Last modified on: 20.12.2021

8k Games Limited (‘we’, ‘Company’, ‘us’) is the owner of the Services and is committed to being fully transparent while operating them, as regards our privacy practices.

The Services include the website http://8k-games.com/ and all the related pages (‘Website’), along with the applications belonging to the Company and placed on the Google Play and/or App Store (‘Apps’), including ‘Nile Valley’ “Fishing Rival”, hereinafter collectively referred to as the ‘Services’.

We developed this Privacy Policy to inform you (‘you’ or ‘user’) how your personal data may be processed. We tried to write this Privacy Policy in clear and plain language for your better understanding of the complicated legal stuff. By doing so we hope you will get all needed details to be assured your personal data is safe with us.

The Privacy Policy defines:

• what personal data we process;
• what are the purposes of such processing;
• what rights the user has concerning such data;
• whether the data is transferred to third parties;
• what measures we take to protect personal data;
• as well as other details of personal data processing.

This Privacy Policy is the integral part of our Terms. Please make sure you read them carefully.

If you have any questions about the Privacy Policy, the processing of your personal data by the Company, or the exercise of your rights as a personal data subject, send us a request to support@8k-games.com.

Personal data (or data) is any information relating to you, and that alone or in combination with other pieces of information allows the person who collects and processes such information to identify you as an individual. In general, these could be your name, email-address, location data etc. Personal data could also include such technical information as a Media Access Control address (MAC-addresses), International Mobile Equipment Identity (IMEI), Unique Device Identifier (UDID), the Identity for Advertisers (IDFA), Internet Protocol address (IP-address, both static and dynamic), browser, and system information.

As to the residents of California, the personal data shall mean the information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.

Personal data processing means any action with it, for example, collection, recording, organizing, structuring, storage, use, disclosure by any means, and so on.

As to the residents of California, “Sell,” “selling,” “sale,” or “sold,” means selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a consumer’s personal information by the business to another business or a third party for monetary or other valuable consideration.

Sensitive personal data is a specific set of “special categories” that must be treated with extra security. Depending on the applicable law, this could include information pertaining to:

• Racial or ethnic origin;
• Political opinions;
• Membership of a political association
• Religious or philosophical beliefs;
• Professional or trade union membership;
• Genetic data;
• Sexual orientation;
• Criminal records;
• Genetic information (that is not otherwise health information);
• Health information;
• Biometric templates;
• Biometric data (where processed to uniquely identify someone), etc.

If you are a resident of India, the sensitive information also includes passwords and any financial information such as bank account or credit card or debit card or other payment instrument details.

Other terms used in this Privacy Policy have the same meaning as in our Terms and the Regulation (EU) 2016/679 known as General Data Protection Regulation, or GDPR.

The Company is the controller of the personal data collected within the Services.

When you send any request or message to the Company’s email address placed on the Website, we collect and process the data you voluntarily provide to us (e. g. your name, surname, email address, etc.). You can also specify other personal data in the request. We ask you not to provide us with excessive personal data, including the personal data of any third parties or sensitive data.

When you subscribe to our newsletters, we collect and further process your email address and your username. In no case, we will overwhelm you with lots of letters. You can choose to stop receiving our emails at any time. If you want to cease this type of communication, tap on “Unsubscribe” link which is present in each of our emails.

The cookies are tiny pieces of code that may remain in your device after you have visited some website. Cookies and similar web technologies help us to automatically receive the information from your device and send the information back to improve your interaction with the Services and ensure its effective functioning.

If you consent to the respective use of cookies, we may also collect information about your activity on the Services to run the analytics and provide you with more relevant advertisements.

Please refer to our Cookies Policy to find more details.

It is not necessary to create the account to access the App. In any case you will be given a guest account that does not require entering any of your personal data.

Despite this, you can authorize in the App using your Google Play Games or Gamekit account. Besides, you are able to sync your user experience within the App with your third-party account on Google, Apple, or Facebook. When you sign up through the listed services, you give us consent to extract from such an account your first and last name and your email address.

Keep in mind that these data are not necessarily required. Without such information, you will still be able to use our Services, as a guest.

When you send any request or message to the Company via the App, we collect and process the data you voluntarily provide to us (your name, surname, email address, etc.). You can also specify other personal data in the request. We ask you not to provide us with the excessive personal data, including the personal data of any third parties or sensitive data.

When you subscribe to our newsletters, we collect and further process your email address and your username. In no case, we will overwhelm you with lots of letters. You can choose to stop receiving our emails at any time. If you want to cease this type of communication, tap on “Unsubscribe” link which is present in each of our emails.

Automated data collection means help us to automatically receive the information from your device and send the information back to improve your interaction with the Services and ensure its effective functioning. The personal data collected through the automated collection could include: IP address and unique device identifiers and device attributes, like operating system and browser type.

Please refer to our Cookies Policy to find more details.

Please pay attention that we do not collect your payment credentials (bank credentials, cards numbers and dates of issuance etc.). Such information may be collected exclusively by third-party payment providers with the respective licenses and security measures with regard to your payment credentials, as it is prescribed in our Terms. We receive only Transaction ID and Recipes from the third-party providers just to make sure that the transaction relates to you.

 

It is not necessary to create the account to access the App. In any case you will be given a guest account that does not require entering any of your personal data.

Despite this, you can authorize in the App using your Google Play Games or Gamekit account. Besides, you are able to sync your user experience within the App with your third-party account on Google, Apple, or Facebook. When you sign up through the listed services, you give us consent to extract from such an account your first and last name and your email address.

Keep in mind that these data are not necessarily required. Without such information, you will still be able to use our Services, as a guest.

When you send any request or message to the Company via the App, we collect and process the data you voluntarily provide to us (your name, surname, email address, etc.). You can also specify other personal data in the request. We ask you not to provide us with the excessive personal data, including the personal data of any third parties or sensitive data.

When you subscribe to our newsletters, we collect and further process your email address and your username. In no case, we will overwhelm you with lots of letters. You can choose to stop receiving our emails at any time. If you want to cease this type of communication, tap on “Unsubscribe” link which is present in each of our emails.

Automated data collection means help us to automatically receive the information from your device and send the information back to improve your interaction with the Services and ensure its effective functioning. The personal data collected through the automated collection could include: IP address and unique device identifiers and device attributes, like operating system and browser type.

Please refer to our Cookies Policy to find more details.

Please pay attention that we do not collect your payment credentials (bank credentials, cards numbers and dates of issuance etc.). Such information may be collected exclusively by third-party payment providers with the respective licenses and security measures with regard to your payment credentials, as it is prescribed in our Terms. We receive only Transaction ID and Recipes from the third-party providers just to make sure that the transaction relates to you.

 

Performance of the contract. Our Services include using of the Website and the Apps, their maintenance, as well as the user support and information services. We collect and process most of the personal data described in the Section above to fulfil our contractual obligations under our Terms, that is for the performance of the contract. Namely, the performance of the contract is the lawful basis for the processing of the account data in the Apps where creating account is obligatory, and data related to your requests.

Your consent. The account data for the Apps that do not require you to create an account is collected on the basis of the consent you provide to us when authorising with a third-party account. We also process your email you provide to us for the subscription based on your consent in case you specifically provide us with an email address through the relevant form. Data collected through the automatic collection is also collected on the basis of your consent, unless it is strictly necessary for the mere functioning of the Services.

Legitimate interest. We collect and process your account data to send you our newsletters on the basis of our legitimate interest. In such case the legitimate interest shall be our business development through sending marketing and promotional emails to keep you informed of all changes, innovations, and improvements we make within the Apps. Such information would be only about similar products or services, and on the emails you provided in the context of the sale of our Services. In addition, the legitimate interest is the legal basis for the processing when we store your personal data after your deletion of the App. In such case the legitimate interest consists in avoiding risks of the loss of the data within our systems.

In no case we will overwhelm you with lots of letters. You can always choose to stop receiving our emails. If you want to cease this type of communication, simply use the “Unsubscribe” button which is present in each of our emails.

Legal obligation. When we ask you for the date of birth, we do that to make sure that you are not underage to use the Services, as required by law.

We collect and process the personal data described in the section above in order to provide you with all the necessary services within our Services.

In particular, we collect and process different types of data for the following purposes:

• account data within the Apps that require to create an account – in order to create and technically maintain your account, identify the user and verify the identity of your person, give you the opportunity to use the Services, communicate with you at your request, send you our newsletters and other communication

• account data within the Apps that do not require to create an account – in order to give you the ability to synchronize your in-game achievements among different devices of yours, to preserve you from losing the in-game process in case of deletion of the App;

• data related to your requests – to communicate with you at your request, to provide a comprehensive answer to your inquiries, and to make sure that you are satisfied with our Services;

• data provided by you for newsletters subscription – to keep you informed of all changes, innovations, and improvements we make within the Apps;

• data collected through the automated collection – as indicated in our Cookies Policy.

Additionally, we may process your data:

• for the compliance with our legal obligations;
• to protect your vital interests or vital interests of another natural person;
• for the performance of a task carried out in the public interest or in the exercise of official authority vested in us;
• for the purposes of the legitimate interests pursued by us or by a third party (e.g. to prevent or investigate possible wrongdoing in connection with the Services or to protect ourselves, our subcontractors, partners and affiliates against legal liability).

If we decide to change the purposes of processing specified above, we will inform you on such changes prior to the use of your personal data within the newly set purposes. Where applicable, you will have to provide your consent for the amended purposes (unless additional purpose of processing is compatible with those listed above).

Please note that we do not sell your data or make any decision based solely on automated processing that may produce legal effects or similar significant effects.

Generally, we will not store any data you provide for longer than the specific Services require. To be more precise, we store your data for such periods of time:

• your account data – as long as you keep your account active, but at any case not more than 2 years after any of your activity in the account stops;

• your data provided for subscription to newsletters – as long you are subscribed to newsletters, until you unsubscribe;

• data connected to your requests – during our communication with you and 6 (six) months thereafter to ensure that you are satisfied with our response and you have received all needed information;

• data collected through the automated collection – as indicated in our Cookies Policy.

We may, from time to time, back up all data placed within the Services as described in our Terms. This procedure allows us to maintain our Services and gives the possibility to restore the previous state of the Services in case of the breakage. That is, such backups may include, among other things, your personal data that we collected at the time the copy was made. However, your data in the backups will only be used on the basis of our legitimate interest to restore our Services or your account if applicable under the Terms. We delete each back-up 3 days after it has been created.

Please note that sometimes we may process your data for the period longer than indicated in this section. Such processing could be carried by us only for statistical purposes as it is provided for in Article 5 of the GDPR and subject to the appropriate safeguards in accordance with applicable data protection laws.

Statistical purposes mean any collection and processing of personal data necessary for statistical surveys or to produce statistical results. The statistical purpose implies that such statistical results do not include personal data, but only aggregate data. The statistical results may further be used for various purposes, for example, to assess our business development, understand the market demands and improve our Services.

In most cases, we will anonymize your data before starting processing it for the statistical purposes. As a result, such data will be no longer considered personal and its use will be not governed by data protection laws.

We do not sell your personal data to third parties. However, to provide qualitative services, support various functions of our Services and ensure their operation, we may hire people, work with service providers, partner companies, and organizations. For these reasons, some of your personal data may be transferred to these persons.

In all cases, we comply with the requirements of data protection legislation and make every effort to ensure that data processing is secure at all stages. Our subcontractors and any other third parties will provide the same or equal protection of user data as stated in this Privacy Policy.

To achieve the purposes of data processing, we may provide your data to the following persons:

We may pass on your data to our employees or verified independent contractors (including private entrepreneurs). We always enter into non-disclosure and confidentiality agreements with those employees and independent contractors who have access to your data to ensure their data protection. In case of the independent contractors who are private entrepreneurs, we also sign the data processing agreements with them, where applicable.

The Company engages a number of trusted third-party service providers in order to support different features of our Services and ensure its overall functioning. We also use third-party services to organize our work in the most efficient way and provide our clients with the best customer service.

Therefore, we may grant the following third-party service providers (and their subcontractors) with a limited access to your personal data:

1. Unity Analytics (California, the US‎A) is the service that enables studios to easily understand game performance and player behaviors. We can capture insights quickly using prebuilt dashboards and visualizations powered by reliable, real-time data. The DPA is available here.
2. Meta (California, the US‎A) is an American company offering online social networking services. We use Meta in respect of Facebook Software Development Kit (Facebook SDK). It allows us to easily integrate our Apps with Facebook, promoting it there on the targeted audience. The Privacy Policy is available here.
3. AppsFlyer (California, the USA) is a SaaS mobile marketing analytics and attribution platform. The Privacy Policy is available here.
4. ironSource (Tel Aviv, Israel) is a global software company that focuses on developing technologies for app monetization and distribution, with its core products focused on the app economy. The Privacy Policy is available here.
5. DevtoDev (Vilnius, Lithuania) is a full-cycle analytics solution for app and game developers that helps to convert users into paying users, predict churn, revenue and customer lifetime value, as well as analyse and influence user behavior. The Privacy Policy is available here.
6. The Rocket Science Group LLC d/b/a Mailchimp (Georgia, USA) is the email marketing service that help us with the emailing campaigns management. The subcontractors currently engaged by Mailchimp are available here. You can find more details about Mailchimp’s privacy commitments here.
7. AWS RDS provided by Amazon Web Services EMEA SARL (Luxembourg) is the Managed Relational Database Service allowing to set up, operate, and scale a relational database in the cloud through cost-efficient and resizable capacity. Amazon Web Services EMEA SARL as one of the companies of the Amazon group warrants the compliance with the data protection laws, including the GDPR. You can find the details about the privacy commitments of Amazon here.

Most of the services listed above are designed for analytics and marketing purposes. To find out what particular data are sent to the third-parties in this aspect, please visit our Cookie Policy.

If you are interested in more details about how these third-party services process personal data, please refer to their privacy policies available on their websites. However, we want to reassure you that due to their residency of headquarters or affiliates companies they all are subject to the best worldwide standards of data protection. We care about your data security and choose only reliable partners.

As regards the engagement of the above-mentioned service providers, we take all necessary steps to ensure compliance with the applicable data protection laws such as the GDPR. In particular, we make sure that your personal data is being protected and used only within the purposes specified in this Privacy Policy. This is achieved by using only certified services and products, signing agreements on protection of personal data with contractors and partners, as well as taking technical measures to ensure the information is protected when stored, used and while being processed and transferred.

Since some of your data may be transferred to third parties outside of the EEA, we could also transfer such data on the basis of the standard contractual clauses signed with the respective third parties, if the country of transfer (like Ukraine or the USA) is not subject to the adequacy decisions of the European Commission. You may request the copy of such instruments via contact details provided in Section 11.

We may also disclose your personal data to ensure compliance with the law. In other words, we may disclose information necessary for an investigation or trial at the official request of public authorities. If we are forced to disclose your information, we will notify you immediately and provide a copy of the request unless prohibited by law.

To exercise your rights listed below, you can sent a request to the Company to support@8k-games.com. In order to properly protect your data, the Company may take additional measures to identify you when processing your request. We will provide you with a response to your request no later than 1 month from the date of its receipt, except as provided by law.

Thereby, you have the right to:

1. Know about the sources of collection, the location of their personal data, the purpose of their processing, the location of the owner or controller of personal data.

The Company respects the rights of personal data subjects and provides all necessary information in an accessible and understandable format. The Privacy Policy was created to ensure this right.

2. Receive information on the conditions for granting access to personal data, in particular information on third parties to whom your personal data is transferred.

3. Obtain a copy of the personal data that you previously provided to us in a portable and, to the extent technically feasible, readily usable format that allows the consumer to transmit the data to another controller without hindrance where the processing is carried out by automated means.
Under the GDPR, you may exercise this right in terms of your personal data that is processed on the basis of consent or the performance of the contract, if the data is collected directly from you and not created by the Company.

4. Access to your personal data and the right to receive an answer as to whether your personal data is processed, as well as to receive the content of such personal data.

You can at any time receive confirmation from us whether we are processing your personal data and receive a full copy of this data. In this case, you have the right to receive your personal data in a structured, commonly used and machine-readable format, as well as the right to transfer this data to another owner (controller) at its discretion.

5. Submit a reasoned request to us objecting to the processing of your personal data.

If the review of such a request reveals that the Company cannot demonstrate a valid legal basis for the processing of data that overrides your interests, rights, and freedoms, we will stop processing it and inform you about it.

If the request is not satisfied, we will provide you with a reasoned response to the refusal.

6. Make a reasoned request to change or destroy their personal data if such data are processed illegally or are inaccurate, as well as in other cases provided by law.

In particular, in the event of any inaccuracies in the data processed by the Company, the person whose personal data are processed has the right to contact us with a request to make appropriate changes to their personal data. You may also request that your data be destroyed if you believe that the Company no longer needs it for the purposes for which it was collected.

7. Protect your personal data from unlawful processing and accidental loss, destruction, damage due to intentional concealment, non-provision, or untimely provision, as well as to protect against the provision of information that is inaccurate or discredits the honor, dignity, and business reputation.

8. Complain about the processing of your personal data to the supervisory authorities or to the court and apply legal remedies in case of violation of the legislation on personal data protection.

9. Make reservations about the restriction of the right to process your personal data while giving the consent.

10. Withdraw consent to the processing of personal data.

You can withdraw your consent to the processing of your personal data at any time in case of the legal basis for the processing was the consent. In this case, we must stop processing, i.e., destroy or delete your personal data and notify you on the results.

There may be exceptions to this right. For example, if the law requires the Company to retain this data, or when it is necessary for protection in litigation, or when the Company has other grounds for processing, etc.

11. Know the mechanism of automatic processing of personal data and the right to protection against an automated decision that has legal consequences for you.

This provision is intended to protect the data subject from decisions made by the algorithm without human involvement or control. For example, if a computer program decides on the basis of certain collected information who needs help and who does not. To protect you against such a decision, if we implement one, we will explain the subject of the rules and logic of decision-making by the algorithm, as well as the ability to require a review of the decision by a person.

However, as of now, the use of the Services does not provide any automated solutions that would have legal consequences for you.

12. Rights as to transfer of your personal data

If we share your personal data, or disclose it for a business purpose, we will notify you of that in an appropriate way. In such case you have the right to request us to disclose the following information:

(1) The categories of personal data that we collected about you.
(2) The categories of personal data that we sold or shared about you and the categories of third parties to whom the personal data was sold or shared, by category or categories of personal data for each category of third parties to whom the personal data was sold or shared.
(3) The categories of personal data we disclosed about you for a business purpose and the categories of persons to whom it was disclosed for a business purpose.

You have the right to receive explicit notice and to be provided with an opportunity to exercise the right to opt-out, if a third party decides to further share your personal data.

We will also notify you in case we decide to “sell” some of your personal data within the meaning of the CCPA. If we do so, you shall have the right, at any time, to direct us not to “sell” your personal data. This right may be referred to as the right to opt-out.

13. Right to opt-out

You can choose to opt-out of having your personal data “sold” or been used by third-parties and businesses.

By informing us via email, you can restrict third-party providers to use your personal data. Third-party providers will only show you non-personalized ads. Non-personalized ads are based on contextual information, such as the content of our Services.

14. Rights as to non-discrimination

We shall not discriminate against you because you exercised any of the consumer’s rights under this Privacy Policy, including, but not limited to, by:

(A) Denying the Services to you.
(B) Charging different prices or rates for the Services, including through the use of discounts or other benefits or imposing penalties.
(C) Providing a different level or quality of the Services to you.
(D) Suggesting that you will receive a different price or rate for the Services or a different level or quality of goods or services.

The privacy of children is one of our concerns. Here at our Website and the Apps we can provide services to consumers of all ages.

You can solely give your consent to data collection and processing if you are at least at the age of:

• from 13 to 16 years – if your place of residence is one of the countries-members of the EU. The exact number depends on the particular country;
• 13 years – if your place of residence is the USA;
• 15 years – if your place of residence is Australia;
• 18 years – if your place of residence is India or Philippines;
• the age of full capacity in your country, if it is not listed above.

Our Services do not address anyone under the age indicated above. We do not knowingly collect personally identifiable information from children under the age indicated above. In the case we discover that such a child has provided us with personal data, we immediately delete this from our servers. If you are a parent or guardian and you are aware that your child has provided us with personal data, please contact us so that we are able to take necessary actions.

The Company does not physically store most of the personal data. All other data are stored in databases and file repositories hosted by Amazon Web Services EMEA SARL in Frankfurt, Germany. Databases are continuously backed up to enable restore to any point in time within a retention period. Backups are stored on file storage in Frankfurt, Germany.

We take appropriate security measures to protect your personal data from accidental loss or destruction, from unlawful processing or access to it.

Confidentiality. All personnel are subject to full confidentiality and any subcontractors and subprocessors are required to sign a confidentiality agreement if not full confidentiality is part of the main agreement between the parties. Also any access by authorized personnel is logged.

We use verified contractors that might have access to the data as specified in this Privacy Policy and with whom relevant data processing agreements are concluded. Moreover, we guide and train our personnel to process your data securely.

Isolation. All access to personal data is blocked by default, using a zero privileges policy. Access to personal data is restricted to individually authorized personnel. Authorized personnel are granted a minimum access on a need-to-have basis.

In regard to protection from unauthorized access to personal data, we have implemented passwords hashing and two-factor authentication.

Monitoring. The Company uses security reports to monitor access patterns and to proactively identify and mitigate potential threats. Administrative operations, including system access, are logged to provide an audit trail if unauthorized or accidental changes are made. System performance and availability is monitored by both internal and external monitoring services.

Internal Policies and Procedures. All the employees and the contractors are obliged to obey the internal security policy with respect to the processing of personal data. Such policy provides for organization, physical, and technical security measures, and, for such purpose, takes into account the nature, scope, context and purposes of the processing, as well as the risks posed to the rights and freedoms of data subjects.

Disclaimer. While taking necessary steps to secure your data, we have no choice but to admit that no method of transmission over the Internet or method of electronic storage is 100% secure. If it happens that any of your personal data is under the breach and if there is a high risk of violation of your rights as a data subject, we would inform you and the respective data protection authorities as to the accidents without undue delay. We will also do our best to minimize any such risks.

Nonetheless, if you are the resident of the Philippines, you are indemnified for any damages sustained due to inaccurate, incomplete, outdated, false, unlawfully obtained or unauthorized use of personal data.

We may amend or update this Privacy Policy from time to time. If we decide to do so, and the amendments will substantially affect your rights and legitimate interests, we will notify you of any changes via email and/or a prominent notice within the Apps when you use the Apps for the first time after the amendments. We will also indicate the “Last modified” date at the top of this Privacy Policy.

If you have any questions about the Privacy Policy or your data being processed by 8k Games Limited, you are welcome to contact us:

8k Games Limited
Pikionis 10, 3075, Limassol
The Republic of Cyprus

Email: support@8k-games.com
Telephone: +357 99 448922