YOUZU GROUP, including but not limited to YOUZU GAMES HONGKONG LIMITED, Brand name Yoozoo Global and their affiliates, is responsible for the personal data that you share with us. YOUZU GROUP is the “data controller” for the purposes of applicable data protection laws. Our contact information is as follows:
DPO’s Email: DataProtectOfficer@yoozoo.com
1. What Data we collect:
- For playing our games on Android and iOS users can opt to login as guest (no signup required), via their Facebook account or their Apple sign in this is completely optional for all users. WE DO NOT ASK FOR YOUR PHONE NUMBER OR EMAIL TO PLAY OUR GAMES EVER.
- Data you provide during using Services:
Customer service: In order to respond to your inquiry or support request, we might ask for your basic information (including the game you play, role name and game zone), contact information, the detail of your request and communication record, and the purchase history record within the game.
Data we automatically collect:
- Data about your devices:
When you use the Services, we may automatically collect some device-related information accordingly to be specific:
Device data, including the operating system and its version, hardware and software versions, ISP and browser type, processing capabilities, manufacturer and model, language and other regional settings, unique device IDs and similar unique identifiers, screen resolution, other device attributes or similar settings; and
Data collected by your device, including geographic location, network environment information, device preference settings, and other data you allow us to collect by enabling permissions in your device’s setting.
- Data about your behavior
We may collect basic game behaviour data for improving your gaming experience such as but not limited to Session time, numbers, which game mode is being played etc. We never ask for any permission to access your microphone, camera or read your sms.
Data from third parties
We only collect limited Personal Data from third parties when you use the Services through their products or platforms. Such third parties include but are not limited to Apple, Facebook, Google, TAppsflyer. To be specific:
Third parties account information: we may collect third parties account open-id and authentication status when you login via third parties account or download our products on your device from third-party platforms; and
2. How We Use Your Personal Data
- We Do NOT collect your personal data unless you consent to login via Facebook. We in any case do NOT collect any personal email or phone number of any user unless contacted by customer on customer support.
- Legal grounds where a processing is required by law.
Legal Basis (for people from the EU): We will not process your Personal Data without a lawful basis to do so. We will process your Personal Data only on the legal basis of consent [as provided in Art. 6 (1) (a) of the GDPR], contract [as provided in Art. 6 (1) (b) of the GDPR], or on the basis of our legitimate interests [as provided in Art. 6 (1) (f) of the GDPR], provided that such interests are not overridden by
your privacy rights and interests.
- To provide products and Services and complete daily operation
To provide customer service, respond to inquiries, requests, problems, and support transaction process, we may process your account information, the data related to customer service, communication information and data collected by your device.
- To create a unique login
To save game progress is where users are given an option to login via Facebook account. Liability of users facebook account is only with the platform not Youzu Group.
3. How We Protect Your Personal data
- Data security management system
We have implemented reasonable security practices and procedure in accordance with section 8 of the Privacy Rules and data security management system that meets industry-standard, including organizational processes and technical solutions, to protect your personal data against unauthorized access, modification, copy, or deletion. For example, our network communication is encrypted and protected by HTTPS protocol. We have set up firewalls, WAF (web application firewall) and anti-DDOS flow cleaning devices at network boundary to detect and defend against web attacks. We have encryption mechanism and strict access control to protect data in database. Besides, we have implemented collaborative security defense system at both network and terminal level to protect the information system and the computing environment. In addition to the technical solutions, we also implemented information security management system, which is based on ISO27001, to set up policy, process and procedures which regulate employees’ daily information processing activities, such as access, modify, editing, storage, share, transfer and deletion. This system ensures that only authorized personnel can access the protected data, and can be used only in the authorized way. And we also provide training and arrange awareness raising activities about data security and privacy protection, so as to enhance employees’ awareness regarding the importance of personal data protection.
- Data security capabilities
For the security of your Personal Data, we adopt leading security technologies and continuously update our data security capabilities. To be specific, our data security capabilities include but are not limited to application layer encryption, network layer encryption, database encryption, network access monitoring, database access monitoring, host behavior monitoring, terminal behavior monitoring and tracking, and other technologies.
- Personal data protection suggestions
Even with our data security capabilities, the internet is still not an absolutely secure environment. We strongly recommend that you shall at least take the following steps to enhance the security of your account:
Avoiding sending Personal Data in an unencrypted way; and
Using complex passwords, which should include numbers, alphabet letters, special symbols, and avoid names, birthdays and similar information.
- Response to data security incidents:
We have implemented reasonable technical and organizational measures to safeguard your Personal Data. If unfortunately, any Personal Data breach or similar security incident happens, we will promptly take responses to control and mitigate the influence of the incident. According to mandatory requirements in applicable laws and regulations, we will timely inform you as needed and share with you the following information:
The nature and possible impact of the incident;
The name and contact details of the data protection officer or other contact point where more information can be obtained;
The measures taken or proposed to be taken by us to address the personal data breach, including, where appropriate, measures to mitigate its possible adverse effects;
The suggested actions you can take to eliminate or reduce risks; and
The remedial measures for you, where appropriate.
We will promptly inform you of the incident by mail, telephone, push notification, etc. When it is difficult to inform the affected data subjects one by one, we will take a reasonable and effective way to publish the announcement.
Besides, in the case of any security incident, we will actively and timely, where feasible, notify the incident to the competent supervisory authority according to requirements in applicable laws and regulations.
4. How We Share and Disclose Your Personal Data if we collect via 2.1 clause
will not share or disclose your Personal Data with any other commercial entity, organization or individuals, except for the following situations in accordance with section 6 of the Privacy Rules:
With your consent. We may disclose sharing or disclose your personal data when you provide us with your consent to do so;
Law enforcement bodies and courts. We disclose information in response to legal process, for example in response to a court order or a subpoena, or in response to a law enforcement body’s request. We also disclose such Information to third parties:
- in connection with fraud prevention activities;
- where we believe it is necessary to investigate, prevent, or take action regarding illegal activities;
- to protect our rights and the rights and safety of others; and
- as otherwise required by law.
Other third parties. Where permitted by law, we may also share information with authorized third parties for the following purpose in case of essentials: protect crucial public interest, statistics analysis, science or history research.
5. Global Data Storage and International Transfer
Our game servers are located in India all gaming related data is only located here for global audiences for games of yoozoo Global.
6. How You Can Manage Your Personal Data
Incase you have accidently shared your personal data with us via clause 2.1. If you want to ask us to restrict how we use your Personal Data you can send e-mail to DataProtectOfficer@yoozoo.com;
If you’re concerned with the way we process your Personal Data, or would like to submit a request regarding your Personal Data, such as asking for a portable and well formatted copy of your Personal Data, you can visit Support to submit your request, or find our contact information by visiting Contact Us, or send e-mail to DataProtectOfficer@yoozoo.com;
If you’re concerned with the cross-border data storage and transfer we described in section 6. Global Data Storage and International Transfer, and would like to submit a request to withdraw your consent, you can visit Support to submit your request, or find our contact information by visiting Contact Us, or send e-mail to DataProtectOfficer@yoozoo.com;
You shall have the right to object, on grounds relating to your particular situation, at any time to processing of Personal Data concerning you, which is based on public interest, or our legitimate interest, including profiling based on those two legal grounds; and
7. Children Personal Data Protection
Our games are not directed to children under 13 years of age. We will NOT knowingly collect or store personal data from children under 13. If you are under 13, do not download our games from any platform.
9. Limitation of Liability
10.Governing Laws and Disputes
Please click here to view the old version.
12. Contact Us
For any inquiries or concerns of our Services, you can visit http://support.gtarcade.com/ to contact our customer support team, or send e-mail to firstname.lastname@example.org, we will respond to you within 15 working days.
We have a privacy protection and management team to monitor and protect your personal data. If you have any questions or requests regarding the protection of Personal Data, please feel free to send email to: DataProtectOfficer@yoozoo.com.
13. Grievance Officer
In accordance with Information Technology Act 2000 and Privacy Rules made there under, contact details of the Grievance Officer are DataProtectOfficer@yoozoo.com