2. You, Your, and similar pronouns, as well as Data Subject — our counterparty under the Public Offer, who may be a natural person using the Site to receive Service Top-Up services.
3. GDPR or Regulation — the General Data Protection Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of their Personal Data and on the free movement of such data, repealing Directive 95/46/EC, as amended and incorporated into the national legislation of member states.
4. Personal Data — any information relating to an identified or identifiable natural person. An identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
5. Processing of Personal Data — any action (operation) or set of actions performed with or without automated means on Personal Data, including collection, recording, systematization, accumulation, storage, clarification, retrieval, use, transfer, anonymization, blocking, deletion, and destruction of Personal Data. Personal Data is processed using a mixed (including automated) method.
6. Automated Processing of Personal Data — processing of Personal Data using computer technology.
7. Confidentiality of Personal Data — a mandatory requirement for Us or any other person who has gained access to Personal Data not to disclose it without the consent of the Data Subject or another legal basis.
8. Anonymization of Personal Data — actions as a result of which it becomes impossible, without additional information, to determine that Personal Data belongs to a specific Data Subject.
9. Transfer — a payment transaction made by the User on the Site.
10. Site — Our website https://gamepe.me.
11. Cookies — a small text file placed by the Site on your computer or device when you visit certain sections of the Site and/or use certain features of the Site.
2. Subject Matter and Legal Basis for Processing Personal Data
1. Subject of the Policy. The provisions of this Policy apply to relations between Us and You relating to the Processing of Personal Data within the context of relations arising between Us regarding the use of the Site and the provision of services by the Company, resulting from Your acceptance of the terms of the Public Offer.
2. Legal basis for processing. The legal basis for Processing Your Personal Data is always Your consent. Without consent to the terms of this Policy, we will be unable to fully fulfill obligations under agreements with You — therefore, we have made it impossible to enter into such agreements without the mandatory condition of consent to this Policy.
3. Term of the Policy and Personal Data Processing
1. Term of the Policy. After accepting the terms of the Policy, it remains in effect indefinitely. However, this does not affect the term for Processing Your Personal Data — which is established by this Policy.
2. Term of Personal Data processing. As a general rule, We process Your Personal Data throughout the entire duration of the Personal Account's existence, as well as for 5 (five) years after its deletion (or from the date We receive a duly executed written withdrawal of Your consent to Personal Data processing), unless a retention period is established by applicable law, the Public Offer, or another related agreement. In all other cases, We will cease processing Your Personal Data if You object to such processing or withdraw Your consent. However, in such cases We may be unable to fulfill our obligations to You.
3. Amendments. The Policy may be amended by Us at any time. This may be related to changes in Our business processes, external factors, or other reasons. After making changes, we immediately publish the updated Policy on the Site so that You can review it in its new version. We will notify You of changes to the Policy by sending a notification to the Personal Account and/or by publishing it on the Site. If You continue to use the Site after changes are made to the Policy, we consider that You agree to the terms of the Policy in its new version.
5. Grounds for Development, Purposes, and Principles of the Policy
1. Grounds for development. The Policy has been developed in compliance with the requirements of: a) GDPR; b) CalOPPA; c) CCPA; d) PECR; e) Federal Law No. 152-FZ; f) GDPR; g) as well as other laws and regulations governing the processing of Personal Data.
2. Purposes. The Policy pursues the following purposes: (1) ensuring the protection of human and civil rights in the processing of Personal Data, including the right to privacy and personal/family confidentiality; (2) preventing unauthorized access by third parties to Your Personal Data, as well as destruction, modification, blocking, copying, and distribution of Personal Data; (3) ensuring a legal and regulatory regime of confidentiality and control over Your Personal Data; (4) protecting constitutional rights to personal confidentiality and preventing threats to Your security.
Thus, the primary purpose of the Policy is to provide You with a full and transparent understanding of: the legal basis for collecting and processing Your Personal Data; the categories of Personal Data we may collect; what happens to the Personal Data we collect; where we process it; how long we retain it; to whom we may transfer it; and to explain Your rights as a Data Subject.
3. Principles. We adhere to the following principles of Personal Data Processing: (1) Personal Data must be processed on a lawful and fair basis; (2) Personal Data processing must be limited to achieving specific, predetermined, and lawful purposes; (3) the content and volume of Personal Data processed must correspond to the stated processing purposes and must not be excessive; (4) Personal Data Processing must ensure accuracy, adequacy, and relevance; (5) Personal Data must not be retained longer than required by the purposes of Processing, unless the Policy provides otherwise.
6. Categories of Personal Data Collected
1. Site Registration. In accordance with the Public Offer, upon Your registration on the Site, We collect the following Personal Data: (1) Name (if You provide your personal name); (2) E-mail address.
2. Service Data. After Registration, You will have access to Service Top-Up services. You will be required to enter the user account identifier for such Service, which may contain Personal Data. In such case, You are deemed to have provided Us with consent to process such data.
3. Payment Data. When making a payment, the following data will be required: (1) bank card number; (2) bank card expiry date (Month/Year); (3) bank card security code (CVC2/CVV2). Please note that such data is stored by our payment partners — We do NOT collect and do NOT store payment data within the framework of our relations under the Public Offer.
4. Technical Data. While You use the Site, We automatically collect certain Personal Data about You, including technical information such as IP address, login data, browser type and version, time zone settings, browser plug-ins, operating system and platform, website visit information, and more.
5. Other Data. In exceptional cases, We may ask You to provide additional Personal Data. We will always notify You in advance and ask You to provide additional consent for the Processing of such additional Personal Data.
6. Third-Party Personal Data. Please be aware that if You provide Us with Personal Data of third parties, You guarantee that You have obtained from such persons all necessary consents and documents required for the full implementation of this Policy, in accordance with their applicable law (Third-Party Consent). If You act as a Personal Data controller for such persons, You also guarantee that You ensure the transfer and protection of their Personal Data to a standard no less than provided for in this Policy. Third-Party Consent must be executed in writing and provided by You within 7 (seven) calendar days from the Operator's request. Providing third-party Personal Data without this guarantee is not permitted, and You assume full responsibility for any breach.
7. Rights of the Data Subject
1. Right to Information. You have the right to obtain information about Us, Our location, whether We hold Your Personal Data, and to review such Personal Data.
2. Right to Rectification. You have the right to demand from Us the rectification, blocking, or destruction of Your Personal Data if it is incomplete, outdated, inaccurate, unlawfully obtained, or no longer necessary for the stated processing purpose, and to take legally provided measures to protect your rights.
3. Form of provision. Information about the Personal Data We hold will be provided to You in an accessible form and will not contain Personal Data relating to other Data Subjects.
4. Access procedure. You (or Your legal representative) may access Your Personal Data by personal or written request, which must include identity document details and a handwritten signature. The request may be submitted electronically. We are required to respond within 30 (thirty) days, extendable to 60 (sixty) days.
5. Content of the response. In a request for access to Personal Data, You may request information regarding the Processing of Your Personal Data, including: (1) confirmation of processing and its purpose; (2) processing methods; (3) Operator name/location and persons with access to Personal Data; (4) list of Personal Data and its source; (5) processing and retention terms; (6) legal consequences for the Data Subject of such processing.
6. Withdrawal of consent. You have the right to withdraw consent to the processing of Personal Data, restrict the methods and forms of Personal Data processing, and prohibit the distribution of Personal Data without Your consent.
7. Right to appeal. You have the right to appeal Our actions or inaction to the authorized body for the protection of the rights of Data Subjects or through judicial proceedings.
8. Right to protection. You have the right to protection of your rights and legitimate interests, including the right to compensation for damages and moral harm through judicial proceedings.
8. Transfer of Personal Data
1. Transfer of Personal Data. To achieve the purposes of Personal Data Processing, We may need to provide Your Personal Data to: (1) a payment partner and credit organizations involved in processing Transfers to ensure the appropriate level of security for online payments made using electronic payment instruments via an authorization page, as defined by payment system security protocols, acquiring banks, and issuers of electronic payment instruments (in accordance with the Public Offer); (3) fraud prevention organizations (including action fraud, financial fraud, and financial fraud bureaus); (4) government authorities, in particular executive authorities.
2. Mandatory and optional transfer. Transfer of data may be mandatory — e.g., user equipment information: IP address, OS, geographic data, device ID/type, channel (browser/app), payment authorization, identification/verification — or optional — e.g., address matching indicators, account information, etc.
10. Storage of Personal Data
1. Localization of Personal Data. If You are a citizen of one of the member states of the European Economic Area or the United Kingdom, Your Personal Data is collected and Processed within the European Economic Area. If You are a citizen of the Russian Federation, We store Your data on servers located within the Russian Federation.
11. Cookies
1. Use of Cookies. The Site uses Cookies. When visiting the Site, Your browser transmits to Our server: (1) the date and time of the visit; (2) browser type; (3) language settings; (4) operating system. This data is stored in connection logs for a limited period (from a session to one year) for security, proper Site operation, and statistical purposes.
2. Cookie functions. There are different groups of Cookies used on the Site. The first group is functional and technical Cookies, which allow the Site server to obtain information about Your session, language, browser, etc., and ensure the Site operates properly. They recognize You on return visits, allowing Us to personalize content and remember preferences. The second group is analytical Cookies, which allow Us to evaluate visitor numbers and understand how they navigate the Site, helping Us make improvements. You have the right to decline analytical Cookies via your browser settings.
3. Cookie retention period. Based on how long they are stored on users’ devices, Cookies are divided into Persistent and Session types: "Session Cookies" are files stored on your device until you close your browser. "Persistent Cookies" are stored on your device until their expiry date or until you delete them.
4. Disabling Cookies. You have the option to accept or reject all Cookies on all websites You visit by changing the settings in Your web browser.
12. Final Provisions
1. Severability clause. In the event that one or more provisions of the Policy are found to be invalid or unenforceable, such provisions shall be deemed replaced by valid provisions as close in meaning as possible to the original ones. The Policy as a whole may not be declared fully invalid under any circumstances.