REALFEVR PRIVACY NOTICE
We are committed to handling that information with respect, because your privacy is very important to us. FANTASY REVOLUTION, LDA. (“RealFevr“, “we,” “us,” or “our“), a company incorporated under the laws of Portugal, having its registered office in Taguspark, Núcleo Central, Av. Prof. Dr. Cavaco Silva, Nº 485, 2740-122 Oeiras, Portugal, provides this notice to explain how we collect, use, store and protect information from users of our website located at https://fantasy.realfevr.com (“Website“), our mobile application (“Application“), and our online fantasy sports related services available through the Website and Applications (“Services“). RealFevr is a Multi-Competition, Multi-Model, Multi-Platform sports application. To ensure the trustworthiness of our games and the quality of your experience, we collect and process information about our users (“you” or “your“). This privacy notice also serves to inform you about the rights you have with respect to the processing of your personal data. This notice does not apply to websites, applications, or services that do not display or link to this notice or that display or link to different privacy statements.
By using our Website, Application, or Services, you acknowledge reading and fully considering this notice. If you object to the data collection, use, and sharing practices described in this notice, you may not use our Website, Applications, or Services. RealFevr acknowledges that, by collecting your personal data, we are bound by the laws of Portugal and the European Union and will process your personal data in accordance with the General Data Protection Regulation (EU) 2016/679 of the European Parliament and the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and the free movement of such data (“GDPR”), as well as Law 58/2019, of August 8. Terms relating to the processing of personal data used within this notice take their definitions from the GDPR.
TABLE OF CONTENTS
- SUBJECT MATTER AND UPDATES
- PRINCIPLES OF DATA PROCESSING
- THE PERSONAL INFORMATION WE COLLECT
- LEGAL BASES FOR PROCESSING YOUR DATA
- INTERACTION WITH THIRD-PARTY SITES AND SERVICES
- ADDITIONAL USES OF PERSONAL DATA
- ADDITIONAL DISCLOSURES OF PERSONAL DATA
- SECURITY AND RETENTION OF PERSONAL DATA
- YOUR CHOICES REGARDING PERSONAL DATA
- YOUR PRIVACY RIGHTS
- YOUR OBLIGATIONS
- HOW TO CONTACT US
- Information You Provide to Us
This privacy notice sets forth the terms and conditions we follow in order to protect your personal data. It describes the conditions under which we collect, process, and ensure the security and confidentiality of your personal data. RealFevr reserves the right to amend and update this privacy notice whenever it deems appropriate. Any such changes will take effect from the moment they appear on our Website and Application(s). Any substantial changes to this privacy notice will be communicated to you via email. Please note that at all times you are responsible for updating your information to provide us with your current email address. If the last email address you provided us is not valid, or for any reason is not capable of delivering you the notice(s) described above, then, in the event we provide you notice via email, our emailing of such notice will constitute effective notification of the changes described in the updated notice. If you do not wish to permit reasonable changes in our use of your personal data, you must notify us that you wish to deactivate your Account.
Your continued use of the Website, Application(s), or Services following notice of such changes will indicate your acknowledgement of and acquiescence to the changes, with the understanding that the modified terms will apply to all of your personal data.
2. PRINCIPLES OF DATA PROCESSING
We respect your fundamental rights and consider protection of your personal data a priority. Accordingly, when processing your personal data, we follow the following basic principles:
- We subject your personal data to lawful and fair processing and are transparent about the ways in which we handle your personal data.
- We only collect and process your personal data for specified, explicit, and legitimate purposes as outlined in this privacy notice, and do not process it in ways that are incompatible with these purposes.
- We only process your personal data to the extent that it is necessary and appropriate to the purposes for which it is collected.
- We make reasonable efforts to ensure that your personal data is accurate and, where necessary, updated with regard to the purposes of the processing, taking all reasonable steps to delete, anonymize, or correct it in case of inaccuracy.
- We process your personal data in a manner that seeks to ensure its security by using appropriate technical and organizational measures.
- And we endeavor to comply with all statutory, regulatory, and other legal obligations applicable to our role as controller of your personal data.
3.1 Data You Provide to Us
- For example, you may decide to share your first and last name, date of birth, location, email address, phone number, username and password, and the country and state in which you reside when you create an account to log in to our network (“Account“). We need to process this information to set up your Account, verify your identity, and provide you with our Services.
- If you provide us feedback or contact us via email, we will collect your name and email address, as well as any other content provided in the email, in order to send you a reply, provide customer and technical support, improve and optimize our Services, satisfy our legal obligations, enforce our contracts, and address any existing or anticipated disputes.
- We will collect the profile photo you upload and user name you choose for your public profile page (“Profile“), to give you a personalized experience of our Services.
- When you participate in one of our surveys, we may collect additional data about your profile, activity, usage, and preferences related to the Website, Applications and Services, so that we can evaluate your interest in and the quality of our products, Services, and customer and technical support.
- Data Collected by our Services. In order to improve, personalize, and optimize our Services, perform our contracts, and meet our other legal obligations, we may automatically track certain data about your visits to and usage of our Website, Applications, and Services, including your browser type, operating system, Internet Protocol (IP) address (a number that is automatically assigned to your computer when you use the Internet, which may vary from session to session), device identifier, domain name, clickstream data, referring/exist pages, geolocation, and a date/time stamp for your visit. We also use this information to analyze trends, administer the Website, gather demographic information about our user base, deliver advertising, perform research, provide technical and customer support, inform our product development efforts, protect our legal rights, address disputes, and prevent our Services from being used to commit harmful or unlawful activities, including fraud. Some of this data may also be collected so that when you use the Website, Applications, or Services again, we will be able to recognize you and optimize your experience accordingly.
- Device Information. We may collect data about the devices you use to access our Services, including the hardware models, operating systems and versions, software, file names and versions, preferred languages, unique device identifiers, advertising identifiers, serial numbers, device motion information, and mobile network information. If you have downloaded our mobile Application(s), we may also collect certain data from your mobile device, including information about how you use the Application(s). This data is generally used to help us deliver relevant information to you. In the event our Application crashes on your mobile device, we will also receive data about your mobile device model software version and device carrier, which allows us to identify and fix bugs, provide other technical support, and improve and optimize the performance of our Application(s).
- Threat Detection. We use certain service providers to provide threat detection, user authentication, and fraud prevention services. These service providers may automatically collect certain information about your visits to the Website and Applications, as well as the device you use to connect to our Services, in order to monitor for potential threats or bad actors. This data may include, among other things, your IP address and your device’s unique identifiers.
- Collection of Data in Connection with Advertising. We may use certain vendors to serve ads on the Website and Applications, such as One Signal and Sendinblue. In connection with the delivery of advertising, certain vendors may automatically collect data about your visits to this and other websites, including your IP address, internet service provider, unique personal identifiers, and the browser you use to visit our Website. They may do this by using cookies, beacons, pixel tags, clear gifs, or other technologies. The data collected may be used, among other reasons, to deliver advertising targeted to your interests and to better understand your usage of, preferences on, and visitation of our Website, Applications, and Services and other sites tracked by these vendors. This notice does not apply to, and we are not responsible for, cookies, pixel tags and like other technologies used in connection with other parties’ ads, and we encourage you to check the privacy policies of advertisers and ad services to learn about their use of such technologies.
- Referral Affiliates. We may enter into agreements with companies that refer users to our Services via hyperlinks available on the referring party’s website. We may automatically collect certain data, such as your IP address, other unique personal identifiers, and the identity of the referring website via cookies, pixel tags and similar technologies that are provided to us in connection with your use of the referring party’s website.
- Location Data. We may collect your location information, including your geolocation records, for purposes of verifying whether you are eligible to participate in a Contest, sweepstakes, or giveaway or to determine if you are otherwise permitted to use our Services. We may also use such information to comply with our legal obligations, protect our legal rights, and address existing or anticipated disputes.
- Data Storage. We may use a service such as Amazon AWS to store data related to the services provided, as well as making backups of everything we need to maintain the normal functioning of RealFevr.
3.3 Data Collected from Other Sources
We may supplement the data we have about you with information received from other sources including from our pages on certain Social Networking Sites, the Social Networking Sites themselves, and from commercially available sources (e.g., data brokers and public databases). Your activity on other websites and applications may be associated with your personal data in order to improve and customize our Services and the ads delivered on our Website and Applications. The data we receive may include demographic data such as age, gender and income level, your preferences, interests, associations, commercial information, including records of products or services purchased, obtained, or considered and other purchasing or consuming histories or tendencies, as well as information regarding your interaction with various websites and applications, including the Services. This information is used to create and deliver advertising, improve and optimize our marketing efforts, perform user verification, authentication and fraud detection, and comply with our legal obligations.
In general, we rely on four lawful basis for processing your personal data.
We will process personal data:
- that it is necessary for the performance of a contract with you or to take steps at your request prior to entering into a contract – in these circumstances, if you do not provide the required personal data, we will not be able to offer our Services to you;
- that it is in our legitimate interests – to operate our Website, Applications, Services and other aspects of our business, for instance – and these interests are not outweighed by your own interests, rights, or freedoms;
- that we have obtained your consent – in these circumstances, you have the right to withdraw your consent at any time;
- that it is necessary for compliance with a legal obligation – for instance, where we have to provide information to government agencies.
- User Feedback. We may post user feedback on the Website and Application(s) from time to time. We will share your feedback with your first name and last initial only. If we choose to post your first and last name along with your feedback, we will obtain your consent prior to posting. If you make any comments on a blog or forum associated with the Website, Applications, or Services, you should be aware that any personal data you submit there can be read, collected, or used by other users of the blog or forum and might be used to send you unsolicited messages. We are not responsible for any personal data you choose to submit in these blogs and forums.
- Creation of Aggregated, Anonymized or De-Identified Data. We may create aggregated, anonymized or de-identified data (i.e., data that is not reasonably capable of being associated with or linked to you) from personal data we collected from or about you. We use such data to: analyze request and usage patterns, so that we may improve, optimize, or enhance our Services; improve our users’ experience with and ability to use and navigate our Website and Applications; and satisfy our legal obligations. We reserve the right to use such aggregated, anonymized, or de-identified data for any purpose and disclose it to third parties for any reason, including to maintain and improve functionality of our Website, Applications, and Services.
In addition to the processing and sharing practices discussed above, we may disclose your personal data as follows:
- Parties You Share With. When you use the Website, Application(s), or Services, the personal data you openly provide with others will be shared with parties you allow to receive such information.
- Service Providers. We may share your personal data with certain service providers in order to: provide you the Services we offer through our Website and Applications; conduct quality assurance testing; facilitate the creation of accounts; provide account authentication and user verification services; perform know-your-customer procedures; provide technical and customer support; geolocate users; personalize, customize, and improve your use and experience of the Services; provide hosting services; process payments to you and other financial transactions; send email and push notifications; enable security support and technical maintenance; send you newsletters, surveys, messages, and promotional materials related the Services or on behalf of other companies; verify your identity; prevent harmful or unlawful uses of our Services, including fraud; deliver you customized or personalized content, information, and advertising; understand when users have installed our Application(s); monitor the health and performance of code on users’ devices; request user feedback; send users links to download our Application(s); monitor the health of our servers; manage search engine optimization; and improve and optimize the performance of our Services. The processing of your personal data by our data processors is performed under contracts compelling such processors to provide the level of data protection required under the GDPR. We endeavor not to disclose your personal data with third-parties outside the European Union (“EU”). In the event that such a data transfer occurs, we take reasonable steps to ensure that your data is processed as securely as it is within the EU in accordance with applicable legal requirements and this privacy notice. We will update this notice to reflect new, cross-border data transfers and relevant safeguards to your privacy.
- Professional Financial and Legal Advisers. From time to time, we may also need to share your information with professional advisers, including lawyers, auditors, bankers, insurers and consultants, in order to obtain advice or other professional services from them. Such advisers are bound by legal and/or contractual duties of confidentiality and other prohibitions against disclosure of personal data.
- Corporate Affiliates. We may share some or all of your personal data with our corporate affiliates, including, without limitation, our subsidiaries, joint ventures and other companies under a common control (“Affiliates”) located in or outside the EU, in which case we will require our Affiliates to respect this notice. Cross-border transfers and processing of your personal data will be performed under contracts compelling our Affiliates to provide the level of data protection required under the GDPR. If such a cross-border data transfer occurs, we will take steps required to ensure that your data is processed as securely as it is within the EU, in accordance with applicable laws and this privacy notice.
- Corporate Restructuring. We may share some or all of your personal data in connection with or during negotiation of any merger, financing, acquisition, corporate divestiture, dissolution transaction, or other proceeding involving the sale, transfer, divestiture or disclosure of all or a portion of our business or assets. In the event of an insolvency, bankruptcy, or receivership, your personal data may also be transferred as a business asset.
- International Transfers. Where we transfer your personal data to a country outside the European Economic Area, we intend only to do so if that country is one which the European Commission has determined offers an adequate level of protection for that data or if we have entered into standard contractual clauses adopted by the European Commission to provide appropriate safeguards.
- The security of your personal data is very important to us. In accordance with applicable laws and best practices, we use appropriate administrative, organizational, technical, and physical policies, procedures, practices, and safeguards designed to protect the data we collect from unauthorized access, processing, alteration, exfiltration, deletion or destruction. We process your data in a manner that ensures its confidentiality and security, taking into account recent developments, implementation costs and the nature, scope, context and purposes of the processing, as well as potential risks to your rights and freedoms relevant to the circumstances. As part of this commitment, your data is processed solely by authorized RealFevr personnel bound by strict obligations of confidentiality.
- We keep your data to the extent necessary to achieve its purpose, meet our legal obligations, defend our legal rights and further our legitimate interests, in accordance with applicable data minimization and storage limitation principles. After the appropriate period of retention and satisfaction of our preservation obligations, your personal data will be erased from, or anonymized or de-identified within, our databases and systems.
- We make concerted, good faith efforts to maintain the security of your information. Although we work hard to ensure the integrity and security of our systems, it must be recognized that no information system is 100% secure and, therefore, we cannot guarantee the security of such information. Outages, attacks, human error, system failure, unauthorized use, or other factors may compromise the security of user information at any time.
- Changing or Deleting Your Personal data. You may change any of your personal data in your Account by simply editing it within your Account or by requesting changes by emailing us at gdpr@RealFevr.com. You may request deletion of certain personal data maintained by us, and we will use commercially reasonable efforts to honor your request, but please note that we may be legally or otherwise required to keep such information and not delete it (or to keep this information for a certain time, in which case we will comply with your deletion request only after we have fulfilled such requirements). Deletion requests may be made by emailing us gdpr@RealFevr.com. When we delete any information, it will be deleted from the active database, but may remain in our archives. We may also retain your information to prevent fraud, money laundering, or other unlawful activity or for similar purposes.
- Applications. You may stop all collection of information by our Application(s) by uninstalling the Application(s). You may use the standard uninstall processes as may be available as part of your mobile device or via the mobile application marketplace or network.
The Website and Application(s) are not directed toward individuals under the age of thirteen (13), and we require that such individuals not provide us with personal data. We do not knowingly collect or maintain personal data from anyone under the age of 13 through the Website or Applications. If we become aware that a child under 13 has provided us with personal data through the Website, Application(s), or Services, we will delete the information from our files. If you are the parent or legal guardian of a child under 13 who you believe has provided personal data to RealFevr through the Website, Applications or Services, please contact our privacy team at gdpr@RealFevr.com.
Data subjects have certain rights concerning their personal data, including under the GDPR. The preceding sections of this privacy notice describe RealFevr’s practices regarding the collection, use, storage and disclosure of personal data. This section supplements the preceding sections by describing data subjects’ additional rights with respect to their personal information and explaining how to exercise such rights. In particular, data subjects have the right to:
- Request access to their personal data and information related to its processing and to obtain a copy thereof;
- Request rectification of any inaccuracies in or information missing from their personal data;
- Request erasure of their personal data;
- Request restriction of the processing of their personal data in cases explicitly provided for under applicable law;
- Request access to and portability of your personal data to another data controller in a structured, commonly used and machine-readable format;
- Object to the processing of their personal data in cases explicitly provided for under applicable law; and
- Object to a decision taken solely on the basis of automated processing, including profiling, which has impacted or significantly affected them.
Any requests concerning the foregoing rights should be directed to RealFevr via email addressed to gdpr@RealFevr.com. We will respond to requests within one (1) month of their receipt. Upon prior notice, this period may be extended by up to an additional two (2) months if necessary, taking into account the complexity of the request and the number of pending requests. In the event your request is declined, we will provide an explanation for the declination of your request. In the event your request does not satisfy the requirements of applicable law, we reserve the right to: (i) impose a reasonable fee, taking into account the administrative costs of providing the information or communicating or executing the action requested; or (ii) decline your request. If there are any doubts as to the identity of an individual submitting a request, we reserve the right to request that he or she provide additional information necessary to verify his or her identity. If your rights are infringed, you have the right to file a complaint with the Comissão Nacional de Proteção de Dados at www.cnpd.pt.
By using our Website, Application(s), or Services and providing your personal data, you acknowledge and understand that you are required to provide your actual, accurate, and complete data as requested by RealFevr. You are also required to inform us of any changes to your information so as to ensure it is kept current and accurate. In the event you are found to have breached your obligations or if we have reasonable suspicion that the information you provided us is false or incomplete or in any way violate applicable law or this privacy notice, we reserve the right to reject your registration application, suspend, or terminate your Account immediately without prior notice. In such case, you shall have no right to compensation due to the rejection of your application or the suspension or termination of your Account.
Any inquiries or comments regarding your personal data and privacy rights, our data privacy practices, this privacy notice, or any reports regarding suspected or actual security violations should be directed to our Data Protection Officer via email to gdpr@RealFevr.com.