• Privacy Policy

Privacy Policy

Privacy Policy for NAUTILUS GAMES
Purpose of this Privacy Policy

This Privacy Policy (hereinafter, the “Policy”) aims to provide you with a clear understanding of how your personal data is collected and processed through the use of this Website, including any data provided through this Website during conversations/messaging with our team or requests to learn more about our software and services.

NAUTILUS GAMES is committed to safeguarding and protecting your privacy, including data privacy and communication preferences. It is important to read this Policy together with any other Policy on this Website.

1. Introduction

NAUTILUS GAMES is the commercial brand operated by the group of companies that own the website https://www.nautilusgames.com/ (hereinafter, the “NAUTILUS GAMES,” “we,” “us,” “our,” or “Controller”). NAUTILUS GAMES is the Controller and responsible for your personal data. NAUTILUS GAMES is the “Controller” as defined in Article 4(7) of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter the “GDPR”).

For any questions regarding this Policy, please contact us.

Policy Updates

This Policy was last updated on 2023.

Third Parties

This website may include links to third-party websites and applications. Clicking/proceeding on the link(s) may allow third parties to automatically collect or share data about you. NAUTILUS GAMES informs that we do not control these third-party websites and are not responsible for their policies and/or other statements. After leaving our website, take some time to read the privacy policy and any other policy of every website you visit or plan to visit.

2. The Types of Collected Data

2.1. Personal Data

Personal data or personal information shall mean any information about the person under which such person can be identified. Such personal information does not include removed (anonymous/anonymized) data.

2.2. Categories of Personal Data

Identification Data: First, last, and middle (if applicable) name.
Contact & Communications Data: Email address, phone, Skype, or other means of possible contact.
Technical Data: IP address, type and version of the browser, time zone and location, operating system and/or device, and other technology of the devices or means to access this website.
Website Data: Information about the usage and travel on this website.

2.3. Aggregated Data

We may collect, use, and share Aggregated Data, such as statistical or demographic data, for any purpose if such a need arises. This data is derived from part of your personal data but is not considered as personal data based on GDPR.

2.4. Special Categories of Personal Data

We do not collect any special category of personal data (in the meaning of Article 9(1) of the GDPR) or any personal data in connection with criminal convictions and/or offenses.


For detailed information regarding the type and way of cookies use, please follow our Cookie Policy link.

Processing of Minors’ Data

The Website is not intended for individuals under the age of 18, and we do not knowingly intend to process such data of individuals under the age of 18. If you are a parent and/or a legal guardian and found that your child had used our Website, please contact us via available means of communication, and we will immediately apply appropriate measure(s).

3. How is Data Collected?

3.1. Ways of Data Collection

Information Provided within our Website Contact Form and/or Website Online Chat: In this way, we collect Identification data, Contact & Communication data, and etc. data if provided by the person. This information is collected through voluntary submission on our Website and will be processed to provide a clear answer to the query/request. The legal basis for such processing is your consent.
Information Obtained within the Use of our Website: In this way, we collect Website data and Technical data, including information regarding Website overview, our and our partners' products you are interested in, your dynamic IP address, browser type and operating system, referral source, etc. The legal basis for such processing is monitoring and improving our Website and interaction on it.
Information Collected via Means of Third Parties and/or Publicly Available Sources: We may collect data using services of third parties, such as Analytics providers (Google Analytics which tracks and reports Website traffic) or via the use of Social Media (Facebook, Linkedin, etc.) to ensure that the provided Identification data is true. The legal basis for such processing is protection of our own and third party legal rights.
Information Collected via Means of Our Cookies: Cookies are small-sized text files sent automatically to the person's device used for accessing our Website. The legal basis for such processing is your consent.
Information Collected for the Record and Correspondence: We may keep and process any personal information mentioned above (Clauses 3.1.1 - 3.1.4) where it is necessary to build a defense against any legal claims. The legal basis for such processing is the protection of our own, yours’, and third party (if applicable) legal rights.

4. How is Collected Data Used?

4.1. Purposes of Data Usage

The collected data is used only when the law allows such data usage. In common, personal data will be used in cases such as:

To contact you based on your Contact Form and/or Online Chat query (Article 6(1)(a) of the GDPR).
When we need to conduct the Non-disclosure Agreement for the further Business Offer proposal (Article 6(1)(b) of the GDPR).
Where it is necessary for the legitimate interest and/or protection of our own, yours’, and third party (if applicable) legal rights but only if such interests and fundamental rights do not override those interests and rights (Article 6(1)(d) & Article 6(1)(f) of the GDPR).
Where it will be needed to comply with other legal obligations as a Controller (Article 6(1)(c) of the GDPR).
As of Clause 4.1.(c), we may process personal data in our legitimate interest for the below-mentioned purposes:

Collection, record, processing, and performing statistical and other analysis of obtained information with further research for Website and its services improvements and upgrades.
Administration and development of the Website and its services.
Improvement of Website user experience, including providing personalized services.
To contact you in relation to the made request/query with further correspondence.
To conduct profiling of you and/or your activities on the Website for the purpose of the Website and its services marketing improvement.

5. Principles of Data Processing

5.1. Basic Principles

While processing personal data, we follow the basic principles of Article 5 of the GDPR:

Lawfulness, Fairness, and Transparency Principles (Article 5(1)(a)): We submit your personal data to legitimate processing and guarantee a fully transparent way of data handling.
Purpose Limitation & Data Minimization Principles (Article 5(1)(b) & (c)): We collect and process personal data only for legitimate and explicit purposes as explained in this Policy.
Accuracy Principle (Article 5(1)(d)): Personal data is safely stored, thoroughly checked, and verified with your assistance to ensure its accuracy.
Identification Principle (Article 5(1)(e)): Personal data is kept in an identifiable form that allows you to be identified.
Safety Principle (Article 5(1)(f)): Personal data is securely processed via appropriate technical and/or organizational measures.

5.2. Additional Information

Your personal data is collected only for the purposes mentioned in this Policy, and we have no intention to collect it further or outside the scope of this Policy.
Collected personal data will not be used for automated decision-making or profiling.

5.3. Non-disclosure

Without prejudice to the statements in this Policy, we neither disclose nor have the intention to disclose or transmit your personal data to any third party without your consent unless permitted or obliged by law or by a specific contractual agreement with you.

5.4. Compliance

As data Controllers of your personal data, we comply with all applicable laws and our statutory obligations.

6. Data Sharing and Disclosure

6.1. Circumstances for Sharing and Disclosure

Legal Compliance (Local & International Laws; Authority Requests; Harm Prevention): We may disclose your personal information to courts, governmental authorities, and/or law enforcement authorities or authorized third parties to the extent applicable or permitted for such actions by law or legal necessity.
Local and International Laws: We are obliged to comply with our legal obligations under applicable law(s).
Authority Requests: We are obliged to comply with our legal processing obligations and to provide a timely and proper response to claims asserted against us.
Harm Prevention: We are obliged to respond to requests in connection to criminal investigations or other illegal activity suspicions and/or any other activities where we, you, or third party can be subject to legal liabilities.
Service Providers (Third Parties): We may use services of third-party software and payment providers to help us provide our services on this Website. Service providers may be located inside or outside the European Union and/or European Economic Area (hereinafter the “EU” and “EEA” respectively). Service providers have limited access to your data and are bound by the Agreement under which they are obliged to provide the same level of protection and safety of disclosed and provided information as provided by us under this Policy.
Our Affiliates and Partners: We may share your personal information with any member of our group of companies (meaning subsidiary companies, ultimate holding company, and its subsidiaries) as well as with our partner (independent resellers) as reasonably legally and reasonably necessary for the purpose of this Policy.
Aggregated Data: We may share such aggregated information and/or any other anonymized information for the purpose of legal compliance, business and market analysis, demographic data analysis and research, marketing, and other business purposes.

7. Data Subject Rights

7.1. Rights under GDPR

Based on the GDPR, you have the following rights in connection with provided personal information:

Access or Copy Request: To access or request a copy of your provided personal information and information related to its processing.
Correction Request: To request the correction of all and any inaccuracies and/or missing personal information.
Data Portability Request: To request your personal information in portable form for the purpose of transfer to another controller (where technically feasible).
Processing Stop and Restriction Request: To request to stop and restrict all and any processing of your personal data as explicitly stated by law.
Objection Request: To object to all and any processing of your personal data as explicitly stated by law.
Objection Against Automated Processing: To object against automated processing, including profiling, which has or may have an impact on you.

7.2. Exercising Your Rights

All of the rights stated in Section 7.1. may be executed by sending an email letter to the Controller email mentioned in the Introduction section. Before the start of action from our side, we may ask you to identify yourself to guarantee the protection and safety of processed personal data.

7.3. Response Time

The response to the request will be provided within one (1) month from the receipt of the letter request. Notwithstanding the above-mentioned response period, it can be prolonged for an additional three (3) months based on the complexity of the request and the amount of other pending requests. We may reject fulfillment of the request with appropriate and relevant justification for such rejection.

8. Withdrawing Consent and Restriction of Processing

8.1. Consent Withdrawal

Where the consent to process personal data has been obtained from you and we have no other lawful and legal ground to do otherwise, you have the right to withdraw such earlier provided consent at any time by sending a letter on the email mentioned in the Introduction section with the specification of the consent you are willing to withdraw. Notwithstanding the above-mentioned, the withdrawal of your consent does not affect the lawfulness of any processing activities based on such consent before such consent withdrawal.

8.2. Restriction of Processing

In addition to all of the above-mentioned, the GDPR may give you the right to limit the ways in which we use your personal information, specifically:

You deny the accuracy of your personal information.
The processing is unlawful, and you oppose such personal information processing.
We no longer need your personal information for the purposes of the processing, but you require the information for the establishment, exercise, or defense of legal claims.
You have objected to the processing pursuant to the next section, and pending the verification whether the legitimate grounds of the Data Controller override your own.

9. Objection of Processing

9.1. Right to Object

You have the right to object to the processing of personal data where it is done on a lawful basis and in our legitimate interest. If we process your personal data based on provided consent, you have the right to withdraw it. Nevertheless, we may still process your personal data where there are or may be other relevant lawful bases or we have compelling grounds to continue the processing of personal data in our interests, which are not overridden by your rights, interests, or freedoms.

10. Data Retention and Deletion

10.1. Retention Period

We will retain your personal information for the period necessary to contact you and/or perform the contract between you and us or for the period of our legal obligation. Where your personal data is no longer needed, it will be automatically erased.

10.2. Retention Criteria

To identify the appropriate retention period, we take into account the size, quantity, nature and sensitivity of the personal data, potential risks of harm from unauthorized use or disclosure of your personal data, the purposes for the personal data to be processed, and the applicable legal (regulatory) or other possible requirements.

10.3. Right to Erasure

You have the right to request erasure of personal data where it is no longer necessary for us, however, there are exclusions to the right. The general exclusions, where processing is necessary, include a legal (regulatory) obligation and/or defense against all and any legal claims.


We may transfer, store and process your information within our companies or share it with Service providers based outside EU and/or EEA for the purpose stated in this Policy.

We take all necessary and adequate measures to keep your personal data, during the transfer, at the same secure level outside the EU and/or EEA as it is within EU and/or EEA and as it should be in accordance with this Policy.

About Us