Last Updated on and Effective from: 22 / 06 / 2022
PROPRIETARY AND CONFIDENTIAL
By using our website environment (available at racekingdom.io (‘Website’), our applications or our services, you (‘user’ ‘you’, ‘your’) consent to this Policy and to the data practices described in it, in addition to consenting to it explicitly when using the Website. If you do not agree with the data practices described in this Policy, you may choose to stop using our services, the game or the Website. We periodically update this Policy. We encourage you to review this Policy periodically.
Any terms, words, or phrases not defined in this Policy, have the meaning prescribed to them in our Terms and Conditions (available at [please insert]).
This Policy has been developed for purposes of compliance with the Data Protection Act (‘DPA’) 2003, and other data protection-oriented provisions within applicable regulations. The Policy shall serve as part of your initial customer relationship with us and our ongoing commitments to you.
When you are asked to provide personal information, you may decline, but if you choose not to provide data that is necessary to enable us to make the game available to you, you may not be able to sign up for or play the game, and/or certain game features may be limited. If you fail, neglect and/ or refuse to, or are unable to provide us any personal Information which we necessarily need to provide you with services, or which we need to collect by law (for example: identification information for KYC/AML obligations), we may not be able to provide you services. In this case, we have the right to discontinue the provision of services to you and/or close your account. In such a situation, we will notify you at the earliest.
RK collects certain personal information to enable us to operate the game effectively, and to provide you with the best experiences on our website and our game. RK prides itself on transparency and as such, you have choices about the personal information we collect.
Some of the information we obtain is collected to comply with applicable laws and regulations, including anti-money laundering laws. This Policy explains:
- The types of information we collect about you;
- How we use information about you;
- Types of information we disclose to third parties and the types of such third parties;
- How we protect your personally identifiable information; and
- How you may instruct us not to disclose certain information about you which we are otherwise permitted to disclose by law.
- CHANGES TO THIS POLICY
From time to time, we may revise, amend, or supplement this Policy to reflect necessary changes in law, our personal information collection and usage practices, the features of our offerings, or certain advances in technology. If any material changes are made to this Policy, the changes may be prominently posted on our Website. However, the onus is also on you to occasionally familiarize yourself with the contents of this Policy, for your own information, and particularly to do so every time you access our Website, play the game or make use of our services.
Changes to this Policy are effective when they are published.
- PERSONAL DATA PROTECTION PRINCIPLES
Your information is collected and processed in accordance with the relevant data protection principles, including: lawfulness, fairness and transparency; purpose limitation; collection limitation; data minimization; accuracy; rectification measures; storage limitation; integrity and confidentiality (security); with all relevant laws and regulations considered; and however applicable.
- CONSENT FOR PERFORMANCE OF CONTRACT; LEGAL OBLIGATIONS
You provide consent to your personal information (whether provided directly by you, whether collected by us, or received by us from third parties or otherwise) being processed to satisfy all legal obligations arising from any contracts entered into/ with/ involving you or to deliver any services to you which you have contracted with us to provide to you; or to take steps at your request prior to entering into a contract with you.
By applying or signing up for our services, you authorize and consent to our obtaining from, and disclosing to, third parties any information about you in connection with identity or account verification, fraud detection, or collection procedure, or as may otherwise be allowed or required by applicable law.
You can withdraw such consent. Such withdrawal will not affect the lawfulness of processing based on previously recorded consent. Such withdrawal will take effect within 30 calendar days of submission of request. If you wish to submit such a request, please contact us at [email protected].
The specific information we collect, the method by which we collect such data, the purposes for which we collect such data, how we share such data, and how long we retain such data is explained individually, specifically for your clear, simple and withdrawable consent below in this Policy.
- INFORMATION WE COLLECT ABOUT YOU
The kinds of Personal Information we collect will depend on the type of interaction you have with us (for example: Telephone calls to us may also be recorded for training and quality assurance purposes). Generally, we collect the following information (‘Information’) about you:
- Identification information, such as your name, email address, home address, phone number, date of birth, gender, demographic and location data, billing address, username, along with identification details of documents confirming such details.
- Other information you provide when you participate in promotions offered by us or our partners, respond to our surveys, or otherwise communicate with us;
- Information about when and where the transactions occur, the names of the transacting parties, a description of the transactions, the payment or transfer amounts, billing and shipping information, and the devices and payment methods used to complete the transactions;
- Information about the location of your device and some other device specifics, including your hardware model, operating system and version, unique device identifier, mobile network information, and information about the device’s interaction with our services;
- Information about how you use our services, including your carrier operating system, connection type, referring URLs, access time, browser type and language, and Internet Protocol (‘IP’) address, as well as other information which may be collected and used by us automatically through the browser on your device or otherwise;
- Information about you from third parties, such as data providers and credit organizations, where permitted by law, including public blockchain data such as your nominated public key for a digital asset wallet (including your Metamask wallet address);
- Information contained in or relating to any communication that you send to us with or without our request, including without limitation the communication content and metadata associated with the communication;
- Information collected by Cookies and Web beacons (defined below), including using web beacons and sending cookies to your device;
- Your connections with others whose personal information we may collect or hold;
- online payment details which may include third party payment systems, credit or direct debit details for your bank account to process transactions contemplated by our services;
Information may also include information we collect about your individual preferences. We may collect the Information in course of your signing up for our services, or in course of our identity or account verification process, or in course of your use of our services
This policy applies to your Information when you use our Website and interact generally with us but does not apply to Third-Party Sites. We are not responsible for the privacy policies or content of Third-Party Sites.
We do not knowingly collect data from, or market to, children below the legal age as established under their relevant domestic laws. By using the services, you represent that you are at least the age of majority within your respective domestic law or that you are the parent or guardian of such a minor and consent to such minor dependent’s use of the services. If we learn that Personal Information from users who are less than the age of majority has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records.
- MODE OF COLLECTION
We usually collect and store information including in paper, the physical and electronic forms provided by you when you communicate with us by telephone, email, web-based form, letter, facsimile, or other means, including when:
- you contact us over the phone;
- we provide you with our services via telephone, email, or our Website;
- we provide you with assistance or support for our products or services;
- you participate in our functions, events, or activities or on our social media pages;
- you request that we provide you with information concerning our products or services;
- you upload or submit information to us or our Website; or
- you complete any forms requesting information from you, including on registration with us, complete any survey or provide feedback to us concerning our products or services.
Where practicable we will only collect information from you. However, we will also collect your Information through our partners and third parties who supply services to us.
Please note that we use our own and third-party computer servers including our Website hosts, data backups, and payment gateway(s), which may be located outside of the Republic of Seychelles, and your Information will likely be stored and transmitted overseas as part of the normal operation of our business.
We also collect information from your computer or mobile device automatically when you browse our Website. This information may include:
- the date and time of your visit;
- your domain;
- operating system;
- the server your computer or mobile is using to access our Website;
- your browser and version number;
- search terms you have entered to find our Website or access our Website;
- pages and links you have accessed both on our Website and other websites;
- the last website you visited;
- the pages of our Website that you access;
- the device you use to access our Website; and
- your IP Address.
While we do not use some of this information to identify you personally, we may record certain information about your use of our Websites such as which pages you visit and the time and date of your visit, and that information could potentially be used to identify you.
It may be possible for us to identify you from information collected automatically from your visit(s) to our Website. If you have registered an account with us, we will be able to identify you through your user name and password when you log into our Website. Further, if you access our Website via links in an email we have sent you, we will be able to identify you.
The device you use to access our Website may collect information about you including your location using longitude and latitude coordinates obtained through GPS, Wi-Fi, or cell site triangulation. For information about your ability to restrict the collection and use of such information, please use the settings available on your device.
We may use statistical analytics software tools and software known as cookies which transmit data to third-party servers located overseas. To our knowledge, our analytic providers do not identify individual users or associate your IP Address with any other data held by them.
We will retain your Information for any period we consider necessary to provide our products and services to you and to comply with our legal obligations. The period may vary depending on the type of information we hold.
- USE OF INFORMATION
We do not sell, exchange or give to any other person your information, whether public or private, for any reason whatsoever, without your consent, other than for the express purpose of providing our services to you and customizing your experience with us.
We collect, process, and use information about you for the following purposes:
- To provide our products and services to you, including without limitation to process your transactions and your instructions to use our services;
- To improve, personalize and facilitate your use of our products and services;
- To measure, customize, and enhance our services, including the design, content, and functionality of the website, or to track and analyze trends and usage in connection with our services;
- To conduct research, compare information for accuracy and verification purposes, compile or analyse statistics relevant to the operations of our business;
- To improve our customer service and to manage our relationship with you;
- With your prior permission, to send periodic emails, news, and information, or to conduct surveys and collect feedback, about our services and to communicate with you about products, services, promotions, discounts, incentives, and rewards offered by us and select partners, based on your communication preferences and applicable law, and the email address you provided for such communications;
- To administer our internal information processing and other IT systems;
- To operate our Website and to provide our services, including ensuring their security;
- To maintain back-ups of our databases and to keep the records in accordance with our internal policies and procedures and the applicable law;
- To communicate with you, including without limitation to deliver the information and support you request, including technical notices, security alerts, and support and administrative messages, to resolve disputes, collect fees, and provide assistance for problems with our services;
- To establish, exercise or defend legal claims, whether in court proceedings or in an administrative or out-of-court procedure for the protection and assertion of our legal rights, your legal rights and the legal rights of others;
- To obtain or manage risks, or obtain professional advice;
- To comply with our obligations either required by law or by written agreements with third parties;
- To display transactions history;
- To develop new products and services; and
- in order to: (i) protect our rights or property, or the security or integrity of our services; (ii) enforce the terms of our Terms and Conditions or other applicable agreements or policies; (iii) verify your identity (e.g., some of the government-issued identification numbers we collect are used for this purpose); (iv) investigate, detect, and prevent fraud, security breaches, and other potentially prohibited or illegal activities; (v) comply with any applicable law, regulation, or legal process.
- WE PROCESS AND USE AGGREGATED, ANONYMIZED, AND DE-IDENTIFIED DATA
We may also create, process, collect, use and share aggregated, anonymized or de-identified information such as statistical or demographic data for any purpose which may be derived from your personal Information. We may use this data to comply with legal or regulatory obligations.
We may share such information with members of our group, service providers, and our key partners. Some of these third parties may be in a jurisdiction outside the laws as stated in this Policy, in which case we will take all necessary steps to ensure that your personal Information is treated securely and that such transfers are permitted under the applicable data protection laws.
We may also use any or all of the personal information above to administer and manage our business in general, to detect and prevent misuse of our services (including fraud and unauthorized payments), and to enforce our Terms and Conditions or any other contract to which we may be a party to.
- PROCESSING WITHOUT CONSENT
We may collect and process some of your personal information without your knowledge or consent, and only where this is required or permitted by law. We may be compelled to surrender your personal information to legal authorities without your express consent if presented with a court order or similar legal or administrative order, or as required or permitted by the laws, rules, and regulations of any nation, state, or other applicable jurisdiction.
- DISCLOSURE OF YOUR INFORMATION AND TRANSFER OF YOUR INFORMATION
We may have to share your personal information with a selected and trusted group of third party/parties to fulfil our obligations under our contract with you, to meet government, regulatory and law enforcement requests, and to continue providing you with the services. We will only disclose your personal information to third party service providers under strict terms of confidentiality. We do not allow our third-party service providers to use your personal information for their own purposes and only permit them to process your personal information for specified purposes and in accordance with our instructions.
We may share or transfer your Personal Information in the specific circumstances hereinbelow:
- to our related entities, employees, officers, agents, contractors, other companies that provide services to us, sponsors, government agencies, or other third parties to satisfy the purposes for which the information was collected or for another purpose if that other purpose is closely related to the primary purpose of collection and an individual would reasonably expect us to disclose the information for that secondary purpose;
- to third parties who help us to verify the identity of our clients and customers, and other software service providers who assist us to provide the services we provide to you;
- to third parties who help us analyze the information we collect so that we can administer, support, improve or develop our business and the services we provide to you including cloud hosting services, off-site backups, and customer support;
- to merchants and the recipients of funds to identify you as the sender of the funds and to a party who sends you funds in connection with a transfer to you of funds;
- to third parties, including those in the blockchain and fintech industry, marketing, and advertising sectors, to use your information to let you know about goods and services which may be of interest to you in accordance with the applicable laws;
- if the disclosure is requested by law enforcement or government agency or is required by law, or legal processes, such as a subpoena, court, or another legal process with which we are required to comply, including about our obligations under applicable anti-money laundering laws;
- if the disclosure is required to enforce the terms of this policy or to enforce any of our terms and conditions with you;
- to our professional advisers such as consultants, bankers, professional indemnity insurers, brokers, and auditors so that we can meet our regulatory obligations, and administer, support, improve or develop our business;
- to debt recovery agencies who assist us with the recovery of debts owed to us;
- to any other person, with your consent (express or implied);
- to facilitate the sale of all or a substantial part of our assets or business or to companies with which we propose to merge or who propose to acquire us and their advisers;
- to protect the interests of our users, clients, customers, and third parties from cyber security risks or incidents and other risks or incidents; and
- to maintain the integrity of our Website and protect our rights, interests, and property and those of third parties;
In addition to the above recipients, we will disclose your Personal Information if we are requested to do so by law enforcement or if the disclosure is made in connection with either the normal operation of our business in a way that you might reasonably expect, for example, if such disclosure is incidental to IT services being provided to our business or for the resolution of any dispute that arises between you and us. This disclosure may involve your Personal Information being transmitted overseas.
In the event of a proposed restructure or sale of our business (or part of our business) or where a company proposes to acquire or merge with us, we may disclose personal Information to the buyer and their advisers without your consent subject to compliance with the applicable regulations. If we sell the business and the sale is structured as a share sale, you acknowledge that this transaction will not constitute the ‘transfer’ of personal Information.
- THIRD-PARTY ADVERTISING AND ANALYTICS
- YOUR RIGHTS
- Right to be informed: This means you have a right to know:
- The identity and the contact details of the Company;
- The purposes of processing your personal information as well as the legal basis for the processing;
- The legitimate interests pursued by us or by a third party who processes your personal information;
- The recipients or categories of recipients of your personal information;
- Our intention is to transfer your personal information to a third country or international organization and reference the appropriate safeguards and the means to obtain their copy.
- The period for which your personal information will be stored, or if that is not possible, the criteria used to determine that period;
- Whether the provision of personal information is a statutory or contractual requirement, or a requirement necessary to enter into a contract, as well as whether you are obligated to provide the personal information and the possible consequences of failure to provide such data;
- The existence of automated decision-making, including profiling and meaningful information about the logic involved.
- Where we intend to further process your personal information for a purpose other than that for which the personal information was collected, we must apprise you, prior to such further processing, with information on those other purposes and with any other relevant information.
- Right of access: This is your right to see what personal information is held about you by us. Particularly you have the right to:
- Receive confirmation as to whether or not your personal information is being processed;
- Access your personal information which we are processing along with the purposes of the processing; the categories of personal information being processed; the recipients or categories of recipients to whom the personal information has been or will be disclosed; the envisaged period for which the personal information will be stored, or, if not possible, the criteria used to determine that period; where the personal information is not collected from you, any available information as to their source.
- Where your personal information is transferred to a third country or to an international organization, you have the right to be informed of the appropriate safeguards relating to the transfer;
- A copy of your personal information being processed; and
- Any further copies requested by you, upon paying a reasonable fee.
- Right to rectification: This is your right to have your personal information corrected, rectified, or amended, if what is held by us or a third party onboarded by us is incorrect/ inaccurate in some way.
- Right to erasure: This is your right, under certain circumstances to ask for your personal information to be deleted. This would apply if your personal information is no longer required for the purposes it was collected for, your consent for the processing of that data has been expressly withdrawn, or where your personal information has been unlawfully processed. Once deleted all your personal data will be removed from our systems and will not be recoverable.
- Right to withdraw consent: If you wish for the Company to stop processing your personal information, it is your right to withdraw consent, preventing the Company from further processing the same personal information.
- Right to restrict processing: This is your right to ask for a temporary halt or pause in processing your personal data, such as in the case where a dispute or legal case must be concluded, or the data is being corrected.
- Right to data portability: This is your right to ask for your personal information supplied directly to us, which we have processed pursuant to your consent, under a contract, or by automated means, to be provided to you in a structured, commonly used, and machine-readable or electronic format.
- Right to object: This is your right to object to the further processing of your personal information which is inconsistent with the primary purpose for which it was collected, which includes profiling, automation, and direct marketing.
- Rights in relation to automated decision-making and profiling: This is your right not to be subject to a decision based solely on automated processing.
Please note that whether or not you have these rights will depend on the domestic data protection laws of your country. You may want to consult with a legal advisor to better understand your data related rights in your jurisdiction.
We aim to respond to all legitimate requests without undue delay and within forty (40) calendar days of receipt of any request from you. Occasionally it may take us longer than forty (40) calendar days, if your request is particularly complex, or if you have made duplicated or numerous requests. In this case, we will notify you of receipt of such request(s) and keep you updated as to the status of progress concerning such request(s).
If you have any of these rights under your domestic data protection laws and wish to exercise any of them, please contact us at [email protected]. We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal information (or to exercise any of your other rights). This security measure is to ensure that your personal information is not disclosed to any person who has no right to receive it.
Our Website may contain web beacons (also called single-pixel gifs) or similar technologies (Web Beacons) which are electronic images that we use:
- to help deliver Cookies;
- to count users who have visited our Website; and
- in our promotional materials, to determine whether and when you open and act on them;
- We may also work with third parties:
- to place Web Beacons on their websites or in their promotional materials as part of our business development and data analysis, and to
- to allow Web Beacons to be placed on our Website from analytics services to help us compile aggregated statistics about the effectiveness of our promotional campaigns or other operations.
The Web Beacons of analytics services may enable such providers to place cookies or other identifiers on your device, through which they may collect information about your online activities across applications, websites, or other products.
- LEGAL RECOURSE
If you are based in the Republic of Seychelles, then upon the enforcement of the DPA, you have the right to make a complaint at any time to the Office of Data Protection Commissioner of Seychelles, or if you believe there has been an alleged infringement of the DPA.
If you are based in the EU or the EEA region, then you have the right to make a complaint at any time to a supervisory or regulatory authority, in particular within a member state in the EU or EEA where you are habitually resident, where we may be based (if applicable), or where any alleged infringement of any data protection law has taken place.
However, we would appreciate the opportunity to address your concerns before you approach any such authority. Please contact us in the first instance so that we may try to resolve your complaint swiftly and satisfactorily. Please contact us via email on [email protected].
- SECURITY PRECAUTIONS AND MEASURES
We are committed to ensuring that your information is secure. To prevent unauthorised access or disclosure we have put in place suitable physical, electronic, and managerial procedures to safeguard and secure the information we collect online. We use industry-standard technical mechanisms and ensure that our affiliates or vendor entities use data encryption technology while implementing restrictions related to the storage of and the ability to access your personal information. Such measures include:
- securing our physical premises and digital storage media;
- using computer safeguards such as Secure Socket Layer (SSL) technology to ensure that your information is encrypted and sent across the Internet securely;
- placing password protection and access control over our information technology systems and databases to limit access and protect electronic information from unauthorized interference, access, modification, and disclosure; and
- taking regular back-ups of our electronic systems.
Our facilities are scanned regularly for security holes and known vulnerabilities, to best ensure their security.
Your personal information is contained behind secured networks and is only accessible by a limited number of individuals who have special access rights to such systems and are required to keep the information confidential.
- Please note that no transmission over the Internet or any method of electronic storage can be guaranteed to be 100% secure, however, our best endeavors will be made to secure data and the ability to access your personal information.
- Without prejudice to our efforts to protection of your data, nothing contained in this Policy constitutes a warranty of security of the facilities, and you agree to transmit data at your own risk.
- Please note, that we do not guarantee that your data may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards.
- Please, always check that any website on which you are asked for financial or payment information about our Website is legitimately owned or operated by us. The risk of impersonating hackers exists and should be taken into account when using our Website.
- If you do receive any suspicious communication of any kind or request, do not provide your information and report it to us by contacting our offices immediately at [email protected]. Please also immediately notify us at [email protected] if you become aware of any unauthorised access to or use of your Account.
- Since we cannot guarantee against any loss, misuse, unauthorised acquisition, or alteration of your data, please take the necessary steps to protect your personal information, including the adoption of sufficient safety measures such as your choice of an appropriate password of sufficient length and complexity and to not reveal this password to any third parties.
- Furthermore, we cannot ensure and do not warrant the security or confidentiality of data transmitted to us, or sent and received from us by Internet or wireless connection, including: email, phone, WhatsApp or SMS, since we have no way of protecting that information once it leaves and until it reaches us. If you have reason to believe that your data is no longer secure, please contact us [email protected].
- Should your personal information be breached, and the security of your rights be at high risk, we shall promptly and immediately communicate to you the nature of the breach which has taken place, the likely consequences of such a breach and shall describe thoroughly the measures we have implemented to address the breach and to mitigate any and all adverse effects to you and your rights. In the unlikely event of a breach occurring, please reach out to us at [email protected] for further information and for further advice on how to mitigate the potential adverse effects of such a breach.
- We also aim to conduct all applicable security risk assessments to ensure the availability of risk mitigation controls, to better safeguard the integrity of your data.
The DPA requires that where a data breach is likely to result in serious harm to any individuals to whom the information relates, we are required to notify those individuals and the Office of the Government department of Seychelles.
The DPA provides greater protection to the personal information of consumers, greater transparency in the way organizations like us respond to data breaches, and allow you to minimize the damage caused by any unauthorized use of your Personal Information.
- WE COLLECT YOUR DATA FOR MARKET RESEARCH AND PROMOTIONAL INFORMATION; YOU MAY OPT OUT FROM THIS
We may communicate with you by phone, email, SMS, or push notification, to inform you about existing and new products and services that may be of interest to you including administering contests, promotions, surveys, or other site features.
We will ensure that any email we send as direct marketing complies with applicable laws and contain an ‘unsubscribe’ option so that you can remove yourself from any further marketing communications. To opt-out of communications via SMS (if applicable), reply with “STOP”. You may decline marketing messages sent by push notifications by refusing the relevant permission in your phone or tablet settings, however, this setting will prevent you from receiving other messages from us via push notification. You may also opt-out of receiving marketing materials from us using the contact details set out below or adjusting your user dashboard on our Website.
You can also call or write to us to request that your details be removed from our direct marketing list. We will endeavour to remove your details from our direct marketing list within a reasonable time (ordinarily 5 working days).
Our direct marketing list may be operated by software and servers located overseas and your personal Information may be sent overseas as part of our marketing.
We will also send communications that are required or necessary to send to users of our Website that contain information about important changes or developments to or the operation of the Website or as well as other communications you request from us. You may not opt-out of receiving these communications but you may be able to adjust the media and format through which you receive these notices.
- CONTACTING US
If you have any queries about this policy, you wish to access or correct the Information we hold about you or make a complaint, please contact us in writing at [email protected].
We aim to acknowledge receipt of all privacy complaints from you within 30 working days and resolve all complaints within 40 calendar days. Where we cannot resolve a complaint within that period, we will notify you of the reason for the delay as well as advise the time by which we expect to resolve the complaint.
To disclose information to you in response to a request for access we may require you to provide us with certain information including but not limited to verify your identity.
We may (depending on the request) charge you a fee to access the personal Information. We will inform you of any fees payable in respect of accessing your personal Information before actioning your request. All requests for Personal Information will be handled in a reasonable period (within 14 days if possible but otherwise within 40 calendar days after the request is made).
If you wish to have your personal Information deleted, please contact us using the details above and we will take reasonable steps to delete the information (unless we are obliged to keep it for legal or auditing purposes). To the extent that any personal Information is stored on a blockchain, it may be impracticable, unfeasible, or impossible to delete.
You may also view, access, edit or delete (to the extent possible) your personal Information through your user dashboard on our Website. There will be certain data or information that may not be edited or deleted for you to be able to access our Website, for example, your Metamask wallet address.