This Data Privacy Statement applies for the offering and use of the “Random Dice Roller” and “Dice Roller” app (hereinafter referred to as “Table Top Gamers or Application”), which is provided to you by Howard Software Ltd, 44 Primrose Crescent (hereinafter referred to as “we” ,“us” or “application” ) for use on your mobile device and/or tablets.

When using Tabletop Gamers Applications, personal data will be collected, processed and used by Tabletop Gamers for improvements and marketing. The protection of your privacy when using Table Top Gamers Applications is important to us, we would like to inform you with the following information about what personal data we collect how we handle this data.

You can access this Data Privacy Statement at any time by going to the following link: http://dicerollerapp.com/legal/privacy

In accordance with the applicable data protection law, in particular the EU General Data Protection Regulation (GDPR). You can find our Find our Data Controller at http://dicerollerapp.com/legal.html

Should you have any questions or comments about data privacy when using our applications then, please feel free to contact us via email at support@dicerollerapp.com

“Personal data” is information, or parts thereof, by means of which you can be identified either directly (e.g. by your name) or indirectly by pseudonymised (e.g. by a unique ID). This Data Privacy Statement covers all personal data that is stored and processed by you when using our applications.

While using our applications in some cases, you will provide us with immediate access to the data (e.g. when creating a user account) and in some cases we will collect data automatically during the day to day usage of our application (e.g. in order to offer our services). We will use your data to perform the signup process this data is primarily for the calculation and payment of points acquired by you while using our applications and inform you about promotions and special offers via email. Other use of your data will only take place due to other statutory obligations or authorisation.

The legal basis for the processing of your data may be the following:

• Your consent to data use within the framework of our applications in accordance with Art. 6(1)(a) GDPR;
• The fulfilment of our service obligations resulting from the contract in regards to our applications, in order to provide you with the desired services, in accordance with Art. 6(1)(b) GDPR;
• Our legitimate interest in accordance with Art. 6(1)(f) GDPR;
• our commercial interests in the improvement of our services, so that we can better understand your needs and expectations and therefore improve our services for you;
• for the prevention of fraud and to guarantee that the use of our applications takes place completely and without fraudulent conduct and in accordance with the terms and conditions of use of our applications: We reserve the right to exclude certain users and their end devices from the services, in the event of impermissible use behaviour, without specifying the exact reason.
• in order to guarantee the security of our services and ensure that our offering (apps and web server) is technically safe and works properly;
• To secure and implement our contractual entitlements and claims.
• Legal bases in accordance with Art. 6(1)(c) GDPR, if the collection, storage, transfer or other processing of the data is legally prescribed or necessary for the processing, in order to fulfil our statutory obligations.

You have the right at any time to receive free information about the extent and content of the processing of your personal data by us. You also have the right to request from us the rectification, restriction of processing, or erasure of your personal data.

In the event of data privacy violations, you also have the right to lodge a complaint with the competent supervisory authority.

In order to use our apps to collect points or remove ads, you must register an account with us.

The use in marketing, we frequently send out a newsletter and other app related emails, you can opt out of our marketing any time by clicking the opt out button located in the email.

When using our applications, you first have to accept our terms and conditions of use (GTC) during the registration process and agree to the processing of your personal data by our application. For this purpose, you have to confirm the following declaration of consent by clicking on the “Signup” button by clicking the “skip” button we will collect no data from you, however the application will run in a limited capacity:

The withdrawal of your consent and the termination of the use of our application are possible at any time with future effect, and can be sent to us via email at support@dicerollerapp.com. In the event of withdrawal, your data will be erased from our databases; if an erasure is not possible; it will be blocked instead of erased. The collection of points will not be available after consent has been removed.

To be able to use all functions of our Application and in particular to benefit from the point payment system, you have to register a user account. The registration therefore serves to provide the services of our applications and calculate the points generated by you.

During the registration process, we will collect and store certain personal data about you for the setting up of the user account. This includes the following details:

• User name (nickname)
• Your email address (used for emailing of our newsletter)
• Password (this will be sent encrypted and only known by you; we cannot pick this out)
• Payment details (email address of a PayPal account or account details of other payment service providers that are supported by our applications

This information is necessary to be able to identify you so points can be allocated accordingly, without your corresponding details, you will only be able to use our applications to a limited extent, and in particular you may not be able to benefit from our points payments.

Your data will be sent encrypted via the SSL process and will therefore be safely transmitted. Passwords will be stored with SHA encryption in order to protect your data.

We also use the data from user actions such as number of dice for the calculation of the points, and level increases. The processing of this data takes place based on the consent granted by you (see above) and serves to perform the contract on the use of Tabletop Gamer applications by you.

In order to be able to identify you beyond any doubt during the use of Tabletop Gamers application and for the purpose of being able to allocate you for the the calculation of payment of the points, we store other data about the use of our applications on the end device used by you for this purpose. This includes the so-called Google Advertiser ID (“GAID” for Android) and the so-called Apple Identifier for Advertisers (“IDFA” for Apple iOS), the model and product name of your end device, the version of the operating system, the browser type used and its display resolution, as well as the IP address allocated to your end device and information about when which content from our offering was accessed.

The processing of this data takes place based on the consent granted by you (see above) and serves to perform the contract on the use of our applications by you. Our server automatically logs your IP address, this will take place solely for the purpose of guaranteeing the security of our systems, or for fraud prevention and the IP address will be automatically erased after 30 days of uninstall of our application.

In the contact section of the app, you can contact us via email using our contact form. Your email address will thereby be collected by us. You can decide yourself which data you provide to us within the framework of the contact.

In this case, we will only use your data to respond to your query.

We will only store your personal data for as long as we need it for the performance of the contract on the use of applications, for the fulfilment of your wishes, or for our legitimate interests for the purposes of which we have logged your personal data, or for as long as is permitted or required by law:

• For as long as you take part in the use of our applications, we will store and process your personal data for the duration of your use of our applications, until you end it or request that we erase your data;
• For as long as you set up a user account for our services, we will store and process your personal data for the duration of your use of our applications, until you terminate it or until you request that we erase your data;
• If you have agreed to the use of your email address for marketing purposes, we will store your email address within our mailing database until you deregister or request that we erase the data, or by the end of a period of inactivity (no interaction with us for a maximum duration of 18 months); you may also opt out of email marketing by clicking the opt out button found in the footer of the email.
• If you send us a query, we will process your personal data for the duration of the processing of your query.

When we no longer require your personal data, we will erase it from our systems and records, or anonymise it so that it can no longer be identified.

We can retain certain personal data in order to comply with our statutory and regulatory obligations, and to enable us to manage our rights (e.g. the assertion of our rights in court), or for statistical purposes.

The passing on of your personal data without your explicit prior permission will only take place in the following cases, in addition to the other cases named in this Data Privacy Statement:

• If necessary for the resolution of unlawful use or misuse of our applications or for prosecution, personal data will be passed on to the criminal prosecution authorities and, if necessary, to third parties who have been harmed. However, this will only take place if there are specific indications of unlawful conduct or misuse. We are also legally obliged to provide information to certain public bodies upon request. These are criminal prosecution authorities, authorities that pursue administrative offences punishable by a financial penalty, and the financial authorities.
• The forwarding to third parties bound to professional secrecy can only take place if this is necessary for the implementation of the applications terms and conditions of use or other agreements, and our claims from the contract on the use of our applications.
• For the provision of our service, we are occasionally reliant on contractually bound third-party companies and external service providers, e.g. for our customer service and the hosting of applications. In such cases, information will be passed on to these companies or individual people in order to enable further processing. These external service providers are carefully selected by us and checked regularly, to ensure that your privacy remains protected, and they may only process the data for the purposes specified by us. They are also contractually obliged by us to only handle your data exclusively in accordance with this Data Privacy Statement and the England and wales data privacy laws.
• As part of the further development of our business, the structure of our company may change, in that the legal form is changed, or subsidiary companies, business units or components are founded, purchased or sold. In the event of such transactions, the customer information will be passed on, together with the part of the company to be transferred, with your consent. During any transfer of personal data to third parties to the specified extent, we will ensure that the further use takes place in accordance with this Data Privacy Statement and the relevant data protection laws, and we will ask for your permission.

We are obliged to protect your privacy and treat your personal data confidentially. Your data will be stored in our databases, which are only accessible to us and employees specifically trained in data protection.

If we use support from third-party service providers who process your data on our behalf in order to provide our web services, we have ensured that they are subject to the strict conditions of this Data Privacy Statement, and that the use of your data beyond the cases described in this Data Privacy Statement will not take place. All contractors, service providers and their employees are subject extensively to our instructions and are also in particular legally obliged to observe, and trained in, the protection of your data.

In order to prevent the loss or misuse of the data stored by us, we take comprehensive technical and organisational safety precautions, which are regularly reviewed and adjusted to meet technological advances. If it is within our sphere of influence, we use in particular modern encryption techniques as well as a variety of other measures to prevent third parties from obtaining unauthorised information.

However, we would like to point out to you that due to the structure of the internet, it is possible that the data protection regulations and the above-named security measures of other persons or institutions not within our area of responsibility cannot be observed. In particular, data passed on in a non-encrypted form can be read by third parties, even if it is sent via email. We have no technical influence on this occurrence. In these cases, it is the responsibility of the user to protect the data it provides against misuse, by encryption or other methods.

We consistently ensure the strict data protection made legally binding in the European Union. In some cases, particularly for technical reasons, it may transpire that your data entrusted to us is stored on servers outside of your country (even outside of the European Union) in which you originally entered your data. In this case and in the case of a risk that countries to which your data are sent are not subject to data protection law that is just as strict as that in your home country and in the country from which you use our services, we ensure that your data is handled in accordance with the provisions of this Data Privacy Statement. Data processing by processor For the operation of our services we are partly dependent on third party suppliers (called processors). For these companies to be able to carry out their services, your data must be transferred to them. We have entered into a processing contract with these contract processors in accordance with Art. 28 GDPR and they implement the strict requirements of the data protection authorities when using your data. We ensure that all third party service providers, who assist us in the provision of our services, comply with data protection law by this agreement and strict controls that your data will be treated according to our instructions and will not be disclosed to third parties. In addition, we take further measures to guarantee the protection and safety of your data. Data will only be processed outside the EEA if the service provider guarantees that we comply with the requirements of European data protection law.

The following service providers (processors) work with us for the following purposes:

1. Softlayer, Inc

The data required to send the newsletter will be stored on softlayer Web Services servers within the United States. Softlayer is certified under the EU-US Privacy Shield. The Privacy Shield is an agreement between the European Union (EU) and the US to ensure compliance with European privacy standards in the United States.

2. Adnetworks

Our applications use a number of ad networks that serve none personalised ads by using techniques and methodologies that are considered by GDPR as ‘legitimate interest’ and therefore do not require user consent, however should you wish to contact us regarding ads you may do so by contacting us via email.

3. Analytics

Google Analytics works by means of tracking code that is added to our applications. Every user is registered with a unique ID, so that Google Analytics can provide us with insight into how many unique visitors and which devices users are using this data is encrypted and is not tied to any account and acts for strategic analyst of our applications.

As a data subject in the data processing by our applications, you have the following rights listed in this section.

If you would like to exercise one of your rights named below, please contact us using the contact details named in the following “Contact” section.

Please note that we may request proof of your identity and extensive information about your query before we can process it.

Within the framework of the applicable statutory provisions, you have the right at any time to obtain free information about the data stored about you personally, its origin and recipients, and the purpose of the data processing. On presentation of the respective prerequisites, you may also have the right to the rectification of incorrect data, the restriction of the processing, and the erasure of data.

Some forms of data processing are only possible on the basis of your explicit consent. You can withdraw consent already given at any time. The legitimacy of the data processing carried out until the withdrawal will remain unaffected by the withdrawal.

Regarding the data that we process automatically on the basis of your consent or in the performance of a contract, you generally have the right to access it yourself or have it provided to a third party in a customary, machine-readable format. If you require the direct transfer of this data to a third party, this will only take place if this is technically possible with reasonable effort.

In the event of data privacy violations caused by us, you have the right to lodge a complaint with the competent supervisory authority.

Should you have any questions or comments about the handling or use of your personal data, should you require information about the personal data stored about you, or should you wish to exercise your other rights named above, you can contact us by sending an email to support@dicerollerapp.com Operational Data Protection Officer As legally stipulated, we have appointed a data protection officer for our company: Retwik Mukherjee whom can be contacted as seen above.

On our website, there are links to websites of other service providers. When activating these links, you will be forwarded directly to the websites of the other service providers. You will notice this by the change of URL, amongst other things.

We cannot accept any responsibility for the confidential handling of your data on these websites of third-party companies, as we have no influence on the compliance of these companies with the data protection regulations. Please inform yourself about the use of your personal data by these companies directly on these websites.

We always keep this Data Privacy Statement up-to-date. Therefore, we reserve the right to change it from time to time and update it with changes during the collection, processing and use of your data. Therefore, please read through this Data Privacy Statement regularly. You can access the current version of this Data Privacy Statement at any time by clicking the link found in our applications.