Please take a moment to review our Privacy Policy (referred to as the “Policy”) to understand how we process your data, for what purposes, and in what manner. We’ve designed this Policy to be as transparent as possible. Should you have any questions or suggestions regarding our Policy, please reach out to us through the Help and Support section of the Project for prompt assistance.
The Controller responsible for data processing under the GDPR and other relevant data protection laws of the EU Member States, as well as other data protection requirements concerning the Project, is:
ZFLASH STUDIOS PRIVATE LIMITED
688 A-2, Awais Center, Block-4, Haider Road, Township, Lahore, Pakistan
Email: info@zflashstudios.com
We conduct data processing solely for the purposes outlined in this Policy. Please note that you have the right to withdraw your consent at any time, as specified in this Policy.
By accepting this Policy, you also agree to the Terms of Service. You acknowledge and confirm that you have attained the requisite age to enter into a binding agreement in your country of residence or domicile, or that you have obtained permission from your parent or legal guardian (if required by applicable law). A “Child” refers to an individual who has not reached the minimum age required to consent to the collection and processing of data in accordance with the relevant laws of their country of residence.
We may update this Privacy Policy by providing notice within the Project prior to the implementation of such changes.
This Policy outlines:
- What data we process;
- With whom we may share your data;
- The purpose of data processing;
- The duration of data storage;
- How we safeguard your data;
- How you can manage your data.
- PROCESSED DATA
In general, “Data” refers to any information that identifies, relates to, describes, or could reasonably be linked with a specific individual. We also consider any information relating to you and your use of the Services as Data. All information regarding your activity in the Project and/or Service processed by us for the purpose of providing access to the Project and/or Services is collectively referred to as the “Account”.
While the data we process may not always fall under the category of “personal data,” we treat all information associated with your Account as such. The personal data we collect from users of our Services includes but is not limited to:
-
Your IP address and unique mobile device identification numbers (such as device ID, advertising ID, android ID);
-
General location data (e.g., countryCode);
-
Data for advertising and analytics purposes (gpsAdid, Idfv/Idfa);
-
Information about your device (Name, RAM, Resolution, OS, OS version, device language);
-
Details of orders (transaction currency, amount spent, date, time, vouchers or offers used);
-
Time zone;
-
Data about your account and game progress, including a specific ID created for you when using the Services. We store your actions within the Project, including resource usage, behavioral activity, and time spent in the game;
-
Contact information (such as name, nickname, email, or other identification information);
-
Data from platforms on which the games are hosted (such as for payment verification);
-
Your communications with the Services (such as chat logs and player support tickets), any feedback you provide about your experience with us; and/or
-
Any other data you choose to provide. We collect your personal data on the following legal bases:
-
Data necessary to provide you with access to the Project or the provision of our Services on the basis of contract;
-
Data necessary for marketing or analytical purposes based on your consent. Methods of collecting information (categories of sources used in the collection).
1.1. Data you provide voluntarily. This includes information such as:
- Date of creating an Account;
- Your use of social features and channels for communicating with others in the Project;
- Purchases or financial transactions, such as in-app purchases and/or received prizes;
- Technical and support services. WARNING! We do not take responsibility for the accuracy, completeness, or quality of the information you provide. When you independently provide data, we assume your good faith and accept the information as accurate, complete, and reliable. If you provide inaccurate and/or irrelevant information, access to certain Services may be restricted, and technical support services regarding the processing of personal data may be suspended until the confirmation of your ownership of the provided information. These measures are necessary to safeguard your data.
1.2. Information we collect or generate from your use of the Project. We may collect data related to your usage of the Project and your in-game activities, as well as your usage of our services and the nature thereof. This information is collected to analyze potential technical issues within the Project and address them promptly. The processing of information regarding your in-game activities is tied to the social aspect of our Project, with your in-game actions impacting the virtual world.
1.3. Information obtained from external sources. We may receive information about you and your activities from third parties when you link external accounts or from advertisers or service providers regarding your interactions with them.
1.4. COOKIES
Cookies are text files containing small pieces of data, such as a username and password, used to identify your device during network usage. Specific cookies known as HTTP cookies are utilized to identify specific users and enhance their web browsing experience. The data stored in a cookie is generated by the server upon connection, tagged with a unique ID specific to you and your device. For more details, please refer to our Cookies Policy (insert hyperlink).
- SHARING DATA WITH THIRD PARTIES
To deliver the Services, we may share data with suppliers or agents operating on our behalf. We do not sell your personal data to third parties. We may disclose data to third parties providing services to us, ensuring they are contractually obligated to maintain the confidentiality of your personal data and comply with GDPR and other relevant data protection laws.
We may share your information with the following types of third parties:
a) Technical and customer support providers assisting us in service provision; b) Third-party software providers, including ‘software as a service’ solution providers, hosting personal data on our behalf; c) Analytical services aiding in Project development and improvement; d) Providers assisting in generating and aggregating reviews of our goods and services; e) Advertising and promotional agencies, and online platforms selected by us to conduct marketing campaigns on our behalf and advertise their own products or services that may interest you; and/or f) Professional advisers such as solicitors, accountants, tax advisors, auditors, and insurance brokers; g) Service providers assisting us in delivering our services.
We may share your personal data with our affiliates and partners within and outside the EU/EEA. If data transfer outside the EU/EEA is not covered by an EU Commission adequacy decision, we rely on legal guarantees outlined in Article 46 et seq. of the GDPR. This primarily includes EU Commission-approved Standard Contractual Clauses, which we supplement with additional security measures such as individual risk assessments, contractual guarantees, and technical safeguards like encryption or pseudonymization, to facilitate international transfers with ZFLASH STUDIOS PRIVATE LIMITED affiliates and partners outside the EU/EEA.
Learn more about the EU Commission’s approved Standard Contractual Clauses.
We may share personal data with external providers, service providers, or vendors engaged to perform services or functions on our behalf and in accordance with our instructions.
If these providers are located within the EU, we ensure they are contractually bound to comply with EU data protection regulations. Our contracts with these organizations stipulate that they process personal data only in accordance with our instructions, provide consistent services, and protect the integrity and confidentiality of the entrusted personal data. We may also disclose personal information to our advisers, consultants, law enforcement, and other government agencies (such as tax and social security authorities), police, prosecutors, and courts. All recipients are responsible for complying with EU data protection regulations. Some of the suppliers we engage with are located outside the European Economic Area. If the EU Commission has not recognized them as providing adequate data protection, we rely on the legal guarantees described above.
These companies may access and process your data according to their own privacy policies, acting as equivalent Data Controllers. We encourage you to review their privacy policies to understand how they process data.
We may disclose your personal data as permitted by law to investigate, prevent, or act against illegal activities, suspected fraud, infringement of our intellectual property rights, potential threats to the physical safety of any individual, violation of our Terms and Conditions or other agreements, or as required by law.
Feel free to contact us for further information on third-country data transfers, as well as our safeguards and additional security measures.
- PURPOSES OF DATA PROCESSING
We process your data only when necessary to provide access to the Project and/or Services, while implementing reasonable security measures to protect it from loss, misuse, and unauthorized access, disclosure, alteration, or destruction.
For users covered by the General Data Protection Regulation (EU) 2016/679 (hereinafter referred to as the “GDPR”), we utilize the data collected through the Project and/or Services for our legitimate interests in accordance with Article 6(1)(f) of the GDPR, as well as for purposes stipulated in the Terms of Service and this Policy. For instance, we may use the collected information to:
- Provide our Services or requested information, as well as process and complete transactions;
- Respond to your submissions, questions, comments, requests, and complaints, and provide customer service;
- Monitor and analyze usage and trends within the Project, or personalize and enhance the Project or user experience on our websites, such as by providing ads, content, or features tailored to users’ profiles or interests, and improve the Project’s functionality and user-friendliness;
- Provide gifts and rewards that you may have won within the Project, etc.;
- Send confirmations, updates, security alerts, as well as support and administrative messages, and facilitate your use of and our administration and operation of our websites;
- And any other purpose for which the information is collected. Data is collected when provided within the Project and/or Service. Indirect collection is permitted only on an anonymous basis.
- DURATION OF PROCESSING AND STORAGE
We process and store data during the Project period and for thirty (30) days following confirmation of the deletion request, except for information necessary to comply with applicable law requirements (e.g., taxation and accounting) and anonymized information. We do not control data published by you or copied by other users, or data published in the Project’s chat (if applicable) or on thematic groups and forums. After your data is deleted, your anonymized account may be retained in the Project if used in conjunction with other users.
Information containing personal data of users (if applicable), collected or created through the provision of technical support to users, is stored for the duration of the user account that requested support to provide optimal issue resolution. Information not containing personal data may be stored for the entire duration of the Project.
- DATA SECURITY AND PROTECTION
ZFLASH STUDIOS PRIVATE LIMITED respects the confidentiality of your data and strives to ensure the highest level of protection. However, no security measures are effective if data security is neglected.
The Project implements reliable means of protection to safeguard your data. We take all necessary measures to ensure your safety while using the Project and continuously enhance our information protection methods. As part of our efforts to protect information from unauthorized access, alteration, disclosure, or destruction, we employ the following measures:
- Data encryption during storage and transmission;
- Two-stage user authentication for actions involving data;
- Continuous improvement of techniques and methods for collecting, storing, and processing data;
- Access to encrypted and depersonalized data is restricted to authorized employees, consultants, or relevant groups requiring such access to perform their duties;
- All individuals with access to data are trained in data handling, and their knowledge and skills are regularly assessed. Despite the measures we take, your cautious approach to your Account and its access plays a significant role in safeguarding your data. To prevent unauthorized access to your data and Account, we strongly advise against sharing account access with third parties and recommend adherence to the Project’s rules and Service usage guidelines. Failure to comply with the Terms of Service may compromise the security of your data.
WARNING! The following actions are prohibited by this Policy and the Terms, and may compromise the confidentiality of your data:
- Sharing information about the Account and/or access rights with third parties. Please note that our official representatives will never request access to your Account;
- Using unauthorized third-party programs, robot programs, and/or programs altering the gameplay, including those aiding in gameplay. In addition to being expressly prohibited by the Terms, such programs may contain malicious software compromising the security of your data;
- Purchasing in-game assets from third parties. Acquiring in-game assets outside the Terms of Use exposes you to the risk of fraud.
- DATA MANAGEMENT
You have full control over how your data is used, and we continually improve the data management methods available to you. You can submit a request within the Project by sending a request through the Help section. You are entitled to:
- Withdraw your consent for data processing, either in full or in part, at any time;
- Access the data we have collected from you;
- Request limitations on data processing for verification of provided information’s accuracy;
- Modify your data. You may determine which data is associated with your Account at your discretion;
- Object to the processing of your data. If you believe we have no legitimate reason for processing your data, please contact us using the provided contact details. You may also file a complaint with the local supervisory authority, or delete your Account and associated data.
Procedure for withdrawing consent to processing and deleting data:
PLEASE NOTE that we only use your data for the purpose of providing you access to the Project and improving the quality of the Services. By deleting your Account data, you will lose access to the Project, and your data will be permanently deleted.
Request execution procedure:
- Submit an initial request meeting the requirements outlined in this Policy.
- Confirm the request using your specified and verified email address.
- Request execution – typically completed within 30 days from the confirmation date. This timeframe allows for organizational and technical measures to fulfill your request and may require additional time if necessary. PLEASE NOTE, we reserve the right to refuse request fulfillment if ownership of the data is not confirmed by the User and/or if the request impacts the rights and freedoms of others. If you have lost access to the Project and are unable to confirm data ownership, you can contact us at info@zflashstudios.com
ZFLASH STUDIOS PRIVATE LIMITED User Data Protection Manager:
688 A-2, Awais Center, Haider Road, Township, Lahore
Email: privacy@zflashstudios.com
- LOCAL LEGISLATION
We provide access to international projects and strive to comply with applicable local laws. Please note that our Services are provided “as is,” and you should familiarize yourself with applicable laws. By continuing to use the Project, you warrant that your usage complies with applicable laws and the Terms of Service.
Please note that we do not sell users’ Personal Data in California. Data transfers are conducted to legally provide the Services.
- FINAL PROVISIONS
We reserve the right to modify this Policy at any time, so please review it periodically.
This Policy is written in English. We can provide translations in French, German, Italian, Spanish, and Portuguese. In case of any inconsistency or discrepancies between a non-English translation of this Policy and the English version, the English version shall prevail.
SINCERELY, ZFLASH STUDIOS PRIVATE LIMITED