PRIVACY POLICY – WWW (PERSONAL DATA PROCESSING PRINCIPLES)

I. GENERAL TERMS

  1. Mousetrap Games Sp. z o.o. with its registered seat in Wrocław (postal code: 50-078), ul. Leszczyńskiego 4/29, Poland, entered in the register of entrepreneurs of the National Court Register by the District Court for Wrocław-Fabryczna in Wrocław, 6th Commercial Department of the National Court Register, under KRS number: 0000673373, NIP (tax number): 8943102623, is the Data Controller of the website https://mousetrap.games/.
  2. Data Controller contact data: [email protected]
  3. Data Protection Officer contact data: [email protected]
  4. This Privacy Policy sets out the personal data processing principles on the website https://mousetrap.games/, including the bases, purpose and scope of data processing as well as the rights of the data subjects and the terms of the website’s users’ privacy protection.
  5. The personal data is processed by the Data Controller according to the law, in particular the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, hereinafter: GDPR).
  6. The personal data is collected by the Data Controller with reference to using the contact form. The data is provided by the user voluntarily – we ask for that data in order to make the contact with the user possible.
  7. We pay particular attention to securing privacy of the data subjects, in particular, we make sure that processing the data is carried out for the period not longer than it is necessary to achieve the processing purpose, taking account of the personal data security, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures.

II. RIGHTS OF THE DATA SUBJECT

  1. Pursuant to GDPR, in situations defined therein, you have the right to:
    • access to and rectification or erasure of personal data or restriction of processing – the data subject may request from the Data Controller access to and rectification or erasure of personal data (the right to be forgotten) or restriction of processing concerning the data subject or to object to processing as well as the right to data portability;
    • withdraw the consent at any time – the data subject, whose data is processed by the Data Controller on the basis of the data subject’s consent, may withdraw the consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal;
    • lodge a complaint – the data subject, whose data is processed by the Data Controller, may lodge a complaint with the supervisory authority (President of the Personal Data Protection Office), if – in opinion of the data subject – the data is processed unlawfully;
    • object – the data subject may at any time object to processing of personal data concerning him or her which is based on the legitimate purpose of the Data Controller, including profiling. In such case, the Data Controller shall no longer process the personal data unless the controller demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defense of legal claims;
    • object in the scope of direct marketing – in the event that the data is processed for direct marketing purposes, the data subject shall have the right to object at any time to processing of personal data concerning him or her for such marketing, which includes profiling to the extent that it is related to such direct marketing.
  1. What’s important, not in every case you are entitled to carry out the actions described above, and GDPR indicates when you may exercise a given right.
  2. In order to exercise the above rights you may contact the Data Controller by sending a written message or an e-mail using the contact data indicated in point I of the Privacy Policy or using the contact form available at https://mousetrap.games/.

III. THE BASES, PURPOSE AND SCOPE OF DATA PROCESSING

  1. The Data Controller is entitled to process the personal data in the cases and within the scope that meets in particular at least one of the following conditions:
    • the data subject has given consent to the processing of his or her personal data for one or more specific purposes;
    • processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
    • processing is necessary for compliance with a legal obligation to which the Data Controller is subject;
    • processing is necessary for the purposes of the legitimate interests pursued by the Data Controller or by a third party.
  2. Processing the data by the Data Controller requires at least one of the bases indicated in point 1 above.
  3. In every case the purpose, basis, period and scope, as well as the recipients of the data processed by the Data Controller arise from activity of the user on the website https://mousetrap.games/.
  4. The Data Controller may process the data for the following purposes, bases, periods and scope:
Purpose of processingLegal basis and retention periodScope of processing
Performance of a
contract or taking steps at the request of the data subject prior to entering
into a contract		Article 6 (1) (b) of GDPR

The data is stored for the
period necessary to perform the contract and terminating or other expiring of the contract		Maximal scope: name, e mail address, name of the company
Direct marketingArticle 6 (1) (f) of GDPR
The data is stored for the
period of existing the legitimate
purpose pursued by the Data
Controller, however, not longer
than the statutory limitation
period with respect the data
subject related to the business
of the Data Controller		Maximal scope: name, e-mail
address, name of the company
MarketingArticle 6 (1) (a) of GDPR
The data is stored until the
consent of the data subject to processing for a given purpose is withdrawn		Maximal scope: name, e-mail
address, name of the company
Determination, pursuing or defending claims which the Data Controller may lodge or which may be lodged against the
Data Controller		Article 6 (1) (f) of GDPR
The data is stored for the
period of existing the legitimate purpose pursued by the Data Controller, however, not longer than the statutory limitation period with respect the data subject related to the business of the Data Controller		Maximal scope: name, e-mail
address, name of the company

IV. RECIPIENTS OF THE PERSONAL DATA

  1. In order to provide proper operations of the website https://mousetrap.games/, it is necessary for the Data Controller to use external services, e.g. software providers.
  2. The Data Controller uses services of only those processors, which provide sufficient guarantee of adequate technical and organizational means, so that the processing meets the requirements of GDPR and protects the rights of the data subjects.
  3. What’s important, providing the data by the Data Controller does not take place in every case and to all recipients indicated in the Privacy Policy. The Data Controller provides the data only in the event that it is necessary to achieve a given purpose of processing the data and only in the necessary scope.

V. ANALYTICS TOOLS

  1. This Privacy Policy may be amended from time to time, of which the Data Controller shall notify the users on the website at: https://mousetrap.games/.
  2. Any questions, remarks or doubts related to this Privacy Policy or the website https://mousetrap.games/ shall be sent to: [email protected].