Home

Privacy Policy for User Testing

Please read this Privacy Policy for User Testing (hereinafter Privacy Policy) carefully to understand how and why your or your child's personal data will be used, namely for the purposes of processing your application and your child's participation in the testing of OUTFIT7 products (hereinafter: User Testing), and how long it will be retained for. It provides you with certain information that must be provided under the General Data Protection Regulation ((EU) 2016/679) (GDPR) and laws implementing or supplementing the GDPR; and to the extent applicable, the data protection or privacy laws of any other country (hereinafter: Data Protection Law).

Outfit7 Neo Limited, a company organized under the laws of Cyprus with a registered and billing address: Christaki Kranou 1st Floor, 4041 Limassol, Cyprus (hereinafter: "Outfit7 Neo Limited"), and Outfit7 Limited, a company organized under the laws of the United Kingdom, with a registered office address: 1st Floor Sackville House, 143-149 Fenchurch Street, London EC3M 6BN, United Kingdom and business and billing Address: Christaki Kranou, 2nd Floor, 4041 Limassol, Cyprus (hereinafter: "Outfit7 Limited"; Outfit7 Neo Limited and Outfit7 Limited collectively: "Controllers", or "We"), are the data controllers in respect of personal data obtained, stored, and processed about you in User Testing. Outfit7 Neo Limited is the organiser of User Testing, which takes place online or on the premises of its subsidiary, Ekipa2 d.o.o., located at Ameriška ulica 8 in Ljubljana, Slovenia.

DATA PROTECTION PRINCIPLES

We will comply with Data Protection Law, which means that your and your child's data will be:

  • Used lawfully, fairly and in a transparent way.
  • Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes.
  • Relevant to the purposes we have told you about and limited only to those purposes.
  • Accurate and kept up to date.
  • Kept only as long as necessary for the purposes we have told you about.
  • Kept securely.

DATA WE COLLECT ABOUT YOU

We may only collect, store, and use such personal data you provide upon submitting an application for you or your child to participate in the User Testing. The personal information we collect about you consists of your name and surname, and your contact information (email address and telephone number). We may also ask you to submit non-personally identifiable information that may be personal to you, such as your child's age or year of birth, and gender, or some personal information, such as your child's first name and their month and year of birth.

We also collect information about whether you or your child plays mobile games, and which of mobile games developed by Outfit7 you/he/she is already acquainted with. We may also collect, store, and use your personal data and personal data of your child directly from you by conducting questionnaires, surveys, personal interviews, by using audio and visual recording whilst testing the products and reviewing these audio and visual recordings and reviewing the tracks on the used tested products (except for biometric personal data).

HOW IS YOUR PERSONAL DATA COLLECTED?

We collect personal data about you and your child from you. If you fail to provide requested data, which is necessary for us to consider the application for you or your child to participate in the User Testing, we may not be able to process the application properly or at all, nor will we be able to notify you of any future testing events, new products or services, promotions, or in any way communicate with you and your child.

HOW WE USE COLLECTED DATA

We will use your and your child's personal data to decide whether to invite you to any User Testing events, and to inform you of a future User Testing event you might be interested in.

More particularly, we will use your and your child's data (personal and non-personally identifiable) for the following purposes:

  • monitoring the user experience of tested products,
  • obtaining the opinions and data for improving the tested products,
  • statistically process, segment, and profile the user testers for the purpose of improving the tested products, and to include them in the future testing of the products,
  • to communicate with you, sending the materials and invites to the testing of the products,
  • and to do a survey via a telephone, or electronic means (the so-called "follow up").

We are relying on your consent (article 6(1)(a) GDPR) as legal grounds for the processing of your and your child's personal data.

Please note, no information will be collected via the App while testing.

DATA SHARING

We will only share your and your child's data with our related companies within the Outfit7 Group, of that only to the employees who need it in order to conduct User Testing, and we may share your and your child's data to our third party service providers, as applicable:

  • our cloud service provider,
  • our provider for distribution of the apps for testing (Google Sheets by Google and Firebase App Distribution by Google, respectively),
  • the provider we use for online calls (Zoom), and
  • the provider for managing electronic signatures of the consent form (DocuSign),
  • the provider we use for conducting online testing (PlaytestCloud). To learn more about PlaytestCloud's privacy practices, please click see their privacy policy, available here https://www.playtestcloud.com/privacy.

Our third-party service providers are required to take appropriate security measures to protect your personal data. We do not allow our third-party service providers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions. We may only share such personal data with the third-party service providers as are necessary for the provision of their service.

We may also share your personal data with any supervisory or any similar regulatory authority that is responsible for the enforcement of the Data Protection Law or other law enforcement authority upon their request.

DATA TRANSFER

We may transfer personal data received from you outside European Union (EU) and European Economic Area (EEA) where such transfer is of a type authorised by Data Protection Law in the exporting country, for example in the case of transfers from within the EU/EEA to a country (such as Switzerland) or scheme which is approved by the Commission of EU as ensuring an adequate level of protection or any transfer which falls within a permitted derogation, or to enter with the third-party service provider into Standard Contractual Clauses as approved by the Commission of EU.

DATA SECURITY

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need-to-know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality. Details of these measures may be obtained if you write to [email protected].

We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

DATA RETENTION – How long will you use my personal data for?

We will retain your personal data and your child's personal data on file for a period of up to four years since giving consent to this Privacy Policy via telecommunication or other suitable services.

After this period, we will securely destroy and/or delete your personal data and/or and photos/videos with your personal data we might have on file in accordance with applicable Data Protection Law.

YOUR RIGHTS / RIGHTS OF DATA SUBJECTS

As a data subject under Data Protection Law, you have a number of rights, including the right to:

  • Request access to your or your child's personal data. This enables you to receive a copy of the personal data we hold about you or your child and to check that we are lawfully processing it.
  • Request correction of the personal data that we hold about you or your child. This enables you to have any incomplete or inaccurate information we hold about you or your child corrected.
  • Request erasure of your or your child's personal data. This enables you to ask us to delete or remove personal data, where there is no lawful reason for us continuing to process it. You also have the right to ask us to delete or remove your or your child's personal data where you have exercised your right to object to processing (see below).
  • Object to the processing of your or your child's personal data.
  • Request the restriction of processing of your or your child's personal data. This enables you to ask us to suspend the processing of your or your child's personal data, for example if you want to establish its accuracy.
  • Request the transfer of your or your child's personal data to another party.

If you want to review, verify, correct or request erasure of your or your child's personal data, object to the processing of your or your child's personal data, or request that we transfer a copy of your or your child's personal data to another party, please contact us in writing by sending an email to [email protected].

You have the right to file a complaint against us. To do so, contact the supervisory authority in your country of residence.

You have the right to withdraw your consent for the processing of your or your child's personal data at any time. To withdraw your consent, please contact us by sending an email to [email protected].

Once we have received notification that you have withdrawn your consent, we will no longer process your application and we will dispose of (delete or anonymize) your or your child's personal data securely.

DATA PROTECTION OFFICER

We have appointed a data protection officer (DPO) to oversee compliance with this Privacy Policy. If you have any questions about this Privacy Policy or how we handle your personal data, please contact the DPO at ePrivacy GmbH, Große Bleichen 21, 20354 Hamburg, Germany. If you have any concerns as to how your personal data is processed, you can also contact: [email protected].

Privacy Policy for User Testing – v.1.4, as of March 5, 2023