This Privacy Policy describes how your personal information is collected, used, and shared when you visit www.cryengine.com.
The controller of this Site in terms of the General Data Protection Regulation ("GDPR") is:
Crytek GmbH, Hugo-Junkers-Strasse 3, 60386 Frankfurt am Main, Germany, info@crytek.com - Managing Director: Avni Yerli
DPO
Crytek GmbH, Hugo-Junkers-Strasse 3, 60386 Frankfurt am Main, Germany
privacy@crytek.com
In terms of Art. 4 No. 1 GDPR Personal data includes any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
To simplify this information, we group the following data into a definition. When we name the definition below, we refer to this group of data attributes.
“Device information”:
“Order information”:
“Personal Information”:
When we talk about "Personal Information" in this Privacy Policy, we are talking both about Device Information and Order Information.
Crytek collects data as follows when a user visits this site. We collect the following data which can be assessed as being personal data:
We use the device Information that we collect to help us screen for potential risk and fraud (in particular, your IP address), and more generally to improve and optimize our Site (for example to identify malfunctions of the website and to analyze how our customers browse and interact with the site). We regard those interests as legitimate interest under Art. 6 (1) lit. f GDPR since it is in our and the interest of the visitors of our site that this site is safe.
“Cookies” are data files that are placed on your device or computer by your browser and often include an anonymous unique identifier. These cookies are used to temporarily store information during your visit ("session") to our website and to read it during the course of your visit or when you return later. We distinguish between technically necessary cookies and other cookies (which are set for marketing purposes, for example).
We process technically necessary cookies on the basis of our legitimate interest under Art. 6 (1) lit. f GDPR to ensure the functionality of the website. All other cookies are processed. We only process all other cookies after you have given your consent (GDPR Art. 6 (1) lit. a), which you can give via a cookie banner when you visit our website.
For more information about cookies, and how to object enable cookies, visit Cookie Policy page.
When you subscribe to our Cryengine newsletter you give your consent to receive our newsletter with information to Cryengine, our products and services and that your email address will be stored for this purpose. We process the following data for this processing activity:
After submitting your email address, you will receive a confirmation email with a link which has to be clicked in order to confirm your subscription. Only after such confirmation you will receive our newsletter, which will be sent out from time to time. Your email address will only be used for this purpose.
You are entitled to withdraw your consent at any time without any reason by clicking at a respective “unsubscribe" link included in each newsletter.
We use MailChimp a service of Rocket Science Group LCC, 675 Ponce De Leon Ave NE Ste 5000 Atlanta, GA, USA to send our newsletter when you sign up for a newsletter subscription. For this purpose, we have concluded a data processing agreement with Rocket Science Group LCC. You can review MailChimp's privacy policy at mailchimp.com/legal/privacy. Rocket Science Group LCC is certified under the EU-U.S. Privacy Framework and the Swiss-U.S. Privacy Framework.
The legal basis for the use of personal data with regard to send you newsletter(s) is Art. 6 (1) lit (a) GDPR as you have given us your consent.
If you want to actively use Cryengine, you must create a Cryengine account. In this case, we process your personal data for various purposes. The following provides you with an overview of these processing operations.
When a user chooses to sign up and log in to the CRYENGINE platform and additional services & when a user licenses and downloads CRYTEK’s CRYENGINE Launcher and Game Development software (CRYENGINE Editor)
When a user opts in for Marketing Support on the Game Registration Form, through the Showcase Thread on the CRYENGINE.com forums or a verbal or written agreement is made where the user requests or agrees to marketing support outside of these channels, we might share the provided material on our Social Media- and community channels; namely CRYENGINE Twitter, CRYENGINE Facebook, CRYENGINE Community Discord and Newsletter.
Please note that you take the initiative to use the services offered and that data in the user account is therefore only actively processed if you have initiated this. Since the Cryengine user account essentially serves to support services that are used within the framework of a contract, we consider the data processing for the user account to be necessary for the fulfilment of a contract or for the implementation of pre-contractual measures. Therefore, the legal basis for all described processing is GDPR Art. 6 para. 1 lit. b.
Within the user account Google reCaptcha is used to confirm the authenticity during registration, resend activation, login, password reset and within the contact form. With this service, we try to detect and fend off attacks on our services by machines.
When the Google service is accessed, the "Device information" described in the "Web server log files" section are processed.
We consider it to be in our legitimate interest to use the services to prevent damage to our website and our servers. The legal basis for the use of Google ReCaptcha is therefore GDPR Art. 6 para. 1 lit. f).
The data recipient in terms of Google reCaptcha is:
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
as data processor. For this purpose, we have concluded a contract with Google. Google LLC, headquartered in California, USA, and, if applicable, US authorities can access the data stored at Google. Google is certified under the EU-U.S. Privacy Framework and the Swiss-U.S. Privacy Framework.
A transfer of data to the USA cannot be excluded.
For more information about Google services terms of use and Google's privacy policy, please visit:
We use MTCaptcha to confirm the authenticity of the user during registration, resend activation, login, password reset and within the contact form. With this service, we try to detect and fend off attacks on our services by machines.
When the MTCaptcha service is accessed, the "Device information" described in the definitions section are processed.
We consider it to be in our legitimate interest to use this service to prevent damage to our website and our servers. The legal basis for the use of MTCaptcha is therefore GDPR Art. 6 para. 1 lit. f).
The data recipient in terms of MTCaptcha is:
Sun Spray Technologies LLC, 2254 Mora Pl #202, Mountain View, CA 94040, USA
as data processor.
For this purpose, we have concluded a data processing agreement with Sun Spray Technologies. In addition, any transfer of personal data is covered by the European Union's standard contractual clauses.
How we use Order information
Crytek will not transmit your personal data to third parties unless it is necessary according to the law or in order to fulfil your contract.
The order information gathered from you is gathered as it is necessary to fulfil our contract(s) with you. The legal basis is the fulfilment of the contractual obligations (Art. 6 (1) lit. b GDPR).
If you order a product/service your email address may also be used in order to contact you in the case of future deals/sales, in the form of emails/newsletters, and is a legitimate interest under Art. 6 (1) lit. f GDPR. You are entitled to object against the usage of your data for advertisement purposes at any time by sending an email to privacy@crytek.com.
Order information may be used to screen incoming orders for the potential risk of fraud, as a legitimate interest under Art. 6 (1) lit. f GDPR.
We use components (videos) of the company YouTube, LLC 901 Cherry Ave, 94066 San Bruno, CA, USA (hereinafter: "YouTube"), a company of Google Inc, Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter: "Google"), on our websites on the basis of consent pursuant to Art. 6 (1) lit. a DSGVO.
Before you can view a YouTube video on our site, you will be asked for your consent. By clicking on "PLAY VIDEO", you consent to the data processing and to the setting of cookies. After the consent, a connection to the YouTube servers will be established and in the process the content will be displayed on the website by notifying your browser. In addition, a cookie is stored on your computer.
We use the "enhanced privacy mode" option provided by YouTube. According to the information provided by YouTube, in "extended data protection mode" your data - in particular which of our Internet pages you have visited as well as device-specific information including the IP address - is only transmitted to the YouTube server in the USA when you watch the video. By calling up the video, you consent to this transmission.
If you are logged in to YouTube at the same time, this information will be assigned to your YouTube member account. You can prevent this by logging out of your member account before visiting our website.
When you continue to view this or other videos, you must consent to the processing of the data again in each case. You can delete the cookie generated by youtube-nocookie.com via your browser setting under "Privacy and security".
Crytek GmbH has no influence on the type and scope of the data processed by Google, the type of processing and use or the transfer of this data to third parties. Nor does it have any effective control options in this respect.
Further information on data protection in connection with YouTube can be found in Google's Privacy Policy.
Videos from the video portal Vimeo are integrated on our website. This is operated by Vimeo.com, Inc, 330 West 34th Street, New York, New York 10001, USA. When a Vimeo video is played, connections to Vimeo servers are established and personal data is transmitted. The transmitted data includes IP addresses, technical information about the browser type, operating system or very basic device information. Vimeo also stores information about which website the Vimeo service is used on, and which actions (web activities) are carried out on the website. These web activities include, for example, session duration, bounce rate or which button the user has clicked on. Vimeo can track and store these actions with the help of cookies and similar technologies. If you are logged in to Vimeo as a member, Vimeo assigns this information to your personal user account. When you click on the start button of a video, this information can also be assigned to an existing user account. You can prevent this assignment by logging out of your Vimeo user account before using our website and deleting the corresponding cookies from Vimeo.
We need your consent to play the videos. You can give us this consent via our consent banner when you visit our website, or you can access it via our Cookie policy. Alternatively, you can give your consent directly before calling up the video via the preceding dialog. The legal basis for data processing is therefore consent (GDPR Art. 6 para. 1 lit. a).
As Vimeo is headquartered in New York (USA) and the data is transmitted to Vimeo servers, we have no further access to your personal data after you have given your consent. Vimeo's services are offered worldwide. The company uses computer systems, databases and servers in the USA and other countries. In relation to us Vimeo acts as a data processor within the meaning of the GDPR. We have entered into a data processing agreement with Vimeo. In addition, any transfer of personal data is covered by the European Union's standard contractual clauses. Vimeo.com, Inc. is certified under the EU-U.S. Privacy Framework and the Swiss-U.S. Privacy Framework.
Information on data protection at Vimeo can be found at https://vimeo.com/privacy.
Sound files from the online music service SoundCloud are integrated on our website. This is operated by SoundCloud Global Limited & Co. KG, Rheinsberger Str. 76/77 10115 Berlin, Germany. When a sound file is played, connections to SoundCloud servers are established and personal data is transmitted. The transmitted data includes IP addresses, technical information about the browser type, the operating system or very simple device information. SoundCloud also stores information about which website the SoundCloud service is used on and which actions (web activities) are carried out on the website. These web activities include, for example, the session duration, the bounce rate or which button the user clicked on. SoundCloud can track and store these actions with the help of cookies and similar technologies. If you are logged in to SoundCloud as a member, SoundCloud assigns this information to your personal user account. If you click on the start button of a sound, this information can also be assigned to an existing user account. You can prevent this assignment by logging out of your SoundCloud user account before using our website and deleting the corresponding cookies from SoundCloud.
We need your consent to play the sounds. You can give us this consent via our consent banner when you visit our website, or you can access it via our Cookie policy. Alternatively, you can give your consent directly before calling up the sound via the preceding dialog. The legal basis for data processing is therefore consent (GDPR Art. 6 para. 1 lit. a).
As SoundCloud is headquartered in Berlin (Germany) the processing takes place within the applicable law of the GDPR. Information on data protection at SoundCloud can be found at https://soundcloud.com/pages/privacy.
On our website you will find (animated) 3D graphics from SketchFab. These are operated by Sketchfab, Inc, 440 9th Ave, Suite 1700 New York, NY 10001, USA. When a SketchFab 3D graphic is loaded, connections to servers are established and personal data is transmitted. The transmitted data includes IP addresses, technical information about the browser type, operating system or very basic device information. SketchFab also stores information about which website the SketchFab service is used on, and which actions (web activities) are carried out on the website. These web activities include, for example, session duration, bounce rate or which button the user has clicked on. SketchFab can track and store these actions with the help of cookies and similar technologies. If you are logged in to SketchFab as a member, SketchFab may assign this information to your personal user account. You can prevent this assignment by logging out of your SketchFab user account before using our website and deleting the corresponding cookies from SketchFab.
We need your consent to show the 3D graphics. You can give us this consent via our consent banner when you visit our website, or you can access it via our Cookie policy. Alternatively, you can give your consent directly before calling up the 3D graphic via the preceding dialog. The legal basis for data processing is therefore consent (GDPR Art. 6 para. 1 lit. a).
As SketchFab Inc. is headquartered in New York (USA) and the data is transmitted to SketchFab servers, we have no further access to your personal data after you have given your consent. SketchFab services are offered worldwide. The company uses computer systems, databases and servers in the USA and other countries.
Information on data protection at SketchFab can be found at https://sketchfab.com/privacy.
For the analysis of the traffic on our website we use Google Analytics.
When you visit our website for the first time, you will be asked to accept or reject cookies for web analysis. If you have given your consent, this website uses Google Analytics, a web analysis service of Google LLC. The responsible service provider in the EU is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google").
Google Analytics uses cookies that enable an analysis of your use of our website. The information collected by the cookies about your use of this website is usually transferred to a Google server in the USA and stored.
We use the function 'anonymizeIP' (so-called IP-Masking): Due to the activation of IP-anonymization on this website, your IP-address will be shortened by Google within member states of the European Union or in other signatory states of the Agreement on the European Economic Area. Only in exceptional cases the full IP address will be transferred to a Google server in the USA and shortened there. The IP address transmitted by your browser within the framework of Google Analytics is not merged with other data from Google.
During your website visit the following data will be collected:
On behalf of the operator of this website, Google will use this information to evaluate your pseudonymous use of the website and to compile reports on website activity. The reports provided by Google Analytics serve to analyze the performance of our website and the success of our marketing campaigns.
The data recipient is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland as data processor. For this purpose, we have concluded a contract with Google. Google LLC, headquartered in California, USA, and, if applicable, US authorities can access the data stored at Google. Google is certified under the EU-U.S. Privacy Framework and the Swiss-U.S. Privacy Framework.
A transfer of data to the USA cannot be excluded.
The data sent by us and linked to cookies is automatically deleted after 14 months. Data is automatically deleted once a month as soon as the storage period is reached.
You can prevent the collection of data generated by the cookie and related to your use of the WebSite (including your IP address) to Google and the processing of this data by Google by
By setting your browser software accordingly you can also prevent the storage of cookies. If your browser is set to refuse all cookies, the functionality of this and other websites may be limited.
Your consent is the legal basis for this data processing, Art.6 para.1 S.1 lit. a GDPR. You can withdraw your consent at any time with effect for the future by changing your selection in the cookie settings Customize privacy preferences.
For more information about Google Analytics terms of use and Google's privacy policy, please visit Google Analytics Terms of Service and Google Privacy & Terms.
We offer technical customer support for the use of CRYENGINE or this website. In this case, we process your personal data for various purposes. The following provides you with an overview of these processing operations.
Additional Hardware and software information helps us to recreate the technical issues reported by the user to provide you in depth technical support e.g. in the case of a crash or error and respond to inquiries.
This processing activity is necessary for the performance of a contract or in order to take steps prior to entering into a contract. Therefore, the legal basis for all described processing is GDPR Art. 6 para. 1 lit. b.
Users and other interested parties can contact us via our contact form or by email. The contact form provides fields to enter information such as Name, Email, Phone. Similar information can also be transmitted if you send us an e-mail. Such information is used to process the respective inquiry and to get in contact with you. The legal basis hereto is Art. 6 (1) lit. a GDPR since you consent to such processing by submitting you request/message.
Furthermore, we allow users to submit additional free form information in the following formats:
On all CRYENGINE community platforms, users have the opportunity to contribute content that will be reviewed and processed to interact with, support and engage the community. Additionally, we review content to make sure it adheres to our rules and Terms of Service; and store content in case we have to follow up with a user complaint about harassment or legal issues until the investigation and ruling have been carried out. This user generated content will be stored until removal is requested; in case of legal issues with content we might be obliged to store content for investigation even if the user requests removal. The legal basis for this processing activity is our legitimate interest (GDPR Art. 6 para.1 S.1 lit. f)).
We have already named the recipients of data processing in the description of the individual processing activities. Essentially, these are the internal offices at Crytek, but also service providers that we use. In addition to the recipients mentioned above, there are also the following recipients:
Our services are hosted by our hosting provider:
LeaseWeb Deutschland GmbH, Kleyerstraße 75-87, 60326 Frankfurt am Main - https://www.leaseweb.com/legal
Any service providers that come in contact with your personal data are required to comply with the same relevant data protection regulations. Upon request we may provide copies of relevant contract unless it is prohibited by contractual obligations and/or applicable law.
As listed in detail above in the description of the individual processing activities, data transfers are made to the following international organizations:
When a user opts in for Marketing Support on the Game Registration Form, through the Showcase Thread on the CRYENGINE.com forums or a verbal or written agreement is made where the user requests or agrees to marketing support outside of these channels, we might share the provided material on our Social Media- and community channels; namely CRYENGINE Twitter, CRYENGINE Facebook, CRYENGINE Community Discord and Newsletter.
If you have given us your consent, we will process and store the data until you withdraw your consent or ask us to delete the data.
If no statutory retention periods are specified and the processing is not based on consent, we have defined retention periods that are based on the respective purpose of the data processing or have been recommended by supervisory authorities.
The following retention periods are defined:
Visits to social media portals and websites can be used to collect information about you and add it to an advertising profile. As a result, you may be shown advertisements that match your surfing behaviour. Even if we do not use advertisements on our website, we would like to inform you, how you can opt out of targeted advertising by using the links below and in your cookie preferences:
Google: https://www.google.com/settings/ads/anonymous
Bing: https://advertise.bingads.microsoft.com/en-us/resources/policies/personalized-ads
Additionally, you can opt out of some of these services by visiting the Digital Advertising Alliance's opt-out portal at: http://optout.aboutads.info/ .
Please note that we do not alter our Site's data collection and use practices when we see a Do Not Track signal from your browser.
At any time, you have the right to:
The Hessian Commissioner for Data Protection and Freedom of Information
P.O. Box 3163
65021 Wiesbaden
Germany
Telephone: +49 611 1408 - 0
Fax: +49 611 1408 - 900
E-mail: poststelle@datenschutz.hessen.de
To contact us about any of the foregoing rights, please send us an email to privacy@crytek.com.
In case of a confidential request, please email our Data Protection Officer directly: dpo@crytek.com.
If you object, restrict, or otherwise refuse the processing of your personal data mentioned above and/or ask us for a deletion, you might not be able to continue to use our services.
Please also note that in certain cases we must comply with defined retention period (see above).
All user data is stored on secure servers protected by firewalls and antivirus software.
We have implemented technical and organizational measures intended to protect the security and confidentiality of your Data against any accidental loss and any unauthorized access, use, modification or disclosure.
We may update this privacy policy from time to time in order to reflect, for example, changes to our practices or for other operational, legal or regulatory reasons.
The Site is not intended for individuals under the age of 18.
For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by email at privacy@crytek.com.