PRIVACY POLICY

EFFECTIVE DATA

This PRIVACY POLICY applies to the information collected by ESport Academy IvS., (we) through the https://classicraider.com/ website (Website), what information we collect from you and how we use, store and protect it. Please read this PRIVACY POLICY to get clear information regarding the processing of your personal data.

The ESport Academy IvS. reserves the right to change this PRIVACY POLICY at any time in case of changes in the law, our data collection, and use process, the way in which our website and services work. We shall notify you about any changes in our PRIVACY POLICY

 

1.               Definitions

The terms listed below have the meanings assigned to them in the Regulation (EU) 2016/679 General Data Protection Regulation:

1.1.          Personal Data means any information relating to an identified or identifiable natural person (‘Data Subject’). In this definition identifiable natural person means one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person; 

1.2.          Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;

1.3.          Controller meansany natural or legal person, public authority, agency or another body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by the European Union or Member State law, the controller or the specific criteria for its nomination may be provided for by the European Union or the law of the Denmark.

1.4.          Data Subject is an identified or identifiable natural person who can be identified, directly or indirectly, based on particular information representing personal data;

 

2.              General provisions

2.1.          The Privacy policy of the Controller is based on the personal data protection requirements and principles adopted by virtue of Regulation (EU) 2016/679 General Data Protection Regulationof European Parliament Commission .

2.2.          The Controller acknowledges the privacy of Data Subjects and makes efforts to protect them against any unlawful processing of Personal Data.

2.3.          The Controller applies all necessary relevant technical and organizational measures to protect the Personal Data of Data Subjects in accordance with the effective legislation.

2.4.          Although Controller will take diligent efforts to ensure safe storage and Processing of Personal Data, Controller cannot guarantee it to be 100% secure and risk-free.

 

3.               Collecting and Processing of Personal Data

3.1.           Types of Personal Data collected:

 

contact data

billing address, email address and/or mobile phone number

financial data

PayPal account details

identity data

a first name, maiden name, last name, username or similar identifier

communication data

messages Data Subject send to Controller, feedbacks and survey responses

3.2.           Collection of Personal Data:

direct interactions 

Data Subject may providePersonal Data when completing online forms, create an account, join the mailing list, or otherwise or correspond with Controller (by post or email)

 

3.3.          The Controller,in its capacity as Controller of Personally identifiable data, processes it with an appropriate level of security. Such Processing includes protection against unauthorized or illegal Processing and against accidental loss, destruction or damage while applying suitable technical and/or organizational measures in compliance with the following principles:

·      lawfully , fairly and in a transparent manner in relation to the Data Subject ("lawfulness, fairness and transparency");

·      data is collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes ("appropriateness in the Processing of Personal Data and purpose limitation");

·      adequate, relevant and limited to what is necessary for relation to the purposes for which they are processed ( " data minimization");

·      accurate and kept up to date;

·      limitation of the storage for periods not longer than necessary for the purposes for which they are processed ("storage limitation");

·      Processed in a manner that ensures appropriate security of the Personal Data, including protection against unauthorized or unlawful Processing and against accidental loss, destruction or damage;

·      Using appropriate technical or organizational measures ("integrity and confidentiality").

3.4.           The Controller processes Personal Data only if and to the extent, at least one of the conditions listed below shall apply:

·      Processing is required for the performance of an agreement with the Controller, to which the Data Subject is a party, or to undertake steps at the request of the Data Subject prior to the signing of an agreement with the Controller.

·      Processing is required for compliance with a legal obligation that applies to the Controller in its capacity as Controller of Personal Data.

·      Data Subject has given consent for the Processing of Personal Data for one or more specific purposes.

3.5.           Controller in its capacity as Controller does not collect or Process the Personal Datawhich reveal racial or ethnic origin, political opinions, religion or philosophical beliefs, trade union membership, genetic or biometric data, data concerning the health, sex life or sexual orientation of the natural person .

 

4.               Purpose of Personal Data Processing

4.1 General purpose:

Purpose

Type of data

Lawful basis

to register Data Subject account

identity & contact

to perform Controller‘s obligations

to provide services pursuant to Terms and Conditions

identity, contact, financial

to perform a contract with Data Subject;

as necessary for Controller’s legitimate interest.

to manage the relationship with Data Subject, notifying Data Subject about changes in this Privacy Policy

identity, contact

to perform a contract with Data Subject;

as necessary for Controller’s legitimate interest

as necessary to comply with a legal obligation

as necessary for legitimate interests in keeping records updated and analyzing how Data Subjects use Website.

to administer and protect our business and this Website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)

identity, contact

as necessary for our legitimate interests in running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganization or group restructuring exercise

as necessary to comply with any legal obligations

 

5.      Rights of Data Subject

 

5.1.          Right to information - Data Subject has a right to receive information about the Controller, as well as about the Processing of theirPersonal Data.

5.2.          Right of access to own Personal Data – Data Subject the right to receive from the Controller confirmation as to whether Personal Data related to them are processed and if so, to be given access to the data and the following information:

·      purpose of the Processing;

·      Processed Personal Data categories;

·      Personal Data recipients or categories of recipients, if any;

·      the intention of the Controller totransmit Personal Data to a third party;

·      Personal Data storage period;

·      the existence of the right to correct Personal Data, as well as the right to object against the Processing of Personal Data ;

·      the existence of automated decision making, including profiling (if any); information as to all rights that the Data Subject has;

5.3.          Right to rectification of Personal Data( if data is not accurate) - the Data Subject has the right to request the Controller to rectify, without undue delay, any incorrect data pertaining to the Data Subject .

5.4.          Right to the erasure of Personal Data( right "to be forgotten") - the Data may request the Controller to erase Personal Data if any of the conditions listed below exist :

·      Personal Data are no longer needed for the purposes they have been collected for or processed otherwise ;

·      Data Subject withdraws given consent, which data Processing is solely based on ,and no other legal grounds for the Processing exist;

·      Data Subject objects against the Processing and no legal grounds for the Processing exist that prevail ;

·      Personal Data were processed unlawfully ;

·      Personal Datashould beerased in order to comply with a legal obligation under the applicable European Union law or the laws of the United Kingdom;

·      ThePersonal Data have been collected in relation to the offering of information society services to children and the holder of parental responsibilities for the child gave consent .

5.5.          Right to the limitation of Processing by the Controller or by the Personal Data processor - specific conditions are required to be in place for that right to be exercised,namely:

·      The Data Subject disputes accuracy (up-to-date) nature of the data. In this case, the limitation of the Processing is over a period of time allowing the Controller to check the accuracy of the Personal Data ;

·      Processing isunlawful, but the Data Subjectdonot wishtheir Personal Data to be erased,but rather requirelimitation oftheir use;

·      The Controllerno longer needs such Personal Data for Processing purposes, but the Data Subject requires them for establishing, exercising or defending legal claims ;

·      The Data Subject has objectedtothe Processing while awaiting a checkto be performed whether the Controller legal grounds prevail over the interests of the Data Subject .

5.6.          Right to transferability (data portability) of the Personal Data between the various Controllers - the Data Subject has right to receive Personal Data pertaining to them , which they have provided to the Controller in a structured, widely user and machine-readable format. In addition, Data Subject ha s the right to transfer such data to another Controller without hindrance by the Controller, to which Personal Datahas been provided when Processing is based on consent or contractual obligation and is automated.

5.7.          Right to object against the Processing of Personal Data– Data Subject has right to object against Processing of their Personal Data, unless the Controller is able to prove that compelling legitimate g rounds for Processing exist that override the interests, rights, and freedoms of the Data Subject, or for the establishment, exercising or defense of legal claims.

5.8.          Data Subject also has the right not to be subject to decision-based solely on automated Processing, including profiling, which ensures legal consequences for the Data Subject or significantly affects the Data Subject otherwise.

5.9.          Right to defense through judicial or administrative procedure if the Data Subject rights have been breached - if the Data Subject decide that their right ha s been violated, they may file a complaint with the relevant supervision authority - or to file a claim with the court to defend their rights .

 

6.              Disclosure of Personal Data

6.1.          Controller may disclose Personal Datato the following categories of persons :

service providers

acting as processor or Controller based in the EEA but also around the world who provid e - ser vices and IT and system administration services.

professional advisors

acting as a processor or joint Controllers including lawyers, bankers, auditors and insurers based in Denmark who provide consultancy, banking, legal, insurance, and accounting services

HM Revenue & Customs, regulators and other authorities

acting as a processor or joint Controllers based in the EEA who require reporting of Processing activities in certain circumstances

third parties

third parties to whom we may choose to sell, transfer, or merge parts of business or assets.

6.2.          Controller will never disclose Personal Datato persons to enable them to provide Data Subject with information regarding unrelated goods or services.

6.3.          The information Data Subject provides to Controller may be transferred to and stored on Controller’s servers, or servers of third-party providers. It may be necessary to transfer collected data from Data Subject to locations outside of the European Union for Processing and storing.

 

7.               Exercise the rights

7.1.          In exercising their right to access Data Subject has the right to request from the Controller at any time:

·      Confirmation as to whether data related is processed by the Controller, the purpose of the Processing, the data category, and recipients of such data or the categories of recipients’ data is disclosed to;

·      To send them a message in an understandable form at , containing the Personal Dataof respective Data Subject to Processing and any information available as to the source of such data;

·      Information as to the logic of any automated Processing of Personally identifiable data pertaining to Data Subject, at least in the case of automated decisions under the provisions of the General Data Protection Regulation.

7.2.          Data Subject has the right to request at any time that the Controller :

·     erases , rectifies or blocks their Personal Data Processing of which is not compliant with the requirements of the effective legislation;

·     notifies the third parties to which the Personal Data have been disclosed as to any erasure , rectification or blocking, except when this proves to be impossible or would involve a disproportionate effort .

7.3.          Data Subject exercise their rights by filing a written request to the Controller, containing as a minimum the following information:

·      name, personal ID number, postal address, email address and other data allowing identification of the respective Data Subject;

·      description of the request;

·      Signature, date, correspondence address, and mobile telephone number.

7.4.          The filing of the request is free of charge. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

7.5.          Upon the filing of a request by an authorized person, the notarized power of attorney must beattached to the request.

7.6.          In case of death of the Data Subject, entitled heirs exercise the one’s rights. The certificate of heirs shall be attached to the request.

7.7.          The Controller shall review and pronounce on the request within 1 month as of its filing. This period may be extended by further two months, if necessary, for example, if the request is particularly complex or Data Subject has made a number of requests. Data Subject shall be informed of any such extensions within 1 month as of receipt of the request, stating the reasons for the delay.

7.8.          When you file a request by electronic means, the information is provided electronically, if possible, unless you have requested otherwise.

7.9.          We provide an answer to the requesting person taking into account their preferred form for the provision of the information (orally or in writing - as a hard copy or electronically) .

7.10.        Where data do not exist or their provision is forbidden by law, access to the requesting party to such data is refused .

7.11.        If the requesting party is not satisfied with the response received and/or believes that their rights related to Personally identifiable data protection were violated, theyareentitled to exercisetheirright todefense.

 

8.              Third Party Links

The Website may contain links to other websites, services, and web addresses. This privacy policy applies only to our Website, not those external websites, services and web addresses that we link to . Those websites, services and web addresses have their own privacy policies. We are not responsible for these external websites and services and their privacy policies and practices , as well as their compliance with applicable data protection laws . In addition, if you linked to our Website from an external site, we cannot be responsible for the privacy policies and practices of the owners and operators of that external website and recommend that you check the privacy policy of that external web site .

 

9.              Data retention

9.1.          We will store Personal Data for as long as it is reasonably necessary for achieving the purposes set forth in this PRIVACY POLICY and Terms of Service, which includes (but is not limited to) the period during which Data Subject has an account. We will also retain and use Personally identifiable data as necessary to comply with legal obligations, resolve disputes, and enforce agreements.

 

10.   Information for the Data Subject:

Contact details for the Controller

E-mail: Official@escademy.com

11.            Tracking & Cookies Data

11.1.        Data Controller do not use cookies and similar tracking technologies to track the activity on Website.