Djaron: Source is GOG's current pricavy policy terms, i dunno whenever it was changed nor how the previous iteration was worded so i'll only use the current one
https://support.gog.com/hc/en-us/articles/212632109-Privacy-Policy (is it a reliable official enough source for you all ? if not, then it's useless)
Pay attention to the occurences and paragraphs containing the word "partners". Let's agree that, as GOG decided to do some kind of business of any sort with Facebook (i think at least THAT is sort of official already, right, you wont deny this i hope) and so, Facebook can be seen as a "partner" regarding this Privacy Policy of GOG.
"2.5 For personal information contained in this Privacy Policy which is used by GOG, GOG is the data controller under European Union data protection legislation. For personal information contained in this Privacy Policy which is used by our Partners in connection with GOG services, then the relevant partner(s) will be the data controller under European Union data protection legislation." This one is pure bonkers, as we already know for sure that whatever could happen, and regardless of that being already contested in EU court so far (yet no closure or final decision), FB clearly states in its TOS and EULA that all of their activities (including what they do with users personal data, or data they gather from their partners - aka here GOG - will only be put under authority of the country's court that is the most beneficial to them (some USA state's court, not sure if it"s california or whatever), despite whatever country the user or the business partner may be based, and regardless FB has a local antenna (a juridictional entity) in said country.
So, as soon as any kind of data ill be shared between FB and GOG, FB will be allowed to do whatever they want with it without any concern for EU legislation ! It already happened enough so far... we should know the drill.
"5.1 We may collect, process and use information about you in the following ways (either directly or via our Partners as explained above): (a) information you give us via GOG services; (b) information given when you contact us or report a problem with GOG services; and (c) we may also ask you to complete surveys that we use for research purposes, although you don't have to respond to them. We may collect this information via GOG services or trusted third parties connected with us for optional things like surveys or polls." So that indicate the scope and sources of said user data GOG has fromus. Of course, i mean, this is a standard term here (but still, notice how the whole partners' role is slipped up inside). So when you create and use a user account on GOG, you have to give some info for the GOG service(s) to work properly. Note that the soon "big announcement" about the whole "happy family all friends" social fest will create new areas of collecting data through new services within GOG.
[i]"7.1 All information you provide to us is stored on our secure servers or those of our trusted partner services. (snip additional tech related part of the paragraph, and this is a standard and expected one). Once we have received your information, we will use strict procedures and security to prevent unauthorised access to our servers.
All information you provide to us is stored on our secure servers or those of our trusted partner services"[/i]
I'd like you to go dig out about what FB clearly states regarding data that are stored in their own infrastructures and whatever rights they grant themselves over it as soon as said data become stored there.
And however, the standard TOS listing the kind of "rights" and actions they grant themselves (or other GAFMA companies as well, as it is a typical standard TOS of those lot) is claimed to be required for technical necessities... but believe me, it is a bit overkill and cleverly worded in a too wide and vague way, because if you were to list and word the rights and action you would require only for tech's sake, it wouldnt have to be worded like this ! A convenient excuse, and it's already a foretaste of those big companies' obvious real intent and personal interest (protip: such goals and interests are NOT in your favor in any way... for those GAFAM folks, WE are the product... which usually had the self-excusing argument that their services are free... but it went beyond that, because same TOS apply to subscription-based or paying services and members as well)
[i]"9.2 GOG services may also offer you easy and optional access to GOG-approved partners’ services, e.g. the websites and games provided by our sister company CD PROJEKT RED. In order to do this, we will need to share some of your personal information (e.g. your email address) with them, as long as you agree to it. This personal information will be protected under our partner’s privacy policy.
You can use GOG services to access cool stuff from GOG-approved partners. We will need to share some personal information with them (which you control). It is up to you if you want to use your GOG account for this or not."[/i]
Now pay extra attention to this last one. As soon and as long as FB is in business with GOG, you have to consider that FB is one of those partners listed in this paragraph.
Notice that information shared from GOG to FB will then be "protected" (or "treated") under this partner's privacy policy. I let you enjoy the whole fun that is FB's privacy policy, and what they did so far regarding that.
I'm quoting most of this post because it contains very important information that goes way beyond the relatively small infringement of publicly revealed amount of games and hours spent on them (now reversed as it's possible to hide your profile, like should have been possible from the start).
Your data getting transferred and analysed by Facebook? Now THAT is serious.
