Humble Bundle Privacy Policy

Updated December 26, 2019

If you have any questions about our Privacy Policy, you can contact us at Privacy@humblebundle.com and include 'Privacy Policy' in the subject line. If you have any questions related to Data Subject Access Rights under GDPR or CCPA, you can contact us through our DSAR Portal.

1. Privacy Policy Overview
2. What Categories of Information We May Process
3. Sensitive Personal Information
4. How We Collect or Create Information
5. Purposes for Which We May Process Your Information
6. Direct Marketing
7. Cookies, Similar Technologies and Online Behavioral Advertising
8. What is the Lawful Basis for Processing Personal Information
9. What Information We Disclose to Third Parties
10. International Transfers of Information
11. Data Security
12. Data Accuracy
13. Data Minimization
14. Data Retention
15. What Can I Do to Control My Information?
16. Terms and Conditions
17. Contact Details
18. California Consumers
19. How this Privacy Policy May Change

1. Privacy Policy Overview

Humble Bundle, Inc., with its parents, affiliates and subsidiaries (collectively, "Humble Bundle", "us", "our" or "we"), owns, operates, or provides access to, interactive websites, mobile and connected applications, and other online interactive features and services, including, but not limited to, emails, newsletters, the Humble Widget for developers, and promotional giveaways (collectively "Services"). This Privacy Policy applies to all information collected about you by Humble Bundle, regardless of how it is collected or stored, and describes, among other things, the types of information collected about you when you interact with the Services, how your information may be used, when your information may be disclosed, how you can control the use and disclosure of your information, and how your information is protected.

Except as otherwise noted in this Privacy Policy, Humble Bundle is a data controller (as that term is used under the EU General Data Protection Regulation ("GDPR")), which means that we decide how and why the information you provide to us is processed. This Policy explains how we use the information you provide to us to be able to continue to provide the Services. Please contact us using our DSAR Portal. This Policy may be amended or updated from time to time to reflect changes in our practices with respect to the Processing of your information, or changes in applicable law. We encourage you to read this Policy carefully, and to regularly check this page to review any changes we might make.

2. What Categories of Information We May Process

"Personal Information" means information that is about any individual, or from which any individual is directly or indirectly identifiable.

"Process", "Processing" or "Processed" means anything that is done with any Personal Information, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

We may Process the following categories of Personal Information about you:

• Personal Details: your name; username or log in details; password; and areas or topics of interest.
• Demographic Information: age/date of birth; and language preferences.
• Contact Details: postal address; telephone and/or mobile number; email address; and your public social media handles or profile(s).
• Consent Records: records of any consents you may have given, together with the date and time, means of consent and any related information (e.g., the subject matter of the consent).
• Purchase and Payment Details: records of purchases and prices; subscription details; how much you choose to pay and which charities you designate as recipients of your money; invoice records; payment records; billing address; payment method; cardholder or accountholder name; payment amount; and payment date;
• Views and Opinions: any views and opinions that you or other users choose to send to us, or publicly post about us on social media platforms or in the Services.

We also collect other kinds of information from you or other sources, which we refer to as "Other Information" in this Policy, which may include but is not limited to:

• Information about your use of the Services, such as usage data and statistical information, which may be aggregated.
• Browsing history including the websites or other services you visited before and after interacting with the Services.
• Searches for and interactions with e-commerce opportunities, such as offers contained in the Services
• Non-precise information about the approximate physical location (for example, at the city or zip code level) of a user's computer or device derived from the IP address of such computer or device ("GeoIP Data").
• Internet Protocol ("IP") address, which is a unique string of numbers automatically assigned to your device whenever you access the Internet.
• Information collected through the use of cookies, Javascript, pixel tags, and other technologies, including information collected using such methods and technologies about (i) your visits to, and interaction and engagement with, the Services, content and ads on third party websites, applications, platforms and other media channels ("Channels"), and (ii) your interaction with emails including the content and ads therein (collectively, "Online Data").
• Device type, settings and software used.
• Log files, which may include IP addresses, browser type, ISP referring/exit pages, operating system, date/time stamps and/or clickstream data, including any clicks on customized links.
• Web Beacons, which are electronic files that allow a website to count users who have visited that page or to access certain cookies.
• Pixel Tags, also known as clear GIFs, beacons, spotlight tags or web bugs, which are a method for passing information from the user's computer to a third party website.
• Local Shared Objects, and Local Storage, such as HTML5.
• Embedded Scripts which are programming codes designed to collect information about your interactions with the Service by temporarily downloading onto your device from our web server or a third party with whom we work.  Embedded scripts are only active while you are connected to the Service and are deleted or deactivated thereafter.
• Mobile analytics to understand the functionality of our mobile applications on your phone.

Under certain circumstances and depending on applicable law, some of this Other Information may constitute Personal Information. Personal Information together with Other Information is hereinafter referred to as "User Information".

3. Sensitive Personal Information

We do not collect or otherwise Process Personal Information about race or ethnicity, political opinions, religious or philosophical beliefs, trade union membership, physical or mental health, sexual life, any actual or alleged criminal offences or penalties, or any other information that may be deemed to be sensitive under GDPR (collectively, "Sensitive Personal Information") in the ordinary course of our business. Where it becomes necessary to Process Sensitive Personal Information under GDPR, we would rely on one of the following legal bases:

• Compliance with applicable law: We may Process your Sensitive Personal Information where the Processing is required or permitted by applicable law;
• Detection and prevention of crime: We may Process your Sensitive Personal Information where the Processing is necessary for the detection or prevention of crime (including the prevention of fraud);
• Establishment, exercise or defense of legal rights: We may Process your Sensitive Personal Information where the Processing is necessary for the establishment, exercise or defense of legal rights; or
• Consent: We may Process your Sensitive Personal Information where we have, in accordance with applicable law, obtained your prior, express consent prior to Processing your Sensitive Personal Information.

Children. The Services are not intended for use by children, especially those under 13. No one under the age of 13 should provide any Personal Information. Minors under the age of 18 are not permitted to make purchases through the Services or obtain coupons or codes from the Services to purchase goods or services on third party websites. If it is discovered that we have collected Personal Information from someone under 13, we will delete that information immediately.

4. How We Collect or Create Information

Collection of User Information: We may collect User Information about you from the following sources:

• Data you provide: We may obtain your Personal Information when you provide it to us across our Services (e.g., where you sign up for emails or newsletters; register for site membership or create a profile or account on any part of the Services; enter a promotional giveaway; participate in surveys; contact us via email, telephone or by any other means; or purchase a subscription, etc.).
• Business relationship data: We may collect or obtain your Personal Information in the ordinary course of our relationship with you (e.g., if you make a purchase from us).
• Data you make public: We may collect or obtain your Personal Information that you clearly choose to make public, including via social media (e.g., we may collect information from yoaur social media profile(s) if you make a public post about us).
• Service data: We may collect or obtain your Personal Information when you visit, download, use or register to use any part of our Service.
• Widget data: if you use the Humble Bundle widget on a third party developer's website to purchase that developer's game, Humble Bundle may obtain your Personal Information to process your purchase and make that purchase available to you. In such interactions, Humble Bundle acts as a processor.
• Content and advertising information: If you choose to interact with any third party content or advertising on the Channels, we may receive User Information about you from the relevant third party.
• Third party information: We may collect or obtain your Personal Information from service providers and third parties who provide it to us and combine such information with information we have collected about you. This may include channels such as social network sites or services (e.g., Facebook, Twitch, Steam, Battle.net, etc.). We may also obtain information about purchases you make from our billing processors such as Amazon and PayPal or, if you link your Humble Bundle account to Steam, information related to your Steam account, including information about the games you own on the Service. To the extent we combine such third party sourced information with Personal Information we have collected about you on the Service, we will treat the combined information as Personal Information under this Privacy Policy.

Please note that Humble Bundle is not responsible for the information you volunteer about yourself in the discussions in certain public areas of the Services or information that you choose to make public in your member profile or other areas of the Services that allow users to upload or post content. We discourage users from posting such Personal Information in this fashion. You can change your publicly available information at any time via your profile page. To request removal of your Personal Information from these areas, please contact us using our DSAR Portal. In some cases, we may not be able to remove your Personal Information, in which case we will let you know we are unable to do so and why.

This Privacy Policy does not cover the practices of third parties, including those that may disclose information to Humble Bundle. We are not responsible for the accuracy of any information provided by third parties or third party policies or practices.

Creation of User Information. We may also create User Information about you, such as records of your interactions with us and details of your purchase history, for internal administrative purposes and analysis. We may also combine data you have provided to us with data obtained from third parties such as social networks.

5. Purposes for Which We May Process Your Information

The purposes for which we may Process User Information, subject to applicable law, include:

• Provision of the Services to You: providing the Services to you from Humble Bundle or its partners including (i) offering of promotional giveaways, (ii) processing of your payment information for your purchases or subscriptions, both on the Service as well as developer's sites, (iii) management of your account, (iv) offering promotional and marketing information to you, and (v) customer support and relationship management.
• Offering and Improving the Services: operating and managing the Services for you; providing personalized content to you; communicating and interacting with you via the Services; identifying issues with the Services and planning improvements to or creating new Services; and notifying you of changes to any of our Services.
• Surveys: engaging with you for the purposes of obtaining your views on our Services.
• Communications: communicating with you via any means (including via email or social media) regarding information in which you may be interested, subject to ensuring that such communications are provided to you in compliance with applicable law; maintaining and updating your contact information where appropriate; and obtaining your prior, opt-in consent where required. We may provide direct marketing to you as set out in Section 6 below.
• Advertising: providing advertising based on your interests and interactions with the Services and Channels, including using User Information to serve you advertisements on the Channels. For further information, please see Section 7 below.
• Audience Engagement: identification and development of audience engagement, advertising and promotional strategies on various platforms and channels, both within the Service and on Channels.
• User Engagement and Purchases: tracking purchase traffic and activity across the Service and on Channels, including review of your browsing history (if available); provision of analytics and measurement of cost of traffic against money being made.
• Payment of Third Party Developer Games: handling payment processing for those who wish to purchase games from third party game developers who do not have the ability to handle such operations. In such instances, Humble Bundle acts as a processor and passes along some Personal Information to third party developers so the developer can send users the final version of the game purchased, as well as to allow the user to store and maintain purchases in the Humble Bundle library.
• Fraud Prevention: Our Service uses third party fraud prevention software designed to prevent your credit card and other Personal Information from being used in a fraudulent purchase through the Service. This offering works by analyzing user behavior and detecting patterns that indicate fraud; these third parties may also track your activity over time and over a network of sites.
• Marketing to Customers: We may market to current and prospective customers and their employees who have indicated an interest in doing business with, or have previously conducted business with, Humble Bundle in order to further generate and promote our business. Such efforts include sending marketing emails to drive the use of services offered by Humble Bundle.
• IT Administration: administration of Humble Bundle's information technology systems; network and device administration; network and device security; implementing data security and information systems policies; compliance audits in relation to internal policies; identification and mitigation of fraudulent activity; and compliance with legal requirements.
• Security: electronic security measures (including monitoring of login records and access details) to help mitigate the risk of and provide the ability to identify and rectify a security incident.
• Financial Management: general business and financial management purposes, including: economic, financial and administrative management; planning and reporting; personnel development; sales; accounting; finance; corporate audit; and compliance with legal requirements
• Investigations: detecting, investigating and preventing breaches of policy, and criminal offences, in accordance with applicable law.
• Legal Proceedings: establishing, exercising and defending legal rights.
• Legal Compliance: Subject to applicable law, we reserve the right to release information concerning any user of Services when we have grounds to believe that the user is in violation of our Terms and Conditions or other published guidelines or has engaged in (or we have grounds to believe is engaging in) any illegal activity, and to release information in response to court and governmental orders, other requests from government entities, civil subpoenas, discovery requests and otherwise as required by law or regulatory obligations. We also may release information about users when we believe in good faith that such release is in the interest of protecting the rights, property, safety or security of Humble Bundle, any of our users or the public, or to respond to an emergency.

6. Direct Marketing

We may Process your User Information to contact you via email or other methods of communication to provide you with information regarding the Services that may be of interest to you. We may send information to you regarding the Services, upcoming promotions and other information that may be of interest to you, using the contact details that you have provided to us and always in compliance with applicable law.

You may unsubscribe from our newsletter lists at any time by following the unsubscribe instructions included in every email we send. We will not send you any emails from a list you have selected to be unsubscribed from, but we may continue to contact you to the extent necessary for the purposes of any other Services you have requested or for additional emails you have signed up for.

7. Cookies, Similar Technologies and Online Behavioral Advertising

Humble Bundle and its partners may use cookies and other tracking technologies to analyze trends, administer Services, track users' movements around the Services and on third party sites, devices and applications, and to gather demographic information about our user base. You can control the use of cookies at the individual browser level, but if you choose to disable cookies, it may limit your use of certain features or functions on the Services.  Please see our Cookie Policy for more information, including a more in-depth explanation of what cookies are, the different types of cookies used on the Services, and how to change or delete them.

Tracking technologies on the Services may be deployed by Humble Bundle and/or by our service providers or partners. Certain tracking technologies enable us to assign a unique identifier to you, and relate information about your use of the Services to other information about you, including your User Information. We may match information collected from you through different means or at different times and use such information along with offline and online information obtained from other sources (including from third parties), including, but not limited to, demographic information and updated contact information, for the purposes of learning more about you so we can provide you with relevant content and advertising.

When you receive email messages or newsletters from us, we may use web beacons, embedded scripts, customized links, clear GIFs or similar technologies to determine whether the email has been opened and which links you click in order to provide you with more focused email communications or other information, and/or to aggregate that information with other data we collect to use for some or all of the purposes outlined in this Privacy Policy.

We and our partners (including but not limited to e-commerce partners, affiliates, and analytics providers) also may use technologies such as pixel tags, IP addresses, and Local Storage such as HTML5 to analyze trends; administer the Services; collect and store information such as user settings and anonymous browser identifiers; supplement our server logs and other methods of traffic and response measurement; track users' location and movements around the Services; gather demographic information about our user base; and to improve our understanding of traffic on the Services and visitor behavior. We may receive reports based on the use of these technologies by these third party companies on an individual and aggregated basis. Various browsers may offer their own management tools for removing Local Storage.

We may use mobile analytics software to collect data and to better understand the functionality of our mobile software, devices and applications on your phone and other devices. This software may record information such as how often you use the application, the events that occur within the application, aggregated usage, performance data, and where the application was downloaded from. We may link this information to User Information.

Certain third parties may collect information about you for online behavioral advertising ("OBA") purposes in order for you to receive relevant interest-based advertising on the Services and on other websites, platforms and media channels. OBA is also referred to as interest-based advertising.

These third parties may use Online Data as well as other User Information to send you OBA. For example, if you read an article about a particular subject on the Services, the third party may use cookies to later serve you an advertisement for a particular product or service related to the viewed article. These third party vendors may connect information about pages you visit on the Services with information about pages you visit on other Channels and show you advertising based on this combined information. These advertisements may appear when you are visiting a different section of the Services or on another Channel.

The specific providers we use for OBA are subject to change. For a list of some of the applicable providers, click here. For more details about OBA and opting out, see Section 15 below.

8. What is the Lawful Basis for Processing Personal Information

In Processing your User Information in connection with the purposes set out in this Policy, we may rely on one or more of the following legal bases, depending on the circumstances:

• Consent: We may Process your User Information where we have obtained your prior, express consent to the Processing (this legal basis is only used in relation to Processing that is entirely voluntary - it is not used for Processing that is necessary or obligatory in any way);
• Contractual necessity: We may Process your User Information where the Processing is necessary in connection with any contract that you may enter into with us;
• Compliance with applicable law: We may Process your User Information where the Processing is required by applicable law;
• Vital interests: We may Process your User Information where the Processing is necessary to protect the vital interests of any individual; or
• Legitimate interests: We may Process your User Information where we have a legitimate interest in carrying out the Processing for the purpose of managing, operating or promoting our business, and that legitimate interest is not overridden by your interests, fundamental rights, or freedoms.

9. What Information We Disclose to Third Parties

We may disclose your User Information to other entities within the Company group, for legitimate business purposes (including operating the Services, and providing services to you), in accordance with applicable law. In addition, we may disclose your User Information to:

• legal and regulatory authorities, upon request, or for the purposes of reporting any actual or suspected breach of applicable law or regulation;
• outside professional advisors (such as accountants, auditors, or lawyers), subject to binding contractual obligations of confidentiality;
• third party Processors (such as analytic providers; data centers; etc.), located anywhere in the world, subject to the requirements noted below in this Section 9;
• any relevant party, law enforcement agency or court, to the extent necessary for the establishment, exercise or defense of legal rights;
• any relevant party for the purposes of prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, including safeguarding against and the prevention of threats to public security;
• any relevant third party acquirer(s), in the event that we sell or transfer all or any relevant portion of our business or assets (including in the event of a reorganization, dissolution or liquidation);
• any relevant third party provider, where our Channels use third party advertising, plugins or content. If you choose to interact with any such advertising, plugins or content, information about your activities on the Channels to provide you targeted advertising based upon your interests may be shared with the relevant third party provider. If you click or tap on or otherwise interact with an advertisement, the advertiser may assume that you meet its target criteria;
• third party developers for whom Humble Bundle processes payments for. Humble Bundle may provide your email address to these third party developers so they may deliver the final version of the game you purchased.
• any sponsors of promotional giveaways, the registration data for such events is to be used by us as part of User Information, and may be shared with the sponsor and others, subject to this Policy and the sponsor's privacy policy. We may also share your information with third party vendors involved in the administration of such events. For promotional giveaways, please read the official rules or terms and conditions carefully before you submit your information; and
• to third parties whose practices are not covered by this Privacy Policy (e.g., third party providers of goods and services, marketing and advertising companies and agencies, analytics providers and retailers).

Certain functionalities on the Service permit interactions that you initiate between the Service and certain third party services ("Third Party Features"). Examples of Third Party Features include "liking" or "sharing" content over social media platforms through our Service or linking your Humble Bundle account to a third party service such as Steam, Twitch, or Battle.net. If you use Third Party Features, both Humble Bundle and the third party may have access to certain information about you and your use of our Service and the third party service. For example, if you link your Humble Bundle account to Steam, we may receive information related to your Steam account for the duration of the linking, including information about the games you own on the Service. Similarly, if you post information on a third party service that references our Service (e.g., by using a hashtag associated with Humble Bundle in a tweet or status update), your post may be used on or in connection with our Service or that third party service. We are not responsible for the practices employed by websites linked to or from the Service, nor the information or content contained therein or any information third parties obtain through your use of Third Party Features. Please remember that when you use a link to go from the Service to another website, our Privacy Policy is no longer in effect. Your browsing and interaction on any other website, including those that have a link on our website, is subject to that website's own rules and policies. Please read over those rules and policies before proceeding.

With respect to surveys, in the event that responses are publicly disclosed, users will be notified at the time they take the survey. Otherwise we will disclose only aggregate information regarding its users' responses in surveys to other participants in the survey. Where surveys allow users to submit written comments, and where Humble Bundle advises users of the possibility of such disclosure at the time they take the survey, Humble Bundle reserves the right to disclose any information provided by users, provided that no User Information identifying a specific user is disclosed.

Some of our advertisers may use third party advertising service companies to serve advertisements, for OBA or otherwise, and perform related services when you interact with the Channels. Often, these third party advertising companies employ cookies and other technologies to measure the effectiveness of website, app and email advertisements and to create a record of interaction with our content that they use in conjunction with their advertising which appears on other sites or applications, or for reporting website traffic, app use, statistics, advertisement data and/or other activities on the Services. We also engage third party providers to assist with the segmentation of this data.

We may engage third party providers to assist with the collection, storage and segmentation of Online Data and the providers are required to maintain the confidentiality of this information. These third party providers may collect User Information from our Services for their own purposes, such as to monitor fraud around the web.

If we engage a third-party Processor to Process your User Information, the Processor will be subject to binding contractual obligations to: (i) only Process the User Information in accordance with our prior written instructions; and (ii) use measures to protect the confidentiality and security of the User Information; together with any additional requirements under applicable law.

The Services contain links to other sites or partners whose information practices may be different from ours. You should consult the privacy policy of these third parties to learn how your privacy is protected.

10. International Transfers of Information

Because of the international nature of our business, we may need to transfer your User Information within the Humble Bundle group of companies, and to third parties as noted in Section 9 above, in connection with the purposes set out in this Policy. For this reason, we may transfer your User Information to other countries that may have different laws and data protection compliance requirements to those that apply in the country in which you are located.

Humble Bundle, Inc. participates in and has certified its compliance with the E.U.-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework. Humble Bundle is committed to subjecting all Personal Information received from European Union (E.U.) member countries and Switzerland, in reliance on the Privacy Shield Framework, to the Framework's applicable principles. To learn more about the Privacy Shield Framework, please visit the U.S. Department of Commerce's Privacy Shield List. Humble Bundle is responsible for the processing of Personal Information it receives under the Privacy Shield Framework and subsequent transfers to a third party acting as an agent on its behalf. Humble Bundle complies with the Privacy Shield principles for all onward transfers of Personal Information from the E.U. and Switzerland, including the onward transfer liability provisions. With respect to Personal Information received or transferred pursuant to the Privacy Shield Framework, Humble Bundle is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, Humble Bundle may be required to disclose Personal Information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. If you are a European individual with a privacy related complaint, concern or question about Ziff Davis' privacy practices, please contact us through our DSAR Portal and we will respond within a reasonable time after receiving your request. Under certain conditions, more fully described on the Privacy Shield website, European individuals may invoke binding arbitration when other dispute resolution procedures have been exhausted.

Where we transfer your Personal Information from the EEA to recipients located outside the EEA who are not in a jurisdiction that has been formally designated by the European Commission as providing an adequate level of protection for Personal Information, we do so on the basis of standard contractual clauses. You may request a copy of the relevant standard contractual clauses by using our DSAR Portal.

Please note that when you transfer any Personal Information directly to a Company entity established outside the EEA, we are not responsible for that transfer of your Personal Information. We will nevertheless Process your Personal Information, from the point at which we receive the data, in accordance with the provisions of this Privacy Policy.

11. Data Security

We have implemented appropriate technical and organizational security measures designed to protect your User Information against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, unauthorized access, and other unlawful or unauthorized forms of Processing, in accordance with applicable law. In certain instances we may use Secure Sockets Layer encryption and/or transfer certain User Information in a non-human readable format to provide protection. However, we cannot guarantee there will not be a breach, and we are not responsible for any breach of security or for the actions of any third parties.

Because the internet is an open system, the transmission of information via the internet is not completely secure. Although we will implement reasonable measures to protect your information, we cannot guarantee the security of your data transmitted to us using the internet. Any such transmission is at your own risk and you are responsible for ensuring that any Personal Information that you send to us are sent securely.

12. Data Accuracy

We take every reasonable step to ensure that your User Information that we Process is accurate and, where necessary, kept up to date, and any of your User Information that we Process that you inform us is inaccurate (having regard to the purposes for which they are Processed) is erased or rectified.

13. Data Minimization

We take every reasonable step to ensure that your User Information that we Process is limited to the User Information reasonably necessary in connection with the purposes set out in this Policy or as required to provide you services or access to the Services.

14. Data Retention

We take every reasonable step to ensure that your User Information is only Processed for the minimum period necessary for the purposes set out in this Policy. The criteria for determining the duration for which we will keep your User Information are as follows: we will retain copies of your User Information in a form that permits identification only for as long as is necessary in connection with the purposes set out in this Policy, unless applicable law requires a longer retention period. Unless there is a specific legal requirement for us to keep the information, we plan to retain it for no longer than is necessary to fulfill a legitimate business need.

Except as may be set forth in this Privacy Policy, Online Data related to OBA is retained by Humble Bundle for not more than 180 days after which it shall expire. However, the 180 day period may commence again if the same user subsequently visits or interacts with an ad, email, the Services or a Channel.

15. What Can I Do to Control My Information?

You may directly take steps to change your preferences as follows:

Access to Your Personal Information. Upon request Humble Bundle will provide you with information about whether we hold any of your personal information. You may access, correct, or request deletion of your personal information by logging into your account or contacting us through our DSAR Portal. We will respond to your request within a reasonable timeframe.

Your Newsletter and Email Subscriptions. You can opt out or unsubscribe to a newsletter or other email list at any time by following the instructions at the end of the newsletters or emails you receive. Please allow five to ten business days for changes to take effect. On some parts of the Service, member service-related communications are an integral part of such Services to which you subscribe and you may continue to receive emails as part of that particular portion of the Services unless you cancel your account, even if you opt out of the newsletters or email list. If you have provided more than one email address to us, you may continue to be contacted unless you request to unsubscribe each email address you have provided.

Push Notifications. We send you push notifications from time-to-time in order to update you about any events or promotions that we may be running. If you no longer wish to receive these types of communications, you may turn them off by adjusting the permissions in your mobile device. Please note that your opt out is limited to the device used and will not affect subsequent subscriptions or non-promotional communications, such as those about your account, transactions, servicing or Humble Bundle's ongoing business relations.

Mobile Applications. There are a variety of tracking technologies that may be included in mobile applications, and these are not browser-based like cookies and cannot be controlled by browser settings. Some use device identifier, or other identifiers such as "Ad IDs" to associate app user activity to a particular app and to track user activity across apps. You can stop all collection of information via our mobile applications by uninstalling them. Also, you may be able to exercise specific privacy choices, such as enabling or disabling certain location-based services, by adjusting the permissions in your mobile device (which is usually located in the Settings area of your device).

Unlinking your Humble Bundle Account from Third Party Services. If you have linked your Humble Bundle account with certain third party services, such as Steam, Twitch, or Battle.net, you may unlink your accounts at any time by visiting your Humble Bundle account settings. Please note that unlinking your accounts will not affect any information previously shared through the linking, and Humble Bundle may continue to use and share that information in accordance with this Privacy Policy. Humble Bundle is not responsible for any third party data practices, and we recommend that you carefully review their online policies. Steam (which is owned and operated by Valve Corporation) has a privacy policy available here.

OBA. European Union and Swiss residents should visit the European DAA by clicking here. Canadian residents should visit the DAA of Canada by clicking here. U.S. residents and residents of all other countries or territories not listed above can click here for the DAA site to learn more about the use of cookies, your opt-out choices, and more. For information about the DAA's opt out program for mobile apps, click here. Please be aware that, even if you are able to opt out of certain kinds of interest-based advertising, you may continue to receive other types of ads. Opting out only means that those selected members should no longer deliver certain interest-based advertising to you, but does not mean you will no longer receive any targeted content and/or ads (e.g., from other ad networks). Humble Bundle is not responsible for effectiveness of, or compliance with, any third-parties' opt-out options or programs or the accuracy of their statements regarding their programs.

Cookies and Pixel Tags. You may stop or restrict cookies and pixel tags on your computer or purge cookies from your browser by adjusting your web browser preferences. However, if you "turn off," purge, or disable cookies or pixel tags, although you may still use the Services, you may not be able to use all of the features, functions, or services available on the Services.

California Residents. In accordance with the California Online Privacy Protection Act, we may collect Personal Information about your online activities when you use the Services. While we give our users many avenues to opt out of providing Personal Information, we do not respond to Web browsers' "do not track" signals. California's "Shine the Light" law, Civil Code Section 1798.83, permits our users who are California residents to periodically request and obtain certain information about any Personal Information disclosed to third parties for direct marketing purposes. If you are a California resident and wish to make such a request or if you wish for us to refrain from gathering your Personal Information, please submit your request in writing to the contact details set out in Section 17 below.

EU Residents. GDPR provides certain rights for EU residents. You may decline to share certain information with us, in which case we may not be able to provide some of the features and functionality of the Services. These rights include, in accordance with applicable law, the right to object to or request the restriction of processing of your information, and to request access to, rectification, erasure and portability of your own information. Where we process your information on the basis of your consent, you have the right to withdraw that consent (noting that such withdrawal does not affect the lawfulness of any Processing performed prior to the date on which we receive notice of such withdrawal, and does not prevent the Processing of your Personal Information in reliance upon any other available legal bases). Requests should be submitted by contacting us using the DSAR Portal. If you are an EU resident and have any unresolved privacy concern that we have not addressed satisfactorily after contacting us, you have the right to contact the appropriate EU Supervisory Authority and lodge a complaint.

16. Terms and Conditions

For more information concerning your use of the Services, please visit the Humble Bundle Terms and Conditions, which are incorporated by reference into this Privacy Policy.

We recommend that you review our Terms and Conditions regularly, in order to review any changes we might make from time to time.

17. Contact Details

If you have any comments, questions or concerns about any of the information in this Policy, or any other issues relating to the Processing of User Information carried out by us, or on our behalf, please contact:

Humble Bundle
c/o Ziff Davis
Attention: Legal Department
114 Fifth Avenue, 15th Floor
New York, NY 10011 privacy@humblebundle.com

Our Data Protection Officer may be contacted at dpo@humblebundle.com. For GDPR related inquiries, please use our webform at DSAR Portal.

If we are unable to resolve your complaint directly, you may submit your complaint at no cost to you to JAMS.

18. California Consumers

(a) Right to Know About Information Collected, Disclosed or Sold

You have the right to request that we disclose what personal information we collect, use, disclose, and sell. To submit a verifiable request, please visit https://dsar.humblebundle.com or email privacy@humblebundle.com

If you have an account with us, we will verify the request by confirming the email address used to make the request is the same as the email address on file for the account. If you do not have an account with us, we will verify the request by sending an email to the email address used to make the request. We may ask for additional information reasonably related to the request to verify the request.

(b) Collection of Personal Information

The categories of California consumers' Personal Information we may collect are listed above in Section 2 ("What Categories of Information We Process"). In reference to Section 2, we may collect Personal Details, Demographic Information, Contact Details, Consent Records, Purchase and Payment Details, Employer Details, Views and Opinions and User Information.

We may collect California consumers' Personal Information from the sources listed in Section 4 ("How We Collect User Information"). As defined in Section 4, this may be: Data You Provide; Business Relationship Data; Data You Make Public; Service Data; Widget Data; Content and Advertising Information; and Third Party Information. We may obtain personal information from the following sources as defined in Section 2 ("What Categories of Information We Process"): GeoIP Data; ID; IDFA; IP address; ISP; SSID; IMSI; IMEI; Log files; Web Beacons; Pixel Tags; Local Shared Objects, such as Flash cookies, and Local Storage, such as HTML5, and equivalents.

We use this data for the purposes listed above in Section 5 ("Purposes for which we may Process your Personal Information") or for Direct Marketing as outlined in Section 6 ("Direct Marketing").

(c) Disclosure or Sale of Personal Information

We may and may have disclosed the categories of Personal Information listed in Section 9 ("What Information We Disclose to Third Parties") to our vendors, service providers and partners for a business purpose.

We may and may have disclosed Personal Information to the following categories of third parties for a business purpose:

• third party Processors for the purpose of providing the Services to you;
• third party developers if you use the Humble Bundle widget on that developer's website to purchase a game;
• third party providers where our Services use third party advertising, plugins or content;
• third party providers to assist with the collection, storage and segmentation of Online Data. These third party providers may collect User Information from our Services for their own purposes, including but not limited to, monitoring fraud around the web; and
• third party sponsors of promotional giveaways and third party vendors involved in the administration of such events.

We have not sold any personal information to third parties for a commercial purpose in the preceding twelve (12) months.

The Services are not intended for use by minors. We do not sell personal information of minors under 16 years of age without affirmative authorization.

(d) Right to Request Deletion of Personal Information

You have the right to request deletion of Personal Information collected or maintained by us. To do so, please submit a request via https://dsar.humblebundle.com or email privacy@humblebundle.com. If submitting a request by email, we may ask for additional information to verify your request.

(e) Right to Opt-Out of the Sale of Personal Information

You have the right to opt-out of the sale of Personal Information by a business. We do not sell your personal information.

(f) Right to Non-Discrimination for the Exercise of a Consumer's Privacy Rights

You have the right not to receive discriminatory treatment by the business for exercising your privacy rights conferred to you by the California Consumer Privacy Act.

(g) Authorized Agent

To make a request under the California Consumer Privacy Act on a consumer's behalf, we require a signed authorization letter from the consumer to privacy@humblebundle.com.

(h) Contact for More Information

If you have any questions or concerns about our privacy policies and practices, you may contact us via https://dsar.humblebundle.com or email privacy@humblebundle.com.

(i) Date Privacy Policy Last Updated

Our Privacy Policy was lasted updated as of the date indicated at the beginning of the policy.

19. How this Privacy Policy May Change

We may change this Privacy Policy from time to time, and all changes will be effective at the time we post them. If we believe there is a significant change to this Privacy Policy or our data collection and use practices, we will indicate on our websites that our Privacy Policy has changed prior to the change becoming effective. The then-posted version of the Privacy Policy supersedes all prior versions. Your continued access to or use of any of the Services shall be deemed your acceptance of the Privacy Policy.

We urge you to come back to this web page and review this Privacy Policy regularly so that you remain aware of the terms and conditions that apply to you.