GraviTalent Kft.

Privacy Policy

September 18th, 2019

1. Overview 

Who controlls my data?

Benchmark.games as Data Collector controlls and processes data collected through its website, contracts, applications (games) and any other channels linked with GraviTalent Kft.

Our contact info:

GraviTalent Kft.

Address: 4400 Nyíregyháza, Nyár utca 7. 2/2.

Phone number: + 36204066119

Email: support@benchmark.games

CEO: David Szilagyi

1.1. Where does the Privacy Policy take place?

The Privacy Policy applies to the Benchmark.games’ website, applications (games) and all other direct services. The main activity of Benchmark.games is the development and sale of online gaming-based competence measuring tools.

1.2. Who collects the data, and what does it consist of?

A data controller is the one who determines what data is collected, with which tools, and for what purposes. 

Data can be any information you give to Benchmark.games while using its services. Personal data includes information which can directly or indirectly identify the owner—typically being name and email.

Learn more about this at 

https://www.eugdpr.org/glossary-of-terms.html 

1.3. What does this notice do for me?

Our primary goal is to make sure we offer protection for our visitors and travellers. We pay particular attention to making sure we guarantee the rights of the services we provide to everyone without discrimination of any kind. We want to make sure that we give you your right to privacy when handling personal data in any way.

The Info. (Act CXII. of informational self-determination and freedom of information law in 2011) and the European General Data Protection Regulation (2016/679 The EU Regulation on the protection of natural persons with regard to the processing of personal data and such free flow of data, hereinafter referred to as "GDPR"), which came into force on May 25th, 2018, also necessitates adequate information for stakeholders.

1.4. What are the basic principles of data management?

Legality: The legal basis for handling data is explicit and well-founded

Fairness and Transparency: There is sufficient amount of information that can be easily understood and accessible regarding data management

Purpose limitation: Data management is exclusively for the purposes defined and communicated in advance

Saved data: Only the data required and relevant are requested during data processing

Accuracy: Managed data is up to date

Limited storage: Data management is only done for the duration of its purpose

Integrity and confidentiality: The technical and organizational measures used in data management provide a high level of security

Accountability: The Benchmark.games procedure is aligned with the national and international standards

2. Data Types and Purposes

2.1. How do I find out what my data is used for?

Each time we collect data it is done with a predefined purpose. We ensure that the information requested is done in a transparent manner. When signing up for any of our services or sending your (contact) info though our website or applications, we highlight what we will use the requested information for. Your consent will be asked based on this.

If you have further questions, please contact us at support@benchmark.games.

2.2. Exactly what type of data do you ask me for and where?

It depends on which of our services you’d like to use. We make sure that we have your understanding and consent for every different case by providing you with the information you need, then asking for your agreement by ticking checkboxes which express that you have read, understood, and give us permission to handle your data. 

The main activity of Benchmark.games is the development and operation of Benchmark.games applications and sales to third persons. Benchmark.games concludes a contract with a third party customer for services available in the applications. Only the third party customer appoints the users (namely or anonymously) invited to the application.

Benchmarkamrked.games handles personal data in connection with the following activities and goals:

  • Access to App in named form: User Registration and System Messages. In this case, the user will be invited to the system by a third party and sign up to the app with their personal data on the app's page. During the registration process, the user agrees by ticking the checkbox that his personal data will be processed by Benchmarkamrked.games as required by the privacy notice for the fulfillment of the registration, sending of system messages, and other purposes for providing the service. Data management is a prerequisite for the provision of the service, the withdrawal of the consent means the final deletion from the application, but this does not affect the legality of the data management previously performed. The invocation of the user and the handling of personal data used for this purpose, as well as the request for consent, shall always be the task and duty of the third party. Under no circumstances will the Data Controller collect personal information for its own purposes that would mean inviting the application in any form.

Personal information: Name, email address, (in case of case), browser, operating system (cookies); behavior (in all cases)

Duration of data processing: For non-anonymised personal data until 5 years or withdrawal of your contribution. 5 years for anonymised personal data.

Data Processor: Digital Ocean LLC.

  • Anonymous access to the App: Tracking Link and System Messages. In this case, the user receives a link from a third party customer to use the system. When logging in, the user agrees by checking the checkbox to manage his / her personal data for the purpose of completing the registration, sending system messages, and other purposes necessary for the provision of the service, as described in the privacy notice in Benchmarkamrked.games. Data management is a prerequisite for the provision of the service, the withdrawal of the consent means the final deletion from the application, but this does not affect the legality of the data management previously performed. The invocation of the user and the handling of personal data used for this purpose, as well as the request for consent, shall always be the task and duty of the third party. Under no circumstances will the Data Controller collect personal information for its own purposes that would mean inviting the application in any form.

Personal information: Name, email address, (in case of case), browser, operating system (cookies); behavior (in all cases)

Duration of data processing: For non-anonymised personal data until 5 years or withdrawal of your contribution. 5 years for anonymised personal data.

Data Processor: Digital Ocean LLC.

  • Quiz app: Based on a prior request from a third party, certain types of personal data will be collected in Quiz. Users should always be informed about the exact scope of the data. When logging in, the user agrees by checking the checkbox to manage his / her personal data for the purpose of completing the registration, sending system messages, and other purposes necessary for the provision of the service, as described in the privacy notice in Benchmarkamrked.games. Data management is a prerequisite for the provision of the service, the withdrawal of the consent means the final deletion from the application, but this does not affect the legality of the data management previously performed. The invocation of the user and the handling of personal data used for this purpose, as well as the request for consent, shall always be the task and duty of the third party. Under no circumstances will the Data Controller collect personal information for its ownpurposes that would mean inviting the application in any form.

Personal information: Name, email address, (in case of case), browser, operating system (cookies); behavior (in all cases)

Duration of data processing: For non-anonymised personal data until 5 years or withdrawal of your contribution. 5 years for anonymised personal data.

Data Processor: Digital Ocean LLC.

  • User behaviour as a collection of personal data in applications: A game involves the recording of approximately 2000 events, one of which can reproduce the behavior of the player. These are raw data, from which aggregated higher level variables are first calculated for aggregation to be usable and interpretable. Higher-level variables consist of combinations of specific events or comparisons, such as "average response time", "planning willingness" or "proportion of optimal steps". Higher-level variables can be grouped into groups that are created using dimensional statistical methods (factor analysis). That is, to what extent and in what coexistence the assumed competencies explain the measured variables. The weight of variables involved in measuring competence is not uniform. Those that are more reliable or a more important basis for a given competence have a greater weight. CurioCity plays along 5 main competencies (learning ability, flexibility, monotony tolerance, analytical thinking, conformance), and Dotto plays 6 key competencies (design, problem solving, novelty, endeavour, self-reflection, endurance).

Personal information: Name, email address, (in case of case), browser, operating system (cookies); behavior (in all cases)

Duration of data processing: For non-anonymised personal data until 5 years or withdrawal of your contribution. 5 years for anonymised personal data.

Data Processor: Digital Ocean LLC.

  • Building a user (employment applicant) database for recruitment: managing the data of registrants who register as a client in the app for database purposes. The user's employee candidate will be part of the database: Profile - by prior consent of the data controller to a third party client. Data management is a prerequisite for the provision of the service, the withdrawal of the consent means the final deletion from the application, but this does not affect the legality of the data management previously performed.

Personal information: Name, email address, (in case of case), browser, operating system (cookies); behavior (in all cases)

Duration of data processing: For non-anonymised personal data until 5 years or withdrawal of your contribution. 5 years for anonymised personal data.

Data Processor: Digital Ocean LLC.

Benchmark.games generates and manages statistics from anonymised (no longer containing personal data) data from user behavior evaluation.

In the table below, you can see exactly what kind of data management processes may be related to applications and beyond:

Processing shall be lawful only if and to the extent that at least one of the following applies:

  • processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract 
  • processing is necessary for compliance with a legal obligation to which the controller is subject
  • processing is necessary for the purposes of the legitimate interests pursued by the controller 

The following table shows all the possible cases where we may ask for your data:

 

Your role

Where you enter your data

Data types and Addressees

Purpose(s) of data use and lawfulness

How long your data will be stored

How to take back your consent

Requesting for more info through our web page 

The 'Contact us' subpage of our website

Name, email address

CEO and Ops

We will send you an email to answer your question (GDPR Article 6. (1) a)

Until withdrawal of consent

You can reply to our email or call and indicate that you want to be removed from our list

Signing up to Benchmark.games apps

Play.Benchmark.games subsites created for the specific hiring campaign

Named case: Name, Email, phone number; All cases: browser and usage data, personal behaviour

_______

CEO, Ops

Completing registration, system emails in connection with app use, evaluation and giving feedback (contract fulfillment)

(GDPR Article 6. (1) a) and b)

Non-anonymised data: 5 years or

until withdrawal of consent. Anonymised data:5 years. 

Withdrawal means hard delete from app that you can ask for through email

You subscribed to Benchmark.games news letter 

You have subscribed to our newsletter 

Name, email address

CEO, Ops

We will send you our newsletter through email.

(GDPR Article 6. (1) a)

As long as you are a subscriber

You will find the option to unsubscribe at the footer of every newsletter

Your visit our website or apps

Hotjar, Hubspot, Google Analytics, Facebook

Info collected by cookies (browser and usage data)

__________

CEO, Ops

Our goal is to improve the usability of our website based on statistics.

(GDPR Article 6. (1) a)

5 years

You must provide your consent at the first visit of the website, which can not be withdrawn, so you can delete the installed cookies at any time from your browser.

You are a legal representative of a partner we contract with

Personally

Personal data of legal representative

__________

CEO, Ops

(GDPR Article 6. (1) b) and c)

5 years from the conclusion of the contract

Withdrawal of consent is not possible.

You are a contact person of a partner we contract with

Personally

Personal data of contact person

__________

CEO, Ops

(GDPR Article 6. (1) a)

5 years from the conclusion of the contract

You can withdraw your consent.

 

In any case we wish to use your personal data for any other purpose than the original request, we will talk to you first.

3. Data management mode

Personal information is not transmitted outside the European Union. In addition, profiling for commercial purposes, collection of special data, or the processing of personal data of children under the age of 18 do not take place.

3.1. What happens to my data when I sign a contract?

In all cases, your data will be processed according to our principles and will be used solely to perform the contract or to fulfill legal obligations. The contracts are stored in closed folders.

3.2. What happens to my data in other cases?

Benchmark.games app

The purpose of data management is to provide a test-based gaming competence tester for candidates to participate in a potential selection process. During the period of use, one or more games can be played by those involved in the assessment of their competencies. These game results are stored on the DigitalOcean server leased by Benchmark.games, which can be downloaded from a link. This link will be sent to the company's contact person or the person who performed the game by e-mail on request.

Contact us and ‘I’m interested’

If you have a question, then we will ask for your name and email address so that we can contact you with the resources or support your request. Your name and email address will be stored for two years, which means the operation of an online database that is only accessible to us. In any case, we will not forward or sell your personal data to third parties and it will not be published anywhere. Also, it's important to know that we do not automatically subscribe you to our newsletter. To unsubscribe you can email us that you do not want to receive more messages from us. 

4. Rights of the data subject

4.1. What are the rights to access my personal information?

Right of prior information

Before requesting data, we ensure to communicate accurate information to you on what the purpose of the data collection is and how it is processed, such as who can access it.

On our webpage, we visibly display an outline that highlight what we will use personal information for.

Right of withdrawal of consent

You are entitled to withdraw your consent for us to manage your data at any time.

If you do not wish to receive news from us, you can unsubscribe at any time by clicking the 'Unsubscribe' button at the bottom of the newsletter. If you do not want to receive any more emails from us, you can easily reply to us by email.

Right of access

Users have the right to know about the personal information of their given organization and information about the management of the organization, and to inquire about what information is kept by an organization at any time.

Through our contacts you can send this request to Benchmark.games.

Right to data portability

The data subject shall have the right to receive the personal data that the data controllers have, and if technically possible, able to request the data to be forwarded to another data controller. 

Through our contacts you can send this request to Benchmark.games.

Right to rectification

The data subject may request to correct inaccurate information from data controller without undue delay.

Through our contacts you can send this request to Benchmark.games.

The right to restriction of processing

The user has the right to request that the data controller stops processing his/her data if:

-           the user disputes the accuracy of the personal data

-          the data handling is illegal, and the user is opposed to the deletion of the data

-          the data controller no longer needs personal data, but the user requires them   to enforce legal claims

Through our contacts you can send this request to Benchmark.games.

Right to object

The user has the right to object to the processing of his or her personal data for any reason relating to personal reasons if they are processed in the interest of the data controller or his public authority.

Through our contacts you can send this request to Benchmark.games.

Right to erasure

The user has the right to request that data controller without delays, delete personal data if:

  •  personal data is no longer needed for the purpose from which they were

collected

  • the user withdraws the consent of the data controller and does not have any other legal grounds for data processing
  • the user objects to the processing of his/her data because there was no prior legitimate reason for data handling
  •  the personal data was unlawfully processed

Deletion means hard delete.

If you receive an email from us through either the newsletter or any of the other ways detailed above and unsubscribe or do not request for more emails, your name and email address will be deleted immediately from our database. (hard delete)

Through our contacts you can send this request to Benchmark.games.

Right to be forgotten

If the data controller has disclosed personal data and is obliged to delete it for some reason, he takes technical measures to take into account the available technology and the costs of implementation to inform other data controllers that the person concerned has made such a request. The other data controller is typically a search engine operator who has access to handle the personal data if requested.

Benchmark.games does not disclose any personal data.

Right to complain

Through our contacts you can send this request to Benchmark.games.

4.2. Where can I enforce my rights?

Benchmark.games seeks to maximize your rights and prioritize any questions or requests about our data management practices.

Data protection issues are dealt by the Hungarian National Data Protection and Information Freedom Authority, based on paragraph 22 of the GDPR definition.

Hungarian National Data Protection and Information Freedom Authority

Postal address:

1530 Budapest, Pf.: 5.

Address:

1125 Budapest, Szilágyi Erzsébet fasor 22/c

Phone:

+36 (1) 391-1400

Fax:

+36 (1) 391-1410

E-mail:

ugyfelszolgalat@naih.hu

URL:

http://naih.hu

 

5. Data transfer

5.1.To whom are my personal information transmitted?

Benchmark.games is considered to be a data controller for its own operations, but the consent of the customer for the processing of personal data required for access to the service by third-party subscribers is the responsibility of the customer, and is therefore considered to be Benchmark.games data processor.

During data management we use data processors operating or running services inside the European Union. As a data controller, Benchmark.games collects and manages the data in its own name and purpose, while its data processors carry out data processing operations based on the instructions and instructions of Benchmark.games.

We are constantly updating the range of data processors in the data management register, in the data processing register or in connection with them, we provide detailed information in the privacy policy.

Most relevant data processors:

Accountant:

In order to be compliant with national legal obligations, we have to forward the invoices (with personal information on it) to our bookkeeper. We shall forward the contracts, too, if necessary. Our bookkeeper is subject to the ‘Data Processor Agreement’ established during our preparation for GDPR. 

Hubspot Inc.

Headquarter:

25 First Street, 2nd Floor, Cambridge, MA 02141 USA

Hubspot stores the names and email addresses of subscribers who are signing up to the newsletter as well as any other person seeking us. The Hubspot helps us generate our websites.

During our preparation for GDPR, we secured that Hubspot guarantees the protection of personal data at least at the European level in accordance with the Regulation and has prepared all its products accordingly. You can read more about Hubspot's relevant service and the GDPR guarantee by clicking the links below:

https://www.hubspot.com/data-privacy/gdpr/product-readiness

Google LLC. 

Headquarter: Mountain View, California, USA

During our preparation for GDPR, we secured that Google guarantees the protection of personal data at least at the European level in accordance with the Regulation and has prepared all its products accordingly. You can read more about Google's relevant service and the GDPR guarantee by clicking the links below:

https://gsuite.google.com/faq/security/ 

Tresorit AG 

Headquarter: Minervastrasse 3, 8032 Zurich, Switzerland

During our preparation for GDPR, we secured that Tresorit guarantees the protection of personal data at least at the European level in accordance with the Regulation and has prepared all its products accordingly. You can read more about Tresorit's relevant service and the GDPR guarantee by clicking the links below:

https://tresorit.com/legal/privacy-policy

Digital Ocean, LLC. (server)

Headquarter: 101 6th Avenue, New York, US (server in: Frankfurt, Germany, EU)

During our preparation for GDPR, we secured that Digital Ocean guarantees the protection of personal data at least at the European level in accordance with the Regulation and has prepared all its products accordingly. You can read more about Digital Ocean's relevant service and the GDPR guarantee by clicking the links below:

https://www.digitalocean.com/legal/privacy-policy/  

6. Cookies

6.1. Do you use cookies on your website or app?

A cookie is a piece of information that a visited web site sends to a visitor's browser (in the form of a variable name value) to store it and later to load the same website. Visitors to the website and the app should be informed about the use of cookies on the website and their consent should be requested.

Website

During visits to our website, we send one or more cookies (a small file containing a string of characters) to the visitor's computer, which will allow its browser to be uniquely identified. These cookies are provided by Google through Benchmark.games and Google Analytics. Google Analytics generates cookies through Google AdWords. These cookies will only be sent to the visitor's computer by visiting certain subpages—only the actual time to visit that subpage will be stored.

Google uses these cookies for statistical purposes when a user has previously visited the advertiser's websites.

The cookies used are:

  • Analytics, tracking cookie (Google)
  • Site tracking (Google)
  • Hotjar
  • Hubspot
  • Facebook

More information on Google Analytics cookies:

https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage.

Accepting and authorizing the use of cookies is optional. Your browser settings can be  restored to reject all cookies or to indicate when a cookie is being sent. While most browsers automatically accept cookies as a default, they can generally be changed to prevent automatic acceptance and offer the option of choosing each time.

6.2. How do I set up cookies? 

 The "Help" feature in most of the browser's menu bar provides you with instructions:

  • how to disable cookies,
  • how to accept new cookies,
  • how to instruct your browser to set a new cookie or
  • how to turn off other cookies.

You can find the cookie settings for the most popular browsers at the links below:


However, we would like to point out that some site features or services may not work properly without cookies.

7. Children

 

Are there any provisions related to age restrictions?

Age-related restrictions on the conclusion of a contract are in accordance with the provisions of the Hungarian Civil Code.

Any use of the Benchmark.games apps is permitted only to persons who have reached the age of 18. By registering with the Application, the user acknowledges that he / she has reached the age of 18 but Benchmark.games is not obliged to examine it and is not entitled to request any official document in this respect.

However, in order to protect children's rights, if Benchmark.games becomes aware that the user does not comply with the above requirement, he / she is entitled to immediately delete the user's rights and account and the content shared by the user. 

8. Security management and measures

Benchmark.games ensures that the processing of personal data is in accordance with the rights, interests and data protection regulations of those concerned will be supported by the following technical actions and regulations:

8.1. What privacy policies are in force in the operation of Benchmark.games?
  • Creation of data register, in standard with the regulations
  • More detailed internal data protection and data management rules, with a clear definition about accessibility
  • Elaborate a process to define the steps to be taken whenever security or data protection incident occur
  • Security Polic(ie)s
8.2.  What steps are being taken to ensure security?

The followings are applied (as a minimum):

Privacy trainings

 

Backup copies

Password protected wifi 

 

Document Shredder

Firewall

 

Username and password protected laptops

Lockable file cabinet

 

Mobile devices protected with password or biometric identified

Antivirus

 

Audit

Data storage only available for defined user groups

   

 

Encryption

All the personal data sent through the subpage ‘Contact us’ or the Benchmark.games apps, is transmitted via a https (TLS cryptographic protocol) channel between the user's browser and the cloud service provider.

Encrypting end-of-life databases is encrypted using security keys ('Industry standard AES-256 encryption algorithm').

Security incidents

Benchmark.games maintains a policy and procedure for information security and privacy incidents that include initial response, investigation, notification and/or public disclosure. These guidelines are regularly reviewed and tested annually.

In the event of information security and/or privacy incidents, we will immediately notify the affected users with appropriate security measures and without delay and, if possible, 72 hours after the privacy incident has come to our attention, to the competent authority. Our procedure is in line with our GDPR obligations and industry standards. We are committed to constantly informing you about issues that are relevant to the security of your account and provide you with all the information you need.

9. Changes to the Privacy Policy

The Privacy Policy may be amended unilaterally by Benchmark.games but will notify the users. Any modification is valid only if it complies with applicable legislation.

Copyright © 2018 Benchmark Games, Inc. All Rights Reserved.