version 2.2 updated on January 2022
At MUV, the privacy of our users is an absolute priority. Your security is at the heart of the way we design the services and challenges you enjoy, so that you can fully trust us and enjoy your gaming experience.
We value the trust you place in us when you provide us with your Personal Data, and we are well aware that this is not something to be taken lightly.
That is why we strive to be transparent about the way we process your data. Since we use many of the same online services you do, we know that privacy notices are often characterised by fragmented information or unnecessarily complicated language.
We have chosen to take exactly the opposite approach: we have written our privacy notice and the related documents in plain, straightforward language, because we hope you will read them and fully understand their content.
Enjoy the read,
The MUV legal team
Thank you for taking the time to read this notice.
We appreciate the fact that you trust us and we intend to keep that trust intact over time. This means making sure you understand the information we collect, why we collect it, how it is used and what choices you have regarding the use of your data. This notice describes our privacy practices in plain language, keeping legal and technical jargon to the bare minimum.
This Privacy Notice applies as of 3 January 2022.
It is divided into several sections, each one dealing with a specific topic, so that you can easily find the information you are looking for.
SERVICE refers to the use of www.muvgame.com (our Website) and of the MUV mobile application (our App), both operated by MUV S.r.l. S.B.
PERSONAL DATA means any information relating to an identified or identifiable natural person (Data Subject, also referred to as “you” or “your”).
USAGE DATA is the type of Personal Data that is collected automatically and that is generated either through the use of the Service or through the infrastructure of the Service (for example, the duration of a page visit).
COOKIES are small files stored on your device (computer or mobile device).
DATA CONTROLLER means a natural or legal person who, alone or jointly with others, determines the purposes and means of the processing of personal data. For the purposes of this Privacy Notice, we are the Data Controller of your Personal Data.
DATA PROCESSOR (or service provider) means any natural or legal person who processes data on our behalf. We may use the services of various Service Providers in order to process your Personal Data more effectively.
PROCESSING means any operation or set of operations performed on personal data or on sets of personal data, including by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
PROFILING means any form of automated processing of personal data aimed at evaluating certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s health, personal preferences, interests, reliability, behaviour, location or movements.
PSEUDONYMISATION means the processing of personal data in such a way that the data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that such personal data are not attributed to an identified or identifiable natural person.
MUV S.r.l. S.B. (“we”, “our”) operates www.muvgame.com (our Website) and the MUV mobile application (our App), together referred to as our “Services“.
Our Privacy Notice explains how we process, store and disclose the information deriving from the use of our Services. We use your data to provide and constantly improve our Service. Unless otherwise defined in this Privacy Notice, the terms used in this notice have the same meaning as set out in our Terms and Conditions of Use (“Terms”).
As Data Controller, we may process your Personal Data in various contexts. We may process your Personal Data if you use our App (“Users“), but also in a general context, for example through our Website and our social media accounts (“General“).
A:Users
If you create an account on MUV:
Personal data:
Your first name and surname, nickname, e-mail address.
Mobility data:
Your mobility habits (optional), the means of transport you own or use (optional), your average travel time per day (optional), your frequent routes, for example from home to work or from home to school (optional).
Health data:
Date of birth (optional), gender (optional), height (optional), weight (optional).
Note: if you register through one of your social media accounts, we also receive your name, profile picture and other data you have entered in that social account.
We use the data to:
– Register your account;
– Allow you to access your account;
– Allow you to take part in the game and use all the features of our Services;
Create the game results (i.e. the sustainability performance based on your means of transport, personal data, mobility data and health data);
– Give you access to the overview of your game results.
Legal basis:
We may process this data because it is necessary in order to perform our contract with you (i.e. to allow you to access an account, including all related services).
We may process the Personal Data you have optionally provided to us because we have your consent to do so.
We may process your Mobility Data and Health Data because we have your explicit consent to process such Personal Data.
Personal data:
If you use our Services (i.e. you start tracking your trips and use all the related features):
Mobility data:
Location data, data on the time and duration of the route and on the means of transport used.
Activity data, as detected by your device’s activity recognition services.
Health data:
Activity minutes, daily steps (optional), calories and general activity.
Please note: this data is collected through synchronisation with other applications or services, including Apple HealthKit and CareKit or Google FIT.
Game data:
Your points, experience levels, roles, mobility indices, coins, avatars, leaderboard positions, etc.
The challenges you have chosen to accept, those you have completed and the related performance.
The tournaments you have chosen to take part in, the teams selected and the related performance.
Your community and any sponsors you may have.
The data on your sustainability performance based on your Personal Data, Mobility Data and Health Data) and the Personal Data you provide through the chat features within the App.
Usage data:
Information about your use of our Services, such as the date and time of access, the features you have used, searches, clicks, content displayed, browsing habits, shares, the number of people invited to MUV, friend requests sent, etc.
Information about your device, such as the type of device (make and model), operating system (type and version), time zone and language.
We use the data to:
– Enable the game to take place (for example, publishing the game results intended for you and your friends so that you can compete with each other);
– Analyse mobility habits in order to provide you with personalised advice and an overview of your game results;
– Provide you with prizes;
– Allow you to interact with and/or invite other users;
– Take measures to prevent scams and fraud and to ensure that all uses comply with the Terms and Conditions of the Service.
Legal basis:
We may process this data because it is necessary in order to perform our contract with you (i.e. to allow you to access an account, including all related services).
We may process your Mobility Data and Health Data because we have your explicit consent to process such Personal Data.
We may process Usage Data because we have a legitimate interest in knowing how our Services are used (including any technical issues) in order to provide and improve our Services.
Personal data:
If you consent to receiving promotional messages within the App:
Personal data
Game data
Purchase history
We use the data to:
– Invite you to sponsored contests;
– Send you personalised offers from our sponsors;
– Send you updates and/or promotional messages relating to our Services
Legal basis:
We may process this personal data because we have your consent to do so.
Personal data:
If you subscribe to our paid services or to those offered by one of our partners:
Billing and payment details (for example contact details, bank account number, amount and time of the transaction, payment method and applicable taxes).
We use the data to:
– Send invoices;
– Process and manage payments;
– Issue a refund and/or additional compensation (if there is a reason to do so);
– Include you in our (financial) administration in order to comply with tax regulations.
Legal basis:
We may process this personal data because we need it in order to perform our contract with you.
We are also legally obliged to process and/or share (some of) this data for/with the national tax authorities.
Personal data:
If you provide us with feedback through the dedicated feature of the App or by contacting our customer support team:
Personal data
The personal data you provide through the in-App feedback feature or during your interaction with our support team
We use the data to:
– Further develop and improve our Services, for example by improving our game features and the personal profile.
Legal basis:
We may process this data because we have a legitimate interest in contacting you and assisting you on the basis of your comments or questions, and in improving our Services following the questions and feedback we receive.
Personal data:
If you take part in surveys, in-app or on our website:
Personal data
Opinions on our services, answers to our questions and experiences that you choose to share with us.
We use the data to:
– Provide personalised advice and recommendations to adopt mobility behaviours that are more sustainable and safer than your current ones, as well as to set individual sustainability goals and help you achieve them.
– Carry out analyses aimed at assessing the mobility habits, attitudes or propensity to change of an individual or a group of users, or produce reports, charts or plans concerning mobility or sustainability.
Legal basis:
We may process this data because we have a legitimate interest in contacting you and assisting you on the basis of your comments or questions, and in improving our Services following the questions and feedback we receive.
With regard to Mobility Data, please note the following:
B: General
Personal data:
Technical information:
Information on the type of device, date and time of the session, IP address and browser type.
We use the data to:
– Communicate in the same language as your browser;
– Adapt our website to the device used;
– Allow you to use our website;
– Detect, prevent and resolve technical problems.
Legal basis:
We may process this data because we have a legitimate interest in doing so, i.e. to ensure that our website works and to improve it and our services for our users.
Personal data:
If you contact us through our website:
Your first name, surname, e-mail address and the content of the correspondence between you and MUV.
We use the data to:
– Answer your questions and/or handle any complaints;
– Improve our services following customers’ questions and feedback.
Legal basis:
We may process this data because we have a legitimate interest in contacting you and assisting you on the basis of your comments or questions, and in improving our Services following the queries and feedback we receive.
Personal data:
If you choose to receive our newsletter through our website:
E-mail, address, first name, surname.
We use the data to:
– Send you our updates and keep you informed about promotional campaigns and about all our (future) Services.
Legal basis:
We may process this data if you have given us your permission to do so (by subscribing through our website).
We may send newsletters to our customers – who have subscribed to the Services or purchased Products – because we have a legitimate interest in doing so.
Every newsletter contains a link through which you can unsubscribe.
Personal data:
Through our social media pages:
Information about visitors who leave a comment or post something on our pages, including the personal data contained in these comments and/or posts.
We use the data to:
– Contact visitors in response to their posts and/or comments through our social media pages;
– Process the feedback received on our social media pages.
Legal basis:
We may process this personal data because we have a legitimate interest in doing so and because visitors have voluntarily made such information public.
Our social media pages are managed by the social platforms themselves. We therefore invite you to consult their privacy notices to find out how each social medium processes Personal Data:
Instagram: Privacy Policy
Facebook: Privacy Policy
LinkedIn: Privacy Policy
Twitter: Privacy Policy
In addition to the information you provide us with directly, we receive information about you from others, including:
You can use your social accounts (such as Apple, Facebook or Google) to create and access your MUV account. By doing so, you will avoid having to remember yet another username and password, and you will be able to share with us some information relating to your social profiles, such as your friends list or your city of residence.
We may receive information about you from our partners; for example, when an electric car sharing service interfaces with MUV and allows points to be awarded for the trips made with electric cars, that service may provide data relating to the duration of the trip, the route and the start and end times of the service.
Information collected from third parties and provided to us is not subject to our Privacy Notice but to that of such third parties, if any. If you have any doubts about how information is handled by such third parties, please read their Privacy Notice. We accept no responsibility for any practice, action or policy of such third parties, nor for the content or the privacy practices of such services.
We use cookies and similar tracking technologies to monitor the activity relating to our Services and we therefore hold certain information.
Cookies are small files that may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. We also use other tracking technologies, such as beacons, tags and scripts, to collect and track information and to improve and analyse our Service.
You can set your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some parts of our Service. Below are some examples of the cookies we use:
Since one of our goals is to create a “MUVement”, i.e. a community of MUVers who share the same values and aim to protect the environment, for this reason we share some of your information with other users.
We also share some information with service providers who support us in managing the Service, with partners who wish to sponsor our competitions by offering prizes and discounts, with the companies or organisations that choose to make our Service available to their users and, in some cases, with the legal authorities.
In particular, we may share your information:
With other users
The information in your public profile (nickname, avatar, community, experience level, role, sustainability indices, points, coins, etc.) is visible to other MUV users.
The information in your private profile (CO2 saved, general statistics on MUV performance, trophies, calories burned) is instead shared only with your friends within MUV. To turn a MUV user into a friend, you need to accept or send (provided that the chosen user accepts in turn) a friend request.
With our service providers
We may rely on third-party companies or individuals (“Service Providers”) to help us deliver our Service in the best possible way, to provide services on our behalf, to perform activities related to our Service or to support us in the analysis of the use of our Service.
These third parties support us in various areas, including hosting and data management, analytics, customer support, marketing, advertising and security operations. They have access to your Personal Data only in order to perform these tasks on our behalf and are obliged not to disclose it or use it for any other purpose.
They are therefore parties that must be identified and designated as joint controllers, data processors, persons authorised to process data or system administrators, depending on the characteristics they take on (e.g. because they access the databases or because they in any case manage data backup activities, the management of storage media, etc.).
Below you will find a list of the service providers who currently support us:
With our partners
We may also share information with partners who have chosen to engage certain types of MUV users through a series of competitions or personalised sponsorship campaigns and to reward the most sustainable ones by offering prizes and discounts. In this case, any sharing of your information with these partners is governed by the Terms and Conditions of Use document specific to the competition, whether it is a challenge or a tournament, which you will be asked to read and accept before completing your registration for it.
We follow a strict verification process before engaging any service provider or activating a collaboration with any partner.
With our payment service providers
We may provide paid products and/or services within our Services. In this case, we use third-party services for payment processing (for example, payment processors).
We will not store or collect your payment card data. Such information is provided directly to our third-party payment processors, whose use of your personal data is governed by their Privacy Notice. These payment processors adhere to the Payment Card Industry Data Security Standards (PCI-DSS), defined by the PCI Security Standards Council. The PCI-DSS requirements help ensure the secure handling of payment information. The only payment processor we currently work with is PayPal, whose Privacy Notice can be consulted at this link: https://www.paypal.com/it/webapps/mpp/ua/privacy-full.
For business transactions
We may transfer your information if we are involved, in whole or in part, in a merger, sale, acquisition, divestiture, restructuring, reorganisation, dissolution, bankruptcy or other change of ownership or control.
When required by law
In certain circumstances, we may be required to disclose your personal information if required by law or in response to valid requests from public authorities: (i) to comply with a legal proceeding, such as a court judgment or order, a law enforcement investigation or other legal requirements; (ii) to assist in the prevention or detection of crime (in any case subject to applicable law); or (iii) to protect the safety of any person.
To enforce legal or contractual rights
We may also share information: (i) where disclosure could mitigate our liability in an actual or threatened legal action; (ii) where necessary to protect our legal or contractual rights and the legal or contractual rights of our users, business partners or other interested parties; (iii) to enforce our agreements with you and (iv) to investigate, prevent or take other action regarding illegal activities, suspected fraud or other wrongdoing.
Other cases
Finally, we may also provide your information: (i) to our subsidiaries and affiliates; (ii) to contractors, service providers and other third parties we use to support our business; (iii) to fulfil the purpose for which you provide it; (iv) for the purpose of including the logo of your company or organisation on our website; (v) in any other case, provided that you give us your consent.
We store and process your data mainly within the European Economic Area (EEA). However, in accordance with the Data Processing Agreement (DPA), your data may possibly be transferred to countries outside the EEA, including its storage in a database managed by a sub-processor acting on behalf of the data controller (i.e. MUV S.r.l. S.B.). In this case, the management of the database and the processing of the data are bound by the purposes of the processing and are carried out with adequate safeguards in line with the provisions of Chapter V of the GDPR. The updated list of processors and sub-processors can be requested from MUV S.r.l. S.B. at any time.
We will retain your Personal Data for up to a maximum of 12 months after your last use of the Services. We will retain and use your Personal Data to the extent necessary to comply with our legal or contractual obligations (for example, if we are required to retain your data in order to comply with applicable laws), to resolve disputes and to enforce our agreements and policies.
We will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period, except where this data is used to strengthen security or to improve the functionality of our Service, or where we are legally obliged to retain it for longer periods.
In order to protect the security of our users, we apply a data retention window of 30 days starting from the deletion of the account. During this period, the account information will be retained, even though the account will no longer be visible within the Service.
Specifically, we will delete your Personal Data upon deletion of the account (after the security retention window), while we anonymise the information recorded through MUV, such as trips, points, CO2 saved, etc., and retain it in order to use it for statistical or research purposes, such as the overall calculation of the CO2 saved thanks to our platform or the monitoring of the change in our users’ mobility habits.
Subsequently, at the end of a period of 24 months of continuous inactivity, we will also permanently delete the anonymous information, unless:
In accordance with Article 32 of the GDPR and with the Data Processing Agreement (DPA) that MUV enters into with its service providers, the controller, the processors and the persons authorised to process data adopt technical, organisational and protective measures in order to ensure a level of security appropriate to the risk and to prevent data loss, unlawful or improper use, unauthorised access to the user’s account, and the alteration, disclosure or destruction of the personal data collected.
Specifically, we store your information in encrypted databases and we separate the data (therefore your identity data and the data relating to your trips, for example, are kept in two different databases in order to increase security); furthermore, all communications between the back-end and the front-end of our Service (for example between our servers and the App) take place through the secure HTTPS protocol; finally, we do not show other MUV users your Personal Data such as your first name, surname, e-mail address or your trips, but only your nickname and aggregated game data (for example the number of points, the routes travelled, the CO2 saved, the modal split or the trophies won).
The controller, the joint controllers and the co-processors adopt measures to ensure that any natural person acting under their authority who has access to your personal data does not process it except on the instructions received from the co-processors, unless required to do so by European Union or Member State law.
We care a great deal about your privacy and we do everything possible to protect your data. Unfortunately, however, no system is completely secure, so we cannot guarantee that all the information you provide us with, in relation to the data we collect through MUV, is immune to unauthorised access by third parties. We are not responsible for events that are beyond our direct control.
In particular, your password is an important component of your security system and it is your responsibility to protect it adequately. Do not share it with third parties and, if you believe that your password or your account has been compromised, change it immediately and contact us at help@muvgame.com.
We regularly monitor our systems for possible vulnerabilities and attacks and we periodically review our information collection, storage and processing procedures in order to update our physical, technical and organisational security measures.
In accordance with Articles 13(2), 15, 18, 19, 20 and 21 of the GDPR, you have the following rights:
Please note that we may ask you to verify your identity before fulfilling these requests.
Please also note that we may not be able to provide the Service without certain necessary data.
You can exercise your rights by sending a written request to legal@muvgame.com. We will provide you with the information or take the action you have requested within 30 days.
Our Service may contain links to other sites that are not operated by us. If you click on a third-party link, you will be directed to that third party’s site. We strongly advise you to read the Privacy Notice of every site you visit.
We have no control over, and assume no responsibility for, the content, privacy policies or practices of any third-party site or service.
We recognise the importance of protecting the privacy and safety of children. For this reason, we encourage parents and carers to play an active role in monitoring their children’s online activities and interests.
Our services are limited to users who are at least 16 years old. We do not allow users under the age of 16 to access our platform and we do not knowingly collect Personal Data from anyone under the age of 16. If you become aware that a user is under 16, please report it by writing to us at help@muvgame.com. If we become aware that we have collected personal data from children under 16 without verification of parental consent, we will remove that information from our servers.
Since we are always looking for new and innovative ways to improve your mobility habits and your lifestyle, we may update our Privacy Notice from time to time. We will notify you of any changes by publishing the new Notice on this page.
We will notify you by e-mail and/or through the app before any change becomes effective, and we will update the effective date at the top of this Privacy Notice.
We therefore advise you to review this Privacy Notice periodically for any changes. Such changes are effective when they are published on this page.
If you have any questions, doubts or concerns about this Privacy Notice, you can contact us at legal@muvgame.com.
The e-mail address of the Data Protection Officer (DPO) is the following: dpo@muvgame.com.
MUV S.r.l. S.B.
Legal representative: Francesco Massa
via Belgio, 8
90146 Palermo
Italy
VAT no.: 06837280822 PEC: muv@pec.it