a Bing ad and were then forwarded to the target page (conversions). No IP addresses are stored. No other personal information about the identity of the user will be disclosed.

 

Users can find further information on data protection and the cookies used at Microsoft Bing ads in Microsoft’s data protection declaration: https://privacy.microsoft.com/de-de/privacystatement.

The legal basis for the use of this service is Art. 6 paragraph 1 sentence 1 letter f GDPR. If you do not wish to participate in the Bing Ads tracking process, you can communicate your objection to Microsoft here: http://choice.microsoft.com/de-DE/opt-out.

Microsoft is certified under the Privacy Shield Agreement and thus guarantees compliance with European data protection legislation

(https://www.privacyshield.gov/participant?id=a2zt0000000KzNaAAK&status=Active).

On our website, we use the Conversion Tracking Service of Twitter Inc. (1355 Market Street #900, San Francisco, California 94103, “Twitter”). Twitter stores a cookie on the user’s computer to enable an analysis of the use of our online products and services. Twitter Conversion Tracking tracks the actions of users after they have viewed ads or interacted with ads on Twitter. Twitter’s Conversion Tracking allows you to assign conversions such as link clicks, retweets or “like” data.

The legal basis for the use of this service is Art. 6 paragraph 1 sentence 1 letter f GDPR. If you wish to object to tracking, you can do so using the Digital Advertising Alliance tool at optout.aboutads.info.

Twitter is certified under the Privacy Shield Agreement and thus guarantees its compliance with European data protection legislation: (https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active)

We use the Affiliate Tracking service from Quality Unit, LLC. (3 Germay Dr. Unit 4-1130, Wilmington DE 19804, Germany; “QualityUnit”) to analyse our visitors for affiliate tracking. QualityUnit uses cookies. The information generated by the cookie about the purchase patterns to generate affiliate compensation. 

In the following section, we will inform you about our newsletter as well as other types of business emails and electronic communications and your right to object. By subscribing to our newsletter, you agree to receive it and you agree to the processes described below. The legal basis is your consent pursuant to Art. 6 paragraph 1 sentence 1 letter a GDPR.

To subscribe to our newsletter, use the double opt-in procedure, which serves to confirm your e-mail address. This confirmation is required so that no one can register with an e-mail address that does not belong to them. Subscriptions to the newsletter are logged in order to be able to provide evidence of the registration process in accordance with statutory requirements. This includes the storage of the login itself, the time of confirmation, as well as the IP address. Any changes to your data stored with the service provider that sends the newsletters are also logged. Newsletters are sent with the help of an EU-based external service provider, whom we have engaged to process orders in accordance with statutory requirements.

The newsletters contain cookies that are retrieved by the server of the service provider that sends the newsletter, as soon as the newsletter is opened. Within the scope of this retrieval, technical information, such as information about the browser and your system, as well as your IP address and time of retrieval are initially collected. This information is used for technical improvement or to analyze the target groups and their reading behavior on the basis of their retrieval locations (which can be determined using the IP address) or access times. The statistical data collection also includes determining if and when the newsletters are opened and which links are clicked and when they are clicked. For technical reasons, this information can be assigned to the individual newsletter recipients. These analyses are primarily intended to help us to identify the reading habits of our users and to adapt our content to them or to send different content based on user interests. The legal basis is Art. 6 paragraph 1 sentence 1 letter f GDPR.

You can stop receiving our newsletter at any time in the future just by letting us know that you wish to cancel. You can do so easily by using the link at the bottom of each of our communications or by using our support form. Unfortunately, you cannot request separate cancellations for the service provider that sends the newsletter or for the statistical analysis. If you wish to cancel, you must cancel the entire subscription.

We use the Conversation Tool of Intercom, Inc. Intercom R&D Unlimited Company (55 2nd Street, 4th Floor, San Francisco, California 94105, “Intercom”) . Intercom is certified under the Privacy Shield Agreement and thus guarantees its compliance with European data protection legislation: (https://www.privacyshield.gov/participant?id=a2zt0000000TNQvAAO)

In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.

However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.

For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.

In particular, remember that certain providers may be located in or have facilities that are located a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.

As an example, if you are located in Canada and your transaction is processed by a payment gateway located in the United States, then your personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act.

Once you leave our store’s website or are redirected to a third-party website or application, you are no longer governed by this Privacy Policy or our website’s Terms of Service.

We use Stripe for payment, analytics, and other business services. Stripe collects identifying information about the devices that connect to its services. Stripe uses this information to operate and improve the services it provides to us, including for fraud detection. You can learn more about Stripe and read its privacy policy at https://stripe.com/privacy.

Links

When you click on links on our store, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.

To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.

If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.

By using this site, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use this site.

We reserve the right to modify this privacy policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website. If we make material changes to this policy, we will notify you here that it has been updated, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we use and/or disclose it.

If our store is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.

If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information contact our Privacy Compliance Officer at legal@weret.com or by mail at