1. Data collection in our games
Automated collection and analysis of user data takes place in our games exclusively in connection with technical support.
Automated crash reports
In case of a program crash in one of our games, the respective game sends a limited crash dump to our servers. These crash dumps are aggregated and anonymized. They are only used to report crashes, to analyze memory dumps and as a result to improve our games and are not stored beyond that.
Depending on the game used, the user can disable the automatic transmission of crash dumps. In the case of "X4: Foundations", this is possible via "Settings > Privacy Settings" in the game menu.
Personalised crash reports
If you enable the "Personalised crash reports" option in the privacy settings of our game "X4: Foundations", all crash reports sent to Egosoft will contain additional information that will help us contact you. It is not necessary to enable this setting unless you have been asked to do so by the Egosoft support team. If you enable this setting, the additional information may help determine the causes of crashes on your computer. This additional information is used solely for the purpose of identifying and fixing the underlying cause of crashes.
DXDiag and Vulkan Info
In some cases (especially when determining the cause of a crash), Egosoft Support may request a so-called DXDiag and Vulkaninfo from the user. This data contains detailed information about the system environment and is used to verify driver/hardware configurations and determine the root cause of problems, respectively. These logs may contain information that could be considered personal, such as the user's own computer name, in addition to primarily technical information. Egosoft will only use the provided information to fix the crash problem. If you do not want to share such information with Egosoft, make sure to filter it out before sending it.
Third-party stores
We offer our games through online stores, including Steam, GOG, Oculus, among others. Purchasing our games from an online store generally requires that you have an account with that store. Registration of a store account and use of those stores is subject to the terms of use and privacy policy applicable to that particular store, which may change from time to time.
If you access our games through such a third-party store or distribution platform, those third-party stores may perform their own analytics. This is outlined in the respective store's privacy policy:
The stores through which we distribute our games allow us to view and download data on sales and performance measurement of our games. This data is provided to us in aggregate and anonymous form only. We are not able to associate this aggregated and anonymized data with specific users of our games.
Privacy Policy for X Rebirth VR Edition (Meta Store / Oculus)
X Rebirth VR Edition receives a Meta USER_ID to retrieve the avatar "hands" specification during gameplay. We do not store, share, or retain this data after the session ends. Users may contact us at privacy@egosoft.com with any concerns or deletion requests.
2. Data collection on our website
General
The following gives a simple overview of what happens to your personal information when you visit our website. Personal information is any data with which you could be personally identified. Detailed information on the subject of data protection can be found in our privacy policy found below.
Who is responsible for the data collection on this website?
The data collected on this website are processed by the website operator. The operator's contact details can be found in the website's required legal notice.
How do we collect your data?
Some data are collected when you provide it to us. This could, for example, be data you enter on a contact form.
Other data are collected automatically by our IT systems when you visit the website. These data are primarily technical data such as the browser and operating system you are using or when you accessed the page. These data are collected automatically as soon as you enter our website.
What do we use your data for?
Part of the data is collected to ensure the proper functioning of the website. Other data can be used to analyze how visitors use the site.
What rights do you have regarding your data?
You always have the right to request information about your stored data, its origin, its recipients, and the purpose of its collection at no charge. You also have the right to request that it be corrected, blocked, or deleted. You can contact us at any time using the address given in the legal notice if you have further questions about the issue of privacy and data protection. You may also, of course, file a complaint with the competent regulatory authorities.
Analytics and third-party tools
When visiting our website, statistical analyses may be made of your surfing behavior. This happens primarily using cookies and analytics. The analysis of your surfing behavior is usually anonymous, i.e. we will not be able to identify you from this data. You can object to this analysis or prevent it by not using certain tools. Detailed information can be found in the following privacy policy.
You can object to this analysis. We will inform you below about how to exercise your options in this regard.
3. General information and mandatory information
Data protection
The operators of this website take the protection of your personal data very seriously. We treat your personal data as confidential and in accordance with the statutory data protection regulations and this privacy policy.
If you use this website, various pieces of personal data will be collected. Personal information is any data with which you could be personally identified. This privacy policy explains what information we collect and what we use it for. It also explains how and for what purpose this happens.
Please note that data transmitted via the internet (e.g. via email communication) may be subject to security breaches. Complete protection of your data from third-party access is not possible.
Notice concerning the party responsible for this website
The party responsible for processing data on this website is:
Egosoft GmbH
Heidestr. 4
52146 Würselen
Germany
Telephone: +49 (0)2405 4239970
Email: info@egosoft.com
The responsible party is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (names, email addresses, etc.).
Revocation of your consent to the processing of your data
Many data processing operations are only possible with your express consent. You may revoke your consent at any time with future effect. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.
Right to file complaints with regulatory authorities
If there has been a breach of data protection legislation, the person affected may file a complaint with the competent regulatory authorities. The competent regulatory authority for matters related to data protection legislation is the data protection officer of the German state in which our company is headquartered. A list of data protection officers and their contact details can be found at the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.
Right to data portability
You have the right to have data which we process based on your consent or in fulfillment of a contract automatically delivered to yourself or to a third party in a standard, machine-readable format. If you require the direct transfer of data to another responsible party, this will only be done to the extent technically feasible.
SSL or TLS encryption
This site uses SSL or TLS encryption for security reasons and for the protection of the transmission of confidential content, such as the inquiries you send to us as the site operator. You can recognize an encrypted connection in your browser's address line when it changes from "http://" to "https://".
If SSL or TLS encryption is activated, the data you transfer to us cannot be read by third parties.
Encrypted payments on this website
If you enter into a contract which requires you to send us your payment information (e.g. account number for direct debits), we will require this data to process your payment.
Payment transactions using common means of payment (Visa/MasterCard, direct debit) are only made via encrypted SSL or TLS connections. You can recognize an encrypted connection in your browser's address line when it changes from "http://" to "https://".
In the case of encrypted communication, any payment details you submit to us cannot be read by third parties.
Information, blocking, deletion
As permitted by law, you have the right to be provided at any time with information free of charge about any of your personal data that is stored as well as its origin, the recipient and the purpose for which it has been processed. You also have the right to have this data corrected, blocked or deleted. You can contact us at any time using the address given in our legal notice if you have further questions on the topic of personal data.
Opposition to promotional emails
We hereby expressly prohibit the use of contact data published in the context of website legal notice requirements with regard to sending promotional and informational materials not expressly requested. The website operator reserves the right to take specific legal action if unsolicited advertising material, such as email spam, is received.
4. Data protection officer
Statutory data protection officer
We have appointed a data protection officer for our company.
Egosoft GmbH
Data Protection Officer
Heidestr. 4
52146 Würselen
Germany
Telephone: +49 (0)2405 4239970
Email: privacy@egosoft.com
5. Data collection on our website
5.1 Cookies
Some of our web pages use cookies. Cookies do not harm your computer and do not contain any viruses. Cookies help make our website more user-friendly, efficient, and secure. Cookies are small text files that are stored on your computer and saved by your browser.
Most of the cookies we use are so-called "session cookies." They are automatically deleted after your visit. Other cookies remain in your device's memory until you delete them. These cookies make it possible to recognize your browser when you next visit the site.
You can configure your browser to inform you about the use of cookies so that you can decide on a case-by-case basis whether to accept or reject a cookie. Alternatively, your browser can be configured to automatically accept cookies under certain conditions or to always reject them, or to automatically delete cookies when closing your browser. Disabling cookies may limit the functionality of this website.
Cookies which are necessary to allow electronic communications or to provide certain functions you wish to use (such as the shopping cart) are stored pursuant to Art. 6 paragraph 1, letter f of DSGVO. The website operator has a legitimate interest in the storage of cookies to ensure an optimized service provided free of technical errors. If other cookies (such as those used to analyze your surfing behavior) are also stored, they will be treated separately in this privacy policy.
5.2 Server log files
The website provider as well as used software on the server automatically collect and store information that your browser automatically transmits to us in "server log files". These are among others:
- Browser type and browser version
- Operating system used
- Referrer URL
- Host name of the accessing computer
- Time of the server request
- IP address
These data will not be combined with data from other sources.
Log data will be erased in regular intervals no longer than 10 years.
The basis for data processing is Art. 6 (1) (f) DSGVO, which allows the processing of data to fulfill a contract or for measures preliminary to a contract.
5.3 Registration on this website
You can register on our website in order to access additional functions offered here. The input data will only be used for the purpose of using the respective site or service for which you have registered. The mandatory information requested during registration must be provided in full. Otherwise, we will reject your registration.
To inform you about important changes such as those within the scope of our site or technical changes, we will use the email address specified during registration.
We will process the data provided during registration only based on your consent per Art. 6 (1)(a) DSGVO. You may revoke your consent at any time with future effect. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.
We will continue to store the data collected during registration for as long as you remain registered on our website. Statutory retention periods remain unaffected.
5.4 Leaving comments on this website
If you use the comment function on this site, the time at which you created the comment and your email address will be stored along with your comment, as well as your username, unless you are posting anonymously.
Storage of the IP address
Our comment function stores the IP addresses of those users who post comments. Since we do not check comments on our site before they go live, we need this information to be able to pursue action for illegal or slanderous content.
Subscribing to the comment feed
As a user of this site, you can sign up to receive the comment feed after registering. Your email address will be checked with a confirmation email. You can unsubscribe from this function at any time by clicking the link in the emails. The data provided when you subscribed to the comments feed will then be deleted, but if you have submitted this data to us for other purposes or elsewhere (such as subscribing to a newsletter), it will be retained.
How long comments are stored
The comments and the associated data (e.g. IP address) are stored and remain on our website until the content commented upon has been completely deleted or the comments are required to be removed for legal reasons (slander, etc.).
Legal basis
The comments are stored based on your consent per Art. 6 (1) (a) DSGVO. You may revoke your consent at any time with future effect. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.
5.5 Processing of data (customer and contract data)
We collect, process, and use personal data only insofar as it is necessary to establish, or modify legal relationships with us (master data). This is done based on Art. 6 (1) (b) DSGVO, which allows the processing of data to fulfill a contract or for measures preliminary to a contract. We collect, process and use your personal data when accessing our website (usage data) only to the extent required to enable you to access our service or to bill you for the same.
Collected customer data shall be deleted after completion of the order or termination of the business relationship. Legal retention periods remain unaffected.
5.6 Data transmitted when entering into a contract with online shops, retailers, and mail order
We transmit personally identifiable data to third parties only to the extent required to fulfill the terms of your contract, for example, to companies entrusted to deliver goods to your location or banks entrusted to process your payments. Your data will not be transmitted for any other purpose unless you have given your express permission to do so. Your data will not be disclosed to third parties for advertising purposes without your express consent.
The basis for data processing is Art. 6 (1) (b) DSGVO, which allows the processing of data to fulfill a contract or for measures preliminary to a contract.
5.7 Data transferred when signing up for services and digital content
We transmit personally identifiable data to third parties only to the extent required to fulfill the terms of your contract with us, for example, to banks entrusted to process your payments.
Your data will not be transmitted for any other purpose unless you have given your express permission to do so. Your data will not be disclosed to third parties for advertising purposes without your express consent.
The basis for data processing is Art. 6 (1) (b) DSGVO, which allows the processing of data to fulfill a contract or for measures preliminary to a contract.
5.8 Bug Tracker
We use MantisBT® (hereinafter "Mantis") on part of our web presence. The product is a free and open source, web-based bug tracking system (https://www.mantisbt.org/index.php).
Mantis is used as a bug-tracker, which can be accessed by players who have been granted such access to report bugs/issues in our products. The service is reachable at https://mantisbt.egosoft.com/.
When you visit this area of our webpage, certain data is transmitted automatically by your browser and generated on our server (i.e. IP address, time of accessing the page, the actual page in the bug-tracker you visited, etc.). This data is stored on the server (i.e. for the purpose to analyze/detect errors and to prevent/detect unauthorized access to the platform). Please refer to section 5.2 for related details.
Data transmission is performed using SSL or TLS encryption (please refer to section 3: "SSL or TLS encryption") and therefore is protected (according to the current state of the technology) against eavesdropping by 3rd-parties (so called man-in-the-middle attacks).
For a selected group of users, we provide dedicated user accounts (under NDA). If such an account is used, any contribution made in Mantis is associated with the corresponding account. As part of the user account we also store the user's e-mail-address as well as (optionally) the user's real name. When being granted a dedicated user account, the user explicitly acknowledges and agrees to allow the processing and usage of the data he provides when using his account. Like the anonymously contributed data, this data is stored indefinitely and part of it is publicly visible.
Data transmitted to Mantis is anonymized automatically to such an extent as is technically feasible (i.e. potentially contained IP addresses, usernames, and passwords are extracted from the logs or one-way hashed prior to it being transmitted). However, it cannot be ruled out completely that some personal information may be missed by the algorithm. If this happens, this data is not used by Mantis and also not transmitted to 3rd parties.
Data processing is based on Art. 6 (1) (a) (explicit consent of the subject) and/or (f) (legitimate interest of the webpage operator) DSGVO.
For more information about MantisBT privacy policy, please refer to the following link: https://www.mantisbt.org/privacy.php
5.9 Wiki/Documentation Platform
We use XWiki on part of our web presence. The product is managed by the XWiki.org community and provided in collaboration with XWiki SAS, 4 rue du Faubourg Poissonnière, 75010 Paris, France.
XWiki is being used as the platform providing the wiki system as well as for documentation purposes. The service is reachable at https://wiki.egosoft.com. When you visit this area of our webpage certain data is transmitted automatically by your browser and generated on our server (f.e. IP address, time of accessing the page, the actual page in the wiki you visited, etc.). This data is being stored on the server (f.e. for the purpose to analyze/detect errors and to prevent/detect unauthorized access to the platform). Please refer to section 5.2 for related details.
Users are able to use the service anonymously (i.e. without using an explicit login) to browse content. Other than the recorded IP address in the server logs, no personal identifiable data is generated/stored in such cases.
Data transmission is performed using SSL or TLS encryption (please refer to section 3: "SSL or TLS encryption") and therefore is protected (according to the current state of the technology) against eavesdropping of 3rd-parties (so called man-in-the-middle attacks).
For a selected group of users, we provide dedicated user accounts. If such an account is used, any contribution done in XWiki is associated with the corresponding account. As part of the user account we also store the user's e-mail-address as well as (optionally) the user's real name. When being granted a dedicated user account, the user explicitly acknowledges and agrees to allow the processing and usage of the data he provides when using his account. Contributed data is stored indefinitely and it is publicly visible.
For the purpose of analyzing errors, data may be transmitted to XWiki SAS. This data is anonymized automatically to such an extend which is technically feasible (f.e. potentially contained IP addresses, usernames, and passwords are extracted from the logs or one-way hashed prior to it being transmitted). However, it cannot be ruled out completely that some personal information is missed by the algorithm. If this happens, this data is not used by XWiki SAS and also not transmitted to 3rd parties.
Data processing is based on Art. 6 (1) (a) (explicit consent of the subject) and/or (f) (legitimate interest of the webpage operator) DSGVO.
For more information about XWiki SAS privacy policy, please refer to the following link: https://xwiki.com/en/company/PrivacyPolicy/
6. Analytics and advertising
Google reCAPTCHA
We use "Google reCAPTCHA" (hereinafter "reCAPTCHA") on our websites. This service is provided by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA ("Google").
reCAPTCHA is used to check whether the data entered on our website (such as on a contact form) has been entered by a human or by an automated program. To do this, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis starts automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, how long the visitor has been on the website, or mouse movements made by the user). The data collected during the analysis will be forwarded to Google.
The reCAPTCHA analyses take place completely in the background. Website visitors are not advised that such an analysis is taking place.
Data processing is based on Art. 6 (1) (f) DSGVO. The website operator has a legitimate interest in protecting its site from abusive automated crawling and spam.
For more information about Google reCAPTCHA and Google's privacy policy, please visit the following links: https://www.google.com/intl/de/policies/privacy/ and https://www.google.com/recaptcha/intro/android.html.
7. Newsletter
Newsletter data
If you would like to receive our newsletter, we require a valid email address as well as information that allows us to verify that you are the owner of the specified email address and that you agree to receive this newsletter. No additional data is collected or is only collected on a voluntary basis. We only use this data to send the requested information and do not pass it on to third parties.
We will, therefore, process any data you enter onto the contact form only with your consent per Art. 6 (1) (a) DSGVO. You can revoke consent to the storage of your data and email address as well as their use for sending the newsletter at any time, e.g. through the "unsubscribe" link in the newsletter. The data processed before we receive your request may still be legally processed.
The data provided when registering for the newsletter will be used to distribute the newsletter until you cancel your subscription when said data will be deleted. Data we have stored for other purposes (e.g. email addresses for the members area) remain unaffected.
8. Plugins and tools
YouTube
Our website uses plugins from YouTube, which is operated by Google. The operator of the pages is YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.
If you visit one of our pages featuring a YouTube plugin, a connection to the YouTube servers is established. Here the YouTube server is informed about which of our pages you have visited.
If you're logged in to your YouTube account, YouTube allows you to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account.
YouTube is used to help make our website appealing. This constitutes a justified interest pursuant to Art. 6 (1) (f) DSGVO.
Further information about handling user data, can be found in the data protection declaration of YouTube under https://www.google.de/intl/de/policies/privacy.
9. Payment service providers
PayPal
Our website accepts payments via PayPal. The provider of this service is PayPal (Europe) S.à.r.l & Cie, S.C.A. (22-24 Boulevard Royal, L-2449 Luxembourg.
If you select payment via PayPal, the payment data you provide will be supplied to PayPal based on Art. 6 (1) (a) (Consent) and Art. 6 (1) (b) DSGVO (Processing for contract purposes). You have the option to revoke your consent at any time with future effect. It does not affect the processing of data previously collected.
