hbk314

From my limited understanding, it seems like they're doing what they can to make it as hard to reverse as they can. Perhaps they have an ad link on a review site or Youtube video review and get clicks that way? I get where you're coming from, though.

By hashing it, they're not collecting or storing it. Logically that would be compliant, but we won't really know until the law has been tested in courts.

No. It allows them to identify that some machine somewhere clicked a link and later opened the game, not that your machine or my machine did that. That's all. There's no connection to personal data. It's explicitly not personal information. GDPR applies to personal information, not all information. Red Shell collected no personal information, so GDPR does not apply.

If personal information had been collected by Red Shell, it would have been subject to that, yes. Red Shell and its stated mission were not in violation of the GDPR, unless someone would like to offer up proof that they were using data for more than they claim?

Exactly. All it sends is anonymous analytics and hardware information. That only serves to benefit KSP.

The privacy policy is very clear about what information can be collected by the game. It's also very clear that all personal information is acquired by Take2 on a voluntary basis. Additionally, the data sent by Red Shell and Unity has been analyzed, I believe several pages back in this thread, and found to contain no personal information. The concern that the game might somehow "steal" a player's personal information is completely unfounded.

Because that anonymous analytic data and hardware information is really a cause for concern. Oh wait, it isn't.

Please, read the privacy policy. It also covers the circumstances in which data may be shared, such as a court order. You've made multiple claims that show a lack of complete understanding of Take2's policies. You can't read the EULA and not the privacy policy, especially if the discussion topic is personal information and other privacy/data concerns. They don't have the right or ability to collect personal information. It's specifically stated what can be collected by the game. Personal information is collected on a voluntary basis. That does not mean that you "volunteer" your personal information by playing the game as you seem to be suggesting. They're not going to run afoul of their own privacy policy and the law. The changes were made this year because of the GDPR that went into effect in Europe on May 25th. They now have to list any personal data that could possibly come into their possession and how. There's nothing to suggest that anything has changed operationally. They just have to state it this way to comply with the new European privacy law.

It's interesting that you read and quoted those pieces, but failed to read, or maybe just failed to comprehend, the privacy policy. You stated "because the collection of these types of data is not necessary for the functions of their products," which clearly demonstrates you don't know what you're talking about. The only personal information that Take2 can acquire is done so on a voluntary basis so they can provide a service to the customer. Tell me how Take2 would be able to process a purchase from me without my name, billing address, email address and payment information. Tell me how I could sign up for a newsletter without providing my email address. How could I utilize technical support without providing them a means to respond to me, whether that be an e-mail address or a phone number? Take2 only "collects" what is necessary to serve the customer's request. None of those activities are required to play the game, so the customer isn't being forced to provide anything that they don't choose to provide voluntarily. The only information collected by the game is anonymous analytics and hardware information. Read the privacy policy: https://www.take2games.com/privacy/

I wonder how many more example of legislative overreach there are. If I'm walking down a street on a public sidewalk and happen to be in the background of some picture, there really should be no issues there, even if I have a problem with it. It's just common sense that people are going to see you if you're out in public. IANAL, but I don't believe minors, at least where I am, get any extra protections as far as being photographed in public. I'll take that over what appears to be the GDPR way.

That makes absolutely no sense, so I hope it's a misunderstanding on your part. I know that in the United States, there's no expectation of privacy when you're out in public, so you can't complain about any pictures you end up in. It's different if the pictures are taken inside of someone's privately owned house, for example.

I don't even know what you're try to say here. Anonymous gameplay data isn't personal information.

Whether your IP is or not is debatable. Generally, an IP by itself without other identifying information isn't considered personal information. I've seen it stated both ways as far as GDPR goes. Some say it is in all cases while others say it may be personal information. I guess we'll have to see how courts rule on it. But as far as Take2 goes, both Unity and Red Shell don't collect your IP any more, although that may not be totally in effect yet. I haven't checked yet. You considering log in/out times to be private information doesn't make it legally protected. I think it's perfectly understandable that a gaming company would want to know how much playtime their game is getting.

That information isn't personal information.

Well what was your goal in posting that video? If you didn't know it was false, you do now.

This video is a blatant lie based around a quote taken completely out of context. FinalFan also did a good job of summing up the problems with it. Read the privacy policy: https://www.take2games.com/privacy/ Here's the context of that quote(emphasis mine): As you can see, that list applies specifically to information you provide to Take2 voluntarily so Take2 can complete your purchase or place you on a mailing list. As it says, "The Company collects personal information from you on a voluntary basis." The privacy policy also lists exactly what is collected by the game as well is how data is handled and the limited circumstances it may be shared, such as a court order. I'd suggest that everyone take a look at it instead of allowing themselves to be misled by videos or posts making such baseless claims.

You wouldn't be having this misunderstanding if you actually read that whole section instead of picking out a "scary" paragraph out of context. It references "activities listed above," yet you cut that part out of your quote. Let me help you. There's the full context. As you can see, "all personal information is collected on a voluntary basis." That means you have to provide it to them by filling out a form, likely associated with one of the activities on that list. If you keep reading the privacy policy, you'll see that it lists what data may be collected by the game. It also states what data is used for and the limited circumstance where personal information may be shared, such as a court order. Long story short, this is much ado about nothing. This is caused by ignorance and misunderstanding. It then snowballs when people get mislead by out of context quotes and just buy into it without doing their own research. It's unfortunate, but the facts are clear. The game isn't spyware. It doesn't collect personal information. The company isn't selling its customers' private data. I suggest everyone take a look at the privacy policy: https://www.take2games.com/privacy/#3