9 replies to this topic

[Erox]

Quote

Article 7.4 GDPR: When assessing whether consent is freely given, utmost account shall be taken of whether, inter alia, the performance of a contract, including the provision of a service, is conditional on consent to the processing of personal data that is not necessary for the performance of that contract.

I don't think you are allowed to force a user to give permission for

Quote

Email and marketing services – Your email address may be shared with a third-party service for the purposes of sending you emails based on your preferences and our legitimate business requirements.

, because this is not necessary to play the game.

I like the game. So please make sure, you won't get trouble with the GDPR because of this.

Edited by Erox, 24 May 2018 - 10:20 AM.

[Luminis]

Sounds like they're reffering to Xsolla, which handles payment and stuff for them and sends confirmation E-Mails for purchases and stuff. Are the game and the (in-game) store two separate identities legally? If they can be considered to be the same service, it seems plausible, at least.

[Erox]

I don't think so. Xsolla would be this part:

Quote

Payment processors – We share your email address, Display Name, and your Account ID number, and details about purchases for our Games requested by you with companies such as Xsolla and Steam. Processing of payments is done directly with our partners, and no payment method or additional personal details needed to complete the transaction are transmitted to PGI. We receive a transaction result back from our processors that does not contain any additional personal information.

This is all in the privacy rules: https://mwomercs.com/privacy

[Luminis]

Erox, on 24 May 2018 - 10:35 AM, said:

I don't think so. Xsolla would be this part:

Makes sense.

Unless they have some third party provide some other service that isn't covered by the payment bit, they better change that stuff ASAP.

[FallofEden]

well in game voip is provided via the TS3 API. So i'm willing to bet that that's part of it. Only reason i found out about the in game voice chat being through TS3 is i decided to dig around the install folder after the recent crash's that were reported on grim plexus.

[yrrot]

That whole "sending you emails based on your preferences" means that by checking a box that allows it, you've given them permission needed to comply with the requirement. As in, you can opt out of the third party emails that have nothing to do with the game.

At least, that's my guess.

[Erox]

But that's what's not allowed anymore. According to the GDPR, you can't just use one box for every detail. You have to use an extra option for everything, that you don't need for your core business. And you are not allowed to force an user to check this extra box. Or to have a prechecked box.

[yrrot]

So, if I understand you correctly, doesn't having the default be opted-out of emails meet those requirements?


As of right now, your profile on here has 2 checkboxes: one for the MWO newsletter, and one for "other FASA" Products, which are listed. You don't have to have either checked to play, so it doesn't violate Article 7.4 you posted.

Of course, I honestly couldn't tell you if the new account system has those boxes prechecked or not, but if it doesn't, I fail to see how that's a violation.

[Grus]

Would be a violation if they share your email to 3rd party with out permission for profit. Especially if it has nothing to do with the game.

[yrrot]

Yup, definitely. As far as I can tell from a quick peek around the net, though, direct marketing falls into a legitimate business interest, even if a third party (with data subject permission).