Welcome to Age of Empires Mobile!

This Privacy Policy explains the when, how and why when it comes to the processing of your personal information in connection with the Official Website (“Website”) and Age of Empires Mobile (the “Service”), and sets out your choices and rights in relation to that information. Please read it carefully – it will allow you to understand how we collect and use your information, and how you can control it.

Please note that this Privacy Policy only applies to the Service. If you use any other products or services please refer to the privacy policy for that particular product or service.

If you do not agree to the processing of your personal information in the way this Privacy Policy describes, please do not provide your information when requested and stop using the Service. By using the Service you are acknowledging how we process your personal information as described in this Privacy Policy.

For the purpose of data protection laws, the data controller of your personal information in relation to the Service is Proxima Beta Pte. Limited (“we”, “us”, “our”).

If you have any questions about anything in this Privacy Policy, or want to exercise any rights you may have, our contact information can be found here. You can also reach out to our data protection officer at DPO@aoemobile.com.

1. Cookies

We use cookies and other similar technologies (“Cookies”) to enhance your experience for the Service. Cookies are small files which, when placed on your device, enable us to provide certain features and functionalities.

For more information about our Cookies policy, please click here.[LV1]

2. Children

Children must not use this Service for any purpose. By children, we mean users under the age of 18 years old; or in the case of a region where the minimum age for processing personal information differs, such different age. For users located in certain regions we have listed the relevant minimum age as of the date of this policy in the table below. You should in any case refer to the laws in your jurisdiction to ensure you are above the relevant legal minimum age.

We do not knowingly collect personal information from children under these ages for any purpose. If you believe that we have personal information of a child under these ages, please contact us.

Region in which the user is located	Minimum age of the user
Algeria	19
Argentina	13
Australia	18
Bangladesh	18
Brazil	18
Cambodia	18
Canada	13
Colombia	18
Egypt	18
European Economic Area	16
Hong Kong	18
Indonesia	18
Japan	18
Kazakhstan	18
Kuwait	21
Macau	18
Malaysia	18
Mexico	18
Morocco	18
Myanmar	18
New Zealand	16
Nigeria	13
Philippines	18
Qatar	18
Saudi Arabia	18
Serbia	15
Singapore	13
South Africa	18
South Korea	14
Sri Lanka	18
Switzerland	14
Thailand	20
Tunisia	18
Türkiye	18
United Arab Emirates	21
United Kingdom	13
United States	13

3. How We Process Your Personal Information

This section provides more detail on the types of personal information we collect from you, and why.

For users who live in Brazil, the European Economic Area, Indonesia, Switzerland, Thailand, Türkiye or the United Kingdom, it also identifies the legal basis under which we process your data.

Personal Information	Use	Legal Basis (where applicable)
Information you provide to us (either directly or through a third party)
For the Website
Email address	If you choose to provide your email address to us to pre-register for Age of Empires Mobile, we use this information to send you news and updates about the Service, including obtaining pre-registration rewards, with your consent.	We use this information only with your consent.
Phone number (for South Korea)	If you are in the regions stated in the left column and choose to provide your phone number, we use this information to send you news and updates about the Service and allow you to pre-register for the Service, with your consent.	We use this information only with your consent.
For the Service (Mobile Version)
Account Log-In Information: Open ID, email address, telephone number, country code	We use this information to create your account for the Service in accordance with your request.	Necessary to perform our contract with you to provide the Service.
Social Media or Third Party Services Log-In Information (if you choose to log in via your social media account or third party) that such social media companies or third party provide: Facebook: Facebook ID, profile picture, nickname, ticket Google Play: Google ID, profile picture, nickname, ticket Apple: Apple ID, profile picture, nickname, ticket Microsoft (Xbox): Xbox ID, profile picture, nickname, ticket, age group, authentication token, social platform achievement	We use this information to create your account for the Service in accordance with your request.	Necessary to perform our contract with you to provide the Service.
Guest Log-In Information: Open ID, Device Information	We use this information to create your account for the Service in accordance with your request.	Necessary to perform our contract with you to provide the Service.
Chat Data Please note that online chat data is only stored on your device, and is not retained on our servers.	We facilitate the posting of your communications with other users.	Necessary to perform our contract with you to provide the Service and enable communication between users.
Aggregated Survey Results (not containing personal information)	We use aggregated survey results to better understand our users and to improve the Service.	Aggregated survey results do not contain personal information.
Transaction Information • Identity information: Open ID, country, role ID • Device information • Other information: Country currency, SDK version, application version, network type, purchase amount We will also allow you to make in-app purchases via Google Play and the Apple Store.	We use this information to facilitate your transactions as part of the Service and to maintain transaction records.	Necessary to perform our contract with you to facilitate your transactions as part of the Service, and to maintain transaction records.
Supercore Player Outreach Information: Phone number and/or social media or messaging platform account information (including social media ID) (as applicable, depending on the region, such as WhatsApp, Kakao, Facebook Messenger, LINE)	If you are a Supercore player, we use this information to: provide you with the Supercore Players-only customer service and communicate with you; and share with you marketing and promotional materials.	Necessary to perform our contract with you to provide you the Supercore Players-only customer service. We provide you marketing and promotional information with your consent.
For Events
Identifying Information (e.g. name, address and post code (if applicable), contact information (email address, telephone number), date of birth, country of residence, game ID, UUID, username, social media IDs and information, event-specific identifiers, government-issued document identifiers, and similar identifiers)	We use this information for one or more of the following purposes: to facilitate access to the Event; we use identifying information like date of birth, country of residence, and government-issued document identifiers for: (i) offline tournaments registration (e.g. relating to hotel bookings); (ii) delivery of physical prizes or cash prizes; and to provide an engaging experience	Necessary to perform our contract with you in connection with the Event. It is in our legitimate interest to use this information to provide an engaging experience.
Financial Information (e.g. payment information, bank account details, and similar financial data)	We use this information for one or more of the following purposes: to facilitate access to the Event, maintain records; to send and administer Event-related physical and cash prizes; and to optimize game performance, server management, ensure smooth gaming experience.	Necessary to perform our contract with you in connection with the Event. It is in our legitimate interest to use this information to optimize our game performance and experience.
Survey Information: Any information requested as part of the survey (e.g. email, country or region of residence, gaming habits and preferences, gameplay frequency, favorite game categories, language preference, and any other responses you choose to provide as part of the survey response)	To allow you to participate in surveys about an Event, to improve the Service, and for registration purposes. To send you news, events and promotions relating to the Event	We collect this information you’re your consent.
Personal Information categories described in this table and this Addendum	To maintain records (other than described in the Uses described above)	Necessary to perform our contract with you to participate to the Event. We process this information to comply with our legal obligations.
Information generated as part of the Service
For the Website
IP Address	We use this information to collate statistics on page views.	It is in our legitimate interests to use this information to collate statistics of visits to the Website.
For the Service (Mobile Version)
Open ID	We use this information to create your account for the Service in accordance with your request.	Necessary to perform our contract with you to provide the Service.
IP address	We use this information for one or more of the following purposes: to allow you to use the Service and connect to our servers; for system monitoring, malicious attack protection; network optimisation; to analyse performance of the user’s mobile device in the course of using the Service and improve user experience of the Service.	Necessary to perform our contract with you to provide the Service.
Device ID and Device Information (device language, RAM, running process information, device model, Android ID, device brand, screen resolution, ROM, system time, UUID, device manufacturer, system startup time, CPU information, OAID, running process information, system time information); Region Location; IDFV, IDFA and similar identifiers	We use this information for one or more of the following purposes: to create your account for the Service in accordance with your request; to improve our Service, including the functionality of the Service; to analyse performance of the user’s mobile device in the course of using the Service and improve user experience of the Service; for ad attribution analysis, user acquisition analysis and to facilitate SDK error solutions. to send you in-Service notifications about the Service; for security and verification purposes; and to identify and address bugs and assess Service function for optimisation.	It is in our legitimate interest to ensure the security of our Service, manage registrations and improve our Service.
Security-Related Information: Device system settings, active software, and device information including mobile phone brand, model, CPU structure, CPU model, kernel version, resolution.	We use this information to: provide a fair environment and detect cheating; and solve crashes and optimize compatibility.	It is in our legitimate interests to use this information to protect the integrity of the Service and improve its operation.
In-game notifications / announcements information: Open ID, UUID（Universally Unique Identifier）, Device language, Screen resolution, Device brand, Device manufacturer, Device model, RAM, ROM, CPU Info, Application version, Network Type,	We use this information to send you in-game notifications and announcements relating to the Service.	We send you notifications about the Service with your consent.
Data analytics/profiling information (Appsflyer): · Technical information: browser type, device type and model, CPU, system language, memory, OS version, Wi-Fi status, time stamp and zone, device motion parameters and carrier · Technical Identifiers: IP address, user agent, Google Advertising ID, Open ID · Engagement Information: clicks on customer ads, ad impressions viewed, audiences or segments to which an ad campaign is attributed, the type of ads and the webpage or application from which such ads were displayed, the webpages on customer’s website visited by an end user, the URL from the referring website, downloads and installations of applications, and other interactions, events and actions customers choose to measure and analyse within their application or website (e.g. add to cart, in-app purchases made, clicks, engagement time etc.) · Firebase Instance ID generated by Firebase and Open ID will be processed by Appsflyer · Firebase Installation ID generated by Firebase for each installation will be processed by Appsflyer	We use this information for ad attribution.	If you live in the European Economic Area: We collect this information with your consent. If you do not live in the European Economic Area: It is in our legitimate interest to use this information to monitor the effectiveness of our advertisements and to provide a better gaming experience. It is in our legitimate interest to carry out data analytics and profiling for ad attribution purposes to understand how our users interact with advertisements. It is in our legitimate interest to use the Firebase Instance ID to increase in-game purchase rate of new users through Google platforms.
Data analytics/profiling information (Firebase): Default Firebase implementation collects: User device dimensions and in-app events such as number of users and sessions, session duration, operating systems, device models, geography, first launches, app opens, app updates, in-app purchases Firebase collects the following device dimensions: age, app store, app version, country, device brand, device category, device model, first open time, gender, interests, language, new/established, OS version Firebase automatically collects the following in-app events: advertising analytics such as ad clicks, ad exposure, ad impression, ad query, ad exposure, application analytics such as app usage, app clearance, app crashes, app removal, app payment analytics, app update and use analytics, website usage analytics, such as web clicks, browser downloads, notification, video progress, search analytics · Ad ID · Firebase Instance ID and Open ID	We use this information for app performance analytics. We use the Firebase Instance ID to increase in-Service purchase rates of new users through Google platforms.	If you live in the European Economic Area: We collect this information with your consent. If you do not live in the European Economic Area: It is in our legitimate interest to use this information to monitor the effectiveness of our advertisements and to provide a better gaming experience.
Data analytics/profiling information (Facebook): · Contact Information: name, email address, and phone numbers · Event Data: information, such as site visits, app installations, products purchase, information collected and transferred when people access a website or app with Facebook Login or Social Plugins (e.g. the Like button). It does not include information created when an individual interacts with our platform via Facebook Login, Social Plugins · Hashed Data: including personal data such as email addresses and phone numbers	We use this information for user acquisition purposes and to monitor the effectiveness of our advertisements.	If you live in the European Economic Area: We collect this information with your consent. If you do not live in the European Economic Area: It is in our legitimate interest to use this information to monitor the effectiveness of our advertisements so as to provide better gaming experience.
Supercore Player Qualification Information: Service account ID, open ID, registration country, total payment amount	We use this information to determine if you qualify as a Supercore player and to recommend relevant content and activities to you.	Necessary to perform our contract with you to provide you with the Supercore Players-only customer service.
Customer Service Data: Identity information: Open ID, role ID; Device information: Device brand, device system version, device manufacturer, device model, device name; Social media or messaging platform information: Social media or messaging platform nickname (of the platform you use to log in to the Service); Page view and message read information (including click actions and view duration); Login channel ID, SDK version, application version, IP address, network type, client language, buried data reporting; Data relating to your questions and our communications (including any images sent by you)	We use this information to provide you with customer support, including to: provide a Q&A function and customer service, and respond to your communications; and provide troubleshooting, such as addressing and remediating technical issues and bugs.	Necessary to perform our contract with you to provide and support the Service services.
In-app Push Notification Information: Identity information: Open ID, role ID; Device information: Device brand, device system version, device manufacturer, device model, device name; Login channel ID, SDK version, application version, IP address	We use this information to send you push notifications about announcements, updates or information relating to the Service; and to invite Supercore players to bind their social media account.	Necessary to perform our contract with you to notify users of updates and to remind Supercore uses to provide relevant social media account information.
Supercore Player Data: Identity information: Open ID, role ID Device information: Device brand, device system version, device manufacturer, device model, device name Social platform information: Social platform nickname User payment log: Payment details, payment distribution; User login log: Character information, login/logout time; Chat history with Supercore Players In-Service user activity log: Binding history of social media account, game account and VLINK account, clicks In-Service anti-cheating event log: Cheating/hack notice, AFK, game token change, server transfer, character deletion, credit points changes, team/group formation, friend operation, receipt of mail Login channel, SDK version, application version, IP address, network type, client language, buried data reporting	If you are a Supercore player, we use this information to carry out analytics, in order to: improve the functioning of the Supercore Players-only customer service and the Service; review and analyse punishment decisions; conduct statistical analysis; and provide a better user experience.	It is in our legitimate interest to improve our services (including the Supercore Players-only customer service), and to ensure the security of our services, to maintain a fair gaming environment in the Service.
Customer Support Information: General information: Zone name, zone ID, platform ID, role name/ user nickname, rolecoin, language type, openID, notch screen height, scene ID, area ID, app ID, game ID, country selected by user during registration process of the Service, channel ID Service account information: Registered user name, social media account, mobile phone, registration time, VIP level) Device information: Device ID, IP address; Service character information: Role name, role ID, game duration, game records; In-game data: Items, currency, penalties, logins, activities, top-up information, purchases, in-game friends, game match data Log-in channel, Android , device model, time of registration, time of last log-in, time of last top-up, frequently used heroes, previously used nicknames, highest ranking ever achieved, frequent playtime in past three months, last purchased skin, last purchased hero, email address, email verification code Feedback on app store: feedback, feedback ID, nickname and rating); Complaints and handling information: Service users complained, content of complaint, game match data, information of logins and penalties, in-game chat, complaint handling time, complaint outcome and reason for decision; Information to be provided by users to customer service (including chat history, email content, user description, email address, Open ID, date of ticket, type of CS request)	We use this information to provide troubleshooting, such as addressing and remediating technical issues and bugs, to improve our Services, and for account recovery.	Necessary to perform our contract with you to provide and support the Service.
For Events
Device and Network Information (e.g. device ID, operating system, IP address, device specifications, and similar technical data)	To facilitate access to the Event, maintain records, optimize game performance, server management, ensure smooth gaming experience	Necessary to perform our contract with you in connection with the Event.
Gameplay and Interaction Data (e.g. in-game performance data, items and prices, game profile, usernames or nicknames, behavioral data, communication data, feedback or survey responses, likes and dislikes, interests and habits, lifestyle information, preferences, leaderboard and ranking information, streamer-related information, and similar gameplay and interaction data)	We use this information for one or more of the following purposes: to track progress, maintain records, and provide Event-related rewards; to identify and rank users in the game or on leaderboards, improve game balance and design, facilitate in-game chat or communication, collect feedback, improve game design, Event-related rewards; and to provide an engaging experience.	Necessary to perform our contract with you in connection with the Event. It is in our legitimate interest to provide an engaging gaming experience for our users.
Media and Additional Data (e.g. pictures, videos, other personal information or gameplay data related to cheating prevention, health-related information, video footage of gameplay, recorded images, and similar media and additional data)	We use this information for one or more of the following purposes: to allow social and traditional media promotion; to prevent cheating, and protect other players; and to provide an engaging experience	It is in our legitimate interest to promote the Event, ensure a safe gaming environment, and to provide an engaging experience.

4. How We Store and Share Your Personal Information

Pursuant to our contract with you, we may transfer data outside of the location in which you are based for the purposes described in this Privacy Policy.

We have servers for the Service in the United States and Singapore. The servers applicable to your use of the Service will depend upon your location. We also have support, engineering and other teams who may support the Service globally, such as from Brazil, Mexico, Singapore, and the People’s Republic of China. Certain personal information processed for data analytics, ad attribution, and user acquisition purposes may also be stored and processed by our third-party partners, Firebase, AppsFlyer, Meta, Google, and Apple and on their servers in accordance with their privacy policies.

For EEA/UK users, transfers between our affiliates and to third parties use applicable safeguards, such as incorporating standard contractual clauses, or taking into account adequacy assessments.

Only where necessary will we share your personal information with third parties. Situations where this occur are:

Third parties that provide services in support of the Service, including providers of services that process information identified in this policy for the purpose of providing the Service and to carry out surveys. All third party service providers providing services for us are prohibited from retaining, using, or disclosing your personal information for any purpose except where strictly necessary for the Service (i.e., for the purpose(s) described above).
Companies within our corporate group who process your personal information solely for the purpose of providing the Service to you. All such group companies may only use your personal information in accordance with this Privacy Policy.

Regulators, judicial authorities and law enforcement agencies. There are circumstances in which we may be legally required to disclose information about you, such as to comply with legal obligations or processes. In complying with the terms of valid legal processes, such as a subpoena, or search warrant, unfortunately we may not be able to seek your consent to or notify you in advance of such disclosure.
Third parties to ensure safety, security, or compliance with laws. We may disclose your information to:
- enforce our terms and conditions and other agreements, including investigation of any potential violation thereof;
- detect, prevent or otherwise address security, fraud or technical issues; or
- protect the rights, property or safety of us, our users, a third party or the public as required or permitted by law (such as exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction).
A third party that acquires all or substantially all of us or our business. We may also disclose your information to third parties if we either: (a) sell, transfer, merge, consolidate or re-organise any part(s) of our business, or merge with, acquire or form a joint venture with, any other business, in which case we may disclose your data to any prospective buyer, new owner, or other third party involved in such change to our business; or (b) sell or transfer any of our assets, in which case the information we hold about you may be sold as part of those assets and may be transferred to any prospective buyer, new owner, or other third party involved in such sale or transfer.

5. The Security of Your Personal Information

We have information security and access policies that limit access to our systems and technology, and we protect data through the use of technological protection measures such as encryption.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will implement and maintain reasonable measures to protect your personal information, we cannot guarantee the security of the information transmitted through the Service or otherwise via the Internet; any transmission is at your own risk.

6. Data Retention

We do not keep your data for longer than is necessary to fulfil the relevant purpose described above unless we are required or permitted to do so under law. If we retain your information beyond the retention periods set out below, for example to comply with applicable laws, we will store it separately from other types of personal information.

For further details on how long we keep your data, please refer to the time periods set out below.

Personal Information	Retention Policy
For the Website
Email address	Stored until the termination of the Service, and deleted within 30 days from the receipt of your deletion request.
IP address	Stored for 30 days.
Phone number (for South Korea only)	Stored until the termination of the Service, and deleted within 30 days from the receipt of your deletion request.
For the Service (Mobile Version of the Service)
Open ID Account Log-In Information Social Media Information	Stored for the lifetime of your use of the Service and then deleted within 30 days thereafter. In the event of a deletion request, this will be done as soon as possible and no later than 30 days from the end of the Service.
Device ID and Device Information, Region Location	Stored for the lifetime of your use of the Service and then deleted within 30 days thereafter. In the event of a deletion request, this will be done as soon as possible and no later than 30 days from the end of the Service. Such information used for device performance analysis and improvement of user experience will be stored for 90 days, and in the event of a deletion request, this will be done as soon as possible and no later than 30 days from the end of the Service.
IP Address	Not stored except for the following purpose: Where such information used for device performance analysis and improvement of user experience will be stored for 90 days, and in the event of a deletion request, this will be done as soon as possible and no later than 30 days from the end of the Service.
Security-Related Information	Stored for the lifetime of your use of the Service and then deleted within 30 days thereafter. In the event of a deletion request, this will be done as soon as possible and no later than 30 days from the end of the Service.
Chat Data	Online chat data: only processed and stored on your device, and is not retained on our servers.
Aggregated Survey Results (not containing personal data)	Aggregated survey results will be stored for 1 year from collection, after which it will be deleted.
Data analytics/profiling information (Firebase) Data analytics/profiling information (AppsFlyer)	Stored for up to 14 months.
Data analytics/profiling information (Facebook)	Stored for the lifetime of your use of the Service and then deleted within 30 days. If you request for account deletion, data will be deleted within 7 days after your request.
In-game notifications / announcements information	Not Stored.
Transaction Information	Deleted within 1 year upon the termination of the Service, or deleted within 30 days upon receipt of your deletion request (whichever is earlier), and where required to comply with legal obligations, until the expiration of any retention periods for which such data must be retained.
Customer Service Data Supercore Player Analytics Data (except chat history with Supercore players) In-app Push Notification Information	Stored for 90 days (unless you request deletion of such data or your account, in which case we will delete such data within 30 days after your request).
Chat history with Supercore players	Stored for 30 days
Supercore Player Outreach Information Supercore Player Qualification Information	Stored for the lifetime of the Service and then deleted within 30 days. If you request for deletion, data will be deleted within 7 days after your request.
Customer Support Information	Customer service log data (OpenID, date of ticket and type of customer service request from Content of Complaint): Deleted within 30 days of upon termination of the Service, or within 30 days upon receipt of your deletion request (whichever is earlier). Service data: Momentarily reviewed to provide customer support and not stored. Other data (including Service account and contact information, Device information, Feedback on app store, Complaints and handling information , General information, and Information to be provided by users to customer service): Stored for 2 years or deleted earlier upon user request. If you provide sensitive/ special categories of personal data in your customer support request and if such data is necessary for proceeding with your request (e.g. verification of your identity), such data is deleted immediately after processing your request; otherwise, the data is deleted immediately.
For Events
Identifying Information	Stored for one year after the end of the Event, or deleted within 30 days from the receipt of your deletion request. In case those information are necessary to maintain the record of the participation to the Event, such will be kept until Service is shut down.
Device and Network Information Gameplay and Interaction Data	Stored for one year after your last interaction with the Event, or deleted within 30 days from the receipt of your deletion request. In case those information are necessary to maintain the record of the participation to the Event, such will be kept until Service is shut down.
Financial Information	Stored for seven years after the completion of the transaction, or deleted within 30 days from the receipt of your deletion request.
Media and Additional Data	Stored until the Service is shut down, or deleted within 30 days from the receipt of your deletion request.
Survey Information	Stored for up to 1 year.[IPDP2]

7. Your Rights

Some jurisdictions’ laws grant specific rights to users of the Service. Please refer to the Supplemental Jurisdiction-Specific Terms, or the applicable laws in your jurisdiction, for an overview of specific rights that apply to persons subject to data protection laws in the listed jurisdictions and how these can be exercised.

You may have certain rights in relation to the personal information we hold about you. Some of these only apply in certain circumstances (as set out in more detail below). You can exercise some of these rights directly by accessing and updating the information in your account. If you believe we hold any other personal information about you, please contact us.

Access

You may have the right to access personal information we hold about you, how we use it, and who we share it with.

Portability

You may have the right to receive a copy of certain personal information we process about you. For example, in certain jurisdictions this can comprise personal information we process on the basis of your consent (e.g., survey information) or pursuant to our contract with you (e.g., account name), as described above in the section “How We Use Your Personal Information”. We will provide further information to you about transferring this data if you make such a request.

Correction

You may have the right to correct personal information we hold that is inaccurate.

Erasure

You may be able to delete your account, or remove certain personal information. We may need to retain personal information if there are valid grounds under data protection laws for us to do so (for example, for the defence of legal claims or freedom of expression) but we will let you know if that is the case. Where you have requested that we erase personal information that has been made available publicly on the Service and there are grounds for erasure, we will use reasonable steps to try to tell others that are displaying the personal information or providing links to the personal information to erase it too.

Restriction of Processing to Storage Only

You may have a right to require that we stop processing the personal information we hold about you (other than for storage purposes in certain circumstances). Please note, however, that if we stop processing the personal information, we may use it again if there are valid grounds under data protection laws for us to do so (for example, for the defence of legal claims or for another’s protection). Where we agree to stop processing the personal information, we will take steps to tell any third party to whom we have disclosed the relevant personal information so that they can stop processing it too.

Objection

You may have the right to object to our processing of your personal information. If you wish to do so, please contact us at DPO@aoemobile.com or using the contact details set out below, and we will consider your request.

Consent Withdrawal

To the extent provided by applicable laws and regulations, you may withdraw consent you previously provided to us for certain processing activities by contacting us at DPO@aoemobile.com. Where consent is required to process your personal information, if you do not consent to the processing or if you withdraw your consent we may not be able to deliver the expected service. Please note that the right to withdraw consent is only available if the legal basis for processing information is consent.

Announcements

We may from time to time send you announcements when we consider it necessary to do so (for example, when we temporarily suspend access to the Service for maintenance, or security, privacy or administrative-related communications). These are essential system and service-related announcements and you are not able to opt-out of these notifications, which are not promotional in nature.

Advertising

If you are living in the European Economic Area, we will only send marketing messages to you if we have your consent. You may choose to stop receiving marketing messages from us by using the unsubscribe option in the message or contacting us at DPO@aoemobile.com

8. Contact

You can reach us using our online form for submitting data privacy related request and question here .[LV3]

For any questions not covered by the form, please email: DPO@aoemobile.com

Mailing Address:

Tencent International Privacy & Data Protection Centre

30 Raffles Place #18-01

Singapore 048622

We will endeavour to deal with your request as soon as possible. This is without prejudice to any right you may have to launch a claim with a data protection authority in the region in which you live or work where you think we have infringed data protection laws.

9. Changes

If we make any changes to this Privacy Policy we will post the updated Privacy Policy here and notify you in accordance with relevant legal requirements.

10. Language

Except as otherwise prescribed by law, in the event of any discrepancy or inconsistency between the English version and local language version of this Privacy Policy, the English version shall prevail.
Our Representatives in Certain Jurisdictions

Jurisdiction	Representative	Address	Contact details
EU	Proxima Beta Europe B.V.	Buitenveldertselaan 1-5, 1082 VA, Amsterdam, the Netherlands	DPO@aoemobile.com
UK	Image Frame Investment (UK) Limited	Suite 1, 4th Floor 80 Strand, London, United Kingdom WC2R 0RL	DPO@aoemobile.com
Korea	Kite Bird Korea Yuhan Hoesa	25F, 55, Sejong-daero, Jung-gu, Seoul (Taepyeongro 2-ga), Korea	DPO@aoemobile.com
Serbia	Karanovic & Partners o.a.d. Beograd	Resavska 23, Belgrade, 11000, Serbia	local.representative@karanovicpartners.com
Thailand	Tencent (Thailand) Company Limited	8 T-One Building, Floor 10th, 11th & 12th (Unit 3-5), Soi Sukhumvit 40, Sukhumvit Road, Khwaeng Phra Khanong, Khet Khlong Toei, Bangkok 10110, Thailand	DPO@aoemobile.com
Türkiye	Özdağıstanli Ekici Avukatlık Ortaklığı.	Nidakule Ataşehir Kuzey Begonya Sok. No:3 Kat. 17 D: 162 34746 Ataşehir / İstanbul, Türkiye Özdağıstanli Ekici Avukatlık Ortaklığı is our data controller representative and its authority is limited to the authorities stipulated under the Law on Protection of Personal Data w. no 6698. Özdağıstanli Ekici Avukatlık Ortaklığı is not authorised for any other matters such as in-Service conduct, suspensions, investigations, civil or criminal complaints.	turkeydatarep_proximabeta@iptech-legal.com

SUPPLEMENTAL TERMS – JURISDICTION-SPECIFIC

Some jurisdictions’ laws contain additional terms for users of the Service, which are set out in this section. If you are a user located in one of the jurisdictions below, the terms set out below under the name of your jurisdiction apply to you in addition to the terms set out in our Privacy Policy above.

Algeria

By using the Service, you give your consent to the collection, storage, treatment and use of your personal information, and transfer of your personal information to third parties or our affiliates to help us deliver the Service, in each case location in the jurisdictions specified in Section 4 (How We Store and Share Your Personal Information).

Argentina

If you are dissatisfied with our response to your request for access to, correction, or erasure of your personal information or your privacy complaint in respect of your personal information, you may contact the Agency for Access to Public Information at: Av. Pte. Gral. Julio A. Roca 710, Piso 2°, Ciudad de Buenos Aires (Telephone: +5411 3988-3968 or email: datospersonales@aaip.gob.ar). While we take reasonable steps to ensure that third party recipients of your personal information comply with privacy laws that are similar to those of your jurisdiction, by providing your personal information and by using the Service, you consent to the transfer of your personal information to a jurisdiction where privacy laws may not offer the same level of protection as the laws that may apply in Argentina.

Australia

We take reasonable steps to ensure that third party recipients of your personal information located outside Australia handle your personal information in a manner that is consistent with Australian privacy laws. However, you acknowledge that we do not control, or accept liability for, the acts and omissions of these third party recipients. You have the right to access personal information we hold about you, how we use it, and who we share it with. You have the right to correct any of your personal information we hold that is inaccurate.

If you are under the age of 18, you must not use the Service.

Where practicable, we will give you the option of not identifying yourself or using a pseudonym when registering an account on or using the Service. You acknowledge that if you do not provide us with your personal information, we may be unable to provide you with access to certain features or sections of the Service, including social media integration and in-Service purchases.

If you are dissatisfied with our response to your request for access to, or correction of, your personal information or your privacy complaint in respect of your personal information, you may contact the Office of the Australian Information Commissioner (Telephone: +61 1300 363 992 or email: enquiries@oaic.gov.au).

Bangladesh

By acknowledging the Privacy Policy, you expressly state that you authorise us to collect, use, store, and process your personal data, including disclosing to third parties, to the extent provided by the Privacy Policy. You also consent to the cross-border transfer of your information to any country where we have databases or affiliates and, in particular, to the jurisdictions specified in Section 4 (How We Store and Share Your Personal Information).

Brazil

Whenever we use your personal information based on your consent, you may revoke the consent that you have previously given for the collection, use and disclosure of your personal information, subject to contractual or legal limitations. To revoke such consent, you may terminate your account or you can contact us as set out in Section 8 (Contact). This may affect our provision of the Service to you.

BY ACCEPTING THIS PRIVACY POLICY, YOU EXPRESSLY STATE THAT YOU AUTHORISE US TO COLLECT, USE, STORE, AND PROCESS YOUR PERSONAL INFORMATION, INCLUDING, DISCLOSING TO THIRD PARTIES, TO THE EXTENT PROVIDED BY THIS PRIVACY POLICY.

Canada

If you are located in Canada and wish to obtain written information about our policies and practices with respect to our service providers located outside Canada, you may contact us as specified in Section 8 (Contact). Where we use service providers who might have access to your personal information, we require them to have privacy and security standards that are comparable to ours. We use contracts and other measures with our service providers to maintain the confidentiality and security of your personal information and to prevent it from being used for any purpose other than as provided in this Privacy Policy.

Colombia

Your authorization to process personal information for the Service may be expressed (i) in writing, (ii) orally or (iii) through unequivocal conduct that allows us to reasonably conclude that your authorization has been granted, such as the act of accepting the Privacy Policy. We may keep evidence of said authorizations, while respecting the principles of confidentiality and privacy of information.

As a data subject you have certain rights, including (i) to access, update and rectify your personal data; (ii) to request a copy of the consent you have given us; (iii) to be informed about how we have processed your personal data; (iv) to file claims before your country’s data protection authority; (v) to revoke the consent you have given us to process your personal data, unless the processing is based on compelling legitimate grounds or is needed for legal reasons; (vi) to ask for the suppression of your personal data (right to erasure); and (vii) to freely access your information. You can contact us to exercise any of these rights, using the information specified in Section 8 (Contact).

Egypt

By clicking “accept” or by proceeding with the sign up process, you acknowledge that you have read, understood, and consented to this Privacy Policy. You are acknowledging your consent to the processing, storage, and cross-border transfer of your personal data. The cross border transfer may be to any country in which we have databases or affiliates, in particular to the jurisdictions specified in Section 4 (How We Store and Share Your Personal Information).

You also acknowledge your consent to receiving marketing messages from us, whether through e-mails or pop-ups or other such means.

If you are a new user, you have seven days to inform us of any objection you may have to this Privacy Policy.

As an Egyptian data subject, you have certain rights under the Egyptian Personal Data Protection Law.

France

Instructions for the processing of your personal data after your death. You have the right to provide us with general or specific instructions for the retention, deletion, and communication of your personal data after your death. The specific instructions are only valid for the processing activities mentioned therein and the processing of these instructions is subject to your specific consent. You may amend or revoke your instructions at any time.

You may designate a person responsible for the implementation of your instructions. This person will be informed of your instructions in the event of your death, and be entitled to request their implementation from us. In the absence of designation or, unless otherwise provided for, in the event of the death of the designated person, their heirs will have the right to be informed of your instructions and to request their implementation from us.

When you wish to make such instructions, please contact us as set out in Section 8 (Contact).

Hong Kong

As a Hong Kong data subject you have legal rights in relation to the personal information we hold about you (to the extent permitted under applicable laws and regulations). You are entitled to make a subject access request to receive a copy of the data we process about you, a data correction request as well as a right to reject to the use of your personal data for direct marketing purposes. A fee may be chargeable by us for complying with a data access request.

Indonesia

By accepting and consenting to this Privacy Policy, you agree that we may collect, use and share your personal information in accordance with this Privacy Policy, as revised from time to time. If you do not agree to this Privacy Policy, you must not access or use our services and we have the right to not provide you with access to our services.

In the event we fail to maintain the confidentiality of your personal information in the Website and the Service, we will notify you through the contact information provided by you or via the Website and the Service, to the extent required by local laws and regulations.

If you fail to explicitly express your objection to any amended version of this Privacy Policy within fourteen (14) days of the date the relevant amended version of this Privacy Policy is made available, you will be considered as having accepted the changes and agreed to the new Privacy Policy. However, you may stop using or accessing our Website and Service by unsubscribing or ceasing your use of the Website and Service at any time, if you cease to agree with the amended Privacy Policy.

You are responsible for making sure that any personal details which you provide to us are accurate and current. In order to confirm the accuracy of the information, we may also verify the information provided to us, at any time. You hereby represent that you have secured all necessary consent(s) before providing us with any other person’s personal information (for example, for referral promotions), in which case we will always assume that you have already obtained prior consent, and as such, you will be responsible for any claims whatsoever from any party arising as a result of the absence of such consent(s).

Japan

If you are under the age of 18, you must obtain your parent’s or legal guardian’s consent to register an account on and use the Service.

By clicking “accept”, you consent to the transfer of your personal information to third parties (if any), which may include the cross-border transfer of your information to any country where we have databases or affiliates and, in particular, to the jurisdictions specified in Section 4 (How We Store and Share Your Personal Information).

The categories of personal information specified in to the jurisdictions specified in Section 4 (How We Store and Share Your Personal Information) may include "special care-required personal information" (i.e., sensitive information as detailed under applicable law), and you consent to the collection of such information.

You may request us to notify you about the purposes of use of, to disclose, to make any correction to, to discontinue the use or provision of, and/or to delete any and all of your personal information which is stored by us, to the extent provided by the Act on the Protection of Personal Information of Japan. When you wish to make such requests, please contact us as set out in Section 8 (Contact).

Kazakhstan

If you are under the age of 18, you must obtain your parent’s or legal guardian’s consent to register an account on and use the Service.

By clicking “accept”, you consent to the collection, use, disclosure, transfer, export (to the extent permitted by applicable laws), sharing and storage of your personal information as described in this Privacy Policy. The transfer of your personal information to third parties, which may include the cross-border transfer of your information to any country where we have databases or affiliates and, in particular, to Singapore, the United States, Brazil, Mexico, and the People’s Republic of China.

In the event of any discrepancy or inconsistency between the English version and the Kazakh version of this Privacy Policy, the Kazakh version shall prevail.

Your Rights

Right of access: You have the right to request access to and obtain a copy of the personal information we have process about you or that is being processed on behalf of us. We reserve the right to impose a fee for providing access to your personal information in the amounts as permitted under law.

When handling a data access request, we are permitted to request for certain information to verify the identity of the requester to ensure that he/she is the person legally entitled to make the data access request.

Right to correction: You may request for the correction of your personal information or delete such personal information if it is impossible to correct it. When handling a data correction request, we are permitted to request for certain information to verify the identity of the requester to ensure that he/she is the person legally entitled to make the data correction request.
Right to blocking / de-blocking: You have the right to request the blocking of personal information related you, if you become aware of a violation regarding the collection and processing your data. If the violation has not been proved, you may request to de-block your data.
Right to deletion: You have the right to request deletion of your personal data if the collection and processing of your data has been conducted in violation of Kazakh laws.
Processing of your personal information in public sources of personal data: You may request to limit or provide your consent on the processing of your personal information in public sources of personal data.

Kingdom of Saudi Arabia

You consent to the collection, use, disclosure, transfer, export (to the extent permitted by applicable laws) and storage of your personal information as described in this Privacy Policy, including (without limitation) for the purposes of showing you personalised advertising when you use the services.

Kuwait

By accepting this Privacy Policy, you expressly state that you authorise us to collect, use, store, and process your personal data and to disclose this data to third parties whether inside or outside of Kuwait, in line with the provisions of this Privacy Policy.

Macau

You have the right not to provide your personal information. However, as a result, we may not be able to provide the Service to you. As a Macau data subject you have legal rights in relation to your personal information (to the extent permitted under applicable laws and regulations). You are entitled to make a subject access request to request a copy of the data we process about you, to make a data correction request, and have the right to oppose the use of your personal information for marketing or any other form of commercial prospecting, or on any grounds of personal nature. A fee may be chargeable by us for complying with a data access request.

Malaysia

Right of access: You have the right to request access to and obtain a copy of your personal information that we have collected and is being processed by or on behalf of us. We reserve the right to impose a fee for providing access to your personal information in the amounts as permitted under law. When handling a data access request, we are permitted to request for certain information to verify the identity of the requester to ensure that he/she is the person legally entitled to make the data access request.

Right of correction: You may request for the correction of your personal information. When handling a data correction request, we are permitted to request for certain information to verify the identity of the requester to ensure that he/she is the person legally entitled to make the data correction request.

Right to limit processing of your personal information: You may request to limit the processing of your personal information by using the contact details provided above. However, this may affect our provision of the Website and the Service to you.

To protect your personal information and handle complaints relating to your personal information, we have appointed the following department responsible for managing and protecting your personal information.

Our data protection officer, responsible for the management and safety of your personal information
- Telephone: +603-22872388
- Email: DPO@aoemobile.com

Mexico

Some of the purposes of processing specified in Section 3 (How We Process Your Personal Information) are voluntary, such as the use of surveys.

In general, we do not require your consent to carry out the transfers detailed in Section 4 (How We Store and Share Your Personal Information). In any case, by using the Service and providing us with your personal data, you agree to the data transfers detailed therein that require your consent.

To understand more about and exercise your rights to “Access”, “Correction”, “Erasure”, “Objection”, “Restriction of Processing to Storage Only”, which includes the limitation to the use and disclosure of your personal data, and “Advertising”, as well as the applicable means, procedures and requirements to exercise any of your rights, please contact us as specified in Section 8 (Contact).

Morocco

We collect information for purposes strictly necessary for the proper use of the Service. By accepting this Privacy Policy, you explicitly accept that your personal data may be subject to processing by the Service.

Kindly note:

the identity of the Data Controller is set out at the beginning of this Privacy Policy
the purposes of processing personal data are set out in Section 3 (How We Process Your Personal Information)
recipients or categories of recipients are set out in Section 4 (How We Store and Share Your Personal Information)
whether the answer to the questions is compulsory or optional, as well as the possible consequences of a lack of answer: please refer to Section 3 (How We Process Your Personal Information) and Section 7 (Your Rights).

New Zealand

We take reasonable steps to ensure that third party recipients of your personal information located outside New Zealand handle your personal information in a manner that is consistent with New Zealand privacy laws. However, you acknowledge that we do not control, or accept liability for, the acts and omissions of these third party recipients.

You have the right to access personal information we hold about you, how we use it, and who we share it with. You have the right to request the correction of any of your personal information we hold that is inaccurate.

If you are dissatisfied with our response to your request for access to, or correction of, your personal information or your privacy complaint in respect of your personal information, you may contact the Office of the New Zealand Privacy Commissioner (www.privacy.org.nz).

While we take reasonable steps to ensure that third party recipients of your personal information comply with privacy laws that are similar to those of your jurisdiction, you acknowledge and agree that we cannot control the actions of third party recipients and so cannot guarantee that they will comply with those privacy laws.

Peru

You may exercise rights related to the protection of personal information by requesting access to your personal information or the correction, deletion or suspension of processing of your personal information, pursuant to the Personal Data Protection Law (the “Law”). You may also exercise these rights through your legal guardian or someone who has been authorised by you to exercise the right. However, in this case, you must submit a power of attorney to us in accordance with the Law.

You can also withdraw your consent or demand a suspension of the personal information processing at any time.

If you consider that your request has not been met you may file a claim with the Peruvian National Authority of Personal Data Protection.

Data Protection Team, responsible for the management and safety of your personal information
Contact: as set out in Section 8 (Contact)

Philippines

You are entitled to the following rights:

Right to be informed. You may in certain circumstances have the right to be informed whether personal data pertaining to you is being, or has been processed, including the existence of automated decision-making and profiling.
Right to object. You may in certain circumstances have the right to object to the processing of your personal information, including processing for direct marketing, automated processing or profiling.
Right to access. You may in certain circumstances have the right to seek reasonable access to, upon request, your personal information.
Right to rectification. You may in certain circumstances have the right to dispute an inaccuracy or error in your personal information and have us correct it, unless the request is vexatious or otherwise unreasonable.
Right to erasure or blocking. You may in certain circumstances have the right to suspend, withdraw or seek the blocking, removal or destruction of your personal information.

By consenting to this Privacy Policy, you consent to us:

collecting and processing your personal information as described in Section 3 (How We Process Your Personal Information);
sharing your personal information with third parties, companies within our corporate group, and a third party that acquires substantially all or substantially all of us or our business, as described in this Privacy Policy and for the purposes stated herein; and
transferring or storing your personal information in destinations outside the Philippines as described in Section 4 (How We Store and Share Your Personal Information)

Qatar

If you are using the Service in Qatar, you consent (for the purposes of Law No. 13 of 2016 on the Protection of Personal Data, as may amended from time to time) to the processing of your information in accordance with this Privacy Policy.

Republic of Korea

We provide your personal information to third parties as described below:

Name of Recipient (and contact information)	Types of Personal Information provided	Purpose of Use by Recipient	Period of Retention and Use by Recipient
Google Analytics (Firebase) (https://firebase.google.com/support/privacy)	Data analytics/profiling information (collected via Firebase)	App performance analytics	For the data retention period specified under “How We Store and Share Your Personal Information”
Facebook Analytics (https://www.facebook.com/help/ contact/507739850846588)	Data analytics/profiling information (collected via Facebook)	User acquisition purposes and to monitor the effectiveness of advertisements
AppsFlyer Limited (https://www.appsflyer.com/legal/privacy-policy/)	Data analytics/profiling information (collected via AppsFlyer)	Ad attribution

For the performance of the services detailed in this Privacy Policy, we delegate the processing of your personal information to the following professional service providers:

Delegatee	Description of Delegated Services
Midas; Google Play; Apple Store	Processes payment and transaction information
Tencent Cloud (cloudlegalnotices@tencent.com)	Processes and stores personal information on behalf of the data controller
Chinasoft International Technology Services Co., Ltd.	Providing support to the Service (including assisting users with problems encountered in the Service, assisting with data analytics/ profiling purposes, pushing in-app notifications, customer service, supporting Supercore players and providing services to them, and providing customer service)

Overseas Transfer of Personal Information

We transfer personal information to third parties overseas as follows:

Recipient (Contact Information of Information Manager)	Country to which Your Personal Information is to be Transferred	Date and Method of Transfer	Types of Your Personal Information to be Transferred	Purposes of Use by Recipients	Period of Retention of Use by Recipient
Tencent Cloud LLC (cloudlegalnotices@tencent.com)	Singapore	Transmitted through from time to time	Customer Support Information	Processing and storage of personal information on behalf of the data controller	For the data retention period specified under “How We Store and Share Your Personal Information”
Google Analytics (Firebase) (https://firebase.google.com/support/privacy)	United States unless otherwise described in the service provider’s privacy policy	Transmitted through from time to time	Data analytics/profiling information (collected via Firebase)	App performance analytics	For the data retention period specified under “How We Store and Share Your Personal Information”
Facebook Analytics (https://www.facebook.com/help/ contact/507739850846588)	United States unless otherwise described in the service provider’s privacy policy	Transmitted through from time to time	Data analytics/profiling information (collected via Facebook)	User acquisition purposes and to monitor the effectiveness of advertisements	For the data retention period specified under “How We Store and Share Your Personal Information”
AppsFlyer Limited (https://www.appsflyer.com/legal/privacy-policy/)	Dublin, Ireland hosted by AWS and in St. Ghislain, Belgium hosted by Google Cloud	Transmitted through from time to time	Data analytics/profiling information (collected via AppsFlyer)	Add attribution	For the data retention period specified under “How We Store and Share Your Personal Information”
Midas	Singapore and United States	Transmitted through from time to time	Transaction Information	Payment	For the data retention period specified under “How We Store and Share Your Personal Information”
Google Play (https://policies.google.com/privacy?hl=en#intro)	In accordance with Google’s privacy policy	Transmitted through from time to time	Transaction Information	Payment	For the data retention period specified under “How We Store and Share Your Personal Information”
Apple Store (https://www.apple.com/legal/privacy/en-ww/)	In accordance with Apple’s privacy policy	Transmitted through from time to time	Transaction Information	Payment	For the data retention period specified under “How We Store and Share Your Personal Information”
Chinasoft International Technology Services Co., Ltd.	PRC	Transmitted through from time to time	Supercore Player Outreach Information, Supercore Player Qualification Information, Customer Service Data, In-app Push Notification Information, Supercore Player Analytics Data	Providing support to the Service (including assisting users with problems encountered in the Service, assisting with data analytics/ profiling purposes, pushing in-app notifications, customer service, supporting Supercore players and providing services to them, and providing customer service)	For the data retention period specified under “How We Store and Share Your Personal Information”

Data Destruction

Personal information is retained in accordance with the data retention periods as detailed in section “Data Retention”. With the exception of the personal information set out below, personal information, which has fulfilled the purpose for which it was collected or used, and has reached the period of time during which personal information was to be possessed, will be destroyed in an irreversible way. Personal information stored in electronic files will be deleted safely in an irreversible way by using technical methods, and printed information will be destroyed by shredding or incinerating such information.

The personal information detailed in section “Data Retention” are required to be retained pursuant to the following laws:

Act on the Consumer Protection in Electronic Commerce, Etc.

Article 6 of the Act on the Consumer Protection in Electronic Commerce

In an electronic commerce or a mail-order sale:

Records regarding labelling and advertising (6 months)
Records regarding execution or withdrawal of a contract (5 years)
Records regarding the payment of a price and the supply of goods and services (5 years)
Records regarding customer services or dispute resolution (3 years)

Protection of Communications Secrets Act

Article 41 of the Decree of the Act, Article 15-2 of the Protection of Communications Secrets Act

Log records, IP address (3 months)
The date of telecommunications by users, the time that the telecommunications start and end, the frequency of use (12 months)

You may exercise rights related to the protection of personal information by requesting access to your personal information or the correction, deletion or suspension of processing of your personal information, etc. pursuant to applicable laws such as the Personal Information Protection Act (“PIPA”). You may also exercise these rights through your legal guardian or someone who has been authorized by you to exercise the right. However, in this case, you must submit a power of attorney to us in accordance with the Enforcement Regulations of the PIPA. You can also withdraw your consent or demand a suspension of the personal information processing at any time.

Additional Use and Provision of Personal Information

In accordance with the PIPA, we may use or provide personal information within the scope of reasonably related to the initial purpose of the collection, in consideration of whether disadvantages have been caused to data subjects and whether necessary measures have been taken to secure such as encryption, etc. We will determine with due care whether to use or provide personal information in consideration of general circumstances including relevant laws and regulations such as the PIPA, purpose of use or provision of personal information, how personal information will be used or provided, items of personal information to be used or provided, matters to which data subjects provided consent or which were notified/disclosed to data subjects, impact on data subjects upon the use or provision, and measures taken to protect subject information. Specific considerations are as follows:

whether the additional use/provision is related to the initial purpose of the collection;
whether the additional use/provision is foreseeable in light of the circumstances under which personal information was collected and practices regarding processing;
whether the additional use/provision unfairly infringe on the interests of the data subject; and
whether the necessary security measures such as pseudonymization or encryption were taken.

Domestic Privacy Representative

Pursuant to the Article 32-5 of Network Act and Article 39-11 of the amended PIPA, the information regarding the domestic agent is as follows:

Name: Tencent Korea Yuhan Hoesa
Address: 152 Taeheran-ro, Gangnam-gu (Gangnam Finance Center, Yeoksam-dong), Seoul, Korea
Telephone: +82-2-2185-0926
Email: specified in Section 8 (Contact)

Contact

Data Protection Department, responsible for the management and safety of your personal information
Telephone: +82-2-2185-0926
Email: specified in Section 8 (Contact)

Serbia

Our designated local representative in Serbia is Karanovic & Partners for the purposes of compliance with the Law on Personal Data Protection, and can be contacted at local.representative@karanovicpartners.com. Please include the word “Serbia” in the subject line of your email.

Name: Karanovic & Partners o.a.d. Beograd
Address: Resavska 23, Belgrade, 11000, Serbia
Telephone Number: +381 11 3094 200

E-mail: local.representative@karanovicpartners.com

Singapore

By clicking “accept”, you consent to the cross-border transfer of your information to any country where we have databases or affiliates and, in particular, the locations specified in Section 4 (How We Store and Share Your Personal Information).

You have the right to access your personal information, how we use it, and who we share it with. You have the right to correct any of your personal information that is inaccurate.

Our designated data protection officer for the purposes of compliance with the Personal Data Protection Act 2012 can be contacted as set out in Section 8 (Contact).

South Africa

You have the right to lodge a complaint with the Information Regulator (South Africa) by emailing it at inforeg@justice.gov.za. The Information Regulator (South Africa)’s physical address is 33 Hoofd Street Forum III, 3rd Floor Braampark, Braamfontein, Johannesburg, South Africa.

Sri Lanka

By clicking “accept”, you consent to the Privacy Policy and permit the collection, use and disclosure of your personal information. However, if you are under the age of 18, you undertake that you have the consent of your parent or legal guardian to register an account on and use the Service.

Personalised Marketing

By clicking “accept”, you hereby consent to being shown personalised advertisements. You may choose to stop receiving personalised advertising from us by following the opt out instructions included in the Settings section of the Service or by contacting us at Section 8 (Contact).

Thailand

By clicking "accept", you acknowledge that you have read, understood, and agree to the Privacy Policy. If you do not agree with the Privacy Policy, you must not use the Service.

If you are under the age of 20, you undertake that you have obtained your parent or legal guardian’s consent to register an account on and use the Service.

To the extent provided for by the Thai Personal Data Protection Act (PDPA), you may:

withdraw your consent to the processing of your personal data (only where the legal basis for our processing is consent); however, please note that where consent is required to process your personal data, we may not be able to deliver the expected service without it;
request us to provide you access to, make any correction to, cease any automated processing or profiling (if applicable), discontinue, restrict the use or provision of and/or erase your personal data;
request us to provide you or a third party with your personal data which is stored by us in a machine readable format; and/or
lodge a complaint to a relevant authority.

Where you wish to make such requests, please contact us as set out in Section 8 (Contact).

The contact details of our designated local representative in Thailand for the purposes of compliance with the PDPA is as set out in Section 8 (Contact) and can be contacted via email. Please include the word “Thailand” in the subject line of your email.

Türkiye

You have legal rights, which are set forth in Article 11 of the DPL, in relation to the personal information data we hold about you. As a Turkish data subject, you may have the right to apply to the data controller and (to the extent permitted under applicable laws and regulations):

learn whether or not your personal data has been processed;
request information about processing if your personal data has been processed;
learn the purpose of processing of your personal data and whether they have been used accordingly;
know the third parties in the country or abroad to whom personal data has been transferred;
request rectification in the event personal data is incomplete or inaccurate and to demand the operations in this regard be reported to third parties your personal data has been transferred to;
request deletion or destruction of personal data within the framework of the conditions set forth under Article 7 of the DPL and to demand the operations in this regard be reported to third parties your personal data has been transferred to;
object the occurrence of any consequence that is to your detriment by means of analysis of personal data solely through automated systems; and
demand compensation for the damages that you have suffered as a result of unlawful processing of your personal data.

In accordance with Article 9 of the DPL, your personal data may be transferred abroad as follows:

Identity of the overseas recipient	Location of the recipient (or as otherwise stated in the recipient’s privacy policy)	Purposes of use of Personal Information by the recipient	Items of Personal Information to be provided
Tencent Cloud	Singapore	Processing and storage of personal information on behalf of the data controller	Customer Support Information
Google Analytics (Firebase)	United States unless otherwise described in the service provider’s privacy policy	App performance analytics	Data analytics/profiling information (collected via Firebase)
Facebook Analytics	United States unless otherwise described in the service provider’s privacy policy	User acquisition purposes and to monitor the effectiveness of advertisements	Data analytics/profiling information (collected via Facebook)
AppsFlyer Limited	Dublin, Ireland hosted by AWS and in St. Ghislain, Belgium hosted by Google Cloud	Ad attribution	Data analytics/profiling information (collected via AppsFlyer)
Midas	Singapore and United States	Payment	Transaction Information
Google Play	In accordance with Google’s privacy policy	Payment	Transaction Information
Apple Store	In accordance with Apple’s privacy policy	Payment	Transaction Information
Chinasoft International Technology Services Co., Ltd.	PRC	Providing support to the Service (including assisting users with problems encountered in the Service, assisting with data analytics/ profiling purposes, pushing in-app notifications, customer service, supporting Supercore players and providing services to them, and providing customer service)	Supercore Player Outreach Information, Supercore Player Qualification Information, Customer Service Data, In-app Push Notification Information, Supercore Player Analytics Data

[IPDP4]

Ukraine

By accepting this Privacy Policy, you expressly authorize us to collect, use, store, and process your personal data, including disclosing to third parties and transferring to countries or regions other than Ukraine, to the extent and for the purposes provided in this Privacy Policy.

United Arab Emirates

You consent to the collection, use, disclosure, transfer, export (to the extent permitted by applicable laws), sharing and storage of your personal information, as described in the Privacy Policy, including (without limitation) for the purposes of showing you personalised advertising when you use the Service.

We may voluntarily report a cyber-security incident where it constitutes a crime under UAE law (e.g. under the UAE Cybercrime Law). The incident can be reported to the relevant authorities for the purpose of investigations. Please note that voluntary reporting of a cyber-security incident can also be made to the UAE Computer Emergency Response Team (“CERT”). CERT is a security awareness organisation that provides a process for logging incidents and advising on known cyber security threats in the UAE.

United States

For purposes of this section, “personal information” and “sensitive personal information” have the meanings given in the California Consumer Privacy Act of 2018 (as amended by the California Privacy Rights Act of 2020) (“CCPA”), and respectively include the terms “personal data” and “sensitive data” as defined in the Colorado Privacy Act (“CPA”), the Connecticut Act Concerning Personal Data Privacy and Online Monitoring (“CTDPA”), the Utah Consumer Privacy Act (“UCPA”) and the Virginia Consumer Data Protection Act (“VCDPA”), (collectively, “US State Laws”). The terms do not include information excluded from the scope of US State Laws.

Collection and Disclosure of Personal Information

Over the past 12 months, we have collected and disclosed for a business purpose the following categories of personal information, including sensitive personal information (denoted by *), from or about you or your device:

Identifiers, such as your name as it appears on your social media profile, Open ID / user ID, IP address, device ID, device token, phone number, mailing address, email address, and nickname. This information is collected directly from you and your device and from social media platforms if you choose to sign up using a social media account.
Personal information categories listed in the California Customer Records statute, including information covered by other categories such as your address and phone number. This information is collected directly from you.
Characteristics of protected classifications under California or federal law such as gender or age. This information is collected directly from you in the context of being our consumer or, if you choose to set up your profile using a social media account, your gender may be provided by your social media account provider.
Internet or other electronic network activity information, such as your information regarding your use of the Service, such as level, score, date and time stamps of actions, log-in and clickstream data and other Device Information as described in the main Privacy Policy. This information is collected directly from you and your device.
Commercial information about any transactions within the Service such as what products were purchased and how much they cost. This information is collected directly from you and your device and the Google Play or Apple iOS store.
Geolocation information such as your region location when you set up your profile and choose to provide this information for the Service. This information is collected directly from you.
Audio and visual information such as your social media profile picture. This information is collected directly from you and from social media platforms if you choose to sign up using a social media account.
Professional or employment-related information such as your profession if you choose to provide it in a survey. This information is collected directly from you.
Account log-in information, including the username and password used to access your Service account.*
Contents of your chat messages sent on Service*. This information is collected from your device, is only stored on your device, and is not retained by our servers.

We collect and disclose your personal information, including sensitive personal information, for the following purposes:

To provide you with the Service, maintain your account, provide customer service, process payments, and deliver text messages.
To process surveys and administer sweepstakes.
To provide you with Events.
To improve our services, including the functionality of the Service.
To provide you with Supercore Players-related services, such as customer service and marketing and promotional materials, and to carry out analytics.
For statistical analysis and app performance analytics.
For security and verification purposes, including to prevent and detect fraudulent activity.
To address and remediate technical issues and bugs.

For additional information about what each type of personal information is used for, see Section 3 (How We Process Your Personal Information).

We disclose each of the categories of personal information that we collect as described in Section 4 (How We Store and Share Your Personal Information).

In the past 12 months, we have not sold or shared personal information of California residents within the meaning of “sold” and “share” in the CCPA. And we have no knowledge of any sale or sharing of personal information of users under 16 years of age.

In addition, we do not use or disclose sensitive personal information for purposes other than to perform the services reasonably expected by an average consumer who requests those services or as otherwise permitted by US State Laws.

Retention of Your Personal Information

The retention period varies among the different categories of data collected. For detailed information about the retention period for any specific category of data, see this chart in the main portion of the Privacy Policy.

Rights under US State Laws:

Depending on where you live, you may have some or all of the rights listed below in relation to information that we have collected about you. However, these rights are not absolute, and in certain cases, we may decline your request as permitted by law.

Right to Access/Know. Request we confirm whether we process information about you and give you access to that information. You may also request to receive that information in a portable and, to the extent technically feasible, readily usable format that allows you to transmit the information to another business without impediment. If you are a California resident, you may request the following information about our collection, use and disclosure of your information:
- the categories of personal information about you that we collected;
- the categories of sources from which the personal information was collected;
- the business or commercial purposes for collecting personal information about you;
- the categories of third parties to whom we disclosed personal information about you and the categories of personal information that was disclosed (if applicable) and the purpose for disclosing the personal information about you; and
- the specific pieces of personal information we collected about you;
Request to Delete. Request we delete personal information we collected about you;
Request to Correct. Request we correct inaccurate personal information that we maintain about you;
Right to Opt out of Targeted Advertising or Profiling. Request to opt-out of the processing of your information for the purposes of targeted advertising or the profiling of your information in furtherance of decisions that produce legal or similarly significant effects; and
Right to Non-Discrimination. Be free from unlawful discrimination for exercising your rights including providing a different level or quality of services or denying goods or services to you when you exercise your rights under the US State Laws.

How to Exercise Your Rights

First, you may wish to log into your account and manage your data from there. Depending on where you live, you may also exercise your rights, if any, regarding other data by contacting us as specified in Section 8 (Contact). We may take steps to verify your identity before complying with your request to protect your privacy and security, and may decline your request if we are unable to verify your identity. To verify your identity, we may need the following information from you: your first name, last name, address, phone number, date of birth and email address.

Depending on where you live, you may exercise these rights yourself or you may also designate an authorized agent to make these requests on your behalf. In order for us to process the request, you must provide the authorized agent with signed written permission. We reserve the request to require the agent to verify their own identity and to confirm directly with you that you have provided the authorized agent permission to submit the request.

In addition, where applicable, we will provide you with more information about our appeal process. When you submit a request or launch an appeal, we will limit our collection of your information to only what is necessary to securely fulfil your request or process your appeal. We will not require you or your authorized agent to pay a fee for the verification of your request or appeal.

Questions

If you have questions or concerns regarding this Privacy Policy, please contact us as set out in Section 8 (Contact).

What information do we need to be able to provide the Service?	We will generate an Open ID, which is an internal ID for your account, and will process certain device and network information (such as your IP address) to allow you to use the Service as a guest user. If you choose to set up your profile using a social media account (Facebook, Google, Apple or XBox), we collect information provided by your social media account service provider to automatically generate your profile, including social media account ID and profile picture. To maintain the smooth operation of the Service (which includes activities such from addressing bugs or malicious activity through to improving functionality), we will process customary device and network information (such as IP address, device specifications, as well as app- and OS-generated identifiers). To provide you with Events, we process various information, such as identifying information, device and network information, financial information, gameplay and interaction data, media and additional data, and survey information. If you need to get in touch with us, we will retain some information (such as your email and any screenshots you send us) so that we can review and respond to your concerns.	More Information.
How will we use your information?	We use your information to enable you to use the Service, localise the Service experience, enable interaction between users of the Service, save your progress, ensure the safe and secure operation of the Service, address bugs, optimise and improve the Service, resolve user queries, and to comply with our legal obligations and enforce our legal rights.	More Information.
Who do we share your information with?	We use third parties and work with our affiliates to help us deliver the best possible experience (such as to back up your progress and to carry out surveys). All third party service providers providing services for us are prohibited from retaining, using, or disclosing your personal information for any purpose except where strictly necessary for the Service (i.e., to fulfil the purpose(s) described above). In some cases we may be required by a court or be under a legal obligation (such as a valid search warrant or subpoena) to disclose certain information.	More Information.
Where do we process your information?	Pursuant to our contract with you, we may transfer data outside of the location in which you are based for the purposes described in this Privacy Policy. We have servers for the Service in the United States and Singapore. The servers applicable to your use of the Service will depend upon your location. We also have support, engineering and other teams who may support the Service globally, such as from Brazil, Mexico, Singapore and the People’s Republic of China. For EEA/UK users, transfers between our affiliates and to third parties use applicable safeguards, such as incorporating standard contractual clauses, obtaining your consent first or taking into account adequacy assessments.	More Information.
How long do we keep your information?	Unless otherwise required or permissible by applicable laws, we retain your information for the period during which you maintain an account for or we operate the Service, or for so long as the information is needed to fulfil the purpose for which it was collected (as further described in this Privacy Policy). We then delete or anonymise such data, in accordance with applicable laws.	More Information.
How can I exercise my rights over my information?	Certain jurisdictions offer users specific rights with respect to their information, so you may have a right to access or receive a copy of your data, or to delete your data or restrict or object to our processing of your data.	More Information.
How will we notify you of changes?	Changes to this Privacy Policy will be posted here. We will also notify you of changes in accordance with relevant legal requirements.	More Information.