Menu

Supplemental EEA+ Privacy Statement

Last Updated: August 31, 2021

Francais

The data protection laws of the United Kingdom, Switzerland and the European Economic Area (EEA) (collectively, the “EEA+”), including the General Data Protection Regulation (“GDPR”), require us, Glu Mobile Inc., to provide additional and different information about our data processing practices to individuals in the EEA+.

1.     Scope

This Statement only applies to to the use of our websites, mobile applications, and other online products; it does not apply to any data collection from third-party sites and services or to prospective employment data.

This Statement applies to personal data we collect when you use our websites, mobile applications and other online products and services (collectively, the “Services”). This Statement does not apply to the information collected from: (1) web-based applications that are based on our mobile applications but are published by third parties, (2) mobile applications that we distribute on behalf of third parties and which are hosted and operated by such parties, or (3) the on-line submission of resumes and employment applications in connection with the Jobs section of our website.

2.     Identity of Data Controller

Glu Mobile Inc. is the Data Controller of your personal data collected when you use our Services.

Glu Mobile Inc. is the data controller. Our address is 875 Howard Street, Suite 100, San Francisco, CA 94103. You may contact our EU Representative at EURep@glu.com or by post at Parkmore West Business Park, 1, Ballybrit, Galway, H91 Y2R5, Ireland and our UK Representative at UKRep@glu.com or by post at Onslow House, Onslow St, Guildford GU1 4TN, United Kingdom.

3.     Legal Basis for Processing

We may rely on different legal bases to process your personal data, including where we have your consent, where we have a legitimate interest to do so, where the processing is necessary for the performance of a contract with you and/or where we have a legal obligation to do so.

We will only process personal data about you in accordance with the following legal bases:

  • If you enter or wish to enter into a contract with us, we process your personal data as necessary to enter into the contract with you and perform our responsibilities under our contract with you, such as to process your order and fulfill the products or services you purchase.
  • We process your personal data as necessary to realize a legitimate interest based on an assessment of that interest and your privacy and other fundamental interests. In particular, we may process your personal data to realize legitimate interests in preventing fraud, engage in some marketing-related activities, protect and improve our products and services, and communicate with you about administrative or technical changes to our Services or to deliver legal documents.
  • If we request your consent to a specific processing activity (such as to send you marketing emails), and you provide your consent in the manner indicated, we process your personal data in accordance with your consent.
  • In some cases, we process your personal data as necessary to comply with a legal obligation, such as to respond to legal process requests, or to protect your or another individual’s vital interests.

4.     International Data Transfers

We store and process your personal data in the United States and other countries where we operate. When we do this, we utilize technical, physical, and administrative safeguards to meet data transfer requirements set by various privacy laws, such as the European General Data Protection Regulation.

We may transfer your personal data to service providers and business partners outside of the EEA. Some of these recipients are located in countries for which the European Commission has issued adequacy decisions, including but not limited to: Canada, Israel, Japan, New Zealand and Switzerland. In each case, the transfer is thereby recognized as providing an adequate level of data protection from a European data protection law perspective (GDPR Art. 45).

Some recipients of your personal data are located in countries for which the European Commission has not issued an adequacy decision in respect of the level of data protection there, including but not limited: Australia, Chile, China, India, Mexico, Philippines, and Singapore.  By entering into appropriate data transfer agreements based on Standard Contractual Clauses (2010/87/EU and/or 2004/915/EC) as referred to in GDPR Art. 46(5) or other adequate means, we have established that such recipients will provide an adequate level of data protection and that appropriate technical and organizational security measures are in place to protect personal data against accidental or unlawful destruction, loss or alteration, unauthorized disclosure or access, and against all other unlawful forms of processing.

You can ask for a copy of such appropriate data transfer agreements by contacting us using the contact details above.

5.     Your Rights and Choices

We provide you with choice and control about our use of your information, including your ability to exercise your data privacy rights.

Subject to the conditions set out under the GDPR, you have the following rights:

  • Right to object: You have the right to object, on grounds relating to your particular situation, at any time to the processing of your personal data, in which case such processing may be required to cease.
  • Right of access:You have the right to know whether your personal data is being processed, and, where that is the case, to request access to the personal data. The access information includes, among other things, the purposes of the processing, the categories of personal data concerned, and the recipients or categories of recipients to whom your personal data have been or will be disclosed. You have the right to obtain a copy of your personal data undergoing processing.
  • Right to rectification:You have the right to rectify inaccurate personal data concerning you. Depending on the purposes of the processing, you have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
  • Right to erasure (to be forgotten):You have the right to have your personal data erased in certain cases.
  • Right to restriction of processing:You have the right to have the processing of your personal data restricted in certain cases.
  • Right to data portability:You have the right to receive your personal data which you provided in a structured, commonly used and machine-readable format and you have the right to transmit the personal data to another entity.
  • Right to withdraw your consent: If you declared your consent regarding certain types of processing activities, you can withdraw this consent at any time with future effect.

If you would like to exercise any of these rights, please contact us via the details listed above. Please note that these rights might be limited under applicable national data protection laws. You also have the right to lodge a complaint with the competent supervisory authority.

You are not required to provide any personal data to us, but if you do not provide any personal data to us, you may not be able to use certain features of our Services. You can use our Services without consenting to cookies that are not strictly necessary; however, this might affect the availability and functionality of our Services. You can also use our Services without consenting to receiving marketing communications from us; the only consequence is that you may not receive marketing communications that you may be interested in.

6.     Data Retention

We may retain certain information for legitimate business purposes or required by law.

We store the information we collect about you for as long as is necessary for the purposes for which we originally collected it, which depends on the personal data at issue and the purposes for which we process it. We may retain certain information for legitimate business purposes or as required by law.