PRIVACY POLICY
Last Update: December 12, 2025
Before you access our Services and share any personal data with us, make sure to read our Privacy Policy or have your parent or legal representative read and explain it to you.
We want you to make informed decisions about what personal data you share with us and how you share it.
This Privacy Policy explains who we are, how we process your personal data, and how you can exercise your privacy rights.
We are HYPERHUG LTD, a company under laws of Republic of Cyprus, with its address at: 156 Ellados st., 3041 Limassol, Cyprus, registration number: HE 403878 (“HYPERHUG”, “we”, “us”, “our”), a developer and publisher of games and mobile game applications that are made available via app stores including the Apple App Store and Google Play Store.
We are a data controller. This means that we determine the purposes and means of the Personal Data processing and, therefore, are responsible for handling your personal data.
This Privacy Policy applies to users’ personal data that we collect through:
and
and any other existing or future products developed or published by us, unless explicitly stated otherwise (e.g., all community resources, channels, pages on social media platforms, etc.) (collectively referred to as “Services”).
If you have any questions regarding the processing of your personal data, please contact us at [email protected].
Our Services vary in the following aspects:
The personal data you share with us will depend on the specific Service (e.g., Website, App, or other product) you access or use. These differences arise from the varying usage options available across our different Services.
The only universal method to exercise your privacy rights across all our Services is by contacting us at [email protected].
Other ways may differ depending on the specific Service you access or use.
Regardless of these differences, we are committed to providing you with the most effective means to safeguard your privacy rights while ensuring an optimal experience with our Services.
When processing your personal data, we are guided by the following principles:
We value the privacy of those who access or use our Services.
Our data protection system is designed to safeguard the personal data of adults and minors (“Data subjects”).
Our Services are available only to individuals who meet the minimum age requirements of their region. This is typically 13 years, but in areas like the European Economic Area (EEA), users must be at least 16 unless local laws allow a lower limit.
We take extra steps to protect the personal data of users under 18. Read more about it in the Section “Children”.
Please note, that by providing access to the Services, we act reasonably as well as in good faith and believe that you:
Use of our Services is restricted to users who meet the minimum age requirement specified in our Terms of Service.
The minimum age depends on your country of residence.
The minimum age set in our Terms of Service is based not only on the requirements of applicable data protection laws but also on the age requirements in the contract laws of the territories we target with our Services.
We encourage you to review our Privacy Policy and our Terms of Service periodically to stay informed.
Please note: You can find published age recommendations on: Apple’s App Store on iTunes and Google Play. However, these age or maturity classifications refer only to the content in our games (similar to movie ratings G, PG or PG-13 in the U.S., but related to gameplay, animations, etc.). For more on how these categories are defined, visit these support websites for Apple and Google.
For more information on how to protect children online, please visit this link.
If we become aware that you do not meet this requirement, we may take steps to restrict your access to our Services and delete your data.
We do not knowingly collect or solicit personal data from anyone under the minimum age or knowingly allow such persons to use our Service.
If you are under the minimum age, please do not send any information about yourself to us.
From the moment we become aware that you are under the minimum age, we will immediately delete all your personal data that we may have collected.
If you believe that we might have any information from or about a child under the age of 13, please contact us at [email protected].
We are located in Cyprus (in the EU). This means that we are subject to the General Data Protection Regulation (“GDPR”) and Cypriot Law 125(I)/2018.
This means that you must be at least 14 years old to give your consent for data processing, unless your country of residence has set a higher age limit (15 and older) to give your consent for the processing of your personal data.
If you are under the minimum age of consent required by your country’s laws, your access and use of our Services will rely on your parent or legal representative’s consent.
Before giving consent, you or your parent/legal representative should carefully read this Privacy Policy, our Terms of Service (link), and other documents we will make available to you regarding our data practices and the Services’ functionalities.
If you have additional questions about our privacy practices related to children, please contact us at [email protected].
For purposes of the Policy, Personal Data means any information that directly or indirectly identifies a particular individual, including any other information that is subject to applicable data protection laws.
We want to make it clear that the processing of your personal data is necessary for providing our Services. Without data processing, we cannot technically and organizationally provide our Services to you.
We respect your privacy rights as specified by law. You are not required to share your personal data with us if you do not agree with our data processing activities or for any other reason. At the same time, if you refuse to consent to our processing of your personal data, we may limit or suspend your access to the Services’ functionality. We are not liable if the missing personal data processing prevents the adequate use of the Services.
We process only non-sensitive personal data
This category includes personal data that does not fall under Article 9 GDPR and does not, by its nature, pose significant risks to your fundamental rights and freedoms.
We do not intentionally collect or process special categories of personal data (sensitive personal data) as defined in Article 9 GDPR.
Such data includes, for example, information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, genetic data, biometric data used for identification, health data, or data concerning sexual life or sexual orientation.
Please do not submit such information to us. If such information is provided to us unintentionally, we will delete it without undue delay and will not use it for any processing purposes.
Read more about Legal bases for data processing are stated in the Section “How we process your personal data”.
Depending on their source:
We collect personal data from various sources.
We may collect your personal data:
Further we explain each category and state the specific types of personal data that we collect. The scenarios provided there are an exhaustive list.
Type of interaction with us or Services | What personal data we collect |
What we collect automatically from the device you use to access our Services | |
When you access or use our Websites | We collect the following cookies at https://hyperhug.helpshift.com:
These cookies are for managing user sessions and track interactions with the FAQ pages. These cookies are necessary for the core functionality of the site, such as maintaining continuity during support inquiries. Cookies collected at https://shop.playoxide.com are collected by Xsolla and are governed by their Privacy Policy. Cookies are small text files that are downloaded to your device when you visit the website and that identify your browser or device. The next time you visit the website, it will recognize the cookies as well as your device and send this information back to the website, which originally created the cookies. Cookies we use do not harm your device. |
When you access or use our Apps | We collect and subsequently process the following personal data:
We log information about your use of our Apps, including the type of device you use, the features you use, access times, email address, which is associated with your account, and your IP address.
We collect information about the device you use to access our Apps, including information about the device manufacture, device model, device's OS, time zone of device, language of device.
We collect online identifiers of the device you use to access our Apps, including IDFA, Google Ads ID, Google Device ID, Game Center ID, Google Play Account ID.
We collect information relating to your use of our Apps, including your game progress, scores, achievements and interactions with other players.
We collect information about your consumption habits relating to your use of our Apps, including which purchases you make with both virtual and real currencies and the reception of virtual goods in-game. |
What we collect actively and directly from you: | |
When you create an Account in our App | We may require you to provide your nickname, and other necessary information to grant you access and enable you to use our Services. |
When you use our App (e.g., create a server name, send messages in chat, add in-app friends) | We may collect the information you provide and record updates on your in-app status. You freely determine the information you provide us. |
When you communicate with us (e.g., via email, forum, chat for support) | We may collect your name, email address, ID, nickname, device model, telephone number, the contents of your message or any attachments you send, and other information you choose to provide. |
When we send you emails | We may track whether you open them or click on links to help us improve our Services and deliver a better user experience. |
What we collect from third parties you have instructed to share your personal data with us: | |
If you log into our Apps using a Third-Party Service (e.g., Apple ID and Google Account) | We access information about you from that service, such as your screen name, profile information and friend lists. Your personal data will be processed in accordance with the relevant privacy policies of Third-Party Services, such as:
|
When other users send us information about you (e.g., using the in-app report form) | We may process this information under the warrant that it was provided in strict compliance with applicable laws and regulations. |
We do not process your payment transactions related to our Services. When you make in-app purchases using the authorized Third-Party Payment Processors (e.g., Apple Payments and Google Payments), your payment transactions will be processed by the Third-Party Payment Processors. We will only get certain personal data about you from the Third-Party Payment Processors in accordance with the Third-Party Payment Processor’s privacy policies.
To process your personal data, we need a purpose (reason) and a legal basis (ground).
We process your personal data for the following purposes pursuant to the following legal bases:
Purpose | Description | Legal bases |
Provision and maintenance of Services. | We use your information for:
| Contract with you, i.e. Terms of Use (link) |
Improvement and development of Services. | We use your information for:
| Our legitimate interest in maintaining a functional, secure, and well-performing of the Services |
Security of Services. | We use your information for enhancing the safety and security of our Services. | Our legitimate interest in maintaining a functional, secure, and well-performing of the Services |
Customer support. | We use your information for providing customer support to you and to respond to your inquiries. | Contract with you, i.e. Terms of Use (link) |
Marketing. | We use your information to show advertisements for:
Please see more in the Section “How we share your personal data”. | Your direct and explicit consent. |
Tracking and fraud prevention for advertising purposes. | We use your information for:
| Our legitimate interest in maintaining a functional, secure, and well-performing of the Services |
Analytics and research. | We use your information for:
| Our legitimate interest in maintaining a functional, secure, and well-performing of the Services |
Legal compliance. | We use your information for complying with applicable laws and regulations. For example, we use your country or region for tax reporting purposes. | Legal obligation |
Defense of rights and interests. | We use your information for:
| Our legitimate interest in protecting and enforcing our legal rights and cooperating with authorities when legally required. |
We do not receive your personal data from publicly accessible sources.
We do not process your personal data automatically, so you cannot be the subject of a decision based solely on automated processing, including profiling.
Under certain data protection laws, such as California's CCPA, the term 'sell' refers to the act of transferring, sharing, or making your personal data available to a third party in exchange for monetary gain or other valuable consideration.
We do not “sell” your personal data.
However, we share your personal data with third parties as it described in section “How we share your personal data”.
We process your personal data only as long as necessary to provide our Services, fulfill the purposes described above, in the Section “How we process your personal data”.
The retention period for your personal data is determined by the following criteria:
Personal data collection based on your consent will be deleted if you withdraw your consent, unless we are allowed or required to retain all or part of the data under applicable law. After that, personal data is destroyed by erasing from our devices within a reasonable period of time.
For details on why we process your data, refer to Section “How we process personal data”.
We deem confidential any of your personal data. Nevertheless, we may (or may be obliged to) share them with the following categories of recipients. Please, note that the recipients’ processing of your personal data is not covered by this Privacy Policy. If you have questions about the processing carried out by such recipients, you should review their privacy policies.
The list of recipients:
To provide our Services, we may use the following service providers such as server hosting providers, technical service providers for supporting internal operations, user login services and analytics service providers.
Each of these partners acts in accordance with its own privacy practices and policies. We strongly encourage you to review the privacy policies of these partners to understand how they process your data, what categories of information they may collect, and for which purposes such processing is carried out.
Third Party | Purpose | Privacy Policy |
Meta, Inc. | To deliver targeted advertisements on the Meta network, measure the success of those campaigns, manage user login, and to support analytics, attribution, and re-engagement activities on Meta platforms. | |
Google LLC. | To deliver targeted advertisements on the Google network, measure the success of those campaigns, manage user login, and to support analytics, attribution, and re-engagement activities on Google platforms. | |
Appfigures, Inc. | To track app store performance metrics (e.g., downloads, reviews, ratings) and market trends for internal business intelligence. | |
AppsFlyer Ltd. | To track user acquisition (where users come from), measure in-app engagement (e.g., purchases, events), and protect our ad spend from fraud. | |
Amplitude, Inc. | To analyze in-app user behavior (e.g., clicks, feature usage, retention) to improve the functionality and inform product development. | |
Helpshift, Inc. | To process your information provided in your support request via ticket service Helpshift, which we use for optimizing the customer support. | |
Xsolla, Inc. | To provide you a webshop functionality for our Services via Xsolla’s infrastructure. |
We share your personal data (nickname and certain statistics) with other users of our Services, when you start using certain in-app features (e.g., chat functions, leaderboards).
If you use the chat functions in our Services, please note that you may share your personal data, which is not necessary to share for using the Services . Such personal data may be visible to others.
Once such data is shared, you lose some control over your personal data, as others can extract and use it for their own purposes in breach of our Terms of Service (link).
Our Terms of Service outline the limitations and restrictions on the use of our Services and their contents. They also specify the liability for any breach.
As we cannot fully control how our Services and their contents are used, we strongly advise you to avoid telling your personal data to other users of our Services and do any actions that could result in unwanted consequences for you, your personal data, or for us, including our reputation, Services, rights, and interests.
Our Apps offer or can offer social sharing features and other integrated tools (such as the Facebook “Like” button), which let you share actions you take in our Apps with other media.
The use of such features enables the sharing of information with your friends or the public, depending on the settings you establish with the entity that provides the social sharing feature.
You must be over the minimum age limit that is prescribed by the legislation in the individual jurisdictions to use any social sharing features integrated in our Apps. Processing of your personal data communicated via such social networks with such sharing tools in our Apps is governed by privacy policies of respective social networks:
Discord: https://discord.com/privacy;
Telegram: https://telegram.org/privacy/;
Instagram: https://privacycenter.instagram.com/policy;
TikTok: https://www.tiktok.com/legal/page/row/privacy-policy/en;
Vkontakte: https://vk.com/privacy;
Facebook: https://www.facebook.com/privacy/policy.
Some of our Services may show advertisements. In such a case, we may share your device identifiers with advertising network companies to deliver advertisements to you within our Services, based on the information we collect about you from your use of our Services only when you have provided your consent to the use of personalized advertising.
If you do not provide such consent or if your device settings restrict personalized advertising, we will show only contextual advertisements that do not rely on your device identifiers.
The list of advertising network companies may change. We encourage you to review our Privacy Policy periodically to stay informed.
We may use the following advertising network companies:
We may share your personal data with our affiliated companies, which are businesses that are either under our control or that control us.
If we’re involved in a business deal like a merger, selling assets, financing, or being bought by another company, we may share or transfer your personal data to a successor or affiliate along with other assets.
We may be required by applicable law, rule, regulation, or legal process to disclose your personal data to third parties.
We may share your personal data with third parties, including authorities, when your actions are inconsistent with the spirit or language of this Privacy Policy, our Terms of Services (link), or any other document applicable to our Services or if the disclosure is necessary to protect the rights, property and safety of HYPERHUG or others.
Personal data is processed in places where we, our Data processors and other data recipients are located. It means that your personal data may be transferred to – and maintained on servers located outside of your state, province, country or other governmental jurisdiction where the applicable laws and regulations may differ from those of your jurisdiction.
We are located in Cyprus (the EU). Therefore, depending on the purpose of processing of your personal data, their nature, and your location of access and use of our Services, your personal data
may be transferred to, stored, and processed in the EU countries. The data processing in the EU countries may not provide the same protections as the laws of your jurisdiction.
When the processing of your personal data is taking place outside of your state, province, country or other governmental jurisdiction from which you are accessing and using our Services, we have put in place appropriate safeguards to protect your personal data.
We conduct thorough due diligence and transfer impact assessments for all third-party data processors to ensure they meet our data protection and information security standards.
When a cross-border transfer of your personal data takes place, we typically rely on adequacy decisions or standard contractual clauses (SCCs) as the legal bases. If these do not apply, but we still need to transfer personal data in the course of our activities, including to provide our Services, we may rely on your explicit consent or the necessity for the performance of our Terms of Service (link), where applicable.
In limited and exceptional circumstances, where the transfer of your personal data is strictly necessary to provide a specific feature or service you have requested (for example, dedicated customer support performed outside the EEA) and no other appropriate safeguard is available, such transfer may be carried out on the basis of the necessity for the performance of a contract (Art. 49(1)(b) GDPR) or, where required, your explicit consent (Art. 49(1)(a) GDPR).
If a transfer takes place on the basis of your explicit consent, you acknowledge that the country to which your data is transferred may not provide an adequate level of data protection as defined by the European Commission.
In such cases, certain risks may arise, including the possibility that local laws may not grant you the same rights or effective remedies as those available within the EEA.
We may send push notifications or alerts to your mobile device to provide game-related information, service updates, promotional communications and other related messages, if you have agreed to such notifications.
You can deactivate these notifications by changing your notification settings on your device.
We implement technical, organizational and legal measures, including firewalls, antivirus and SSL encryption in an effort to protect personal data from loss, theft, misuse, unauthorized access, disclosure, alteration, and destruction, taking into account the nature of the personal data that we process and the risks associated with it. These measures vary based on the sensitivity of personal data that we collect, process, and store and the current state of technology.
The high level of security and safety of your personal data is also ensured by our Data processors, whose data processing practices are described in their privacy policies. Read more about it in the Section “How we share your personal data”.
No security system is perfect. Therefore, we cannot guarantee the absolute security of our Services or that personal data will not be intercepted while being transmitted to us. We are doing everything in our capacity to prevent its breach. In case such a breach occurs, We undertake to notify you and the regulators about the incident as quickly as possible, as well as to make every effort to minimize negative consequences.
For your protection, we recommend accessing or using our Services within a secure environment.
Depending on your territory of residence, your privacy rights will vary.
Notwithstanding your location, we will do our best to ensure that your personal data will be processed in accordance with best practices.
We process and answer your requests without undue delay and in any event within one month of our receipt of the request unless a longer period is required due to the complexity of the request. In this case, our response time can be up to three months in total as permitted by Article 12 of the GDPR.
Right to withdraw your consent:
If you gave us your consent for the processing of your personal data, you have the right to withdraw your consent at any time.
If you withdraw your consent, we will stop processing your personal data for the purpose for which it was withdrawn.
Withdrawing your consent does not affect the lawfulness of processing carried out based on your consent before its withdrawal.
Right to be informed:
You have the right to be informed about the collection and use of your personal data. This includes information on the purposes of processing your data, the categories of data being processed, the retention periods for that data, and who it will be shared with.
Right to access:
You can request confirmation that your personal data is being processed and obtain a copy of the data, as well as additional information about the processing, such as the purposes, categories of data, recipients, and retention periods.
Right to rectification:
If you find any inaccuracies in the personal data we hold about you, you can request a correction.
Right to data portability:
You can obtain and reuse your personal data for your own purposes across different services.
Rights related to automated decision making:
You can opt out of profiling activities used for making decisions that could have legal or similarly significant effects on you.
Right to restrict processing:
You can restrict the processing of your personal data when:
Right to object:
You can object to processing based on legitimate interests.
Right to opt-out of processing for advertising purposes:
You can object to the processing of your personal data for advertising purposes and/or for analytics purposes.
If you object to the processing of your personal data for advertising and/or analytics purposes, we will cease processing your data for such purposes. Please, note that such cessation does not entail your using our Services without showing advertisements (if they are applicable).
When you use our Services, third parties may process data about your mobile device and how you use our Services in order to serve ads on other apps or websites that are tailored to your interests.
Examples of data that may be processed can include:
IP addresses, identifiers associated with your mobile device or applications on the device, how you use our apps, items you put in your basket, or any links you click on when you are in our apps.
If you wish to opt out, please use one of the following methods:
Right to erasure:
You can request the deletion or removal of your personal data, in particular, when:
Right to lodge a complaint:
If you believe that our processing of your personal data infringes upon your rights, you can lodge a complaint with the relevant Data Protection Authority (DPA) (for UK residents, this would be the Information Commissioner’s Office).
For California residents, we are not currently subject to the requirements of the CCPA as amended by the CPRA because:
Therefore, you will only have rights under the EU GDPR.
Even though you are located in California, the EU GDPR applies because the processing is carried out by us, an EU-based entity.
Once we meet any of the criteria for CCPA applicability mentioned above, we will implement the following procedures.
We endeavor to respond to a verifiable consumer request within 45 days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. We will deliver our written response by mail.
Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable.
For data portability requests, we will select a format to provide your personal data that is readily usable and should allow you to transmit the information from one entity to another entity without hindrance.
Right to opt out of the sale or sharing of your personal data:
You may request us to stop selling or sharing your personal data (“opt-out”).
“Sharing” refers specifically to sharing for cross-context behavioral advertising, which is the targeting of advertising to a consumer based on the consumer’s personal data obtained from the consumer’s online activity across numerous websites.
Right to know:
You can request us to provide you the following information:
You can make a request to know up to twice a year, free of charge.
Right to delete:
You can request us to delete personal data we collected from you and tell our service providers (Data processors) to do the same, unless certain exceptions apply (such as if we are legally required to keep your personal data).
Right to correct:
If you find any inaccuracies in the personal data we hold about you, you can request a correction.
Right to limit use and disclosure of sensitive personal information:
You can direct us to only use your sensitive personal data for limited purposes, such as providing you with the Services you requested.
Right to non-discrimination:
We will not treat you unfairly if you exercise your privacy rights.
In particular, for exercising your rights we will not:
1) deny you our Services;
2) charge you different prices or rates;
3) provide a different quality of our Services;
4) suggest that you will receive a different price or level of our Services.
You can exercise your rights within our App (if such functionality is in place) or by contacting us at [email protected].
When you exercise your rights, we will confirm your identity by comparing the details in your request with the information you previously shared with us. This may involve contacting you through the email linked to your Account.
To respond to your request, it is necessary for us to verify your identity. Therefore, you can only exercise the above rights by submitting a verifiable request, which must:
We use the information provided solely for verification purposes and will not request additional details unless essential. Any extra information you provide will be deleted once the verification process is complete within the reasonable period of time that we communicate to you additionally.
We will not respond to requests if we cannot verify your identity and, therefore, cannot confirm that the personal data we hold pertains to you. We also will not respond to requests if this is unreasonable or impractical (where such a refusal is permitted by local law).
Terms for responding vary on the specific circumstances and features of your specific request, but we will strive to respond in a reasonable timeframe.
If you are a parent or legal representative, you may submit a verifiable request on behalf of your child. Please, note that “verifiable” in this regard means that we are entitled to ask you to provide evidence that a person at issue is a child and you are his/her parent or a legal representative indeed. This approach is based on our legitimate interest in certifying that the request is grounded and is not the fake or abusive one. The request to provide such evidence will not inflict any excessive impact on the data subject.
We will occasionally update this Privacy Policy as necessary to protect our users, furnish current information, and respond to legal and technical changes. The most current version of the Privacy Policy will govern our use of your information and will be available here.
If we decide to update the Policy, we are not obliged, but we will make reasonable efforts to notify you about the changes before they take effect via the Services. Choosing the specific way to inform you is solely up to us.
Subject to your rights at law, you agree to be bound by the prevailing terms of the Policy as updated from time-to-time as prescribed by this section. You may not accept updated terms only by ceasing to use the Services.
For previous versions of this Privacy Policy, please contact us at [email protected].
If you have any complaints about how we process your personal data, we will always prefer that you contact us first. For requests, questions, or complaints about processing your personal data or our handling of personal data, please send requests to a person that we appointed as responsible for users' privacy matters, at any of the following:
Official email: [email protected];
Correspondence address: 156 Ellados st., 3041 Limassol, Cyprus