Privacy Statement
Introduction
This Privacy Statement is essential for our website visitors (‘you’) to better understand how we may process your personal data obtained through the use of this website. We advise you to read carefully every section of this Privacy Statement to inform yourself about how we use or otherwise process your personal data.
Personal data is any information about you that can possibly identify you as a natural person. This Privacy Statement does not apply to the processing that may occur on any other website but this one. The owner of this website (‘we’, ‘us’ , ‘our’) is:
Better Collective A/S,
Tolbodgade 12,
1253 Copenhagen K (Hovedstaden)
CVR 27652913
This Privacy Statement is valid from the 1st of March 2023, but it may be updated or modified from time to time. If an essential change or update occurs this may affect your rights and obligations regarding the processing of your personal data. When this takes place, you will be notified in advance so that you can review the changes before they come into effect. (e.g. if we rely on new purposes for data processing, launch new services or develop new technologies that significantly impact the way we process your data).
Data we process
By using our services you may disclose various pieces of information, including those that are considered as personal data. When your personal data is processed, you are considered to be data subject and you are entitled to exercise your rights guaranteed by relevant data protection legislation, as explained in this Policy.
Taking into account that we determine the purposes and means of processing personal data on our website, we are legally considered to be data controller over your personal data on this website. Being a data controller provides us with the opportunity to process your personal data, but also obligates us to protect it in the way regulated by applicable legislation including the EU General Data Protection Regulation (“GDPR”).
Please note that not all mentioned categories of personal data will be processed, in case you choose not to reveal them.
Personally identifiable information
When creating your profile we may process your email address, username, first and last name, address and steam ID.
Electronic identification data
Information about the time and date of when you access our website, your IP address and the browser type and version on your device, operating system you use, unique device identifiers and information about your network provider.
Financial identification data
Your financial identification data (such as SWIFT and your bank details) may be processed for the purpose of facilitating entry fees for playing in the tournaments.
Personal details
We may process your age and nationality.
Recordings
If you choose to upload a profile picture we may process your image.
How we use your data
For the purpose of creating your profile on our website, we may process personally identifiable information such as your first and last name and username. Your personal details such as your age,nationality and image you upload to your profile are processed for the purpose of profile personalization.
To process payments we process your payment information. This can include your name, your address, your email address and your VAT number.
We may process your electronic identification data to enable communication between your device and our server and to determine your approximate geolocation, which may be further used for service customisation (for example, to provide appropriate content for your language of choice). Your approximate location may also be used for analytical purposes. The processing of details about the browser and operating system you use is necessary to ensure the regular provision of our services to you. We may also need this data to solve technical problems should they emerge. The IP address of the user’s device may also be processed for the purpose of preventing the user’s re-registration on the website in case of any misconduct or misuse of identity.
Why we process your data (Legal basis)
According to the Art. 6. 1. (f) of the General Data Protection Regulation our legal basis for processing your personal data is the legitimate interest of improving our products and services. We process your personal data to provide our services to you, to enhance your overall user experience, to further develop, secure and maintain regular functionality of our website and to prevent threats that may occur. We process the IP address of the device you use in order to enable communication between your device and our server, as well as to determine your approximate geolocation which may be further used for service customisation (for instance to provide appropriate content for your language of choice). We also use this information for analytical purposes (for example to calculate how many visitors from specific countries/regions come to our website). The processing of information about the browser and operating system you use is necessary to ensure the regular provision of our services to you. Also, we may need this type of data to solve technical problems if they emerge.
According to the Art. 6. 1. (a) of the General Data Protection Regulation we rely on your consent when using your personal data for creating your profile and further personalising it.
How we use cookies
When you visit our website, your browser will receive cookies from us. By using cookies, we wish to provide the best possible on-site experience to all of our website visitors. The use of cookies enables the improvement of website functionalities, promotion of our products and delivering the content from third parties. For more information about the cookies we use, you can read our Cookie Policy.
How we protect your data
We regularly make sure that your data is kept up to date and stored securely. In order to achieve that we apply different technical and organisational measures to ensure the protection of your personal data against accidental or unlawful loss, alteration, theft, unauthorised disclosure or access, unauthorised use, potential data breaches and against all other unlawful forms of data processing.
Based on business needs and security requirements we apply restrictions of access control to your personal data. Access to your personal data is only granted to trained staff with authorisation, whose knowledge and skills are necessary to process personal data we gather adequately
Your rights
• Right to access: You have the right to ask us for copies of your personal information that we hold
• Right to rectification: You have the right to request correction or deletion of your personal data that you find inaccurate
• Right to be forgotten: Also known as the Right to erasure, entitles you to request for us to erase your personal data that we hold. It can happen in various cases: when the data is no longer needed for the purposes it was collected; when you have withdrawn consent and there is no other lawful basis on which we can continue to process it; when you objected to processing and there are no overriding legitimate grounds to continue; when the data has been unlawfully processed or when the data has to be erased for compliance with a legal obligation
• Right to restrict processing: You have the right, under limited circumstances, to request that we limit our use and processing of your personal data
• Right to object to processing: You have the right, under limited circumstances, to object to our processing of your personal data
• Right to data portability: You have the right to request the transmission of your personal data that we process to another entity, without hindrance from us, if such transmission is technically feasible
• Right to withdraw consent: You have the right to withdraw your consent at any time where we rely on it to process your personal information, without giving any reason to us
• Right to lodge a complaint: You have the right to lodge a complaint within your local or Danish Data Protection Authority if you feel that your rights are in violation. If you feel that your personal data rights have been breached or in case you have any question or doubts regarding the processing of your personal data on this website, or if you want to send us the request concerning your rights, you can contact us on dataprotection@bettercollective.com
As we are established in Denmark you may choose to contact the Danish Data Protection Agency - Address: Datatilsynet, Borgergade 28, 5, DK-1300 Copenhagen K;
Third party recipients that we share your data with
We may need to share your personal data with third-party entities. These entities help us to regularly provide and further develop our services (e.g. analytics, maintenance, marketing, development, functionality improvement). As defined under the GDPR, those third parties are to be considered as data processors. Data processors are involved in the processing of your personal data on the basis of relevant data protection agreements, which are created to make sure that your personal data is safe and secure.
Your personal data may be shared with public authorities and law enforcement agencies where it is necessary to do so and where we are legally required or permitted to do so.
Transferring to recipients from Third countries
If we transfer your personal data to a recipient registered in a ‘Third country’ (outside the European Economic Area), we will ensure that your data is transferred adequately and securely, in accordance with the applicable Data Protection Laws.
There are three categories of third-country recipients that your data may be transferred to:
• A recipient from a country which is considered to have an adequate level of data protection, approved by the European Commision. A list of countries that provide an adequate level of data protection is available here.
• A recipient from a country that does not have an adequate level of data protection, according to the European Commision. In this case, we will use contracts (Data Protection Agreements) that require the recipient to protect your personal data using the same standards as it would be within the EEA and implement appropriate safeguards as defined by the applicable data protection law, and particularly the GDPR.