This Privacy Policy applies to Sugaku, our iOS and Android mobile application (our “Game”). In the below policy, we inform you about the scope of the processing of your Personal Data.
Croatia`s Act on Implementation of the General Data Protection Regulation (“AIGDPR”) and the General Data Protection Regulation (“GDPR”) require us to inform you how we process your Personal Data. Doing so we will only use your Personal Data in accordance with the AIGDPR and the GDPR, and only as described in this Privacy Policy.
When designing our Game, we have made sure that no information that directly identifies you is collected. As however some countries have a broader definition of Personal Data this policy covers it. In this sense we would need to first of all explore the definition of Personal Data.
Personal Data is any information relating to personal or material circumstances that relates to an identified or identifiable individual. This includes, for example, your name, date of birth, e-mail address, postal address, or telephone number as well as online identifiers such as your IP address and device ID.
"Processing" means any operation or set of operations which is performed upon Personal Data, whether or not by automatic means. The term is broad and covers virtually any handling of data.
Responsible for data processing is Martin Pisačić of Zagreb, Croatia (“we”, “us”, or “our”). If you have any questions or if you wish to exercise your rights, please contact us using sugakuinfo@gmail.com.
In accordance with the AIGDPR and GDPR, we have to have at least one of the following legal bases to process your Personal Data: a) you have given your consent, b) the data is necessary for the fulfillment of a contract / pre-contractual measures, c) the data is necessary for the fulfillment of a legal obligation, or d) the data is necessary to protect our legitimate interests, provided that your interests are not overridden.
Our Game can be downloaded from the "Google Playstore" a service offered by Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, US, if you are resident outside the EU and Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland if you are a resident within the EU, or Apple App service "App Store" a service of Apple Inc., 1 Infinite Loop, Cupertino, CA 95014, US, if you are resident outside the EU and Apple Distribution International Ltd, Hollyhill Industrial Estate, Hollyhill Ln, Knocknaheeney, Cork, Ireland, if you are a resident within the EU, to install our APP. Downloading it may require prior registration with the respective App store and/or installation of the respective App store software.
As far as we are aware, Google collects and processes the following data: License check, network access, network connection, WLAN connections, and location information. However, it cannot be ruled out that Google also transmits the information to a server in a third country. We cannot influence which personal data Google processes with your registration and the provision of downloads in the respective App store and App store software. The responsible party in this respect is solely Google as the operator of the Google Play Store.
As far as we are aware, Apple collects and processes the following data: device identifiers, IP addresses, location information, it cannot be excluded that Apple also transmits the information to a server in a third country. This could in particular be Apple Inc. One Apple Park Way, Cupertino, California, USA, 95014. We cannot influence which personal data Apple processes with your registration and the provision of downloads in the respective App store and App store software. The responsible party in this respect is solely Apple as the operator of the Apple App Store.
Google and Apple may collect information from and about the device(s) you use to access Our Game, including hardware and software information such as IP address, device ID and type, device-specific and APP settings and properties, APP crashes, advertising IDs (AAID), information about your wireless and mobile network connection such as your service provider and signal strength; information about device sensors such as accelerometer, gyroscope, and compass and Payment Data and Billing confirmations.
Our Game uses the Google Admob service to display ads. Ads are personalized based on the device you are using. You can disable this via the settings on your device. Google may use the advertising ID of your device, as well as cookies and/or similar technologies, to collect personal data for the purpose of generating and displaying personalized advertising. More detailed information about what data Google collects and how it is processed can be found here.
Advertisers and third parties also may collect information about your activity on our APP, on devices associated with you, and on third-party sites and applications using tracking technologies. Tracking data collected by these advertisers and third parties is used to decide which ads you see both on our Game and on third-party sites and applications. If you do not wish to participate in our advertising personalisation or retargeting/tracking you can object to behavioral advertising at the following websites: Your Online Choices, Digital Advertising Alliance of Canada, Network Advertising Initiative or AdChoices. In addition, you may also choose to control targeted advertising you receive within applications by using the settings and controls on your devices and/or use the checkbox function displayed when you launch our Game.
Our Game uses the tool Crashlytics, which is part of the Firebase platform of Google LLC to log crashes of our Game. No personal data is transmitted. Only real-time crash reports with precise details of code locations and device information are sent, which is intended to simplify maintenance and improve the resulting stability of our Game. The legal basis for data processing is our legitimate interest. In the settings under data services, you can select whether you want to send crash reports or not.
Our Game uses the web analytics service Google Analytics for Firebase, which uses tracking technologies to track your use of our Game. In this respect, information is generated about, among other things, the number of users and their sessions, the session duration, the operating system used by the users, their device model, the region from which our Game is accessed, the first start of our Game, our Game execution and any updates.
In order to provide the relevant data for analysis, Firebase Analytics uses your device's advertising ID, an app instance ID (a randomly generated number that identifies a single app installation), and the IP address, which is shortened (IP masking) before being processed on Google's servers (which may be located outside the EU/EEA) to generate the usage analysis. You can object to the use of Firebase Analytics at any time by disabling the sending of usage statistics in your device settings. We have no influence on these data processing operations.
If you contact us, we process the following data from you for the purpose of processing and handling your request: first name, last name, e-mail address, and, if applicable, other information if you have provided it, and your message. The legal basis for the data processing is our obligation to fulfil the contract and/or to fulfill our pre-contractual obligations and/or our overriding legitimate interest in processing your request.
If you create a game profile (Optional), we will process your user name and randomly generated id. Your id and name associated with profile is stored in an unencrypted storage on the device. Your name without your id will also be stored in a SQLite database on our server operated by DigitalOcean and secured via HTTPS and token encryption for the purpose of having unique names for every player competing in the Leaderboards (see below). If you uninstall the app from your mobile device, your user data will be removed from the device but your name will not be removed from our servers in that case.. Within the settings of the app you are able to delete your profile at any time. It is strongly advised that before deleting an app from the user profile it is deleted from within the app. Otherwise if you’ve deleted the app and want to delete your data afterwards, you can request your data deletion by submitting your request to us with your profile name specified in the request. Your data will be processed on the basis of your consent.
We may also process your user name, and your id in connection with our leaderboard. When you play "Competitive" mode and only if you created your profile in the game, your user name, id and best score will be stored in a SQLite database on our server operated by DigitalOcean and secured via HTTPS and token encryption. The legal basis for the processing of your Personal Data is the establishment and implementation of the user contract for the use of the service as well as your consent. You may withdraw your consent and request us to stop using and/or disclosing your Personal Data by deleting your profile in the applications settings or by submitting your request to us with your profile name specified in the request.
In accordance with Art. 8 of the GDPR, the processing of Personal Data relating to a person younger than 16 years requires the consent of a parent or legal guardian. Further and in line with the US Children's Online Privacy Protection Act of 1998 (COPPA) operators of websites and online services are required to protect the privacy of children under the age of 13 years. Specifically, both the GDPR and COPPA stipulate that a) we must seek and require verifiable parental consent; b) we must provide an appropriate privacy policy, and c) clearly set out our responsibilities regarding children's privacy and safety online.
We do not allow users under the age of 13 (US only) or 16 (EU only) to use our APP and we do not knowingly collect any data from users under the age of 13 (US only) or 16 (EU only), unless verifiable parental or legal guardian consent is obtained through direct offline contact. If you suspect that a user is a minor, please report it to us as soon as possible.
In general, and uless you have created an Optional Game Profile (see above) your Game data is saved and stored locally on your device using SqlLite storage. In addition, we only store personal data you provide to us for as long as it is necessary for the purposes for which it is processed or for as long as any consent you have given us has been revoked by you. Insofar as statutory retention obligations must be observed, the storage period for certain data may be up to 10 years, irrespective of the processing purposes.
Automated decision-making including profiling does not take place.
We do not sell your Personal Data.
We will not disclose or otherwise distribute your Personal Data to third parties unless this is a) necessary for the performance of our services, b) you have consented to the disclosure, c) or the disclosure of data is permitted by relevant legal provisions. In addition, we may disclose your Personal Data: in connection with law enforcement, fraud prevention or other legal proceedings; as required by law or regulation; or if we have reason to believe that disclosure is necessary to protect us and our Game.
We usually do not transfer Personal Data, however, if we do we ensure that processing is governed by Processing Agreements that include Standard Contractual Clauses to ensure a high level of data protection.
Our data processing is subject to the principle that we only process the Personal Data that is necessary for the use of our services. In doing so, we take great care to ensure that your privacy and the confidentiality of all Personal Data are always guaranteed.
Nonetheless, databases or data sets that include Personal Data may be breached inadvertently or through wrongful intrusion. Upon becoming aware of a data breach, we will notify all affected individuals whose Personal Data may have been compromised, and the notice will be accompanied by a description of the action being taken to reconcile any damage as a result of the data breach. Notices will be provided as expeditiously as possible after which the breach was discovered.
You can exercise the following rights:
If you wish to exercise any of your rights, please contact us.
If you believe that the information we hold about you is inaccurate or that we are no longer entitled to use it and want to request its rectification, deletion, or object to its processing, please do so by contacting us.
You can revoke consents you have given at any time by contacting us. The legality of the data processing carried out until the revocation remains unaffected by the revocation.
In the event that you wish to make a Data Subject Access Request, you may inform us in writing of the same. We will respond to requests regarding access and correction as soon as reasonably possible. Should we not be able to respond to your request within thirty (30) days after receiving your request, we will inform you in writing within thirty (30) days of the time by which we will be able to respond to your request. If we are unable to provide you with any Personal Data or to make a correction requested by you, we shall generally inform you of the reasons why we are unable to do so (except where we are not required to do so under the respective legal regulations mentioned above).
You have the right to complain about our processing of Personal Data to a supervisory authority responsible for data protection. The competent data protection authority in Croatia is: Agencija za zaštitu osobnih podataka (Personal Data Protection Agency), Selska cesta 136 HR - 10 000 Zagreb www.azop.hr
We may update this policy from time to time. If we make changes, we will revise the effective date at the end of this section. If you would like to contact us regarding our privacy practices for any reason, please do so using sugakuinfo@gmail.com. We encourage you to periodically review this policy to be informed of how we use and protect your Personal Data. This policy was last updated on Wednesday, 14th of June, 2023.