Privacy Policy

We care about the privacy, confidentiality, and online safety of our Users, as we believe that these elements allow us to be considered a trustworthy and reliable service provider. This Privacy Policy ("Policy") aims to provide information on how we collect, use, and share Users' personal data and their rights with respect to the information provided to us - in particular in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, also known as the General Data Protection Regulation ("GDPR"), which entered into force on May 25, 2018.

Table of Contents:

1. Basic Definitions
2. Categories of Personal Data We May Process
3. Purposes and Legal Basis for Processing Personal Data
4. Personal Data Retention Period
5. Disclosure of Personal Data
6. User Rights
7. Analytics
8. Automated Decision Making
9. Changes to the Policy

1. BASIC DEFINITIONS

Personal Data - any information relating to the User that allows for their identification, i.e., name, surname, email address, telephone number, IP address, etc.;

User, You - the end user of the Application;

Application - software provided and managed by us that allows Users to ask questions in text and voice form about board games created by us and third-party producers who have consented to the inclusion of the content related to their board game instructions in the software, and then generates answers to the questions asked in text form using artificial intelligence technology provided by OpenAI;

Administrator - Realms Distribution spółka z ograniczoną odpowiedzialnością (limited liability company) with its registered office in Wrocław (50-127), address: ul. Św. Mikołaja 58, entered into the Register of Entrepreneurs kept by the District Court for Wrocław-Fabryczna in Wrocław, 6th Commercial Division of the National Court Register under KRS number 0000637257, NIP: 8992798122, share capital: PLN 26,500, hereinafter referred to as "we", "us", "our", etc.

Any questions regarding the processing of personal data can be directed to privacy@awakenrealms.com.

2. CATEGORIES OF PERSONAL DATA WE MAY PROCESS

In connection with the User's use of our mobile Application, we may process the following information: device manufacturer and model, platform type, and operating system and version running on the system or device; language; processor information, such as model, number of current processors, frequency, and instruction set support flags; graphics card type and vendor name; graphics card driver.

Due to the fact that we use the services of third parties to analyze our mobile Application, we may also collect data such as libraries and SDKs, web views, ephemeral processing information, and pseudonymous data. We may also share information about off-device transfers (such as transfers between servers), on-device transfers to another application, and crash logs with our third-party service providers.

3. PURPOSES AND LEGAL BASIS FOR PROCESSING PERSONAL DATA

We may process your personal data in order to enable you to use our mobile Application when such processing is necessary to perform the contract between you and us (Article 6(1)(b) of the GDPR). Providing us with data is not a legal obligation of the User, but it is necessary to use our mobile Application.

We may process your personal data in order to analyze the use of our mobile Application and error statistics in accordance with our legitimate interest (Article 6(1)(f) of the GDPR). Providing us with such data is not a legal obligation of the User, and they may object to such processing of their personal data at any time.

Also, remember that if you contact us or we are forced to defend or pursue claims related to our Application, we will process your personal data in accordance with our legitimate interest (pursuant to Article 6(1)(f) of the GDPR).

4. PERSONAL DATA RETENTION PERIOD

We store the User's personal data for the following period:

1. we store your personal data related to your use of our mobile Application as long as you use our mobile Application and we process the data necessary to perform the contract for the duration of the contract (as long as you have our mobile Application downloaded) and no longer than 6 years after its termination;
2. we store the User's analytical data for no longer than 18 months;
3. we store data necessary to respond to User inquiries for as long as it is necessary to resolve the matter or as long as required by law regarding the limitation of claims;
4. we process data necessary to establish or pursue any claims or defend against such claims for the limitation period of such claims.

5. DISCLOSURE OF PERSONAL DATA

In any case of processing your personal data by us, you can be sure that only the following will have access to your personal data:

1. authorized employees and associates who are obliged to maintain confidentiality and not use it for purposes other than those for which we collected it,
2. entities supporting us in the provision of services, on the basis of relevant agreements, e.g., entities providing legal, consulting, and telecommunications services.

All these entities will only have access to the necessary personal data.

We may also be required to provide certain information regarding the User to public authorities for the purposes of proceedings conducted by them. In such a case, information is provided only if there is an appropriate legal basis.

We may transfer the User's personal data outside the European Economic Area (in particular to the USA) on the basis of a decision on an adequate level of data protection in a third country, standard contractual clauses, or binding corporate rules. If we process the User's personal data outside the European Economic Area, we ensure that we apply appropriate legal safeguards and verify suppliers located in a third country. If you want to learn more about data transfers, we will be happy to answer any questions and provide more detailed information on the transfer of personal data. In particular, the User can always obtain information from us on (1) whether their personal data is transferred outside the EEA, (2) in which country their personal data may be processed, (3) which entities and on what basis have access to their personal data.

6. USER RIGHTS

The User has the following rights:

1. Right of access. At any time, the User may obtain confirmation from us as to whether their personal data is being processed, access to personal data and the following information:

   • the purposes of the processing;
   • the categories of personal data concerned;
   • who the recipients are;
   • if possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
   • where the personal data is not collected from the data subject, any available information as to their source;
   • the existence of automated decision-making, including profiling, and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.

2. Right to rectification. If you believe that information about you is incorrect or incomplete, you have the right to request the rectification of that data.

3. Right to withdraw consent. The User may withdraw their consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.

4. Right to erasure ('right to be forgotten'). The GDPR gives the User the right to obtain from us the erasure of all their personal data. We are obliged to comply with this request only if one of the following grounds applies:

   • the User's personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed;
   • the User has withdrawn consent on which the processing is based and there is no other legal ground for the processing of their personal data;
   • the User objects to the processing and there are no overriding legitimate grounds for the processing;
   • the User objects to the processing for direct marketing purposes;
   • the personal data has been unlawfully processed;
   • the personal data has to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject;
   • the personal data has been collected in relation to the offer of information society services referred to in Article 8(1) of the GDPR.

5. Right to restriction of processing. The User may also obtain restriction of processing where one of the following applies:

   • the accuracy of the personal data is contested by the User - for a period enabling us to verify the accuracy of the personal data;
   • the processing is unlawful, but the User opposes the erasure of their personal data and requests the restriction of its use instead;
   • we no longer need the User's personal data for the purposes of the processing, but it is required by the User for the establishment, exercise, or defense of legal claims;
   • the User has objected to processing of their personal data - only pending the verification whether our legitimate
   • grounds override those of the User.

6. Right to data portability. The User has the right to receive their personal data in a structured, commonly used and machine-readable format and has the right to transmit that data to another controller, where:

   • the processing is based on your consent or on a contract, and
   • the processing is carried out by automated means.

7. Right to object. In accordance with the GDPR, you have the right to object:

   • to processing of your personal data where it is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Administrator - on grounds relating to your particular situation;
   • to processing of your personal data where it is necessary for the purposes of the legitimate 1 interests pursued by us or by a third party, except where such interests 2 are overridden by the interests or fundamental rights and freedoms of the User which require protection of personal data, in particular where the data subject is a child, 3 including profiling - on grounds relating to your particular situation;
   • at any time - to processing of your personal data for direct marketing purposes, including profiling, to the extent that it is related to such direct marketing;

   • to processing of the User's personal data for scientific or historical research purposes or statistical purposes - on grounds relating to their particular situation.

     If, despite your objection, we consider that there are valid legitimate grounds for further processing of your Personal Data that override your interests, rights and freedoms, we may continue to process your Personal Data. If you do not agree with the above assessment of our situation, you have the right to lodge a complaint with a supervisory authority.

8. Right to lodge a complaint with a supervisory authority. In connection with our activities as the Administrator, the User has the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, their place of work or the place of the alleged infringement.

If you want to lodge a complaint in Poland, from May 25, 2018, the function of the supervisory authority is performed by the President of the Personal Data Protection Office (PUODO), address: ul. Stawki 2, 00-193 Warszawa. A detailed description of the procedure for lodging a complaint with the PUODO is available on the website run by the PUODO, which can be accessed by clicking on the following link: https://uodo.gov.pl/. To ensure the best possible functioning of our Application, in some areas we must use the support of other entities that specialize in these areas. Before sharing the User's personal data, we always verify whether the recipient is reliable and guarantees compliance with the highest data protection standards.

7. ANALYTICS

We may use Firebase Crashlytics, which is an analytical tool designed to collect and analyze data about Users of mobile applications and allows us to perform, diagnose, report errors, and track bugs. Detailed information on the scope and principles of data collection related to our mobile Application can be found here and here.

We may also use Google Analytics. Google Analytics are files used by Google to analyze how the application is used and to create statistics and reports on the operation of the application. Google does not use the collected data to identify the User, nor does it combine this information to enable identification. Detailed information on the scope and principles of data collection related to our mobile Application can be found here.

8. AUTOMATED DECISION MAKING

We will process the User's personal data in an automated manner. However, we do not use any information provided by the User for the purposes of automated decision-making, including profiling.

9. CHANGES TO THE POLICY

The provisions of the Privacy Policy are subject to amendments and changes, and the latest version will be published each time and will be dated as of the date of the last update.