The EU General Data Protection Regulation 2016/679 (GDPR) coming into effect on May 25th 2018, introduces an increased and more refined level of data protection across all member states.
To find out more about the GDPR, follow the links below to read guidelines and information published by the Information Commissioner’s Officer and the Greek Data Protection Agency:
Personal data = can be any sort of personal information, which enables recognition and/or identification of the subject.
Data breach = a breach of our security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data managed held by our company. “Data Incidents” will not include unsuccessful attempts or activities that do not compromise the security of your data.
Your Basic Rights
- Right of access: you can now have increased and more detailed knowledge on the collection and processing of your personal information as well as increased access to the information an organisation is holding about your person. You have the right to request access to your information held by us anytime.
- Right to rectification: the right to request that we amend or update your personal data where it is inaccurate or incomplete.
- Right to restrict: the right to request that we temporarily or permanently stop processing all or some of your personal data.
- Data processing and profiling: you have the right to object the processing of your personal information (subject to certain exceptions), especially for the purposes of profiling and direct marketing.
- Right to erasure: when you no longer wish for your personal information to be held and/or processed by an organisation you have the right to request the complete and permanent deletion of your personal data from their file.
- Right to data portability: the right to request a copy of your personal data in electronic format and the right to transmit that personal data for use in another party’s service.
Our Responsibility Towards You
- Responsibility: data controllers must be able to prove at all times that they have followed all the necessary technical and administrative steps and protocols ensuring the safety of personal information in compliance with the GDPR
- Data protection by design: from as early as the design stage of products and services, all the necessary steps are followed to ensure the safety of personal information. For example, the design and inclusion of a “see my information” or “delete my account” feature when one is creating a website.
- Data protection by default: the GDPR states that the only data which can be collected and processes “by default” are those absolutely necessary for the successful completion of the processing exercise.
- Secure data processing: both the data controller and the data processor are required to take all the necessary technical and administrative measures in order to ensure the desired level of data protection.
- Notification upon data breaches: the controller is obliged, upon becoming aware of a breach in the system, to notify the relevant data protection agency of the country, where the breach has occurred. You will only be notified of such a breach only if it poses a high risk to you and your data.
- Impact and risk assessment: sometimes, subject to the nature and scale of the data processing the controller must carry out a data protection impact assessment.
- Data protection officer (DPO): some organisations are required by the GDPR to appoint an independent data protection officer who will supervise and enforce the organisation’s compliance with the GDPR, and who will serve as liaison with the relevant data protection agency.
What Data do We Collect from You?
- Account Registration Data = the personal data that is provided by you or collected by us to enable you to sign up for and use the Mativision services. This may include your email address, real name, twitter screen name, twitter follower count, twitter location, twitter timezone, linkedin job summary, linkedin job title, linkedin profile url, linkedin company name, linkedin industry, facebook age range.
The amount of data we collect may vary depending on which mativision app you use to download and on what capacity you wish to do so.
- Technical Data = may include URL information, cookie data, your IP address, the types of devices you are using to access or connect to the particular Mativision service, unique device IDs, device attributes, network connection type (e.g. WiFi, 3G, LTE, Bluetooth) and provider, network and device performance, browser type, language, information enabling digital rights management, operating system, and application version as well as, motion-generated or orientation-generated mobile sensor data (e.g. accelerometer or gyroscope) required for the purposes of providing specific features of the Mativision service to you.
- Voluntary Mobile Data
- your precise mobile device location – if you give us permission to access your precise location, this enables us to access your GPS or Bluetooth to provide location-aware functionality. Please note that this does not include your IP address. We use your IP address to determine non-precise location, for example, what country you are in to comply with our licensing agreements;
- your voice data – if you give us permission, this enables us to access the voice commands captured via your device microphone, to enable you to interact with service. Please note you will always have the ability to turn off the microphone feature
How We Use Your Information?
Mativision does not use your information in any way other than what is absolutely necessary to carry out our services. We do not profile your data or forward it to third parties for any purpose, including targeted advertising.
We collect your data:
- when you access our website
- when you install a mativision app
- when you register as a user to one of our apps
The only data we may collect from you is in order to understand how you access and use our services and apps, to ensure technical functionality, develop new services.
Mativision does not collect, purchase, or otherwise receive personal information from third parties such as advertisers and partners.
Parts of our services require us to work with Google and thus sometimes your information may be retained separately through those. mativision takes no responsibility for such uses of your data since it is essentially out of our power or jurisdiction to do so. We have included here a brief explanation of how your data may be used but if you need more information you may have to look into Google’s, the App store’s etc. own privacy statements.
Information that Google Analytics collects as you use our services
Google Analytics collects information about your demographics. Specifically, it collects information about your language, country and city.
It collects device info such as Operating System, Service provider, browser, mobile device branding and screen resolution.
It also gets information about your interaction with our services, such as the number of users, sessions, screen views, screen views per session, average session duration, percentage of new session, number of active users and number of new versus number of returning users.
In case of a Mativision app it collects app info, app name and app version.
What we use the Google Analytics data for:
We use data to build better services.
We use your information to ensure that our services are working as intended. And we use your information to make improvements to our services.
Maintain & improve our services
We use the information that we collect from existing services to help us develop new ones.
We use data from analytics to understand how our services are used. For example, we analyse data about your visits to our site to do things like optimise product design.
Protect our users and the public
We use information to help improve the safety and reliability of our services. This includes detecting, preventing, and responding to fraud, abuse, security risks and technical issues that could harm our users or the public.
Location Tracing – Geometrics:
We use your device’s location and sensors to provide accurate rotation tracking in our VR and Gyro modes.
You have the right, anytime after May 25th 2018, to request a copy of our company policy listing all the actions and measures we have taken to protect your information and shield our systems from potential breaches in compliance with the GDPR.
Sharing Your Personal Data
None of the information and personal data you share with us will be made publically available. In the case of our classroom feature, where one can organise and share lectures amongst selected users, the only data visible to the other members of the group (never to the general public) will be your username and email address.
We may share your personal data when we in good faith believe it is necessary for us to do so in order to comply with a legal obligation under applicable law, or respond to valid legal process, such as a search warrant, a court order, or a subpoena.
We also will also share your personal data where we in good faith believe that it is necessary for the purpose of our own, or a third party’s legitimate interest relating to national security, law enforcement, litigation, criminal investigation, protecting the safety of any person, or to prevent death or imminent bodily harm, provided that we deem that such interest is not overridden by your interests or fundamental rights and freedoms requiring the protection of your personal data.
Data Retention and Deletion
We keep your personal data only as long as necessary to provide our services and develop our apps. If you have registered as a user in one of our apps, we will keep some of your personal data (specifically, your name and email address) for as long as you are a user of that service.
Upon your request, we will delete or anonymise your personal data so that it no longer identifies you, unless, we are legally allowed or required to maintain certain personal data, including situations such as the following:
- if there is an unresolved issue relating to your account, such as an outstanding credit or an unresolved claim or dispute we will retain the necessary personal data until the issue is resolved;
- where we are required to retain the personal data for our legal, tax, audit, and accounting obligations, we will retain the necessary personal data for the period required by applicable law
You can unsubscribe your email and request deletion of your account and/or your data from our systems anytime. For the mativision apps, simply find the “delete my account” feature and select it. Otherwise, feel free to contact us with enquiries in the email address provided below.
Keeping your Personal Data Safe
We are committed to protecting our users’ personal data. We implement appropriate technical and organisational measures to help protect the security of your personal data; however, please note that no system is ever completely secure.
We have implemented various policies including encryption, access, and retention policies to guard against unauthorised access and unnecessary retention of personal data in our systems.
Your password protects your user account, so we encourage you to use a unique and strong password, limit access to your computer and browser.
Our updated Privacy Notice will be effective from 25 May 2018 and you’ll be able to view it at http://www.mativision.com/privacy-policy/ with detailed information about your increased rights to your own personal data, the type of information we keep about you and how we use it.
If you have any questions, would like to request a copy of our company policy, wish to delete your account or have your information erased from our systems, or anything else please contact our Data Protection Officer at firstname.lastname@example.org