Player Privacy Policy of NEXSYNC ., JSC

Last update: 6th of April 2024

Dear User,

1. Below you will find information about your personal data and how it is processed, stored and protected, in connection with our games and services. Please be advised that:
* in order for you to use our games and other services (“Services”), we need to process some of your personal data. For the processing of your data for other purposes, we will always ask for your explicit consent in advance, which you can withdraw at any time.
* our Trusted Partners, help us develop our Services. Therefore, we can provide limited data to them.
2. Below you will also find the scope of rights that you are entitled to.
* Our Privacy Policy has been prepared so that it is clear and understandable to you. In order for you to use our games or other services, you will need to accept our Privacy Policy in advance. If you have any questions or need any assistance, please contact us at the address [email protected]

FULL CONTENT

1. ABOUT NEXSYNC ., JSC with its registered seat in Vietnam, is a Mobile Game publisher for the Global market, which is the controller of personal data under the EU law. To contact us, you can write to us an email [email protected] or via traditional mail: Lk10 07, An An Hung Urban Area, La Khe Ward, Ha Noi, Vietnam. In order to fully protect your personal data, we have appointed the Data Protection Officer at Nexsync ., JSC (hereinafter referred to as “DPO”), who is responsible for the supervision and implementation of personal data protection strategies and guarantees the compliance of our activities with the law. Below you will find his e-mail address if you would like to contact him: [email protected]
2. SCOPE OF THE PRIVACY POLICYPrivacy Policy governs the handling of your personal data and any other data that does not constitute them, and which we obtain from you in connection with your use of the Services. Personal data means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.We put your right of privacy first and that’s why your personal data is processed by us in accordance with applicable regulations.
3. CHILDREN’S PERSONAL DATAWe are aware of the obligation imposed on us to especially protect personal data obtained from children. Therefore, we shall not collect data from children under 16 years of age without a legal guardian’s prior consent. Each legal guardian may contact us at [email protected]
4. COLLECTED DATA AND METHODS OF ACQUIRING PERSONAL DATA when you use our Services, we may process some of the following information about you:

a. Information provided by you when using the Games (collected automatically)
* your mobile device’s unique device ID (Device ID) and device name;
* your user preferences;
* data and analytics about your use of our Services, such as: your overall progression to a particular level, your virtual currency or the completion of certain tasks during your gameplay, making a purchase or viewing a video ad.

b. Information that you provide voluntarily and data you provide to us when contacting us or reporting a problem with our Services:
* your avatar/profile picture;
* your username/nick;
* your email address;
* your name;
* other details, necessary to process your inquiries.

c. Information collected and used for the purposes of serving advertisements:
* the make, model and operating system of your device;
* properties of your device, such as screen size and orientation, audio volume and battery;
* the mobile network operator linked to your device;
* the games played;
* the country, time zone and locale settings on your device (i.e. country and preferred language);
* network connection type and speed;
* IP Address;
* internet browser used to access the games;
* the advertiser ID, which is an identifier unique to you if you use an Apple or Android device.

d. Information collected for the purposes of providing analytics:
* your device ID;
* your user ID (which is generated by us and allocated to you when you first play our games);
* your device operating system & version;
* your device make and model;
* game play attempts, progression and results;
* session game time start, end and duration;
* purchase transaction types and spend you have made using virtual items in the games;
* the country of your device;
* the time, date and install source of your first download (e.g. from a clicked advertisement);
* advertisements viewed and clicked;
* identification of crashes and defects.

e. Information about you collected from our Trusted Partners:
When you access our Services via a third party social media provider such as Facebook, we may collect and store personal and non-personal information which is available on that third party social media provider, such as your Facebook name, your profile picture or its URL, your Facebook ID and other public data of your friends, provided that you have expressly agreed to the use of Facebook within our Services. We will also receive technical data in order to ensure our Services connect to the correct Facebook account.In the event that NEXSYNC ., JSC will organize events or competitions for Users, we can also process your correspondence address, phone number, social media ID, your photo and bank account number.In order to fully use our Services, it is necessary to process the data listed above. If you do not agree to provide us with the above information, you will only be able to use our games and other Services to a limited extent.If you make payments under the Services, we will not collect or store any information about your payments. These issues are regulated under the operation of a given payment operator. NEXSYNC ., JSC obtains only the information on making the relevant payment from the operator. We only collect information about transaction dates, currencies, values and products covered by the transaction, to guarantee you obtain the purchased products.

5. THE CAUSE OF PROCESSING YOUR PERSONAL DATA (LEGAL BASIS FOR PROCESSING)
The primary purpose of processing your data is to provide you with our Services, which you use, that is, to perform the agreement between us and your consent to use our Services. The other grounds for processing are the requirements to fulfill the legal obligations imposed on us, fulfillment of the so-called “Legitimate interest” of NEXSYNC ., JSC or for the reasons indicated in other parts of the Privacy Policy („COLLECTED DATA”; „ DATA PROCESSING PURPOSES”).As “Legitimate interest”, NEXSYNC ., JSC treats the legitimate and rational purpose of data processing, in particular, protection of the security of processed data, marketing of NEXSYNC ., JSC’s Services, but most importantly, to ensure that marketing activities addressed to you are appropriate, and to conduct analyzes that will help us to combat any illicit practices.If we invoke a Legitimate interest purpose, we first analyze and consider each potential impact of the processing on you and your rights. In other cases, data processing will always be preceded by your consent, which you can withdraw at any time. Withdrawal of consent does not affect the validity of the data processing prior to its withdrawal.In situations where the transfer of your data outside the European Economic Area occurs, we will execute it in accordance with the rules, which we described below (“Trusted Partners”).
6. PROTECTIVE MEASURES USED BY NEXSYNC ., JSC
Methods of data storage.
The data collected by us will be stored on a secure servers in the United States and Canada, which provide an adequate level of protection, in particular confirmed by ISO and EU-US Privacy Shield certificates or – only if it is necessary – on the servers of our Trusted Partners indicated below. We have implemented and will continue to implement appropriate technical and organizational solutions to protect your personal data against unauthorized or unlawful processing, loss, destruction or damage. Our priority is to ensure that your data will be processed as securely as possible and in accordance with our Privacy Policy.The period of data storage Your data will be available to us as long as it is necessary to meet the objectives set out in our Privacy Policy, in particular, for the time of providing you with the Services or providing you with technical assistance. In the case of processing based on your consent, in the event of its withdrawal we will delete the data without undue delay, no longer than 30 days from the receipt of your request.In exceptional cases, longer storage periods may result from applicable law, e.g. tax regulations or other legal requirements imposed on us, and obligations.At the time when we no longer need your personal data to provide you with the Services, we will remove them or they will be made anonymous.If you’re aware of any security vulnerabilities in our Services, please contact us contact us in particular by sending a message to [email protected].
7. DATA PROCESSING PURPOSES
Your data may be used by us for the following purposes:

* fulfillment of our contractual obligations, as part of the agreement you have concluded with us;
* marketing, in particular to provide personalized and targeted marketing mails about the Services which you already use or which we think may interest you. This purpose is optional and we will first get your consent in the required cases;
* delivery of the Services ordered by you;
* communication with you as a User of our Services;
* enable participation in interactive elements of the Services, if that is your will;
* inform you about changes in our Services;
* improvements to our Services;
* organizing competitions by NEXSYNC ., JSC, in particular for contact, mailing and tax purposes;
* determining the conversion rate and other components of our services;
* tax, legal and settlement;
* billing, resulting from EU regulations regarding the protection of personal data;
* targeting and personalization of marketing communication, offers and advertisements addressed to you.

In the case of personalization or targeting described above, we can profile your personal data. By doing so, we mean using the information we have collected to tailor the communication addressed to you and to your needs. However, we will not use profiling, which results in making automated decisions, which would affect your legal situation in any way, in particular, we do not submit automated offers by analyzing your behavior as part of the Services.

If you decide that you do not want to receive personalized offers, product recommendations or any advertising information, you can object at any time.

We may process certain aggregated data that is not personal data that relates to the behavior of users, in particular, sales data in individual regions and forward them to our Trusted Partners to provide and improve our Services.

8. THIRD PARTIES AND EXTERNAL SERVICES
The Services may include links from or to websites or services of third parties. Familiarize yourself with the privacy policies of the above-mentioned third parties.Some of the Services may be characterized by interaction with our Trusted Partners. Therefore, we may share some of your personal information with our Trusted Partner, which will be protected based on their privacy policies. Due to the optionality of such access, it will be preceded by your explicit consent, which you can always withdraw.
9. TRUSTED PARTNERS
As part of creating and providing the Services, we use the help of our Trusted Partners, to whom we can share your data. We guarantee that we provide them with the minimum information necessary to enforce their cooperation. They may access your data and process it on our behalf as “Data Processors”, for the purposes and by the entities listed below:
a. Trusted Partners who provide us with tools for internal management and data sharing;
* Usercentrics Consent Management Platform-privacy policy: https://usercentrics.com/privacy-policy/
* Google Sign-in-privacy policy: https://support.google.com/accounts/answer/12921417?hl=en#:~:text=Sign%20in%20with%20Google%20doesn,to%20visit%20that%20third%20party.

b. Trusted Partners who help us in analyzing data by providing analytical tools;
* AppsFlyer – privacy policy: https://www.appsflyer.com/privacy-policy/
* AdMob – privacy policy: https://policies.google.com/privacy

c. our legal, tax, audit and billing team;


d. social platforms for personalizing and targeting marketing.
* Facebook Audience Network – privacy policy: https://www.facebook.com/policy.php
* Facebook SDK-privacy policy: https://www.facebook.com/privacy/policy/?entry_point=data_policy_redirect&entry=0
* Pangle – privacy policy: https://www.pangleglobal.com/privacy/enduser-en
* Snapchat – privacy policy: https://www.snap.com/en-US/privacy/privacy-policy

e. Trusted Partners helping us to manage advertising and services of Third Parties that may be of the most interest to you
* Adjust - privacy policy: https://www.adjust.com/terms/privacy-policy/
* Applovin – privacy policy: https://www.applovin.com/privacy/
* Appodeal-privacy policy: https://appodeal.com/privacy-policy/
* Adcolony – privacy policy: https://www.adcolony.com/privacy-policy/
* AdsYield-privacy policy: https://adsyield.com/privacy-policy/
* BidMachine-privacy policy: https://bidmachine.io/privacy-policy/
* BigoAds-privacy policy: https://www.adsbigo.com/privacy.html
* CSJ-privacy policy: https://www.csjplatform.com/en/privacy
* Digital Turbine-privacy policy: https://www.digitalturbine.com/privacy-policy/
* Devtodev-privacy policy: https://www.devtodev.com/policy
* Fyber – privacy policy: https://www.fyber.com/services-privacy-statement/
* Google (Firebase)-privacy policy: https://firebase.google.com/support/privacy
* HyperMX-privacy policy: https://www.hyprmx.com/privacy-policy#:~:text=We%20do%20not%20sell%20personal,third%20parties%20for%20advertising%20purposes.
* Inmobi – privacy policy: https://www.inmobi.com/privacy-policy/
* ironSource – privacy policy: https://developers.ironsrc.com/ironsource-mobile/air/ironsource-mobile-privacy-policy/
* Liftoff-privacy policy: https://liftoff.io/privacy-policy/
* myTarget SDK: https://target.my.com/help/partners/mob/androidsdkstart/en
* Mintegral – privacy policy: https://www.mintegral.com/en/privacy/
* MoPub – privacy policy: https://www.mopub.com/en/legal/privacy
* Moloco – privacy policy: https://www.moloco.com/en/privacy-policy
* Ogury-privacy policy: https://ogury.com/privacy-policy/
* Odeeo-privacy policy: https://odeeo.io/privacy-policy
* Smaato-privacy policy: https://www.smaato.com/privacy/
* Snapchat-privacy policy: https://values.snap.com/pl-PL/privacy/privacy-policy
* Supersonic-privacy policy: https://supersonic.com/privacy-policy/
* Tapjoy – privacy policy: https://www.tapjoy.com/legal/advertisers/#privacy-policy
* TikTok-privacy policy: https://www.tiktok.com/legal/privacy-policy?lang=en
* Vungle – privacy policy: https://vungle.com/privacy/
* Unity Ads – privacy policy: https://unity3d.com/legal/privacy-policy
* Chartboost – privacy policy: https://answers.chartboost.com/en-us/articles/200780269
* Gadsme-privacy policy: https://www.gadsme.com/privacy-policy
* Zebedee-privacy policy: https://zebedee.io/privacy

In cases provided by law, we may be required to disclose your data to the public authority, in particular to the police or the prosecutor’s office.

Your personal data may also be subject to processing, storage or transfer outside your country of residence and outside of the European Economic Area (EEA). Due to the fact that regulations concerning the protection of personal data in these countries may not guarantee the same level of protection as in your country or in the EEA, each time we will base our actions on standard EU clauses or Privacy Shield Framework, allowing you to transfer your data and provide the right level of protection.

10. PUSH NOTIFICATIONSIf you use our Services via mobile devices, after obtaining your prior consent, we can send you push notifications or local notifications to inform you about updates.
11. OTHER MATTERS
We would like to inform you that NEXSYNC ., JSC is a regulated entity to which an obligation can be imposed to disclose your personal data, on the basis of a request by the authorized state authorities or in connection with other legal entities.In the case of transformation or merger of NEXSYNC ., JSC with another entity, we will be able to transfer personal data to the third party involved in the process, which will protect personal data at least to the extent as under this Privacy Policy.
12. RIGHTS OF INDIVIDUALS UNDER THE GENERAL DATA PROTECTION REGULATION
Remember that you have the right to object to the processing of your personal data at any time. To use this right, you can contact us in particular by sending a message to [email protected]. In addition, you have the right to:
* access to your stored personal data;
* request removal of your personal data from our database;
* requesting rectification / correction of your data in justified cases;
* requests to limit the processing of your data
* transfer your data to another entity;
* file a complaint with the appropriate data protection authority.
To use the above rights, you can especially send a message to the address: Lk10 07, An An Hung Urban Area, La Khe Ward, Ha Noi, Vietnam

If you have any questions or doubts about how we process and protect your personal data or want to exercise your rights, do not hesitate to contact us and we will do our best to resolve any problems and provide you with help. You can direct messages to [email protected] or to our Data Protection Officer at the address [email protected].

If you are in a position that we have not responded in a manner appropriate to any notification regarding your personal data, this circumstance can be reported to your local data protection authority or the President of the Personal Data Protection Office (“PUODO”) in Vietnam.

13. PRIVACY NOTICE FOR CALIFORNIA RESIDENTS
This part of the document supplements the information contained in this Privacy Policy for the purpose of meeting legal requirements imposed by California Consumer Privacy Act (CCPA) and applies to all users who are consumers residing in the state of California, United States of America.Information in the scope below is in the relevant paragraphs of the Privacy Policy:
* categories of personal information collected about you in the last 12 months (see paragraph IV)
* categories of sources from which the personal information was collected (see paragraph IV)
* purposes for collecting personal information (see paragraph VII)
* categories of third parties with whom we share personal information (see paragraph IX)
* categories of personal information we have disclosed within the last 12 months (see paragraphs IV)
* categories of personal information we have sold within the last 12 months to our Trusted Partners helping us to manage advertising and services of Third Parties (see paragraph IV c)
* We have disclosed and sold personal information to third parties within the last 12 months to our third-party advertising networks (see paragraph IX f). We do not sell the personal information of minors under 16 years of age without affirmative authorisation.
* the date on which this Policy was last updated (at the top of this Privacy Policy)
You can designate an authorised agent to make a request under the CCPA on your behalf. The authorized agent must submit power of attorney that they have been authorized by you to act on your behalf and proof of their own identity.

You have the right to:

* request access to your personal information
You have the right to request access to and receive the following information about personal information we maintain about you in the preceding 12 months.
1. The categories of personal information we collected about you.
2. The categories of sources from which the personal information is collected.
3. The business or commercial purpose for collecting personal information.
4. The categories of third parties to whom we sell or with whom we share your personal information.
5. The specific pieces of personal information we collected about you (i.e. data portability rights).
6. If we sold or disclosed your personal information for a business purpose, two separate lists disclosing: (i) sales, identifying the personal information categories that each category of recipient purchased; and (ii) disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.
* request deletion of your personal information (we will delete the information we have collected about you, except for situations when that information is necessary for us to: maintain the functionality or security of our systems; comply with or exercise rights provided by the law).
* opt-out of the sell of your personal information
(email us at [email protected]) or click “Do not sell My Personal Information” link.
* CCPA gives you a right to direct a business that sells your personal information to stop selling your personal information and to refrain from doing so in the future. If you would prefer that your personal information is not shared with third parties (Advertising Trusted Partners), please, visit “Do Not sell My Personal Information”.

You also have the right not to be discriminated against for exercising any of the rights listed above.

If you have questions or concerns about your privacy or you want to exercise your rights, please contact us by email [email protected] or via traditional mail:Lk10 07, An An Hung Urban Area, La Khe Ward, Ha Noi, Vietnam. We may verify your request by asking for proof of identity such as your device ID and/or User ID.

14. RIGHT TO CHANGE THE CONTENT OF PRIVACY POLICY
We reserve the right to make changes to our Privacy Policy, if necessary, in particular for legal reasons or in connection with changes in the Services provided. In the event of such a circumstance, you will be informed and we will publish the current Policy text with the date of change on our website.The changes we make will be legally binding after 30 days of publication on the Internet. If you have any questions, please contact us.If you do not accept the changes introduced to the Privacy Policy, regardless of sending an e-mail to us, it will be incumbent upon us to ask you to immediately cease using our Services. We are asking for your understanding and please bear in mind that such resources are needed for the proper functioning of our Services, and that each User is subject to the same rules.