Privacy Policy
MIXRIFT
In this privacy policy (“Privacy Policy”), it is described how MIXRIFT including its affiliates (“MIXRIFT”) Processes Personal Data. For more information and/or to exercise rights as a Data Subject, contact information to MIXRIFT can be found under Contact Information.
The law in some jurisdictions may provide you with additional rights regarding our use of Personal Data. To learn more about any additional rights that may be applicable to you as a resident of one of these jurisdictions, please see the privacy addendum for your jurisdiction that is attached to this Privacy Policy.
If you are located in California, you have additional rights described in our Privacy Policy Addendum for California Residents: Attachment 1. Definitions
-
User means any entity, organization, corporation or living natural person that uses the Services and/or interacts with MIXRIFT in any way.
-
Data Processor means anyone who Processes Personal Data on behalf of a Data Controller.
-
Data Controller means a legal entity, who alone or jointly with others, determines the purposes and means of the Processing of Personal Data.
-
Data Protection Legislation means the applicable data protection legislation such as Regulation (EU) 2016/679 (General Data Protection Regulation; the “GDPR”) and any other applicable data protection legislation.
-
EU/EEA means the European Union/European Economic Area.
-
Personal Data means any information that, directly or indirectly, can identify a natural person.
-
Processing means any operation or set of operations performed with regard to Personal Data, whether or not performed by automated means, such as collection, recording, organisation, storage, adaptation, alteration, retrieval, gathering, use, combination, blocking, erasure or destruction.
-
Recipient means a natural or legal person, public authority or another body, to whom Personal Data may be disclosed to by MIXRIFT.
-
Services means any of MIXRIFT’ services and/or games as well as communications provided on MIXRIFT’ websites and other electronic channels.
General
This Privacy Policy describes how MIXRIFT as a Data Controller Processes User’s Personal Data on a general level. Specific information about further Processing can be found in separate agreements, websites or other documents related to MIXRIFT.
MIXRIFT may need to Process Personal Data in order to provide the Services to the Users, fulfill legal obligation or for the performance of agreements. If a User chooses not to provide or submit Personal Data in the Services, it may prevent MIXRIFT from fulfilling the above mentioned obligations. In some cases, Users may not be able to use and access the Services, such as multiplayer features of the games provided by MIXRIFT.
MIXRIFT ensures the confidentiality of Personal Data and has implemented appropriate technical and organizational measures to safeguard Personal Data from unauthorized access, unlawful disclosure, accidental loss, modification, destruction or any other unlawful Processing.
MIXRIFT may use approved Data Processors for Processing Personal Data. MIXRIFT ensures that Data Processors Process Personal Data under documented instructions of MIXRIFT which are in accordance with adequate and required security measures in accordance with Data Protection Legislation.
Personal Data of children
The Services are not directed or intended for children and MIXRIFT does not knowingly collect Personal Data from children under 18 years old in the Services. MIXRIFT prohibits submission of Personal Data by children, unless sent under the supervision of their parent or guardian. It is important to safeguard the privacy of children and MIXRIFT encourages parents to regularly monitor their children’s use of online activities. MIXRIFT will promptly delete Personal Data submitted by children unless legally obligated to retain such data.
MIXRIFT requests that any parents of children under the age of 18 that may have submitted Personal Data to make contact at support@mixrift.com.
Security
MIXRIFT has taken reasonable steps to ensure that Personal Data it collects is secure and reasonable measures are put in place to protect the confidentiality, security, and integrity of the Personal Data collected from our Users. Personal Data is stored in secure operating environments that are not available to the public and that are only accessible to authorized employees and contractors. MIXRIFT also has security measures in place to protect the loss, misuse, and alteration of the information under our control.
Please note that MIXRIFT may provide links to other games and websites that are operated and hosted by third parties who may have their own privacy policies. The Processing of Personal Data by third parties in other games and websites are governed by their own privacy policies, which may be substantially different from this Privacy Policy. Visitors to other games and websites are encouraged to review the privacy policies and information collection practices of those websites.
Any improper collection or misuse of User Created Content or information provided in the Game is a violation of the Terms of Use and should be reported to MIXRIFT at support@mixrift.com.
Collection of Personal Data and categories of Data Subjects
MIXRIFT primarily collects from and Processes Personal Data of Users of the Services, such as players of the games provided by MIXRIFT. Personal Data may be collected from Users directly, by User’s submission of Personal Data and/or automatically from the use of the Services. MIXRIFT may also save electronic communications or otherwise document MIXRIFT’ interaction and communication with Users in various electronic channels. MIXRIFT also collects non-personally identifiable information, such as anonymous gameplay data and statistical information, derived from the Services, in order to improve the Services.
MIXRIFT also collects and Processes Personal Data from prospective customers, agents, legal representatives, corporate representatives, signatories, shareholders, contact persons, board members, job applicants and visitors of MIXRIFT’ offices. For job applicants, please also see the privacy policy available on MIXRIFT’ job applications website.
MIXRIFT may also collect Personal Data from other sources, such as third party sites or platforms, newspapers, blogs, instant messaging services in order to improve and provide the Services as well as a more personalized experience. MIXRIFT will in some cases ask for email addresses for sales and marketing purposes.
Categories of Personal Data
The main categories of Personal Data Processed by MIXRIFT include:
-
Identification and contact information such as name, personal identification code/number, internet protocol (IP) address, online nickname, date of birth, address, telephone number, email address and country of residence.
-
Communication information such as complaints/support matters in voice/written form, images and/or audio recordings, emails, messages and other communications such as social media.
-
Electronic interaction information such as the type of browser that is used, the type of operating system that is used, the IP address or other unique identifier such as a device identifier of any computer(s) or device(s) that are used to access electronic channels.
Legal basis and purpose of Processing
Performance of agreements
MIXRIFT Processes Personal Data to fulfill obligations in agreements with external parties. This Processing relates to the execution, documentation and administration of agreements entered into by MIXRIFT. Examples of purposes for Processing are to verify transactions with business partners, to perform play- and beta tests and to provide the games as part of the Services.
Legal obligations
MIXRIFT Processes Personal Data in order to fulfill legal obligations imposed by regulators. Examples of purposes for Processing are to identify Users in order to make sure that MIXRIFT does not collect Personal Data from children as well as to comply to bookkeeping obligations.
Consent
MIXRIFT Processes Personal Data in some cases when Users have provided their consent to it and the provided consent can always be withdrawn. An example of purpose for Processing is when subscribing to MIXRIFT’ newsletter.
Legitimate interest
MIXRIFT Processes Personal Data based on MIXRIFT’ legitimate interest. MIXRIFT have concluded this Processing necessary for the interest pursued by MIXRIFT, which outweighs the User’s interest of protection of the Personal Data. Examples of purposes for Processing are to improve the Services, to provide personalized offers and direct marketing and to organize competitions and campaigns.
Cookies
Cookies are used by MIXRIFT for different purposes when visiting MIXRIFT’ websites. All cookies used are listed in the Cookie Declaration available on MIXRIFT’ website.
Recipients of Personal Data
Based on the legal bases and the purposes for Processing by MIXRIFT, MIXRIFT may share User’s Personal Data with Recipients to Process Personal Data as a Data Processor. MIXRIFT will only share necessary Personal Data for the purposes of the disclosure and never for the Recipient's own purposes. Further, MIXRIFT will only share Personal Data if the Recipients have ensured an adequate level of protection of the Personal Data in accordance with Data Protection Legislation. MIXRIFT may also share anonymous or aggregated information, or other data that is not considered Personal Data with third parties, for example personas on leaderboards or to show trends about the use of MIXRIFT’ Services.
Third party agents/contractors/developers.
Service, data and cloud storage
Recipient name: Apple, Meta, Unity
Personal Data: Player data, user ID, player progression and settings, logs
Marketing services
Recipient name: beehiiv and Wix
Personal Data: email address and name
Where applicable the Recipient’s Processing of Personal Data will not be covered by this Privacy Policy. In such instances you must review such Recipients’ privacy policies.
Location of Processing
In some cases MIXRIFT may transfer and share Personal Data to third parties (including service providers operating on behalf of MIXRIFT) which may be located in countries outside the EU/EEA which may not have the same level of data protection laws as those in the country where the User is located. Where Personal Data is transferred to a country outside the EU/EEA that is not subject to an adequacy Data Protection Legislation, the transfer will only occur if there are appropriate safeguards in place such as (i) an agreement with the EU Standard Contractual Clauses, code of conducts, certifications or other clauses compliant and in accordance with Data Protection Legislation, or (ii) the country outside EU/EEA has an adequate level of data protection as approved by the EU Commission.
Retention period of Personal Data
MIXRIFT will not retain Personal Data longer than necessary for the purposes for the Processing carried out by MIXRIFT unless required by Data Protection Legislation. MIXRIFT may need to retain Personal Data in order to establish, exercise or defend a legal claim or to comply with applicable law, including accounting rules. Personal Data is deleted or anonymized by MIXRIFT as soon as it no longer serves the purpose it was collected and Processed for.
Data Subject’s rights
User’s have the following general rights as Data Subjects regarding the Processing of Personal Data carried out by MixRift:
Right to correction meaning the Users can request to correct the Personal Data if the Personal Data is incorrect, incomplete or inadequate.
Right to objection meaning Users can object to the Processing for certain purposes, such as direct marketing.
Right to erasure meaning Users can require the Personal Data to be deleted.
Right to restriction meaning the User can restrict the Processing, for example when the amount of Personal Data necessary for Processing is contested by the User.
Right to information and access meaning the Users can receive information if their Personal Data is Processed and gain access to their Personal Data.
Right to receive a copy of the Personal Data meaning the Users can request to receive their Personal Data that is Processed, provided that the Processing is based on agreement or consent. The Personal Data will be received in written or commonly used electronic format. If technically feasible, the User may request that the Personal Data is transferred to another Data Controller.
Right to withdraw consent meaning the Users can withdraw their consent to the Processing of Personal Data.
Right to request not to be subject to fully automatic decision-making meaning the Users can request that their Personal Data is not part of Processing for any automatic decision-making, including profiling, if such processing has any significant or legal effects for the Users. If the decision-making is in accordance with Data Protection Legislation and/or the Users have provided their explicit consent, this right is not applicable.
Please note that the above described rights for the Users as Data Subjects may be limited if the Personal Data is necessary for compliance with a legal obligation or for the establishment, exercise or defense of legal claims
To invoke any of the rights described above or for more information regarding the rights, Users may contact MIXRIFT at any time by emailing support@mixrift.com. MIXRIFT will process and answer requests without undue delay and in any event within one month of the receipt of the request unless a longer period is required due to the complexity of the request. In this case, the response time can be up to three months in total.
Changes to the Privacy Policy
This Privacy Policy applies to all Personal Data collected or provided to MIXRIFT. This Privacy Policy is subject to change and MixRift may make any necessary changes to this Privacy Policy. MIXRIFT will notify Users of material changes by posting providing information about the changes in the Services. Users are encouraged to check back and review this Privacy Policy from time to time so that Users are always aware of what Personal Data is collected, how it is Processed and for which purpose and to whom it is disclosed. All continued use of and access to the Services is subject to this Privacy Policy and will signify Users acceptance of Privacy Policy and any potential changes to it.
Contact information
For any questions, complaints or comments regarding our Privacy Policy, or to exercise the rights as a Data Subject, please contact MixRift at:
Name: MIXRIFT LTD
Registration number: 754104
Tax number: -
Registered address:
No.1 Grant's Row, Mount Street Lower, Dublin 2, Dublin, D02 HX96, Ireland
Email: support@mixrift.com
ATTACHMENT 1
MIXRIFT PRIVACY POLICY
ADDENDUM FOR CALIFORNIA RESIDENTS
This Privacy Addendum for California Residents supplements the information contained in MixRift’ ("we”, “us” or “our”) Privacy Policy and applies solely to all visitors, users, and others who reside in the State of California (“consumers” or “you”). Any terms we use in the Privacy Policy without defining them have the same definition given to them in the Privacy Policy.
We adopt this addendum to comply with the California Consumer Privacy Act of 2018 and the California Privacy Rights Act of 2020 (collectively, “CA Privacy Acts”) and any terms defined in the CA Privacy Acts have the same meaning when used in this addendum.
Information We Collect
We collect information that identifies, relates or describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household (“personal information”). Personal information does not include (i) publicly available information from government records, (ii) anonymized or aggregated consumer information, or (iii) information excluded from the CA Privacy Acts’ scope. In particular, we have collected the following categories of personal information from our consumers within the last twelve (12) months:
We collect most of this personal information directly from you when you use our website and Services or contact us. However, we may also collect information from the following categories of sources:
-
Third parties (e.g., advertising networks, internet service providers, and social networks).
-
Third parties with your consent (e.g., your bank).
-
Cookies on our website.
-
Automated information collection.
-
Our IT systems
Use of Personal Information
We may use or disclose the personal information we collect for one or more of the following purposes:
-
To fulfill or meet the reason you provided the information. For example, if you share your name and contact information to ask a question about our Services, we will use that personal information to respond to your inquiry. If you provide your personal information to purchase a product or service from us, we will use that information to process your payment and facilitate delivery.
-
To provide, support, personalize, and develop our website and Services.
-
To create, maintain, customize, and secure your account with us.
-
To process your requests, purchases, transactions, and payments and prevent transactional fraud.
-
To provide you with support and to respond to your inquiries, including to investigate and address your concerns and monitor and improve our responses.
-
To help maintain the safety, security, and integrity of our website, Services, databases and other technology assets, and business.
-
For testing, research, analysis, and product development, including to develop and improve our Website and Services.
-
To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
-
As described to you when collecting your personal information or as otherwise set forth in the CA Privacy Acts.
-
To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us about our consumers is among the assets transferred.
We will not collect additional categories of personal information, sensitive personal information, or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice.
How Long We Keep Your Personal Information
We will not retain your personal information for longer than reasonably necessary for the purposes described above. We will delete or anonymize personal information as soon as it no longer serves the purpose it was collected and processed for. The table below shows our standard retention practices:
Disclosure of Your Personal Information
We do not sell personal information. We may disclose your personal information to a third party for a business purpose. When we disclose personal information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract. In the preceding twelve (12) months, we have disclosed the following categories of personal information for a business purposes to the following third parties:
Your Rights and Choices Under the CA Privacy Acts
The CA Privacy Acts provide consumers (California residents) with specific rights regarding their personal information. This section describes your CA Privacy Act rights and explains how to exercise those rights. An authorized agent may exercise these rights on your behalf. If an authorized agent submits a request to know or delete your personal information, we require you to:
-
Provide your authorized agent with signed permission to exercise your rights and choices on your behalf;
-
Verify your own identity directly with us; and
-
Directly confirm with us your authorized agent has permission to submit the request.
Access to Specific Information and Data Portability Rights
You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past twelve (12) months. Once we receive and confirm your verifiable consumer request (see Exercising Access, Data Portability, and Deletion Rights), we will disclose to you:
-
The categories of personal information we collected about you;
-
The categories of sources for the personal information we collected about you;
-
Our business or commercial purpose for collecting or selling that personal information;
-
The categories of third parties with whom we share that personal information;
-
The specific pieces of personal information we collected about you in a structured, commonly used, machine-readable format (also called a data portability request); and
-
If we disclosed your personal information for a business purpose, a list describing such disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.
We will never disclose in response to a request to know your account password. We may deny your request to access information if we do not maintain your personal information in a searchable or otherwise reasonably accessible format, if we maintain your information solely for legal or compliance purposes, or for any other reason permitted under the CA Privacy Acts. In the event we deny your request, we will describe to you the categories of records that may contain your information.
Correction and Deletion Request Rights
You have the right to request that we correct any of your inaccurate personal information, or that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request (see Exercising Access,Data Portability, Correction, and Deletion Rights), we will correct or delete (and direct our service providers and contractors to correct or delete, if applicable) your personal information from our records, unless an exception applies.
We may deny your deletion request if retaining the information for us or our service providers or contractors to:
-
Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
-
Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
-
Debug products to identify and repair errors that impair existing intended functionality.
-
Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
-
Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
-
Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
-
Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
-
Comply with a legal obligation.
-
Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
Exercising Access, Data Portability, Correction, and Deletion Rights
To exercise the access, data portability, correction, and deletion rights described above please submit a verifiable consumer request to us by emailing us at support@mixrift.com. Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information.
You may only make a verifiable consumer request for access or data portability twice within a twelve (12) month period. The verifiable consumer request must:
-
Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized agent; and
-
Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. Making a verifiable consumer request does not require you to create an account with us. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
Responding to Your Request
We endeavour to respond to a verifiable consumer request within forty-five (45) calendar days of its receipt. If we require more time (up to forty-five (45) days), we will inform you of the reason and extension period in writing. We will send you confirmation of receipt of any verifiable consumer request within ten (10) business days of its receipt.
If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response electronically.
Any disclosures we provide will only cover the twelve (12) month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily usable and should allow you to transmit the information from one entity to another without hindrance.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the requests warrant a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.