Last update: May 25, 2018
What is the General Data Protection Regulation (GDPR)?
GDPR is an EU regulation on data protection and privacy of citizens from the European Union and is applicable as of May 25th, 2018. While the regulations give people control over how their data is used, it requires companies and other organizations to be transparent about how their personal data is being collected, processed, stored, and used.
What is constitutes personal data?
The European Commission defines personal data as “any information that relates to an identified or identifiable living individual”. For this reason, the following are considered to be personal data:
- A name and surname
- A home address
- An email address
- A phone number
- An identification card number
- Location data
- An Internet Protocol (IP) address
- A cookie ID
1. Personal and non-personal data – What we collect and why
Generally, you decide the amount and type of data that you share with us when using our “Service”. However, in order to give more value to all of our users, we collect data on the services you use, and how you use them, It might, for example, be from figuring out which mobile device you use in order to optimize your “Service” experience – or even to provide you with ads that you’ll find useful.
1.1. The information you give us
You decide what data is shared with us when using our “Service”. It might, for example, be when requesting a free product trial where you are asked to provide us with your name, organization, email and comments. Please note that providing us with false information would prevent us from delivering our “Service” to you.
1.1.1. Contact and registration forms
Should you choose to fill out Personal Identifiable Information (“PII”), for example, in a contact form, to view gated content or to sign up for events, then we store that in our own database with the exceptions as described in “Our third-party data processors”. By filling out your “PII” you give Wizkids A/S the right to contact you.
1.1.2. Chat, Calls and SMS
Wizkids A/S uses Crowdio A/S (“Crowdio”), a live chat service, to manage and respond the chat queries from our website visitors. This applies to the following domains:
Incoming calls and/or text messages are not stored in our databases or servers.
1.1.3 Email newsletter
Should you join our email newsletter, then the email address, name, surname, product interest that you have provided will be forwarded to MailChimp, our Email Marketing Service. While you are in charge of the information provided to MailChimp, its built-in tracking features provide us with additional data we harness to, for example, ensure that you have received and opened our latest email newsletter.
In addition to MailChimp, your email will also be stored in our database and in our CRM system – namely, to have a more valuable understanding of your journey as a lead, prospect, or customer.
You can always opt-out of the mailing list via the unsubscribe link contained in any email newsletters or by sending us an email to firstname.lastname@example.org. When requesting removal via email it is important that you indicate the email account that has been used to subscribe the mailing list.
1.2. Information we obtain from “Service” usage
We collect information about your “Service” consumption through various tracking, storing and marketing technologies. This provides us with the necessary information to:
- deliver you with a more customer-centric “Service”
- provide you with personalised content
- serve you with useful ads
- display you with retargeted ads based on product interests
This is done in the following way:
1.2.1 Web analytics
The use of web analytics allows us to automatically receive information, for example, about your device, browser, OS, location, and IP address of your public network or Internet Service Provider (ISP). Furthermore, web analytics provide us with behavioural and audience information, such as frequented sites, clicked areas, demographics, and interests. This information helps us to understand our audience and their behaviour, which we use to improve our “Service”. For example, by delivering more relevant content based on the geographical locations. To see how the web analytic process your personal and non-personal data you can see “Our third-party data processors”.
Cookies are small pieces of data or a text files that are stored on your computer or mobile device. Cookies are not applications and do not contain viruses or malicious code.
There are, generally, two types of cookies. First-party cookies are created by the website the user visits directly (e.g www.wizkids.co.uk) and are allowed to be stored in every web browser. If you delete or block these cookies, you risk that certain features might malfunction. Third-party cookies, on the contrary, are created by other parties other than the visited website. These act as an enhancement to the website by, for example, providing us with analytical insight on how we can optimize the “Service” to our users. Third-party cookies might also be used to target you with useful ads across the Internet.
When you enter and use our website you agree to use the necessary cookies (i.e. first-party cookies). These help the website by enabling basic functions like page navigation and access to secure areas of the website. In other words, the website cannot function properly without these cookies. Third-party cookies, which are used for statistics and marketing purposes will, on the other hand, not be processed before your consent has been given. Cookies can be deleted or blocked at any time by following this guide.
By given us consent you agree to the following third-party cookies:
- To use web analytics to improve our “Service”
- To serve ads relevant to your interest across the Internet (see “Marketing and advertising”)
- To serve remarketing and retargeting ads based on past visits (see “Marketing and advertising”)
1.2.3 Website visitor tracking
To measure our marketing efforts we use tracking technologies to view website visits of our customers and non-customers. This is done exclusively on organizational visitors. In other words, we do not track or identify the website sessions of private visitors.
Why do we track organizational visitors?
- To evaluate our marketing and sales effort
- To prioritize what content our website visitors find engaging
- To analyze the product interest of our different visitors
- To provide organizational visitors with personalized content
- To acquire a better understanding of our customers and non-customers
Please note that we do not track the person carrying out the organizational website visit. In other words, the organizational IP-address is exposed but the person behind the website visit remains anonymous. You can view “Our Third Party Data Processors” to view how the organizational data is processed.
1.2.4. Marketing permission and advertising
Wizkids will not serve you ads or marketing content without prior consent – for example, by agreeing to our cookies or our opt-in forms.
The consent will allow us to deliver visitors with relevant content and ads across the Internet. It will also help us to find new “lookalike audiences” – that is, a marketing audience that has similar characteristics and interests as yours.
In other words, we have enabled the advertising features in our tracking and marketing technologies to:
- advertise our products and services
- create similar marketing audiences
- display you with retargeted ads based on product interests
- improve our brand equity
- keep visitors engaged and updates with our latest events and content
We consider our advertising and marketing technologies to be a third party data processor. For more information on how our third partners collect and process the information visit section 2.
2. Our Third Party Data Processors
3. How long do we store your information?
- Wizkids Add-on package
- Wizkids Chrome Management
For queries related to the aforementioned services, we advise you to contact your buyer (e.g. school or municipality).
We, in collaboration with our third-party partners, retain non-personal and personal data for the period necessary to provide you with the optimal “Service” experience.
You can always contact us if you want your personal data ‘deleted’ from the databases. This can be done by filling out the “Data Removal” form (see “Right to access and to be forgotten”).
4. Right to access and to be forgotten
You can request access to your personal information stored on the databases. Please note that the processing time can take up to three months. If you want your personal data to be deleted from our databases, then download and fill out this document “Data Removal” and send it to us by post.
Should you want to opt-out of any third-party cookies then visit this link. This will disable the browser from storing third-party cookies on your browser.
5. Data breaches
Any unauthorized breach of personal data within our website’s database or the database(s) of any of our third-party data processors will be notified within 72 hours after becoming aware of it. The data breach will be communicated to all relevant persons and authorities.
The security of your personal data is important to us. For this reason, we have employed various encryption and security technologies, such as SSL and HTTPS.
Please note that no method of data transferring over the Internet is 100% secure. While we strive to use the latest and most secure technology to protect your personal data, we cannot guarantee absolute security. Nonetheless, we do guarantee to notify all relevant parties within 72 hours if the personal data has been compromised.
7. Children’s Privacy
Our “Service” does not address anyone under the age of 13 (“Children”). We do not knowingly collect personal identifiable information (“PII”) from children under 13. If you are a parent or guardian and you are aware that your Children has provided us with personal information, please contact us. If we become aware that we have collected personal information from children under age 13 without the verification of parental consent, we will take steps to remove that information from our servers.
9. Data Controller
VAT no: 28706898