Privacy Policy

Please read the following Privacy Policy carefully before using this app or other services that we provide. By accessing or using our app or services (other than to read this Privacy Policy for the first time), you agree to the terms of this Privacy Policy.

‍

DERIOKU (“we”, “our”, or “us”) respects your personal data. With the following privacy policy ("the Privacy Policy"), we would like to provide information on the collection, processing and use of data in connection with the website, the games and the other services of DERIOKU ("Service"). DERIOKU collects, processes or uses personal data exclusively within the framework of the applicable statutory provisions. Therefore, the high data protection level of the General Data Protection Regulation ("GDPR") applies.

‍

1. Field of application

This Privacy Policy is directed to all users of the Service ("users" or "you"). Insofar as individual services of DERIOKU have a different privacy policy, this shall apply. Likewise, third party services to which the Service may refer via links are also excluded from the scope of application. DERIOKU is not responsible for their content or compliance with data protection regulations. This includes, for example, links to social networks. The processing of users' personal data via these social networks is carried out by the respective network operator without us having any influence on this processing. This also applies to the personal data which the ser communicates to us via such a platform, for example by writing our profile in the respective social network. The user can find information on the handling and protection of the personal data of the user on these platforms in the privacy policy of the respective platform.

‍

2. Collecting, processing and use of data when accessing the website

2.1. When you visit the DERIOKU website, information transmitted to us by your web browser will be recorded automatically. This includes the IP address of the end user device you are using, the date and time (including time zone) of the particular access to the website as well as the information which specific page or file you requested, the domain via which the particular request was made (the referrer URL) and the operating system and browser you are using.

2.2. DERIOKU collects this data for the purpose of providing the website on the basis of Art. 6 par. 1 s. 1 lit. f) GDPR, whereby the legitimate interest of DERIOKU is the provision of the website.

2.4. DERIOKU uses Google Analytics, a web analysis service provided by Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; "Google"), for statistical evaluation and optimisation of the Services. Google uses Google Analytics cookies (first-party cookies), which are stored for up to two years, to analyse the use of the website and the apps. The information collected using cookies (including IP addresses) is generally transmitted to and stored by Google on servers in the USA. DERIOKU uses Google Analytics with the "_anonymizehelp()" extension, whereby all IP addresses are anonymised within the EU before transmission to the USA takes place, so that there is no longer any direct personal reference regarding the transmission and evaluation of the data. On behalf of DERIOKU, Google analyses the website and app activities of the users and summarises the results in reports for DERIOKU. This information may be transferred by Google to third parties where required to do so by law, or where such third parties process the information on Google's behalf. The user can object to the collection and storage of data by Google Analytics at any time with effect for the future by installing the following Google browser plug-in: https://tools.google.com/dlpage/gaoptout?hl=en

‍

3. Cookies

3.1. The DERIOKU website may use cookies. Cookies are small text files that store settings and data on the user's device for transmission to DERIOKU and are transmitted each time the user accesses the DERIOKU website. Cookies enable DERIOKU to recognise your device and, if available, to make your default settings available immediately.

3.2. Cookies are used by DERIOKU to make the website more user-friendly and effective, in particular by saving preferences selected by the user during the visit and by providing DERIOKU with information on the use of the Website and other statistical information. Cookies are only placed with the consent of the user (Art. 6 par. 1 s. 1 lit. a) GDPR).

3.3. Some cookies are automatically deleted when the browser is closed. Other cookies remain stored for up to 2 years and are then automatically deleted.

3.4. In general, the user can set his browser in such a way that he is informed about the setting of cookies, the setting of cookies for certain cases or is generally excluded or the user only permits the setting of cookies in individual cases. In addition, the user can delete stored cookies in the settings of his browser. However, if cookies are deactivated the functionality of the DERIOKU website may be restricted.

‍

4. Downloading mobile apps

When downloading a mobile app from DERIOKU, the operator of the platform on which the app is provided (e.g. Apple Inc. for the AppStore and Google LLC for the Google PlayStore and Amazon.com Inc. for the Amazon Appstore) collects the following data for the download: User name, email address, customer number of the account, time of download, payment information and the individual device code number. However, the platform operator is exclusively responsible for this collection. To the extent necessary for the download, DERIOKU processes the data provided by the platform operator.

‍

5. Collection, processing and usage of data for the fulfilment of contractual obligations, consent when using registration via single sign-on services

5.1. DERIOKU collects, processes and uses personal data to fulfil contractual obligations, i.e. within the framework of concluding a contract with the user about the usage of the service, the execution of the contract and the termination of the contract, including the billing of paid elements of the Service. DERIOKU will not pass on personal data to third parties if there is no legal basis or legal obligation and the user has not consented.

5.2. Personal data that DERIOKU may collect in order to fulfil its contractual obligations towards the user includes, depending on the service, an identification number of the user's device which the user may reset (IDFA) as well as, where applicable, his email address (if provided by the user) and his IP address. The provision of this data is not required by law, but is required for the respective DERIOKU service. The user may voluntarily transmit further data to DERIOKU as part of the Service. Basis of this data processing for the fulfilment of contractual obligations is Art. 6 par. 1 s. 1 lit. b) GDPR.

5.3. When using the Service, DERIOKU collects information on the type and scope of use of the Service ("Usage Data") in order to ensure that the Game proceeds in an orderly and contractual manner. Usage data in this sense are in detail characteristics for the identification of the user (such as IDFA), information regarding the beginning and end as well as type and extent of the respective use and information about the products and services used by the user. The legal basis for this data processing is Art. 6 par. 1 s. 1 lit. b) GDPR. DERIOKU may also use this data to identify and eliminate errors or misuse of the Service. This data processing is based on Art. 6 par. 1 s. 1 lit. f) GDPR. Legitimate interest of DERIOKU is ensuring the proper functioning and use of the Service.

5.4. DERIOKU may transfer or store personal user data in other member states of the European Union or in other contracting states of the Agreement on the European Economic Area as well as in other states which ensure an adequate level of data protection, provided that the user consents to this or this is legally permissible.

6. Data processing in connection with ad-financed services

Parts of the Services (such as individual games or other individual services) may be wholly or partially financed by advertising. In the case of services financed by advertising, instead of a fee to be paid by the user for the provision and use of the advertising to the user during the use of the Service, advertising is displayed in order to finance the provision of the Service. In order to display advertising, data identifying the user's device used to access the Services (IP address, individual device ID of the e device or identifier) is processed. The processing of data for displaying advertising and transmission to service providers is based on Art. 6 par. 1 s. 1 lit. b) GDPR.

‍

7. Sending advertising and analysis for market research purposes

DERIOKU may collect and analyse statistical data on the use of the Service in aggregated or anonymised form for the development of advertising, for market research purposes, to improve the existing Services and to develop new products.

8. Analytics services

DERIOKU uses analysis tools to optimise the Service, which enable the use of the Service to be analyised. This can be done through the use of IDFA, cookies, web beacons or tracking pixels. The used analysis tools collect and process data to identify the user's device. When some of these analysis tools are used, data is transferred to the USA and stored there for processing. The user can object to the use of all these services by making the appropriate settings in his device or as described below for the individual services. The transmission of the user's personal data to the providers of the analysis tools takes place on the basis of Art. 28 GDPR. The legal basis for the use of the analysis tools is Art. 6 par. 1 s. 1 lit. f) GDPR. The legitimate interest of DERIOKU is the improvement and further development of the Service. In particular, this also requires knowledge and statistical analysis of the use of the Service and any crashes of the apps. DERIOKU uses these analytics tools:

DERIOKU uses services from Unity Technologies, including as a development platform, analytics provider (Unity Analytics) and advertising platform (Unity Ads).

Behind Unity Technologies are the companies Unity Technologies, 30 3rd Street, San Francisco, CA 94103 (contact for users in the USA) and Unity Technologies Finland OY, Kaivokatu 8 B, 00100 Helsinki, Finland (contact for users in the EU). Users may exercise their rights against Unity Technologies by sending an e-mail to the following address: DPO@unity3d.com. For more information regarding Unity Technologies' privacy practices, please visit https://unity3d.com/de/legal/privacy-policy?_ga=2.85718809.1255162827.1534754208-973617766.1534754208, where you will also find further information about settings you can make about your personal information. Transmission to servers of Unity Technologies outside the EU in this context is based on Art. 46 GDPR. Details of the measures taken by Unity Technologies to protect the rights of data subjects can be obtained via the following e-mail address: DPO@unity3d.com.

DERIOKU uses various services provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"), in particular the Admob service to play out and optimise advertising (ad mediation). Information on the use of DERIOKU's services is transmitted to Google and thus generally to a Google server in the USA, where it is stored. Further information on this - including information on how the user can object to this data processing - can be found at https://support.google.com/admob/answer/7665968 Regarding the transfer of data to Google in the USA, the EU Commission has adopted an adequacy decision (No. 2016/1250), according to which companies that meet certain criteria guarantee an adequate level of protection, also known as "EU-US Privacy Shield". These companies are included in the so-called Privacy Shield List. Google is one of the companies listed there. The transmission to Google in this context is based on Art. 45 and 28 GDPR.

9. Communication between users

We want to inform the user that content uploaded within the Service can be made publicly accessible and can be seen by other users. We therefore ask the user to handle the information provided by him/her carefully. Uploaded user content is transmitted in order to fulfil the purpose of the service pursuant to Art. 6 par. 1 s. 1 lit. b) GDPR.

10. Storage period and erasure of data

We process personal data only as long as the user is registered for the app and the website, or as long as it is necessary to achieve the purposes or is prescribed by a legal obligation to store the data. The data will then be erased immediately. Data we store for legal reasons will be retained for as long as is required by law (up to ten years). However, data we collect in the course of litigation will be retained for as long as is legally permissible. This may be up to 30 years. Regarding protocols that store network data, we delete the data at regular intervals - the exact time varies according to configuration rules (which can shorten the protocols by size and not by a specified time), whether the data was part of a snapshot that landed in a backup, and whether the protocols are part of a set of protocols that are routinely forwarded to a central protocol repository, but never longer than two years.

11. Data security

DERIOKU hereby clarifies that data protection and data security cannot be guaranteed for transmissions outside DERIOKU's sphere of influence, e.g. within your mobile network. We therefore draw the user's attention to the fact that his mobile network operator or unauthorized third parties may have access to the data that the user is transmitted to our servers or that is transmitted by us.

12. Disclosure of personal data to third parties

Personal data will only be disclosed to third parties without the express consent of the user where this is necessary to provide the services of DERIOKU or to implement the contract with the user (e.g. to process payments, including for in app purchases, for the technical provision of the Service), unless otherwise regulated elsewhere in this Privacy Policy. Accordingly, the data is transmitted to such service providers (such as payment service providers, advertising providers, technical service providers) for the purpose of fulfilling the contract pursuant to Art. 6 par. 1 d. 1 lit. b) GDPR. DERIOKU will of course ensure that the respective service provider has taken appropriate technical and organisational measures to ensure the security of the data before passing on the user's personal data. Furthermore, DERIOKU will not disclose the user's personal data to third parties unless the user has expressly consented to such disclosure (Art. 6 par. 1 s. 1 lit. a) GDPR) and DERIOKU is not entitled or obliged to disclose such data on the basis of statutory provisions or court orders. In the latter case, DERIOKU shall transfer the data in order to fulfil a legal obligation pursuant to Art. 6 par. 1 s. 1 lit. c) GDPR.

13. User rights

13.1 Right to information

The user has the right to obtain from DERIOKU, free of charge and in writing, the personal data relating to him/her stored by DERIOKU, the purposes for which it was processed, its origin, what it was passed on to which recipients or categories of recipients, the duration of the storage period and the rights of data subjects available to him/her.

13.2 Right to correction, deletion and/or restriction of personal data

The user also has the right to demand the correction of incorrect data, the deletion and/or restriction of the processing of personal data stored about him at any time, insofar as there is no legal obligation for DERIOKU to retain such data. Insofar as this includes such personal data that are required for the provision of services to the user, the deletion or restriction of the processing of this data can only take place if the user no longer uses the services offered by DERIOKU.

13.3 Right to object

The user has the right to object at any time to data processing based on Art. 6 par. 1 s. 1 lit. e) or f) GDPR for reasons arising from his particular situation, unless DERIOKU can prove compelling reasons worthy of protection which outweigh the interests of the user or the processing serves the assertion, exercise or defence of legal claims. The user may object to data processing for the purpose of direct marketing at any time without special reasons being required.

13.4 Right to data portability

If the user provides data relating to him and DERIOKU processes this data on the basis of the user's consent or to fulfil the contract, the user can demand that he receives this data from DERIOKU in a structured, common and machine-readable format or that DERIOKU transmits this data to another responsible person, insofar as this is technically possible (so-called right to data portability).

13.5 Right to withdraw consent

Any consent given by the user to the use of personal data may be freely revoked by the user at any time with effect for the future.

13.6 Right to make a complaint

The user can also make a complaint to a supervisory authority regarding data processing which, in his opinion, violates the statutory provisions.

14. Changes to the Privacy Policy

‍DERIOKU reserves the right to change this privacy policy at any time, while DERIOKU will always comply with the legal requirements for data protection. Therefore, DERIOKU recommends that users regularly take note of the applicable privacy policy. DERIOKU will inform users in advance of any further use of data.