Logo

Privacy Policy

1. Who we are

"We", "us", "our", means Jyamma Games S.r.l. with its registered offices at Via Privata Angiolo Maffucci, 68 - 20158 Milano (MI), Italy and with company number IT10892230961.
Your privacy is important to us, therefore we've developed this Privacy Policy, which sets out how we collect, disclose, transfer and use ("process") the personal data that you share with us, as well as which rights you have. Please take a moment to read through this policy. We only process personal data in accordance with this Privacy Policy. Jyamma Games acts both as a "controller" and a "processor" of personal data. The controller of the personal data determines the purposes and means of the processing of personal data and the processor processes the personal data on behalf of the controller.
Personal data are all data that can be traced back to individual persons and identify them directly or indirectly; such as a name, phone number, location, email or home address. Should you have any questions, concerns or complaints regarding this Privacy Policy or our processing of your personal data; or you wish to submit a request to exercise your rights as set out by the GDPR, you can contact us:
 (a) Via mail: privacy@tilesonchain.com.
 (b) By post: Via Privata Angiolo Maffucci, 68 - 20158 Milano (MI), Italy of our Data Protection Officer.

This Privacy Policy was revised last on August 09, 2023.

2. How and for which purpose do we collect your personal data

2.1 Navigation data
The computer systems and software procedures used for the operation of this website acquire, during their normal operation, certain personal data whose transmission is implicit in the use of Internet communication protocols. These are pieces of information that are not collected to be associated with identified individuals, but by their very nature, through processing and association with data held by third parties, could allow the identification of users.
This category of data includes IP addresses or domain names of the computers used by users who connect to the site, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.), and other parameters related to the user's operating system and computer environment. These data are used solely for the purpose of obtaining anonymous statistical information about the use of the site and for checking its proper functioning, and they are deleted immediately after processing. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the site.

2.2 Contact form
When filling in the contact form on our website, we need certain information about you in order to be able to answer your questions or requests. We will use the information collected through the contact form only for the purpose of dealing with your request. For this purpose, we collect the following data:
 - Full name and Surname
 - Company name
 - E-mail address
 - Phone number
 - Any additional information you provide to us regarding your project
We process this information based on your consent as you provided this information freely to us.

2.3 Newsletter
In the event you register for our newsletter, your email address will be used in order to send you our newsletters, which may include invites to events, seminars, etc. organized by us. All other data fields are marked as "voluntary" and you can submit your question without having to fill in this additional requested information. For this purpose, we collect the following data:
Name
E-mail address
We process this information based on your consent as you provided this information freely to us.

2.4 (Potential) business connections
During any interaction with you, we may collect personal data for business and marketing purposes. Interaction may include events (collection of business cards), our options to contact Jyamma Games, or you when serving as a contact point for the collaboration with your company. For this purpose, we collect the following data:
 - Company information (name, address, sector...);
 - Contact details (name, email-address and/or phone number...)
 - Job title;
 - Notes on our meetings/conversations/history in general;
 - Contract information, including billing.
We process this information based on our legitimate interest.

2.5 Cookies
Our website makes use of cookies to facilitate the rendering and functioning. For further information relating to our use of cookies, we refer you to our Cookie Policy. We process this information based on legitimate interest.

3. Do we share or transfer your personal data?

We actively and passively share data with a number of affiliated third parties which we engage to assist us in the execution of our daily activities. Active sharing means that the third party processes the information as input in the process of our collaboration with said third party. Passive sharing on the other hand means that we use a service/software provided and hosted by the third party, however the third party does not process the information as an input in the process of our collaboration with said third party. Our passive sharing collaborations are:
 Aruba - We use this Software as a Service for hosting purposes. Jyamma Games actively processes the information while MailChimp hosts the software.
 MailChimp - We use this Software as a Service for newsletter purposes. Jyamma Games actively processes the information while MailChimp hosts the software.
 Google Analytics - We use this Software as a Service for website traffic analysis. Jyamma Games actively processes the information, while Google hosts the software.
For each of the above mentioned third parties, we have a data processing agreement, governing the use by these third parties and the protection of your personal data. Besides the aforementioned affiliated third parties, we make use of social media and their plugins, which enable you to be directed to our social media channels and to interact with our content and employees. We do not however disclose your personal data to any of our social media partners. Any reference made to you will be discussed with you upfront to obtain your consent. These social media channels on which we are represented, and related management tools are:
 - Facebook;
 - LinkedIn;
 - Twitter;
 - Instagram;
 - YouTube;
 - Reddit;
 - Medium;
 - GitHub;
 - Telegram;
 - Hootsuite.
In the event you click such a link, such social media service provider may collect personal data about you and may link this information to your existing profile on such social media. We are not responsible for the use of your personal data by such social media service provider. In this case, the social media service provider will act as controller.

4. How long do we keep your personal data?

We retain your data for as long as it is necessary for the fulfillment of the purposes we collected it for. In some circumstances we may anonymize your personal data - which means it can no longer be associated with you - for research or statistical purposes in which case we may use this information without further notice to you.

5. What are your rights?

You have rights under the GDPR in relation to your personal data. We have summarized them for you in a clear and legible way. To exercise any of your rights, please send us a written request in accordance with paragraph 1 of this Privacy Policy. We will respond to your request without undue delay, but in any event within one month of the receipt of the request. In the case of complex requests or many requests, we may extend this period with two additional months. In such case, we shall inform you of the extension within one month of the receipt of your request and the reasons for the delay.

5.1 The right to be informed
In accordance with Article 12 of the GDPR, we as controller shall take appropriate measures to provide any information referred to in Articles 13 through to 22 and Article 34 relating to processing of your personal data in a concise, transparent, intelligible and easily accessible form, using clear and plain language, in particular for any information addressed specifically to a child. The information shall be provided in writing, or by other means, including, where appropriate, by electronic means. When requested by you, the information may be provided orally, given that your identity is proven. Where we obtain personal data, collected directly from you, we shall provide you with:
 - Our contact details.
 - The contact details of our data protection officer where applicable.
 - The purposes of the processing for which the personal data is intended, as well as the legal basis for the processing.
 - Details of the purposes for processing in case of legitimate interests.
 - The recipients of the personal data, if any.
Where applicable, the intention to transfer personal data to a third country orinternational organization and the existence or absence of an adequacy decision by the Commission and any appropriate or suitable safeguards.
The period for which the personal data will be stored. Information on further processing other than for the purposes originally stated, prior to further processing. Where we obtain personal data, not collected directly from you, we shall provide you with:
 - The information as mentioned in the paragraph above, on information we collected directly from you.
 - The identity and contact details of the controller/controller's representative.
 - The contact details of the data protection officer where applicable.

5.2 The right to access
In accordance with Article 15 of the GDPR, you have the right to ask us if we process personal data concerning you. In the case that we process your personal data, you have the right to ask us:
 - The purpose for which it is been processed;
 - Which personal data;
 - Duration of the retention;
 - The source of data (third party or automated processing such as profiling);
 - Safeguards related to transfer;
 - A copy of the data. Note that for any additional copies, we reserve the right to charge a reasonable fee to cover administrative costs.

5.3 The right to rectification
In accordance with Article 16 of the GDPR, you have the right to request a correction of the stored personal data concerning you if they are inaccurate or incorrect.

5.4 The right to erasure (right to be forgotten)
In accordance with Article 17 of the GDPR, you have the right to request that your personal data held by us is erased. In other words, you have the right to be forgotten by us if:
 - Personal data is no longer necessary in relation to the purpose for which it was collected;
 - You withdraw your consent for the processing and we based our processing on your consent;
 - No overriding legitimate grounds for processing are presented by the controller in response to the objection by the data subject;
 - The personal data has been unlawfully processed;
 - The personal data has to be erased for compliance with legal obligations;
 - The data subject is younger than 16 years and consent of the holder of parental responsibility has not been obtained.
The right to be forgotten does not apply for:
 - Exercising the right of freedom of expression and information;
 - Compliance with legal obligations which requires processing by law;
 - Reasons of public interest in the area of public health;
 - Archiving purposes in the public interest, scientific or historical research purposes or statistical purposes.

5.5 The right to erasure (right to be forgotten)
In accordance with Article 17 of the GDPR, you have the right to request that your personal data held by us is erased. In other words, you have the right to be forgotten by us if:
 - Personal data is no longer necessary in relation to the purpose for which it was collected;
 - You withdraw your consent for the processing and we based our processing on your consent;
 - No overriding legitimate grounds for processing are presented by the controller in response to the objection by the data subject;
 - The personal data has been unlawfully processed;
 - The personal data has to be erased for compliance with legal obligations;
 - The data subject is younger than 16 years and consent of the holder of parental responsibility has not been obtained.
The right to be forgotten does not apply for:
 - Exercising the right of freedom of expression and information;
 - Compliance with legal obligations which requires processing by law;
 - Reasons of public interest in the area of public health;
 - Archiving purposes in the public interest, scientific or historical research purposes or statistical purposes.

5.6 The right to data portability
In accordance with Article 20 of the GDPR, you have the right to receive your personal data, which you have provided to us, in an understandable and readable format. You furthermore have the right to transmit that data to another organization without hindrance from us if our processing of the data was based on your consent and is processed in an automated manner. Where technically feasible, you have the right to have your data transferred directly by us to the organization. Exercising your right to data portability shall be without prejudice. Note that the right to data portability does not apply if:
 - The processing is necessary for the performance of a task carried out in the public interest.
 - The processing is in the exercise of official authority vested in us.
 - It adversely affects the rights and freedoms of others.

5.7 The right to object to processing
In accordance with Article 21 of the GDPR, you are entitled to object to the processing of your personal data, meaning that we have to terminate the processing of your personal data. The right of objection exists only within the limits provided for in art. 21 GDPR. In addition, our interests may prevent the processing from being terminated, so that we are entitled to process your personal data despite your objection.

5.8 Automated individual decision-making, including profiling
In accordance with Article 22 of the GDPR, you have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly affects you.
This right shall not apply if the decision is:
 - Necessary for entering into, or performance of, a contract between you and us.
 - Authorized by Union or Member State law to which we are subject, and which also lays down suitable measures to safeguard the data subject's rights and freedoms and legitimate interests.
 - Based on your explicit consen

5.8 Right of appeal to a supervisory authority
If you consider that our processing of your personal information infringes data protection laws, you have a legal right to lodge a complaint with a supervisory authority responsible for data protection. You may do so in the EU member state of your habitual residence, your place of work or the place of the alleged infringement.

6. Amendments to the privacy policy

In a world of continuous technological change, we will need to update this Privacy Statement on a regular basis. We invite you to consult the latest version of this Privacy Statement online and we will keep you informed of important changes through our website or through our other usual communication channels.

Contact us at info@tilesonchain.com for any questions or concerns regarding our Privacy Policy.