PLEASE READ THIS PRIVACY POLICY CAREFULLY

1. OUR PRIVACY STATEMENT

The protection of your personal data is of great importance to KONAMI GROUP CORPORATION ("Company") and its affiliates within and outside the European Economic Area (the "EEA") (together, the "Company Group"). This privacy policy (the "Privacy Policy") therefore intends to inform you about how Company and the Company Group entities, acting as data controllers, collect and process your personal data that you submit or disclose to us. We also act as data controllers when we process your personal data received or obtained through third-parties. We process this personal data in accordance with the applicable EU and Member State regulations on data protection in particular, the General Data Protection Regulation No 2016/679 (the "GDPR").

We encourage you to read this Privacy Policy carefully. If you do not wish for your personal data to be used by us as set out in this Privacy Policy, please do not provide us with your personal data. Please note that in such a case, we may not be able to provide you with our games and other services, you may not have access to and/or be able to use some features of the Website, and your customer experience may be impacted.

2. HOW DO WE USE YOUR PERSONAL DATA?

We will always process your personal data based on one of the legal bases provided for in the GDPR (Articles 6 and 7 GDPR). In addition, we will always process your sensitive personal data, in accordance with the special rules provided for in the GDPR (Articles 9 and 10 GDPR).

We will process your personal data for the specified, explicit and legitimate purposes under the Privacy Notices (Articles 13 and 14 GDPR), which we will provide every time when personal data is obtained, and will not further process the personal data in a way that is incompatible with these purposes.

If we intend to process personal data originally collected for one purpose in order to attain other objectives or purposes, we will ensure that you are informed of this. We will keep your personal data for as long as it is necessary for us to comply with our legal obligations, to ensure that we provide an adequate service, and to support its business activities (Articles 5 and 25(2) GDPR).

3. WHAT TYPES OF PERSONAL DATA DO WE USE?

For the purposes specified under the Privacy Notices we will collect the categories of personal data specified in the Privacy Notices.

We can obtain such personal data either directly from you when you decide to communicate such personal data to us (i.e., when you fill in forms displayed on the Website) or indirectly where such personal data is provided to us by your device, your electronic communication terminal equipment or your internet browser. We ensure that the personal data processed be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.

4. HOW DO WE SHARE YOUR PERSONAL DATA?

We may share your personal data with Company Group entities and with third parties in accordance with the GDPR. Where we share your personal data with a data processor, we will put the appropriate legal framework in place in order to cover such transfer and processing (Articles 26, 28 and 29 GDPR). Furthermore, where we share your personal data with any entity outside the EEA, we will put appropriate legal frameworks in place, notably controller-to-controller (2004/915/EC) and controller-to-processor (2010/87/EU) Standard Contract Clauses approved by the European Commission, in order to cover such transfers (Articles 44 GDPR).

5. OUR RECORDS OF DATA PROCESSES

We handle records of all processing of personal data in accordance with the obligations established by the GDPR (Article 30 GDPR), both where we might act as a controller or as a processor. In these records, we reflect all the information necessary in order to comply with the GDPR and cooperate with the supervisory authorities as required (Article 31 GDPR).

6. SECURITY MEASURES

We process your personal data in a manner that ensures their appropriate security, including protection against unauthorised or unlawful processing, accidental loss, destruction or damage. We use appropriate technical or organisational measures to achieve this level of protection (Articles 25(1) and 32 GDPR).

We will retain your personal data for as long as it is necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

7. NOTIFICATION OF DATA BREACHES TO THE COMPETENT SUPERVISORY AUTHORITIES

In case of breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed, we have the mechanisms and policies in place in order to identify it and assess it promptly. Depending on the outcome of our assessment, we will make the requisite notifications to the supervisory authorities and communications to the affected data subjects, which might include you (Articles 33 and 34 GDPR).

8. PROCESSING LIKELY TO RESULT IN HIGH RISK TO YOUR RIGHTS AND FREEDOMS

We have mechanisms and policies in place in order to identify data processing activities that may result in high risk to your rights and freedoms (Article 35 GDPR). If any such data processing activity is identified, we will assess it internally and either stop it or ensure that the processing is compliant with the GDPR or that appropriate technical and organisational safeguards are in place in order to proceed with it.

In case of doubt, we will contact the competent Data Protection Supervisory Authority in order to obtain their advice and recommendations (Article 36 GDPR).

9. YOUR RIGHTS

You have the following rights regarding personal data collected and processed by us.

1. Information regarding your personal data processing: You have the right to obtain from us all the requisite information regarding our data processing activities that concern you (Articles 13 and 14 GDPR).
2. Access to personal data: You have the right to obtain from us confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, access to the personal data and certain related information (Article 15 GDPR).
3. Rectification or erasure of personal data: You have the right to obtain from us the rectification of inaccurate personal data concerning you without undue delay, and to complete any incomplete personal data (Article 16 GDPR). You may also have the right to obtain from us the erasure of personal data concerning you without undue delay, when certain legal conditions apply (Article 17 GDPR).
4. Restriction on processing of personal data: You may have the right to obtain from us the restriction of processing of personal data, when certain legal conditions apply (Article 18 GDPR).
5. Data portability of personal data: You may have the right to receive your personal data in a structured, commonly used and machine-readable format, and have the right to transmit those personal data to another controller without our hindrance, when certain conditions apply (Article 20 GDPR).
6. Object to processing of personal data: You may have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you, when certain legal conditions apply (Article 21 GDPR).
7. Not to be subject to automated decision-making: You may have the right not to be subject to automated decision-making (including profiling) based on the processing of your personal data, insofar as this produces legal or similar effects on you, when certain conditions apply (Article 22 GDPR).

If you intend to exercise such rights, please refer to the contact section below.

If you are not satisfied with the way in which we have proceeded with any request, or if you have any complaint regarding the way in which we process your personal data, you may lodge a complaint with a Data Protection Supervisory Authority.

10. CHILDREN

Our games and services are intended for use by both children and adult users. Where we collect and process information on children under sixteen (16), and our processing requires obtaining the users’ consent, we will obtain this consent from the children’s respective parent or tutor in accordance with the applicable laws (Article 8 GDPR).

11. LINKS TO OTHER SITES

We may propose hypertext links from the Website to third-party websites or internet sources. We do not control and cannot be held liable for third parties’ privacy practices and content. Please read carefully their privacy policies to find out how they collect and process your personal data.

12. UPDATES TO PRIVACY POLICY

We may revise or update this Privacy Policy from time to time. Any changes to this Privacy Policy will become effective upon posting of the revised Privacy Policy on the website or in the game or services provided to you. If we make changes which we believe are significant, we will inform you through the Website to the extent possible and seek your consent where applicable.

13. CONTACT

For any questions or requests relating to this Privacy Policy, you can contact us by email (privacynotice@faq.konami.com).
The contact details of the Data Protection Officer are as follows:
dpo-team@konami.com

If you have any inquiries of our products or services, you can contact us at:
https://www.konami.com/games/inquiry/