What are the changes? We have added information about collecting personal data in logs for ensuring IT system security.
1. Categories of individuals that this information notice concern
The purpose of this policy is to provide information about how personal data are processed by Huuuge, Inc. (‘Huuuge’), as personal data controller.
This information notice is addressed to the persons interested in Huuuge’s investor relations such as investors and potential investors, visitors to the Investor Relations Portal, journalists, people interested in investments.
2. Personal Data Controller and Data Protection Officer
The controller of your personal data is Huuuge Inc., with the registered office at 850 New Burton Road, Suite 201, Dover, DE 19904, United States of America, and the postal address at: 2300, W. Sahara Ave., Suite 680, Mailbox 32, Las Vegas, Nevada 8102, United States of America.
The controller’s representative in the EU under the art. 27 of the GDPR is Huuuge Games sp. z o.o., ul. Storrady Świętosławy 1/501, 71-602 Szczecin, Poland.
Within Huuuge Group there is appointed a Data Protection Officer (the “DPO”) who is the person responsible for all matters related to data protection and privacy matters. The DPO is the designated contact for data protection issues for all the companies of the Huuuge Group. In case you have any questions regarding our processing of your personal data or if you would like to exercise any of your rights as a data subject under the General Data Protection Regulation (the “GDPR”), you can reach our DPO at the following address:
ATTN: Data Protection Officer
Huuuge Games sp. z o.o.
ul. Storrady Świętosławy 1/501, 71-602 Szczecin, Poland
3. Personal data processing
The purpose of personal data processing by Huuuge Inc. is to:
• communicate with persons contacting Huuuge in the investor relations matters. Within the communication, Huuuge may send you materials, reports, information, invitations or offers regarding Huuuge and Huuuge’s investor relations,
• organizing or co-organizing events regarding Huuuge and Huuuge’s investor relations (including conferences, lectures).
• ensuring and managing the security of IT systems, if you visit this website.
The legal basis for personal data processing is your consent to process your personal data and contact you (for possibly directing materials, reports, information, invitations or offers regarding Huuuge Inc. and its investor relations) or our legitimate interest (i.e. conducting activities regarding Huuuge’s investor relations, maintaining relationships with you, handling your claims, enabling you to participate in our events and providing you with necessary information), ensuring the security of IT networks.
Personal data processed are usually your name, surname, e-mail address, telephone number and other information provided by you within the course of communication, in particular in the form available on the investor relations website. When you use our website, we collect data in system logs, which are used to store a chronological record containing information about events and activities related to the IT system used to provide our services. Such records are collected automatically. Depending on the circumstances, we may also process other categories of personal data.
Providing your personal data is voluntary, however, if you fail to provide all the details significant in specific circumstances, the communication process may be hindered or impossible to conduct.
Data storing period: until the consent is withdrawn, not shorter, however than for a period arising from provisions of law or as long as necessary to pursue a legitimate interest of the Controller or a third party.
4. Personal data sharing
If it occurs that we are legally obliged to do so, we may provide your personal data to entities and public bodies authorized to process such data on the basis of legal regulations (for instance courts, prosecutor’s office). When necessary, we may share your personal data when a need to protect the rights or property of Huuuge or applicable third parties occurs.
Your personal data may be also transferred to other companies within the Huuuge Group, their affiliates and their contractors. Please note that all companies of the Huuuge Group (and their contractors) ensure appropriate safety measures regarding your personal data.
As we process tremendous amounts of information, we need assistance from our contractors (business partners and service providers) in order to maintain our business operations. Consequently, we may share your personal data with other entities who support us in conducting activities, in particular advisors, IT service providers, marketing service providers), services in the scope of archiving and destruction of documents, finance and accounting services and insurance services.
As a safeguard to protect your privacy, we arranged:
• data processing agreements with our support partners who act as our processors or,
• sharing personal data agreements/clauses, where our partner is also a data controller of your personal data,
where we ensure that your personal information is only used in accordance with our instructions and with the initial purpose of processing your data, and that the use by the third party is in accordance with the applicable law requirements or our contractual arrangements.
5. Transfer of data outside the European Economic Area (EEA)
Your personal data may be transferred to third countries situated outside the European Economic Area. Such transfer shall take place in accordance with the binding regulations regarding the protection of personal data, in particular on the basis of adequacy decisions or model contractual clauses adopted by the European Commission. Alternatively, we can also transfer data to the entities that are bound by binding corporate rules within their capital group, which are approved by the data protection authorities and grant the respective level of security even when outside the EEA.
You can direct any requests, questions or concerns regarding Huuuge’s handling of safeguards of the transfer outside the EEA to our DPO whose contact details are given in a point 2 above.
6. Rights of the data subjects
In connection with personal data processing, the persons whose data are processed shall have the right to (respectively):
• demand that the Controller provides access to the personal data being processed,
• demand that the Controller rectifies the personal data being processed,
• demand that the Controller erases the personal data being processed,
• demand that the Controller restrictions the processing of personal data
• object to the processing of personal data,
• portability of personal data,
• withdraw his or her consent for the processing of personal data, whereas its withdrawal shall not affect the legality of processing executed on the basis of such consent before its withdrawal.
Please note that the rights under the GDPR are not unconditional. Therefore, an attempt to invoke any of the rights might not lead to an action. We have to analyse first whether it is admissible to exercise your request.
You also have the right to lodge a complaint with the data protection supervisory authority. We encourage you, however, to always contact us first when you have any problems or doubts regarding the personal data processing by us.