as others have indicated, im disappointed that the actual concerns were not addressed. I wont need to consult with your privacy group, the matter is out of my hands.
2. What personal data does IronSource collect via STT:
The only data that is automatically shared with IronSource is the DBID, IP address, and Advertising ID (or a STT specific app ID if the Advertising ID cannot be used) , as well as device specifications such as screen size.
The DBID is an identifier specific to Beamable systems that is assigned to your game account. It has no context outside of that system, and absent other information such as email addresses or 3rd party associations like Facebook sign-in, cannot be used to personally identify you.
The IP address is collected by IronSource in order to ensure that ads and offers are localized correctly, as well as to check that all regional privacy standards (such as GDPR) are being observed.
The Advertising ID is generated by your device, please note that you can limit the use of your Advertising ID, or reset it entirely, in your device settings.
Lastly, device specifications are collected, such as screen size, in order to ensure that the offers and advertisements served are compatible with your device and will not crash the app as a result.
There are many, many things to be concerned about in this situation, but I do just want to highlight that (as I'm pretty certain has been pointed out on previous occasions) the bit I've bolded in the quote seems to be trying to reassure us about the data being collected, but this is actually an admission that data consistent with the GDPR definition of "personally identifiable information" (which does include IP addresses etc. and absolutely would include the DBID) is being collected.
My suspicion is that the parties involved here (especially, but not only, IronSource) are taking a maximalist view of what they're entitled to do under the "legitimate interests" part of the legislation, which frankly is a loophole wide enough to pilot a Borg cube through. This response seems to be crafted to try to obscure that as much as possible to avoid an adverse reaction from the player base. Given that people are now putting in DSARs, it would seem to have failed.
Have you seriously dragged this on for 2 months only to completely overlook the issues I have reported and to throw at us some general and incomplete information about what ironSource is collecting? And even that is based on what ironSource told you? Are you serious??????
Just uninstall the game if ur worried about ur data, instead of risking that this game becomes unavailable for everyone in europe, or at all.
There are still some players left, that love this game, regardless it‘s many issues.
Have you seriously dragged this on for 2 months only to completely overlook the issues I have reported and to throw at us some general and incomplete information about what ironSource is collecting? And even that is based on what ironSource told you? Are you serious??????
Just uninstall the game if ur worried about ur data, instead of risking that this game becomes unavailable for everyone in europe, or at all.
There are still some players left, that love this game, regardless it‘s many issues.
So yeah, Thanks a lot. 🙄
Good point. This is solid advice, which if we logically apply it elsewhere:
IF: Someone steals your family photos and sells them to an advertising agency overseas, who uses your photos on advertisements for products without your permission.
THEN: Just throw away your camera.
It is not acceptable to allow laws to be flagrantly broken because YOU like the lawbreakers game.
I will close this thread as it derails and these matters should be discussed through the proper channel by submitting an email to privacy@tiltingpoint.com.
This is something I should have recommended immediately, my apologies.
That being said I would caution everyone against making assumptions one way or another.
Please also try to remember that no business has any interest in not being compliant, it is just not worth it.
I can see where there might be a need for additional clarification however, and that is something that I will continue to work towards, with the privacy team.
Comments
as others have indicated, im disappointed that the actual concerns were not addressed. I wont need to consult with your privacy group, the matter is out of my hands.
There are many, many things to be concerned about in this situation, but I do just want to highlight that (as I'm pretty certain has been pointed out on previous occasions) the bit I've bolded in the quote seems to be trying to reassure us about the data being collected, but this is actually an admission that data consistent with the GDPR definition of "personally identifiable information" (which does include IP addresses etc. and absolutely would include the DBID) is being collected.
My suspicion is that the parties involved here (especially, but not only, IronSource) are taking a maximalist view of what they're entitled to do under the "legitimate interests" part of the legislation, which frankly is a loophole wide enough to pilot a Borg cube through. This response seems to be crafted to try to obscure that as much as possible to avoid an adverse reaction from the player base. Given that people are now putting in DSARs, it would seem to have failed.
Just uninstall the game if ur worried about ur data, instead of risking that this game becomes unavailable for everyone in europe, or at all.
There are still some players left, that love this game, regardless it‘s many issues.
So yeah, Thanks a lot. 🙄
Good point. This is solid advice, which if we logically apply it elsewhere:
IF: Someone steals your family photos and sells them to an advertising agency overseas, who uses your photos on advertisements for products without your permission.
THEN: Just throw away your camera.
It is not acceptable to allow laws to be flagrantly broken because YOU like the lawbreakers game.
This is something I should have recommended immediately, my apologies.
That being said I would caution everyone against making assumptions one way or another.
Please also try to remember that no business has any interest in not being compliant, it is just not worth it.
I can see where there might be a need for additional clarification however, and that is something that I will continue to work towards, with the privacy team.