PRIVACY POLICY

Last Update: July 1st, 2024

General Information

This privacy notice informs you how GRID esports GmbH and its subsidiaries (GRID, we, our, us) collect, process, and share your personal data including when you use our services at www.grid.gg and www.cctour.gg 

We have a separate esports player privacy notice [here], specifically for esports players/athletes who compete in esports events and other related persons (such as broadcasters, streamers, owners, directors, managers, or other relevant persons involved in esports events).

Who is GRID?

Trusted by leading game publishers and tournament organisers, GRID unlocks the value of official data assets, establishing an ecosystem that facilitates sustainability and growth. The GRID gaming and esports data platform has partnered with more esports rights holders than any other platform. We utilise our proprietary technology to extract official data assets directly from the game server, providing downstream data services to our customers in the media, gaming, betting, and entertainment sectors.

Types of Personal Data Collected

We collect several types of information for various purposes, either because of a company’s legitimate interest or a legal requirement.

  1. Esports Players and Related Persons
    For details on data collection for esports players participating in our partnered events and GRID’s owned Champion of Champions Tour (CCT), and other related persons, please refer to our Esports Player Privacy Notice available here.

     

  2. Applicants
    • Personal Data from CV: Including your name, email address, postal address, phone number, and legal status.
    • Data from the Hiring Process: Additional personal data provided by you during interviews or similar processes.
    • Data for Employment Contract: Bank details, tax identification numbers, and criminal records as required by law.

      We utilise an Applicant Tracking System called Recruitee to collect and store your personal data. The system notifies our HR department before the expiration of a six-month period from the last update of your data, ensuring we maintain accurate information. Additionally, we will remove your data from the system in accordance with applicable legal requirements.
  3. Employees
    • Basic Employee Information: Including your name, age, address, and tax identification number.
    • Professional Information: LinkedIn profile and CV to assess your qualifications.
    • Residence and Citizenship Information: As required by law.
    • Meeting Recordings: We may record internal meetings for various business purposes. These recordings may include your participation.

      Internal communication tools may display your phone number and LinkedIn profile, but you have the option to decide whether to share this information. You can modify and withdraw your data from the platform as needed.
  4. Business Partners – Commercial
    • Full Name
    • Contact Information: Email address and phone number.
    • Employment Position: Within your company.
    • Company Name

      We use Salesflare to manage and store this information securely. The data remains in the system for the duration of our business partnership.

  5. Users of our Services, www.grid.gg, www.cctour.gg and the GRID Data Platform
    When you use our websites, GRID Data Platform, including GRID Rapids, the trader package, or the GRID competitor portal, we collect certain personal data to enhance your experience and ensure the security and functionality of our service.

    Types of Data Collected:
    • IP Address: We collect your IP address to determine the geographical location from which you are accessing our services. This helps us ensure compliance with regional legal requirements and optimise your user experience.
    • Log Data: We automatically collect log data whenever you interact with our platform. This may include:
      • Device Information: Type of device, operating system, and browser used.
      • Usage Information: Dates and times of access, pages viewed, and actions taken.
      • Referral Information: The website or service that referred you to our platform.
      • Error Reports: Information on any errors you encounter while using our services.
    • Cookies and Tracking Technologies: We use cookies and similar tracking technologies to enhance your experience on our platform. These technologies allow us to:
      • Maintain Session Integrity: Ensure your session is secure and remains active during your use.
      • Customise Your Experience: Provide personalised content and recommendations based on your usage patterns.
      • Analyse Usage Trends: Monitor and analyse usage trends to improve our services.

         

Purpose and Legal Basis of Processing

GRID processes your personal data in accordance with the European General Data Protection Regulation (EU-DSGVO) and the Federal Data Protection Act (BDSG). The legal basis includes:

  • Contractual Necessity: Processing is necessary for the performance of the contract with you.
  • Legitimate Interests: Our legitimate interests in ensuring the security and functionality of our services.
  • Compliance with Legal Obligations: Ensuring compliance with applicable laws and regulations.
  • Defence of Legal Claims: Based on Article 6 (1) (f) GDPR, for defending legal claims from the employment relationship.
  • Consent: Lawful according to Art. 6 Paragraph 1 GDPR, which can be revoked at any time for future processing.

Data Retention

Your personal data will be retained for as long as necessary to fulfil the purposes outlined in this policy, or as required by law. Typically:

  • Log Data: Retained for a period of up to 12 months.
  • Employment Data: Retained for the duration of employment and as required by legal obligations.
  • Other Data: Retention periods may vary depending on the type of data and legal requirements, ranging from two to ten years.

Transfer of Your Personal Data

We may transfer your personal data outside the European Economic Area (EEA). In such cases, we ensure that appropriate safeguards are in place to comply with legal requirements. This includes implementing mandatory provisions such as contractual agreements and standard data protection clauses to guarantee the security and confidentiality of your data. However, please be aware that data protection standards in some countries may not be as robust as those within the EU. Despite these differences, we take all necessary measures to protect your data.

Recipients of Data

GRID provides your personal data within our company to areas and people who use this data to fulfil contractual and legal obligations or implement our legitimate interest. Data may be transferred to companies affiliated with us, including our branch in Sweden and our subsidiaries in the United States and Poland.

Your Rights

Every data subject has rights under GDPR, including the right to:

  • Information: Art. 15 GDPR.
  • Correction: Art. 16 GDPR.
  • Erasure: Art. 17 GDPR.
  • Restriction of Processing: Art. 18 GDPR.
  • Notification: Art. 19 GDPR.
  • Data Portability: Art. 20 GDPR.
  • Appeal to a Supervisory Authority: Art. 77 GDPR, if you believe the processing of your personal data is not lawful.

If data processing is based on your consent, you can revoke it at any time. Processing based on legitimate interests can be objected to at any time under Art. 21 GDPR.

Responsible Entity for Data Protection Law

GRID esports GmbH, incorporated in Germany (registration number HRB 198254 B), with its registered office at Gleimstraße 50, 10437 Berlin, Germany.

Contact us

GRID is the controller of your personal data.  Should you have any questions regarding the processing of your personal data, or you wish to exercise your rights under this notice, please contact us at the below:

GRID esports GmbH
Gleimstraße 50
10437 Berlin
Germany

[email protected]

Automated Decision Making

GRID does not engage in automated decision making or profiling under GDPR.