Privacy

Our Mission Statement

With the adoption of the General Data Protection Regulation (hereinafter “GDPR” ), by the European Union (EU), which goes into effect May 25, 2018, CSE has reexamined its data collection policies, and we are amending our privacy documents to reflect our implementation of the GDPR. As part of our implementation, we are applying these changes to all of our current and future Backers, as well as future players (hereinafter “CSECitizens”).

Even before the day that our Kickstarter first launched, CSE has believed in our CSECitizens’ rights to privacy and to being treated by us in the same manner that we, as gamers, want to be treated by other companies. Our core business is geared to one thing, and one thing only: to make great games, and not to collect and process our CSECitizens’ Personal Information (hereinafter “PI”). As such, we have said and continue to say that we have no interest, desire, or intent, now or going forward, to monetize that information by selling it to other businesses. Unlike some “free to play” games that make money off of selling user PI, that’s not the way we conduct our business (and is one of the reasons why we want to be a subscription-based business). We collect the minimum amount of information from our CSECitizens, with their consent, that we need to operate, to improve and protect our website, forum, and game(s) (collectively “Services”). Any PI we do collect is never given, for profit or otherwise, to any other person or company, unless required by law, or, in the case of our update system, to a third-party email provider. Even in that case, the only PI that is given out is a CSECitizens’ email address, and that information is not tied to any additional PI of our CSECitizens.

The commitment above is unwavering and will not change.

GDPR Summary

Given the sweeping scope (not to mention 200+ pages of regulations and position papers) of the GDPR, it is difficult to present a short and concise summary of it, but we will try anyway.

  1. Encompasses a set of regulations that all non-household-based entities called either “Controllers” or “Processors” (whether commercial or not), must abide by if they have any EU “Data Subjects” (what the GDPR calls living, breathing, real people), whether or not they reside in the EU.
  2. Gives Data Subjects more control over their “Personal Data” (which is not all that well-defined) to limit the ability of Controllers/Processors to gather, store, and process their Personal Data. This includes safeguards for initial and ongoing consent to use that data.
  3. Gives Data Subjects the right to see what Personal Data the Controller/Processor has stored/is using from them.
  4. Gives Data Subjects the right to restrict and/or prevent the use of such data, subject to a reasonably wide need-based range of the Controller/Processor. This includes the “right to be forgotten.”
  5. Requires that the Controller/Processor must safeguard the Personal Data and threatens to impose large fines (2%/4% of worldwide revenue or 10M/20M, whichever is higher) on those Controllers/Processors who fail to live up to what is, for now, an ambiguous standard of care, even if they take certain steps, such as things like pseudonymization and/or encryption of Personal Data.
  6. That Controllers/Processors are required to notify not only the Data Subjects of a breach of security, but also the appropriate organizations within the EU.

For those of you who would like more information about the GDPR and its effects on your rights, gaming future, etc., there’s lots of information to be found on the Internet. One good write-up can be found here (https://www.dataiq.co.uk/blog/summary-eu-general-data-protection-regulation), or, of course, here (https://en.wikipedia.org/wiki/General_Data_Protection_Regulation) (always remember, with Wikipedia, Your Mileage May Vary).

Please note that this Privacy Policy must be accepted, in whole, if you wish to use our Services. Opting-in to it does not, in any way, restrict your rights under the GDPR, such as your right to be forgotten, right to not receive update emails, etc. However, if you choose not to Opt-In to this new Privacy Policy, you will not be able to access our Services, and you will need to ask for a refund of your donation to our game.

Scope

This privacy notice applies to the Services operated by CSE where this privacy notice is referenced, regardless of how you access or use them, including through mobile devices. We are the “data controller” of personal data collected through the Services as defined in the GDPR.

This privacy notice does not apply to any partner’s website, application, service, or tool where it is referenced and where our content is published or advertised in accordance with the terms of this privacy notice. We have received assurances from all data processors we deal with (including payment processors) that they are GDPR compliant.

Example: just because an article from our website was re-posted on another site does not mean that CSE endorses, agrees, or supports their website in any manner, nor do we warrant that they will follow the same privacy rules as we do.

Information We Collect

We collect as little information about you as possible, and certainly we do not collect or process any “sensitive personal data” as defined by the European Union’s General Data Protection Regulation (GDPR) as is detailed in the section below. But, in order to operate our game(s), take donations, pay refunds, send game/company updates, etc., we need to collect a certain amount of information from you, including but not limited to email addresses, IP addresses, device IDs, Reward Tiers, time played, and your activities within the Services. The Services may use such information and aggregate it with other information to track the total number of people who utilize our services and their actions within the services. Here is an example of the information we collect, and why we collect it, only when authorized by you:

Example: Your email address. We need this information to send you updates, provide a variety of support and customer services, and to date, to use for the payment of refunds. In the case of our email provider, we need to share the email address so we can send you a message. As always, we do not sell our email mailing list to any company, entity, or anywhere else you can imagine, and have no intention of doing so in the future.

What is “sensitive personal data” as defined by the EU’s GDPR?

Sensitive personal data is any data that reveals:

  • Racial or ethnic origin
  • Political opinions
  • Religious or philosophical beliefs
  • Trade union membership
  • Genetic data
  • Biometric data for the purpose of uniquely identifying a natural person
  • Data concerning health or a natural person’s sex life and/or sexual orientation

Again, we do not collect any of the above information, nor do we want such information even if it was made available to us. Use of our Services does not require you to divulge any sensitive personal data. You should not voluntarily disclose any of this sensitive personal data through any forum post or game chat, and if you do, you do so at your own risk. In such an event, such sensitive personal data may be automatically logged and available for others to see. We will not make any use of sensitive personal data you voluntarily disclose. We retain the right, but not the obligation, to remove any sensitive personal data you post.

The information that we collect can be used as part of our Services. Here are some examples:

Advertisements: You may see our Services advertised in other applications or other websites in the future. After clicking on one of these advertisements you might become a user of our Services. Advertising platforms may collect information for optimizing advertising campaigns outside of our Services, but we are not responsible for any actions that they may take.

Analytics: We may use third party website analytic tools, such as Google Analytics, on our website that employ cookies to collect certain information concerning your use of our Services. However, you can disable cookies by changing your browser settings. Further information about the procedure to follow to disable cookies can be found on your Internet browser provider’s website via your help screen.

Cookies: We employ cookies and similar technologies (sometimes called pixel tags, clear GIFs, web beacons or pixels) to keep track of your local computer’s settings, such as which account you have logged into and notification settings. Cookies are pieces of data that are stored on your computer that sites and services can set on your browser or device that can be read on future visits. We may expand our use of cookies to save additional data as new features are added to the Services. For more information about our use of these technologies, and how to control them, see Cookies and Similar Technologies.

  • You can remove or reject cookies using your browser or device settings, but in some cases, doing so may affect your ability to use our Services.
  • Please read our Cookie Policy to learn more about how we use cookies and the choices you have.

Examples of personal information you give us when you use our Services or by purchasing a Reward Tier from us

  • Identifying information, such as your name, addresses, telephone numbers, IP address, or email addresses when you register for an account with us.
  • Buying information (such as the Reward Tier), you provide during a transaction, or other transaction-based content that you generate, or that is connected to your account because of a transaction you are involved in, such as gifting tiers, upgrading/downgrading your pledge, etc.
  • Postage and other information used to purchase or send an item, as well as, where postal services are provided, information required for clear and relevant postage information (such as tracking numbers and tracking updates).
  • You may also voluntarily provide us other information through a web form, by updating or adding information to your account, through your participation in community discussions, member-to-member communications, chats, dispute resolution, or when you otherwise communicate with us regarding our Services.
  • Additional information we are required or authorized by applicable national laws to collect and process in order to authenticate or identify you, or to verify the information we have collected.

What other types of Personal Information don’t you collect and/or store?

We have no interest in knowing nor storing things like your credit/debit card number, bank account, etc. We use services such as PayPal and Stripe, who are the collectors and processors of that information: it is never shared with us under any circumstances. And in the same manner as Sensitive Personal Data, we don’t want it either!

WHAT INFORMATION IS NOT CONSIDERED PERSONAL INFORMATION?

We do not consider personal information to include information that has been anonymized or aggregated so that it can no longer be used to identify a specific natural person, whether in combination with other information or otherwise.

Example: A CSE Account ID (hereinafter “CSEID”). The CSEID that you will choose should not be connected to any other ID you have used elsewhere. If you decide not to use a unique ID, you do so at your own risk. No matter what, your CSEID should not disclose any sensitive personal information (e.g. “IBeMarkJacobs”).

Additionally, as part of our Services, CSECitzens will create characters (“AVATARS”) that represent a fictional character in a fictional world. All the CSE data that makes up those characters, including, but not limited to, their virtual possessions (including virtual buildings created within the game), and all imagery related to those characters and their interaction with the virtual world in the game is the sole property of City State Entertainment LLC. You should not use your real name or any part thereof in your login name. You must not pick a name (hereinafter “pseudonym”) that violates anyone’s trademarks, publicity rights or other proprietary rights. Acceptance of a pseudonym by the System does not constitute a finding or acknowledgement by CSE that your chosen pseudonym does not violate any third party’s trademarks, publicity rights or other proprietary rights, and You are responsible for any liability in the choosing of a pseudonym. You acknowledge that any pseudonym you use will either be one that you own a legally-recognized trademark in or one that belongs to the public domain. Further, use of that non-trademarked pseudonym constitutes an acknowledgment that as a public domain name, that You do not consider that pseudonym Personal Information under existing data protection regulations such as the GDPR. In the event that you claim ownership of a legally-recognized trademark, please send an email to privacy@citystateentertainment.com with an acknowledgment that you grant us a license to use that name in connection with the Services of the game.

Finally, if you choose to use your real, and not trademarked name, you do so at your own risk, and further, you agree that by doing so you will not be entitled to claim that you own that data, nor any data associated with it. As with your CSEID, your Avatar names should not disclose sensitive personal information (e.g. “BigBadAFL/CIOMember”).

How Do We Collect The Information?

We collect a minimum amount of personal information from you and any devices (such as the mobile device you use) when you use our website, register for an account with us, provide us information on a web form, update or add information to your account, participate in our forums, when it is provided to us by third-party partners such as PayPal, or when you otherwise correspond with us.

Some of this personal information, such as a way to identify you, is necessary to enter into our End User Access and License Agreement. The provision of all other personal information is voluntary, but is necessary in order to use some of our Services.

Do we collect personal information from you when you use our Services, apart from that mentioned above, without your consent?

  • No.
  • If you give us personal information about someone else, you must do so only with that person’s authorization. You should inform them how we collect, use, disclose, and retain their personal information, according to our privacy notice.

Do we collect personal information from you when you use our Services from third party sites such as MassivelyOP, MMORPG, etc?

No.

WHERE INFORMATION IS PROCESSED

The Company is based in the United States. The laws of the U.S. and other countries governing data collection and use may not be as comprehensive or protective as the laws of the country where you live, but nevertheless, we have voluntarily adopted data practices that comply with the spirit, and at times the language, of the GDPR for all our CSECitizens.

WHY DO WE COLLECT YOUR INFORMATION?

Basically, we use personal information to provide, improve, and develop our products and services, to communicate with you, to provide customer service to you, to honor our contractual commitments to you, to comply with government regulations/agencies, and to protect us and our CSECitizens as necessary within our country’s legal system. Additionally, we will collect your information to the extent strictly necessary and proportionate for the purposes of ensuring network and information security, i.e. the ability of a network or an information system to resist, at a given level of confidence, accidental events or unlawful or malicious actions that compromise the availability, authenticity, integrity, and confidentiality of stored or transmitted personal data, and the security of the related services offered by, or accessible via, those networks and systems, by public authorities, by computer emergency response teams (CERTs), computer security incident response teams (CSIRTs), by providers of electronic communications networks and services, and by providers of security technologies and services, constitutes a legitimate interest of the data controller concerned. This could, for example, include preventing unauthorized access to electronic communications networks and malicious code distribution, and stopping ‘denial of service’ attacks and damage to computer and electronic communication systems.

City State Entertainment, LLC. collects information as data controller for the following purposes:

  • Providing, improving, and developing our products and Services: We use personal information to help us provide, improve, and develop our Services. This includes using information, personal or not, for purposes such as data analysis/metrics research. Such processing is based on our legitimate interest in making the best games we can, and this information is crucial for us doing so. If you enter a contest or other promotion, we may use the personal information you provide to administer those programs. Some of these activities have additional rules, which may contain further information about how we use personal information, so we encourage you to read those rules carefully before participating.
  • Example: Our metrics system will track things like Time to Kill, Time Played, Character Class, etc., to help us see which classes/races/abilities need adjusting to make sure that the game is working the way it was designed to work. This information, anonymized or not, is not considered personal information under this Privacy Policy.
  • Providing a safe and enjoyable CSECitizen experience: As all long-time players of online games know, sometimes other players’ behavior leaves a lot to be desired. In order to administer the game(s) properly, we sometimes need to suspend and/or ban CSECitizen accounts. In order to do so, we need to collect, store, and use certain personal information about the account.
  • Communicating with you: We may use personal information to send you communications about our Services; customer service; communicate with you about your account, transactions,
    and inform you about our policies and terms. As always, if you no longer wish to receive email communications for game/studio update purposes, please Contact Us to rescind your opt-in to receive such messages. This choice will ALWAYS be yours, whether today or in the future. We will use your information to process and respond to your requests when you contact us.
  • Example: We use your email address to send out our weekly updates, monthly newsletter, time for the next test of the game, etc. As always, you can remove your name from any of these lists without any intervention by CSE required. However, please note that if you do so, you will not receive any updates from us going forward, and it will be your responsibility to follow the game’s progress, including informing you of upcoming tests, Beta testing, and among other things, the launch of the game.
  • To contact you regarding your account, to troubleshoot problems with your account, to resolve a dispute, to collect fees or monies owed or as otherwise necessary to provide you customer service.
  • When contacting you for such purposes as outlined above, we may contact you via email, telephone, SMS/text messages, postal mail, and via mobile push notifications.
  • To enforce our End User Access and License Agreement, this privacy notice, or other policies, and Backer-to-CSECitizens communications for violations of our policies or applicable laws.

For any of the uses of your data described above that require your prior express consent, again please note that you may withdraw your consent by Contacting Us.

  • Promoting safety and security: We use personal information to help verify accounts and user activity, as well as to promote safety and security. Such processing is based on our legitimate interest in helping ensure the safety and technical integrity of our products and services.

Service Providers and financial institutions partners as follows:

  • Third party service providers who help us to provide our Services, payment processing services, assist us in the prevention, detection, mitigation, and investigation of potentially illegal acts, violations of our End User Access and License Agreement, fraud and/or security breaches, bill collection, affiliate and rewards programs, co-branded credit cards and other business operations.
  • Example: PayPal.
  • Third party shipping providers (e.g., DHL, UPS, USPS, etc.) with whom we share delivery address, contact information, and shipment tracking information for the purposes of facilitating the delivery of items purchased and other delivery-related communications.
  • Third party providers of websites, applications, services, and tools that we cooperate with to provide non-financial services to you, such as updates.
  • Example: MailChimp

UNSOLICITED INFORMATION

You may provide us with ideas for new products or modifications to existing products, and other unsolicited submissions (collectively, “Unsolicited Information”). All Unsolicited Information shall be deemed to be non-confidential, and we shall be free to reproduce, use, disclose, and distribute such Unsolicited Information to others without limitation, attribution, or any compensation whatsoever.

YOUR RIGHTS

We take a number of steps/precautionary actions to ensure that your personal information is accurate, complete, secure, and up-to-date. Please be aware that despite our efforts, no security system is impenetrable, as hacks against various governments’ organizations have shown. In the event of a security breach, we will promptly notify you and the proper authorities as required by law. If we suffer a breach that we reasonably believe could result in a risk for the rights and freedoms of individuals, we will notify you within 72 hours of our discovery of the breach, as well as notifying the proper authorities as necessary.

You have the right to access, correct, or delete the personal information that we collect subject to the terms of this agreement. You are also entitled to object to or restrict, at any time, the further active use of your personal information. You have the right to receive your personal information in a structured and standard format, which you may, at your discretion, port to another data collector. Please note, however, that this does not include information related to your characters or anything you create using our Services, which remains, at all times, our property. You may lodge a complaint with the competent data protection authority regarding the processing of your personal information (though it would be polite to talk to us first, if you have a concern). In the event that you feel it is necessary to contact a Data Protection Authority, and you’re a member of the EU, here’s a list per country – http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm.

However, in order to protect the privacy and the security of your personal information, we may request information from you to enable us to confirm your identity and right to access such information, as well as to search for and provide you with the personal information we maintain. There are instances where applicable laws or regulatory requirements allow or require us to refuse to provide or delete some or all of the personal information that we maintain. No matter what, unfortunately, your rights must always be subservient to US Government, various law enforcement agencies, and other governance and regulatory bodies/agencies.

You have the right to withdraw your consent for us to have or process your personal Information. If you do withdraw that consent, however, understand that your ability to continue to use our Services will be impacted, and you may not be able to use the Services at all. Please see the information below as to how to withdraw your consent.

Your choices about how we use your personal information

You have choices about how we use your personal information to communicate with you, to send you updates, and whether you want to stay signed into your account. Deciding not to Opt-in to some uses of your personal information may degrade your experience using our Services.

Communication preferences

You can currently control your email communication preferences by deciding to rescind your agreement to receiving any and/or all of our mailing lists.

Access, correction, and deletion of your personal information

You can see, review, and change most of your personal information by signing in to your account. Please, update your personal information immediately if it changes or is inaccurate. If you decide to participate in the forums, please keep in mind, once you make a public posting, you may not be able to change or remove it.

To request access and to find out whether any fees may apply, if permitted by applicable national laws, please contact us, following the instructions in the Contact Us section below. Where you have a statutory right to request access or request the modification or erasure of your personal information, we can still withhold that access, or decline to modify or erase your personal information in some cases, in accordance with applicable national laws as per above.

If you request that we stop processing some or all of your personal information, or you withdraw your consent for our use or disclosure of your personal information for purposes set out in this privacy notice, we might not be able to provide you all of the Services and customer support offered to our users and authorized under this privacy notice and our User Agreement. If you decide to withdraw your consent, and you are no longer able to play our game(s), you will not be provided a refund for any amounts you have spent prior to your withdrawal of consent once you have accessed and played the game. For example, you can’t play the game for a year, then change your consent, and ask for a refund for game key/box and any subscription fees paid up to that date.

Upon your request, we will close your account and remove your personal information from view as soon as reasonably possible, based on your account activity and in accordance with applicable national laws. However, there is certain information that we will retain indefinitely in order to fulfill our needs.

Example: If you request a refund, while we will wipe you from our active database, we will keep a permanent record of the transaction, in order to protect us from future claims regarding any/all payments you may have made, as well as to retain the information for future requests from government bodies/agencies. This information will not be stored online, but in a secure location separate from any active databases.

LEGAL COMPLIANCE AND SECURITY

It may be necessary—by law or as a result of legal process, litigation, or requests from public or governmental authorities within or outside your country of residence—for us to disclose personal information. We may also disclose personal information if we determine that for purposes of national security, law enforcement, or other issues of public importance, disclosure is necessary or appropriate. We will do so in response to a verified request or legal process relating to a criminal investigation, or alleged or suspected illegal activity, or any other activity that exposes us, you, or any other of our users to imminent physical harm or legal liability.

We may also disclose personal information if we determine in good faith that disclosure is reasonably necessary to protect our rights and pursue available remedies, enforce our terms and conditions, investigate fraud, or protect our operations or users. We may also do so under the following circumstances:

  • To comply with our legal requirements, enforce our End User Access and License Agreement, respond to claims that a listing or other content violates the rights of others, or protect anyone’s rights, property, or safety.
  • To credit agencies or bureaus as authorized by applicable national laws (e.g. information on late or missed payments, or other defaults on your account that may be reflected in your credit report or file).
  • To third parties involved in a legal proceeding, if they provide us with a subpoena, court order, or substantially similar legal basis, or we otherwise believe in good faith that the disclosure of information is necessary to prevent imminent physical harm or financial loss, or to report suspected illegal activity.

We may disclose your personal information within our Services

  • To prevent, detect, mitigate, and investigate potentially illegal acts, fraud and/or security breaches, and to assess and manage risk, our games and Forums can share information.
  • To provide customer services, including to help service your account or resolve disputes (e.g., billing or transactional disputes).

Change of ownership

If we are subject to a merger or acquisition with/by another company, we may share information with them.

DATA RETENTION POLICY

How long will we keep your personal information?

We retain your personal information for as long as necessary to provide the Services you have requested, or for other essential purposes, such as complying with our legal obligations, resolving disputes, and enforcing our policies. To protect your data, we will anonymize it to protect it. When we no longer need to retain it, we will delete it.

The length of time that we retain personal information can vary significantly based on context of the Services we provide and on our legal obligations. The following factors typically influence retention periods:

  • How long is the personal information needed to provide our Services? As per above, this includes such things as maintaining and improving the performance of our products, keeping our systems secure, and maintaining appropriate business and financial records. This is the general rule that establishes the baseline for most of our data retention periods.
  • Could the personal information be considered sensitive though, outside that type of information as defined by the GDPR? We don’t know of any such information to date, but if it turns out there is some that we do gather, a shortened retention time would be generally appropriate.
  • Have you provided consent for a longer retention period? If so, we will retain data in accordance with your consent.
  • Are we subject to a legal, contractual, or similar obligation to retain your personal information? Examples can include mandatory data retention laws in the applicable jurisdiction, government orders to preserve data relevant to an investigation, or personal information retained for the purposes of litigation.
  • Is retention of your personal information necessary to potentially support government actions that are necessary to help prevent threats to public security? For example, in the case of a governmental agency’s investigation of money-laundering.

After it is no longer necessary for us to retain your personal information, we will dispose of it in a secure manner, according to our data retention and deletion policies.

CHILDREN

We do not knowingly collect, use, or disclose information from children under 16. If we learn that we have collected the personal information of a child under 16—or the equivalent minimum age depending on the jurisdiction, such as 13 in the United States—we will take steps to delete the information as soon as possible. Please immediately Contact Us if you become aware that a child under 16 has provided us with personal information.

If you are a California resident under the age of 18, and you are a registered user of our products or services, California law permits you to request and obtain removal of content or information you have publicly posted. To make such a request, please Contact Us with specific information about where the content or information is posted and attesting that you posted it. We will then make reasonable, good faith efforts to remove the post from prospective public view, or anonymize it so you cannot be individually identified, to the extent required by applicable law. Please be aware that such a request does not ensure complete or comprehensive removal of the content or information you have posted, and that there may be circumstances in which the law does not require or allow removal even if requested.

YOUR DATA CHOICES

We believe that users should be treated equally no matter where they are, and so we are making the following options to control your data available to all our CSECitizens, regardless of their location/country of origin. You can update certain information by accessing your profile via “Settings.” You can also unsubscribe from certain emails by clicking the “unsubscribe” link they contain. You can decline to allow certain cookie-related processing by following the instructions above in “Other Information.”

  • How can I access the personal data you have about me?

If you would like to submit a data access request, you can do so from the “Settings” page of the Services, where there is a button to download your data. We will then start the process and provide you a link to access your data that we have stored within 30 days.

  • How do I correct, update, amend, or delete the personal data you have about me?

In addition to the functionality available through the “Settings” of the Services, in which you can correct, update, amend, or delete certain personal data, you can also request other modifications from us directly. Please write us at privacy@citystateentertainment.com with the words “Personal Data Request” in the subject or body of your message, along with an explanation of what data subject right you are seeking to exercise. For your protection, we may take steps to verify identity before responding to your request.

  • How do I object or restrict the manner in which City State Entertainment uses my personal information?

You have a right to ask us to stop using or limit our use of your personal information in certain circumstances—for example, if we have no lawful basis to keep using your data, or if you think your personal data is inaccurate, we offer you the ability to restrict the processing of your information for specific uses, which you can find in the “Settings” page of the services. Individuals have the right to decline to allow all of our processing of their personal data in order to send game/company updates, livestream, and other game(s)-related announcements. As usual, we do not directly market Reward Tier upgrades and/or additional products to our CSECitizens. In addition to those rights, you have the right to lodge a complaint with the relevant supervisory authority. However, we encourage you to contact us first, and we will do our very best to resolve your concern.

RIGHT TO BE FORGOTTEN

While this “right” is not adopted by most countries outside of the European Union, we do support it for all our CSECitizens subject to the restrictions above.

DATA PROTECTION POLICY

While we are not required under the GDPR or local regulations to divulge our data protection policies, we are willing to do so as long as doing so does not give any additional edge to those who would seek to compromise it. As such, we hope that these steps give you additional comfort as to how we treat your data.

First, all transfers of personal information are encrypted either through SSL or other means.

Secondly, all personal information that is stored on CSE servers is stored in encrypted format, and we do not send the key to that encryption along with the data.

Thirdly, the most sensitive of personal information is stored offline, in a sequestered server, that is not connected to the Internet, that is only accessible by two people.

Fourth, that leading up to this privacy statement, CSE removed any personal information that wasn’t absolutely necessary for access to the Services from any server/PC that is connected to the Internet.

While these steps are only some of the things that we have done to protect your data, CSE hopes that it shows our continuing commitment to protect your data.

CHANGES TO THIS PRIVACY STATEMENT

We may periodically change this Privacy Statement to keep pace with new technologies, industry practices, and regulatory requirements, among other reasons. Any changes will take effect immediately upon posting of an updated Privacy Statement. When we update this privacy statement, we will provide you either a prominent notice of such changes before they take effect, or by directly sending you a notification, and/or by posting the updated policy on our website, which will be displayed the first time you login after the new Privacy Statement has taken effect.

In the case of this first major change to our Privacy Statement, you are being given the opportunity to agree to accept the new Privacy Statement after having the opportunity to review it. In the future, your failure to agree to the new Privacy Statement may impact your ability to continue to use our Services, and may lead to the deletion of your account without a right of refund. Please note, as per above, that for this initial and GDPR-compliant change, your decision to decline to opt-in will not affect your ability to get a refund of your donation.

CONTACT INFORMATION

Under the GDPR, and for all our CSECitizens, City State Entertainment LLC., is the controller of your Personal Information. You can either contact us through email or, by postal mail at:

City State Entertainment
Attn: Privacy Group
10300 Eaton Place
Suite 320
Fairfax, Virginia 22030

Or send an email to
privacy@citystateentertainment.com