| Language: |
Data privacy statement of astragon Entertainment GmbH
I. General information
Welcome! Thank you for your interest in our game. We are astragon Entertainment GmbH, Am Wehrhahn. 33, D-40211 Düsseldorf. You can contact us at: info@astragon.de
Our aim
Protecting your privacy is paramount to us. Therefore, compliance with the legal provisions on data protection is fundamental for us. In addition, it is important to us that you know at all times which personal data we collect and why and how we process it. We will also be happy to explain to you what rights you have and how you can exercise them.
What is personal data?
To put it briefly, anything whereby you, as an individual, can be identified, whether due to the information itself or in connection with other information. Examples of this include your name, e-mail address, or also a customer ID, but even the point in time at which you visit our website if that is saved together with your IP address. We constantly endeavour to gather as little personal data as possible. Simultaneously, we are informing you in this document, in depth, on your personal data, if we gather any.
Why is this document so long?
The legislative authority requires us to describe the following to you in regard to all personal data individually:
which personal data we gather (= type of data collected)
which law or ordinance or regulation permits us to do so (= the legal basis)
why we gather said data (= the intended use)
what exactly happens to your data (= type of processing)
how long we save your personal data
what rights you have in regard to your personal data (= the rights of data subjects)
We need to list all the steps individually. This is why this document is very extensive.
1. Controller and Corporate Data Protection Officer
Responsible within the meaning of the EU General Data Protection Regulation (GDPR) are we, the company
astragon Entertainment GmbH
Am Wehrhahn. 33, D-40211 Düsseldorf
info@astragon.de
If you have any questions regarding data protection please contact our Corporate Data Protection Officer. Our Corporate Data Protection Officer is
Helena Kühn
datenschutz@astragon.de
2. Legal basis
We gather and process personal data based on the most up-to-date European law. You will find the entire legal basis specified below in the General Data Protection Regulation (GDPR). Depending upon the purpose for gathering the data, one or more of the legal bases below will apply:
Consent pursuant to Art. 6(1)(a) General Data Protection Regulation (GDPR).
Consent is a declaration of intent. This can be given in writing in the form of a statement, or also by way of any other clearly affirmative action. In whatever way the consent is given, it needs to be given voluntarily, apply to a specific case, and unmistakably express that the data subject is in agreement with the processing of the personal data concerned. For that purpose, the data subject needs to be adequately informed and understand the consent.
The necessity of fulfilling the contract or taking preparatory measures pursuant to Art. 6(1)(b) GDPR
This means: The data is necessary so that we can fulfil the contractual obligations towards you or we need the data to prepare for concluding an agreement with you.
Processing to fulfil legal obligations pursuant to Art. 6(1)(c) GDPR
This means: The processing of the data is, for example, mandatory for us based on a law or other regulation.
Processing in order to preserve legitimate interests pursuant to Art. 6(1)(f) GDPR
This means: The processing of the data is necessary in order to, on the one hand, preserve legitimate interests on our part or on the part of a third party, as long as your interests or basic rights and basic freedoms, which make the protection of personal data necessary, do not outweigh the latter.
We store and access information in your end device based on the following legal bases:
Consent pursuant to Section 25(1) of the Telecommunications and Digital Services Data Protection Act (TDDDG).
Absolute necessity according to Section 25 (2) no. 2 TDDDG, so that we can provide a telemedia service expressly requested by you.
3. Rights of data subjects
As far as your personal data is concerned, you are the data subject. You have the following rights in regard to the processing of data by us in the scope in accordance with the respective article of the General Data Protection Regulation cited:
The right to information pursuant to Art. 15 GDPR
The right to correction pursuant to Art. 16 GDPR
The right to deletion (“Right to be forgotten”) pursuant to Art. 17 GDPR
The right to limit the processing pursuant to Art. 18 GDPR
The right to data portability pursuant to Art. 20 GDPR
The right of opposition pursuant to Art. 21 GDPR
Notwithstanding any other legal remedy under administrative or judicial law, you are entitled to file an appeal with a supervisory authority, in particular in the EU Member State that is your place of residence, your place of work or the place of the presumed infringement if you are of the opinion that the processing of the personal data concerned infringes the GDPR.
4. Deletion of data and duration of storage
The personal data of the data subject is deleted or blocked once the purpose of the storage lapses. It may, moreover, be stored beyond that time if this has been stipulated by the European or national legislative authority in EU ordinances, laws or other regulations to which the Controller is subject. The data may also be blocked or deleted if a storage period stipulated by said standards expires, unless the necessity for further storage of the data for concluding an agreement or fulfilling an agreement exists.
II. Specific data processing
1. Unity Analytics
a) Scope of data processing
When using our game, we use Unity Analytics to provide you with smooth access to the game and to continuously improve your gaming experience. This software collects information about how you use the game and uses it to compile various statistics. The usage data collected includes in particular the device ID (MAC/IMEI/MEID), which is pseudonymised, the device type, the country, the device language, the installed operating system, the browser type, the language settings, the CPU type and the number of CPUs, information on the graphics card, system and video RAM, the current screen resolution, the Unity version used, the app ID of the game used, in-game behaviour, IP address. In the event of technical errors, the error report (crash logs) and the error message are also recorded. The information is not only transmitted to us, but also to Unity Technologies, which also uses it for its own purposes. Unity Technologies transmits and stores the collected data within and outside the European Union. Unity Technologies itself describes its data processing activities here https://unity.com/legal/privacy-policy
b) Legal basis
The legal basis for the processing of the data for use for analysis purposes is Art. 6(1)(a) GDPR and Section 25(1) TDDDG. For the defence against attempted fraud, the legal basis for the processing is Art. 6(1)(f) GDPR and Section 25 (2) no. 2 TDDDG. The legal basis for the storage of data at Unity Technologies is Art. 28 (3), (6) GDPR in conjunction with Art. 46 (2)(c) GDPR by means of the standard clauses of the EU Commission both as processor with regard to the analysis of gaming behaviour and transfer to Unity as the controller. The legitimate interest is the defence against attempted fraud. For this purpose, access to information already stored on your end device is absolutely necessary so that we can provide the game smoothly as part of the multiplayer without the possibility of cheating/fraud.
c) Purpose of the data processing
The purpose of analysing user behaviour is to optimise and eliminate errors in the game offering with regard to the expectations and use by customers and to ensure that the game runs smoothly without the possibility of cheating. For the purpose of data processing for data processed by Unity Technologies for its own purposes, please refer to Unity's privacy policy at https://unity.com/legal/privacy-policy.
d) Duration of the storage
The data processed via Unity will be stored by us until you withdraw your consent. In addition, you must revoke your consent to data processing by Unity Technologies for its own purposes separately from Unity Technologies. The duration of data storage by Unity Technologies can be found in their privacy policy at https://unity.com/legal/privacy-policy.
e) The possibility of objection and deletion
You can request the deletion of your user data at any time by post or by e-mail to datenschutz@astragon.de without incurring any further costs. In the event of an objection by e-mail, the implementation of the deletion or blocking may take up to 5 working days, unless we are legally obliged (e.g. to clarify payment disputes) to keep the data for longer. You can prevent the storage of data, including the generation and transmission of data to Unity Technologies, by refusing its collection. You can do this when we ask for your consent or later in the options menu of the game.
2. Mod.io
a) Scope of data processing
When using our game, we use Mod.io to provide you with user generated content and to continuously improve your experience with user generated content and to remove illegal content, including but not limited to copyright infringing content. This software collects information about how you use user generated content and uses it to compile various statistics. The usage data collected includes in particular the user ID, device ID, the ID of the user generated content, in-game behavior, the timestamp of use of the user generated content, the session ID, the number of downloaded and subscribed user generated content and the IP address. The information is not only transmitted to us, but also to Mod.io, which also uses it for its own purposes. Mod.io transmits and stores the collected data within and outside the European Union. Mod.io itself describes its data processing activities here https://mod.io/legal/privacy.
b) Legal basis
The legal basis for the processing of the data for use for analysis purposes is Art. 6(1)(a) GDPR and Section 25(1) TDDDG . For the delivery of user generated content and removal of illegal content, the legal basis for the processing is Art. 6(1)(f) GDPR and Section 25 (2) no. 2 TDDDG .
c) Purpose of the data processing
The purpose of analysing the use of user generated content is to optimise and remove illegal user generated content in the game. The purpose of provisioning of user generated content is to ensure that the game allows the integration and use of user generated content. For the purpose of data processing for data processed by Mod.io for its own purposes, please refer to Mod.io's privacy policy at https://mod.io/legal/privacy.
d) Duration of the storage
The data processed via Mod.io will be stored by us until you withdraw your consent. In addition, you must revoke your consent to data processing by Mod.io for its own purposes separately from Mod.io. The duration of data storage by Mod.io can be found in their privacy policy at https://mod.io/legal/privacy.
e) The possibility of objection and deletion
You can request the deletion of your user data at any time by post or by e-mail to datenschutz@astragon.de without incurring any further costs. In the event of an objection by e-mail, the implementation of the deletion or blocking may take up to 5 working days, unless we are legally obliged (e.g. to clarify payment disputes) to keep the data for longer. You can prevent the storage of data, including the generation and transmission of data to Mod.io, by refusing its collection. You can do this when we ask for your consent or later in the options menu of the game.
3. Denuvo Anti Tamper & CSP System
a) Scope of data processing
As part of the use of our game, we use anti-cheat measures to enable you to access the game smoothly without the possibility of cheating or unlawful copying of the game. This software collects information about how you use the game and uses it to compile various statistics. The usage data collected includes in particular the device ID (MAC/IMEI/MEID), the device type, the country, the device language, the installed operating system, the language settings, the CPU type and the number of CPUs, information on the graphics card, system and video RAM, the current screen resolution, in-game behaviour, IP address. In addition, the error report (crash logs) and the error message are recorded in the event of technical errors. To process this data, we use Denuvo Anti Tramper & CSP System services from Irdeto B.V. Irdeto B.V. processes the collected data through Irdeto USA, Inc. in the United States of America. The provider itself describes its data processing activities here https://irdeto.com/privacy.
b) Legal basis
The legal basis for the processing is Art. 6 para. (1)(f) GDPR and Section 25 (2) no. 2 TDDDG. The legal basis for the transfer of data to Irdeto B.V. and Irdeto USA, Inc. is Art. 28 para. (3), (6) in conjunction with Art. 46 (2)(c) GDPR by means of the standard clauses of the EU Commission and Art. 45 (1) GDPR by means of the EU-U.S. Data Privacy Framework (10 July 2023). The service provider is certified accordingly (https://www.dataprivacyframework.gov/list). The legitimate interest is the defence against attempted cheating. For this purpose, access to information already stored on your end device is absolutely necessary so that we can make the game available smoothly in multiplayer without the possibility of cheating.
c) Purpose of the data processing
The purpose of analysing user behaviour is to ensure that the game runs smoothly without the possibility of cheating or unlawful copying of the content.
d) Duration of the storage
The processed data will be stored by us until we can rule out or prevent the possibility of cheating/fraud or unlawful copying of the game.
e) The possibility of objection and deletion
There is no option to object to anti-cheat or copyright protection measures.
4. Save Data in Multiplayer
a) Scope of data processing
If you play the game in multiplayer, your data required for multiplayer mode (user ID, player name, game actions, IP address, character customisations, etc.) will be processed. To process this data, we use Epic Online Services (EOS) from Epic Games, Inc. and services from weltenbauer. Software Entwicklung GmbH, Frankfurter Str. 5, 65189 Wiesbaden . Epic Games, Inc. is based in the United States of America.
b) Legal basis
The legal basis for the processing of the data is Art. 6 (1)(b) GDPR and Section 25 (2) no. 2 TDDDG. The legal basis for the transfer of data to Epic Games, Inc. is Art. 26 (3), (6) in conjunction with Art. 46 (2)(c) GDPR by means of the standard clauses of the EU Commission. For this purpose, access to information already stored by you on your end device is absolutely necessary so that we can provide the multiplayer functions as an integral part of the game.
c) Purpose of the data processing
The purpose of the processing is to provide a multiplayer mode and to connect several players in a joint game. In addition, data is used to analyse errors in the event of a malfunction.
d) Duration of the storage
The data is stored for the duration of a multiplayer round. Any further storage is only for the purpose of analysing errors.
e) The possibility of objection and deletion
There is no option to object when using the multiplayer mode.
5. User Reporting
a) Scope of data processing
If you play the game in multiplayer, your data (user name, user ID, device type, report text, report time) will be processed if you report another user or another user reports you.
b) Legal basis
The legal basis for the processing of the data is Art. 6 (1)(b) GDPR and Section 25 (2) no. 2 TDDDG. For this purpose, access to information already stored by you on your end device is absolutely necessary so that we can provide a smooth multiplayer experience without improper or illicit user behavior.
c) Purpose of the data processing
The purpose of the processing is to provide a provide a smooth multiplayer experience without improper or illicit user behavior.
d) Duration of the storage
The processed data will be stored by us until we can resolve the reported behaviour.
e) The possibility of objection and deletion
There is no option to object.
6. In-game News
a) Scope of data processing
When using our game, we use Cockpit to provide you with in-game news within the game. The data processed includes in particular the IP address to provide you with in-game news. The information is only processed by us.
b) Legal basis
The legal basis for the delivery of in-game news is Art. 6(1)(f) GDPR and Section 25 (2) no. 2 TDDDG.
c) Purpose of the data processing
The purpose is the provisioning of in-game news within the game.
d) Duration of the storage
The data is processed only for the provisioning of in-game news.
e) The possibility of objection and deletion
There is no option to object when using the in-game news feature.
7. Use of our Discord server
a) Scope of data processing
We operate a server with the Discord service of Discord Netherlands BV. This allows users to communicate with each other in writing or via voice chat and exchange content. Data processing by Discord takes place on the basis of the necessary contract with Discord itself. The scope and legal basis for processing by Discord can be found in their data protection information: https://discord.com/privacy We ourselves do not have access to the Discord database and can only moderate the respective channels editorially and exclude users from using them.
b) Legal basis
The legal basis for the processing is the consent of the user in accordance with Art. 6 para. 1 lit. a GDPR. There is joint responsibility with Discord in accordance with Art. 26 GDPR.
c) Purpose of the data processing
The purpose is to exchange information about our game with the user and other players.
d) Duration of the storage
The storage period of posts is determined by Discord in its privacy policy.
e) The possibility of objection and deletion
Users can delete their messages or their customer account on Discord themselves at any time or contact the contact point specified in Discord's privacy policy. If the deletion of posts is desired, you can contact us at datenschutz(at)astragon.de.
8. Social media presence
a) Scope of data processing
We maintain publicly accessible profiles on various social networks. Your visit to these profiles triggers a variety of data processing operations. These data processing operations may be necessary for individual functionalities of our profiles in social networks. These functionalities are not available to the user or are only available to a limited extent if the user does not provide us with their personal data. When users visit our profiles, their personal data is not only collected, used and stored by us, but also by the operators of the respective social network. This happens even if the user does not have a profile in the respective social network. The individual data processing operations and their scope differ depending on the operator of the respective social network and are not necessarily traceable by us. The user can find details about the collection and storage of the user's personal data and about the type, scope and purpose of its use by the operator of the respective social network in the data protection declarations of the respective operator:
The privacy policy for the social network Facebook, which is operated by Meta Platforms Ireland Limited, Merrion Road, Dublin 4, Ireland, can be viewed at https://www.facebook.com/privacy/policy/
The privacy policy for the social network Instagram, which is operated by Meta Platforms Ireland Limited, can be viewed at https://help.instagram.com/155833707900388
The privacy policy for the Threads social network, which is operated by Meta Platforms Ireland Limited, can be viewed at https://help.instagram.com/515230437301944?locale=en_GB
The privacy policy for the social network YouTube, which is operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, can be viewed at https://policies.google.com/privacy?hl=en
The privacy policy for the social network X, which is operated by Twitter International Unlimited Company, One Cumberland Place, Fenian Street, Dublin 2, Ireland, can be viewed at https://twitter.com/en/privacy
The privacy policy for the social network TikTok, which is operated by TikTok Inc., 5800 Bristol Parkway, Suite 100, Culver City, CA 90230, can be viewed at https://www.tiktok.com/legal/page/us/privacy-policy/en
As the operator of a Facebook fan page, we can only view the information stored in your public Facebook profile, and only if you have such a profile and are logged into it when you visit our fan page. In addition, Facebook provides us with anonymous usage statistics that we use to improve the user experience when visiting our fan page. We do not have access to the usage data that Meta Platforms collects to compile these statistics. Meta Platforms has committed to us to assume primary responsibility under the GDPR for the processing of this data, to fulfil all obligations under the GDPR with regard to this data and to make the essentials of this obligation available to the data subjects. We do not have access to the databases of the social media providers.
b) Legal basis
The legal basis for the processing of the data is Art. 6 para. 1 lit. a and f GDPR. This data processing serves our (and your) legitimate interest in enabling dialogue with you and other players about our game and improving the user experience when visiting the respective social media presence in line with the target group. There is joint responsibility with the social media providers in accordance with Art. 26 GDPR.
c) Purpose of the data processing
The purpose is to exchange information with you and other players about our game and to improve the user experience when visiting our social media presences for specific target groups.
d) Duration of the storage
The storage duration of data processing operations on our social media presences is determined by the respective privacy policies of the social media providers.
e) The possibility of objection and deletion
You can delete your messages or your customer account on the social media sites yourself at any time or contact the contact points specified in the privacy policies of the social media providers.
9. Use of Steam
The use of our game requires the use of the "Steam" service provided by Valve Corporation, P.O. Box 1688, , Bellevue, WA 98004, USA and Valve S.a.r.l., Regus City Centre Suite 227, 26 Boulevard Royal, L-2449 Luxembourg, Luxembourg ("Valve") and the conclusion of a user agreement with Valve. Valve itself collects personal data in the context of the use of the "Steam" service in its own name and on the basis of this user agreement. We have no access to this data. With regard to the collection and use of data by "Steam", we therefore refer you to Valve's user agreement and privacy policy. These can be found here: https://store.steampowered.com/privacy_agreement/?snr=100601_44_44_
I. General information
Welcome! Thank you for your interest in our game. We are astragon Entertainment GmbH, Am Wehrhahn. 33, D-40211 Düsseldorf. You can contact us at: info@astragon.de
Our aim
Protecting your privacy is paramount to us. Therefore, compliance with the legal provisions on data protection is fundamental for us. In addition, it is important to us that you know at all times which personal data we collect and why and how we process it. We will also be happy to explain to you what rights you have and how you can exercise them.
What is personal data?
To put it briefly, anything whereby you, as an individual, can be identified, whether due to the information itself or in connection with other information. Examples of this include your name, e-mail address, or also a customer ID, but even the point in time at which you visit our website if that is saved together with your IP address. We constantly endeavour to gather as little personal data as possible. Simultaneously, we are informing you in this document, in depth, on your personal data, if we gather any.
Why is this document so long?
The legislative authority requires us to describe the following to you in regard to all personal data individually:
which personal data we gather (= type of data collected)
which law or ordinance or regulation permits us to do so (= the legal basis)
why we gather said data (= the intended use)
what exactly happens to your data (= type of processing)
how long we save your personal data
what rights you have in regard to your personal data (= the rights of data subjects)
We need to list all the steps individually. This is why this document is very extensive.
1. Controller and Corporate Data Protection Officer
Responsible within the meaning of the EU General Data Protection Regulation (GDPR) are we, the company
astragon Entertainment GmbH
Am Wehrhahn. 33, D-40211 Düsseldorf
info@astragon.de
If you have any questions regarding data protection please contact our Corporate Data Protection Officer. Our Corporate Data Protection Officer is
Helena Kühn
datenschutz@astragon.de
2. Legal basis
We gather and process personal data based on the most up-to-date European law. You will find the entire legal basis specified below in the General Data Protection Regulation (GDPR). Depending upon the purpose for gathering the data, one or more of the legal bases below will apply:
Consent pursuant to Art. 6(1)(a) General Data Protection Regulation (GDPR).
Consent is a declaration of intent. This can be given in writing in the form of a statement, or also by way of any other clearly affirmative action. In whatever way the consent is given, it needs to be given voluntarily, apply to a specific case, and unmistakably express that the data subject is in agreement with the processing of the personal data concerned. For that purpose, the data subject needs to be adequately informed and understand the consent.
The necessity of fulfilling the contract or taking preparatory measures pursuant to Art. 6(1)(b) GDPR
This means: The data is necessary so that we can fulfil the contractual obligations towards you or we need the data to prepare for concluding an agreement with you.
Processing to fulfil legal obligations pursuant to Art. 6(1)(c) GDPR
This means: The processing of the data is, for example, mandatory for us based on a law or other regulation.
Processing in order to preserve legitimate interests pursuant to Art. 6(1)(f) GDPR
This means: The processing of the data is necessary in order to, on the one hand, preserve legitimate interests on our part or on the part of a third party, as long as your interests or basic rights and basic freedoms, which make the protection of personal data necessary, do not outweigh the latter.
We store and access information in your end device based on the following legal bases:
Consent pursuant to Section 25(1) of the Telecommunications and Digital Services Data Protection Act (TDDDG).
Absolute necessity according to Section 25 (2) no. 2 TDDDG, so that we can provide a telemedia service expressly requested by you.
3. Rights of data subjects
As far as your personal data is concerned, you are the data subject. You have the following rights in regard to the processing of data by us in the scope in accordance with the respective article of the General Data Protection Regulation cited:
The right to information pursuant to Art. 15 GDPR
The right to correction pursuant to Art. 16 GDPR
The right to deletion (“Right to be forgotten”) pursuant to Art. 17 GDPR
The right to limit the processing pursuant to Art. 18 GDPR
The right to data portability pursuant to Art. 20 GDPR
The right of opposition pursuant to Art. 21 GDPR
Notwithstanding any other legal remedy under administrative or judicial law, you are entitled to file an appeal with a supervisory authority, in particular in the EU Member State that is your place of residence, your place of work or the place of the presumed infringement if you are of the opinion that the processing of the personal data concerned infringes the GDPR.
4. Deletion of data and duration of storage
The personal data of the data subject is deleted or blocked once the purpose of the storage lapses. It may, moreover, be stored beyond that time if this has been stipulated by the European or national legislative authority in EU ordinances, laws or other regulations to which the Controller is subject. The data may also be blocked or deleted if a storage period stipulated by said standards expires, unless the necessity for further storage of the data for concluding an agreement or fulfilling an agreement exists.
II. Specific data processing
1. Unity Analytics
a) Scope of data processing
When using our game, we use Unity Analytics to provide you with smooth access to the game and to continuously improve your gaming experience. This software collects information about how you use the game and uses it to compile various statistics. The usage data collected includes in particular the device ID (MAC/IMEI/MEID), which is pseudonymised, the device type, the country, the device language, the installed operating system, the browser type, the language settings, the CPU type and the number of CPUs, information on the graphics card, system and video RAM, the current screen resolution, the Unity version used, the app ID of the game used, in-game behaviour, IP address. In the event of technical errors, the error report (crash logs) and the error message are also recorded. The information is not only transmitted to us, but also to Unity Technologies, which also uses it for its own purposes. Unity Technologies transmits and stores the collected data within and outside the European Union. Unity Technologies itself describes its data processing activities here https://unity.com/legal/privacy-policy
b) Legal basis
The legal basis for the processing of the data for use for analysis purposes is Art. 6(1)(a) GDPR and Section 25(1) TDDDG. For the defence against attempted fraud, the legal basis for the processing is Art. 6(1)(f) GDPR and Section 25 (2) no. 2 TDDDG. The legal basis for the storage of data at Unity Technologies is Art. 28 (3), (6) GDPR in conjunction with Art. 46 (2)(c) GDPR by means of the standard clauses of the EU Commission both as processor with regard to the analysis of gaming behaviour and transfer to Unity as the controller. The legitimate interest is the defence against attempted fraud. For this purpose, access to information already stored on your end device is absolutely necessary so that we can provide the game smoothly as part of the multiplayer without the possibility of cheating/fraud.
c) Purpose of the data processing
The purpose of analysing user behaviour is to optimise and eliminate errors in the game offering with regard to the expectations and use by customers and to ensure that the game runs smoothly without the possibility of cheating. For the purpose of data processing for data processed by Unity Technologies for its own purposes, please refer to Unity's privacy policy at https://unity.com/legal/privacy-policy.
d) Duration of the storage
The data processed via Unity will be stored by us until you withdraw your consent. In addition, you must revoke your consent to data processing by Unity Technologies for its own purposes separately from Unity Technologies. The duration of data storage by Unity Technologies can be found in their privacy policy at https://unity.com/legal/privacy-policy.
e) The possibility of objection and deletion
You can request the deletion of your user data at any time by post or by e-mail to datenschutz@astragon.de without incurring any further costs. In the event of an objection by e-mail, the implementation of the deletion or blocking may take up to 5 working days, unless we are legally obliged (e.g. to clarify payment disputes) to keep the data for longer. You can prevent the storage of data, including the generation and transmission of data to Unity Technologies, by refusing its collection. You can do this when we ask for your consent or later in the options menu of the game.
2. Mod.io
a) Scope of data processing
When using our game, we use Mod.io to provide you with user generated content and to continuously improve your experience with user generated content and to remove illegal content, including but not limited to copyright infringing content. This software collects information about how you use user generated content and uses it to compile various statistics. The usage data collected includes in particular the user ID, device ID, the ID of the user generated content, in-game behavior, the timestamp of use of the user generated content, the session ID, the number of downloaded and subscribed user generated content and the IP address. The information is not only transmitted to us, but also to Mod.io, which also uses it for its own purposes. Mod.io transmits and stores the collected data within and outside the European Union. Mod.io itself describes its data processing activities here https://mod.io/legal/privacy.
b) Legal basis
The legal basis for the processing of the data for use for analysis purposes is Art. 6(1)(a) GDPR and Section 25(1) TDDDG . For the delivery of user generated content and removal of illegal content, the legal basis for the processing is Art. 6(1)(f) GDPR and Section 25 (2) no. 2 TDDDG .
c) Purpose of the data processing
The purpose of analysing the use of user generated content is to optimise and remove illegal user generated content in the game. The purpose of provisioning of user generated content is to ensure that the game allows the integration and use of user generated content. For the purpose of data processing for data processed by Mod.io for its own purposes, please refer to Mod.io's privacy policy at https://mod.io/legal/privacy.
d) Duration of the storage
The data processed via Mod.io will be stored by us until you withdraw your consent. In addition, you must revoke your consent to data processing by Mod.io for its own purposes separately from Mod.io. The duration of data storage by Mod.io can be found in their privacy policy at https://mod.io/legal/privacy.
e) The possibility of objection and deletion
You can request the deletion of your user data at any time by post or by e-mail to datenschutz@astragon.de without incurring any further costs. In the event of an objection by e-mail, the implementation of the deletion or blocking may take up to 5 working days, unless we are legally obliged (e.g. to clarify payment disputes) to keep the data for longer. You can prevent the storage of data, including the generation and transmission of data to Mod.io, by refusing its collection. You can do this when we ask for your consent or later in the options menu of the game.
3. Denuvo Anti Tamper & CSP System
a) Scope of data processing
As part of the use of our game, we use anti-cheat measures to enable you to access the game smoothly without the possibility of cheating or unlawful copying of the game. This software collects information about how you use the game and uses it to compile various statistics. The usage data collected includes in particular the device ID (MAC/IMEI/MEID), the device type, the country, the device language, the installed operating system, the language settings, the CPU type and the number of CPUs, information on the graphics card, system and video RAM, the current screen resolution, in-game behaviour, IP address. In addition, the error report (crash logs) and the error message are recorded in the event of technical errors. To process this data, we use Denuvo Anti Tramper & CSP System services from Irdeto B.V. Irdeto B.V. processes the collected data through Irdeto USA, Inc. in the United States of America. The provider itself describes its data processing activities here https://irdeto.com/privacy.
b) Legal basis
The legal basis for the processing is Art. 6 para. (1)(f) GDPR and Section 25 (2) no. 2 TDDDG. The legal basis for the transfer of data to Irdeto B.V. and Irdeto USA, Inc. is Art. 28 para. (3), (6) in conjunction with Art. 46 (2)(c) GDPR by means of the standard clauses of the EU Commission and Art. 45 (1) GDPR by means of the EU-U.S. Data Privacy Framework (10 July 2023). The service provider is certified accordingly (https://www.dataprivacyframework.gov/list). The legitimate interest is the defence against attempted cheating. For this purpose, access to information already stored on your end device is absolutely necessary so that we can make the game available smoothly in multiplayer without the possibility of cheating.
c) Purpose of the data processing
The purpose of analysing user behaviour is to ensure that the game runs smoothly without the possibility of cheating or unlawful copying of the content.
d) Duration of the storage
The processed data will be stored by us until we can rule out or prevent the possibility of cheating/fraud or unlawful copying of the game.
e) The possibility of objection and deletion
There is no option to object to anti-cheat or copyright protection measures.
4. Save Data in Multiplayer
a) Scope of data processing
If you play the game in multiplayer, your data required for multiplayer mode (user ID, player name, game actions, IP address, character customisations, etc.) will be processed. To process this data, we use Epic Online Services (EOS) from Epic Games, Inc. and services from weltenbauer. Software Entwicklung GmbH, Frankfurter Str. 5, 65189 Wiesbaden . Epic Games, Inc. is based in the United States of America.
b) Legal basis
The legal basis for the processing of the data is Art. 6 (1)(b) GDPR and Section 25 (2) no. 2 TDDDG. The legal basis for the transfer of data to Epic Games, Inc. is Art. 26 (3), (6) in conjunction with Art. 46 (2)(c) GDPR by means of the standard clauses of the EU Commission. For this purpose, access to information already stored by you on your end device is absolutely necessary so that we can provide the multiplayer functions as an integral part of the game.
c) Purpose of the data processing
The purpose of the processing is to provide a multiplayer mode and to connect several players in a joint game. In addition, data is used to analyse errors in the event of a malfunction.
d) Duration of the storage
The data is stored for the duration of a multiplayer round. Any further storage is only for the purpose of analysing errors.
e) The possibility of objection and deletion
There is no option to object when using the multiplayer mode.
5. User Reporting
a) Scope of data processing
If you play the game in multiplayer, your data (user name, user ID, device type, report text, report time) will be processed if you report another user or another user reports you.
b) Legal basis
The legal basis for the processing of the data is Art. 6 (1)(b) GDPR and Section 25 (2) no. 2 TDDDG. For this purpose, access to information already stored by you on your end device is absolutely necessary so that we can provide a smooth multiplayer experience without improper or illicit user behavior.
c) Purpose of the data processing
The purpose of the processing is to provide a provide a smooth multiplayer experience without improper or illicit user behavior.
d) Duration of the storage
The processed data will be stored by us until we can resolve the reported behaviour.
e) The possibility of objection and deletion
There is no option to object.
6. In-game News
a) Scope of data processing
When using our game, we use Cockpit to provide you with in-game news within the game. The data processed includes in particular the IP address to provide you with in-game news. The information is only processed by us.
b) Legal basis
The legal basis for the delivery of in-game news is Art. 6(1)(f) GDPR and Section 25 (2) no. 2 TDDDG.
c) Purpose of the data processing
The purpose is the provisioning of in-game news within the game.
d) Duration of the storage
The data is processed only for the provisioning of in-game news.
e) The possibility of objection and deletion
There is no option to object when using the in-game news feature.
7. Use of our Discord server
a) Scope of data processing
We operate a server with the Discord service of Discord Netherlands BV. This allows users to communicate with each other in writing or via voice chat and exchange content. Data processing by Discord takes place on the basis of the necessary contract with Discord itself. The scope and legal basis for processing by Discord can be found in their data protection information: https://discord.com/privacy We ourselves do not have access to the Discord database and can only moderate the respective channels editorially and exclude users from using them.
b) Legal basis
The legal basis for the processing is the consent of the user in accordance with Art. 6 para. 1 lit. a GDPR. There is joint responsibility with Discord in accordance with Art. 26 GDPR.
c) Purpose of the data processing
The purpose is to exchange information about our game with the user and other players.
d) Duration of the storage
The storage period of posts is determined by Discord in its privacy policy.
e) The possibility of objection and deletion
Users can delete their messages or their customer account on Discord themselves at any time or contact the contact point specified in Discord's privacy policy. If the deletion of posts is desired, you can contact us at datenschutz(at)astragon.de.
8. Social media presence
a) Scope of data processing
We maintain publicly accessible profiles on various social networks. Your visit to these profiles triggers a variety of data processing operations. These data processing operations may be necessary for individual functionalities of our profiles in social networks. These functionalities are not available to the user or are only available to a limited extent if the user does not provide us with their personal data. When users visit our profiles, their personal data is not only collected, used and stored by us, but also by the operators of the respective social network. This happens even if the user does not have a profile in the respective social network. The individual data processing operations and their scope differ depending on the operator of the respective social network and are not necessarily traceable by us. The user can find details about the collection and storage of the user's personal data and about the type, scope and purpose of its use by the operator of the respective social network in the data protection declarations of the respective operator:
The privacy policy for the social network Facebook, which is operated by Meta Platforms Ireland Limited, Merrion Road, Dublin 4, Ireland, can be viewed at https://www.facebook.com/privacy/policy/
The privacy policy for the social network Instagram, which is operated by Meta Platforms Ireland Limited, can be viewed at https://help.instagram.com/155833707900388
The privacy policy for the Threads social network, which is operated by Meta Platforms Ireland Limited, can be viewed at https://help.instagram.com/515230437301944?locale=en_GB
The privacy policy for the social network YouTube, which is operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, can be viewed at https://policies.google.com/privacy?hl=en
The privacy policy for the social network X, which is operated by Twitter International Unlimited Company, One Cumberland Place, Fenian Street, Dublin 2, Ireland, can be viewed at https://twitter.com/en/privacy
The privacy policy for the social network TikTok, which is operated by TikTok Inc., 5800 Bristol Parkway, Suite 100, Culver City, CA 90230, can be viewed at https://www.tiktok.com/legal/page/us/privacy-policy/en
As the operator of a Facebook fan page, we can only view the information stored in your public Facebook profile, and only if you have such a profile and are logged into it when you visit our fan page. In addition, Facebook provides us with anonymous usage statistics that we use to improve the user experience when visiting our fan page. We do not have access to the usage data that Meta Platforms collects to compile these statistics. Meta Platforms has committed to us to assume primary responsibility under the GDPR for the processing of this data, to fulfil all obligations under the GDPR with regard to this data and to make the essentials of this obligation available to the data subjects. We do not have access to the databases of the social media providers.
b) Legal basis
The legal basis for the processing of the data is Art. 6 para. 1 lit. a and f GDPR. This data processing serves our (and your) legitimate interest in enabling dialogue with you and other players about our game and improving the user experience when visiting the respective social media presence in line with the target group. There is joint responsibility with the social media providers in accordance with Art. 26 GDPR.
c) Purpose of the data processing
The purpose is to exchange information with you and other players about our game and to improve the user experience when visiting our social media presences for specific target groups.
d) Duration of the storage
The storage duration of data processing operations on our social media presences is determined by the respective privacy policies of the social media providers.
e) The possibility of objection and deletion
You can delete your messages or your customer account on the social media sites yourself at any time or contact the contact points specified in the privacy policies of the social media providers.
9. Use of Steam
The use of our game requires the use of the "Steam" service provided by Valve Corporation, P.O. Box 1688, , Bellevue, WA 98004, USA and Valve S.a.r.l., Regus City Centre Suite 227, 26 Boulevard Royal, L-2449 Luxembourg, Luxembourg ("Valve") and the conclusion of a user agreement with Valve. Valve itself collects personal data in the context of the use of the "Steam" service in its own name and on the basis of this user agreement. We have no access to this data. With regard to the collection and use of data by "Steam", we therefore refer you to Valve's user agreement and privacy policy. These can be found here: https://store.steampowered.com/privacy_agreement/?snr=100601_44_44_