Privacy Policy of Bacon’s SCP Verse
Introduction
Bacon’s SCP Verse (referred to as “The SCP Verse” or “We” or “Our organization”), operates as a subsidiary brand of Harmony Holdings (referred to as “Harmony” or “Holder”), which is part of Huugeli Network Group (referred to as “The Network Group”). We are deeply committed to safeguarding your privacy. This Privacy Policy delineates our practices regarding the collection, utilization, and protection of your personal data, ensuring compliance with Finnish national law, EU regulations, the General Data Protection Regulation (GDPR).
1. Basic Information about Your Service
- Service Name: Bacon’s SCP Verse
- Nature of Service: We are a Roblox game development studio offering a variety of services, including web-based platforms to manage user information and privileges, multiple interactive Roblox games, and Discord-based community chat servers.
- Target Audience: Our services are primarily designed for users aged 14-25. We do not cater to children under 13. Minors aged 13-18 are required to obtain parental consent to use our services.
- Geographical Reach: Our services are mainly available to customers in the European Union, the European Economic Area, the United Kingdom, the United States, and Canada.
2. Data Collection
Types of Data Collected:
We collect various types of personal data, including first names, usernames, and email addresses. Users in positions of authority may also be required to provide their full legal names and phone numbers for direct contact and legal documentation purposes.
We do not collect any sensitive data. All payment transactions are handled by our partners, and we do not have access to any financial information.
Data Collection Methods:
Personal data is collected via forms on our website, through our Discord bot, via cookies, and through third-party services.
We employ automated data collection methods to streamline and enhance our services.
3. Legal Basis for Processing Data
Legal Basis:
Our processing of personal data is based on user consent, the necessity to fulfill contractual obligations, compliance with legal requirements, and our legitimate interests.
Consent Mechanisms:
User consent is obtained through explicit consent forms presented on our web services. For services provided by our partners, users must consent according to the specific guidelines and policies of each partner.
We do not provide services to users under the age of 13.
4. Use of Data
Purpose of Data Use:
The personal data we collect is utilized for purposes such as analytics to improve our services and ensuring the safety of our user community.
Data Sharing:
We do not share personal data with any third-party entities.
5. Data Storage and Security
Data Retention:
Personal data is retained for a period of five years following the commencement of user inactivity.
The retention period is determined based on factors such as the need to ensure the safety of other users on our platforms and the requirements of our analytical processes.
Security Measures:
We implement robust security measures to protect personal data, including comprehensive staff training on data protection laws and safe data handling practices. Our cybersecurity protocols are rigorous, and all staff members with access to personal data are bound by non-disclosure agreements (NDAs).
6. User Rights
GDPR Rights:
Users can exercise their rights under GDPR, including the rights to access, rectify, erase, and restrict the processing of their personal data, by contacting the data registry holders within our organization.
Parents can manage their children’s data by contacting the data registry holders as well.
7. International Data Transfers
Data Transfers:
We may transfer data between our staff located in Finland, the United Kingdom, and the United States. These transfers are conducted manually to ensure maximum security.
We employ secure encryption methods and multi-level authentication processes to safeguard these international data transfers.
8. Third-Party Services
Third-Party Services:
We utilize several third-party services for data processing and storage, including Shellit.org (Multim Oy) for hosting services, Snowflake for analytics and additional hosting, Heroku for hosting, Deepnote for analytics monitoring, Google services for internal documentation, Trello (Atlassian) for project management, and Auth0 by Okta for user authentication.
9. Cookies and Tracking Technologies
Cookies:
We use various types of cookies, including session-only cookies, persistent cookies, and third-party cookies. The third-party cookie from Auth0 is used to verify user identity when interacting with our web services.
Users can manage their cookie preferences through our cookie preferences widget available on our website.
10. Changes to the Privacy Policy
Policy Updates:
We notify registered users of any updates to our privacy policy via email. Our privacy policy is also versioned to keep track of changes over time.
11. Contact Information
Contact Details:
For any questions or concerns regarding our privacy policy, users can contact Roosa Koskinen, Chief Operations Specialist, at PO Box 221, Hämeenkatu 21, 33200 TAMPERE SUOMI/FINLAND, or via email at roosa.koskinen@huugeli.net.
12. Dispute Resolution and Enforcement
Complaints and Dispute Resolution:
We handle disputes and complaints internally, but users may also contact the Office of the Finnish National Data Protection Ombudsman if issues remain unresolved after consultation with a representative of our organization.