Effective: January [ 11 ], 2022
If you have any comments, questions or complaints regarding the processing of your personal data, please contact us. Our contact information is as follows:
Address: 29 Media Circle, #09-01, North Tower ALICE @ Mediapolis, Singapore 138565
DPO’s Email: DataProtectOfficer@yoozoo.com
1. What Data We Collect
1.1 Data you provide to us
1.1.1 Data you provide when sign up
You don’t have to create an account to use some of our service features, such as searching and viewing GTarcade website. To sign up for a GTarcade account, you are required to provide us with account information and contact information, as follows:
- Account information, including your account name and account password (which will be encrypted); and
- Contact information, namely your email address, which will be used to reset the password.
All your data is protected by GTarcade account authorization. Therefore, you must keep your password safe and do not disclose it to anyone else in any way.
In addition, when you set up your profile, you may voluntarily elect to provide us your personal data, including head portrait, name, gender, date of birth, living location, national code and extra contact information.
If you are located in certain areas, as required by applicable laws and regulations, you may need to complete the identification verification before using and enjoying the Services. Upon your consent or by your voluntary provision, we will collect your real ID information (including name, ID number, photo, etc.).
During using our services, you may be required to provide certain personal data as needed. To be specific, the scenarios include:
- Social functions: To accommodate you with voice chatting, interaction during live broadcasting and other functions, we will access your microphone and camera upon your authorization.
- Game Adaptation and Update: To make the best adaptation of our Game to your mobile device, we need to know the network environment and the storage of your device. And to provide an updated version of our Game to you, we need to have access to the storage of your device, which is inevitable.
- Survey: To understand the performance of our Services and therefore make improvement, we may conduct surveys about our Services. During such survey, we may ask for your basic information (including age, role name and game zone) and your preference information (such as your preferences, interests, hobbies, your favorite games, and general demographic information or other related information). For the supplementary account information and information we collect during survey, since they are not essential or mandatory, it’s your right to refuse to provide such information.
1.2 Data we automatically collect
When you use the Services, we may automatically collect certain data about your devices, including your device information (such as the operating system and its version, hardware and software versions, processing capabilities, manufacturer and model, language and other regional settings, unique device IDs and similar unique identifiers, screen resolution, other device attributes or similar settings), network type, and application version number.
In addition, we may automatically collect certain data about your in-game behavior. We will collect your game information, including role name, role level and scores. Meanwhile, we will collect the information you provide or generate when you communicate with others in the Services(“communication information”), including your chat log, your comments in the game, and the content you post on the forum. You acknowledge and agree that information generated within our Services should not be considered private and communications within our Services may be viewed/heard by other users. Please avoid revealing any personally identifiable or sensitive information during such communications. Other related information collected by us includes the monitoring data of availability and quality of the Services, loading errors and bugs. We also collect data by cookies and similar technologies, the detailed information please refer to our COOKIES POLICY.
1.3 Data from third parties
2. How We Use Your Personal Data
We will use your personal data in the following ways and in accordance with the following legal bases:
We use device information to provide and improve the Services, so as to allow you to download and install the software on your devices; to record and keep track of requests from you; to detect the user network and device status when you are using the Services; and to correct bugs or errors that occur when you are using the Services. Use of device Information is necessary to perform our contract with you to provide the Services.
To fulfill our legal obligations under the applicable laws, we may process necessary information for the following purposes:
- To monitor and protect services against fraud behavior, such as robot access, illegal add-ons, we may process your account information, device information, network environment information, and game information;
- To keep heathy in-game communication and limit communication against illegal topics and content, we may adopt automatic technologies and process your account information and communication information to detect, filter and block forbidden content in black list;
- To protect your account from unauthorized access and protect your transaction from fraud, we may process your account information; and
- If you are located in certain areas, according to applicable laws and regulations, in order to protect children personal data, we will collect your real ID information. Your refusal to provide your real-name ID information may result in a failure to log into the Services.
4. How We Protect Your Personal data4.1 Data security management system
We have implemented data security management system that meets industry-standard, including organizational processes and technical solutions, to protect your personal data against unauthorized access, modification, copy, or deletion. For example, our network communication is encrypted and protected by HTTPS protocol. We have set up firewalls, WAF (web application firewall) and anti-DDOS flow cleaning devices at network boundary to detect and defend against web attacks. We have encryption mechanism and strict access control to protect data in database. Besides, we have implemented collaborative security defense system at both network and terminal level to protect the information system and the computing environment.
In addition to the technical solutions, we also implemented information security management system, which is based on ISO27001, to set up policy, process and procedures which regulate employees’ daily information processing activities, such as access, modify, editing, storage, share, transfer and deletion. This system ensures that only authorized personnel can access the protected data, and can be used only in the authorized way. And we also provide training and arrange awareness raising activities about data security and privacy protection, so as to enhance employees' awareness regarding the importance of personal data protection.
For the security of your personal data, we adopt leading security technologies and continuously update our data security capabilities. To be specific, our data security capabilities include but are not limited to application layer encryption, network layer encryption, database encryption, network access monitoring, database access monitoring, host behavior monitoring, terminal behavior monitoring and tracking, and other technologies.
4.3 Personal data protection suggestions
Even with our data security capabilities, the internet is still not an absolutely secure environment. We strongly recommend that you shall at least take the following steps to enhance the security of your account:
Avoiding sending personal data in an unencrypted way; and
Using complex passwords, which should include numbers, alphabet letters, special symbols, and avoid names, birthdays and similar information.
4.4 Response to data security incidents
We have implemented reasonable technical and organizational measures to safeguard your personal data. If unfortunately, any personal data breach or similar security incident happens, we will promptly take responses to control and mitigate the influence of the incident. According to mandatory requirements in applicable laws and regulations, we will timely inform you as needed and share with you the following information:
The nature and possible impact of the incident;
The name and contact details of the data protection officer or other contact point where more information can be obtained;
The measures taken or proposed to be taken by us to address the personal data breach, including, where appropriate, measures to mitigate its possible adverse effects;
The suggested actions you can take to eliminate or reduce risks; and
The remedial measures for you, where appropriate.
We will promptly inform you of the incident by mail, telephone, push notification, etc. When it is difficult to inform the affected data subjects one by one, we will take a reasonable and effective way to publish the announcement.
Besides, in the case of any security incident, we will actively and timely, where feasible, notify the incident to the competent supervisory authority according to requirements in applicable laws and regulations.
5. How We Share and Disclose Your Personal Data
We may share Personal Information (mobile phone, mobile phone’s model, system type, system version, screen dimensions of the device) with third-party SDK’s providers (include Youme and MobPush) in or achieve certain function of our Services. “Youme” is necessary when voice-chatting function is available in our Game (the Private Policy of “Youme” can be found at https://www.youme.im/privacy-policy.html). And “Mobpush” is necessary for sharing your in-game content to your SNS accounts such as Facebook etc. (the Private Policy of “Mobpush” can be found at http://www.mob.com/about/policy). With your prior consent, the above-mentioned third-party SDK ‘s providers may have access to your microphone and album. Meanwhile, rejecting such consent will not result in failure of playing our Game. While third-party SDK’s providers have limited access to your personal information and are contractually bound not use it for other purposes. You are still highly recommended to refer to the privacy policies or relevant statements of the SDK’s providers for more detailed information.
We will NOT share or disclose your personal data with any other commercial entity, organization or individuals, except for the following situations:
With your consent. We may disclose sharing or disclose your personal data when you provide us with your consent to do so;
Law enforcement bodies and courts. We disclose information in response to legal process, for example in response to a court order or a subpoena, or in response to a law enforcement body's request. We also disclose such Information to third parties:
i. in connection with fraud prevention activities;
ii. where we believe it is necessary to investigate, prevent, or take action regarding illegal activities;
iv. to protect our rights and the rights and safety of others; and
v. as otherwise required by law.
Linked sites. Some of our sites contain links to other sites, including Social Media Sites, whose information practices can be different from ours. You should consult the corresponding sites' privacy disclosures and terms before submitting any information, as we have no control over information that is submitted to, or collected by these third parties; and
Other third parties. Where permitted by law, we may also share information with authorized third parties for the following purpose in case of essentials: protect crucial public interest, statistics analysis, science or history research.
6. Global Data Storage and International Transfer
Our Services are provided globally. Our IDC (Internet Data Center) is located in California, USA. This means, your personal data as mentioned in section 1. What Data We Collect will be transferred to and processed in the USA. We will take steps necessary to comply with applicable legal requirements.
If you are located outside USA, we will not transfer your personal data to our IDC until receipt of your explicit consent. In the meanwhile, we will implement all necessary and reasonable security measures before transferring data to our IDC, and you can refer to section 4. How We Protect Your Personal data for details.
In case you want to withdraw your consent and stop us from transferring your personal data to our IDC, you can refer to section 7. How You Can Manage Your Personal data to submit a request.
7. How You Can Manage Your Personal data
This section (“How You Can Manage Your Personal data”) applies to users that are located in the European Economic Area and Southeast Asia. For users located in other territories, please refer to the privacy clauses in our User Agreement.
You have certain rights in relation to the personal data we hold about you. Some of these only apply in certain circumstances (as set out in more detail below). We must respond to a request by you to exercise those rights without undue delay and at least within 1 months (though this may be extended by a further 2 months in certain circumstances).
Please understand further information may be required to verify your identity when exercising your rights. You can refer the complaint to the relevant regulatory authority in your jurisdiction. For more information on how you can manage your personal data, you can reach out for us, and we will provide you with information on the applicable complaint route according to your actual situation. Please find our contact information in Section 10 Contact Us.
7.1 Access and Modification
You are entitled to access and modify your account information at https://profile.gtarcade.com/user/index after logging into your GTarcade account. If you believe we hold any other personal data about you, please contact us and complete the corresponding request form.
Since the personal data we collect and store is necessary to deliver our Services, we will not delete them except in the following circumstances that you can ask us to delete your account and personal data. You can also exercise your right to restrict our processing of your personal data (as described below) whilst we consider your request. But please note, this may limit your access to our Services:
• Where our processing of the personal data violates laws and regulations;
• Where we collect and use your personal data without your consent;
• Where our processing of personal data breaches the agreement with you; or
• Where your account is terminated and personal data deletion request is submitted.
To delete your certain personal data, you shall visit our official website https://www.gtarcade.com, and then click “MY ACCOUNT” page, and then, after logging into your account and click “Account Details”, you may find and choose to delete your personal information listed on such webpage.
When you delete the data from our Services, we may not immediately delete the corresponding data from the backup system, but will delete the data when the backup is updated within reasonable period. If there is any other personal data you believe we process that you would like us to erase, please contact us and complete the request form.
We may need to retain personal data if there are valid grounds under data protection laws for us to do so (e.g., for the defence of legal claims or freedom of expression) but we will let you know if that is the case.
If you request to delete the Gtarcade account, please click “Support” in our Game, fill in the ticket with necessary information and submit such ticket. After that, our customer service contacts will help you delete the Gtarcade account. After your Gtarcade account has been deleted, none of your personal information will be kept by us unless otherwise required by applicable laws and regulations.
7.3 Restriction of Processing to Storage Only
You can require us to stop processing the personal data we hold about you other than for storage purposes in certain circumstances by visiting “Support” in our Games to submit your request or sending e-mail to DataProtectOfficer@yoozoo.com. Please note, however, that if we stop processing the personal data, we may use it again if there are valid grounds under data protection laws for us to do so (e.g., for the defense of legal claims or for another’s protection). As above, where we agree to stop processing the personal data, we will try to tell any third party to whom we have disclosed the relevant personal data so that they can stop processing it too.
You may request we stop processing and just store the personal data we hold about you where:
• you believe the personal data is not accurate for the period it takes for us to verify whether it is accurate;
• you wish to erase the personal data as the processing we are doing is unlawful but you want us to retain the personal data but just store it instead; or
• you wish to erase the personal data as it is no longer necessary for our purposes but you require it to be stored for the establishment, exercise or defense of legal claims.
You have the right to receive a copy of certain personal data we process about you. You can visit “Support” in our Games to submit your request, or send e-mail to DataProtectOfficer@yoozoo.com. This comprises any personal data we process on the basis of your consent，pursuant to our contract with you, or to fulfill our legal obligations under the applicable laws, as described in the section “How We Use Your Personal Data”. You have the right to receive this information in a structured, commonly used and machine-readable format. You also have the right to request that we transfer that personal data to another party.
If you wish for us to transfer such personal data to a third party, please ensure you detail that party in your request. Note that we can only do so where it is technically feasible. Please note that we may not be able to provide you with personal data if providing it would interfere with another’s rights (e.g., where providing the personal data we hold about you would reveal information about another person or our trade secrets or intellectual property).
7.5 Access and Modification
You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you by visiting Settings – Private Setting, or sending e-mail to DataProtectOfficer@yoozoo.com.
7.6 Other rights
If you’re concerned with the cross-border data storage and transfer we described in Section 6 Global Data Storage and International Transfer, and would like to submit a request to withdraw your consent, you can visit Settings – Private Setting, or send e-mail to DataProtectOfficer@yoozoo.com;
Other than the above, you can also:
• Make your choice regarding whether to connect your social media account with GTarcade account on https://profile.gtarcade.com/user/index after logging into your GTarcade account;
• Make your choice regarding subscription services on https://profile.gtarcade.com/user/index after logging into your GTarcade account;
• Manage the access authorization of our APP to your device by changing mobile device authorization settings; and
• Make your choice regarding Cookies or other similar technologies by configure your browser settings.
8. Children Personal data Protection
We will NOT knowingly collect or store personal data from children under 16. If legal guardian believe that we have unintentionally collected their children’s personal data or otherwise used their children’s personal data for unauthorized purpose, please reach out to us immediately and we will delete relevant data as soon as possible. Please see the Section 10 Contact Us below for further details.
If you are located in certain areas, in order to comply with the relevant laws, regulations and policies and the requirements of competent authorities, we will make a judgment on whether the real name information of an account belongs to a child based on the real-name ID information we collect through real-name verification. If such information indicates the user is under the age stipulated by the applicable laws and deemed as child under such laws, we will not collect further personal data from the child until a parent/guardian’s verifiable consent is obtained.
If you are under 16, we will not push ads to you in any way.
We urge children’s legal guardian to instruct children not to give out their real names, addresses, or other personal data without legal guardian’s permission during online service. We also recommend that legal guardians familiarize themselves with parental controls available.
10. Contact Us
For any inquiries or concerns of our services, you can visit http://support.gtarcade.com/ to contact our customer support team, or send e-mail to firstname.lastname@example.org, we will respond to you within 15 working days.
We have a privacy protection and management team to monitor and protect your personal data. If you have any questions or requests regarding the protection of personal data, please feel free to send email to: DataProtectOfficer@yoozoo.com.