This is SmoothTeam Ltd's register and privacy policy in accordance with the EU General Data Protection Regulation (GDPR). Prepared on 25.5.2018. Last modified on 28.8.2023.
1. Data controller
SmoothTeam Oy, business ID 2679043-4, Nekalantie 28, 33100 Tampere, Finland
2. Contact person responsible for the register
Jaakko Heikkilä, registry[at-merkki]smoothteam.net
3. Name of the register
SmoothTeam Oy's gaming platform user register
4. Legal basis and purpose of the processing of personal data
The processing of personal data is based on the consent of the data subject.
The purpose of processing personal data is to manage and develop the customer relationship or to provide a service.
The data will not be used for automated decision-making or profiling.
5. Data content of the register
The data to be recorded in the register are:
- Personal data: first name and surname, surname, e-mail address
- Choices made by a person in a game situation
The data is kept for at least three years after the game, so that we can produce reports for the client if requested by the client. Notwithstanding this, if requested by the client, the data will be deleted from the register without delay.
6. Regular sources of information
The data to be recorded in the register is obtained from the data subjects themselves (data field filled in the gaming system).
7. Regular disclosures and transfers of data outside the EU or EEA
Data may be transferred to the systems listed below outside the European Union or the European Economic Area:
- Slack, USA - email addresses of game leaders. These make it easier to provide quick support in case of problems and to monitor the use of the platform.
8. Principles of register protection
The register is processed with due care and the data processed by the information systems are adequately protected. Electronically processed databases are protected by firewalls, passwords and other technical means generally accepted in the field of data security. Access to personal data shall be restricted to specified and identified persons whose duties require them to process the personal data recorded in the register. These persons shall have access to the system by means of personal user IDs.
9. Right of inspection and right to request correction of information
Every data subject in the register has the right to check the information stored in the register and to request that any inaccurate or incomplete information be corrected or completed. If a person wishes to check or request a correction of the data stored about him or her, the request should be sent to the controller. The controller may, if necessary, ask the applicant to verify his/her identity. The controller will reply to the data subject within the time limit laid down in the EU General Data Protection Regulation (as a general rule, within one month).
10. Other rights relating to the processing of personal data
A data subject in the register has the right to request the erasure of personal data concerning him or her from the register ("right to be forgotten"). Data subjects also have other rights under the EU General Data Protection Regulation, such as the restriction of processing of personal data in certain circumstances. Requests should be sent to the controller. The controller may, if necessary, ask the applicant to verify his or her identity. The controller will reply to the data subject within the time limits set by the EU GDPR (usually within one month).