• Deutsch Português French Italiano Polish English Spanish
  • Privacy Policy



    Purpose and subject matter of this Privacy Policy


    We, NoGame.club ("NoGame" or "we"), provide client and browser-based online games. On our platforms, which comprise our internet pages, forums, support, our newsletter and online games (‘Services’), we provide information and exchange about our games and their use. This should be as pleasant, fair and trouble-free as possible for all users. In order to ensure this and the long-term success of our services, NoGame services are continuously improved.


    Here it is unavoidable that information about the individual user and their hardware is collected, stored and ultimately used to fulfil different purposes.


    The trust of our community is of the utmost importance to us. In this Privacy Policy (‘Privacy Policy’) covering the NoGame.club services we wish to provide you with a complete picture of how we use your personal data and what rights you have with regard to this data. This Privacy Policy provides comprehensive information regarding the ways in which we process your data, what we do with your data and the legal basis upon which we do this.


    Your rights and our obligations regarding how we deal with your data have a very high priority for us. We only process your data where absolutely necessary, doing so in a secure and responsible manner, with the greatest care and attention to the legal requirements.


    1. Details regarding data controller and data protection officer


    We want to live up to your trust. You can contact us for any questions, suggestions or complaints you may have regarding the way we handle your data in general, or with regards to this Privacy Policy in particular.


    1.1 Data controller


    The data controller responsible for processing personal data is NoGame.club. We can be contacted for general enquiries regarding data protection at the address provided, by email at info@nogame.club or through our ticket support system.


    2. General information regarding data we process and how we collect it


    In this section we inform you how we collect your data.


    2.1 Legal basis for processing data


    We ensure from the moment of collecting your data that this is done in a reliable, transparent and appropriate manner. In judging whether we have the right to collect data, and how this data is to be processed, we orientate ourselves on the requirements of applicable law, in particular on the provisions of the EU General Data Protection Regulation (‘GDPR’), the Data Protection Act of the Federal Republic of Germany and other legal provisions relating to the handling of personal data.


    2.2 Data automatically collected by us


    When using our Services, system and user-related data is collected automatically and without any further action on the part of the user. For example, when you visit our website, the general specifications of your internet browser (e.g. type and version), time of access and the related IP address (an individual address associated with your internet connection at this time), as well as system configuration details (e.g. screen resolution and operating system version) are collected and recorded in server logs. As a rule, this information is not used to identify a specific internet user.


    In the same way, when you log into a NoGame.club account (e.g. when logging into a user account for our forums, support or one of our online games), corresponding data may be collected automatically. You can find more information about this in sections 3 to 5.


    This data is processed for the purposes of safeguarding the ours legitimate interests (GDPR Article 6(1)(f)) to ensure the secure and smooth operation of our Services, their optimisation, and for the registration, performance or termination of the user agreement with you (GDPR Article 6(1)(b)).


    2.3 Data generated by us


    In the process of registering an account, and during its subsequent use, we generate data at different times and for different reasons.


    This includes an individual username. This identification (e.g. account or character IDs) serves the purpose of pseudonymisation and is required for technical reasons, for example for logging into and using a user account or for saving information concerning payment transactions separately. With regards to the data generated by us, this also includes data which may be recorded by our support team or community management for the purposes of carrying out their tasks. Where there is suspicion that there has been a violation of our rules of the game and Standard Terms of Use, this may include checking and documenting the facts of the case and, if necessary, issuing warnings, but potentially also comments in favour of the user concerned, such as special authorisations permitted in individual cases by the respective rules of the game.

    This data is processed for the purposes of safeguarding the ours legitimate interests (GDPR Article 6(1)(f)) to ensure the secure and smooth operation of our Services, their optimisation, and for the registration, performance or termination of the user agreement with you (GDPR Article 6(1)(b)).


    2.4 Data provided by you


    The majority of the personal data we process is provided directly by our users. Basic information is collected when registering an account (generally your email address and chosen pseudonym to identify your user account, your game characters and other game elements). As a rule, we do not collect any specific data such as the user’s name, date of birth or address. In individual cases (e.g. during competitions) such data may be provided by the user.


    The data provided by users also includes the content they have written (for example, texts written in a forum or within the game or other messages sent to us by a user).


    Generally, the basic versions of online games offered by us can be used free of charge. However, the user has the option to purchase additional content. For such transactions, users therefore provide us with information that is required by us or our payment service providers in order to complete the payment.


    This data is processed for the purposes of safeguarding the ours legitimate interests (GDPR Article 6(1)(f)) to ensure the secure and smooth operation of our Services, their optimisation, and for the registration, performance or termination of a user agreement (GDPR Article 6(1)(b)).


    2.5 Data we collect from external sources


    In some cases we receive personal data from third parties. This is primarily the case when using a third-party login (for example, when logging into our Services via a Facebook or Steam account). The data thus obtained shall be limited to what is necessary for the login in question. However, the respective third-party provider is responsible for the scope of the transmitted data. We therefore recommend that you read the data protection regulations of the third-party provider carefully before using a corresponding login option.


    This data is processed for the purposes of safeguarding the ours legitimate interests (GDPR Article 6(1)(f)) to ensure the secure and smooth operation of our Services, their optimisation, and for the registration, performance or termination of the user agreement with you (GDPR Article 6(1)(b)).


    2.6 Voluntary provision and processing


    The provision of personal data and the associated use of our Services are entirely voluntary. The use of our Services, however, may require the provision and processing of certain data for technical or contractual reasons. For the registration of a user account, for example, the provision of a valid email address is essential and in order to complete a payment transaction, the necessary information must be provided.


    For this reason, failure to provide the necessary data may mean that we are unable to provide certain services. Equally certain rights may be exercised in individual cases which mean that we are unable to provide our services to the contractually agreed extent. Should this occur, we will inform the person in question of the consequences in each individual case.


    3. Special details regarding scope and purpose


    In this section we explain comprehensively in which specific cases we process your data.


    The data is processed directly by NoGame within the territory of the EU. Should in individual cases personal data be processed by a different body, such as a company associated with us or a service provider, potentially in a third country (outside of the European Union or the European Economic Area), this will always proceed within the legal framework and on the basis of a contract with the respective third party which stipulates compliance with all relevant data protection regulations.


    3.1 Advertising on third-party sites and links to our website


    Like many other companies, we advertise our services on external websites. A typical example are banner adverts, which are displayed on third-party websites as a graphic advertising one of the online games we offer and linking to the corresponding NoGame website via a hyperlink. Our partners do not provide such advertisements free of charge. The success of the advertising campaign is decisive in calculating the partner’s remuneration. In order to determine this, an ID is generated when a user clicks on the advertisement. This ID is then allocated to the user’s account when they subsequently register for a NoGame account. This enables us to determine the number of new users we have gained through the campaign in question. Finally, the advertising partner receives a complete overview of these registrations from us and issues us an invoice based on these. In some cases, partners also receive remuneration in the event that a customer completes a payment transaction. However, we do not pass on personal information about individual users to our advertising partners.


    When surfing external websites, the site operator may also set cookies (see 3.6) or create a device ID or a fingerprint (an individual value calculated from the sum of different characteristics of a user’s system) that enable the respective provider to track the surfing behaviour of its visitors. We therefore recommend that you always read the data protection provisions of a page you visit carefully.


    NoGame has no interest in tracking the external surfing behaviour of its users. However, we have a legitimate interest in finding out from which websites or through which advertising campaigns our customers have found their way to us and which areas of NoGame’s services are of particular interest to users (see sections 3.5 and 3.7).


    This data is processed for the purposes of safeguarding our legitimate interests (GDPR Article 6(1)(f)) in promoting our Services and the evaluation and billing of our advertising campaigns.


    3.2 Visiting our web pages without registering


    To the greatest possible extent, the NoGame web pages can be visited anonymously to gain information about our online games. Registering on the website is only necessary if you wish to use functions that require a NoGame account. For example, participation in our games or forums is only possible once you register and log into your new NoGame account. Irrespective of this, personal data may be collected and processed by us without registration in the following instances.


    3.2.2 Server logs


    In using our Services, server logs are created (see 2.2 and 3.13) which log certain connection and usage activities.


    For example, page views, times of access, the registration of a user account and the IP address allocated to your internet connection are recorded for the purposes of identifying and preventing cyberattacks or attempted manipulation, as well as for statistical analysis and the improvement of our Services. Where necessary, other technical details such as the MAC address (the network address of your network adapter) or similar identifying features may be recorded.


    This data is processed for the purposes of safeguarding the ours legitimate interests (GDPR Article 6(1)(f)) to ensure the secure and smooth operation of our Services, their optimisation, and for the performance or termination of the user agreement with you (GDPR Article 6(1)(b)).


    3.3 Communication with NoGame


    Our community is welcome to contact us for all general questions relating to NoGame and our Services. We are also happy to answer questions relating to this Privacy Policy and data protection at NoGame. There are a number of ways you can contact us. Certain personal data will be recorded when using one of these channels.


    In processing this data when you contact us, we exercise our legitimate interests (GDPR Article 6(1)(f)) for the purposes of remaining in contact with you, potential contract partners and others who may contact us. In as far as a message aims at the conclusion of a contract between us and the enquiring person, or for clarifying contractual issues, processing this data may serve as the basis for initiating, executing or terminating a corresponding contract (GDPR Article 6(1)(b)). In individual cases this may be necessary to fulfil a legal obligation we are subject to (GDPR Article 6(1)(c)).


    3.3.1 Contacting us by email


    Email provides a convenient method of contact. We receive the sender’s email address and the contents of the message when an email is sent to us. The sender’s IP address will also be transmitted.


    3.3.2 Contacting us via our support department


    We provide our users support as described in 3.4.4. When using this our Service, the email address, the IP address, the contents of the messages and such data that arises during the general use of NoGame web pages are collected.


    3.3.3 Contacting us via social networks


    We also have a presence on social networks such as Facebook and other external platforms. It is generally possible to contact us via the channels provided on these platforms (e.g. private messages or wall postings). In so doing we receive the information which is typically visible when using such messages (e.g. the username used on the social network). We recommend that you read the privacy policy and terms of use of the relevant platform before using this contact method.


    3.4 Registering and using a NoGame account


    When using our Services, you can create personal user accounts in accordance with our Standard Terms of Use and the relevant rules of the game. Such NoGame accounts can be registered for individual our Services such as game pages, forums, support or online games. In the future, it may also be possible to create a central NoGame account for all our Services.


    The respective our Services serve different purposes. Depending on the our Service used, different personal data is therefore processed as a result of registering and using a NoGame account.


    3.4.1 Registering and using an account for our game pages and optional payment processes


    The purpose of the game pages is first of all to provide information about the corresponding online game.


    As a rule, contracts of use are also concluded between you and us and the subsequent use and management of your NoGame account is made possible. As part of the registration process, we create a NoGame account for you with the data you provide and the data we generate, such as an account ID, and record the time of registration. At the end of the process you will receive a message from us to the email address you have provided confirming the registration of your NoGame account. In addition to the summary of your basic information, this message may contain an activation link that you can use to confirm your email address. This confirmation, the IP address assigned to you and the confirmation time will be stored by us for verification purposes.


    In this way, we will also send you contract-related notifications such as confirmation of changes to your password or the email address provided, as well as information about changes to your contract status.


    When using the game pages, basic information, usage and (when carrying out an optional payment process) billing data are processed. By basic information we mean the registration information of the NoGame account, such as its pseudonym, the email address provided, the account IDs and, if applicable, character IDs or comparable characteristics, as well as the time of registration and the encrypted password selected by the user. Usage data comprises information that arises in the context of the actual use of a our Service. This includes the IP address, time of use and the NoGame pages visited. We use this information to identify suspicious logins and to process your requests for support. We also use this data to ensure compliance with our terms of use and, for example, to detect and prevent inadmissible multiple registrations.


    Likewise, payment transactions and thus contracts for the paid acquisition of virtual articles and for the arrangement of fee-based memberships can be concluded via the game pages. To confirm your orders and the respective contract, we will send you a corresponding message to the email address you have provided. When carrying out these optional payment transactions, we work with carefully selected payment service providers to offer you a wide range of common and convenient payment methods. When you carry out such a transaction, billing data is generated. This includes, for example, the IP address and the time of a payment transaction, the premium currency and the quantity ordered. The chosen payment method and associated details such as shortened credit card numbers (when paying by credit card) or encrypted telephone numbers (for telecommunications-based payments in connection with a landline or mobile phone) as well as an individual payment ID are also recorded and stored. This data can also be used by us to detect irregularities and to prevent attempts at fraud. In order to complete a payment transaction, it is also necessary for us to transmit the information required to allocate the transaction to the payment service provider. We may in turn receive additional information from the respective payment service providers, which we require and use solely for reasons related to tax law.


    This data is processed in pursuit of our legitimate interests (GDPR Article 6(1)(f)) in the provision of our services and the security of our Services. In addition, the processing procedures described serve to initiate, perform and terminate contracts of use or contracts for the paid acquisition of virtual articles and for the arrangement of fee-based memberships (GDPR Article 6(1)(b))


    3.4.2 Registering and using an account for our online forums


    The online forums can be an integral part of a game site or an independent our Service. Our forums provide you with a discussion platform and enable exchange with other members of our community. Here publicly accessible forum profiles are created, which can be supplemented by voluntary additional information such as profile pictures, information on place of residence, occupation, gender or age.


    Furthermore, publicly available discussion posts and private messages to other forum users can be written. We recommend that you handle your data with care. Only share information with other users that you think is necessary. Keep this in mind especially with regard to sharing images or your contact details.


    In addition to such content written by the users, a registered forum account may also be included in a publicly available list of members, which enables forum members to contact each other.


    When using the online forums, usage data such as the IP address is collected for technical, security and support reasons and individual data such as a user or contribution ID is generated and stored.


    This data is processed in pursuit of our legitimate interests (GDPR Article 6(1)(f)) in the provision of our services and the security of our Services. In addition, the processing procedures described serve to initiate, perform and terminate contracts of use (GDPR Article 6(1)(b)).


    3.4.4 Registering and using an account for our ticket support system


    In addition to ticket support, you can also contact our support team with questions about our Services and receive help in solving technical or game-related problems. Ticket support works similar to the online forums. However, the tickets written by a user and the answers received (content data) can only be viewed by the user and members of the support team, as well as NoGame collaborators whose task it is to process such tickets. A NoGame account is also required to use ticket support. During registration, information about the registration process is collected, such as the time of registration and the IP address assigned to it. In addition to a user and ticket ID, the contents of the tickets are also stored.


    This data is processed in pursuit of our legitimate interests (GDPR Article 6(1)(f)) in providing and optimising our services. In addition, these processing procedures serve to fulfil the contract of use (GDPR Article 6(1)(b)).


    3.4.5 Registering and using an account for our online games


    Our online games are a central component of our Services. In comparison to other our Services, the majority of data is collected, stored and processed through the use of our games. However, only some of this is personal data. It is also possible to use our online games using a pseudonym. In this case therefore, we generally do not know the identity of the users.


    In addition to the above-mentioned basic information and usage data, content data is also processed in connection with the online games. This includes chat messages and in-game messages written by users.


    Usage data also includes certain non-technical information about individual game scores, such as completed payment transactions and shop actions, the respective game time, number of logins, character level and level upgrades or information about rule violations, which is automatically collected by our system. In contrast, non-personal technical data such as item IDs, map coordinates and similar game-related information, which is categorised as confidential information protected as part of our trade secrets, is also processed automatically.


    We use basic information, content and usage data to determine the popularity of game content and game functions such as shop items, to process your support requests, to check compliance with the terms of use and rules of the game and to detect and sanction any potential illegal actions in an appropriate manner. As in all comparable cases, this includes contacting you by email, issuing a warning and restricting certain functions or terminating the relevant user contract in the event of a corresponding violation. In serious cases, we may also use the relevant data to assert or defend legal claims.


    In our browser games in particular, special game functions are possible, such as publicly accessible high scores and overviews, which highlight special game performances and make sanctioned rule violations transparent for all users, showing the misconduct that caused the sanction.


    This data is processed in pursuit of our legitimate interests (GDPR Article 6(1)(f)) in the provision of our services and the security of our Services. In addition, the processing procedures described serve to perform and terminate contracts of use or contracts for the paid acquisition of virtual articles and for the arrangement of fee-based memberships (GDPR Article 6(1)(b)).


    3.4.6 Needs-optimised design of our Services


    In order to provide you with a convenient user experience, we can tailor our Services to your needs. For example, we can submit individual offers to you and place associated advertisements, or we can configure the arrangement and graphic design of control elements of our Services in such a way that is optimised for you.


    This data is processed in pursuit of our legitimate interests (GDPR Article 6(1)(f)) in the provision of our services in the most agreeable manner for you.


    3.5 Coverage analysis, tracking and analysis


    As described in 3.1, we have no interest in monitoring the surfing behaviour of our page visitors, nor do we track what you do on the internet after using our Services.


    However, we have a justified interest in the optimisation, further development and demand-oriented design of our services and in being able to better assess the benefits of our advertising measures and to remunerate them in accordance with contractual obligations. This includes information regarding how our Services are used and from which external pages users find their way to us. We also want to learn about which pages are viewed, how often, how long the page takes to display in your browser and how much time is spent viewing a page, so that we can identify errors and further improve our Services.


    For these purposes we use tools such as Google Analytics described in section 3.5.1 below. The NoGame pages also use a variety of cookies for these purposes, explained in more detail in section 3.6 and in our Cookie Policy.


    This data is processed in pursuit of our legitimate interests (GDPR Article 6(1)(f)) in the optimisation and smooth operation of our Services and fulfilling the contracts with our partners.


    3.5.1 Google Analytics


    Our internet pages use Google Analytics in various places, a web analysis service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (‘Google’). Google is certified under the EU-US Privacy Shield Framework and guarantees adherence to European data protection regulations.


    Google Analytics uses cookies (see also section 3.6 and our Cookie Policy). The information generated by this cookie about your use of NoGame’s internet pages is transmitted to Google’s servers in the United States of America and stored there. By activating IP anonymisation on the affected NoGame websites, however, your IP address is abbreviated by Google from within the European Union member states or other signatories to the agreement via the European Economic Area. The full IP address will be transmitted to a Google server in the USA and shortened there only in exceptional circumstances.


    As part of an agreement on the processing of personal data on behalf of NoGame, Google may use this information to evaluate your use of our internet pages, to compile reports on the website activities and to provide NoGame with further services associated with the use of the website and the internet. The IP address transmitted from your browser via Google Analytics will not be associated with any other data held by Google. You may prevent the use of cookies by selecting the appropriate setting in your browser software; however, please note that in this case you may not be able to use all functions of the NoGame web pages to their full extent (see also section 3.6). You may also prevent the collection and processing of the data generated by the cookie and relating to your use of NoGame’s websites (including your IP address) by Google by downloading and installing the browser plug-in available under the following link: https://tools.google.com/dlpage/gaoptout?hl=en


    Further information regarding how Google uses your data can be found on Google’s internet pages, in particular in their privacy policy (https://policies.google.com/privacy).


    3.5.2 Tracking and analysis


    In order to optimise our Services and especially the online games for a better user experience, we would like to understand how our services are used and whether optimisations and new functions are successfully accepted.


    For example, to determine if a new quest is in need of optimisation, we could measure how many users have already accepted this quest and within what time it was completed, or which quest phases took longer to complete. We can also test which item description for shop items leads to greater popularity among users. Similarly, the number of clicks on a link to an information page and the length of time spent on that page can help us determine whether the page in question is necessary or needs to be improved.


    As a rule, the relevant information is aggregated so that we can extrapolate results from the collection of individual data points, which in most cases cannot be traced back to individual users.


    When information is not aggregated, your data is generally processed in a pseudonymised form. In certain cases, we may display personalised offers, i.e. adapted to the needs of the individual user, based on individual usage behaviour. It is possible, for example, to offer appropriate equipment items to a user who prefers PvP combat or to hide less interesting quests for a user who prefers a particular type of quest.


    3.6 Cookies


    NoGame websites make use of cookies. The NoGame websites use a cookie banner, which informs you about our use of cookies when visiting our internet pages, and links to our Cookie Policy which contains further information about our cookies.


    When you open NoGame websites in your browser, cookies are saved to your system for their respective lifespans. They are not executable applications and do not contain any elements that can cause damage; instead they hold a sequence of characters relevant to their function. Simply put, cookies are small text files in which information in connection to the opened website is saved.


    It is through this that certain functions on NoGame internet pages are made possible. Cookies allow your browser to be recognised when revisiting the site, for instance, making it easier and more secure to log into a NoGame account, and allowing settings you choose, such as the display language or screen size and orientation in a browser game, to be loaded automatically. Cookies enable us to present NoGame websites to you in a functional and user-friendly format and in a manner that suits your requirements.


    Alongside these technically-required and useful functions (necessary cookies and functionality cookies), cookies also enable us to collect and analyse data regarding the use of NoGame’s websites (analysis cookies). This allows us to see how frequently a NoGame website is visited, how often specific page functions are used, or whether and at what stage errors occur (performance cookies).


    Cookies are also used to deliver interest-targeted advertisements (advertising cookies). The information associated with NoGame cookies is generally saved in a pseudonymised form however, which prevents us from linking it directly to an individual user without the enlistment of further information.


    In addition to our cookies (first-party cookies), cookies from third-party providers (third-party cookies) may also be set. For more information regarding these cookies, we recommend you read the data protection policies of their respective providers.


    Cookies will be automatically removed from your system regularly, once you leave NoGame websites or if you end your session by logging out (session cookies). Some cookies may, however, remain stored on your system. To prevent this, you can change your browser settings to block all cookies, permit only specific cookies, or delete all stored cookies completely when the browser is closed. If you wish to make use of these settings, please follow the respective directions provided by your browser. Please note, however, that for technical reasons visiting the NoGame websites with such settings may make them partially or wholly inoperable, or otherwise limit the service provided.


    In as far as personal data is processed by cookies, this activity is carried out in pursuit of our legitimate interests (GDPR Article 6(1)(f)) in offering and optimising our services. In addition, the processing procedures described serve to perform contracts of use or contracts for the paid acquisition of virtual articles and for the arrangement of fee-based memberships (GDPR Article 6(1)(b)).


    3.7 Online advertising and customer communication


    In order to further increase the awareness of our online games and thereby win new customers or win back former users, we carry out various online-based advertising.


    This data is processed in pursuit of our legitimate interests (GDPR Article 6(1)(f)) in the advertising of our services.


    3.7.1 Advertising on NoGame websites


    We can display advertisements in selected areas of the NoGame web pages. As described in 3.1, when a user clicks on these ads and then subsequently registers a NoGame account, an ID is transferred. This enables us to determine the benefits of internal advertisements and optimise our advertising measures.


    3.7.2. Email newsletter and recommendations via email


    When registering a NoGame account and concluding a corresponding user agreement, you must provide your email address. We do not only send contract-related messages to this address, but also information about NoGame, new online games in our portfolio or adjustments to existing our Services at regular intervals. In order to send you a suitable newsletter, we also use information such as the online game you are using and the account name you have chosen. In aggregated form, we record how often our newsletter has been read and which links contained therein have been opened. This information cannot be used to identify individual users.


    We only use NoGame email addresses such as NoGame@news.NoGame.com. For security reasons, always check incoming emails to see whether we have sent the message in question. If you have any concerns or questions, please contact our support department.


    If you do not wish to receive such a newsletter, you can object to the use of your email address for these purposes by clicking on a link contained in each of our newsletters. You do not incur any costs for cancelling the newsletter. This does not apply to any amounts invoiced to you by your internet provider. Further information on your right to object can also be found in section 6.5.


    The use of your email address for the purpose of sending the newsletter, and sending the email itself, takes place on the basis of Article 6(1)(f) of the GDPR and Section 7(3) of the Act Against Unfair Competition.


    Furthermore, our Services can make it easier for you to recommend the respective service by copying a text provided by us to your clipboard which you can customise and paste into the email program of your choice. You can then enter the address of the recipient you have selected and send the message to them. We do not collect your email address or that of the recipient.


    3.7.3 External advertisements


    We book various advertising media on external websites such as blogs, games, video portals and social networks. These can include, for example, graphic advertisements, advertising texts or videos, which feature a link to a NoGame page. By clicking this link you will usually be redirected to a landing page, which can be provided by us or a hosting provider. As described under 3.1, the origin of the page view can be determined to evaluate the success of an advertising campaign and its remuneration.


    Our ads can be personalised. Following the entry of a NoGame-related search term or after calling up a NoGame internet page, you may encounter customised advertisements on external internet pages. This is made possible by the use of cookies and the transfer of pseudonymous identifiers, which were previously converted into hash values, to the respective external site operator. We do not receive any information about users’ individual surfing behaviour.


    3.8 Conducting surveys


    In order to improve our services, we conduct surveys at various intervals. We use survey tools that are implemented on our servers and as a rule allow voluntary participation in an anonymous form. If personal data is to be collected in individual cases, we draw attention to the voluntary nature of the information in question and to the specific intended use by means of additional data protection provisions.


    This data is processed in pursuit of our legitimate interests (GDPR Article 6(1)(f)) in providing and optimising our services.


    3.9 Competitions


    From time to time we organise various forms of free competitions. Depending on the specific form of such a competition, the processing of participants’ personal data is required for the purpose of checking eligibility, selecting the winners and subsequently sending the prizes. Our terms and conditions for participation in the competition therefore contain additional data protection information.


    Hosting competitions serves the pursuit of our legitimate interests (GDPR Article 6(1)(f)) in creating ties to our community. In addition, the processing procedures described serve to perform a possible contract with the participants and winners of the respective competition (GDPR Article 6(1)(b)).


    3.10 Integration of external services and plug-ins


    To extend the scope of functions and optimise user comfort in some areas on the NoGame internet pages, we use third-party services and related plug-ins, which make the selected functions of these services available.


    For example, we integrate single sign-on functions that enable you to log into a NoGame account via your external user account with the respective third-party provider.


    We also integrate plug-ins that allow you to play our trailers and gameplay videos without having to leave the NoGame websites.


    By using the corresponding functions you connect to servers of the respective third-party provider. Personal data such as the IP address, the website currently being accessed and the time of use may be transmitted to the third-party provider. We therefore recommend that you read the data protection regulations of the third-party provider carefully before using the respective function.


    This data is processed in pursuit of our legitimate interests (GDPR Article 6(1)(f)) in providing and optimising our services.


    3.11 IT security measures


    Guaranteeing the security of our Services at all times is an important matter to us. To this end we use standard hardware and software solutions for monitoring the security status of our systems, in order to identify malicious activity such as DDoS attacks, malware or unauthorised login attempts and other attempted manipulation. In addition to such measures, we also review our server and system logs.


    Executing these IT security measures constitutes pursuit of our legitimate interests (GDPR Article 6(1)(f)) for the purposes of ensuring the availability of our services and the security and protection of our Services.


    3.12 Ensuring compliance with the Standard Terms of Use


    In order to provide all users with a balanced, fair and proper gaming experience, we prohibit the use of hacks, bots, cheats and similar instruments and any other illegal activities such as insults, harassment and hate speech in our Standard Terms of Use and game rules. We do not tolerate any violations of the law and because such disruptive actions also massively impair the fun of the game and lead to considerable economic damage, we ensure compliance with our Standard Terms of Use and the rules of the game in an appropriate manner.


    Ensuring compliance with our Standard Terms of Use and the applicable rules serves the pursuit of our legitimate interests (GDPR Article 6(1)(f)) in the provision of our services and the security of our Services. In addition, the processing procedures described serve to perform and terminate contracts of use (GDPR Article 6(1)(b)).


    3.12.1 Supervising the game and monitoring logs


    We use manual controls to ensure compliance with our Standard Terms of Use and rules of the game. To this end, collaborators and members of the support team participate in our online games, online forums and take immediate action against rule violations. In addition, any reported anomalies are checked by viewing the log files and, if necessary, penalised.


    3.12.2 Software solutions


    As it would be impossible to continuously supervise the numerous different our Services and game servers as defined in 3.12.1 manually, we also use selected software solutions to detect and prevent violations of our Standard Terms of Use and the rules of the game.


    Such software solutions serve exclusively for the detection and exclusion of cheats and hacks, irregular multiple logins as well as the detection and suppression of fraud attempts. To this end, we have implemented appropriate server and client-side protection measures.


    If an additional application is installed on the user’s system during the installation of client software, we will inform you of this in a transparent manner during the installation process. The installation can be aborted, which means that the relevant security application will not be installed. It is also possible to uninstall the respective application together with the game client at any time. However, for technical and economic reasons the use of the online game protected in this way cannot then be offered. Once it is successfully installed, the application runs together with the online game and checks the game-related processes and the integrity of the game files during runtime. No further search or monitoring of the system takes place. If an attempted rule violation is detected, it can either be logged and later sanctioned or immediately ended. This is connected with the NoGame account used for the violation being deregistered and blocked according to the rules specified by us and generally leads to the termination of the relevant user contract. This may also include the detection and blocking of connected NoGame accounts. The related processing of personal data such as the collection of IP addresses, hardware information and gaming activities, as well as account information, is generally carried out by us. If we commission an external service provider for this, it is done in accordance with the legal requirements and with strict respect for your rights. In addition, we point this out to you transparently during the installation of the relevant online game.


    We also use server-side software solutions that detect inadmissible logins and fraud attempts on the NoGame internet pages and block them according to rules specified by us. If actions of this kind are detected, this can also lead to the blocking of the NoGame account used and associated user accounts or to the blocking of certain functions as well as to the termination of the respective user contract. The commission of an external service provider is done in accordance with the legal requirements and with strict respect for your rights.


    In addition, affected users are free to contact us at any time concerning a decision taken based on the protective measures. We will carefully examine the relevant details and inform you promptly of a final decision based on the respective facts and will justify this decision in a transparent manner.


    3.13 Processing for statistical purposes


    In certain areas of our Services we collect data such as the operating system and version, browser and version, IP address and other system data. We use this data for statistical evaluations, in particular for the purpose of adapting our Services to the users’ needs. Where possible, the data is anonymised and aggregated; otherwise the data is pseudonymised. None of this information is disclosed to third parties.


    We process this information for statistical purposes in line with our legitimate interests (GDPR Article 6(1)(f)) for the optimisation of our services.


    3.14 Improving our Services


    In many cases, personal data is processed for the purposes of improving our Services, for identifying and correcting errors, improving security and improving usability.


    We do so in pursuit of our legitimate interests (GDPR Article 6(1)(f)) in terms of providing and optimising our services and the security of our Services.


    3.15 Safeguarding other legal interests


    In individual instances, we may process personal data to serve other legal interests, such as in cooperation with relevant authorities, or the enforcement, establishment or defence of legal claims.


    We act here in line with our legal obligations (GDPR Article 6(1)(c)) or in line with our legitimate interests (GDPR Article 6(1)(f)) for the enforcement, establishment or defence of legal claims.


    3.16 No change of purpose


    In order to ensure that the purposes stipulated in this Privacy Policy can be pursued sustainably, we reserve the right to change the way in which data is processed to conform to legal or company requirements, for example by optimising our data processing activities, or implementing new processes. This will always be done with the greatest attention and under strict adherence to the legal provisions. We do not intend to change these purposes in a way that is not compatible with the specified purposes without your express consent. In order to maintain the maximum transparency we are striving for, we will display and inform you of relevant adjustments in this Privacy Policy.


    3.17 Balance of interests


    In as far as we process personal data on the legal basis of Article 6(1)(f) of the GDPR, that being in pursuit of our legitimate interests, we firstly determine our interest in processing the data in question. This is then weighed against the expectable interests of the affected persons, taking into consideration the desired purpose, the form of data processing and the associated risks to the rights and freedoms of the affected persons. At the same time we consider whether the technical and organisational measures taken are sufficient to meet the necessary level of protection. We only process data on this basis where this is the case, and the data processed is limited to that which is indeed required.


    4. Forwarding and transferring personal data


    As a rule, your data is only processed directly by us within the territory of the EU, and always for the purposes listed in this Privacy Policy. This section details how and why personal data may in certain instances be forwarded or transferred.


    4.1 Reasons for forwarding and transferring personal data

    Your data will only be internally forwarded or externally transferred where necessary in achieving one of the aims outlined in this Privacy Policy. Any data forwarded or transferred is limited to the amount absolutely necessary.


    4.2 Internal and external recipients of personal data


    As a rule, your data is passed on internally to the department responsible for the respective processing, which is then processed only by the collaborator(s) responsible. For example, we can forward a complaint received by post to the responsible support collaborator. Our collaborators are trained in the field of data protection, are bound by obligations of confidentiality and data privacy, and are committed by company guidelines and instructions to handle your data in accordance with legal requirements and the contents of this Privacy Policy.


    For technical, legal or business reasons it may also be necessary in certain cases to pass your data on to third parties. For instance, it may be necessary that we forward your data to a company associated with us.


    Furthermore, carefully selected service companies make their data centres available to us for sending our newsletter and integrating payment methods. We also work with service providers who enable us to assess the success of an advertising campaign or support us in avoiding fraud attempts and breaches of the rules. Should it be required by law, we also forward data to the relevant authorities to the necessary extent. In as far as we require external advice from third parties, in particular legal advice, for the purposes of enforcing or defending legal claims, we may also transfer the necessary data to these recipients.


    Any transfer is performed exclusively for the purposes detailed in this Privacy Policy with the greatest attention and under strict adherence to the legal provisions, in particular the conclusion of an agreement for processing data by contract as per Article 28(3) sentence 1 of the GDPR.


    4.3 Recipients in third countries

    Before any personal data is transferred, we check first of all whether the legal requirements for the transfer in question are met. This includes ensuring that we only forward personal data to recipients who can guarantee a sufficiently high level of protection for personal data. For this reason, we only transfer data to recipients in third countries (see section 3) when this level of protection for personal data is provided in the country. This is the case where the European Commission has made a decision confirming the country in question meets the standards of data adequacy. Such a level of data adequacy may also be present when a service provider from the United States of America is certified according to the EU-US Privacy Shield, or the transfer is concluded on the basis of the European Commission’s standard contractual clauses.


    5. Data retention


    In this section, we explain how long we store the personal data we collect.


    We do not retain personal data without purpose. Any data we store is done for a specific purpose and is bound to this purpose. The length of time data is retained is primarily linked to the basic purpose and necessity of storing it. Personal data is therefore only stored in as far as it is required for a specific purpose.


    When determining the retention period, we first check whether it is necessary to store the relevant data for the entire term of a contract with the persons concerned. This is particularly the case with basic information such as the registered email address. In individual cases, such as in the case of forum posts, storage may also take place in addition to this for information reasons.


    If such permanent storage is not required, we will check the minimum storage period specifically required for the purposes specified in this Privacy Policy. Complaints and support requests, as well as usage data that may result in a rule violation, are stored until it is no longer necessary for asserting, enforcing or defending legal claims or for further support cases. Our standard is the regular statute of limitations of two years. If the data need only be saved for technical reasons for a short time (for example, during your current session), this data will only be stored for the period of use and a maximum of 30 days.


    Finally, we check whether any legal retention periods apply, particularly in terms of taxation law or commercial law, which may for example require documents to be stored for a period of six to ten years.


    If there is no cause to process the data, the data is no longer required for this purpose, and there are no legal requirements to store the data, we delete it.


    6. Your rights


    In this section we inform you about the rights individuals have in regard to the processing of their data and how these rights can be exercised.


    6.1 Right of access


    You have the right to demand confirmation from us regarding whether we are processing your data. If this is the case, you also have the right to demand comprehensive information, a free copy of the data and more information from us.


    6.2 Right to rectification


    Should the data relating to your person be incorrect or incomplete, you have the right to demand that the data be corrected or completed.


    6.3 Right to erasure


    You have the basic right to demand the immediate deletion of your data. Legal reasons may however stand in the way of this, in particular legal data retention requirements. In individual cases your data may also be required for the establishment, exercise or defence of legal claims. In such instances we will process the affected data strictly in accordance with this purpose, followed by immediate deletion as soon as the relevant reasons for retention no longer apply. We will inform you in such instances accordingly.


    6.4 Right to restriction of processing


    As an alternative to the deletion of your data, you have the basic right to demand restrictions in how we process your data. If you make use of this right, we are essentially restricted to storing the associated data. Processing the data in other ways is only permissible with your consent, or for the purposes of establishing, exercising or defending legal claims, or to protect the rights of other natural persons or legal entities.


    6.5 Right to object


    On grounds relating to your situation, you have the right to object to the processing of personal data associated with you, in as far as the specific processing is pursuant to our legitimate interests in accordance with Article 6(1)(f) of the GDPR. Should you have and exercise your right to object, we will no longer process the affected data.


    In exceptional cases your right to object may not be exercised, where we have a compelling legitimate reason for processing the data which overrides your interests, rights and freedoms, or for the establishment, exercise or defence of legal claims. This exception does not apply, however, when you object to the processing of your data for direct marketing purposes, including marketing-related profiling. You may exercise your right to object to these purposes at any time.


    6.6 Withdrawal of consent


    If we are processing data on the basis of the consent you have provided, you can withdraw your consent effective for the future at any time. We will cease processing your data upon receiving withdrawal of your consent and until such time as your consent has been granted once more.

    6.7 Right to data portability


    If we are processing your data with your consent, or for the purposes of justifying, executing or terminating a contract with you, you have the right to receive the data you have made available to us. The data is provided in a structured, accessible and machine-readable format. In exercising this right, you also have the right to request that your personal data be transferred directly to another controller, so far as this is technically feasible.


    6.8 Right to appeal


    You have the right to appeal to a supervisory authority if you believe that your personal data is being processed by us in violation of the legal provisions.


    6.9 Exercising your rights


    You are free to contact us in your preferred way to exercise your rights set out here (see section 1 for details). As we do not collect any plaintext data such as your name or address, and we can only establish your identification via the email address you have linked to your NoGame account, we recommend that when registering for ticket support, you use the email address of your NoGame account or link this address to your support account. This ensures that your issue can be dealt with quickly and in an uncomplicated manner. Inform the support team of your concern. Alternatively, you can contact our data protection officer in confidence using your email address. For an uncomplicated assignment, please explain the matter to us as precisely as possible in all cases. If possible, please indicate in particular the online game you are using, the language version, the game server and your account name.


    7. Data protection information


    In handling personal data, we have made appropriate technical and organisational measures to maintain data security and reduce the risks to the rights and freedoms of the affected persons. This includes the fact that we do not collect any real names or addresses and that we maintain the respective NoGame accounts using pseudonyms. We also limit the personal data collected and stored to the required minimum, and encrypt it where possible. This applies accordingly when providing and transferring personal data when registering and using a NoGame account. During payment transactions, for example, your data is transferred in an encrypted form using SSL. Our SSL transfer is THAWTE-certified. Finally, all our collaborators are informed and trained to maintain data confidentiality and privacy obligations.


    8. Information on referrals to third-party services (hyperlinks)


    In some places, our Services contain links which redirect users to external websites. If you click on such a hyperlink, you will be redirected to services that are beyond our control and influence. The respective provider is solely responsible for these services. The data protection regulations of the relevant provider apply in each case.


    9. Version and changes to this Privacy Policy


    This Privacy Policy was last updated on 6th Nov 2020. We reserve the right to change its contents in order to correct mistakes, improve understandability, provide supplemental information, or for legal reasons. In cases where they are adjusted, the principles outlined in this Privacy Policy and the protection of your personal data will be preserved.