超自然行動組

Last Updated: Jan 23rd, 2026

Giant Interactive (HK) Limited (“Giant”, “we”, “our”, or “us”) has always solemnly pledged to protect the privacy of users (“you”, “user”, or “users”) who use our products and services (“Services”). This Privacy Policy (“Privacy Policy”) describes how we may collect, use, and share your personal information (sometimes called “personal data”) in connection with our Services in accordance with the applicable privacy laws and regulations (“Privacy Laws”).

Please note that:

This Privacy Policy applies to the Services provided by Giant. It takes effect concurrently with the Terms of Service (“Terms”).
This Privacy Policy outlines how we process your personal information in various scenarios. By agreeing to this Privacy Policy, you acknowledge and consent to the processing of your personal information as necessary for the operation of specific features. However, this does not mean that all personal information mentioned in this Privacy Policy will be processed simply because you begin using our products or services. We will only process your personal information when you use specific features, and strictly in accordance with the principle of data minimization, to fulfill the purpose of providing the relevant service.
In addition to this Privacy Policy, we may also inform you separately, in real time, or through feature update notices (e.g., pop-ups, page prompts, or agreements), about the purpose, scope, and method of information collection. These notifications and update descriptions form an integral part of this Privacy Policy and carry the same legal effect. Please note that Giant will update its Privacy Policy from time to time. Please check this page regularly to ensure that you are always aware of the latest version of the Privacy Policy.
Before using any of our Services, please read this Privacy Policy carefully and thoroughly, especially the terms highlighted in bold or in all caps, which require your special attention.
If you have any questions about this Privacy Policy or matters related to this Privacy Policy, please reach out to us as described in Section 9 of this Privacy Policy.

This Privacy Policy mainly explains to you:

1. What Information We Collect and Process

2. How We Collect and Use Your Personal Information

3. Information We may Share, Transfer or Disclose

4. How We Retain, Store and Protect Your Personal Information

5. How to Manage Your Personal Information

6. Minors

7. Notice And Revision

8. Scope Of Application

9. How To Contact Us

10. Supplemental Terms-Jurisdiction

BY MAKING REGISTRATION OF AN ACCOUNT FOR OUR SERVICES, LOGGING INTO YOUR ACCOUNT, OR USING ANY OF OUR SERVICES (INCLUDING BUT NOT LIMITED TO PLAYING OUR GAMES), YOU ARE DEEMED TO HAVE READ, UNDERSTOOD, AND ACCEPTED ALL THE TERMS OF THIS PRIVACY POLICY. IF YOU DO NOT UNDERSTAND OR AGREE TO THIS PRIVACY POLICY, PLEASE DO NOT USE OUR SERVICES.

Giant reserves the right to amend, modify or revise this Privacy Policy at any time and you agree to check periodically for new terms. The original terms of Privacy Policy will be replaced by the updated ones once released.

1. What Information We Collect and Process

We collect and process personal information you voluntarily provide to us or that is automatically generated during your use of our Services. You may be asked to provide specific personal information to us to use specific functions of our Services. If you choose not to provide the information, you will not be able to use such specific functions. By providing your specific personal information, you consent that we may collect and process such personal information in accordance with the purposes and methods described in this Privacy Policy.

1.1 Information You Provide to Us when You Use Our Services

(a) Account Registration Information

We may collect your username, mobile phone number, password, name, ID (if required by applicable laws and regulations), country/region, and email address that you provide when you register your account. We may also collect your date of birth for age verification or screening purposes if required by applicable laws and regulations.

(b) Connected Social Media Account Information

We may collect your social media account information (including your username) from third party social media providers (such as Facebook, X, Google Play, Game Center) if you log into our Services or register your account via your third-party social media account.

We may collect personal profile information related to your account when you use our Services, such as your avatar, gender, and shared photos that you uploaded to your account. We may collect your birthday provided by you if you wish to apply for birthday gifts or other benefits (if any) available on our Services.

(d) Chat Record

If you use the chat function of our Services (e.g. in-game chat), we may process the communication record and for certain services, we may apply end-to-end encryption to protect your information.

(e) Information Posted by You

We process information generated by you, including information you post publicly, comments, and/or information you share with other users through our Services. For information you post publicly, you can control the scope of your information sharing through the privacy settings in our Services, or delete your publicly shared information through the settings in our Services or the guidelines we provide. However, please note that this information may still be stored independently by other users or non-associated third parties not under our control.

(f) Contact List

You may choose to provide your contact list information of your device so that you can connect with other users you know using our Services. We will encrypt the name and phone number of your contact list.

(g) Survey and Feedback Information

If you participate in our surveys, we will collect your responses. We may collect your mobile phone number or other contact number when you voluntarily provide it, for the purpose of responding to your inquiries and communicating feedback.

(h) Customer Service Information

We may collect your name, mobile phone number, email address, ID, home address for verification of your identity when you use our customer service.

(i) Event Participation Information

We may collect your name, mobile phone number, email address, ID, home address, account information when you participate in events or activities held by us.

(j) In-game Transaction Information

When you place an order for specific products or services or perform a top-up within our products or services, we will generate an order through our system to display your transaction details and ensure transaction security. In doing so, we collect information such as your order number, order creation time, and transaction amount for the purpose of managing the transaction.

To complete the payment, deliver the product or service, confirm the transaction status, and provide after-sales support or dispute resolution, we may collect information related to your account, order, and transaction progress based on the transaction party or payment provider you select. We may also share your transaction information with the relevant service providers. Collecting such information is necessary to enable the transaction function; otherwise, the transaction cannot be completed. Please note that we do not collect your payment information (such as bank/debit/credit card number, card expiration date, billing address, CVV). Payment service is provided by third parties (such as Google, Apple).

1.2 Information Automatically Collected when You Use Our Services

(a) Log information.

When you use our services, we may automatically collect relevant information to store as service log information:

i. Device information. For example, device model, operating system version, unique device identifier, MAC address, browser type, IMEI address, OS version and language, time zone, device settings and configurations, battery, signal strength, memory data etc.

ii. Software information. For example, the version of the software, the type of browser, and browser settings and configurations.

iii. IP address. Each device that is connected to the Internet is assigned a number called an Internet Protocol (IP) address. These numbers are usually assigned based on geographic regions. IP addresses are often used to identify the address where your device is connected to the Internet.

iv. Service log information. For example, information you search, view, service failure information, referral URLs, etc. when you use our Services.

v. Communication log information. For example, the account, communication time, and duration that you used to communicate when using our services.

(b) Location information.

When you use location-related functions of our Services, we may collect the geographic location of your device by means of IP address, GPS, Wi-Fi or base station.

We may collect additional information based on your consent or other legal basis. In such cases, we will, where required under applicable laws, provide more information about any change to the way or purpose of our collection or processing which are different from or not clarified in the details in this Privacy Policy..

1.3 Information from Third-Party Partners

We may collect information that you generate or share when you use a third-party partner service. For example, when you use a third-party partner service, we will get the name and login time of your third-party partner service so that you can authorize to manage it. Please note, if you use or interact with third-party services that may be available on our services, such as third-party social media widgets, share buttons, and/or login mechanisms, this Privacy Policy does not and will not extend to such services/features, which will be subject to the respective third-party privacy policies. Please read carefully the terms of service or privacy policy of such third party.

1.4 Cookies

We use cookies and other similar technologies (e.g., web beacons, log files, scripts and eTags) (“Cookies”) to enhance your experience using our Services. Cookies are small files which, when placed on your device, enable us to provide certain features and functionality. You have the option to permit installation of such Cookies or subsequently disable them. You may accept all cookies, or instruct the device/browser to provide notice at the time of installation of cookies, or refuse to accept all cookies by adjusting the relevant cookie retention function in your device/browser. However, in the event of your refusal to install cookies, our Services may not be able to provided as designed.

1.5 Access to System Permissions

When necessary, we may request access to certain system permissions, including but not limited to storage permission, camera permission, microphone/recording permission, location permission and contact permission. Before enabling any permission, we will inform you of the purpose and obtain your consent. If you do not agree, we will not enable the relevant permission and will be unable to provide relevant functions of our Services.

Permission Revocation Notice: If you wish to disable any previously granted permissions, most mobile devices support this functionality. Please refer to your device manufacturer or service provider for instructions, or contact us directly. Please note that enabling a permission indicates your consent for us to collect and use relevant information to provide relevant functions of our Services. Disabling a permission indicates withdrawal of that consent, and we will cease collecting and using the related information. However, this does not affect any information collected prior to the revocation.

2. How We Collect and Use Your Personal Information

We may use your personal information for one or multiple purposes as described below:

(a) help you create your account or delete your account for our Services in accordance with your request and manage your personal profile;

(b) to manage, operate, provide and/or administer your use of and/or access to our Services;

(d) to store your game data (including level and progress) with your account;

(e) to contact or communicate with you by mobile phone, SMS, email , and/or other means;

(f) to maintain a record of your transaction history;

(g) for identification and/or verification for certain services (such as customer service);

(h) to correct bugs or errors;

(i) to conduct research, analysis, and development activities (including, but not limited to, data analytics, surveys, product, and service development and/or profiling), to analyze how you use our Services, to improve our Services or products and/or to enhance your customer experience;

(j) to provide software verification, upgrades and administration, notify of special events;

(k) facilitate your communication with other users if you use our in-game chat function;

(l) to filter inappropriate content such as pornography, violence, political material, abusive language, and malicious advertisements, in order to maintain a healthy gaming environment;

(m) for security and verification purposes; identify and address bugs and assess function of our Services for optimize action; anti-hacking, solve game crashes and optimize compatibility of devices with our Services; and to combat users registering for multiple accounts;

(n) facilitate your participation in our surveys, contests, events, or activities;

(o) to provide country/region leader board rankings or any other similar features or functions, we may determine your country/region based on your IP address;

(p) to store, host, back up (whether for disaster recovery or otherwise) of your personal information, whether within or outside of your jurisdiction;

(q) to protect the integrity, information safety, and financial security of our services or users, comply with legal obligations, and enforce compliance with the Terms or other restrictions placed on your use of our services;

(r) to respond to legal processes or to comply with or as required by any applicable law, governmental or regulatory requirements of any relevant jurisdiction, including, without limitation, meeting the requirements to make disclosure under the requirements of any law binding on us or related corporations or affiliates;

(s) for marketing and, advertising for any marketing activities where permissible under applicable law (including recommendation of our new products and/or services, promotional information and materials relating to our products and/or services). You may be able to opt-out of receiving such marketing communications in accordance with the instructions contained in the communication, such as email, online communication channels, or other contact methods provided by us. For example, you may opt-out the out-of-game push notifications on mobile applications by checking the settings and turning off the “allow notifications” (iOS/Android);

(t) for other purposes not specified in this Privacy Policy, but we will provide specific notice at the time the information is collected.

3. Information We may Share, Transfer or Disclose

3.1 Sharing

We will not share your personal information with any third party, except in the following cases:

(a) You have given us your prior consent;

(b) For the purposes set forth in Section 2 above, our affiliates may be commissioned to process your personal information, provided that such affiliates comply with the terms in this Privacy Policy. “Affiliates” in this Privacy Policy means an entity that directly or indirectly controls, is controlled by, or is under common control with us;

(c) Perform our obligations specified in this Privacy Policy or other agreements we reached with you and exercise our rights;

(d) Within the scope of laws and regulations, in order to comply the law, protect the public interest, property and safety of us, our affiliates, cooperative partner, you and other users from injury such as the fraud and other illegal activities, we may exchange information with other companies and organizations. However, the information that violates the promise made in this Privacy Policy for sold, rent, shared, or otherwise disclosed is not included within this category;

(e) Assist in handling your disputes or controversies with others in accordance with your legitimate needs;

(f) Provide your information when legally requested by your guardian;

(g) Provide your information based on social public interests in accordance with applicable laws and regulations;

(h) Provide your information as to public security organs, courts, procuratorates, or arbitration institutions in accordance with applicable laws and regulations, requirements of legal proceedings, and mandatory administrative or judicial requirements as may be necessary;

(i) We may share your personal information to our third-party partners and they will process your information based on our instructions, this Privacy Policy and other relevant confidentiality and security measures for the following purposes: (i) to provide you with our services; (ii) to achieve the purpose of Section 2 of this Privacy Policy; (iii) to fulfill our Terms or this Privacy Policy obligations and exercise our rights; (iv) understand, maintain and improve our services. If we share your information with the above-mentioned third parties, we will use encryption, anonymization and other means to protect your information.

We will only share your information for legitimate, appropriate, necessary, specific, and explicit purposes. We will sign strict confidentiality agreements with companies, organizations and individuals with which we share information, and require them to process information in accordance with our instructions, this Privacy Policy and any other relevant confidentiality and security measures.

3.2 Transfer

We will not transfer your personal information to any company, organization or individual, except for the following:

(a) Transferring your information to other parties after obtaining your explicit consent;

(b) Provision in accordance with applicable laws and regulations, requirements of legal proceedings, and mandatory administrative or judicial requirements as may be necessary;

(c) In case of mergers, acquisitions, asset transfers or similar transactions, your information may be transferred as part of such transactions. We will require new companies and organizations that hold your information to continue to be bound by this Privacy Policy. If that is not feasible, we will ensure that your consent is obtained again by such company and organization prior to any further use of your information.

3.3 Disclosure

We will only disclose your information in the following cases:

(a) Disclose the information you specify in accordance with your needs and disclosure methods that you expressly agree to;

(b) If your information must be disclosed as required by laws, regulations, mandatory administrative enforcement, and judicature, or as required to fulfill contractual obligations, prevent technical or security risks, protect the rights of others, safeguard public interests, or for other reasonable and necessary purposes, we may disclose your information judicial authorities, law enforcement authorities, or other competent entities.

(c) We reserve the right to disclose your personal information in the cases if we, in our good faith, believe that disclosing such data is necessary to identify, contact, or bring legal action against you, if we reasonably believe that (i) you are violating the Privacy Policy or Terms, or causing damage to us; (ii) you are infringing third-parties’ rights and interests; and/or (iii) it is necessary to prevent fraud or other illegal activities.

4. How We Retain, Store and Protect Your Personal Information

4.1 Storage Method and Retention Period

We store your personal information securely using methods such as local storage (e.g., app-based data caching), databases, and server logs. We retain your personal information only for the period necessary for the purposes described in this Privacy Policy and for the timeframe required by applicable laws and regulations. Upon the expiration of such period, your personal information will be deleted, blocked or anonymized, as provided by and in accordance with applicable laws and regulations.

Unless otherwise stipulated by law or requested by you under this Privacy Policy, most personal information collected during the operation of our Services will be retained throughout the operational period. However, personal information collected during marketing activities will not be retained after the activity ends.

4.2 Storage Location

To fulfill our contractual obligations to you—namely, providing you with our Services—your personal information will be processed on our servers, which are located in Singapore. For the avoidance of doubt, we reserve the right to add or adjust servers in different countries and regions from time to time based on business development.

4.3 Security Measures

We will take the following measures to protect your information:

(a) Data security technical measures

We will adopt security measures that comply with industry standards, including the establishment of reasonable system specifications and security technologies to prevent unauthorized access, application, and modification of your information, and to avoid data corruption or loss. Network services apply a variety of encryption technologies. For example, in some services, we will use encryption technology to protect your information. We apply encryption technology to cryptographically store your information, and isolate such information through isolation technology. During the process of using your information, such as information display and information correlation calculation, we will apply a variety of data desensitization technology to enhance the security of the information. We protect data with strict data access control and multiple authentication technologies to avoid misuse of the data.

(b) Other security measures we take to protect information

We manage and standardize the storage and the usage of information by establishing data classification and grading system, data security management standard, and data security development specifications. We provide comprehensive security control of data through information contactors confidentiality protocols, monitoring and auditing mechanisms. We continuously strengthen our safety awareness. We also conduct security and privacy protection training courses to enhance our employees’ awareness of the importance of protecting information. Our measures including the following:

i. We only allow our employees to access your information on a need-to-know basis, and set up strict access control and monitoring mechanisms. We also require all personnel who may contact your information to perform the appropriate confidentiality obligations. Failure to perform such obligations may result in legal liability or suspension of cooperation with Giant.

ii. We will take all reasonable and feasible measures to ensure that irrelevant information will not be collected by us. Nevertheless, please understand that due to technological limitations and the inherent constraints of risk prevention, even though we have taken reasonable security measures, we cannot always guarantee the absolute security of your information. You should be aware that issues may arise during your use of our Services due to circumstances beyond our control.

iii. The Internet is not an absolutely secured environment, and the methods of communicating with other users, like emails, instant messages, social software and other service software, cannot be ensured of its complete encryption. We recommend applying complex passwords when using such tools and paying attention to your information safety. You are responsible for properly safeguarding your account, password, and other identity credentials. When using our products and services, we rely on these credentials to verify your identity. If you disclose such information, you may suffer losses or adverse consequences. If you suspect or discover that your account, password, or other identity credentials have been or may have been compromised, please contact us immediately so that we can take appropriate measures to prevent or mitigate potential risks.

iv. When communicating with a third party and purchasing goods and services through Services, you inevitably disclose your information to the counterparty or a potential transaction counterparty, such as your contact information or postal address. Please protect your information properly and provide it to others only when necessary.

v. In response to possible risks such as information leakage, damage and loss, we have developed a number of systems to clarify the classification and grading standards and the corresponding procedures for security incidents and security breaches. We have also established a special emergency response team for security incidents to initiated safety plans for different security incidents, conducted stop loss, analysis, positioning, enacting remedial measures, tracing and striking in alliance with relative departments in accordance with the requirements of the security incident handling regulations.

vi. If the information security incident happened unfortunately, we will promptly inform you in accordance with the requirements of laws and regulations: the basic situation and possible impact of the security incident, the disposal measures we have taken or will take, and the advice you can take to prevent and reduce risks, your remedies, etc. At the same time, we will promptly inform you of the relevant events by email, letter, telephone, push notification, etc. When it is difficult to inform the information subject one by one, we will issue a public notice in a reasonable and effective manner. At the same time, we will also report the disposition of information security incidents in accordance with the requirements of the regulatory authorities.

vii. Please understand that due to technical limitations and the limited nature of risk prevention, even if we have tried to strengthen our security measures, we cannot always guarantee 100% security. Please understand that the systems and communication networks you use to access Services may have problems beyond our control.

5. How to manage your information

5.1 Right to Know about Personal Information Collected or Disclosed

You may have the right to access your personal information that we hold about you, such as (i) information whether your personal information is collected or disclosed, (ii) categories of your personal information which has been collected or disclosed, (iii) categories of sources from which your personal information is collected, and (iv) purpose for collecting or disclosing your personal information (if any). You may have the right to require us to provide a duplicate of your processed personal information, subject to submitting a verifiable request to us by emailing us in accordance with Section 9 of this Privacy Policy.

5.2 Modify and Delete Your Personal Information

You may access, modify and delete the registration information and other personal information you provided while using our Services or you may follow the notice guidelines to contact us. The scope and manner in which you access, modify, and delete personal information will depend on the specific service you use.

When you access, modify, and delete relative information, we may ask for an identity verification to keep your account secured. Please understand that due to technical limitations, legal or regulatory requirements, we may not be able to meet all of your requirements and we will respond to your request within a reasonable timeframe.

5.3 Withdraw Your Consent

If we have collected and processed your personal information based on your consent, you can withdraw your consent in accordance with applicable laws and regulations. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect the processing of your personal information conducted in reliance on lawful processing grounds other than consent. In many circumstances, we need to use your personal information for us to provide you with our Services which you require. If you do not provide us with the required personal information, or if you withdraw your consent to our use and/or disclosure of your personal information for these purposes, it may not be possible for us to continue to serve you or provide you with the Services that you require.

5.4 Disclosure and Sharing

Some of our services allow you to share your information not only with your social network but also publicly with all users of the service. This includes information you upload or publish within Services, your responses to others’ content, and any information you submit via email or in publicly accessible areas of the service. Such information may include location data and log information related to your shared content.

Unless you delete the information you have disclosed or shared, it may remain in the public domain. Even after deletion, the information may still be cached, copied, or stored independently by other users or third parties beyond our control, or retained in the public domain. If your information is disclosed or shared through these channels and results in a data leak, we are not liable. Therefore, we urge you to carefully consider whether to disclose or share your information through such means.

5.5 Account Deletion

Subject to the Terms and applicable laws and regulations, your account may be deleted or deactivated. Once your account is deleted, all service-related data associated with that account will be handled or removed in accordance with this Privacy Policy and the Terms, unless otherwise required by law.

You may request account deletion through the following steps:

i. Log in to the product and submit a deletion request via the [Settings – Delete Account] feature;

ii. After submitting your request, we will conduct a preliminary review based on your account’s security status and usage to determine eligibility. We will complete the review and processing within 15 business days;

iii. Upon successful review, your deletion request will be considered submitted. We will retain your account for a 15-day grace period, during which the account will not be deleted or anonymized unless otherwise required by law or policy. To ensure successful deletion, please refrain from logging in or using the account during this period. Otherwise, the request will be considered withdrawn.

iv. After your account is deleted, we will cease providing services and, upon your request, delete or anonymize your personal information, unless otherwise required by law. Once deleted or deactivated, the information cannot be recovered—please proceed with caution.

6. Minors

If you are a “Minor” who is under the age of 18 (or the applicable age of majority where you live), then you must read this Privacy Policy accompanied by your parent or your guardian, and you must get your parent's or your guardian’s permission to collect your personal information. We will protect the relevant information of minors in accordance with applicable laws and regulations of the country where the minors live. We do not actively collect minors’ personal information. If we discover or receive feedback that a minor’s personal information was automatically collected without prior parent’s or guardian’s consent, we will strive to delete the relevant information as soon as possible.

If you are the legal guardian of a minor, please pay attention to whether the minor under your guardianship is using our Services or providing their personal information after obtaining your authorization. You agree that you will be subject to this Privacy Policy and be responsible for your minor’s activities while using our Services. If you have questions about the personal information of the minor under your guardianship, please contact us by emailing us in accordance with Section 9 of this Privacy Policy.

7. Notice and Revision

We reserve the right to amend, modify or revise this Privacy Policy at any time and you agree to check periodically for new terms. The original terms of Privacy Policy will be replaced by the updated ones once released. If you continue to use our Services, you agree to be bound by the revised Privacy Policy. We encourage you to review this Privacy Policy each time you use our Services.

8. Scope of Application

This Privacy Policy applies to all of our Services unless otherwise specified. Some of Our Services may have their own specific privacy guidelines/statements that more specifically describe how we process your information in that Service.

In the event of any inconsistency between this Privacy Policy and the privacy guidelines/claims for a particular service, please refer to that particular privacy guidance statement.

Please note that this Privacy Policy does not apply to services provided by third parties other than Giant. Your use of such third party services is subject to the third party’s Privacy Policy (not this Privacy Policy) and you will need to read the policies carefully.

9. How to Contact Us

If you have any questions, comments or suggestions about this Privacy Policy and your information, or if you wish to make any request regarding your rights under this Privacy Policy, please contact us in the following manner:

Name: Privacy Department

Email Address: privacy@ztgame.com.

10. Supplemental Terms-Jurisdiction

10.1 Additional Information for US Residents

(a) Why We Collect and Process Your Personal Data

Section 1 and Section 2 above describe the business and commercial purposes for collecting your personal information. Section 3 above describes the third parties with whom we share personal information and for what purposes.

(b) Your Rights and Choices

If you submit a request to us and you receive a response from us informing you that we have declined your request, in whole or in part, provided by applicable law, you may appeal that decision by submitting your appeal using the contact method described in Section 9 of this Privacy Policy.

Some privacy laws define “sale” broadly to include some of the data disclosures described in Section 3 above – in particular certain sharing with third party providers for targeted advertising purposes. To opt-out from targeted advertising and any related data “sales”, you can use browser or device-level controls as follows:

i. Cookie controls. Most devices (in the case of mobile applications) and browsers (in the case of web apps and pages) allow you to change your cookie settings. These settings will typically be found in the “options” or “preferences” menu of your browser. The following links provide information about how to manage cookies on popular browsers, otherwise you should use the "Help" option in your browser for more details:

Note that if you choose to refuse or delete cookies, this could affect certain features, settings and preferences controlled by those cookies including advertising preferences which may be deleted and may need to be recreated.

ii. Do Not Track. Some browsers include a "Do Not Track" (DNT) setting that can send a signal to the websites you visit indicating you do not wish to be tracked. Our websites may not respond to browser DNT signals. Instead, you can use the range of other tools to control data collection and use, including the advertising controls described above.

iii. Mobile advertising ID controls. iOS and Android operating systems provide options to limit tracking and/or reset the advertising IDs.

10.2 Additional Terms for California Residents

(a) California Consumer Privacy Act.

The CCPA requires us to provide users who reside in California with the additional notice below. For the purposes of this notice, “personal information” means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household, or as otherwise defined by the California Consumer Privacy Act of 2018 (California Civil Code §§ 1798.100 to 1798.199) and its implementing regulations, as amended or superseded from time to time (“CCPA”).

Personal Information does not include information that is:

i. Lawfully made available from government records.

ii. Deidentified or aggregated.

iii. Otherwise excluded from the scope of the CCPA.

(b) Why We Collect and Process Your Personal Data

We collect and disclose the categories of personal information as set out in Section 1 above, the business purposes for collection of personal information also set out in Section 2 above.

If you are a California resident, and the processing of personal information about you is subject to the CCPA, you have certain rights with respect to that information:

i. Notice at Collection. At or before the time of collection, you have a right to receive notice of our practices, including the categories of personal information and sensitive personal information to be collected [Section 1], the purposes for which such information is collected or used [Section 2], whether such information is sold or shared, and how long such information is retained [Section 3 and Section 4]. You can find those details in this Privacy Policy by referring to this and the above-referenced sections.

ii. Right to Know. The right to request a copy of the personal information that we have collected about you in the prior 12 months. You also have a right to request additional information about our collection, use, disclosure, or sale of such personal information. Note that we have provided much of this information in this Privacy Policy, but you may reach to us to exercise your right herein as described in Section 9 above.

Additionally, under California Civil Code section 1798.83, also known as the “Shine the Light” law, California residents who have provided personal information to a business with which the individual has established a business relationship for personal, family, or household purposes (“California Customers”) may request information about whether the business has disclosed personal information to any third parties for the third parties’ direct marketing purposes.

Please be aware that we do not disclose personal information to any third parties for their direct marketing purposes as defined by this law.

iii. Right to Request Correction or Deletion. You also have right to request that we correct inaccurate personal information and that we delete personal information under certain circumstances, subject to a number of exceptions. To make a request to correct or delete, you may use our game/non-game account information functionality or email us as described in Section 9 above.

iv. Right to Request Removal of Public Information. California residents under the age of 18 who are registered users of online sites, services, or applications have a right under California Business and Professions Code section 22581 to remove, or request and obtain removal of, content or information they have publicly posted. To remove content or information you have publicly posted, or to request that we remove such content or information, please email us as described in Section 9 above with a detailed description of the specific content or information you wish to have removed. Please be aware that your request does not guarantee complete or comprehensive removal of content or information posted online and that the law may not permit or require removal in certain circumstances.

v. Right to Opt-Out. You have a right to opt-out from future “sales” or “sharing” of personal information as those terms are defined by the CCPA. Note that the CCPA defines “sell”, “share”, and “personal information” very broadly, and some of our information disclosures described in this Privacy Policy may be considered a “sale” or “sharing” under those definitions. In particular, we let advertising and analytics providers collect identifiers (IP addresses, cookie IDs, and mobile IDs), activity data (browsing, clicks, app usage), and device data through our sites and apps when you use our online services, but do not “sell” or “share” any other types of personal information. If you do not wish for us or our partners to “sell” or “share” personal information relating to your visits to our sites for advertising purposes, you can make your request by emailing us as described in Section 9 above. If you opt-out using these choices, we will not disclose or make available such personal information in ways that are considered a “sale” or “sharing” under the CCPA. However, we will continue to make available to our partners (acting as our service providers) some personal information to help us perform advertising-related functions. Further, using these choices will not opt you out of the use of previously “sold” or “shared” personal information or stop all interest-based advertising.

We do not knowingly sell the personal information of minors under 16 years of age.

vi. Right to Limit Use and Disclosure of Sensitive Personal Information. You have a right to limit our use of sensitive personal information for any purpose other than to provide the services or goods you request or as otherwise permitted by law. Note that we do not use sensitive personal information for any such additional purposes.

vii. Right to Authorize an Agent. You may designate, in writing or through a power of attorney, an authorized agent to make requests on your behalf to exercise your rights under the CCPA. Before accepting such a request from an agent, we will require the agent to provide proof you have authorized them to act on your behalf, and we may need you to verify your identity directly with us.

Further, to provide, correct, or delete specific pieces of personal information we will need to verify your identity to the degree of certainty required by law. We will verify your request through common market practices, including by asking you to send it from the email address associated with your account or requiring you to provide information necessary to verify your account.

viii. Right to No Discrimination. You have the right not to receive discriminatory treatment for the exercise of your CCPA privacy rights, subject to certain limitations.

California Customers may request further information about our compliance with the CCPA by emailing us as described in Section 9 above. Please note that we may only respond to requests made by means as described in Section 9 above.

10.3 Additional Terms for the EEA and UK residents

If you are in the European Economic Area (“EEA”) or the United Kingdom (“UK”), the following additional terms applies to you in addition to the Privacy Policy set out above.

(a) Data Subject Rights

In addition to the information set out in Section 5 above, you have the right to:

i. ask us to restrict the processing of your personal data,

ii. data portability,

iii. to object to the processing of personal data.

(b) Legal basis for processing your personal data

Our legal basis for collecting and using the information described in Section 1 above for the purposes in Section 2 above are:

i. To establish and perform our contract with you (i.e. our Terms) and to provide our services;

ii. For our or our partners’ legitimate interests, where those interests are not overridden by your data protection interests of fundamental rights and freedoms, e.g. to protect our legal rights, to pursue or defend legal claims, to improve our services;

iii. Consent, where obtained separately;

iv. For compliance with our legal obligations under applicable laws and regulations;

v. To protect our or your vital interests or those of another person (for example, another player), e.g. against fraud and violations of our Terms;

vi. While we typically do not collect sensitive or special category personal information, where we do this, it will be on the grounds of explicit consent or other applicable lawful basis.

Where we transfer your personal information to countries and territories outside of the European Economic Area and the UK, which have been formally recognized as providing an adequate level of protection for personal information, we rely on the relevant “adequacy decisions” from the European Commission, where applicable. Where the transfer is not subject to an adequacy decision, we have taken appropriate safeguards to require that your personal information will remain protected in accordance with this Privacy Policy.

(d) Children's Notice

Though our Services are not intended for children as the primary audience, we may collect age information before allowing a user to proceed for certain Services. If we learn that we have inadvertently gathered personal information about a child that is not subject to exemption under applicable Privacy Laws, we will take measures to promptly remove that information from our records.