PRIVACY STATEMENT PARENTS

PRIVACY STATEMENT PARENTS

PRIVACY STATEMENT PARENTS

1.   General information

The packagespoints.comWebsite is dedicated to website visitors under the age of 16 years (“Website Visitors”) and provides a safe environment for such children. packagespoints.com is especially committed to protecting the privacy of these Website Visitors. This is explained in a simplified manner in our Privacy Info document, in order to also be understandable for children. For parents or guardians that are interested in being informed on how packagespoints.com process data of the Website Visitors in more detail, we’ve drafted this “Privacy Statement Parents” as well as the“Cookie Statement Parents”. It is designed to provide further transparency into packagespoints.com’s privacy practices and principles. It provides information on the data that we collect from Website Visitors through our kids.packagespoints.com.com web platform (“packagespoints.comWebsite”) from the European Economic Area (EEA).

The packagespoints.comWebsite is owned and operated by packagespoints.com B.V. (referred to in this Privacy Statement Parents as “packagespoints.com”, “we”, “our”, or “us”). packagespoints.com is an entity incorporated under the laws of the Netherlands.

Please note that we determine the language of this Privacy Statement Parents based on the language settings of your browser.

2.   Which data is used and for what purposes?

All features on the packagespoints.comWebsite are available without the need for registration by Website Visitors. We don’t work with accounts or chat box functions. No personal data (such as email addresses and phone numbers) is requested from Website Visitors. Furthermore, we don’t allow any third parties to place advertisements on our packagespoints.comWebsite.

Nonetheless, packagespoints.com does process certain electronic data when someone visits the packagespoints.comWebsite for specific purposes, as detailed below.

3.   How do we obtain data?

We obtain a Website Visitor’s data in various ways:

  • Provided by the Website Visitor.Some data we receive straight from you or the minor you represent, when we are contacted via the contact details listed below.
  • Automatically obtained.Some data we obtain automatically, for example by using cookies and similar techniques. When the Website Visitor’s device contacts our web servers when a Website Visitor visits the packagespoints.comWebsite, our web servers automatically collect usage information. Further information on this is  included in ourCookie Statement Parents.

The Website Visitor is under no obligation to provide any information about themselves to us. However, refusal to supply certain information via cookie blockers, might impact the Website Visitor’s experiences on or functionality of the packagespoints.comWebsite (e.g. the Website Visitor will not be able to use the “save game” functionality). If the provision of certain personal data is a legal or contractual obligation or an essential requirement for concluding an agreement with us, we will separately provide additional information about this for as far as this is not clear in advance. In this case we will also inform about the possible consequences if this information is not provided.

4.   Who do we share data with?

We only share a Website Visitor’s data with third parties if:

  • This is necessary for the provision of a service or the involvement of the third party. Sub-contractors, for example, will in principle only get access to the personal data that they require for their part of the service provision and will not be allowed to process the data for their own purposes.
  • The persons within the third party that have access to the personal data are under an obligation to treat this data confidentially. Where necessary this is also contractually agreed on.
  • The third party is obliged to comply with the applicable regulations for the protection of personal data, for instance because we have concluded an agreement with this party or because our Terms of Use apply. This includes that the party is obliged to ensure appropriate technical and organizational security measures, and that any transfer of personal data to countries outside the EEA is adequately legitimized.

We could share a Website Visitor’s data on a need-to-know basis with the parties mentioned below. In this context, “need-to-know” means that a party only gets access to the Website Visitor’s data if and insofar as this is required for the professional services provided by this party.

  • Authorized persons, employed by packagespoints.com, who are involved with the processing activity concerned. Such as, the members of the support team a Website Visitor is in contact with.
  • Authorized persons, employed by service providers / sub-contractors engaged by packagespoints.com, who are involved with the processing activity concerned.
  • Authorized government institutions. Such as, courts, police, and law enforcement agencies. We may release information about our Website Visitors, including IP address, when legally required to do so, at the request of governmental institutions conducting an investigation or to verify or enforce compliance with the policies governing the packagespoints.comWebsite and applicable laws. We may also disclose such user information whenever we believe disclosure is necessary to protect the rights, property or safety of packagespoints.com or others.

5.   How do we secure data?

Protecting the Website Visitors’ privacy and data is very important to us. Therefore, packagespoints.com has implemented appropriate technical and organizational measures to protect and secure a Website Visitor’s data, in order to prevent violations of the confidentiality, integrity and availability of data. All packagespoints.com employees and other persons engaged by packagespoints.com for the processing of a Website Visitor’s data are obliged to respect the confidentiality of this data.

packagespoints.com has internal documentation in which it is described how we safeguard an appropriate level of technical and organizational security. In addition, a data breach procedure is applicable within packagespoints.com, in which it is explained how (potential) data breaches need to be handled. We will, for example, inform the competent supervisory authority and involved data subjects when this is required by the applicable law.

6.   To which countries will we transfer data?

Parties involved with the processing of a Website Visitor’s data originating from the EEA, may be located in a different country. In case the data is processed outside the EEA, the transfer is legitimized in the manner described below. You can find an overview of the EEA countries here: https://ind.nl/en/Pages/eu-eea-countries.aspx.

Transfers outside the EEA.The transfer of personal data to a third party outside the EEA can in the first place be legitimized based on an adequacy decision of the European Commission, in which it is decided that the (part within the) third country in question ensures an adequate level of data protection. On the website of the European Commission, you can find an overview of the adequacy decisions that have been taken.

If personal data is transferred to a country outside the EEA for which there is no adequacy decision, we agree on the applicability of the relevant version of the Standard Contractual Clauses with the relevant party. This is a standard contract to safeguard the protection of personal data, which is approved by the European Commission, in which the parties fill out the appendices. Where appropriate, additional safeguards are taken.

In specific situations we can also rely on the derogations from article 49 GDPR to legitimize the data transfer. This means that we may transfer personal data: (i) with explicit consent, (ii) if this is necessary for the performance of a contract that has been concluded with the Website Visitor or has been concluded in its interest, or (iii) if this is necessary for the establishment, exercise or defense of legal claims. Lastly, in exceptional cases we may also transfer a Website Visitor’s data if the data transfer is necessary for our compelling legitimate interests and is not overridden by the Website Visitor’s interests or rights and freedoms.

You can contact us if you want additional information about the way in which we legitimize the transfer of personal data to countries outside the EEA. Our contact details are stated at the bottom of this document: Privacy Statement Parents.

7.   How do we determine how long we retain data?

In general, we do not keep a Website Visitor’s data for longer than what is necessary in relation to the purposes for which we process this data. There could however be exceptions applicable to the general retention terms.

Exception: shorter retention period.If a Website Visitor or someone on their behalf exercises certain privacy rights, it is possible that packagespoints.com will remove the related personal data earlier than the general applicable retention period or – oppositely – retain it for a longer period of time. For more information about this, please refer to the header “Which privacy rights apply (incl. the right to object)?”

Exception: longer retention period.In certain situations, we process a Website Visitor’s data for a longer period of time than what is necessary for the purpose of the processing. This is for instance the case when we have to process the personal data for a longer period of time:

  • Retention obligation. To comply with a minimum retention period or other legal obligation to which we are subject based on the applicable law. This will in principle not apply to cookie related data.
  • Procedure. The data is necessary in relation to a legal procedure.
  • Freedom of expression. When further processing of the data is necessary in order to exercise the right to freedom of expression and information. This will in principle not apply to cookie related data.

8.   Which privacy rights apply (incl. right to object)?

Based on the General Data Protection Regulation (“GDPR”; (EU) 2016/679) Website Visitors have various privacy rights. To what extent these rights can be exercised, may depend on the circumstances of the processing, such as the manner in which packagespoints.com processes the personal data and the legal basis for the processing. Below we included a summary of the relevant privacy rights under the GDPR. For more information about this, you can visit the website of the European Commission.

We will respond to all requests without undue delay. If our full response will ever take more than a month due to the complexity or number of requests, we will inform on this. Furthermore, please note that we may request more information to confirm the identity of the person filing the request – thus the Website Visitor or its legal representation – before acting on any request.8.1   Applicable privacy rights.

9. Who is responsible for the processing of the data?

packagespoints.com is in principle responsible for the processing of the Website Visitor’s data in the context of the packagespoints.comWebsite. The developers of the games on the packagespoints.comWebsite are required to remove all outgoing links and branding/advertisements (e.g. splash-screens, social links and app-store links) from their game(s).

10. How can you contact us?

If you or the minor you represent have any questions concerning this Privacy Statement Parents, or data collection in particular, please contact us at kids@packagespoints.com.com or via:

packagespoints.com B.V.
Spui 10
1012 WZ Amsterdam
The Netherlands
+31 20 2800 870 (for communication in Dutch or English)

Please let us know by e-mail in advance if you prefer to have further contact over the phone via another preferred language. We will then provide you with the relevant phone number.

11.   Changes

We may change this Privacy Statement Parents from time to time to accommodate new technologies, industry practices, regulatory requirements or for other purposes. The latest version can always be consulted via the packagespoints.comWebsite. Important changes will also be communicated proactively.