GDPR Privacy Notice

Last updated: August 30, 2022

This General Data Protection Regulation (“GDPR”) privacy notice (this “GDPR Notice”) applies to “personal data” (as that term is defined in the GDPR) we process relating to natural persons located in the European Economic Area (“EEA”), the U.K., or Switzerland, or natural persons who are otherwise subject to the protections of the GDPR by us as a ‘data controller’ as set forth herein (collectively, “Covered Individuals,” “you,” or “your”). This GDPR Notice should be read in conjunction with, and is included in, our Privacy Policy. You should also read our Terms of Use prior to using any of our Services. Any capitalized terms or other terms not defined herein shall have the meaning given to them elsewhere in our Privacy Policy, or, if not defined herein or elsewhere in our Privacy Policy, the GDPR.

To the extent of any conflict between this GDPR Notice and any other provision of the Privacy Policy, this GDPR Notice shall control only with respect to Covered Individuals and their personal data. If you are located outside of the EEA, the U.K., or Switzerland, please consult our Privacy Policy.

I. Purposes and Legal Bases

Z League is the data controller of personal data of Website visitors (“Visitors”) and players that use our Services (“Players”), in each case, for the purposes and under the legal bases described in the table below (or otherwise described in this GDPR Notice). Please note that the category of “Visitors” includes Players, to the extent such Players utilize our Website.

Data Subject Category
Purpose & Legal Basis of Processing
Visitors and Players
(a) Provision of the Services: We use Players’ profile information, such as name, address, and gamertag (or similar gamer ID), in our legitimate interest as necessary for fulfillment of any agreement between us and the Players in relation to our Services, such as tournaments and related payouts, or in our legitimate interests in understanding analytics regarding the Services (e.g., amount of active Players, most popular tournaments) (b) Information Security: Our web servers will log Visitors’ IP addresses and other information (e.g., browser information, operating system, request date/time, user agent string, referral and exiting URL) in order to maintain an audit log of activities performed. We use this information pursuant to our legitimate interests in tracking usage of our Services, combatting DDoS or other attacks, and removing or defending against malicious Visitors. (c) Email Communications: We will answer email inquiries pursuant to our legitimate interest in answering such inquiries, to ensure Visitor and Player satisfaction, and to further business relationships. We will send e-mail marketing communications to Visitors and Players based only on their written consent. (d) General Business Development: We have a legitimate interest in processing the personal data of Visitors and Players to further business relationships and ensure Visitor and Player satisfaction (e.g., by answering inquiries per Email Communications above). (e) Digital Advertising and Analytics: We utilize digital advertising and web audience measurement pixel technologies, such as Facebook Custom Audiences, Google AdWords, and Google Analytics, in each case, pursuant to Visitors’ consent, for purposes of targeted advertising and understanding of Visitors’ use of the Website for optimization purposes. We upload email addresses via Google or other digital properties pursuant to our legitimate interests in digital advertising. (f) Compliance with Applicable Law: We will process Visitors’ and Players’ personal data pursuant to (a) our obligations under member state, EU, UK, or Swiss law or (b) our legitimate interests in complying with applicable law generally. This includes responding to lawful governmental requests and establishing, exercising, or defending legal claims. (g) Other: We may process Visitors’ and Players’ personal data for other purposes as otherwise disclosed to you (e.g., via “just-in-time” notices).

II. Recipients

Our personnel process Visitors’ and Players’ personal data for the purposes listed above. Such personal data is also disclosed to the following categories of recipients in relation thereto: cloud storage and web hosting providers, technical assistance and security vendors, database management/back-up services, analytics services, digital marketing services (e.g., marketing automation), and customer relationship management/CRM platforms.

III. Retention

We process your personal data for as long as we have a legitimate business relationship with such Visitors or Players or unless otherwise deleted upon request by you. Z League may also retain certain of such personal information for internal analysis purposes. Activity information is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of our Services, or where we are legally obligated to retain this data for longer periods.

IV. Your GDPR Rights

  1. Right to lodge a complaint: You have the right to lodge a complaint about our data collection and processing actions with the supervisory authority concerned. Contact details for data protection authorities are available here.
  2. Individual Rights: You are entitled to certain rights under the GDPR with respect to personal information that we have processed or collected, to the extent we can sufficiently verify your identity. We have listed below how these rights operate in the context of using our Services. You may contact us at to request the exercise of these rights, with the subject line “GDPR Notice”. We will make every effort to respond promptly, and in any case within 30 days of your request (unless an extension is necessary, in which case we shall inform you as such).
  3. Your right of access. Upon request, Z League will provide you with information about whether we hold any of your personal information. We will also provide access to one copy of your personal information that we may hold free of charge.
  4. Your right of rectification. You may request to review, delete, or update your personal information to ensure it is accurate. You may update or change certain personal information associated with your Z League account by logging into your Z League account and directly making the desired changes. If you would like to update either your e-mail address or birthdate, you may contact us and notify us of the changes.
  5. Your right to be forgotten. You may request to have us erase your personal information that we may hold if the data is no longer necessary for the purpose for which it was collected, you withdraw consent and no other legal basis for processing exists, or you believe your fundamental rights to data privacy and protection outweigh our legitimate interest in continuing the processing. We will inform you which of your personal information may be erased without violating our legal obligations.
  6. Your right to restrict or object to our processing. You have the right to ask us not to process your personal information if we are processing your data based on legitimate interests or the performance of a task in the public interest as an exercise of official authority (including profiling); or using your data for direct marketing (including profiling). You also have the right to ask us not to process your personal information while a rectification request is pending.
  7. Your right to data portability. You have the right to request a copy of your personal information, including your transaction history, such as tournaments played. We will provide this information in a downloadable in machine-readable format.
  8. Your rights related to automated decision making and profiling. Z League does not subject you to significant solely-automated decisions. However, if you disagree with our decisions with respect to you or your account, you may request a review by contacting us.

V. Objecting to Legitimate Interest/Direct Marketing

You may object to personal data processed pursuant to our legitimate interest. In such case, we will no longer process your personal data unless we can demonstrate appropriate, overriding legitimate grounds for the processing or if needed for the establishment, exercise, or defense of legal claims. You may also object at any time to processing of your personal data for direct marketing purposes by clicking the unsubscribe link within a marketing email. In such case, your personal data will no longer be used for that purpose.

VI. Transfer of Personal Data To Outside the EEA

Your personal data may be transferred and stored outside of the country from which it was collected.  The laws of such countries may not provide for the same levels of protection as the GDPR.

VII. Governmental Access Requests

We may be required to disclose personal data in response to lawful requests by public authorities, including for the purpose of meeting national security or law enforcement requirements. We may also disclose personal data to other third parties when compelled to do so by government authorities or required by law or regulation including, but not limited to, in response to court orders and subpoenas.

VIII. Corporate Restructuring

In the event of a merger, reorganization, dissolution or similar corporate event, or the sale of all or substantially all of our assets, we expect that the information that we have collected, including personal data, would be transferred to the surviving entity in a merger or the acquiring entity pursuant to our legitimate interests relating thereto. All such transfers shall be subject to our commitments with respect to the privacy and confidentiality of such personal data as set forth in this GDPR Notice.

IX. Updates to this GDPR Notice

If, in the future, we intend to process your personal data for a purpose other than the purpose(s) for which it was collected, we will provide you with information on that purpose and any other relevant information at a reasonable time prior to such processing. After such time, the relevant information relating to such processing activity will be revised or added appropriately within this GDPR Notice, and the “Last Updated” date at the top of this page will be updated accordingly.

X. How to Contact Us

Reach out to with the subject line “GDPR Notice” for any questions, complaints, or requests regarding this GDPR Notice.