GDPR Information

What is GDPR?

The General Data Protection Regulation (GDPR) is a comprehensive data protection law that came into effect across the European Union on May 25, 2018. Following Brexit, the UK implemented its own version—UK GDPR—which maintains the same core principles and protections.

UK GDPR gives individuals control over their personal data and sets strict requirements for how organizations collect, store, process, and share that data.

GDPR Principles at SparkVault

We are committed to upholding the following GDPR principles in all our data processing activities:

1. Lawfulness, Fairness, and Transparency

We process your data lawfully, fairly, and in a transparent manner. We clearly explain what data we collect, why we collect it, and how we use it in our Privacy Policy.

2. Purpose Limitation

We collect personal data only for specific, explicit, and legitimate purposes. We do not use your data for purposes beyond what we've disclosed without your consent.

3. Data Minimization

We collect only the minimum personal data necessary to achieve our stated purposes. Our Platform is designed to function with minimal data collection.

4. Accuracy

We take reasonable steps to ensure that personal data is accurate and up to date. You can request corrections at any time.

5. Storage Limitation

We retain personal data only as long as necessary. After retention periods expire, data is securely deleted or anonymized.

6. Integrity and Confidentiality

We implement appropriate security measures to protect your data against unauthorized access, loss, or destruction.

7. Accountability

We take responsibility for complying with GDPR and can demonstrate our compliance through documentation and policies.

Your Rights Under UK GDPR

As an individual whose data is processed by SparkVault, you have the following rights:

1. Right to be Informed

You have the right to know what personal data we collect, how we use it, who we share it with, and how long we keep it. This information is provided in our Privacy Policy.

2. Right of Access

You can request a copy of the personal data we hold about you. This is known as a Subject Access Request (SAR). We will respond within one month and provide the data in a commonly used electronic format.

How to request: Email privacy@sparkvault.games

3. Right to Rectification

If your personal data is inaccurate or incomplete, you can ask us to correct or complete it. We will respond to correction requests within one month.

4. Right to Erasure (Right to be Forgotten)

In certain circumstances, you can request that we delete your personal data. This applies when:

• The data is no longer necessary for the original purpose
• You withdraw consent and there's no other legal basis for processing
• You object to processing and there are no overriding legitimate grounds
• The data was unlawfully processed
• The data must be erased to comply with a legal obligation

Note: This right is not absolute. We may need to retain certain data for legal compliance or other legitimate reasons.

5. Right to Restrict Processing

You can ask us to limit how we use your personal data in the following situations:

• You contest the accuracy of the data
• Processing is unlawful, but you don't want the data erased
• We no longer need the data, but you need it for legal claims
• You've objected to processing and we're verifying our legitimate grounds

6. Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, machine-readable format and to transmit that data to another controller. This applies when:

• Processing is based on consent or contract
• Processing is carried out by automated means

7. Right to Object

You can object to processing of your personal data when:

• Processing is based on legitimate interests
• Processing is for direct marketing purposes
• Processing is for research or statistical purposes

We will stop processing unless we can demonstrate compelling legitimate grounds that override your interests.

8. Rights Related to Automated Decision-Making

SparkVault does not currently use automated decision-making or profiling that produces legal or similarly significant effects. Should this change, you will have the right to request human intervention and to challenge such decisions.

How to Exercise Your Rights

To exercise any of your GDPR rights, please contact us:

• Email: privacy@sparkvault.games
• Subject Line: Include "GDPR Request" or the specific right you're exercising (e.g., "Right of Access Request")
• Include: Your full name, contact information, and details of your request

Response Timeline

We will respond to all requests within one month of receipt. In complex cases, we may extend this by an additional two months, in which case we will notify you and explain the reason for the delay.

Verification

To protect your privacy, we may need to verify your identity before processing certain requests. We will only request information necessary for verification purposes.

No Fee

We do not charge fees for processing GDPR requests unless the request is manifestly unfounded, excessive, or repetitive. In such cases, we may charge a reasonable fee or refuse the request.

Data Protection Officer

For data protection inquiries or to exercise your rights, you can contact our data protection team:

• Email: privacy@sparkvault.games
• Address: SparkVault Entertainment Ltd, London, United Kingdom

Complaints and Supervisory Authority

If you believe we have not handled your personal data properly or have violated your rights under UK GDPR, you have the right to lodge a complaint with the UK's data protection supervisory authority:

Information Commissioner's Office (ICO)

• Website: www.ico.org.uk
• Helpline: 0303 123 1113
• Live Chat: Available on ICO website
• Report Online: ico.org.uk/make-a-complaint
• Address: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF

While you have the right to lodge a complaint directly with the ICO, we encourage you to contact us first so we can try to resolve any concerns.

International Data Transfers

Some of our service providers may be located outside the UK or European Economic Area (EEA). When we transfer personal data internationally, we ensure appropriate safeguards are in place:

• Standard Contractual Clauses (SCCs) approved by the UK ICO
• Adequacy decisions recognizing equivalent data protection standards
• Other legally recognized transfer mechanisms

For more information about international transfers, please contact privacy@sparkvault.games.

Updates to This Information

We may update this GDPR information page to reflect changes in regulations, our practices, or guidance from the ICO. Check back periodically for updates.

For comprehensive details about our data practices, please review our Privacy Policy.