PRIVACY POLICY
BY ACCESSING THE WEBSITE, OR PROVIDING YOUR PERSONAL DATA TO US, AND SUBJECT TO YOUR RIGHTS AT LAW, YOU
CONFIRM THAT YOU HAVE READ, UNDERSTOOD AND ACCEPTED THESE TERMS AND CONDITIONS UNDER THIS PRIVACY
POLICY.
PLEASE ENSURE YOU HAVE READ IT CAREFULLY, PARTICULARLY THE SECTION DETAILING YOUR RIGHTS ABOUT THE
PERSONAL DATA THAT WE COLLECT ABOUT YOU. IF YOU DO NOT AGREE WITH ANY ASPECT OF THE PRIVACY POLICY, PLEASE
DO NOT ACCESS THE WEBSITE.
Last Updated:
Notice of changes:
1. WHAT THIS POLICY COVERS
- 1.1. The Privacy Policy (the “Policy”) outlines how NEKKI LTD (“we”, “us”, or “Nekki”)
collects, uses, stores, and discloses your Personal Data when using the website https://dev.spine.game/ (the “Website”). - 1.2. This Policy should be read together with, and forms part of, our Terms and Conditions
(the “Terms”), which are available at [please specify the link when it’s available] on the Website. Unless
otherwise defined herein, capitalized terms in this Policy have the meaning given to them in the Terms. - 1.3. To ensure your privacy, we:
- do not collect any Personal Data without sufficient lawful basis, namely your consent;
- collect only a minimum amount of Personal Data that is needed;
- do not monetize your Personal Data;
- do not check your Personal Data, except where such a check is necessary for us to fulfill our
obligations to you; - process your Personal Data as transparently as practically possible.
- 1.4. By providing access to our Website, we act reasonably as well as in good faith and
believe that you:- have all necessary rights to access the Website;
- provide true, accurate, current, and complete information about yourself;
- reach the minimum age in the relevant territory or your parents or other legal representatives agree
that you access the Website; - carefully read, understand, and accept this Policy.
- 1.5. Nekki is guided by relevant laws and regulations regarding privacy and Personal Data
protection, including but not limited to the Regulation (EU) 2016/679 or General Data Protection Regulation
(“GDPR”). Please note that some terms, procedures, rights and obligations related to privacy may vary in
different countries, depending on the applicable local laws. - 1.5.[1.6.] This Policy supplements but does not supersede or replace any other consents you
may have previously provided to us in respect of your Personal Data, and your consents herein are additional
to any rights which Nekki may have at law to collect, use or disclose your Personal Data. - 1.6.[1.7.] We may from time to time update this Policy to ensure that it is consistent with
future developments, industry trends and/or any changes in legal or regulatory requirements. Subject to your
rights at law, you agree to be bound by the prevailing terms of this Policy as updated from time to time
following Section 3 of the Policy. Please check back regularly for updated information on how to handle your
personal data - 1.7.[1.8.] For purposes of this Policy, “Personal Data” means any information that directly
or indirectlyidentifies a particular individual, including any other information that is subject to
applicabledata protection laws - 1.9. This Policy applies to our collection, use and disclosure of Personal Data related to
the users visiting the Website. This Policy does not apply to job applicants or to Nekki employees and
non-employee contractors, whose Personal Data is subject to different privacy notices.
2. About us
- 2.1. Nekki is a data controller. This means that we determine the purposes and means of the
Personal Data processing and, therefore, are responsible for your Personal Data. - 2.2. Our contact details are the following:
- official email: info@nekki.com
- correspondence address: Kimonos, 43Aa, 3095, Limassol, Cyprus.
-
2.3. For questions or complaints about processing your Personal Data or our handling of
Personal Data, please contact our Data Protection Officer (DPO), Sergey Sorokin, at any of the following:
official email:- official email: info@nekki.com
- correspondence address: Kimonos, 43Aa, 3095, Limassol, Cyprus.
-
2.4. After receiving the request, we will contact you to find out how we can help. If you have
any complaints about how we process your Personal Data, we will always prefer that you contact us first. -
2.5. Before responding to your request, we will take reasonable steps to verify the identity of
the person making the request. -
2.6. If we have doubts as to the identity of the person making the request, we may ask for
additional information to confirm your identity. -
2.7. If, having requested additional information, we are still not able to identify you, we may
refuse to act on your request
3. THE POLICY CAN BE CHANGED
- 3.1. We reserve the right to change the terms of this Policy at any time and at our discretion
-
3.2. If we decide to update the Policy, we will notify you about the changes in advance and
before the changes take effect via the Website -
3.3. Additionally, we will always:
-
post the new version of the Policy here so that you always know about our approach to your Personal Data
processing; -
provide all updates made compared to the previous version of the Policy by modifying the section “Notice
of Changes” above.
-
post the new version of the Policy here so that you always know about our approach to your Personal Data
-
3.4. We encourage you to periodically check our Policy to monitor the updates on it. We will
always post the date our Policy was last updated at the top
4. WHAT PERSONAL DATA WE PROCESS AND HOW WE DO THIS
- 4.1. The scope of Personal Data we process varies based on the purpose for which we process
it. - 4.2. The table below contains specific information about the purposes of Personal Data
processing,their scope, the lawful basis for processing, and the Personal Data retention period: - 4.3. Cookies. We use cookies and other tracking technologies on our Website. Cookies are
small text files that are downloaded to your device when you visit the Website and that identify your
browser or device. The next time you visit the Website, it will recognize the cookies as well as your device
and send this information back to the Website, which originally created the cookies, or to another Website,
platform, or application that recognizes them. Other types of tracking technologies work similarly to
cookies and place small data files on your devices or monitor your Internet activity to enable us to collect
information about how you use the Website. Cookies and other tracking technologies we use do not harm your
device. - 4.4. The Website is integrated with the services of the third-party suppliers in some cases.
In such a scenario, the respective third parties may place their own cookies and other tracking
technologies, which are governed by their relevant policies - 4.5. Generally, cookies and other tracking technologies help us to recognize your device and
track your activities, thereby allowing us to improve our Website, adapt it to your interests and needs as
well as ensure your security - 4.6. The table below contains information regarding cookies:
- 4.7. We use сookies and other tracking technologies only if you provide your respective
consent. Otherwise, in the absence of it, we will use strictly necessary cookies only (if they are used),
because they are needed for the functioning of the Website. We will not be able to ensure that the Website
is working for you without such cookies. The usage of strictly necessary cookies is based on our legitimate
interest in guaranteeing the smooth operation of the Website - 4.8. We may also collect information about you from any emails or letters that you send to
us. We only use any such information in accordance with this Policy. Such information may be received by us,
for example, by email, or via Discord server/ - 4.9. We do not process any special categories of Personal Data. If such data accidentally
falls into our possession, we immediately delete it and use any other reasonable measures to prevent the
disclosure of such information to third parties. - 4.10. Direct marketing. You agree that by entering your email address in the
“Subscribe” field on the Website and by pressing the “Subscribe” button you give consent to
receive regular newsletter or marketing messages from us related to our products. - 4.11. If you wish to stop receiving our marketing communications, you can unsubscribe
at any time by clicking the “unsubscribe” link at the bottom of our emails or by contacting us directly
at [insert email address]. Your request will be processed promptly, and you will no longer receive marketing
emails from us.
Purpose of processing | Scope of Personal Data | Lawful basis for processing | Retention period |
---|---|---|---|
To send you main news and other information about our product – the “Spine” videogame | Email address IP addres | We process your Personal Data under the consent given by you. Such consent is deemed given by you if you put a tick in the “I agree to the processing of my Personal Data” box that will appear when you register on the Website. |
We only store your Personal Data for as long as necessary for the purpose the data was collected for. This means that Personal Data collection based on your consent will be deleted if you withdraw your consent or delete your account unless we are required to retain all or part of the data under applicable law. After that, Personal Data is destroyed by erasing from the cloud server. |
Name | Domain | Description | Expiration | Type |
---|---|---|---|---|
YSC | .youtube.com | YSC cookie is set by YouTube and is used to track the views of embedded videos on YouTube pages. | Session | Advertisement |
VISITOR_ INFO1_ LIVE | .youtube.com | A cookie set by YouTube to measure band width determines whether the user gets the new or old player interface. |
6 months | Advertisement |
VISITOR_ PRIVACY_ METADATA | .youtube.com | YouTube sets this cookie to store the user’s cookie consent state for the current domain. | 6 months | Advertisement |
sessionid | store.steam powered.com | Protects users and services from certain attacks (also called cross-site request forgery or CSRF attacks) |
Session | Other |
_ga_* | .spine.game | Google Analytics sets this cookie to store and count page views. | 2 years | Analytics |
_ga | .spine.game | Cookie, installed by Google Analytics, calculates visitor,session and campaign data and also keeps track of siteusage for the site’s analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors |
2 years | Analytics |
yt-remote- device-id | youtube.com | YouTube sets this cookie to store the video preferences of the user using embedded YouTube video. | Permanent | Functional |
yt-player- headers- readable | youtube.com | The cookie is used by YouTube to store user preferencesrelated to video playback and interface, enhancing the user’s viewing experience |
Permanent | Functional |
yt-remote- connected- devices | youtube.com | YouTube sets this cookie to store the video preferences of the user using embedded YouTube video | Permanent | Functional |
yt-remote- session- app | youtube.com | The cookie is used by YouTube to store user preferences and information about the interface of the embedded YouTube video player |
Session | Functional |
yt-remote- cast- installed | youtube.com | The cookie is used to store the user’s video player preferences using embedded YouTube video | Session | Functional |
yt-remote- session-name | youtube.com | The cookie is used by YouTube to store the user’s video player preferences using embedded YouTube video |
Session | Functional |
yt-remote- fast-check- period | youtube.com | The cookie is used by YouTube to store the user’s video player preferences for embedded YouTube videos |
Session | Functional |
5. DETAILS OF DATA PROCESSING
- 5.1. We will start processing your Personal Data when we determine your country via IP
address - 5.2. Your Personal Data will not be collected and processed by us if you do not access our
Website - 5.3. The provision of Personal Data is not a statutory or contractual requirement, as well as
is not a requirement necessary to enter into a contract. You are free to refuse the processing of your
Personal Data - 5.4. However, if you refuse to consent to our processing of your Personal Data, we may limit
your access to our Website functionality. Nekki is not liable if the missing Personal Data processing
prevents the adequate use of the Website. - 5.5. We process the Personal Data that:
- you or your legal representative provide to us;
- can be tracked (e.g., using cookies and similar technologies).
- 5.6. We deem confidential any of your Personal Data. Nevertheless, we can disclose them in
cases stipulated in applicable local laws, including GDPR. In particular, to public authorities - 5.7. We do not receive your Personal Data from publicly accessible sources
- 5.8. We use the services of some processors in order to process your Personal Data, namely:
- 5.9. These processors store your Personal Data on their servers and provide us with other
services of support systems for the Website. - 5.10. They process your Personal Data in accordance with the terms of the written contracts
concluded between Nekki and its processors. These contracts provide that the processors shall process and
use your Personal Data only to the extent provided in the contract. The terms of the contracts do not
violate the processors’ obligations and your rights as a data subject. - 5.11. We do not process your Personal Data automatically so you cannot be the subject to a
decision based solely on automated processing, including profiling.
Processor | What it does | More information |
---|---|---|
Google LLC | Provides us with Google Analytics – the tool that helps us understand how people use our Website, so we can take action to improve users’ experience. Also provides us with Youtube features, i.e. views tracking etc. |
Privacy policy |
Amazon Web Services, Inc | Provides servers for the Website hosting. | Privacy policy |
6. SECURITY
- 6.1. We are committed to protecting the security of your personal information. We use
reasonable information security measures, including physical, administrative, and technical safeguards,
including but not limited to, firewalls, antivirus and SSL encryption in order to protect your personal
information from:- unauthorised access;
- improper use or disclosure;
- unauthorised modification or alteration;
- unlawful destruction or accidental loss.
- 6.2. These measures vary based on the sensitivity of the information that we collect,
process, and store and the current state of technology. - 6.3. Our employees and third parties are obliged to keep Personal Data confidential when
accessing your information. Anyone who has such access is subject to strict contractual obligations
regarding confidentiality and may be subject to disciplinary action if he does not fulfill these
obligations. - 6.4. We are constantly improving our data security systems and doing everything in our
capacity to prevent its breach. In case such a breach occurs, we undertake to notify you and the regulators
about the incident as quickly as possible, as well as to make every effort to minimize negative
consequences.
7. TRANSFER AND STORAGE
- 7.1. Personal Data we collect may be stored and processed for the purposes set out in this
Policy in any country in which we operate. Besides, your Personal Data may be transferred, stored, and
processed by recipients in various countries around the world where our servers are located, and our
databases are operated. We do all necessary to make sure all recipients understand the necessity to process
Personal Data only on a legal basis considering any and all applicable legislation. - 7.2. Our servers are located in the European Economic Area (EEA), namely in Germany and the
Netherlands. Such servers are provided by Amazon - 7.3. We do not sell your Personal Data. We also do not allow any Personal Data to be used by
third parties for their own marketing purposes, except in cases where you explicitly request or provide
consent for us to do so. However, we do need to share Personal Data to provide smooth Website operation to
you. Below are the different scenarios under which we may share your data with third parties. - 7.4. We may transfer your Personal Data to the following third parties’ categories:
- any third party to whom we assign or novate any of our rights or obligations under a relevant
agreement; - any national or international regulatory, enforcement, exchange body, central or local government
department, and other statutory or public bodies or court where we are required to do so by applicable
law or regulation at their request; - any third parties, if you expressed your consent to such transfer or transfer of your Personal Data;
- third parties mentioned in Subsection 5.8 of the Policy.
- any third party to whom we assign or novate any of our rights or obligations under a relevant
- 7.5. The use of our Website often involves the transfer of Personal Data to recipients and
third parties both inside and outside the EuropeanEconomic Area (EEA). We take care to ensure our partners
regardless of location have sufficient safeguards in place to properly process and protect your Personal
Data in line with our own data protection and information security standards. - 7.6. One of the important steps we take when it comes to international data transfers
involving third parties is due diligence and vetting. As part of the third-party vetting process, we ensure
that Personal Data will only be transferred to a third party located outside the EEA with the required
cross-border transfer mechanism and safeguards in place. This means that when we engage a third party that
is located outside of the EEA, we agree on the appropriate level of data protection, including additional
contractual, technical, and organizational measures and the execution of a transfer impact assessment where
necessary, to ensure the ongoing protection of the rights and freedoms of all individuals, inside and
outside the EU. We consistently monitor changes to the international transfer mechanisms permitted under
applicable privacy laws to ensure ongoing compliance with international data protection standards.
8. DATA SUBJECT’S RIGHTS
- 8.1. You have many rights over your Personal Data and how it is used. Here are set out the
major rights, which are available to you and how to make use of those rights: - 8.2. Before we process any request, we may ask you for certain information in order to verify
your identity. Where permitted by local law, we may reject requests that are unreasonable or impractical. We
will respond to your requests in a reasonable timeframe.
Right to access your Personal Data | At any time, you can ask us about what your Personal Data we have, what we do with them, why we process them, who we have told about you, etc. You also can ask us to give you a copy of the Personal Data processing, if you like. To request access, send us an email via [ ] headed “Subject Access Request”. |
Right to rectify your Personal Data | At any time, you can request that we update, block or delete your Personal Data if the data is incomplete, outdated, incorrect, unlawfully received or there is no need to proceed with it anymore. |
Right to erasure | At any time, you can ask us to delete all Personal Data that we have about you – it is your right to be forgotten, as if we have never met before. However, we have the right not to erase your Personal Data and process it insofar as the processing is permitted by the applicable law on Personal Data, including but not limited to the purposes ofsettling claims and disputes, as well as sending responses to requests from state authorities. |
Right to restrict the use of your Personal Data | For example, if you think that your Personal Data is not accurate and we need time to check it, we can pause in processing your Personal Data enough to clarify, whether it is so or not |
Right to object to the processing of your Personal Data | At any time, you can tell us to stop and we will no longer process your Personal Data, but we can still keep them if there is legitimate ground for that. |
Personal Data | legitimate ground for that. |
Right to data portability | If you wish, you can ask us to download (export) all Personal Data that we have in the format acceptable to give it to someone else or ask us to give them your data directly |
Right not to be subject to an automated decision | If we process your Personal Data automatically and we make some decisions according to it, and it affects you in any serious way, you can express your point of view and contest such a decision. But in reality, we do not do this. |
Right to lodge a complaint with a supervisory authority | You always can complain about us and about the way we are processing your Personal Data |