General Data Protection Regulation
Maori Legend Games is committed to complying with the General Data Protection Regulation (GDPR) and protecting the privacy rights of all our users, particularly those in the European Economic Area (EEA). This document outlines how we meet our obligations under GDPR and how you can exercise your data protection rights.
We believe that data protection and cultural respect go hand in hand. Just as we honor Maori traditions and indigenous heritage, we honor your right to privacy and control over your personal information.
Under GDPR, we must have a legal basis to process your personal data. We process your information based on:
When you accept our cookie policy, create an account, or opt-in to communications, you provide consent for us to process your personal data for specified purposes. You have the right to withdraw consent at any time.
Processing is necessary to provide you with our social gaming services and fulfill our obligations under our Terms and Conditions.
We process certain data based on our legitimate interests in operating and improving our platform, preventing fraud, and ensuring security, provided these interests do not override your rights and freedoms.
We process data to comply with legal requirements, such as age verification laws and record-keeping obligations.
Under GDPR, you have the following rights regarding your personal data:
You have the right to request a copy of the personal data we hold about you. We will provide this information in a structured, commonly used, and machine-readable format within 30 days of your request.
You can request that we correct any inaccurate or incomplete personal data we hold about you. We will make corrections within 30 days and notify any third parties with whom we shared the data.
You can request deletion of your personal data when:
You can request that we restrict processing of your personal data in certain circumstances, such as when you contest the accuracy of the data or object to processing.
You have the right to receive your personal data in a structured, commonly used format and transmit it to another controller where technically feasible.
You can object to our processing of your personal data based on legitimate interests or for direct marketing purposes. We will cease processing unless we demonstrate compelling legitimate grounds.
You have the right not to be subject to decisions based solely on automated processing, including profiling, which produces legal or similarly significant effects.
Where processing is based on consent, you have the right to withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing before withdrawal.
To exercise any of your GDPR rights, please contact us at:
We will respond to your request within 30 days. If we need additional time, we will inform you of the extension and the reasons for it. There is no fee for exercising your rights unless your request is manifestly unfounded or excessive.
We have appointed a Data Protection Officer (DPO) to oversee our GDPR compliance and handle data protection matters. You can contact our DPO directly:
We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach.
If the breach is likely to result in a high risk to your rights and freedoms, we will also notify you directly without undue delay, providing information about:
Your personal data may be transferred to and processed in countries outside the EEA, including New Zealand. We ensure appropriate safeguards are in place, such as:
We do not knowingly process personal data of individuals under 18 years of age. Our age verification systems are designed to prevent minors from accessing our services. If we discover that we have inadvertently collected data from a minor, we will delete it immediately.
You have the right to lodge a complaint with a supervisory authority if you believe our processing of your personal data violates GDPR. The supervisory authority in your jurisdiction can be found at:
EU Data Protection Authorities: https://edpb.europa.eu/about-edpb/board/members_en
However, we encourage you to contact us first so we can address your concerns directly.
We may update this GDPR compliance statement to reflect changes in our practices or legal requirements. Material changes will be communicated through our website and, where appropriate, via email to registered users.
At Maori Legend Games, we respect your privacy rights as much as we respect Maori cultural traditions. Your personal data is protected with the same care and reverence we apply to indigenous heritage.
For any GDPR-related questions, requests, or concerns: