This Privacy Policy (“Policy”) sets forth how Owlcat Games Ltd., a company established and existing under the laws of the Republic of Cyprus, reg. number HE 398803 (“we”, “us”, “our”), processes personal data of

• customers of video games (“Games”) developed by us and websites administered or used by us,
• influencers, journalists and other media representatives.

This Policy is posted and is constantly available at https://owlcat.games/privacy. The Policy may be updated time to time, and you may access any version (see at the end the available versions). In the event of any major changes (new purposes, new controller, etc.) we will alert you in advance by email or pop-up window at our websites.

Some technical terms used in this Policy are given without explanation. If you do not know a term, please contact us (see contact details in Section 6).

The Privacy Policy covers:

1. WHAT DATA WE COLLECT AND FOR WHAT PURPOSES

2. HOW WE SHARE YOUR DATA

3. HOW WE TRANSFER DATA OUTSIDE OF THE EEA

4. WHAT ARE YOUR RIGHTS

5. THE SAFETY AND SECURITY OF DATA

6. CONTACTS

 

1. WHAT DATA WE COLLECT AND FOR WHAT PURPOSES

We do not collect any special categories of personal data about you (i.e. details about your race or ethnicity, religious or philosophical beliefs, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offences. We also don't use your data for profiling and making automated decisions concerning you.

When you delete and/or amend your data, we reserve the right to store the data necessary to comply with the applicable laws, ensuring the Games' and websites' safety and effectiveness.

You are not obliged to provide your personal data to us. However, if we need personal data to enter and perform the contract with you and you do not provide this data, we may not be able to perform the contract we have or are trying to enter with you. Should this be the case we will notify you at the time.

For each scenario of processing, we have set out below, in a table format, a description of all the ways we plan to use your personal data, and which legal bases we rely on to do so.

When you use our Games

What are the purposes	What data we collect	What is the legal basis	For how long do we store data
To diagnose and solve your problems and to improve the Games by investigating and fixing game bugs sent over bug report tool	Name, contact details (email, Discord nickname) Game information (game progress, game settings, last save, inventory, bug description, etc.) System information (operating system details, including version, peripherals, processor details, device type, screen parameters, memory size, list of installed applications/software, drivers etc.) Any other additional information in attachments or conversation	Consent you give by reporting a bug via bug report tool	For 6 months after we fixed the bug
To ensure quality assurance so that we can address the widespread bugs and other in-game problems and provide a better experience to our players, maintain security and prevent fraud	System information (user agent, customer report id, operating system details, including version, peripherals, processor details, device type, screen parameters, memory size, timestamps, etc.)	Consent that you give when running our games	For 3 years after your last use of the Games

 

When you create a personal account and make online orders

What are the purposes	What data we collect	What is the legal basis	For how long do we store data
To register your account on our websites	Account name, email	Performance of our contract with you (Terms of Use).	For 3 years after your last login with your account unless you decide to delete the account by contacting us (if you’ve made orders via account, we may store the data further for tax / compliance purposes, as indicated below).
To process your orders, deliver digital and physical goods, credit in Games, process refunds and avoid anti-fraud.	Account name, email Discord nickname Mobile phone number Shipping address Order details (size of the clothes status, transaction ID, sum, date of purchase, item for refund, game key), Additional information in emails and conversations with you.   Data we receive from our payment providers: Payment verification data (last 4 digits of the card number, country of issuance, etc.). Please note that we do not have access to the payment details such as your credit card details.   Data we receive from Kickstarter (www.kickstarter.com) if you participate in our crowd-funding campaigns: Contact details (email) Contribution details	Performance of our contract with you.	For the term of the contract with you and up for 6 years after for the tax / compliance purposes

 

When you participate in our games' community in social media (Discord, Twitch, Reddit, Steam, etc.)

What are the purposes	What data we collect	What is the legal basis	For how long do we store data
To arrange and conduct contests for our community, including shipping rewards	Full name, contact details (email, phone number, social media nicknames) Shipping address if you win the contest, Contest contribution (work)	Performance of a contract with you (Contest rules).	For 1 year since the contest and for 6 years after its termination for tax/accounting compliance purposes
To manage your feedback and ideas via community surveys	Email Additional information in survey forms	Consent that you give by participating in such surveys	For 1 month since the closure of a survey

 

When you subscribe to the newsletter

What are the purposes	What data we collect	What is the legal basis	For how long do we store data
To send news and promotions to you	Email Newsletter details (content, time of sending, status of receipt) Consent details (whether you gave your consent to receiving the newsletter or withdrew it)	Consent that you give by subscribing to our newsletter Our legitimate interest to promote our Games and business across existing customers (if you ever purchased something from our websites, we may send you news about our similar products and services)	For 3 years after the last email

 

When you wish to collaborate with us as an influencer

What are the purposes	What data we collect	What is the legal basis	For how long do we store data
To manage our partnership program for influencers, including shipping gifts	Full name, contact details (email, phone number, Discord nickname) Channels details (region, number of subscribers, average views, links) Shipping address, Place of residence (if different), banking account details (if a contract is concluded)	Our legitimate interest to promote our Games and grow our community via creating a Discord community for influencers where they can engage in communication and other promotional activities.   Performance of our contract with you (if we conclude a specific contract with you during our partnership).	For the duration of your  participation in the partnership program
To engage in paid collaborations with influencers, including content production, voiceovers, localisation, etc.	Data we receive from PR and marketing agencies: Full name, contact details (email, phone number, Discord nickname) Channels details (region, number of subscribers, average views, links), language, Place of residence, banking account details (if a contract is concluded)	Our legitimate interest to promote our Games by searching for, reviewing and engaging influencers managed by digital agencies.   Performance of our contract with you (if we conclude a direct contract with you during our partnership).	During the term of the contract with an agency or you, and for up for 6 years after for tax / compliance purposes

 

When you wish to collaborate with us on publishing your game

What are the purposes	What data we collect	What is the legal basis	For how long do we store data
To process your collaboration request and evaluate your game for potential publishing opportunities.	Full name, contact details (email) Company name Country Game name, its website link, Steam link, game materials (drive), Links to gameplay video or trailer, Pitch, games’ description Additional information in emails and conversations with you.	Our legitimate interest to promote our services and business   Performance of our contract with you (if we conclude a specific contract with you regarding the publishing of your game).	For the duration of the game evaluation process and for 2 years thereafter.   During the term of the contract with you, and for up to 6 years afterward for tax and compliance purposes.

 

When you are a media representative or a journalist

What are the purposes	What data we collect	What is the legal basis	For how long do we store data
To arrange our PR releases and announcements	Data we receive from media outlets or publicly accessible sources such as media outlets websites, etc: Full name, contact details (email, phone number) Title, company Region, language	Our legitimate interest to promote our services, raise the media coverage and maintain PR	For 5 years initially and longer if no objection is received upon review

 

When you visit our websites, we also process your data with cookies and similar web analytics tools. For more information on how we use cookies and other web analytics tools see our Cookies policy available at https://owlcat.games/cookies.

2. HOW WE SHARE YOUR DATA

We share your data only in limited cases with the following recipients:

• affiliates and other companies of our group to efficiently perform our business activities,
• SaaS, hosting service providers for the use of SaaS software and hosting our IT systems we employ to process your data,
• shipping service providers to ship you orders and rewards,
• other customers when your credit name is displayed in the game credits,
• other influencers when you're added to our Discord channel in the partnership program,
• new business owner if we ever sell our business,

governmental agencies, courts if required by any law order,

• professional advisors, such as lawyers, bankers, auditors, and insurers, where necessary in the course of the professional services that they render to us.

 

Our Services may contain links to sites operated by third parties. We are not responsible for your data when you access these links or engage with third party services, and you should ensure you review the relevant third party's privacy statement which will govern your data privacy rights.

3. HOW WE TRANSFER DATA OUTSIDE OF THE EEA

We do our best to keep your data inside the EEA area. With that, some processes require use of foreign service providers to be efficient.

The countries to which we transfer your data not always have the same data protection laws as your jurisdiction. We take reasonable measures to ensure your data is adequately protected when outside of the EEA, for example, we sign Standard Contractual Clauses (SCC) adopted by the European Commission with our providers and other recipients in third countries, assess the risks of the international data transfers to adopt additional security measures, etc.

You may also obtain a copy of relevant SCCs by contacting us, as specified in Section 6 (Contacts).

4. WHAT ARE YOUR RIGHTS

Under the GDPR you have certain legal rights, which are briefly summarised below, in relation to any personal data about you which we hold:

Accessing data

You have the right to ask us to provide information on how we process your data. As well you can request copies of your personal data we hold about you.

Data portability

You have the right to ask that we transfer the information you gave us to another organisation, or to you, in certain circumstances.

Changing or updating data

You have the right ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.

Deleting data

You have the right to ask us to delete or remove your data in certain circumstances. For instance, if you withdraw consent and believe that is no good reason for us continuing to process it.  In some cases, we may be required to continue storing data for regulatory purposes even though you require us to delete it. Should this be the case, we will provide you with further information.

Objecting, restricting processing

You have the right to request that we stop using all or some of your personal data, or that we limit (restrict) our use of their data. This includes objecting to use of personal data that is based on legitimate interests. If we process your personal data for direct marketing purposes, we will stop such processing without any exceptions after we receive such a request from you. But, in other cases we may continue to process data after such objection or request to the extent required or permitted by law.

Revoking consent

You have the right to withdraw your consent at any time after which we will stop any processing of your data for such purposes. Specifically, you can withdraw your consent to direct marketing by following the “unsubscribe” link or contacting us in accordance with Section 6 (Contacts) below.

Complaints

If you believe we have violated your rights you may lodge a complaint with the Office of the Commissioner for Personal Data Protection (Cyprus) via their website. Nevertheless, we kindly ask to contact us first to see if we can resolve your issue amicably.

 

You can independently access, delete, correct, or change some of your personal data in your account settings.

If you would like to exercise the rights above, please contact us, as specified in Section 6 (Contacts). We will aim to respond to you within 1 month. In some cases, we may need to ask for additional information before we are able to disclose any data to you.

5. THE SAFETY AND SECURITY OF DATA

No IT system or online communication 100% safe. But we do our best to ensure security of your personal data. We take technical, organisational and legal measures, including, where suitable, encryption, to ensure that your personal data are protected from unauthorised or accidental access, deletion, modification, blocking, copying and dissemination.

Access to your account is authorised using your login (e-mail address) and password. You are responsible for keeping the credentials confidential. If you suspect any misuse or loss of, or unauthorised access to your data, you should let us know immediately.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

6.CONTACTS

If you have any questions regarding this Policy or how we process your personal data, please contact us:

• by email: dpo@owlcat.games.com; or
• by mail:  Irodi Attikou, 8A, Lakatamia, 2332, Nicosia, Cyprus (OWLCAT GAMES LTD).

Please, specify your name and other information necessary for full and complete consideration of your request.

 

Last update: 28 October, 2024