PRIVACY POLICY

Last Update: December 11, 2024

 

Before you access our Services and share any personal data with us, make sure to read our Privacy Policy or have your parent or guardian read and explain it to you.

 

We want you to make informed decisions about what personal data you share with us and how you share it.

 

This Privacy Policy explains who we are, how we process your personal data, and how you can exercise your privacy rights.

 

We are HYPERHUG LTD, a company under laws of Republic of Cyprus, with its address at: 156 Ellados st., 3041 Limassol, Cyprus (“HYPERHUG”, “we”, “us”, “our”), a developer and publisher of games and mobile game applications that are made available via app stores including the Apple App Store and Google Play Store.

 

This Privacy Policy applies to personal data that we collect through our websites (“Websites”), games and mobile applications (“Apps”), as well as other products that link to this Privacy Policy (together, “Services”).

 

If you have any questions regarding the processing of your personal data, please contact us at [email protected].

 

     I.         Data practices across our Services:

Our Services vary in the following aspects:

1)    Content and functionality:

The personal data you share with us will depend on the specific Service (e.g., Website, App, or other product) you access or use. These differences arise from the varying usage options available across our different Services.

 

2)    Ways to exercise your privacy rights:

The only universal method to exercise your privacy rights across all our Services is by contacting us at [email protected].

 

Other ways may differ depending on the specific Service you access or use.

 

Regardless of these differences, we are committed to providing you with the most effective means to safeguard your privacy rights while ensuring an optimal experience with our Services.

 

   II.         Scope of personal data processing

1.     Data subjects:

We value the privacy of those who access or use our Services.

 

Our data protection system is designed to safeguard the personal data of adults and minors (“Data subjects”).

 

Our Services are available only to individuals who meet the minimum age requirements of their region. This is typically 13 years, but in areas like the European Economic Area (EEA), users must be at least 16 unless local laws allow a lower limit (no less than 13 years).

 

We take extra steps to protect the personal data of users under 18. Read more about it in the Section “Children”.

 

2.    Children:

A.    Minimum age of access and use of our Services:

Use of our Services is restricted to users who meet the minimum age requirement specified in our Terms of Service.

 

The minimum age depends on your country of residence, but cannot be less than 13 years old.

 

The minimum age set in our Terms of Service is based not only on the requirements of applicable data protection laws but also on the age requirements in the contract laws of the territories we target with our Services.

 

We encourage you to review our Privacy Policy and our Terms of Service periodically to stay informed.

 

Please note: You can find published age recommendations on: Apple’s App Store on iTunes and Google Play. However, these age or maturity classifications refer only to the content in our games (similar to movie ratings G, PG or PG-13 in the U.S., but related to gameplay, animations, etc.). For more on how these categories are defined, visit these support websites for Apple and Google.

For more information on how to protect children online, please visit this link.

 

If we become aware that you do not meet this requirement, we may take steps to restrict your access to our Services and delete your data.

 

B.    Conditions of data processing:

We do not knowingly collect or solicit personal data from anyone under the minimum age or knowingly allow such persons to use our Service.

 

If you are under the minimum age, please do not send any information about yourself to us.

 

From the moment we become aware that you are under the minimum age, we will immediately delete all your personal data that we may have collected.

 

If you believe that we might have any information from or about a child under the age of 13, please contact us at [email protected].

 

C.    Consent of children under the age of 16:

We are located in Cyprus (in the EU). This means that we are subject to the General Data Protection Regulation (“GDPR”) and Cypriot Law 125(I)/2018.

 

This means that you must be at least 14 years old to give your consent for data processing, unless your country of residence has set a higher age limit (15 and older) to give your consent for the processing of your personal data.

 

If you are under the minimum age of consent required by your countrys laws, your access and use of our Services will rely on your parent or legal guardian’s consent.

 

Before giving consent, you or your parent/legal guardian should carefully read this Privacy Policy, our Terms of Service (link), and other documents we will make available to you regarding our data practices and the Services’ functionalities.

 

If you have additional questions about our privacy practices related to children, please contact us at [email protected].

 

3.    Personal data we process:

We want to make it clear that processing of your personal data is necessary for providing our Services. Without data processing, we cannot technically and organizationally provide our Services to you.

 

We respect your privacy rights as specified by law.

You are not required to share your personal data with us if you do not agree with our data processing activities or for any other reason.

 

Depending on their nature:

A.    General (non-sensitive) personal data:

This category includes personal data that, by its nature, does not present significant risks to your fundamental rights and freedoms.

 

For example:

name; email address; age; preferred language of our Services.

 

We may process general personal data in accordance with different legal bases.

 

Read more about legal bases for data processing in the Section “How we process your personal data”.

 

B.    Sensitive personal data:

This category includes personal data that, by its nature, poses significant risks to your fundamental rights and freedoms.

 

For example:

Account log-in information; financial information (financial account, debit/credit card).

 

We may process sensitive personal data in specific cases, such as when you give us your explicit consent, or when processing is necessary for the establishment, exercise, or defense of legal claims.

 

If you do not want to give us your explicit consent to process your sensitive personal data, please do not provide such data.

 

Read more about legal bases for data processing in the Section “How we process your personal data”.

 

Depending on their source:

We collect personal data from various sources.

 

We may collect your personal data:

a)    automatically from the device you use to access our Services,

b)    actively and directly from you, or

c)     from a third party you have instructed to share your personal data with us.

 

A.    Automatically from the device you use to access our Services:

When you access or use our Websites, we do not collect and subsequetly process any personal data.

 

When you access or use our Apps, we collect and subsequetly process the following personal data:

  1. Log Information:

We log information about your use of our Apps, including the type of device you use, the features you use, access times and your IP address.

 

  1. Device Information:

We collect information about the device you use to access our Apps, including information about the device manufacture, device model, device's OS, time zone of device, language of device.

 

  1. Device identifiers:

We collect online identifiers of the device you use to access our Apps, including IDFA, Google Ads ID, Google Device ID, Game Center ID, Google Play Account ID.

 

  1. Usage Information:

We collect information relating to your use of our Apps, including your game progress, scores, achievements and interactions with other players.

 

  1. Consumption information:

We collect information about your consumption habits relating to your use of our Apps, including which purchases you make with both virtual and real currencies and the reception of virtual goods in-game.

 

B.    Actively and directly from you:

We collect the following personal data from you when you access and use our Services, create an Account, communicate with us, make a payment or interact with us any other way:

 

When you create an Account in our App, we may require you to provide your nickname, and other necessary information to grant you access and enable you to use our Services.

 

When you use our App (e.g., create a server name, send messages in chat, add in-app friends), we may collect the information you provide and record updates on your in-app status. You freely determine the information you provide us.

 

When you communicate with us (e.g., via email, forum, chat for support), we may collect your name, email address, the contents of your message or any attachments you send, and other information you choose to provide.

 

When we send you emails, we may track whether you open them or click on links to help us improve our Services and deliver a better user experience.

 

C.    From third parties you have instructed to share your personal data with us:

If you log into our Apps using a Third-Party Service (e.g., Apple ID and Google Account), we access information about you from that service, such as your screen name, profile information and friend lists.

 

Your personal data will be processed in accordance with the relevant privacy policies of Third-Party Services, such as:

 

When other users send us information about you (e.g., using the in-app report form), we may process this information under the warrant that it was provided in strict compliance with applicable laws and regulations.

 

When you make in-app purchases using the authorized Third-Party Payment Processors (e.g., Apple Payments and Google Payments), your payment transactions will be processed by the Third-Party Payment Processors. We will only get certain personal data about you from the Third-Party Payment Processors in accordance with the Third-Party Payment Processor’s privacy policies.

 

For Apple Payments, the privacy policy is located at https://www.apple.com/legal/applepayments/privacy-notice/.

 

For Google Payments, the privacy policy is located at https://payments.google.com/payments/apis-secure/get_legal_document?ldo=0&ldt=privacynotice.

 

4.    How we process your personal data:

To process your personal data, we need a purpose (reason) and a legal basis (ground).

 

Legal bases for processing of your general (non-sensitive) personal data and sensitive personal data are different.

 

We process your personal data for the following purposes pursuant to the following legal bases:

Purpose

Description

Legal bases

Non-Sensitive Data

Sensitive Data

Provision and maintenance of Services.

We use your information for:

·       providing our Services and their content,

·       resolving technical issues,

·       understanding and analyzing trends related to the usage of our Services, and

·       administering our Services.

 

Contract with you, i.e. Terms of Use (link)

Explicit consent

Improvement and development of Services.

We use your information for:

·       improving our Services and their functionality,

·       enhancing user experience,

·       identifying and addressing areas of improvement,

·       analyzing user feedback and behavior, and

·       developing new features and updates for our Services.

 

Contract with you, i.e. Terms of Use (link)

Explicit consent

Security of Services.

We use your information for enhancing the safety and security of our Services.

 

Contract with you, i.e. Terms of Use (link)

Explicit consent

Customer support.

We use your information for providing customer support to you and to respond to your inquiries.

 

Contract with you, i.e. Terms of Use (link)

Explicit consent

Marketing.

We use your information to show advertisements for:

·       our Apps within our Services,

·       our Apps in third-party apps,

·       third-party advertisements within our Apps.

 

Please see more in the Section “How we share your personal data”.

 

Legitimate interest.

We do not use your sensitive personal data for this purpose.

Tracking and fraud prevention for advertising purposes.

 

We use your information for:

·       tracking how our advertising campaigns perform and

·       identifying and preventing fraud for our advertising campaigns.

 

Legitimate interest

We do not use your sensitive personal data for this purpose.

Analytics and research.

We use your information for:

·       understanding and analyzing trends in connection with the usage of our Services,

·       analyzing demographic information about our user base,

·       creating reports and analysis for the purposes of research or business intelligence, for example to track potential problems or trends with our Services, or to test our new features and content.

 

Legitimate interest

We do not use your sensitive personal data for this purpose.

Legal compliance.

We use your information for complying with applicable laws and regulations. For example, we use your country or region for tax reporting purposes.

 

Legal obligation

Establishment, exercise or defense of legal claims.

 

Defense of rights and interests.

We use your information for:

·       protecting our legal rights and interests,

·       responding to claims, disputes, or legal actions,

·       preventing fraud, abuse, or other unlawful activities,

·       ensuring the security and integrity of our Services, and

·       cooperating with law enforcement or regulatory authorities when required.

Legitimate interest

Establishment, exercise or defense of legal claims.

 

 

5.    We do not “sell” your personal data.

Under certain data protection laws, such as California's CCPA, the term 'sell' refers to the act of transferring, sharing, or making your personal data available to a third party in exchange for monetary gain or other valuable consideration.

 

We do not “sell” your personal data.

 

However, we share your personal data with third parties to fulfill the purposes described above, in the Section “How we process your personal data”.

 

6.    How we store your personal data:

We process your personal data only as long as necessary to provide our Services, fulfill the purposes described above, in the Section “How we process your personal data”.

 

The retention period for your personal data is determined by the following criteria:

      The duration for which personal data is needed to provide our Services.

      The nature of personal data (e.g., general or sensitive).

      Any requests by user for personal data deletion.

      Any contractual or legal obligations requiring the ongoing processing of personal data.

 

For details on why we process your data, refer to Section “How we process personal data”.

 

7.    How we share your personal data:

We share your personal data with the following categories of recipients:

  1. Service providers:

To provide our Services, we may use the following service providers such as server hosting providers, technical service providers for supporting internal operations, user login services and analytics service providers:

·       Adjust GmbH.

·       Meta, Inc.

·       Google LLC.

·       Appfigures.

·       AppsFlyer Ltd.

·       Amplitude, Inc.

 

  1. Other users:

We may share your personal data with other users of our Services in order to provide certain in-app features (e.g., chat functions, leaderboards).

 

If you use the chat functions in our Services, please note that any personal data you share may be visible to others.

 

Once shared, you lose some control over your personal data, as others can extract and use it for their own purposes in breach of our Terms of Service (link).

 

Our Terms of Service outline the limitations and restrictions on the use of our Services and their contents. They also specify the liability for any breach.

 

As we cannot fully control how our Services and their contents are used, we strongly advise you to avoid any actions that could result in unwanted consequences for you, your personal data, or for us, including our reputation, Services, rights, and interests.

 

  1. Social networks:

Our Apps offer or can offer social sharing features and other integrated tools (such as the Facebook “Like” button), which let you share actions you take in our Apps with other media.

 

The use of such features enables the sharing of information with your friends or the public, depending on the settings you establish with the entity that provides the social sharing feature.

 

You must be over the minimum age limit that is prescribed by the legislation in the individual jurisdictions to use any social sharing features integrated in our Apps.

 

  1. Advertising network companies:

We may share your device identifiers with advertising network companies to deliver advertisements to you within our Apps, based on the information we collect about you from your use of our Services.

 

The list of advertising network companies may change. We encourage you to review our Privacy Policy periodically to stay informed.

 

We may use the following advertising network companies:

§  Meta, Inc.

§  Google LLC

§  Unity Technologies

§  IronSource

§  Applovin Corporation

§  MoPub, Inc.

§  ByteDance Ltd.

§  Amazon.com, Inc.

§  Fyber

§  MobFox US LLC

§  TapJoy, Inc.

§  Snap Inc.

§  Tencent Holding Ltd.

 

  1. Affiliates:

We may share your personal data with our affiliated companies, which are businesses that are either under our control or that control us.

 

If we’re involved in a business deal like a merger, selling assets, financing, or being bought by another company, we may share or transfer your personal data to a successor or affiliate along with other assets.

 

  1. Third parties:

We may be required by applicable law, rule, regulation, or legal process to disclose your personal data to third parties.

 

We may share your personal data with third parties, including authorities, when your actions are inconsistent with the spirit or language of this Privacy Policy, our Terms of Services (link), or any other document applicable to our Services or if the disclosure is necessary to protect the rights, property and safety of HYPERHUG or others.

 

The recipients’ processing of your personal data is not covered by this Privacy Policy.

 

If you have questions about the processing carried out by such recipients, you should review their privacy policies.

 

8.    Cross-border transfer of your personal data:

Personal data is processed in places where we, our Data processors and other data recipients are located. It means that your personal data may be transferred to – and maintained on servers located outside of your state, province, country or other governmental jurisdiction where the applicable laws and regulations may differ than those from your jurisdiction.

 

We are located at Cyprus (the EU). Therefore, depending on the purpose of processing of your personal data, their nature, and your location of access and use of our Services, your personal data

may be transferred to, stored, and processed in the EU countries. The data processing in the EU countries may not provide the same protections as the laws of your jurisdiction.

 

When the processing of your personal data is taking place outside of your state, province, country or other governmental jurisdiction from which you are accessing and using our Services, we have put in place appropriate safeguards to protect your personal data.

 

When a cross-border transfer of your personal data takes place, we typically rely on adequacy decisions or standard contractual clauses (SCCs) as the legal bases. If these do not apply, but we still need to transfer personal data in the course of our activities, including to provide our Services, we may rely on your explicit consent or the necessity for the performance of our Terms of Service (link), where applicable.

 

9.    Push notifications and unsolicited messages:

We may send push notifications or alerts to your mobile device to provide game-related information, service updates, promotional communications and other related messages, if you have agreed to such notifications.

 

You can deactivate these notifications by changing your notification settings on your device.

 

10.                  Security of your personal data:

We implement technical, organizational and legal measures in an effort to protect personal data from loss, theft, misuse, unauthorized access, disclosure, alteration, and destruction, taking into account the nature of the personal data that we process and the risks associated with it.

 

The high level of security and safety of your personal data is also ensured by our Data processors, whose data processing practices are described in their privacy policies. Read more about it in the Section “How we share your personal data”.

 

No security system is perfect. Therefore, we cannot guarantee the absolute security of our Services or that personal data will not be intercepted while being transmitted to us.

 

For your protection, we recommend accessing or using our Services within a secure environment.

 

 III.         Your Privacy Rights:

Depending on your territory of residence, your privacy rights will vary.

 

Notwithstanding your location, we will do our best to ensure that your personal data will be processed in accordance with best practices.

 

1.    Privacy Rights of Residents in the EEA and UK:

We process and answer your requests without undue delay and in any event within one month of our receipt of the request unless a longer period is required due to the complexity of the request. In this case, our response time can be up to three months in total as permitted by Article 12 of the GDPR.

 

Right to withdraw your consent:
If you gave us your consent for the processing of your personal data, you have the right to withdraw your consent at any time.

 

If you withdraw your consent, we will stop processing your personal data for the purpose for which it was withdrawn.

 

Withdrawing your consent does not affect the lawfulness of processing carried out based on your consent before its withdrawal.

 

Right to be informed:

You have the right to be informed about the collection and use of your personal data. This includes information on the purposes of processing your data, the categories of data being processed, the retention periods for that data, and who it will be shared with.

 

Right to access:

You can request confirmation that your personal data is being processed and obtain a copy of the data, as well as additional information about the processing, such as the purposes, categories of data, recipients, and retention periods.

 

Right to rectification:

If you find any inaccuracies in the personal data we hold about you, you can request a correction.

 

Right to data portability:

You can obtain and reuse your personal data for your own purposes across different services.

 

Rights related to automated decision making:

You can opt out of profiling activities used for making decisions that could have legal or similarly significant effects on you.

 

Right to restrict processing:

You can restrict the processing of your personal data when:

      you contest the accuracy of your personal data;

      you suspect that the processing is unlawful;

      you believe that we no longer need your personal data for the purposes of processing, but you may require your personal data for the establishment, exercise or defense of legal claims;

      you object to the processing of your personal data based on our legitimate interest while we are verifying whether our legitimate interest overrides yours.

 

Right to object:

You can object to processing based on legitimate interests.

 

Right to opt-out of processing for advertising purposes:

You can object to the processing of your personal data for advertising purposes and/or for analytics purpose.

 

If you object to the processing of your personal data for advertising and/or analytics purposes, we will cease processing your data for such purposes.

 

When you use our Services, third parties may process data about your mobile device and how you use our Services in order to serve ads on other apps or websites that are tailored to your interests.

 

Examples of data that may be processed can include:

IP addresses, identifiers associated with your mobile device or applications on the device, how you use our apps, items you put in your basket, or any links you click on when you are in our apps.

 

If you wish to opt out, please use one of the following methods:

 

Right to erasure:

You can request the deletion or removal of your personal data, in particular, when:

      your personal data is no longer necessary for the purposes of its processing;

      you withdraw consent on which the processing is based, and where there is no other legal ground for the processing;

      you object the processing based on our legitimate interest;

      you suspect that your personal data has been unlawfully processed.

 

Right to lodge a complaint:

If you believe that our processing of your personal data infringes upon your rights, you can lodge a complaint with the relevant Data Protection Authority (DPA) (for UK residents, this would be the Information Commissioner’s Office).

 

2.    Privacy Rights of Residents in California:

For California residents, we are not currently subject to the requirements of the CCPA as amended by the CPRA because:

      our annual gross revenues do not exceed $25 million,

      we do not buy, receive, sell, or share the personal information of 100,000 or more California residents, households, or devices annually, and

      we do not derive 50% or more of our annual revenues from selling or sharing California residents' personal information.

 

Therefore, you will only have rights under the EU GDPR.

 

Even though you are located in California, the EU GDPR applies because the processing is carried out by us, an EU-based entity.

 

Once we meet any of the criteria for CCPA applicability mentioned above, we will implement the following procedures.

 

We endeavor to respond to a verifiable consumer request within 45 days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. We will deliver our written response by mail.

Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable.

 

For data portability requests, we will select a format to provide your personal data that is readily usable and should allow you to transmit the information from one entity to another entity without hindrance.

 

Right to opt out of the sale or sharing of your personal data:
You may request us to stop selling or sharing your personal data (“opt-out”).

 

“Sharing” refers specifically to sharing for cross-context behavioral advertising, which is the targeting of advertising to a consumer based on the consumer’s personal data obtained from the consumer’s online activity across numerous websites.

 

Right to know:

You can request us to provide you the following information:

a)    the categories and/or specific pieces of personal data we have collected about you,

b)    the categories of sources for that personal data,

c)     the purposes for which we use that information,

d)    the categories of third parties with whom we disclose the data, and

e)    the categories of information that we sell or disclose to third parties.

 

You can make a request to know up to twice a year, free of charge.

 

Right to delete:

You can request us to delete personal data we collected from you and tell our service providers (Data processors) to do the same, unless certain exceptions apply (such as if we are legally required to keep your personal data).

 

Right to correct:

If you find any inaccuracies in the personal data we hold about you, you can request a correction.

 

Right to limit use and disclosure of sensitive personal information:

You can direct us to only use your sensitive personal data for limited purposes, such as providing you with the Services you requested.

 

Right to non-discrimination:

We will not treat you unfairly if you exercise your privacy rights.

In particular, for exercising your rights we will not:

1)    deny you our Services;

2)    charge you different prices or rates;

3)    provide a different quality of our Services;

4)    suggest that you will receive a different price or level of our Services.

 

3.    How to exercise your rights:

You can exercise your rights within our App or by contacting us at [email protected].

 

When you exercise your rights, we will confirm your identity by comparing the details in your request with the information you previously shared with us. This may involve contacting you through the email linked to your Account.

 

To respond to your request, it is necessary for us to verify your identity. Therefore, you can only exercise the above rights by submitting a verifiable request, which must:

1)    Provide sufficient information to reasonably verify that you are the individual whose personal data we have collected or an authorized representative;

2)    Describe your request with enough detail to allow us to properly understand, evaluate, and respond to it.

 

We use the information provided solely for verification purposes and will not request additional details unless essential. Any extra information you provide will be deleted once the verification process is complete.

 

We will not respond to requests if we cannot verify your identity and, therefore, cannot confirm that the personal data we hold pertains to you.

 

If you are a parent or legal guardian, you may submit a verifiable request on behalf of your child.

 

 IV.         For Your Information

1.    Changes to this Privacy Policy:

We will occasionally update this Privacy Policy as necessary to protect our users, furnish current information, and respond to legal and technical changes. The most current version of the Privacy Policy will govern our use of your information and will be available here.

For previous versions of this Privacy Policy, please contact us at [email protected].

 

2.    Contact us:

If you have questions or concerns about this Privacy Policy, please contact us at [email protected]

For information collected under this Privacy Policy, the data controller is HYPERHUG LTD, a company under laws of Cyprus, with its address at: 156 Ellados st., 3041 Limassol, Cyprus.