Privacy Policy
Your data is yours. We are a non-profit association and selling your data is not what we do, ever. There is a certain minimum amount of information that we need to know about our members in order to provide our services.
Data privacy is a non-trivial thing to maintain in a volunteer organization and we regularly review our practices to stay accountable and worthy of your trust in us!
​
To view or edit your personal membership data, you need to sign in on our webpages: www.wlovegames.org
Privacy Policy (23/11/2022)
​
1. Registry holder
W Love Games ry
​
2. Data protection officer
Natasha Skult, natasha@wlovegames.org
​
3. Registry name
W Love Games ry member and visitor registry
​
4. Purpose and justification of personal data handling
Personal information will only be handled to:
-
Fulfill legal requirements (informing about yearly association meetings etc.)
-
Manage membership lifecycle (payment processing, data updates, etc.)
-
Deliver membership services (inform about events, provide discounts, etc.)
-
Compile anonymised usage data (total number of members etc.)
​
5. Registry contents
The access to the registry has the Board of Directors of W Love Games.
Full name: First and last name for general communication
Email: Email for general communication
Country: In case it is required for the payment processing
MembershipType: Type of active membership
LastRenewed: Date and time of last membership renewal
Token: Personal security token
Expiration date: Last valid month of membership
Note: we never store your payment information!
Additionally we have separate records for event attendance which are fully anonymous if your visitor details are deleted.
6. Data sources
Personal information is only added or updated in the registry by the person themselves.
​
7. Passing data to 3rd parties
General Data Protection Regulation will still apply to your personal information - always.
​
8. Passing or storing data outside of EU or ETA
We do our best to physically maintain all information records inside EU at all times. However due to the nature of global networking some data may temporarily pass through or get served from international data centres, for example for credit card payment processing. In these events we limit any personal information to the absolute minimum needed to complete the request and will always use industry standard encryption and GDPR compliant partners.
​
9. Data processing partners and data flow
All of our registry data and affiliated personal data is stored using Google EU regions or in Google's G Suite for Business in our proprietary data formats without unauthorized access.
Additionally we routinely use the following services that require their own subsets of our registry:
-
MailChimp (email lists - we only send email addresses with no first or last names and you can opt-out at any time)
-
Eventbrite (private event invites - we do not import or retain data from their systems)
-
WIX (this website - we have a public list of affiliates on the site)
10. Data protection
Personal information is handled confidentially. W Love Games’ IT systems and networking are secured with industry standard security and best practices, like tiered permission structures, strong passwords, data encapsulation and encryption. We only select partners with a good reputation for data security and GDPR compliance.
​
11. Data storage, retention and deletion
We store our data either in a secure database or encrypted documents on trusted providers. By default we never delete our internal discussion logs (like emails or slack messages) because they provide a paper trail of accountability. These logs may reference subsets of personal data (for example when passing a customer support request to another volunteer).
​
Access to personal data is controlled with tiered permissions granted only to association board members who need access to improve our services. The main database has nightly backups with 30 day retention policy for old backups.
​
When memberships expire we still keep your account active in our system for easy renewals. For complete deletion or anonymisation please contact Data protection officer.