ty as always for keeping us in the loop

Glad to see it, and thank you for the update.

Thank you as always Caspian for keeping us updated/informed.

Alduin

Please learn more about how to comply with the new regulation. Because a single post i forming on you policy changes posted on forum is against this regulation. Just trying to save you from massive fines ;)

Posted By Heartagram at 2:43 PM - Fri May 25 2018

Please learn more about how to comply with the new regulation. Because a single post i forming on you policy changes posted on forum is against this regulation. Just trying to save you from massive fines ;)

Did you miss this part?

"We will more broadly communicate these changes next week as we continue to roll out necessary updates to the website."

Alright, I gave the document a read through. I have been reviewing hundreds of these documents over the past few months so I quickly spotted a few hiatuses in the document.

Article 4: "We may do so when (1) permitted or required by law; (2) trying to protect against or prevent actual or potential fraud or unauthorized transactions; or (3) investigating fraud which has already taken place."

In general personal data is only to be shared with any government authorities when required by law. Permitted by law leaves SBS too much room to give up our information voluntarily. After the whole NSA scandal involving mr. Snowden many people in the EU view US authorities as dodgy. So, I am not comfortable with SBS voluntarily sharing my data with them. So I would prefer it if the words "permitted or" are removed.

Article 7: I am missing a commitment/guarantee from SBS that it will ensure that it has concluded the appropriate processor agreements between it and its (sub)processors. Furthermore SBS also needs to guarantee that all of its (sub)processors will also comply with the EU-US Privacy Shield, meaning that SBS is required to check if their (sub)processors are self-certified themselves with the U.S. Department of Commerce's International Trade Administration (ITA).

On a sidenote, I checked the database at https://www.privacyshield.gov and Soulbound Studios, LLC is not yet listed. So unless you certified under another entity I would recommend you guys look into this.

Article 8: "Soulbound Studios may store or process personal data within the United States or within the region or country of any of our software as a service, payment, or other affiliates, vendors, or service providers."

For EU-based data subjects their data should only be stored within the EEA or the US (under the Privacy Shield program). Storing data in any countries outside of both regions can lead to our data being stored in potentially dodgy counties. So unless SBS can ensure a similar protection to the Privacy Shield program and compliance with the GDPR by the foreign (sub)processor in question I do not wish to see my data stored outside of the EEA or the US, say in countries/regions like the PRC, Russia, Turkey, Belarus, Latin America, Africa etc.

Posted By Heartagram at 9:43 PM - Fri May 25 2018

Please learn more about how to comply with the new regulation. Because a single post i forming on you policy changes posted on forum is against this regulation. Just trying to save you from massive fines ;)

I don't why he is being downvoted, but his point is valid. Even though he could have worded it better. ;)

It is important to also have various in-house regulations in place that ensure actual compliance with the GDPR on a day-to-day basis. Just throwing a Privacy Policy out there or concluding a few data processing agreements are not enough. Companies actually need to have mechanisms in place to be able to be in compliance,

Posted By Noslim at 10:21 PM - Fri May 25 2018

Posted By Heartagram at 2:43 PM - Fri May 25 2018

Please learn more about how to comply with the new regulation. Because a single post i forming on you policy changes posted on forum is against this regulation. Just trying to save you from massive fines ;)

Did you miss this part?

"We will more broadly communicate these changes next week as we continue to roll out necessary updates to the website."

I think what he ment was, that the 2 years transition periode ended on friday and that everything that isn't already in place since that day, is a violation of the GDPR.

Please learn more about how to comply with the new regulation.Posted By Noslim at 9:21 PM - Fri May 25 2018

Posted By Heartagram at 2:43 PM - Fri May 25 2018

Please learn more about how to comply with the new regulation. Because a single post i forming on you policy changes posted on forum is against this regulation. Just trying to save you from massive fines ;)

Did you miss this part?

"We will more broadly communicate these changes next week as we continue to roll out necessary updates to the website."

Hi, sorry for my previous post as it was rushed and written on my phone. They had time set by goverment till friday 25th May 2018 to comply with the new regulation (GDPR). At the moment they are breaking the law and could face heavy fines which they can not afford at this stage of producing a game. Do not take my post as a hate speech because it is intended to help CEO of Sbs in making the right decision. Please take necessary actions to comply with the regulation at your earliest convenience.

Posted By Wolffje at 11:49 AM - Sat May 26 2018

Posted By Heartagram at 9:43 PM - Fri May 25 2018

Please learn more about how to comply with the new regulation. Because a single post i forming on you policy changes posted on forum is against this regulation. Just trying to save you from massive fines ;)

I don't why he is being downvoted, but his point is valid. Even though he could have worded it better. ;)

It is important to also have various in-house regulations in place that ensure actual compliance with the GDPR on a day-to-day basis. Just throwing a Privacy Policy out there or concluding a few data processing agreements are not enough. Companies actually need to have mechanisms in place to be able to be in compliance,

Thank you for being intelligent and understanding.

Posted By Zunjin at 3:24 PM - Sat May 26 2018

Posted By Noslim at 10:21 PM - Fri May 25 2018

Posted By Heartagram at 2:43 PM - Fri May 25 2018

Please learn more about how to comply with the new regulation. Because a single post i forming on you policy changes posted on forum is against this regulation. Just trying to save you from massive fines ;)

Did you miss this part?

"We will more broadly communicate these changes next week as we continue to roll out necessary updates to the website."

I think what he ment was, that the 2 years transition periode ended on friday and that everything that isn't already in place since that day, is a violation of the GDPR.

Thank you for being intelligent and understanding.