Outfit7 Neo Limited, a company organized under the laws of Cyprus with a business and billing address: Christaki Kranou 1st Floor, 4041 Limassol, Cyprus (hereinafter: "Outfit7 Neo Limited"), and Outfit7 Limited, a company organized under the laws of the United Kingdom, with a registered office address: 1st Floor Sackville House, 143-149 Fenchurch Street, London EC3M 6BN, United Kingdom and business and billing Address: Christaki Kranou, 2nd Floor, 4041 Limassol, Cyprus (hereinafter: "Outfit7 Limited", collectively: "Controllers", or "We"), are the data controllers in respect of personal data obtained, stored, and processed about you in User Testing. Outfit7 Neo Limited is the organiser of User Testing, which takes place online or on the premises of its subsidiary, Ekipa2 d.o.o., located at Ameriška ulica 8 in Ljubljana, Slovenia.
We will comply with Data Protection Law, which means that your and your child's data will be:
– Used lawfully, fairly and in a transparent way.
– Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes.
– Relevant to the purposes we have told you about and limited only to those purposes.
– Accurate and kept up to date.
– Kept only as long as necessary for the purposes we have told you about.
– Kept securely.
We may only collect, store, and use such personal data you provide upon submitting an application for you or your child to participate in the User Testing. The personal information we collect about you consists of your name and surname, and your contact information (email address and telephone number). We may also ask you to submit non-personally identifiable information that may be personal to you, such as your child's age or year of birth, and gender.
We also collect information about whether you or your child plays mobile games, and which of mobile games developed by Outfit7 you/he/she is already acquainted with. We may also collect, store, and use your personal data and personal data of your child directly from you by conducting questionnaires, surveys, personal interviews, by using audio and visual recording whilst testing the products and reviewing these audio and visual recordings and reviewing the tracks on the used tested products (except for biometric personal data).
We collect personal data about you and your child from you. If you fail to provide requested data, which is necessary for us to consider the application for you or your child to participate in the User Testing, we may not be able to process the application properly or at all, nor will we be able to notify you of any future testing events, new products or services, promotions, or in any way communicate with you and your child.
We will use your and your child's personal data to decide whether to invite you to any User Testing events, and to inform you of a future User Testing event you might be interested in.
More particularly, we will use your and your child's data (personal and non-personally identifiable) for the following purposes:
– monitoring the user experience of tested products,
– obtaining the opinions and data for improving the tested products,
– statistically process, segment, and profile the user testers for the purpose of improving the tested products, and to include them in the future testing of the products,
– to communicate with you, sending the materials and invites to the testing of the products,
– and to do a survey via a telephone, or electronic means (the so-called "follow up").
We are relying on your consent (article 6(1)(a) GDPR) as legal grounds for the processing of your and your child's personal data.
Please note, no information will be collected via the App while testing.
We will only share your and your child's data with our related companies within the Outfit7 Group, of that only to the employees who need it in order to conduct User Testing, and we may share your and your child's data to our third party service providers, as applicable:
Our third-party service providers are required to take appropriate security measures to protect your personal data. We do not allow our third-party service providers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions. We may only share such personal data with the third-party service providers as are necessary for the provision of their service.
We may also share your personal data with any supervisory or any similar regulatory authority that is responsible for the enforcement of the Data Protection Law or other law enforcement authority upon their request.
We may transfer personal data received from you outside European Union (EU) and European Economic Area (EEA) where such transfer is of a type authorised by Data Protection Law in the exporting country, for example in the case of transfers from within the EU/EEA to a country (such as Switzerland) or scheme which is approved by the Commission of EU as ensuring an adequate level of protection or any transfer which falls within a permitted derogation, or to enter with the third-party service provider into Standard Contractual Clauses as approved by the Commission of EU.
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need-to-know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality. Details of these measures may be obtained if you write to firstname.lastname@example.org.
We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
After this period, we will securely destroy and/or delete your personal data and/or and photos/videos with your personal data we might have on file in accordance with applicable Data Protection Law.
As a data subject under Data Protection Law, you have a number of rights, including the right to:
– Request access to your or your child's personal data. This enables you to receive a copy of the personal data we hold about you or your child and to check that we are lawfully processing it.
– Request correction of the personal data that we hold about you or your child. This enables you to have any incomplete or inaccurate information we hold about you or your child corrected.
– Request erasure of your or your child's personal data. This enables you to ask us to delete or remove personal data, where there is no lawful reason for us continuing to process it. You also have the right to ask us to delete or remove your or your child's personal data where you have exercised your right to object to processing (see below).
– Object to the processing of your or your child's personal data.
– Request the restriction of processing of your or your child's personal data. This enables you to ask us to suspend the processing of your or your child's personal data, for example if you want to establish its accuracy.
– Request the transfer of your or your child's personal data to another party.
If you want to review, verify, correct or request erasure of your or your child's personal data, object to the processing of your or your child's personal data, or request that we transfer a copy of your or your child's personal data to another party, please contact us in writing by sending an email to email@example.com.
You have the right to file a complaint against us. To do so, contact the supervisory authority in your country of residence.
You have the right to withdraw your consent for the processing of your or your child's personal data at any time. To withdraw your consent, please contact us by sending an email to firstname.lastname@example.org.
Once we have received notification that you have withdrawn your consent, we will no longer process your application and we will dispose of (delete or anonymize) your or your child's personal data securely.