PRIVACY POLICY

1 INFORMATION ABOUT THE PROCESSING OF PERSONAL DATA

Your data security is important to us, and we therefore take great care to ensure that your personal data is handled responsibly. Below you can read how Nordic Softworks ApS (hereinafter ”Nordic Softworks”, "we", "us " or "our ") process personal data about you when we act as data controller. You can also read about your rights in relation to our processing.

2 NORDIC SOFTWORKS’ ROLE AS DATA CONTROLLER

In connection with the operation of our business, we process certain personal data. We do this in order to serve you in the best possible way. We only collect and process general (non-sensitive) personal data.

If you have any questions regarding our processing of your personal data, please contact Nordic Softworks here:

Contact information:
Nordic Softworks ApS
Reg.no: 43208225
Kasernevej 8
8800 Viborg
Denmark

Email: [email protected]

3 WHAT PERSONAL DATA DO WE COLLECT AND WHY

We process personal data about you in several different situations. Read more about our processing in the different situations below.

3.1 Visitors to Nordic Softworks’ website and users of Nordic Softworks’ online services

When you visit Nordic Softworks’s websites (e.g., www.nordicsoftworks.com) or use our other online services (on, for example Reddit, Discord, Twitter), Nordic Softworks may process information about your IP address as well as information about your location information, device and browser.

We also process personal data that you provide to us in connection with your use of the website or our online services, including and any other information you provide to us.

We use your personal data so that we can make relevant products, supplies, benefits and services ("Services") available to you and to improve your experience of our websites and online services and the Services we offer.

We use Cloudflare Pages to host our websites.

The legal basis for processing is our legitimate interests in making our website (and online services) available to you cf. Article 6(1)(f) of the General Data Protection Regulation).

We store personal data collected in connection with your visit to our website for up to 24 hours.

3.2 When you play our games

When you play our games, we can process personal data about you. If you are using a platform to download our games, e.g., Itch or Steam or others (“Platform”), we process personal data about your Platform ID and name.

Further we can process personal data about your username, name, e-mail, the mods you make (which can include text and pictures) and further information that you provide.

We process such information for the purpose of improving our games and providing it with services, such as multiplayer, matchmaking, content sharing and synchronization of data between devices.

We use PlayFab, mod.io and codecks.io services to offer our online services in relation to our games.

The legal basis for processing is our legitimate interests (Article 6(1)(f) of the General Data Protection Regulation) as we have legitimate interests in making our games available and improving our services.

We store such data processed in connection with the use of our games as long as the player is active. A players data may be deleted after the player has become inactive for 2 years.

3.3 When you contact us via e-mail

If you contact us by e-mail, we will process the information you have sent us such as your name, username, e-mail address and the correspondence.

We use Microsoft to host our e-mail service.

The processing is necessary for the purposes of our legitimate interests to support you with any questions or concerns you may have.

The legal basis for processing is our legitimate interests (Article 6(1)(f) of the General Data Protection Regulation).

If you have communicated with us by e-mail, we will keep the information for up to two years after we have communicated, unless we are obliged to a longer retention period to comply with legal requirements.

4 DISCLOSURE OF YOUR PERSONAL DATA TO OTHERS

Nordic Softworks may disclose your personal data to other suppliers and/or service providers in the ordinary course of our business.

Nordic Softworks may also disclose your personal data to a public authority in situations where we are specifically obliged to disclose your personal data pursuant to legislation and notification obligations to which we are subject.

It may for example be necessary to disclose personal data to the following recipients:

We try to limit the disclosure of personally identifiable information and thus the disclosure of information that can be attributed to you personally.

Nordic Softworks also discloses your personal data to data processors. Our data processors only process your personal data for our purposes and under our instructions.

5 TRANSFER OF PERSONAL DATA TO COUNTRIES OUTSIDE EU/EEA

In connection with our processing of your personal data, we may transfer such information to countries outside the EU/EEA (third countries).

Your personal data may be transferred to countries where the European Commission has determined that the level of data protection is equivalent to that in the EU/EEA (secure third countries).

We may also transfer your personal data to unsecure third countries. The transfer of your personal data to unsecure third countries will be based on the Standard Contractual Clauses (SCC) drawn up by the European Commission, which have been specifically designed to ensure an adequate level of protection. We assess the adequacy of the transfer basis and adopt additional measures if necessary to ensure an adequate level of protection for the transfer.

You can read more about the transfer of personal data to countries outside the EU/EEA on the European Commission's website.

If you would like further information about our transfer of personal data to countries outside the EU/EEA, please contact us.

6 STORAGE, DATA INTEGRITY AND SECURITY

When your personal data is no longer needed, we will ensure that it is deleted in a secure manner.

It is our policy to protect personal data by taking adequate technical and organisational security measures.

We have implemented security measures to ensure data protection for all personal data that we process. We conduct regular internal followups on the adequacy of and compliance with policies and measures.

7 YOUR RIGHTS

As a data subject, you have certain rights under the General Data Protection Regulation. If you want to exercise your rights, please contact us.

You may – unconditionally and at any time – withdraw your consent. You can do so by sending us an email (see email address above). Withdrawal of your consent will not have any negative impact. However, this may mean that we cannot meet specific requests from you in the future. Withdrawal of your consent will not affect the lawfulness of the processing based on consent before it is withdrawn. Furthermore, it will not affect any processing carried out on another lawful basis.

You can also – unconditionally and at any time – object to our processing when it is based on our legitimate interests.

Your rights also include the following:

8 UPDATES OF OUR PRIVACY POLICY

From time to time it will be necessary to update this Privacy Policy. We will review our Privacy Policy on a regular basis in order to ensure that it is updated, valid and in accordance with current legislation and the principles for processing of personal data. We will publish new versions of the policy on our website.

This privacy policy has version no. 3 and is valid from 9 November 2023.