I. What is the privacy policy?

The privacy policy is a set of rules aimed at informing Users and Guests who are natural persons about all aspects of the process of obtaining, processing and securing their personal data. The privacy policy also explains the principles and purposes of obtaining personal data. These processes are performed on the basis of applicable legal regulations - incl. - Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 / EC [general regulation on data protection ; the so-called GDPR Regulation] and the Act of May 10, 2018 on the protection of personal data.

Definitions

Administrator - Moonday Games sp. Z o.o. with its registered office in Środa Wielkopolska, registered in the National Court Register - Register of Entrepreneurs kept by the District Court Poznań - Nowe Miasto and Wilda in Poznań, IX Commercial Division of the National Court Register [KRS - 0000822613, REGON - 385299331, NIP - 7861721845;

Personal data - all information that may identify the User / Guest, for example name and surname, telephone number, e-mail addressdevice IP, location data, Internet ID and information collected via cookies and other similar technologyEach time the document in question refers to the term "process" or "processing", we mean all activities and operations performed on the User's / Guest's personal data (e.g. their storage or analysis for the purpose of providing the service).

Policy - this Privacy Policy.

Act - the Act of 10 May 2018 on the protection of personal data.

GDPR - Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and the repeal of Directive 95/46 / EC.

Moonday Games sp. z o.o. declares that it cannot knowingly collect personal data of children under the age of 16. If a child under the age of 16 provides us with personal data, we encourage the child's parents or guardians to contact us to request that this personal data be deleted from our systems. Parents and legal guardians may send any questions regarding their children's personal data to [email protected]. If Moonday Games receives information about obtaining personal data from persons under 16 years of age, it will immediately take steps to delete such data. 

III. Personal Data Administrator

The administrator of personal data is MOONDAY GAMES sp. Z oo with its seat in Środa Wielkopolska, which is the operator of the platform available at https://moondaygames.com, ul. Rzemieślnicza 1, 63-000 Środa Wielkopolska, entered into the Register of Entrepreneurs of the National Court Register kept by the District Court Poznań - Nowe Miasto and Wilda in Poznań, IX Commercial Division of the National Court Register, under KRS number 0000822613, share capital PLN 10,000.00, NIP 7861721845 , REGON 38529933100000.

Personal Data Inspector

The administrator has appointed a Personal Data Protection Inspector who can be contacted in writing - by traditional mail - by sending a letter to the following address: ul. Rzemieślnicza 1, 63-000 Środa Wielkopolska, or by e-mail at [email protected]. The inspector will help in all matters related to the protection of personal data, including provide answers to questions regarding the processing of the User's / Guest's personal data and questions regarding the scope of the Privacy Policy .

Purposes and grounds for processing personal data

In accordance with the scope of the conducted activity, the Administrator processes the personal data of Users / Guests for various purposes, but always in accordance with the law. Your data is processed in connection with the following categories of activities:

Use of the Platform https://moondaygames.com. 

The data of all entities using the Platform (including the IP address or other identifiers and information collected via cookies or other similar technologies) are processed by the Administrator for one or more of the following purposes:

1. providing electronic services in the scope of providing Users / Guests with content posted on the Platform, sharing contact forms [legal basis for processing - processing is necessary to perform the contract (Article 6 (1) (b) of the GDPR)];

2. handling purchases made via the Platform [legal basis for processing - processing is necessary to perform the contract (Article 6 (1) (b) of the GDPR)];

3. analytical and statistical [legal basis for processing - legitimate interest of the Administrator (Article 6 (1) (f) of the GDPR), which consists in conducting analyzes of the behavior and activity of Users and Guests, as well as their preferences, aimed at improving the quality and adequacy of the functionalities used and provided services];

4. performance of statutory obligations incumbent on the Administrator, resulting in particular from tax regulations and accounting regulations [legal basis for processing - legal obligation (Article 6 (1) (c) of the GDPR)];

5. handling complaints [legal basis for processing - processing is necessary to perform the contract (Article 6 (1) (b) of the GDPR)];

6. marketing of the Administrator and other entities, in particular related to the presentation of behavioral advertising [legal basis for processing - legitimate interest of the Administrator (Article 6 (1) (f) of the GDPR), which consists in adjusting the displayed advertising content].

7. possible determination and pursuit of claims or defense against such claims [legal basis for processing - legitimate interest of the Administrator (Article 6 (1) (f) of the GDPR), which consists in the protection of his rights];

The activity of each User / Guest on the Platform, including his personal data, is recorded in system logs (a dedicated computer system designed to store a chronological record containing information about events and activities related to the IT system used for the provision of services by the Administrator). The information collected in the logs is processed in connection with the provision of services by the Administrator. The administrator also processes them for technical purposes. The above in particular means that the data may be temporarily stored and processed in order to ensure the security and proper functioning of IT systems [e.g. in connection with making backup copies, testing changes in IT systems, detecting irregularities or protecting against any abuse / attacks].

In the case of Users - when you use the game via Facebook (Facebook Connect function), Facebook Inc. provide Moonday Games sp. z oo with such information as: Facebook ID, avatar, e-mail address, gender, location and a list of friends. The above information is provided on the basis of Facebook's terms of use.

Moreover, when you visit profiles of Moonday Games sp. Z oo on social media (e.g. Facebook), Moonday Games sp. Z oo may collect data on your activity on the above-mentioned. profiles. When using a social networking site, the User / Guest is bound by the privacy policy and the approved regulations of the portal.

When the User / Guest downloads, uses or plays one of the games produced by Moonday Games sp. Z oo, Moonday Games sp. Z oo may collect and process basic data about the User / Visitor and his activities on the account for the general purposes of the game. These data include: e-mail address, date of birth, name of the User / Guest, which is used to identify him, as well as avatars, account status of the Goods in the game, IP address, country in which the User / Guest is located (determined on the basis of IP address).

In addition, with respect to in-game resource purchases - Moonday Games sp. Z oo may collect and process the platform / device and purchases made in real currency (including transaction dates, currencies, value and subject matter of the transaction).

When purchasing goods in the form of tokens, data processing depends on the payment method / platform / operator. Moonday Games sp. Z oo only processes limited payment data in an encrypted / anonymized form. After completing the transaction, Moonday Games receives a notification from the payment operator and makes sure that the User / Guest has received the purchased Goods in the form of tokens. Moonday Games sp. Z oo declares that it does not have access to actual payment data.

Moonday Games sp. Z oo cooperates with third parties in order to enable Users / Guests to download and use games. Moonday Games sp. Z oo has no influence on these entities. These entities have their own privacy policy. Below are the links that allow you to read the privacy policy of the entities in question: 

1. Google Play Services – https://policies.google.com/privacy

2. Google Analytics for Firebase – https://firebase.google.com/policies/analytics

3. Facebook – https://www.facebook.com/about/privacy/update/printable

4. Unity – https://unity3d.com/legal/privacy-policy

Formularz kontaktowy

1. a) On the Administrator's Platform https://moondaygames.com it is possible to contact him using the electronic contact form. Using the form requires providing personal data necessary to contact the User / Guest and answer the inquiry. The User / Guest may also provide other data to facilitate contact or handling the inquiry. Providing the data indicated as mandatory is necessary in order to accept and handle the inquiry, and failure to do so means that you will not be able to use the form. Providing unnecessary data is completely voluntary.

1. b) Personal data provided to the Administrator in the contact form are processed for one or more of the following purposes:

• identification of the sender and handling of his inquiry sent via the provided electronic form [legal basis for processing - processing necessary for the performance of the service contract (Article 6 (1) (b) of the GDPR)];

• analytical and statistical - the legal basis for processing [legitimate interest of the Administrator (Article 6 (1) (f) of the GDPR), which consists in keeping statistics of inquiries submitted by Users / Guests via the Platform in order to improve its functionality and the Administrator's activities].

Marketing

The Administrator processes the personal data of Users / Guests in order to carry out marketing activities, the legal basis of which is the Administrator's legitimate interest (Article 6 (1) (f) of the GDPR). These activities may include, inter alia, on:

1. displaying to the User / Visitor marketing content that is not adapted to his preferences (contextual advertising);

2. displaying to the User / Visitor marketing content corresponding to his interests (behavioral advertising).

In order to carry out marketing activities, the Administrator uses profiling in some cases. This means that thanks to automatic data processing, the Administrator evaluates selected factors relating to Users / Guests in order to analyze their behavior or create a forecast for the future. When making this type of profiling, the Administrator does not use profiling that causes legal effects or significantly influences him / her in relation to the User / Guest.

Advertisements containing links / redirecting to advertisers' websites are a service provided by entities other than Moonday Games sp. Z o. O. These entities are beyond any control of Moonday Games sp. Z o. the rules set out by these entities, e.g. in the privacy policy applicable to these services or applications.

Behavioral advertising

The Administrator processes the personal data of Users / Guests, including personal data collected via cookies and other similar technologies for marketing purposes in connection with the targeting of behavioral advertising to Users / Guests (this is an advertisement that is tailored to the preferences of a given User / Guest). The processing of personal data then also includes profiling of Users / Guests. The use of personal data collected through this method for marketing purposes, especially in the promotion of services and goods of third parties, is based on the legitimate interest of the Administrator and only on condition that the User / Guest has consented to the use of cookies. 

Consent to the use of cookies can be expressed through the appropriate configuration of the browser. The consent may be withdrawn at any time, e.g. by clearing the cookie history and disabling cookies in the browser settings. This consent may be withdrawn at any time.

5. Contextual advertising

The Administrator processes the personal data of Users / Guests for marketing purposes in connection with directing contextual advertising to Users / Guests (this is an advertisement that is not tailored to the preferences of the User / Guest). The processing of personal data takes place then in connection with the implementation of the legitimate interest of the Administrator (Article 6 (1) (f) of the GDPR).

6. Direct Marketing

If the User / Guest has agreed to receive marketing information via e-mail, SMS and other electronic means of communication, the User's / Guest's personal data will be processed for the purpose of sending him such information. The basis for data processing is the Administrator's legitimate interest in sending marketing information within the limits of the consent granted by the User / Guest (direct marketing). The User / Guest has the right to object to the processing of data for the purposes of direct marketing, including profiling. The data will be stored for this purpose for the duration of the legitimate interest of the Administrator, unless the User / Guest objects to receiving marketing information.

1. Cookies [cookies] and similar technology

Cookies are small text files installed on the device of the User / Guest browsing the Platform. Cookies collect information that facilitates the use of the website - e.g. by remembering the User's / Guest's visits to the Platform and the activities performed by him.

1. Platform cookies. 

The administrator uses the so-called cookies primarily in order to provide the User / Guest with services provided electronically and to improve the quality of these services. In connection with the above, the Administrator and other entities providing analytical and statistical services to him use cookies by storing information or accessing information already stored in the User's / Guest's telecommunications end device (telephone, tablet, etc.). Cookies used for this purpose include:

1. cookies with data entered by the User / Guest (session ID) for the duration of the session (user input cookies);

2. authentication cookies used for services that require authentication for the duration of the session (authentication cookies);

3. cookies used to ensure security, e.g. used to detect fraud in the field of authentication (user centric security cookies);

4. multimedia player session cookies (e.g. flash player cookies), for the duration of the session (multimedia player session cookies);

5. persistent cookies used to personalize the User / Guest interface for the duration of the session or a little longer (user interface customization cookies),

6. cookies used to monitor traffic on the website, i.e. data analytics, including Google Analytics cookies (these are files used by the Google company to analyze how the User / Guest uses the Platform, to create statistics and reports on the functioning of the Platform). Google does not use the collected data to identify a given User / Guest, nor does it combine the above information to enable identification. Detailed information on the scope and principles of data collection in connection with the above-mentioned service can be found at: https://www.google.com/intl/pl/policies/privacy/partners.

1. Marketing cookies

The administrator uses cookies also for marketing purposes, including in connection with targeting Users / Visitors with behavioral advertising. For this purpose, the Administrator stores information or gains access to information already stored in the User's / Guest's telecommunications end device (telephone, tablet, etc.). The use of cookies and personal data collected through them for marketing purposes, in particular in the field of promoting services and goods of third parties, requires the consent of the User / Guest. This consent may be expressed through the appropriate configuration of the browser, and may also be withdrawn at any time, in particular by clearing the cookie history and disabling cookies in the browser settings.

1. The period of storage of Users / Visitors' data

2. In accordance with the applicable legal regulations, we process the personal data of the User / Guest for the period necessary to achieve the set goal. After this period, the User's / Guest's personal data is irretrievably deleted or destroyed.

3. In the event that Moonday Games sp. Z oo does not need to perform operations on the User's / Guest's personal data other than their storage (e.g. when we store the content of the order for the purposes of defending against claims), until permanent removal or destruction, personal data is additionally secured - through pseudonymization, which consists in encrypting personal data or a set of personal data that without an additional key it is impossible to read them - as a consequence, such information becomes completely useless for an unauthorized person.

4. The personal data of the User / Guest will be processed by the Administrator for the time necessary to achieve the purposes referred to in the section "Purposes and grounds for processing personal data", e.g. until the service is completed for the User / Guest, and after that period until any possible claims or until the data storage obligations resulting from legal regulations expire.

VII. User / Guest rights related to his personal data?

1. The data subjects / users have the following rights:

2. the right to information about the processing of personal data [on this basis, the person making such a request, the Administrator provides information on the processing of personal data, including, in particular, the purposes and legal grounds for processing, the scope of data held, entities to whom personal data are disclosed and the planned date of their removal ];

3. the right to obtain a copy of the data [on this basis, the Administrator provides a copy of the processed data concerning the person submitting the request];

4. the right to delete data [on this basis, you can request the deletion of data, the processing of which is no longer necessary to achieve any of the purposes for which they were collected];

5. the right to rectify data [on this basis, the Administrator removes any inconsistencies or errors regarding the personal data being processed, and supplements or updates them if they are incomplete or have changed];

6. the right to transfer data [on this basis, to the extent that the data is processed in connection with the concluded contract or consent, the Administrator issues the data provided by the data subject in a format that can be read by a computer. It is also possible to request that this data be sent to another entity - provided, however, that there are technical possibilities in this respect both on the part of the Administrator and that other entity];

7. the right to transfer data [on this basis, to the extent that the data is processed in connection with the concluded contract or consent, the Administrator issues the data provided by the data subject in a format that can be read by a computer. It is also possible to request that this data be sent to another entity - provided, however, that there are technical possibilities in this respect both on the part of the Administrator and that other entity];

8. the right to limit processing [on this basis, the Administrator ceases to perform operations on personal data, with the exception of operations consented to by the data subject and their storage, in accordance with the adopted retention rules, or until the reasons for limiting data processing (e.g. a decision of the supervisory authority will be issued, authorizing further processing of the data)];

9. the right to object to other purposes of data processing [the data subject may at any time object to the processing of personal data on the basis of the Administrator's legitimate interest (e.g. for analytical or statistical purposes or for reasons related to the protection of property). The objection in this respect should contain a justification and is subject to the Administrator's assessment];

10. An application regarding the exercise of the rights indicated above may be submitted by traditional mail by writing to the address - ul. Rzemieślnicza 1, 63-000 Środa Wielkopolska or by e-mail to the following address: [email protected].

11. The request should, if possible, indicate precisely what the request concerns, i.e. in particular: a) who submits the request; b) the rights of which the person submitting the application wishes to exercise; c) what purposes of processing the request relates to (e.g. marketing purposes, analytical purposes, etc.).

12. If the Administrator is unable to determine the content of the request or identify the person submitting the application based on the submitted application, he will ask the User / Guest for additional information.

13. The response to the application will be given immediately, but not later than within one month of its receipt. If it is necessary to extend this period, the Administrator will inform the User / Guest about the reasons for such extension.

14. The answer will be given to the e-mail address from which the application was sent, and in the case of applications sent by letter, by registered mail to the address indicated by the User / Guest, unless the content of the letter indicates a desire to receive feedback to the e-mail address (such case, please provide an e-mail address).

VIII. The right to withdraw consent

1. If the Administrator processes your personal data on the basis of the consent expressed by the User / Guest, the User / Guest may withdraw this consent at any time - at his / her discretion.

2. b) send an email to the Personal Data Protection Officer at [email protected]; b) wysłać maila do Inspektora Ochrony Danych Osobowych na [email protected] or via the contact form https://moondaygames.com/support.

3. The administrator declares that if he processes your personal data on the basis of your consent, its withdrawal does not make the processing of personal data up to that point illegal. The above means that until the consent is withdrawn, the Administrator has the right to process the personal data of the User / Guest and the revocation of the consent does not affect the lawfulness of the current processing.

4. Right to file a complaint

If the User / Guest believes that their personal data is being processed contrary to the applicable legal regulations, they may file a complaint with the President of the Personal Data Protection Office.

1. Transfer of personal data to third countries and international organizations

The User's / Guest's personal data is not transferred to third countries, i.e. outside the European Economic Area (EEA), or outside international organizations.

1. Changes to the Privacy Policy

2. In matters not covered by this Privacy Policy, the provisions of the GDPR and the Personal Data Protection Act shall apply.

3. This Privacy Policy applies from September 5, 2020. 

XII. Questions and contact

1. If you have any questions about the privacy policy, you can contact the Administrator in writing, by traditional mail, by writing to the following address: ul. Rzemieślnicza 1, 63-000 Środa Wielkopolska or by e-mail to the following address: [email protected].

2. If the User / Guest wants to contact the Personal Data Protection Inspector, appointed by the Administrator, he may do so in writing, by traditional mail, by writing to the following address: ul. Rzemieślnicza 1, 63-000 Środa Wielkopolska or by e-mail at: [email protected]The inspector will in particular answer questions regarding the processing of personal data of the User / Guest.