Apple

iOS app is now live. Download Now.

PRIVACY POLICY

Effective Date: January 12, 2023
Note: For the version of the Privacy Policy effective through December 31, 2022, please click here
This Privacy Policy describes how GME Entertainment, LLC (“we," “our” or “us”) collects, uses, and discloses personal information in connection with our GameStop Wallet (defined below and downloadable as a browser extension wallet at https://wallet.gamestop.com/ and as an iOS digital asset wallet app via Apple's App Store at here) and services therein, GameStop NFT marketplace located at https://nft.gamestop.com/ and services therein (“Marketplace”), and an IMX Grant Program application located at https://imxgrant.nft.gamestop.com (collectively, the “Services”).
GameStop Wallet is a self-custodial Ethereum wallet that enables users to (i) self custody digital assets; (ii) connect to decentralized applications (“dapps”); (iii) view addresses and information that are part of blockchain networks and broadcast transactions; (iv) access third party services, which include services provided by third party Ramp or MoonPay, respectively, for purchasing Ethereum with certain fiat currencies (which transactions will occur on a Protocol (defined below)); and (v) other features, tools, software or functionalities that may be added to the GameStop Wallet from time to time (collectively, “GameStop Wallet").
The Marketplace facilitates interactions between your self custody digital asset wallet and certain decentralized cryptographic protocols (“Protocols”); tools for users to transact with non-fungible tokens (“NFTs”) in a peer-to-peer fashion on a Protocol; access to third parties services from Ramp or MoonPay, respectively, for purchasing Ethereum with certain fiat currencies (which transactions will occur on a Protocol); access to create/mint NFTs on a Protocol that may be published on the Marketplace (whenever available); and access to other features, tools, software or functionalities in connection with the Marketplace, including, but not limited to, displaying, listing, searching and viewing NFTs. With respect to the Marketplace, your self-custody digital wallet can be your GameStop Wallet or a digital asset wallet from a third party provider (“third party digital asset wallet”).
Please make sure to review our Terms of Service for the GameStop Wallet and/or Marketplace, respectively, which contain provisions that limit our liability and require you to resolve any dispute with us on an individual basis and not part of any class or representative action.
We provide additional information for:
  • Residents of California
  • Residents of Europe (the United Kingdom, Switzerland, and the European Economic Area)
Third parties, such as Ramp, MoonPay, Immutable X, WalletConnect, game studios/developers featured on the Marketplace, or your third party digital wallet provider, may collect information through third party websites, applications, platforms, products, or services that you may access through the Services. For such third party websites, applications, platforms, products, or services, you are responsible for reviewing, agreeing, and complying to their respective Terms of Service/Use (or equivalent thereof) and Privacy Policies before access or using said third party websites, applications, platforms, products, or services.
For Ramp's Privacy Policy, go here.
For MoonPay's Privacy Policy, go here.
For Immutable X's Privacy Policy, go here.
For WalletConnect's Privacy Policy, go here.
Personal information we collect
Information you provide to us:
We collect information you provide to us directly, and through third parties (including without limitation service providers) in connection with using our Services. This may include contact information, payment information, product or service preferences, usage information, among other information. If you choose not to provide certain information, this may limit your ability to take advantage of some features, promotions, or other Services.
  • Contact and profile information, such as your name, display name, email address, physical address, profile biography, Ethereum public address details, and third party account information you provide to us (such as Twitter and Reddit usernames).
  • IMX Grant Program information, such as company/organization or project category, company/organization or project name, company/organization or project type, your name or company/organization name, your company's/organization's website address, email address, core team's city/country location, project descriptions, and funding information.
  • Marketplace Creator information (including Creator Application information), such as your name or company name, physical address, tax identification number (such as social security number), identification documents (for example, your passport or driving license number), email address, your or your company’s website address and social media account name(s) or handle(s), phone number, digital asset wallet information (such as public wallet address), information regarding your current and historical works, licensing information, content files, and other information necessary to determine approval as a Marketplace Creator or publication of content on the Marketplace.
  • Financial and transaction information, such as your profile information on the Marketplace, digital asset wallet information (such as public wallet address and transaction identification information), payment information, digital asset transaction to and from information, and information regarding transaction amounts and history.
  • Wallet information, such as network public key (public address) and digital wallet contents including cryptocurrencies, NFTs, and tokens. WE WILL NOT ACCESS OR STORE YOUR WALLET PASSWORD, PRIVATE KEYS OR SECRET RECOVERY/BACKUP PHRASE ASSOCIATED WITH YOUR DIGITAL ASSET WALLET. YOU ARE SOLELY RESPONSIBLE FOR KEEPING YOUR WALLET PASSWORD, PRIVATE KEYS AND SECRET RECOVERY/BACKUP PHRASE SAFE AND CONFIDENTIAL.
  • Feedback or correspondence, such as information you provide when you contact us with questions, feedback, or otherwise correspond with us online, and your “like” feedback on NFTs on the Marketplace.
  • Usage information, such as information about how you use the Services and interact with us, including contact lists, information associated with any content you upload to the Services or otherwise submit to us, and information you provide when you use any interactive features of the Services.
  • Marketing information, such as your preferences for receiving communications about our activities, announcements, and publications, and details about how you engage with our communications.
  • Fraud reporting information, such as full name, physical address, email address, public wallet address, and nature of the report of fraud to support an identity verification of the reporting party and investigation to the nature of fraud reported.
  • Digital Millennium Copyright Act (“DMCA”) Notices and Counter-Notices information, such as full name, physical address, email address, telephone number and details supporting the request for takedown or reinstatement of content on the Marketplace under the DMCA.
  • Additional information, may be requested from you at any time to comply with our Anti-Money Laundering (“AML”) and sanctions compliance obligations. The information required may vary according to various risk factors that we take into account while establishing a relationship with you and in the course of further transactions through the Services. Providing us with relevant information is necessary to use the Services. We may refuse to provide you with any of our Services, at our discretion and at any time, based on the results of the AML and sanctions reviews and are not obligated to disclose to you the results of such reviews. Further, we may request additional information if new or amended laws and/or regulations, a regulatory agency or a court of law require us to do so, and you agree to provide such additional information.
Information we obtain from third parties:
  • Third party digital asset wallet and digital asset transaction information. To use the Services, you may use a GameStop Wallet or third party digital asset wallet that allows you to engage our Services and transact on one or more Protocols. Your activities with any third party digital asset wallet provider are governed by the relevant Terms of Service/Use (or equivalent thereto) and privacy policy associated with your third party digital asset wallet. When you connect your third party digital asset wallet to our Services, we will access information from your wallet, including the contents of your wallet, which may include digital assets, such as cryptocurrencies, NFTs, and tokens. We may also collect information regarding Ethereum purchases that you make using fiat currency via third party services, such as Ramp or MoonPay, respectively, for regulatory compliance, such as AML and sanctions compliance. AGAIN, WE WILL NOT ACCESS OR STORE YOUR WALLET PASSWORD, PRIVATE KEYS OR SECRET RECOVERY/BACKUP PHRASE ASSOCIATED WITH YOUR DIGITAL ASSET WALLET. YOU ARE SOLELY RESPONSIBLE FOR KEEPING YOUR WALLET PASSWORD, PRIVATE KEYS AND SECRET RECOVERY/BACKUP PHRASE SAFE AND CONFIDENTIAL.
  • Other Sources. We may obtain and/or combine information we receive about you from other sources with your account information or other information we maintain about you to help us correct or supplement our records, improve the quality of our Services to you, prevent or detect fraud, and security or compliance purposes. Such sources may include information collected from affiliates, business partners, marketing partners, publicly-available sources (including, but not limited to, data that is accessible on public blockchains), identity verification services, AML and sanctions screening services, and data providers.
Automatic data collection.
  • We and our service providers may automatically log information about you, your computer or mobile device, and your interaction over time with our Services, our communications and other online services, such as:
    • Device data, such as your computer's or mobile device's operating system type and version, manufacturer and model, browser type, screen resolution, RAM and disk size, CPU usage, device type (e.g., phone, tablet), IP address, unique identifiers (including identifiers used for advertising purposes), language settings, mobile device carrier, radio/network information (e.g., WiFi, LTE, 4G), and general location information such as city, state or geographic area. We may also temporarily collect information about dapps that you are connecting to, while establishing that connection.
    • Online activity data, such as how you use our Services, how you interact with others using our Services, pages or screens you viewed, how long you spent on a page or screen, browsing history, navigation paths between pages or screens, information about your activity on a page or screen, access times, online status, last seen status, and duration of access, and whether you have opened our marketing emails or clicked links within them.
We use the following tools for automatic data collection:
  • Cookies, which are text files that websites store on a visitor's device to uniquely identify the visitor's browser or to store information or settings in the browser for the purpose of helping you navigate between pages efficiently, remembering your preferences, enabling functionality, helping us understand user activity and patterns, and facilitating online advertising.
  • Local storage technologies, like HTML5, that provide cookie-equivalent functionality but can store larger amounts of data, including on your device outside of your browser in connection with specific applications.
  • Web beacons, also known as pixel tags or clear GIFs, which are used to demonstrate that a webpage or email was accessed or opened, or that certain content was viewed or clicked.
How we use your personal information
To operate our Services:
  • • Provide, operate, maintain, secure and improve our Services, including, but not limited to, user access to features, tools, software or functionalities in connection with the Marketplace, including without limitation, tools for users to transact with NFTs in a peer-to-peer fashion on a Protocol; access to third party services from Ramp, or MoonPay, respectively, for purchasing Ethereum with certain fiat currencies (which transactions will occur through a Protocol); access to create/mint NFTs on a Protocol that may be published on the Marketplace (whenever available); and displaying, listing, delisting, searching and viewing NFTs, which may include, for example, displaying username, user bio, public wallet address, NFT contract type, NFT contract address, NFT token ID, NFT metadata and IPFS address, and links to your Reddit, Twitter and/or other social media account(s).
  • Provide information about our Services
  • Communicate with you about our Services, including by sending you announcements, updates, security alerts, and support and administrative messages.
  • Understand your needs and interests, and personalize your experience with our Services and our communications.
  • Respond to your requests, questions and feedback.
  • Investigate and address conduct that may violate Terms of Service.
For research and development. To analyze and improve the Services and to develop new products and Services, including by studying use of our Services.
Marketplace Creator Applications. Determine whether or not to approve you or your company/organization to create/mint NFTs on a Protocol and/or publish content to the Marketplace.
For the IMX Grant Program Application. We disclose your application and the information therein with Immutable X and Digital Worlds NFTS Ltd. Immutable X and Digital Worlds NFTS Ltd. review and verify the submitted applications and determine whether or not to issue you or your company/organization a grant based on your submitted IMX Grant Program application information.
Marketing and advertising. We, our corporate parents, subsidiaries, affiliates and divisions and our advertising partners may collect and use your personal information for marketing and advertising purposes, including:
  • Direct marketing. We may from time-to-time send you direct marketing communications as permitted by law, including, but not limited to, notifying you of special promotions, offers and events. You may opt out of our marketing communications as described in the “Opt out of marketing communications” section below. If you are located outside of the U.S. or U.S. Territories, please opt out of our marketing communications.
  • Interest-based advertising. We may engage our advertising partners, including third party advertising companies and social media companies, to display ads around the web. These companies may use cookies and similar technologies to collect information about your interaction (including the data described in the “Automatic data collection” section above) over time across our Services, our communications and other online services, and use that information to serve online ads that they think will interest you. This is called interest-based advertising. We may also disclose information about our users with these companies to facilitate interest-based advertising to those or similar users on other online platforms. You can learn more about your choices for limiting interest-based advertising in the “Online tracking opt-out” section below.
To comply with law. As we believe necessary or appropriate to comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities.
For compliance, accounting, tax, fraud prevention, and safety, including AML and sanctions. To: (a) protect our, your or others' rights, privacy, safety or property (including by making and defending legal claims); (b) enforce the terms and conditions that govern our Services; and (c) accounting, tax or financial reporting; and (d) protect, investigate and deter against money laundering, sanctioned countries, entities or individuals and other fraudulent, harmful, unauthorized, unethical or illegal activity.
To create anonymous data. To create anonymous data from your personal information. We make personal information into anonymous data by removing information that makes the data personally identifiable to you. We may use this anonymous data and disclose it with third parties for our lawful business purposes, including to analyze and improve our Services and promote our business.
How your personal information may be disclosed while using our Services
If you engage in a transaction with another user or through a third party service or dapp, that user, third party or dapp, respectively, will have access to your public transaction information. Users, third parties or dapps with whom you interact with may store or disclose your information with others. For such third party services and dapps, you are responsible for reviewing, agreeing and complying to the terms, notices, and policies before accessing or using said third party services and dapp.
How we disclose your personal information
At your direction. When you use our Services to engage with third parties, such as wallets, dapps, service providers and others, you direct us to disclose your information with them to provide the Services you request.
Affiliates and GameStop Corporate Group. GME Entertainment, LLC may disclose personal information among our corporate parents, subsidiaries, affiliates, or divisions (collectively, “Affiliates and GameStop Corporate Group") for business purposes in accordance with this Privacy Policy. We may disclose the information that you provide us, or that we collect about you, in connection with the promotion of our products and services and those of our Affiliates and GameStop Corporate Group, including, but not limited to, by sending or providing you with offers or promotional information.
IMX Grant Program Application. Your information will be disclosed with Immutable X and Digital World NFTS Ltd. so they can determine whether or not to issue you or your company/organization a grant based on your submitted IMX Grant Program application information.
Service providers. We may disclose your personal information to service providers and individuals that provide services on our behalf or help us operate our Services (such as customer support, hosting, analytics, email delivery, marketing, identity verification, AML and sanctions screening and database management services).
Business Partners or other Third Parties. We may use the information that you provide us, or that we collect about you, in connection with the promotion of our products and services and those of our business partners and other third parties, including, but not limited to, by sending or providing you with offers or promotional information. If you engage with an offer, product, or service from one of our business partners or other third parties, we may disclose personal information with them in accordance with this Privacy Policy.
Advertising partners. We may disclose your personal information with third party advertising companies, including for the interest-based advertising purposes described above.
For compliance, accounting, tax, fraud prevention and safety. We may disclose your personal information for the compliance; fraud prevention; accounting, tax or financial reporting; or and safety purposes described above.
Business transfers. We may sell, transfer or otherwise disclose some or all of our business or assets, including your personal information, in connection with a business transaction (or potential business transaction) such as a corporate divestiture, merger, consolidation, acquisition, reorganization or sale of assets, or in the event of bankruptcy or dissolution. In such a case, we will make reasonable efforts to require the recipient to honor this Privacy Policy.
Your Rights and Choices
Consistent with applicable law, you may exercise privacy rights described in this section such as Right to Access, Delete or Correction of your Personal Information. Please note that some of the rights may vary depending on your Country or state of residence. These rights are described below.
Rights Regarding Your Personal Information. Depending on your jurisdiction, you may have the right, in accordance with applicable data protection laws, to make requests related to your “personal information” or “personal data” (as such terms are defined under applicable law, and collectively referred to herein as “personal data”). Specifically, you may have the right to ask us to:
  • Inform you about the categories of personal information we collect or disclose about you; the categories of sources of such information; the business or commercial purpose for collecting your personal information; and the categories of third parties with whom we disclose personal information.
  • Provide you access to and/or a copy of certain personal information we hold about you.
  • Correct or update inaccurate personal information we hold about you.
  • Delete certain personal information we have about you.
Depending on your jurisdiction of residence, you may also have the right to appeal the denial of an information rights request. If you are a California resident, please see the “Notice to California Residents” section below for more information about our privacy practices and your rights. If you are a European data subject, please see the “Notice to European Residents” section below for more information about our privacy practices and your rights.
As provided in applicable law, you also have the right to not be discriminated against for exercising your rights. Please note that certain information may be exempt from such requests under applicable law. For example, we need to retain certain information in order to provide our Services to you or to ensure the security and integrity of our Services. If you ask us to delete certain information, we may not be able to provide our Services to you. We also need to take reasonable steps to verify your identity before responding to a request, which may include, at a minimum, depending on the sensitivity of the information you are requesting and the type of request you are making, verifying your name and email address.
How to Exercise Your Information Rights:
You may exercise your information rights by submitting a request to the 'Individual Rights' icon below or contacting us via one of the methods in the 'How to Contact Us' section. If you have created a profile on the Marketplace, you may review and update certain personal information in your profile by connecting your self-custody digital asset wallet to the Marketplace and clicking your Avatar on the top right corner of the webpage. You may also view your activity history, as well as owned, created, liked or hidden NFTs in your profile. If you have created a GameStop Wallet, you may view activity related to your GameStop Wallet in the Activity area of the GameStop Wallet. Note that your transactions on the Marketplace or using your GameStop Wallet may be recorded on public blockchain(s) and, as a result, available for public viewing.
Trustarc
Verifying Requests:
For security purposes, we will verify your identity - in part by verifying your email account or requesting certain information from you - when you request to exercise your information rights. Once we have verified your identity (and your agent, as applicable), we will respond to your request as appropriate.
Opt out of marketing communications. You may opt out of marketing-related emails by changing your communications preferences on your account management page or following the opt-out or unsubscribe instructions at the bottom of the email. You may continue to receive service-related and other non-marketing emails.
Online tracking opt-out. There are a number of ways to opt out of having your online activity and device data collected through our Services, which we have summarized below:
  • Blocking cookies in your browser. Most browsers let you remove or reject cookies. To do this, follow the instructions in your browser settings. Many browsers accept cookies by default until you change your settings. For more information about cookies, including how to see what cookies have been set on your device and how to manage and delete them, visit allaboutcookies.org.
    Use the following links to learn more about how to control cookies and online tracking through your browser: Firefox, Chrome, Microsoft Edge, Safari.
  • Blocking advertising ID use in your mobile settings. Your mobile device settings may provide functionality to limit use of the advertising ID associated with your mobile device for interest-based advertising purposes.
  • Using privacy plug-ins or browsers. You can block our Services from setting cookies used for interest-based ads by using a browser with privacy features, like Brave, or installing browser plugins like Privacy Badger, DuckDuckGo, Ghostery or uBlock Origin, and configuring them to block third party cookies/trackers.
  • Platform opt-outs. The following advertising partners offer opt-out features that let you opt out of use of your information for interest-based advertising: Google, Facebook, Twitter.
  • Advertising industry opt-out tools. You can also use these opt-out options to limit use of your information for interest-based advertising by participating companies: Digital Advertising Alliance, or Network Advertising Initiative.
Note that because these opt-out mechanisms are specific to the device or browser on which they are exercised, you will need to opt out on every browser and device that you use.
Do Not Track. Some Internet browsers may be configured to send “Do Not Track” signals to the online services that you visit. We currently do not respond to “Do Not Track” or similar signals. To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.
Other sites, mobile applications and services
Our Services may contain links to other websites, mobile applications, and other online services operated by third parties. These links are not an endorsement of, or representation that we are affiliated with, any third party. In addition, our content may be included on web pages or in mobile applications or online services that are not associated with us. We do not control third party websites, mobile applications or online services, and we are not responsible for their actions. Other websites and services follow different rules regarding the collection, use and sharing of your personal information. We encourage you to read the privacy policies of the other websites and mobile applications and online services you use.
Security practices
We use reasonable organizational, technical and administrative measures designed to protect against unauthorized access, misuse, loss, disclosure, alteration and destruction of personal information we maintain. Unfortunately, data transmission over the Internet cannot be guaranteed as completely secure. Therefore, while we strive to protect your personal information, we cannot guarantee the security of personal information.
Minors
Our Services are not intended for use by anyone under 18 years of age. If you are under 18, please do not attempt to create an account or send any information about yourself to us, including your name, address, telephone number or email address. No one under the age of 18 may provide any personal information to us, and we do not knowingly collect personal information from anyone under the age of 18. If we learn that we have collected personal information from anyone under the age of 18 without verification of parental consent, we will delete that information as quickly as possible. If you believe that we might have any information from or about anyone under the age of 18, please contact us immediately.
Users outside of the United States
To provide our Services, it is necessary for us to process personal information using facilities and servers in the United States.
Changes to this Privacy Policy
Our Privacy Policy may change from time to time, and we reserve the right to modify it any time. We will post any changes to this Privacy Policy on this website. If we make material changes to it, we will provide notice through our Services, or by other means, to allow your review of the changes before they become effective. If you object to any changes, you may close your account and discontinue use of our Services. Each time a user uses any Service, the current version of the Privacy Policy applies. You acknowledge that your continued use of our Services after we publish or send a notice about our changes to this Privacy Policy means that the collection, use, retention and sharing of your personal data is subject to the updated Privacy Policy.
How to contact us
Please direct any questions or comments about this Policy or privacy practices to GlobalPrivacyOffice@gamestop.com. You may also write to us via postal mail at:
GME Entertainment LLC
625 Westport Parkway
Grapevine, TX 75080
Attn: Privacy Policy
Notice to California Residents
This section applies only to California residents. For purposes of this section, “Personal Information” has the meaning given in the California Consumer Privacy Act of 2018 (“CCPA”) but does not include information exempted from the scope of the CCPA.
Your California privacy rights. California Consumers have the right to request that we disclose what Personal Information we collect, to delete that information, and to correct their information, without being discriminated against. These rights are subject to certain restrictions. You also have the right to designate an agent to exercise these rights on your behalf. In addition to the "Your Rights and Choices" section, this section describes how to exercise those rights and our process for handling those requests. We may charge a reasonable fee to comply with your request, to the extent permitted by applicable law.
Right to Non-Discrimination. We will not deny, charge different prices for, or provide a different level of quality of goods or services if you choose to exercise these rights.
We do not sell your personal information or share it for targeted advertising. Please note that the CCPA limits these rights by, for example, prohibiting us from providing certain sensitive information in response to an access request and limiting the circumstances in which we must comply with a deletion request. If we deny your request, we will communicate our decision to you. We do not sell your sensitive personal information, use it for targeted advertising, or otherwise process or share sensitive information for any purpose other than “business purposes” under California law.
How users in California can exercise their rights. California residents may exercise their California privacy rights by submitting a request to the “Individual Rights” icon below or by emailing us at GlobalPrivacyOffice@gamestop.com with “GME Entertainment CCPA Consumer Request” in the subject line.
Trustarc
Authorized Agents. California residents can empower an “authorized agent” to submit requests on their behalf. We will require the authorized agent to have a written authorization confirming that authority.
Shine the Light Disclosure. The California “Shine the Light” law gives residents of California the right under certain circumstances to request information from us regarding the manner in which we disclose certain categories of Personal Information (as defined in the Shine the Light law) with third parties for their direct marketing purposes. We do not disclose your Personal Information with third parties for their own direct marketing purposes.
Notice to European Residents
The information provided in this “Notice to European Residents” section applies only to individuals in Europe.
Personal information. References to “personal information” in this Privacy Policy are equivalent to “personal data” governed by European data protection legislation.
Controller. GME Entertainment LLC is the controller of the personal information we collect.
Europe Data Protection Representative. Please direct any questions or comments about this Policy or privacy practices to our European Data Protection Representative established in Ireland, GameStop Europe Services Limited, at GlobalPrivacyOffice@gamestop.com.
Legal basis for processing. We use your personal information only as permitted by law. Our legal bases for processing the personal information described in this Privacy Policy are described in the table below.
Processing purpose
Legal basis
  • To operate our services
    • Processing is necessary to perform the contract governing our provision of our services or to take steps that you request prior to signing up for the services. If we have not entered into a contract with you, we process your personal information based on our legitimate interest in providing the services you access and request.
  • For research and development

  • For compliance, fraud prevention, anti-money laundering, and safety

  • Creation of anonymous data
    • These activities constitute our legitimate interests. We do not use your personal information for these activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
  • To comply with law
    • Processing is necessary to comply with our legal obligations
  • For marketing and advertising purposes
    • Processing is based on your consent. Where we rely on your consent you have the right to withdraw it any time in the manner indicated when you consent or in the Services.
    Use for new purposes. We may use your personal information for reasons not described in this Privacy Policy where permitted by law and the reason is compatible with the purpose for which we collected it. If we need to use your personal information for an unrelated purpose, we will notify you and explain the applicable legal basis.
    Special Category Data. We ask that you do not provide us with any special category data (e.g., information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background, or trade union membership). If you provide us with any special category data when you use our Services, you must consent to our processing and use of such special category data in accordance with this Privacy Policy. If you do not consent to our processing and use of such special category data, you must not submit such special category data through our Services.
    Retention. We retain personal information for as long as necessary to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements, to establish or defend legal claims, or for fraud prevention purposes. To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.
    Cross-border data transfer. GME Entertainment LLC is based In the United States and any personal information you provide through the use of our services or products will be processed in the United States. If we further transfer your personal information to another country such that we are required to apply appropriate safeguards to your personal information under European data protection laws, we will do so. Please contact us for further information about any such transfers or the specific safeguards applied.
    Your rights. European data protection laws may give you certain rights regarding your personal information. If you are located in Europe, you may ask us to take the following actions in relation to your personal information that we hold:
    • Access. Provide you with information about our processing of your personal information and give you access to your personal information. If you have created a profile with us, you may review your personal information by logging into the account. If you have created a GameStop Wallet, you may view activity related to your GameStop Wallet in the Activity area of the GameStop Wallet.
    • Correct. Update or correct inaccuracies in your personal information. If you have created a profile with us, you may update certain personal information by logging into the account.
    • Delete. Delete your personal information.
    • Transfer. Transfer a machine-readable copy of your personal information to you or a third party of your choice.
    • Restrict. Restrict the processing of your personal information.
    • Object. Object to our reliance on our legitimate interests as the basis of our processing of your personal information that impacts your rights.
    European Data Subjects may exercise their privacy rights by submitting a request to the “Individual Rights” icon below.
    Trustarc
    We may request specific information from you to help us confirm your identity and process your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why, subject to legal restrictions. If you would like to submit a complaint about our use of your personal information or our response to your requests regarding your personal information, you may contact us or submit a complaint to the data protection regulator in your jurisdiction. You can find your EU data protection regulator here, your UK data protection regulator here, and Swiss data protection regulator here.