PlaySafe PlaySafe

PlaySafe AI Privacy Policy

Last updated December 22, 2024

1. Introduction

The purpose of PlaySafe AI is to allow for gaming communities to flourish by stopping the bad actors in their tracks. We are focused on ensuring security and privacy of the data we handle. This Privacy Policy outlines how we use, collect and control personal data of end users (players) that is provided to us for the purpose of moderation as well as community management.

2. Data Collection

We may receive and process the following types of data to provide moderation services and community management:

  • User IDs
  • Usernames
  • In-game communications
  • Gameplay activity such as time played
  • User reports
  • Session information
  • Additional player information may be collected by the game for the purposes of moderation or community management

3. Use of Data

We serve as a Data Processor under GDPR and other applicable privacy laws. Our legal basis for data processing is grounded in contractual agreements with game developers, who act as Data Controllers.

Game developers are responsible for obtaining explicit consent from players for data collection and processing, in accordance with End-User License Agreements (EULAs) or similar agreements. This consent extends to the data processing activities carried out by PlaySafe AI.

We receive data from game developers, who have collected it from players through EULAs or equivalent agreements. This data is used exclusively for Community Management activities, including:

  • Enforcing game community guidelines and rules.
  • Creating a safe and respectful gaming environment.
  • Assisting game developers in making informed decisions about user behavior.

Each data component mentioned in Section 2 is crucial for assessing whether an event should be flagged as an incident and for determining its severity. Our proactive approach allows for the effective and scalable management of gaming communities.

We do not use this data for marketing, third-party sharing, or any other purposes unless explicitly authorized by the game developer or as required by law. No third-party tools are used for data processing.

4. GDPR Compliance

PlaySafe AI is committed to complying with the General Data Protection Regulation (GDPR). As a data processor, we adhere strictly to the data protection principles laid out in the regulation and work diligently to uphold the rights of European Union data subjects. We ensure that appropriate safeguards are in place for the transfer and processing of personal data from the EU.

For any GDPR-related inquiries or to exercise your GDPR rights, please contact the game developer with whom you have a data agreement. The developer, as the data controller, will then liaise with us as necessary.

5. COPPA Compliance / Child Privacy

PlaySafe AI does not knowingly process information for children under 13 years old. We serve as a service provider as defined under the California Consumer Privacy Act (CCPA) and as a data processor under the General Data Protection Regulation (GDPR). We rely on our end customers (game developers, acting as Data Controllers) to ensure that user information pertaining to children under 13 is not passed to us for processing. Should we become aware that such information has been provided, we will take immediate steps to remove it.

6. Data Retention

We retain game data only for the duration necessary to fulfill our moderation duties. Once our contractual obligations are met, or if the data is no longer required, it is securely deleted or anonymized. The default retention period is 6 months unless otherwise specified by our customer. A longer retention period may apply for specific users in cases where there is belief of a potential safety violation or per the request of the game developer or law enforcement.

7. Data Protection

We implement robust technical and organizational measures to protect the data we handle. This includes:

  • Encryption of data at rest (AES-256) and in transit (TLS 1.3).
  • Regular security audits and assessments.
  • Access controls to ensure only authorized personnel can access the data.

Please see the PlaySafe AI Security Policy for more details.

8. Data Transfers

We retain data in the geographical region from which it was originally transmitted. This practice is in line with our commitment to comply with regional data protection laws, including the General Data Protection Regulation (GDPR) for data originating from the European Union.

9. Rights of Data Subjects (e.g., Players)

Under the GDPR and other privacy regulations, individuals may have the right to:

  • Request access to their personal data.
  • Ask for corrections to inaccurate data.
  • Request deletion of their data.
  • Object to or restrict processing of their data.
  • Request data portability.

To exercise any of these rights, players should contact the game developer with whom they have a data agreement. The developer, (as the data controller as defined under GDPR language), will then liaise with us, their data processor, as necessary.

10. Third-Party Sharing

We do not sell or rent the data we handle to third parties. Data may only be shared with third parties if:

  • It’s part of the service we offer in conjunction with a third-party tool or platform.
  • It’s required by law or in response to a legal request.
  • It’s necessary to protect the rights, property, or safety of PlaySafe AI, our clients, or the public.

11. Updates to this Policy

We may update this Privacy Policy from time to time and will alert customers of any planned material changes by email.

12. Contact Us

If you have questions or concerns about our data handling practices, please contact us at: privacy@playsafe.ai.