Privacy Policy
1. Scope of this Privacy Policy
We take your privacy very seriously. Please read this privacy policy carefully as it contains important information on who we are and how and why we collect, store, use and share your personal data. It applies to the PlayerAuctions.com website (“PlayerAuctions” or the “Site”) and all related sites, applications, services and tools where this policy is referenced, regardless of how you access or use them, including mobile devices. It also explains your rights in relation to your personal data and how to contact us in the event you have any questions or comments.
We collect, use and are responsible for certain personal data about you. When we do so we are subject to the applicable laws including the General Data Protection Regulation (GDPR), which applies across the European Union (including in the United Kingdom), and we are responsible as a ‘controller’ of that personal data for the purposes of those laws.
2. Key terms
It would be helpful to start by explaining some key terms used in this policy:
We, us, our | PlayerAuctions, Inc. |
Our data protection officer |
Sarah Styslinger
[email protected] |
Personal data | Any information relating to an identified or identifiable individual |
Special category personal data |
Personal data revealing racial or ethnic origin, political opinions, religious beliefs, philosophical beliefs or trade union membership
Genetic and biometric data Data concerning health, sex life or sexual orientation |
3. Children Under the Age of 16
Our Site is not intended for children under 16 years of age. No one under age 16 may provide any personal information to or on the Site. We do not knowingly collect personal information from children under 16. If you are under 16, do not use or provide any information on this Site or through any of its features, register on the Site, make any purchases through the Site, use any of the interactive or public comment features of this Site, or provide any information about yourself to us, including your name, address, telephone number, email address, or any screen name or user name you may use. If we learn we have collected or received personal information from a child under 16 without verification of parental consent, we will anonymize that information. If you believe we might have any information from or about a child under 16, please contact
us at [email protected].
California residents under 16 years of age may have additional rights regarding the collection and sale of their personal information. Please see Your State Privacy Rights for more information.
4. Personal data we collect about you
We may collect and use the following personal data about you:
- your name and contact information, including email address and telephone number
- information to enable us to check and verify your identity, e.g., your date of birth
- your gender information, if you choose to give this to us
- location data
- your shipping, billing information, transaction and payment card information
- your personal or professional interests
- your professional online presence, e.g., LinkedIn profile
- your contact history, purchase history and saved items on PlayerAuctions
- information from accounts you link to PlayerAuctions, e.g., Facebook and other social media platforms
- information to enable us to undertake credit or other financial checks on you
- information about how you use the PlayerAuctions website, IT, communication and other systems
- your responses to surveys, competitions and promotions
- transactional information based on your activities on PlayerAuctions (such as information to facilitate buying and selling);
- community discussions, chats, dispute resolution, correspondences through PlayerAuctions, and correspondences sent to us;
- computer sign-on data, statistics on page views, traffic to and from PlayerAuctions, and cookies information;
- other information, including IP address and standard weblog information, and supplemental information from third parties, such as payment account information provided by any payment services that you use to make purchases or receive payments, and your browser ID, cookie ID, device ID, device type, proxy usage, VPN usage, and associated names, locations, email addresses, phone numbers, and social media public profiles provided by our payment fraud and customer due diligence service providers.
This personal data is required to provide our services to you. You can choose not to provide information to us, but in general some information about you is required in order for you to: register as a member; purchase products or services; complete a profile; participate in a survey, contest, or sweepstakes; ask us a question; or initiate other transactions on our site.
5. How your personal data is collected
We collect most of this personal data directly from you via our website. However, we may also collect information:
- from publicly accessible sources, e.g., demographic data;
- directly from a third party, e.g.: – sanctions screening providers;
- from a third party with your consent, e.g., your bank
- from cookies on our website—for more information on our use of cookies, please see our Cookie Policy
- via our IT systems, e.g., automated monitoring of our websites and other technical systems such as our computer networks and connections.
– credit reference agencies;
– customer due diligence providers;
– data brokers
6. How and why we use your personal data
We may disclose aggregated information about our users, and information that does not identify any individual, without restriction.
Under data protection law, we can only use your personal data if we have a proper reason for doing so, e.g.,:
- to comply with our legal and regulatory obligations;
- for the performance of our contract with you or to take steps at your request before entering into a contract;
- for our legitimate interests or those of a third party; or
- where you have given consent.
A legitimate interest is when we have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests.
The table below explains what we use (process) your personal data for and our reasons for doing so:
What we use your personal data for | Our reasons |
To provide our services to you | For the performance of our contract with you or to take steps at your request before entering into a contract |
To contact you, either via email or telephone, to resolve disputes, collect fees, troubleshoot problems with your account or our sites, services, applications or tools, or for other purposes authorized by law |
For the performance of our contract with you or to take steps at your request before entering into a contract
For our legitimate interests or those of a third party, e.g., making sure that we can keep in touch with our customers and deliver the best service to you |
To prevent and detect fraud, security breaches, potentially prohibited or illegal activities, and enforce our user agreement and policies | For our legitimate interests or those of a third party, e.g., to minimize fraud that could be damaging for us and for you |
Conducting checks to identify our customers and verify their identity
Screening for financial and other sanctions or embargoes Other processing necessary to comply with legal and regulatory obligations that apply to our business |
To comply with our legal and regulatory obligations |
Gathering and providing information required by or relating to audits, enquiries or investigations by regulatory bodies | To comply with our legal and regulatory obligations |
Ensuring business policies are adhered to, e.g., policies covering security and internet use | For our legitimate interests or those of a third party, e.g., to make sure we are following our own internal procedures so we can deliver the best service to you |
Operational reasons, such as improving efficiency, training and quality control | For our legitimate interests or those of a third party, e.g., to be as efficient as we can so we can deliver the best service for you at the best price |
Ensuring the confidentiality of commercially sensitive information |
For our legitimate interests or those of a third party, e.g., to protect trade secrets and other commercially valuable information
To comply with our legal and regulatory obligations |
Statistical analysis to help us manage our business, e.g., in relation to our financial performance, customer base, product range or other efficiency measures | For our legitimate interests or those of a third party, e.g., to be as efficient as we can so we can deliver the best service for you at the best price |
Preventing unauthorized access and modifications to our systems |
For our legitimate interests or those of a third party, e.g., to prevent and detect criminal activity that could be damaging for us and for you
To comply with our legal and regulatory obligations |
that could be damaging for us and for you
To comply with our legal and regulatory obligations |
|
Updating and enhancing our customer records |
For the performance of our contract with you or to take steps at your request before entering into a contract
To comply with our legal and regulatory obligations For our legitimate interests or those of a third party, e.g., making sure that we can keep in touch with our customers about existing orders and new products and/or services |
Ensuring safe working practices, staff administration and assessments |
To comply with our legal and regulatory obligations
For our legitimate interests or those of a third party, e.g., to make sure we are following our own internal procedures and working efficiently so we can deliver the best service to you |
Marketing our services and those of selected third parties to:
—existing and former customers; —third parties who have previously expressed an interest in our services; —third parties with whom we have had no previous dealings. |
For our legitimate interests or those of a third party, e.g., to promote our business to existing and former customers |
Credit reference checks via external credit reference agencies | For our legitimate interests or those of a third party, e.g., to ensure our customers are likely to be able to pay for our products and services |
External audits and quality checks |
For our legitimate interests or a those of a third party, e.g., to maintain our accreditations so we can demonstrate we operate at the highest standards
To comply with our legal and regulatory obligations |
The above table does not apply to special category personal data, which we will only process with your explicit consent.
7. Promotional communications
We may use your personal data to send you updates (by email, text message, telephone or post) about our services, including exclusive offers, promotions or new products and/or services.
We have a legitimate interest in processing your personal data for promotional purposes (see above 'How and why we use your personal data'). This means we do not usually need your consent to send you promotional communications. However, where consent is needed, we will ask for this consent separately and clearly.
We will always treat your personal data with the utmost respect and never sell it.
You have the right to opt out of receiving promotional communications at any time by:
- using the ‘unsubscribe’ link in emails,
- unchecking the “Analytics & Marketing” checkbox on our Cookie Policy,
We may ask you to confirm or update your marketing preferences if you instruct us to provide further products and/or services in the future, or if there are changes in the law, regulation, or the structure of our business.
8. Targeted Advertising
If you do not want PlayerAuctions to use information that we collect or that you provide to us to deliver advertisements according to our advertisers' target-audience preferences, you can opt-out by visiting our Cookie Policy and unchecking the “Analytics & Marketing” checkbox.
You may also opt out of receiving targeted ads from members of the Network Advertising Initiative (“NAI”) on the NAI’s website.
Residents of certain states, such as California, Nevada, Colorado, Connecticut, Virginia, and Utah may have additional personal information rights and choices. Please see State Privacy Rights for more information.
9. Who we share your personal data with
We routinely share personal data with:
- Other PlayerAuctions users that you communicate with
- Group Company members
- third parties we use to help deliver our services to you, e.g., payment service providers, technical service providers, risk management and customer due diligence service providers
- other third parties we use to help us run our business, e.g., marketing agencies or website hosts
- third parties approved by you, e.g., social media sites you choose to link your account to or third- party payment providers
- credit reference agencies
- our insurers and brokers
- our banks
We only allow our service providers to handle your personal data if we are satisfied they take appropriate measures to protect your personal data. We also impose contractual obligations on service providers to ensure they can only use your personal data to provide services to us and to you. We may also share personal data with external auditors, e.g., in relation to ISO accreditation and the audit of our accounts.
We may disclose and exchange information with law enforcement agencies and regulatory bodies to comply with our legal and regulatory obligations.
We may also need to share some personal data with other parties, such as potential buyers of some or all of our business or during a re-structuring. Usually, information will be anonymized but this may not always be possible. The recipient of the information will be bound by confidentiality obligations.
10. Where your personal data is held
Information may be held at our offices and those of our group companies, third party agencies, service providers, representatives and agents as described above (see above: 'Who we share your personal data with').
Some of these third parties may be based outside the European Economic Area. For more information, including on how we safeguard your personal data when this occurs, see below: 'Transferring your personal data out of the EEA'.
11. How long your personal data will be kept
We will keep your personal data while you have an account with us or we are providing services to you. Thereafter, we will keep your personal data for as long as is necessary:
- to respond to any questions, complaints or claims made by you or on your behalf
- to show that we treated you fairly
- to mitigate fraud against us or our active users
- to keep records required by law
We will not retain your personal data for longer than necessary for the purposes for which it was collected. Different retention periods apply for different types of personal data.
When it is no longer necessary to retain your personal data, we will delete or anonymize it.
12. Transferring your personal data out of the EEA
To deliver services to you, it is sometimes necessary for us to share your personal data outside the European Economic Area (EEA), e.g.:
- with our offices outside the EEA;
- with your and our service providers located outside the EEA;
- if you are based outside the EEA;
- where there is an international dimension to the services we are providing to you.
These transfers are subject to special rules under European and UK data protection law.
These non-EEA countries do not have the same data protection laws as the United Kingdom and EEA. We will, however, ensure the transfer complies with data protection law and all personal data will be secure. Our standard practice is to use standard data protection contract clauses that have been approved by the European Commission. To obtain a copy of those clauses or if you would like further information please contact us (see 'How to contact us' below).
13. Your rights
You have the following rights, which you can exercise free of charge:
Access | The right to be provided with a copy of your personal data (the right of access) |
Rectification | The right to require us to correct any mistakes in your personal data |
To be forgotten | The right to require us to delete your personal data—in certain situations |
Restriction of processing | The right to require us to restrict processing of your personal data—in certain circumstances, e.g., if you contest the accuracy of the data |
Data portability | The right to receive the personal data you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party—in certain situations |
To object |
The right to object:
—at any time to your personal data being processed for direct marketing (including profiling); —in certain other situations to our continued processing of your personal data, e.g., processing carried out for the purpose of our legitimate interests. |
Not to be subject to automated individual decision making | The right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you |
If you would like to exercise any of those rights, please:
- complete a data subject request form—available on our website at Data Subject Access Request; or
- email, call or write to us—see below: 'How to contact us'; and
- let us have enough information to identify you (e.g., your full name, address and customer or matter reference number);
- let us have proof of your identity and address (a copy of your driving license or passport and a recent utility or credit card bill); and
- let us know what right you want to exercise and the information to which your request relates.
14. Right to Withdraw Consent
In addition to the above rights, where we are relying on consent as the lawful basis for the processing of your personal data you can withdraw your consent at any time, although this will not affect the lawfulness of any processing based on your consent which occurred prior to the withdrawal.
15. Keeping your personal data secure
We have appropriate security measures to prevent personal data from being accidentally lost or used or accessed unlawfully. We limit access to your personal data to those who have a genuine business need to access it. Those processing your information will do so only in an authorized manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
16. How to complain
We hope that we can resolve any query or concern you may raise about our use of your information.
If you are located in the European Economic Area, United Kingdom or Switzerland, the General Data Protection Regulation gives you the right to lodge a complaint with a supervisory authority in the country where you work, normally live or where any alleged infringement of data protection laws occurred.
17. State Privacy Rights
California Consumer Privacy Act of 2018 ("CCPA") is a privacy law that establishes various rights for California residents. This specific Section 15 (Privacy Notice for California Residents) supplements the information contained in this privacy policy and applies solely to individuals who reside in the State of California. This Section 15 is being published to comply with the CCPA and any terms defined in the CCPA have the same meaning when used in this Section 15.
A. Personal information we collect about you
We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (“personal information”). In particular, we may have collected the following categories of personal information about our customers within the last 12 months:
Category | Example | Collected | Source |
---|---|---|---|
A. Identifiers. | A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver's license number, passport number, or other similar identifiers. | YES | Directly from you From your device or your use of our website |
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). | A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories. | YES | Directly from you From your device or your use of our website |
C. Protected classification characteristics under California or federal law. | Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information). | YES | Directly from you |
D. Commercial information. | Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. | YES | Directly from you From your device or your use of our website |
E. Biometric information. | Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data. | NO | N/A |
F. Internet or other similar network activity. | Browsing history, search history, information on a consumer's interaction with a website, application, or advertisement. | YES | From your device or your use of our website |
G. Geolocation data. | Physical location or movements. | YES | From your device or your use of our website |
H. Sensory data. | Audio, electronic, visual, thermal, olfactory, or similar information. | NO | N/A |
I. Professional or employment-related information. | Current or past job history or performance evaluations. | NO | N/A |
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)). | Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records. | NO | N/A |
K. Inferences drawn from other personal information. | Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. | YES | From marketing and advertising service providers. |
Please refer to Section 4 for additional information on “Source” and Section 3 of this privacy policy for more information about the information we collect.
B. How we use your personal information
Please refer to Section 5 of this privacy policy for how we use your personal information.
C. Sharing of your personal information
In the last twelve (12) months, we may have shared the following categories of personal information for a business purpose:
Category A | Identifiers. |
Category B | California Customer Records personal information categories. |
Category C | Protected classification characteristics under California or federal law. |
Category D | Commercial information. |
Category F | Browsing history, search history, information on a consumer's interaction with a website, application, or advertisement. |
Category G | Physical location or movements. |
Please refer to Section 7 of this privacy policy for categories of third parties to whom we disclose your personal information for a business purpose.
D. Your Rights and Choices
Access to Specific Information and Data Portability Rights
You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past twelve (12) months. Once we receive and confirm your verifiable consumer request, we will disclose to you:
You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past twelve (12) months. Once we receive and confirm your verifiable consumer request, we will disclose to you:
- The categories of personal information we collected about you.
- The categories of sources for the personal information we collected about you.
- Our business or commercial purpose for collecting or selling that personal information.
- The categories of third parties with whom we share that personal information.
- The specific pieces of personal information we collected about you (also called a data portability request).
-
If we sold or disclosed your personal information for a business purpose, two separate lists disclosing:
– sales, identifying the personal information categories that each category of recipient purchased; and
– disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.
Deletion Request Rights
You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.
You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.
We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:
- Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
- Debug products to identify and repair errors that impair existing intended functionality.
- Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
- Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
- Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
- Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
- Comply with a legal obligation.
- Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
Exercising Access, Data Portability, and Deletion Rights
To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us by:
To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us by:
- Visiting https://www.playerauctions.com/about/data-subject-access-request/
- Emailing at [email protected]
Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child.
You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:
- Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
- Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
Response Timing and Format
We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. We will deliver our written response by mail or electronically, at your option. Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. We will deliver our written response by mail or electronically, at your option. Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
Personal Information Sale and Opt-Out Right
If you are a California resident, you have the right to direct a business not to sell your personal information. We do not sell information that directly identifies you, such as your name and email address. We share certain information and allow third parties to collect certain information about your activity, for example through cookies, as explained in our cookie policy. We do not believe these activities are a sale of personal information under the current regulatory guidance for the CCPA.
If you are a California resident, you have the right to direct a business not to sell your personal information. We do not sell information that directly identifies you, such as your name and email address. We share certain information and allow third parties to collect certain information about your activity, for example through cookies, as explained in our cookie policy. We do not believe these activities are a sale of personal information under the current regulatory guidance for the CCPA.
Non-Discrimination
We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:
We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:
- Deny you goods or services.
- Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
- Provide you a different level or quality of goods or services.
- Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
Colorado, Connecticut, and Virginia also provide their state residents with rights to:
- Correct inaccuracies in their personal information, taking into account the information's nature processing purpose.
- Opt-out of profiling in furtherance of decisions that produce legal or similarly significant effects.
To exercise any of these rights please contact us at [email protected].
Nevada provides its residents with a limited right to opt-out of certain personal information sales. Residents who wish to exercise this sale opt-out rights may submit a request to [email protected]. However, please know that we do not currently sell data triggering that statute's opt-out requirements.
18. Changes to this privacy policy
This privacy notice was last updated on May 27, 2023.
We may change this privacy notice from time to time—when we do we will inform you by posting the updated privacy policy on the Site or by email.
19. How to contact us
Please contact us by post, email or telephone if you have any questions about this privacy policy or the information we hold about you.
Our contact details are shown below:
Our contact details |
112, Mokdongjungangbuk-ro, Yangcheon-gu, Seoul, 07971 Korea |
[email protected] |