1. WHO IS RESPONSIBLE FOR PROCESSING YOUR DATA AND HOW TO CONTACT US

This Privacy Policy applies to all of our games, websites and related services, collectively referred here as our Services. Your continued use of the Services after the effective date will be subject to new Privacy Policy. Your use of our Services, and any dispute over privacy, is subject to this Privacy Policy and our Terms of Use, including its applicable limitations on damages and the resolution of disputes. The Terms of Use are incorporated by reference into this Privacy Policy. If you are a California resident, please see Additional Information For California Residents for additional disclosures. Please read the following to learn more about how we use your personal data. For the purpose of the General Data Protection Regulation 2016/679 and any implementing legislation (the "GDPR"), BFK ARASTIRMA GELISTIRME YAZILIM BILGISAYAR SANAYI VE TICARET ANONIM SIRKETI (referred to as “BFK ARASTIRMA GELISTIRME YAZILIM BILGISAYAR SANAYI VE TICARET ANONIM SIRKETI”, “we”, “us”, or “our”) will be the data controller responsible for any personal data we process. If you have any questions or concerns about this Privacy Policy, including those related to exercise any of your rights, please contact us through the game’s Help & Support so we can reply to you more quickly.
The data controller: BFK ARASTIRMA GELISTIRME YAZILIM BILGISAYAR SANAYI VE TICARET ANONIM SIRKETI
Email: [email protected]

2. WHAT PERSONAL DATA WE COLLECT AND WHY?

We may source, use and otherwise process your personal data in different ways. In all cases we are committed to protecting your personal data. In each of the sections listed below, we describe how we obtain your personal data and how we treat it.

2.1 INDIVIDUAL CUSTOMERS

We collect personal data related to current, prospective, and former customers (“users”) of our Services.

2.2 REPRESENTATIVES OF OUR EXISTING OR PROSPECTIVE CORPORATE CUSTOMERS, BUSINESS PARTNERS, AND VENDORS

We may collect personal data related to employees, directors, authorised signatories, or other individuals associated with BFK ARASTIRMA GELISTIRME YAZILIM BILGISAYAR SANAYI VE TICARET ANONIM SIRKETI’s existing or prospective corporate customers, business partners, and vendors.

2.3 WEBSITE VISITORS

We may obtain your personal data from the following sources:

  1. from you directly (for example, at the time of subscribing to any services offered on our website, including but not limited to email mailing lists, interactive services, posting material); and/or
  2. from your device or browser through internet service providers, operating systems and platforms, and data analytics providers.

If you contact us, we may keep a record of that correspondence.

2.4 VISITORS TO OUR PREMISES

3. WHO DO WE SHARE YOUR PERSONAL DATA WITH

Our Partner Organisations and Service Providers
We may disclose information about you to organisations that provide a service to us, ensuring that they are contractually obligated to keep your personal data confidential and will comply with the GDPR and other relevant data protection laws.

We may share your information with the following types of service providers:

  1. technical support providers who assist with our website and IT infrastructure,
  2. software providers, including ‘software as a service’ solution providers, where the provider hosts the relevant personal data on our behalf;
  3. professional advisers such as solicitors, accountants, tax advisors, auditors and insurance brokers;
  4. providers that help us generate and collate reviews in relation to our goods and services;
  5. our advertising and promotional agencies and consultants and those organisations or online platforms selected by us to carry out marketing campaigns on our behalf and to advertise their own products or services that may be of interest to you.
    A list of our partners:
    • Tenjin: www.tenjin.io
    • Appsflyer: www.appsflyer.com
    • Adjust: www.adjust.com
  6. service providers that assist us in providing our services.
    Law enforcement or government bodies
    We may disclose your personal data as permitted by law in order to investigate, prevent or take action regarding illegal activities, suspected fraud, violation of our intellectual property rights, situations involving potential threats to the physical safety of any person, violation of our Terms and Conditions or other agreements, or as required by law.

4. TRANSFERS OF PERSONAL DATA OUTSIDE THE EU/EUROPEAN ECONOMIC AREA

We share your personal data with our affiliates and partners in the EU/EEA and outside the EU/EEA. Where a data transfer outside the EU/EEA is not covered by an EU Commission adequacy decision, we rely on lawful safeguards referred to in Art 46 et. seqq. GDPR. This mainly includes EU Commission-approved Standard Contractual Clauses which we enhanced by supplementary security measures such as ancillary individual risk-assessments, additional contractual safeguards and technical safeguards including additional encryption or pseudonymisation, to enable International transfers with BFK ARASTIRMA GELISTIRME YAZILIM BILGISAYAR SANAYI VE TICARET ANONIM SIRKETI affiliates and partners outside the EU/EEA. You will find the full text of the EU Commission-approved Standard Contractual Clauses through this link. Please feel free to contact us for additional information on third country data transfers as well as our safeguards and supplementary security measures.

We share personal data with external vendors or service providers or suppliers that we engage to perform services or functions on our behalf and under our instructions. Where these vendors are located within the EU, we ensure that they are contractually obligated to comply with the EU data protection rules. We also ensure in our contracts with these organisations that they only Process Personal Data in accordance with our instructions and in order to provide the agreed services and protect the integrity and confidentiality of your personal data entrusted to them.

We may also disclose personal data to our advisers, consultants, law enforcement and other public authorities (such as tax and social security bodies), the police, prosecutors, courts and tribunals. All these recipients are themselves responsible to comply with the EU data protection rules. Some of the vendors that we engage to are located outside the European Economic Area. Where the EU Commission did not recognise them as locations providing adequate protection for personal data, we rely on lawful safeguards as described above.

5. YOUR RIGHTS UNDER THE GDPR

You are entitled to obtain information from us on how we handle your personal data, to see copies of all personal data held by us and to request that your personal data is amended, corrected or deleted from our systems. You can also limit, restrict or object to the processing of your data.
We do not carry out any decision-making based solely on automated processing, including profiling.
If you gave us your consent to use your data, e.g. so that we can send you marketing emails or display personalised ads, you can withdraw your consent at any time. Please note that even if you withdraw your consent, we can still rely on the consent you gave as the lawful basis for processing your personal data before you withdrew your consent.
You can object to our use of your personal data where we stated we rely on our legitimate business interests to do so. We explained the legitimate interests we rely on in sections ‘Why do we collect your personal data and what are our lawful bases for it?’ above.