We take your data protection seriously

Because we may from time-to-time process personal information, we have implemented the following privacy policy, which explains how we process your personal data.

When you visit our website, you accept the contents of this privacy policy as well as the additional documents named in the policy. This privacy policy defines how we process all the personally identifiable information that is collected.

To best protect your personal data, we continuously monitor the level of risk associated with our processing of data. We are particularly careful and seek to minimize data processing when it comes to data that can negatively affect your personal rights, including risk of discrimination, identity theft, economic damage, loss of reputation, or release of confidential information.

Contact Information

GameLayer Oy is responsible for the processing of your data, and we ensure that your personal information is processed in accordance with the law.

Contact person: Steven Judge

Address: Eteläinen Hesperiankatu 22a12, 00100 Helsinki, FINLAND

Company number: 2503589-1

Telephone: +358-504869469

Email: legal@gamelayer.co

Website: gamelayer.co

Processing of Personal Information

Data we process

We process data about you to improve our services and the products we offer, to communicate with you and for the purpose of offering you relevant products from GameLayer.

The data we process includes:

General personal data, such as
– Name
– Email (business)
– Phone number (business)
– Job title
– Company where you work
– Automatically collected data (see below)
– Information you actively submit to us (we will only continue the processing if relevant and necessary for the purpose)

Automatically Collected Data

Our digital solutions are based on various technologies with the goal of ensuring a user-friendly and secure experience. These technologies can automatically collect data, either directly from us or via a third party on our behalf, to offer the best possible solution. See below for more information about cookies and Google Analytics, which are examples of these technologies.

Use of Cookies

Cookies, purpose, and relevance

If we utilise cookies, you will be informed of their use and the purpose of collecting data via cookies.

We will obtain your consent

Before we place cookies on your devices, we ask for your permission. Cookies that are necessary to ensure proper functionality and settings can be used without your explicit permission.

Google Analytics (or similar)

All visits to a digital solution trigger the sending of information from your browser to a server. It is via the analysis of this data that we optimize the digital solution. Data is collected by a third party on our behalf.

Data about your computer can be collected in connection with system administration and internal marketing-related analysis. This data is comprised of statistical information about users’ behaviour in the digital solution.

Examples of data that are collected and analysed:
– Date and time of visit
– The pages that were visited
– The IP address of the visitor
– Settings from the browser and computer used

We Collect and Store your Personal Data for Specific Purposes

We collect and store your data for specific purposes or other legally allowed business-related reasons. This can be necessary, for example, in the following cases:
– Modification of the content of digital solutions
– Administration of memberships
– Order processing and communication in connection with your orders or other requests
– Confirmation of your identity in communications with us
– With your permission, for marketing, sales, advertising, or analysis purposes

We process only relevant personal information

We only process data about you that is relevant and appropriate in relation to the goals that have been defined above. The goal defines what kind of data about you is relevant for us. The same applies to the extent of the personal information we use. We use, for example, no more of your data than we need for the specific purpose.

We process only necessary personal information

We collect, process, and store only the personal information that is necessary to achieve our determined goals. There can be additional, legally defined types of data that are necessary to collect and store for our business operations. The type and extent of the personal information we process can also depend on what is required to complete a contract or another legal requirement.

We monitor and update your personal information

We ensure that the personal information we use about you is not incorrect or misleading. We also make an effort to update your personal information on an ongoing basis.

Because our service requires data that is correct and up to date, we ask you to notify us of relevant changes in your data. You can use the contact information to notify us of any changes.

We delete your personal information when it is no longer necessary

We delete your personal information when it is no longer required in connection with the purpose for which it was collected. This period depends on the nature of the information and the purpose for which it is being stored.

Working with Vendors and Data Processors

We do not share your personal information with partners or other actors who will use it for marketing or other purposes.

We do not request your permission if we are legally required to share your personal information, for example, in connection with a report to the public authorities.

We share personal information to our data processors and other trusted businesses or persons to process it for us, based on our instructions and in compliance with our Privacy Policy and any other appropriate confidentiality and security measures.

We might share your information with data processors both within and outside EU. If we share your information with data processors, we ensure that their level of security regarding personal information lives up to the requirements we have laid out in this policy after applicable laws. We have, among other things, requirements regarding data processing, information security, and compliance with the General Data Protection Regulation (GDPR).

Google Analytics

We use Google Analytics as a web analysis solution in our digital solutions. In connection with this, we send web analytics data from our digital solutions to the service Google offers for analysis. In this regard, Google Analytics functions as a “Data processor” of the data and we are the “Data controller” of the data, and our data may only be passed along by agreement or to uphold legal requirements.


We protect your personal information and have internal rules regarding information security

We have adopted internal rules regarding information security, which contain guidelines and precautionary measures that protect your personal information against being destroyed, lost, altered, published in an unauthorized manner, or accessed by unauthorized persons.

We have established procedures for granting access to our employees who process personal information and data, which includes information about personal interests and behaviour. To avoid data loss, we create continuous backups of our data. We also protect the confidentiality and authenticity of your data with the help of encryption.

In the case of a security breach that results in a high risk of you being the victim of discrimination, ID theft, economic loss, loss of reputation, or other significant inconvenience, we will notify you of the security breach as quickly as possible.

Your Rights

You have the right to gain access to your personal information

You have the right to be informed at any time of what data about you we process, where it came from, and what we use it for. You can also find out how long we store your personal information and who receives data about you, in the case that we share data in Finland and abroad.

At your request, we can inform you of the data about you that we use. Access can, however, be limited to protect the privacy of others, trade secrets, and intellectual property rights.

You can take advantage of your rights by contacting us. Our contact information can be found at the top of this policy.

You have the right to have inaccurate personal information corrected or deleted

If you believe that the personal information we have about you is inaccurate, you have the right to have it corrected. You should contact us and inform us of the inaccuracies and how they can be corrected.

In some cases, we will be required to delete your information. This is the case if, for example, you rescind your permission. If you believe that your data is no longer necessary in connection with the purpose for which it was collected, you can ask to have it deleted. You can also contact us if you believe that your personal information is being processed in a way that goes against the law or other legal requirements.
When you contact us with a request to have your personal information corrected or deleted, we ensure that the terms are fulfilled and implement the changes or deletion as quickly as possible.

You have the right to object to our processing of your personal information

You have the right to make an objection to our processing of your personal information. You can also object to the sharing of your data for marketing purposes. You can use the contact information at the top of this document to send your objection. If your objection is legitimate, we will ensure that the processing of your personal information stops.

You have the right to receive the personal information that you have given us access to and the information that we have collected about you from other actors based on your permission. If we process data about you as part of a contract that you are party to, you can also have your data sent to you. You also have the right to transfer this personal information to another service provider.

If you wish to use your right to data portability, you will receive your personal information from us in a commonly used format.

If you wish to gain access to your data, have it corrected or deleted, or object to our data processing, we will attempt to respond to your request as quickly as possible, and at the latest one month after we have received your request.

Updates to the Policy

We always strive to comply with relevant laws including principles for privacy and data protection. We therefore update this policy regularly, for example, when there are changes to the law. Significant changes will be announced on our website.