Dune Awakening– February 19,2024 Closed Beta Privacy Notice
Last updated: February 19, 2024
Introduction – What is this notice for?
This privacy notice (this “notice”) is about how we use personal information about you called “personal data” when you’re playing Dune Awakening (the “game”).
If you are playing the game Closed Beta Test (the “CBT”), more limited game functionality will apply. Please see the CBT section of the notice for further details.
Who are we?
We are Funcom Group (“we” or “us” in the rest of this notice). We are located at Kirkegata 15, N-0153 Oslo, Norway and have offices in several locations around the world. You can find our contact details here.
We make decisions about how and why we use your personal data when you use the game. That means we’re what’s called a “data controller” of this personal data.
What is personal data and why is it important?
Personal data is any information which identifies you (like your name, nickname, and email address). It is also information which can be pieced together with other information to identify you like your age, gender, or the technical IDs given to your phone/laptop (these IDs are sometimes known as “online identifiers”); and the interactions of you and your character in the game from which it’s possible to work out things about you, such as play time, inventory amounts, construction of player structures, avatar characteristics and choices (“gameplay data”).
It’s important to know what we do with your personal data, because you should be able to control what happens to it. By reading and understanding this notice, you will know how we collect, use, share, and protect your personal data, and how you can ask us to use it differently.
How do we collect your personal data?
Sometimes you give us your personal data directly - for example, when you are filling in your account setup form or contacting our customer support teams. The information that you are asked to provide and the reasons why you are asked to provide it will be made clear to you at the point we request it. Providing us with this information is voluntary, but if you choose not to provide it you may not be able to access the service or certain aspects of the service.
Sometimes we also collect information about you automatically when you use the service (“usage data”). Where this information can be linked back to you, it will be personal data. This information includes IP address, geographic location information using IP information, event data related to updates to your account information, gameplay data, and microtransactional data.
If a data file called a “cookie” is downloaded onto your phone or laptop, that cookie might send your personal data to others (like Google) who pass your personal data onto us. For more information about cookies, the type of information they collect and why they collect it, and how you can consent or refuse to cookies being used, click here.
When are we allowed to use your personal data?
We are only legally allowed to use your personal data where a legal basis allows us to do so. These are the legal bases which could apply:
| Legal Basis | When does this Legal Basis apply?
|
| “Contract”
We need to carry out or help you sign up to a contract
|
When it’s necessary to use your personal data to perform a contract with you, or because you have asked us to do something before signing a contract with you that requires the processing of your personal data.
In these cases, if you don’t provide your personal data, then we won’t be able to perform the contract or do what you have asked us to do before signing the contract.
|
| “Consent”
You have given us your consent |
Sometimes we will ask for your (or we might need to ask for your parent’s) consent to use your personal data. This consent will always be clear and separated out from other information.
|
| “Legitimate Interest”
It’s in our or someone else’s “legitimate interests”
|
“Legitimate interests” is a legal phrase. It usually means a commercial or business interest that is important to us or another company, and which we’ve balanced against your right to privacy.
We will always let you know what the interest is, and you can object to us using your personal data for these reasons on our online support portal. We will ensure that those interests do not override your and fundamental rights, interests or freedoms.
|
| “Legal obligation”
We need to do something a legal obligation tells us to
|
When it’s necessary to use your personal data so that we can perform our legal and regulatory obligations – so that we don’t break the law.
|
What personal data about you do we use, and why?
We collect data about you from the information you provide to us and (either directly or through a third party) and information automatically generated as part of our service. This table lists the types of personal data we use about you, and our reason for this.
| Data Categories
|
Purpose of Processing
|
Legal basis |
| Account setup information: Account ID, email, age, password, hardware ID, IP address, generated account ID | We use this information to create your account to provide access to the service in accordance with your request and our End User Licence Agreement, in order to ensure that you are old enough to play.
|
Contract |
| Gameplay and Server Data: Gameplay related data including account state, ping, inventory amounts, construction of player structures, ability usage, account ID of friends, avatar data, play time)
|
We use this information to host our servers, improve the game, provide you with feedback and information about your gameplay and progress, and ensure functionality of the game. | Legitimate interest – our interest in improving your and others’ future experiences with the game
|
| Customer support, crash reporting, and in-game diagnostics information: Any information voluntarily provided to customer support including email, login data, gameplay data, server logs, log files and bug/crash reports, device data | We use this information to help provide support to you in relation to the issue you’ve contact us about and conduct in-game diagnostics to fix bugs and conduct server patches. | Legitimate interest – our interest in answering your questions about our service in order to improve your experience and improve our relationship with you
|
| Chat and community monitoring data: information in reports about suspected bad behaviour, and text communicated to other players in-game (message history) both via player to player and group text chat, including account ID.
|
If you engage with chat services then we will process such data in order to deliver your messages to other users.
We monitor and take logs and chats to ensure they are in keeping with our community standards. We will only review hashed communications when we are detecting abuse and spam.
If your account is determined to breach our Terms of service, we may consider restricting or banning your access to the service.
|
Contract
Legitimate interest –our interest in ensuring the security of our services, maintaining a fair gaming environment
|
| Anti-cheat data: we collect basic hardware information, uniquely generated hardware ID, IP address, running process list (PC only), operating system information, user account information, processes, memory, and driver which is related to the game running, user behaviour and status that may be related to cheating software | We use this information:
If your account is determined to breach our Terms of service, we may consider restricting or banning your access to the service.
|
Contract
|
| Security data: IP address, IP lookup information, account ID. | We use this information to help provide security and network protection mechanisms.
|
Contract |
| Transaction records: payments through payment processors or respective distribution platforms, cost, product purchased, IP address, details of transactions linked to payment method, currency paid, vendor, item purchased, price paid.
|
We use this information to facilitate your payment and maintain a record of your transaction history.
We use this information to complete our financial reporting and disclosure obligations to parent company, tax agencies and regulators.
|
Contract
Legal obligation – our obligations under tax, corporate, and intelligence laws |
| Game development and optimisation: Entity / avatar data, gameplay related data (ie. account state, aggregate account data, play time, item acquisition rates, inventory amounts, ability usage, account ID of friends). | We use this information in connection with development feedback and optimisations, including to provide functionality, gameplay and content improvements to the game
|
Legitimate interest - our interest in improving your and others’ future experiences with the game
|
| Data subject request information: email address, transaction history, login history, proof of user's identity. | If a data subject request is submitted, we use this information to confirm the requestor’s identity, your rights and to process the request.
|
Legal obligation - our obligations under data protection laws |
| Friends lists: list of friends that a player has added in game
|
To allow players to easily communicate with each other and play with each other again.
|
Contract |
| Marketing information: email address | To contact you with newsletters, marketing or promotional materials and other information that may be of interest to you and to tailor and deliver updates, special offers and other communications about us and our Services to you and others similar to you on [Meta, Google, TikTok, and Twitch, | Consent where legally required
Legitimate Interests - to keep you informed of and promote our products and services and to manage our relationship with you as our customer, to the extent this is allowed by law
|
Who do we share your personal data with?
Sometimes we share your personal data with other companies and organisations.
The types of companies and organisations we share your personal data with are as follows:
- Companies in our “group” of companies – We have different companies in our “group”, who are linked to us. Some of them provide us with services to help us to manage our games. We share your account, gameplay, security, customer support, crash reporting, and in-game diagnostics information with these other companies so they can provide us with these services, and to fulfil some of our legal obligations.
- Publishing platforms and distributors – We distribute our games through online gaming and publishing platforms. We share account information, transaction data, and financial records information with these platforms to enable our services and to fulfil our legal and regulatory obligations.
- Anti-cheat solution providers – We share account, gameplay, and anti-cheat information with certain providers to detect observe cheating behaviours and consider restricting or banning access to the service and to combat users registering for multiple accounts.
- Voice service providers – To enable in-game voice communication services, we may share account, gameplay, and diagnostics information with third-party voice solutions. Some of our voice solutions are developed in-house and are companies within our group.
- Payment platforms – We share account, transaction, and financial records information with payment processors, play stores, and other companies that help us process transactions and payments for our services.
- Analytics and customer support services – We also work with analytics and third party customer support services to enable in-game support, diagnostics, patching, service log recording, support tickets processing, bug/crash reports, and analytics services. We share account, gameplay, customer support, crash reporting, and in-game diagnostics, and security information to accomplish this.
- Hosting platforms – We may share some limited personal data with hosting platforms to enable our servers to run smoothly and ensure frictionless gameplay.
- Regulators, official authorities, and other third parties in relation to legal compliance – For example, the police or the government might legally require use to give them personal data to help them with an investigation, or we might be required to give these companies personal data to enforce our terms, address security and fraud, and to protect you. We may share account, transaction, and data subject right information to comply with these requests.
- A third party that acquires all or part of our business – we might disclose your personal data to another company which buys or undertakes another type of corporate transaction in respect of our shares or buys all or part of our assets.
Does your personal data ever go to other countries?
Yes, sometimes your personal data goes to other countries as part of using your personal data in the ways we listed above. This will include the US. If you are in the UK, the EU, or Switzerland and your personal data goes outside of the UK, the EEA or Switzerland, the law requires us to take extra steps to make sure your personal data is protected in the place it is going to.
We do the following things to make sure we are not breaking these laws:
- If an adequacy decision/regulation from the European Commission or UK government is in place, we will rely on that adequacy decision.
- Before you enter the game, we may ask for your consent to transfer your data overseas (we might need to ask your parent to provide this consent for you).
- If we send your personal data to a company (either in our “group” of companies or a separate company) which is in a jurisdiction not subject to an adequacy decision so they can provide us with services, we will have a contract with that company called the “standard contractual clauses and the UK addendum” which requires that company to protect your personal data.
- Sometimes the companies who provide us with services have special documents in place called “binding corporate rules”. If a company has one of these documents in place, this will be enough to make sure the personal data is protected.
We might take similar steps where you are in another country with similar legal requirements, as well.
If you want proof of or more information about any of these things, you can contact us at [email protected].
How long do we retain your personal data?
We determine the appropriate retention period for your personal data, by assessing several criteria. These include: the nature and sensitivity of the personal data; the amount of personal data we hold; the risk of harm associated with the unauthorised use or disclosure of your personal data; the purpose of processing of your personal data; whether we can achieve that purpose in other ways; and the relevant legal requirements.
We only keep your personal data for as long as is necessary to allow you to play our game. If you delete your account, we will retain your account data for [one year].
We might need to keep your personal data for longer if a law requires us to (for example, laws about record-keeping and tax). Normally this is about six to ten years. It we are keeping your personal data for longer in this way, we will make sure it is secure and you can still change what we do with it (see below).
Will we use automated decision-making?
Not at this time.
What control do you have over your personal data, and how can you make us change what we do with it?
Because your personal data is about you, you should be able to control what happens to it.
We provide different ways you can do this. The easiest way is to write us an email ([email protected]) requesting one or more of the following:
- “Stop using my data” – you can object to how we are using your personal data if we are using it based on legitimate interests (see above) in certain situations;
- “Download my data” – you can request a downloadable copy of your personal data and for us to transfer it to another party. If you wish for us to transfer such personal information to a third party, please ensure you detail that party in your request. Note that we can only do so where it is technically feasible;
- “Access my data” – you can request to access to the personal data we use about you, and information about how we use it and who we share it with;
- “Delete my data” – you can request that your account or specific personal data we store about you is deleted from the game. Please be aware that once an account has been deleted there is no way to recover it;
- “Correct my data” – you can request that information about you that is wrong or outdated is corrected. You can update your account information at any time by logging on to your account profile;
- “Restrict the use of my data” - you can request to restrict the use your personal data, for example to storage purposes only;
- “I don’t consent any more” – you can withdraw your consent if our reason for using your personal data is consent (see above). We will then stop using your personal data in this way (though this doesn’t affect the lawfulness of the processing until you withdraw). For cookies, you can withdraw your consent to the setting of non-essential cookies at any time by clicking here.
Please note that we may ask you to verify your identity before responding to such requests.
You also have the right to complain to your local data protection authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority in the European Economic Area (EEA) or the UK. A list of these entities can be found in Annex 1.
Unfortunately, we’re sometimes not able to do the things you tell us to, for example because of the legal basis we have been relying on to process your personal data, or because it would interfere with another person’s own privacy rights. If this happens, we’ll explain to you why we aren’t able to do what you tell us to with that piece of personal data.
We may also be required to keep certain personal data to satisfy legal requirements or for security purposes, or if there are valid grounds under data protection laws for us to do so (for example, for the defence of legal claims or freedom of expression) but we will let you know if that is the case.
Updates to this policy
We may make updates to this policy from time to time (for example because our services have changed or because of changes in laws). We will appropriately notify you of this. The date this notice was last updated can be found at the top.
Other locations
If you live in any of the following locations, you can read more about the additional privacy terms which apply to you here:
- North America: California
CBT
If you are playing the game CBT, more limited game functionality will apply and therefore certain details will differ to the information outlined above. These differences are described in the table below:
| What personal data about you do we use, and why? | The following data categories and purposes do not apply during the CBT:
- Payment information
|
| How long do we retain your personal data? | We only keep your personal data processed as a part of the CBT for as long as is necessary. This will generally only be for up to one year after completion of the CBT.
|
| Who do we share your personal data with?
|
During the CBT, we will not be sharing your personal data with the following types of companies and organisations:
- Advertising
|
| Will we use automated decision-making?
|
This will not be used in the December Beta. |
How can you ask questions or make a complaint about your privacy?
If you have any questions about what we have said in this notice or how your personal data is used, you can contact us about it.
Our contact details are:
E-Mail: [email protected]
Address: Kirkegata 15, Oslo Norway N-0153
Thank you!
We hope you have a great time playing Dune Awakening!
If you live in California:
California Privacy Rights This section contains disclosures required by the California Consumer Privacy Act (“CCPA”) and applies only to “personal information” that is subject to the CCPA.
Personal Information we Collect. In the preceding 12 months, we collected the following categories of personal information about California consumers. We do not sell personal information.
| Categories of Personal Information | Disclosed for business purposes to the following categories of third parties: | Sold to following categories of third parties: |
| Personal and online identifiers (such as first and last name, email address, or unique online identifiers) | All categories listed below. | All categories listed below. |
| Internet or other electronic network activity information (such as browsing history, search history, interactions with a website, email, application, or advertisement) | All categories listed below. | All categories listed below. |
| Geolocation information | All categories listed below. | All categories listed below. |
| Inferences drawn from the above information about your predicted characteristics and preferences | All categories listed below. | All categories listed below. |
| Other information about you that is linked to the personal information above | All categories listed below. | All categories listed below. |
Categories of Sources. We collect personal information from the following categories of sources:
- Consumers;
- Internet service providers;
- Data analytics providers;
- Advertising providers;
- Social networks;
- Service providers; and
- Affiliates not under the Tencent brand.
Why We Collect, Use, and Share California Information. We use and disclose the personal information we collect for our commercial and business purposes, as further described in this Privacy Policy. These commercial and business purposes include, without limitation:
- Our commercial purposes, including marketing, advertising, and enabling commercial transactions.
- Our business purposes as identified in the CCPA, which include:
- Auditing related to our interactions with you;
- Legal compliance;
- Detecting and protecting against security incidents, fraud, and illegal activity;
- Debugging;
- Performing services (for us or our service provider) such as account servicing, processing orders and payments, and analytics;
- Internal research for technological improvement;
- Internal operations;
- Activities to maintain and improve our services; and
- Other one-time uses.
Recipients of California Personal Information. We disclose the categories of personal information designated above to the categories of third parties listed below for business purposes:
- Service providers;
- Affiliates not under the Tencent brand; and
- Government entities.
Your Rights Regarding Personal Information. California residents have certain rights with respect to the personal information collected by businesses. If you are a California resident, you may exercise the following rights regarding your personal information, subject to certain exceptions and limitations:
- The right to know the categories and specific pieces of personal information we collect, use, disclose, and sell about you; the categories of sources from which we collected personal information about you; our purposes for collecting or selling personal information about you; the categories of personal information about you that we have either sold or disclosed for a business purpose; and the categories of third parties with which we have shared personal information.
- The right to request that we delete the personal information we have collected from you.
- The right to opt out of our sale(s) of your personal information. Please note that if you opt out of certain types of sales, we will be unable to provide you with the services that rely on such sales.
- The right not to receive discriminatory treatment for the exercise of the privacy rights conferred by the CCPA.
To exercise any of the above rights, please contact us and submit the required verifying information, by emailing us at [email protected]
Verification Process and Required Information. Note that we may need to request additional information from you to verify your identity or understand the scope of your request, although you will not be required to create an account with us to submit a request or have it fulfilled. We will require you to provide, at a minimum a steam user id and email address.
Minors’ Right to Opt In. We do not have actual knowledge that we sell the personal information of minors under 16 years of age.
Annex 1 – list of regulators you can contact
You can contact the regulator on this list which is in the country you are located in: