About MTG
Our Business
Investors
News
  • en
  • sv
    • Close
    MenuClose

    MTG Corporate Website Privacy Policy

    Welcome to our Privacy Policy which contains information on how we process personal data when you visit our website, communicate, or otherwise interact with us in the cases described below. If you have any questions regarding our use of your personal data, please feel free to contact us over the channels provided below.

    When we refer to “you” in this Privacy Policy, we refer to you as data subject (see Section II. below for more details on what this means). If you are interacting with us on behalf of others, please make sure all affected people receive the information stated in this Privacy Policy.

    I. Who Are We?

    If we speak of “MTG”, “we” or “us” in this Privacy Policy, we refer to ourselves as controller as defined below. Our contact details are:

    Modern Times Group MTG AB
    Skeppsbron 18, Box 2094,
    111 30 Stockholm, Sweden
    Tel: +46 8 562 000 50

    If you have any questions regarding this Privacy Policy, data protection or if you want to exercise your rights mentioned in Section IV., you can at any time contact our Data Protection Officer. His contact details are:

    Dr. Matthias Walker
    c/o Modern Times Group MTG AB
    Skeppsbron 18, Box 2094,
    111 30 Stockholm, Sweden
    E-Mail: privacy@mtg.com

    II. Meaning of Terms

    The meaning of certain terms we use in this Privacy Policy is defined by the General Data Protection Regulation (“GDPR”). When we refer to the GDPR we are referring to the General Data Protection Regulation of the UK as well, unless we otherwise specify that we are referring to only one of them.

    All definitions set out in Art. 4 GDPR apply to this Privacy Policy. We’d like to explicitly mention the meanings of the following terms to make transparent what the often-used terms personal data, data subject, processing, controller and processor mean according to the GDPR:

    • ‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
    • ‘processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
    • ‘controller’ means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;
    • ‘processor’ means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
    III. Legal Basis

    As a controller we need a legal basis to process your data lawfully, according to Art. 6 para. 1 GDPR. If

    • you have given your consent to the processing of your personal data for one or more specific purposes, this forms a legal basis according to Art. 6 para. 1 let. a) GDPR;
    • the processing is necessary for the performance of a contract between you and us or in order to take steps at your request prior to entering into a contract, the legal basis for this is Art. 6 para. 1 let. b) GDPR;
    • the processing is necessary for compliance with a legal obligation that applies to us, the legal basis for this is Art. 6 para. 1 let. c) GDPR
    • the processing is necessary to protect our legitimate interests or legitimate interests of a third party and such legitimate interests are not outweighed by your interests or fundamental rights and freedoms, the legal basis for this is Art. 6 para. 1 let. f) GDPR.
    IV. Your Rights

    Under the GDPR you have certain rights concerning the processing of personal data by us. According to the GDPR you have the following rights:

    • Right of information: You have the right to be provided information regarding the processing of your personal data by us, in accordance with Art. 13 and 14 GDPR.
    • Right of access: You have the right to obtain confirmation as to whether we are processing your personal data and, if this should be the case, access to the personal data, in accordance with Art. 15 GDPR.
    • Right to rectification: You have the right to obtain rectification of inaccurate or incomplete personal data concerning you, in accordance with Art. 16 GDPR.
    • Right to erasure (“right to be forgotten”): Under certain circumstances you have the right to obtain the erasure of personal data concerning you, in accordance with Art. 17 GDPR.
    • Right to restriction: Under certain circumstances you have the right to obtain the restriction of processing, in accordance with Art. 18 GDPR.
    • Right to data portability: Under certain circumstances you have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and the right to transmit this data to another controller, in accordance with Art. 20 GDPR.
    • Right to object: Under certain circumstances you have the right to object to the processing of personal data concerning you, in accordance with Art. 21 GDPR. This includes but is not limited to the right to object in cases in which we process your personal data on the legal basis of Art. 6 para. 1 let. f) GDPR.
    • Right to lodge a complaint: You have the right to lodge a complaint with a supervisory authority, in particular in the Member State of the EU of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR, as set out in Art. 77 GDPR.The supervisory authority primarily responsible for handling complaints regarding data processing carried out by us is Integritetsskyddsmyndigheten, Box 8114, 104 20 Stockholm, Sweden, imy@imy.se.
    • Right to withdraw consent: If a processing of your personal data is based on your consent as set out in Art. 6 para. 1 let. a) GDPR or Art. 9 para. 2 let. a) GDPR, you have the right to withdraw your consent at any time, in accordance with Art. 7 para. 3 GDPR. Such withdrawal does not affect the lawfulness of processing based on consent before its withdrawal.
    • Right to not be subject to a decision based solely on automated processing: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you, as set out in Art. 22 para 1 GDPR.
    V. Recipients / Categories of Recipients

    The personal data we process can also be either processed by other parties on our behalf and according to our instructions by processors or shared with and processed by other controllers. When data is processed according to this Privacy Policy, it is principally done so by our employees and freelancers commissioned by us that are responsible for the specific matter the data is required for.

    The following list gives you an overview of the main providers of tools and services we use and who might be a recipient of your data:

    Providers of office tools

    Microsoft Enterprise Service Privacy
    Microsoft Corporation
    One Microsoft Way
    Redmond, Washington 98052 USA

    and

    Microsoft Ireland Operations, Ltd.
    One Microsoft Place
    South County Business Park
    Leopardstown
    Dublin 18, D18 P521, Ireland (both together “Microsoft”)

    and

    Slack Technologies, Inc., 500 Howard Street, San Francisco, CA 94105
    USA (“Slack”)

    Data protection management tool

    OneTrust Technology Limited
    82 St. John Street
    Farringdon, London EC1M 4JN United Kingdom (“OneTrust”)

    Press release tool

    Cision Sverige AB
    Box 24194, 104 51, Stockholm
    Sweden
    (“Cision”)

    Provider of data management systems and IT services

    EVRY Sweden AB
    Ekensbergsvägen 113
    171 41 Solna Sweden
    („Tietoevry“)

    Some of these recipients are established outside of the European Union. Principally, there are two possible safeguards we rely on when these recipients receive personal data of yours, to make sure an adequate level of protection for your data is provided:

    • If a recipient is located in a country for which the European Commission has found it provides an adequate level of data protection, we rely on such adequacy decision by the EU Commission.
    • If a recipient is not located in a country with an adequate level of data protection according to the European Commission, we either have concluded a contract with this recipient in which we agree on rules to make sure the recipient takes adequate care of your personal data (EU Standard Contractual Clauses developed by the European Commission) or we rely on binding corporate rules of a group of undertakings or enterprises that have been approved by a supervisory authority.

    Apart from the main possible recipients mentioned above, the following categories of recipients can receive personal data from us, only if necessary for the specific case: financial and IT services; host providers; providers of data rooms for M&A transactions; potential buyers or sellers of an M&A transaction; external financial and legal advisors and auditors; courts or governmental authorities that legally legitimately oblige us (e.g., through subpoenas, court orders, governmental requests or search warrants) to disclose data.

    You can find details on which recipients and categories of recipients are involved in the processing of personal data under Section VI.

    VI. General Data Processing

    In the following we’d like to inform you about how we process your personal data. These are the general processing activities that can apply when you interact with us. Every processing activity is broken down into 5 parts:

    (a.) What: What data is processed?
    (b.) Why: For what purpose is the data processed?
    (c.) Who: With whom do we share the data?
    (d.) Legal Basis: What law allows us to process the data?
    (e.) How Long: How long do we keep the data?

    1. Communicating With You
    1. What
      If we communicate with you via email or mail, we process all personal data you disclose to us during our conversation (e.g., you name, email address, the reason why you are contacting us etc.).Apart from this, it is also possible that we use other online messaging systems to communicate with you, if you wish to contact us over these channels. Please note that if you wish to contact us via such messaging systems, it is possible that the respective companies that offer these communication services may also process your personal data and that regarding this their privacy policies apply. We have no influence over such data processing by third parties. For further information on how these services process your personal data, please view their privacy policies.
    2. Why
      Depending on the specific conversation with you, the personal data can either be processed in order to take steps at your request prior to entering into a contract with us or to perform a contract you have concluded with us. Also, the processing can be necessary for us to comply with legal documentation obligations. Apart from this, the processing can also be necessary for the purposes of our legitimate interest to respond to mails and calls of yours when you contact us and are not our contractual partner as well as to have proof regarding substantial content of our conversation, including but not limited to cases of potential legal claims on our or your side.
    3. Who
      Depending on the specific case, recipients of the processed personal can be our providers of office tools.
    4. Legal Basis
      The legal basis for processing the personal data in order to take steps at your request prior to entering into a contract with us or to perform a contract you have concluded with us is Art. 6 para. 1 let. b) GDPR.The legal basis for processing the data for compliance with our legal obligations is Art. 6 para. 1 let. c) GDPR.The legal basis for processing the data due to our legitimate interest is Art. 6 para. 1 let. f) GDPR.
    5. How long
      The data is stored at least for the time until our contract with you is fully performed. If the data has been stored in order to take steps at your request prior to entering into a contract with us, we will store the data for as long as reasons objectively exist to believe that the respective conversation will be continued within the foreseeable future. Apart from this, your data can be stored according to statutory storage periods, should such laws apply to the respective data as well as the applicable limitation period, so that we can sufficiently defend ourselves against claims.
    2. Visiting Our Website
    1. What
      When you visit our website, we process your IP-address.
    2. Why
      We process this data to display the website correctly in your browser. This is a legitimate interest of ours.
    3. Who
      Recipients of the processed personal data can be our IT service providers and host providers.
    4. Legal Basis
      The legal basis for processing the data is Art. 6 para. 1 let. f) GDPR.
    5. How long
      The data is only processed during your visit of our website and not stored in log files.
    3. Press Release Subscription
    1. What
      You can choose to receive our news and company information via email. To send you the press releases and reports we process your email address and your selection of content you wish to receive, as well as the information regarding whether you have opened the email we sent you and, if this is the case, the time it was opened.
    2. Why
      The purpose of processing the personal data is to keep you updated on our business developments, products, and services via email according to your preferences to receive the information, and to better understand what was of interest to you or not.
    3. Who
      Recipient of the processed personal data is the provider of our press release tool.
    4. Legal Basis
      The legal basis for processing your personal data is your declaration of consent, in accordance with Art. 6 para. 1 let. a) GDPR.
    5. How long
      Your personal data will be stored for as long as you do not withdraw your consent. You can at any time withdraw your consent with effect for the future by using the unsubscribe link at the bottom of the email you received from us, or by contacting communications@mtg.com.
    4. Data Subject Requests
    1. What
      When you contact us to make use of your data subject rights (see above), we process your name, email address and any additional information you provide us in your request as well as personal data to verify your identity as legitimate data subject, if needed.We might also process your personal data when you contact another company of the MTG group which is an affiliate company of ours (“MTG Company”) with such a request if the company reaches out to us for legal advice regarding the matter.
    2. Why
      The personal data of your request is processed for the purpose of answering your request as well as the purpose of proving our compliance with the GDPR by helping you as data subject exercise your rights set out in the GDPR. This is also a legitimate interest of ours.If we process additional data of yours to verify your identity, this is done to prevent cases of fraud committed by using false identities which is a legitimate interest of ours.If we receive your personal data from an MTG Company, we process your personal to help the company respond properly by giving it legal advice. As parent company, we work closely together with all MTG Companies and support them to ensure their compliance as well as a group-wide compliance with applicable laws. This is a legitimate interest of ours and all MTG Companies.
    3. Who
      Depending on the specific case, recipients of the processed personal data can be the provider of our data protection management tool, our providers of office tools, and external legal advisors.
    4. Legal Basis
      The legal basis for processing the data of your request is Art. 6 para. 1 let. c) in connection with Art. 12 GDPR as well as Art. 6 para let. f) GDPR.The legal basis for verifying your identity is Art. 6 para. 1 let. f) GDPR.If we receive your personal data from an MTG Company, the legal basis for receiving and processing the data is Art. 6 para. 1 let. f) GDPR.
    5. How long
      The data is stored for three years starting with the end of the year in which you made your request, so we and/or the respective MTG Company are able to prove our compliance and defend ourselves against any potential claims within the general statute of limitations in Sweden for claims by consumers.
    5. Legal Work
    1. What
      We work together with MTG Companies and external advisors to assess and manage legal matters. If a matter, or dispute between you and us or between you and an MTG Company (see definition in Section VI.4.a) requires relevant legal review, we and, if necessary, the relevant MTG Company, process the data relevant to the matter or dispute. In particular, this may include your name, e-mail address and contact details.It is possible that MTG Companies seek legal support from us as their mother company in legal matters. In such case we might receive personal data of yours from the respective MTG Company and process the personal data required to grant it legal report.If we would receive from authorized courts or governmental authorities a legally legitimate and binding obligation to disclose data (e.g., through subpoenas, court orders, governmental requests or search warrants), we would comply with such.
    2. Why
      The purpose of the processing of the data by us and – if applicable – the involved MTG Company is the effective and uniform handling of legal matters. This is a legitimate interest of ours and the involved MTG Company. In addition, the data processing may serve to conclude and perform contracts with you.As a parent company, we also have a legitimate interest in supporting MTG Companies with legal matters to safeguard our business interest of us, the respective MTG Company and the entire MTG Group.In case of legally legitimate and binding obligations by authorized courts or governmental authorities we would have a legal obligation to comply.
    3. Who
      Recipients of the processed personal data can be our providers of office tools as well as external legal advisors and auditors. We can receive your personal data from an MTG Company if it seeks our support in which case the same recipients can apply.In case of legally legitimate and binding obligations by authorized courts or governmental authorities such courts or authorities would be the recipients of the data.
    4. Legal Basis
      If the data processing concerns the conclusion or performance of a contract with you, the legal basis of the data processing is Art. 6 para. 1 let. b) GDPR.If the data processing is based on a legitimate interest, the legal basis is Art. 6 para. 1 let. f) GDPR.In case of legally legitimate and binding obligations by authorized courts or governmental authorities the legal basis for disclosing data would be Art. 6 para. 1 let. c) GDPR in connection with the respective laws that state the legal binding effect of the obligation.
    5. How long
      The storage period for data processed for the purpose of handling legal matters, disputes or complying with legal obligations is governed by the relevant limitation period, so that we can sufficiently defend ourselves against claims, or by the relevant legal obligations to retain documents.
    6. Job Applications
    1. What
      We process personal data you provide when applying for a job or to work together with us as a freelancer (e.g., your name, date of birth, address, data included in your cover letter or CV etc.).
    2. Why
      The data is processed to decide if a contract with you will be concluded or, if you already have a contract with us, to perform our obligations, or terminate the contract.Your data will be stored if we have decided to not hire you, or if your employment with us has ended so we are able to defend ourselves against potential claims based on § 64 Diskrimineringslag in connection with § 10 Lag om medbestämmande i arbetslivet. This is a legitimate interest of ours.
    3. Who
      Recipients of the processed personal data can be our providers of office tools and external HR consultants.
    4. Legal Basis
      The legal basis for processing your personal data when you are applying and during your employment is Art. 6 para. 1 let. b) GDPR.The legal basis for processing your personal data if we have decided to not hire you, or if your employment with us has ended, is Art. 6 para. 1 let. f) GDPR.
    5. How long
      If we work together with you, your data is stored for the applicable statutory storage periods, in general this is ten years starting at the end of the year in which your contract has ended (criteria derived from the general statute of limitations of Sweden). Should we not decide to hire you, we will delete your application after two years starting with the decision of non-employment, so we are able to defend ourselves against potential claims based on § 64 Diskrimineringslag in connection with § 10 Lag om medbestämmande i arbetslivet.
    7. Cookies, Website Analytics & Consent Management

    We use cookies on our website. To make it easy for you to inform yourself about these and to grant or withdraw a potentially necessary consent of yours or object to a processing based on a legitimate interest of ours, we have implemented a consent management platform. You can at any time open the consent management platform by clicking the “CUSTOMIZE COOKIES” link at the bottom of our website. In the consent management platform and in our Cookie Policy, you will find all information on what data is processed, who the recipient is, the purpose, legal basis and storage period.

    You can at any time of course also contact us via privacy@mtg.com if you want to declare your withdrawal or objection to us processing your personal data

    8. No Automated Decision-Making

    We do not process your data with means of automated decision-making (e.g., profiling).

    9. Cybersecurity & Unsolicited Communications
    1. What
      In certain cases, we process your email address for cybersecurity reasons and/or for blocking unsolicited communications.
    2. Why
      The data is processed to block potential malicious communications and secure our IT systems if we have reason to believe that communications you send us pose a potential threat to our IT systems, and/or to block unsolicited communications you send us to protect our employees from content that negatively impacts their work and/or well-being.
    3. Who
      Recipients of the processed personal data can be our providers of office tools and our provider of data management systems and IT services.
    4. Legal Basis
      The legal basis for processing your personal data for cybersecurity purposes and for blocking unsolicited communications is Art. 6 para. 1 let. f) GDPR.
    5. How long
      We store your personal data for as long as we objectively have reason to believe that your communications pose a potential threat to our IT systems, and/or that you will send us further unsolicited communications.
    VII. Group Cooperations – General Information

    Together with our gaming studios we form a group of undertakings. We cooperate closely with the gaming studios of the group (each a “Group Company”) to learn from one another, help each other and improve how the group makes games. We like to see ourselves as a small gaming village in which we strive together to make great games.

    The following Group Companies are part of our gaming village:

    Hutch Games Ltd

    2nd Floor Scrutton Street,
    London, England, EC2A 4HH
    UK

    Privacy Policy

    InnoGames GmbH

    Friesenstraße 13
    20097 Hamburg
    Germany

    Privacy Policy

    Kongregate Inc

    10680 Treena Street, Suite 155
    San Diego, CA 92131
    USA

    Privacy Policy

    Ninja Kiwi Limited

    17 Shamrock Drive,
    Kumeu, 0810
    New Zealand

    Privacy Policy

    Ninja Kiwi Europe Limited

    Unit 13, Vision Building, 20 Greenmarket, Dundee
    DD1 4QB
    United Kingdom

    Privacy Policy

    PlaySimple Games Private Limited India

    Second Floor, Anjaneya Techno Park No. 147,
    Kodihalli, HAL Old Airport Rd,
    Bangalore – 560008
    India

    Privacy Policy

    Playsimple Games Pte Ltd

    30 Cecile Street
    #19-08, Prudential Tower
    Singapore, 049712

    Privacy Policy

    VIII. Group Cooperations – Joint Controllerships

    What does joint controllership mean?

    In some cases when we cooperate with a Group Company we jointly determine if and how certain personal data of yours is processed. In such a case the involved companies each are controllers of your data when doing so and the working relationship is called a joint controllership. We have concluded an agreement with all Group Companies in which the rules for our joint controllership are set out and which also includes so called standard contractual clauses that ensure that personal data of people located in the European Union (or European Economic Area) is adequately safeguarded when transferred between us and a Group Company that is not established in the European Union or a country considered to have the same level of data protection as the European Union.

    In the following cases we and Group Companies are joint controllers of your personal data:

    1. Mergers & Acquisitions
    1. What
      The Group Companies and we can support each other when buying or selling a company. In such cases a strictly limited number of personnel involved in such a transaction can receive access to personal data (e.g., names, email addresses, unique identifiers) included in relevant documentation shared by a potential seller or determine which personal data is shared with a potential buyer and how this shall be done. Principally, personal data is anonymized before it is disclosed and, should it be necessary to disclose personal data, such disclosure of personal data will be kept to a minimum.
    2. Why
      The purpose of such a cooperation is to review relevant material shared with us by a potential seller, so we and/or the involved Group Companies can make good business decisions, or to enable a potential buyer to do so when sharing such data with it. This is a legitimate interest of ours, the involved Group Companies, and the potential sellers or buyers.
    3. Who
      Recipients of the processed personal data can be our providers of office tools, providers of data rooms as well as external financial and legal advisors, involved Group Companies, and the potential buyer. We can receive your personal data from a Group Company, or a potential seller in which case the same recipients can apply.
    4. Legal Basis
      The legal basis for processing your personal data is Art. 6 para. 1 let. f) GDPR.
    5. How long
      The storage period for data processed for the purpose of handling legal matters or disputes is governed by the relevant limitation period, so that we can sufficiently defend ourselves against claims, and by relevant legal obligations to retain documents. If a transaction has been successful, we might be obliged to store the respective personal data according to the applicable statutory provisions, in which case we will store the documents according to the retention periods stated in such provisions. Personal data that is no longer relevant if a transaction has not been successfully made, will be deleted if it is not relevant for another purpose under this Privacy Policy.
    2. Business Intelligence
    1. What
      We process a limited amount of pseudonymous data Group Companies share with us to get a better understanding of how you play our games and what you like about them, so we can help our Group Companies improve them. This includes a group-internal unique identifier, game title, time of install, platform, country code per install, marketing channel/category and marketing campaign, browser information, engagement with the game (log-in sessions), amount of money spent in the game, and how effective a marketing campaign was.
    2. Why
      A better understanding of how you play games of Group Companies and what you like about them helps us and the Group Companies make them better and improve how these are marketed. As parent company, it is essential for us that we can understand how games of the Group Companies are played and how effective the marketing efforts are to ensure that enough players enjoy our group’s games so we all can keep making them. This interest is shared by the Group Company whose game you are playing as well as the other Group Companies since they are part of our gaming village.
    3. Who
      Recipients of the data are Tietoevry and Microsoft who help us administer and manage the data. We receive the data from the Group Company whose game you are playing and do not share the data with other Group Companies.
    4. Legal Basis
      The legal basis for processing your personal data is Art. 6 para. 1 let. f) GDPR.
    5. How long
      The data is stored for as long as you are an active player of the game of our Group Company. Your data will be deleted or anonymized once you either have deleted your data (e.g., account) by requesting this from the Group Company (e.g., in the game) or after a certain time of inactivity from playing the game, which depends on the date of your last time you played the game. Please check out the privacy policy of the Group Company whose game you are playing for details on the retention period for data of inactive players.
    3. Data Protection Compliance Work
    1. What
      We support the Group Companies with their data protection compliance work. Together with them, we can jointly process personal data of yours required to ensure compliance with data protection laws, e.g., names, email addresses, usernames, unique identifiers (e.g., game-ID players). E.g., this can be the case when you reach out to a Group Company with a data protection request, and the Group Company seeks our support to respond adequately and in time.
    2. Why
      We want to be able to offer you a high level of data protection when you play our group’s games. To ensure that Group Companies comply with relevant data protection laws we offer them our support. This is a legitimate interest of ours, yours, and all Group Companies.
    3. Who
      Recipients of the processed personal data can be our providers of office tools and OneTrust.
    4. Legal Basis
      The legal basis for processing your personal data is Art. 6 para. 1 let. c) GDPR in connection with Artt. 12, 30, 35 GDPR and Art. 6 para. 1 let. f) GDPR.
    5. How long
      The data will be stored for the duration that the Group Company you are contacting needs to be able to prove that it is complying with data protection laws. During this time, we will only access your request if we need to support the Group Company with your request or if we need to provide proof of our compliance work (e.g., to a data protection authority). Please check out the privacy policy of the Group Company whose game you are playing for details on the retention period for data protection requests.

    Who can you contact?

    When we process your personal data, you have certain rights under the GDPR, which you can find in Section IV. of this Privacy Policy. If you have questions regarding the joint controllerships or want to make use of your data protection rights, you can contact us anytime by using the contact address mentioned in Section I. of this Privacy Policy.

    How is your data secured?

    We have implemented technical and organizational measures to ensure a level of security appropriate to the risk presented by the processing in accordance with Art. 24 and 32 GDPR.

    What happens in a case of a personal data breach?

    In case of a personal data breach under the GDPR and if this breach is likely to result in a risk to your rights and freedoms, we will, without undue delay and, where feasible, not later than 72 hours after having become aware of it, notify the personal data breach to the competent supervisory authority.

    Should such breach likely result in a high risk for your rights and freedoms, we, or – where required by article 34 GDPR –, we, or the respective Group Company will inform you about the personal data breach without undue delay.

    IX. Group Cooperations – Independent Controllerships

    Apart from cases in which we jointly process personal data, we cooperate with other Group Companies as independent controllers of your personal data in the following cases:

    1. Developing or Distributing Games
    1. What
      We can support Group Companies when they are developing or distributing their games (e.g., consulting regarding game features or functionalities). In the process of this it is possible that certain personal data of players of the games might be disclosed to us, such as names, email addresses, usernames, or unique identifiers. Such personal data will not be actively stored or used by us for such support.
    2. Why
      Since we and the Group Companies are part of the same group and we are their parent company, we all share the legitimate interest of developing and distributing great games. To be able to do this we work closely together.
    3. Who
      Recipients of the processed personal data can be our providers of office tools.
    4. Legal Basis
      The legal basis for processing your personal data is Art. 6 para. 1 let. f) GDPR.
    5. How long
      The personal data is stored by the Group Company whose game you are playing according to its applicable retention periods (e.g., the retention period for your account data). Please check out the privacy policy of the Group Company whose game you are playing for details.
    2. Legal Support
    1. What
      We can support Group Companies with legal guidance regarding legal complaints, claims, court proceedings or other legal matters they might be facing. In such cases we might receive personal data (e.g., names and contact details of plaintiffs or complainants) of persons involved in such legal matters from the Group Company we are supporting.
    2. Why
      Since we and the Group Companies are part of the same group and we are their parent company, we all share the legitimate interest of effectively handling legal complaints, claims, court proceedings or other legal matters we might be facing. To be able to do this, we work closely together.
    3. Who
      Recipients of the processed personal data can be our providers of office tools.
    4. Legal Basis
      The legal basis for processing your personal data is Art. 6 para. 1 let. f) GDPR.
    5. How long
      The data will be retained according to legal obligations (e.g., employment laws) or our legitimate interest of defending ourselves or the respective Group Company against legal claims.
    3. Freelancer & Outsourcing
    1. What
      If you are a freelancer providing services to a Group Company, it can share certain personal data of yours with us, e.g., names and contact details.
    2. Why
      Since we and the Group Companies are part of the same group and we are their parent company, we all share the legitimate interest of effectively handling budgets and ensuring an effective project management which can make it necessary for the Group Companies to share with us information on the freelancers with whom they work with.
    3. Who
      Recipients of the processed personal data can be our providers of office tools.
    4. Legal Basis
      The legal basis for processing your personal data is Art. 6 para. 1 let. f) GDPR.
    5. How long
      The personal data will be stored at least for the term of the contract you have with the Group Company and, if required by bookkeeping laws, for as long as it is necessary to retain documentation on financial transactions connected to your work.

    Last Updated: August 29, 2023

    Sounds good? Let’s talk!

    About MTG
    Our Business
    Investors
    News
    Contact

    Pressroom
    Subscribe

    TWITTER

    LINKEDIN

  • English
  • Svenska

    • Cookie Policy

    Privacy Policy
    COPYRIGHT MODERN TIMES GROUP 2020 | Privacy Settings