Privacy Policy

Welcome to Torno’s Privacy Policy!

The “Torno” app (“App”) is owned and operated by Torno Solutions Inc., having its office at 16192 Coastal Highway, Lewes, County of Sussex, Delaware,19958, United States (“Torno”, “us”, “we”, “our”). We take your privacy and the security of your information very seriously and therefore request you to kindly read the terms of this Torno Privacy Policy (“Policy”) very carefully. The Policy describes to users (“User” or “Users”, or “you” or “your”) how we collect, use, disclose, transfer, or otherwise process your personal data collected in connection with the App, or products or services which we operate now or develop or create in the future (the “Services”).  This Policy is an integral part of the Terms of Use of the Services (“Terms”) accessible here.

Users are requested to read this Policy in conjunction with the Terms.  We request you to review the most recent version of the Policy periodically. By using the Services, you agree to the handling of your information in accordance with this Policy. If you provide us with your information (directly or indirectly through our service providers) we will treat your information according to this Policy. If we need to use your personal data for any other purpose, other than as disclosed herein, we will update this Policy or ask for your previous consent, if necessary.

If you do not agree with this Policy in general or any part of it, please do not use our Services. By continuing to use the Services, you acknowledge and expressly agree to our collection, processing, storing, transfer and use of your information as described in this Policy.

  1. IMPORTANT TERMS
  • Personal data as defined under the General Data Protection Regulations (“GDPR”) of the European Union means any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
  • Usage data is data collected automatically either by the use of the Service or from the Service infrastructure itself (for example, the number of sessions, duration of sessions, etc.), as more particularly detailed in this Policy. Usage Data may include pseudonymous data or anonymized data, where applicable.
  • Data controller means the natural or legal person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data is, or is to be, processed. For the purpose of this Policy, we are a data controller of your personal data.
  • Data processors mean any natural or legal person who processes the data on behalf of the data controller. Such data processors usually refer to the service providers engaged by us. We use the services of various data processors in order to process your data more effectively, as more particularly detailed in this Policy.
  • Data subject is any natural person/individual whose personal data we process.
  1. CHILDREN’S PRIVACY
  • One Game respects the privacy of children. Our Services including the App is not intended or directed towards children under the age of 18. Please do not use our Services if you are under the age of 18.
  • We do not knowingly collect or solicit personal data from children under the age of 18. We are committed to complying with the applicable laws and regulations pertaining to protection of children.
  • In the event, it has been brought to our knowledge that we have inadvertently collected personal data from a child, we will delete that information as soon as possible. If you believe that we might have any information from or about a child, please contact us as described in the “Contact Us” section below.
  1. INFORMATION WE COLLECT
  • There are two broad categories of information that we collect – information Users provide to us and information we collect, as more particularly detailed below.
  • Please note that we do not, in any manner, collect any special category data such as racial or ethnic origin, political opinions, religious beliefs, genetic data, biometric data, data concerning health or data concerning user’s sex life or sexual orientation. If it has been brought to our notice that we have inadvertently collected any such special category data, then please contact us as described in the “Contact Us” section below and we will as soon as possible, delete such special category data.
  • Information Users Provide to us:
    1. We and our third-party service providers collect information that Users provide when using the Services, including when Users create an account and sign up for Services.
    2. To register an account on the Services, Users are asked to provide us with their mobile phone number and a valid referral code.
    3. To successfully log into the Services, Users will be required to provide the one-time password (“OTP”) sent to their registered mobile phone numbers, for which we may ask Users to give us the permission to read the OTP sent to their registered mobile phone numbers. The provision of this information is optional, and it is at Users’ discretion to either provide us with the requisite permission to access the OTP for auto-filling on the Services or the Users may choose to key in the OTP on their own.
    4. Users shall have the ability to complete their profile with additional information which is optional such as: display name/user name, profile picture, and gender and any other information that the Service provides the User to optionally fill out in the “Profile” section of the Services.
    5. Please note that certain information from your profile is public and therefore can be accessed by any other User such as your display name/user name, profile picture, referral codes and game coins. By including information in your profile, you understand that the information that is public can be used by any person or entity for their own purposes.
    6. There is also other information provided that depends on the type of account and the Services availed. For example, (i) Users will be required to provide their email address/mobile number to redeem the gift vouchers offered on the Services if a User collects minimum number of game coins; and/or (ii) payment information such as their bank account details, invoicing address, online payment service details and mobile payment service details is collected from Users when the Users redeem the game coins for fiat currency.
    7. We and our third-party service providers also collect the information you provide to us when you correspond with us including when you require customer support, submit questions or comments, rate the Services and other content you post using the Services. The information collected through this may include your email address, name, phone number, messages you sent to us and other information you choose to share with us. If you submit any information relating to other people in connection with the Services, you represent that you have the authority to do so and permit us to use the information in accordance with this Policy.
    8. We also collect your approximate location when you access our Service and when you authorise our Service, we also collect your precise location.
  • Information we collect from Users:
  • We and our third-party service providers collect personal data directly from Users of the Services including in the form of the actions they take and activities they complete when using the Services. For example, from all Users, we may collect information about patterns of usage such as number of games played, session duration and number of sessions.
  • We and our third-party service providers also use a variety of technologies, such as application programming interface (“API”), to automatically collect certain technical information from your mobile device over time and across different websites/applications.
  • The information we and/or our third-party service providers collect includes the following –
    1. Approximate Location Data, including your general geographic location based on your IP address.
    2. Gameplay content, including recordings of your gameplay and performance records.
    3. User ID, that you are automatically assigned when you register on our Services.
    4. Device IDs, such as IDFA and Android ID.
    5. Usage Data, including the time you launch the Services, the pages and content viewed, IP address, unique device identifiers, any adverts that you viewed and clicked on, the objects and links you clicked on and interacted with, and scrolling/gesture/tap information.
    6. Diagnostics Data, including any crash logs and usage and performance statistics.
    7. Tracking Technologies, like most mobile applications, we may use technologies, such as software development kits (SDK) and API as part of Services we deliver to you. We use these technologies to secure and improve our Services, to understand your preferences, collect information about your activity, and device and tailor our Services to your interests. We may also use these technologies to collect information when you interact with Services, we offer through one of our service providers, including advertisers and marketing vendors. You also may be able to reset device identifiers or opt-out from having identifiers collected or processed by using the appropriate setting on your mobile device. Depending on your jurisdiction, we get your permission before we set tracking technologies.
  • We collect different types of information for various purposes to provide and improve our Services, a detailed description of same is provided in Annexure A – Table for Legal Processing Activities, to this Policy.
  1. HOW WE USE YOUR INFORMATION
  • Use of your information

We and/or our third-party service providers may use the personal data collected from you to 

    1. allow you to register and create an account on the Services;
    2. provide, deliver, monitor, and improve our Services, which requires us to track third-party app installations (conversions) to award game coins, to Users based on their activity on the Services, enable in-app redemption of game points for gift cards and/or redeem game coins for fiat currency in the Users bank account or online payment service account or mobile payment services account;
    3. personalise our Services for you by providing you with personalised recommendations of games, features, tournaments, events available on the Services;
    4. market our Services on third-party platforms, including mobile applications and websites;
    5. offer participation in activities such as contests, tournaments, other digital events, determine winners and rank holders of various tournaments on the leaderboard;
    6. process your payments and update your account on the Services to reflect any balance coins, total winnings and game coin history;
    7. provide features and functionality of the Services such as in-app messages, push notifications, chat with us feature, and gameplay performance records;
    8. to send you service-related communication such as redeem confirmations on the Services, availability of new games, and tournament notifications;
    9. to inform and support our marketing and advertising activities, including helping us determine games, products, services and advertisements that may be of interest to you.
    10. meet operational and business transaction requirements like billing or invoicing, attribution of game installs, calculating the points won through such attribution, accounting, delivering prizes, promotions, and also calculating game coins won through your active usage and participation on the Services.
    11. detect behaviour anomaly, prevent fraud and secure our Services including the App. Additionally, we also use your personal data to monitor and detect fraud and other prohibited conducts or violations of the Terms.
    12. update features to better our Services and develop new products, games, tournaments and other offerings and services.
    13. create reports and develop insights about our business. We may use aggregated or anonymised data for such purposes.
    14. communicate with you about your preferences or address your grievances by providing you with technical and customer support as well as respond to your requests, complaints, or feedback.
    15. troubleshoot software bugs, patch errors, and maintain functionality of the Services.
    16. help train our machine learning and AI models to provide you with personalized content and user experience as well as for the purposes outlined in this Policy.
    17. comply with our legal obligations where we reasonably believe such action is necessary to comply with the applicable laws, reasonable requests of law enforcements, legal and regulatory proceedings, including the defence of legal claims and compliance with corporate reporting obligations.
    18. enforce our rights to monitor, investigate, prevent and/or mitigate violations of the Terms, this Policy as well as enforce our agreements with third party service providers and business partners.
    19. for any other lawful purpose or other purpose that you expressly consent to.
  • Legal basis

The legal basis for processing your personal data as described in this Policy will typically include one or more of the following –

    1. To perform our agreement with you and provide our Services to you and also in order to take steps at your request prior to entering into an agreement.
    2. To meet our legal obligations and compliance requirements under the applicable laws.
    3. For our legitimate interest in, for example, monitoring, promoting and improving Services we provide, providing you with technical and customer support, securing and protecting the Services, ensuring that your use of our Services is in accordance with the Terms and this Policy, analysing personal data and developing new products and services.
    4. To protect the vital interest of the Users of the Services, for example, in case of fraudulent activities being undertaken by the Users on the Services.
    5. Your consent, when required by applicable laws.
  • Our legal basis for processing your personal data for specific processing activities is more particularly described in Annexure – A to this Policy.
  1. SHARING OF INFORMATION
  • We do not sell your information to third parties without your express prior consent.
  • We share your information with third parties who help us in delivering and analysing our Services. These third parties are not authorised to retain, share, store or use the information shared by us for any purpose other than to provide the services they have been engaged to provide.
  • The service providers that we share your information with include:
    1. Service Providers: We engage various service providers to help facilitate delivery of the Services, which include those who we engage to give us hosting and storing services, operate our technical infrastructure, which is required to keep the Services operational, assist in helping us provide you with coins, protecting and securing our systems and Services, provide personalised content, to grow our business, for attribution of game installs, for reporting purposes, as well as helping us market the Services. These service providers also include our third-party professional advisors such as auditors, law firms, etc. The service providers that we engage are required by contract to have similar level of privacy protection as we do and are required to follow the same standards as this Policy and as far as practicable or as required by applicable law, we include the Standard Contractual Clauses as required under the GDPR in such service provider contracts.
    2. Advertising Platforms and Networks (commonly known as ‘ad networks’): We have partnered up with various ad networks to display advertisements on our Services.
    3. Analytics providers: We work with several providers that help us analyse and understand personal data and identify and develop trends, patterns, and insights to optimise and improve the Services and create new products or features. These service providers also help us track App usage and Users’ engagement with the Services including games available on the Services and gameplay to help us provide better games and services to youThese analytics providers also support billing and attribution by providing and analysing Gameplay Data.
    4. Payment gateways: We have partnered with various payment gateways who offer payment support. These payment gateways help us in processing payments to be made to you by transferring your game points to your bank account or mobile payment services or online payment services. Certain personal data is transmitted to these payment gateways for the purpose of processing any payments. The transmission of your payment information is automatic, and at no point do we, or any of our agents or employees, have the ability to review, access or retain such payment information. To process any of your customer support queries related to payment processing, and/or to map your User ID to your bank information, we retain certain information such as the last 4 digits of your bank account number in an encrypted format so that we can perform the contract with you. We are also required to retain your email address by some of our online payment service providers. For more information on how your payment information is processed, please see the terms and conditions and privacy policies of those payment gateways as more particularly detailed in Annexure -B.
    5. Gift Voucher Providers: From time to time, we may partner with various entities or individuals for provision of gift vouchers to the Users against redemption of the game coins won by the Users on the Service. Such partners will process the personal data provided by the Users at the time of such redemption to facilitate the delivery of the gift vouchers to the Users.
    6. The service providers and other partners we share your data with, and the processing of such data by such service providers and partners will be in accordance with their terms of use and privacy policies as more particularly detailed in Annexure -B.
  • We may also share your personal data in the following circumstances:
    1. Legal obligations, Law Enforcement, Regulators and Other Third Parties for Legal and Security Reasons: We may share your personal data with government bodies and law enforcement or where we believe that disclosure is in accordance with, or required by, any applicable law or legal process, including any contractual obligations of One Game or lawful requests by public authorities to meet national security or law enforcement requirements. If required or permitted to do so under the law, and if deemed necessary or warranted, we may provide notice to Users prior to the disclosure. We may also share your personal data when necessary to protect legal rights, property or safety of One Game, our Users or third parties in order to avoid fraud, hacking, identity theft, manage our risks or comply with applicable laws or legal orders. In these cases, we disclose personal data to comply with legal obligations or to protect the legitimate interests of One Game or affected third parties.
    2. Corporate Transactions and Affiliates: We may share your personal data in the event of corporate divestitures, mergers, acquisitions, bankruptcies, dissolutions, re-organisations, liquidations, similar transactions, or proceedings involving all or a portion of One Game. In these cases, the personal data may be shared with our subsidiaries or affiliates under common control and with counterparties as part of corporate transactions.
  • We may also disclose aggregated or anonymised information about Users along with information that does not identify any individual or device, except where limited by applicable laws. For example, we may use anonymized session duration data, number of game plays, number of sessions and aggregated information for statistical and machine learning purposes, to provide insights into developing or enhancing Services, for marketing and advertising and for other legally permissible purposes such as testing our IT systems and features.
  • For more information regarding the sharing of data with third parties please review the applicable sections below and notices within Annexure A or please contact us as described in the “Contact Us” section below.
  1. DATA TRANSFER, STORAGE AND RETENTION
  • We are based out of Delaware, United States of America (US) and store information collected from you on our or our third-party service providers’ servers located in US (currently being Amazon Web Services and Google Cloud). The information collected through the Services will be stored and processed in the US and any other country in which One Game or its affiliates or service providers operate or maintain facilities or for service efficiency purposes.
  • In case the information collected is processed or stored in territories that do not have the same data protection laws as your jurisdiction or that may not be as protective as in for example in the European Union (EU) including for service efficiency purposes and/or due to affiliates and third parties being located in such territories, we may transfer your personal data to a third country not being approved by the European Commission as a safe country for such transfer, to which you explicitly consent. Whenever applicable, we will use the Standard Contractual Clauses as required under GDPR to ensure an equivalent level of protection or other lawful grounds for carrying out said transfer.
  • We retain personal data for as long as required under applicable laws, as long as necessary to provide the Services to you and fulfil the transactions you have requested, to meet the purpose for which the personal data was collected or for other business purposes, to comply with our legal obligations, resolving disputes, and enforcing our agreements. We decide how long we need personal data on a case-by-case basis. We may consider, amongst others, the following factors when making retention decisions:
    1. Whether we need to keep some of your personal data to maintain your account on the Services;
    2. Whether we are required by law to keep some types of personal data for certain periods of time to comply with our legal obligations. For instance, we retain data pertaining to the game coins won and redemption history for some period of time to allow for matters such as accounting and tax reporting;
    3. Whether we need some of your personal data for other business purposes, such as to prevent harm and ensure safety and security of our Services; investigate possible violations of our terms and conditions of use; or protect ourselves; and
    4. Whether we need some of your personal data for our legitimate interest. For instance, it is in our legitimate business interest to help Users access the game coins earned and other features available on the Service, to prevent wrongful exploitation of our reward program and to identify returning Users whether those who were inactive or had stopped using our Services for a certain period of time and to restore their game coins, transaction history, and profile data.
  • Where we determine that the personal data which is collected is not required to be stored or retained in a manner in which a natural person can be identified using such personal data, we anonymise such personal data before further processing. The details of the information that we collect and subsequently anonymise before further processing is detailed in Annexure -A
  • Anonymized information may nonetheless persist internally in our backup, archive files or similar databases, and may still be used anonymized, for our internal support, administrative, and record-keeping purposes including, but not limited to, allowing us to improve the Services and other services we provide through research, evaluation, and analytics as permissible by applicable laws and for other purposes specifically outlined in this Policy.
  • We may also keep certain information in backup or archive records if required by law or if it is relevant to prevent fraud or future violations of our policies or for legitimate business purposes when permitted by applicable law. All retained data will continue to be subject to our Policy in effect at that time.
  • Specifically, we may destroy your personal data or store it separately if you do not interact with our Services for 5 (five) years.. Please note that if you have not interacted with our Services or do not use our Services for the time period as mentioned above or if you request for deletion of your account, it will also result in expiration/deletion of the game coins which you have won on our Services which have not been redeemed by you.  In the event we decide to maintain your information after you being inactive on our Services or after deletion of your account, we may anonymise such data and ensure that it is in a de-identifiable state, to the best of our ability and available tools.
  • Please note that any personal data about you stored or retained by a third party is subject to the third party’s terms of use and privacy policy and you must contact them directly to get your data deleted. The third parties that we have engaged for the purposes of delivering and analysing our Services, are listed out in Annexure – B along with the links of their terms of use and privacy policy.
  • Please note that the principles of data protection under GDPR do not apply to data that is anonymised i.e., information that does not relate to identified or identifiable natural persons or to personal data rendered anonymised in such a manner that a natural person is not or is no longer identifiable.
  1. DATA SECURITY
  • We care about the security of your information, and use appropriate physical, technical, and administrative security measures to preserve the integrity and security of your personal data collected by us through the Services. Where personal data is not anonymised, we use industry standard SSL (secure socket layer technology) encryption for personal data in transit. Other security safeguards include, but are not limited to, anonymisation, pseudonymisation, data encryption, firewall, and physical access controls to buildings and files. We also get periodic audits conducted of our security to apply best practices and reasonable industry standards.
  • Some of the precautions we take to protect personal data includes: (a) limiting employee/consultant access to personal data to only those employees/consultants with a need to such access to fulfil their job responsibilities; (b) requiring employees/consultants to sign confidentiality agreements upon hiring; (c) conducting regular employee/consultant privacy and data security training and education; and (d) protecting personal data with commercially reasonable technical, contractual, administrative, and physical security safeguards.
  • At registration, we assign a User ID to each account on our Services and use those User IDs to authenticate logins, allow access to the different game levels, tournaments and to monitor compliance. The User ID is also used to authenticate Users when requesting customer and technical support. Access to information is limited to those employees/consultants who require it to perform their job functions.
  • Although we endeavour to deploy state of the art security measures, tools and practices, we cannot ensure or warrant that any of your information will not be subject to any unlawful disclosure as no data transmission over the internet can be guaranteed to be completely secure. Moreover, we are not responsible for the security of information you transmit to the Services over networks that we do not control, including the internet and wireless networks. If you have reason to believe that your interaction with us is not secure, please contact us as described in the “Contact Us” section below.
  • In the event that any information under our control is compromised as a result of a breach of security, we will take reasonable steps to investigate the situation and notify you and the relevant data authorities that information has been compromised if and as required under the applicable laws or deemed necessary and appropriate under the circumstances. We will also take reasonable steps, in accordance with the applicable laws and regulations.
  1. YOUR RIGHTS
  • We aim to take reasonable steps to allow you to correct, amend, delete, or limit the use of your personal data. You can edit certain information with respect to your profile on our Service at any time in accordance with the mechanism provided under the Terms.
  • In certain circumstances, you have the following data protection rights which can be exercised by you by contacting us at the contact information provided in the “Contact Us” section below –
    1. Access: You have the right to request a copy of the personal data that we process about you. However, there are exceptions to this right, so that access may be denied if, for example, making the information available to you would adversely affect the rights and freedoms of another person or User, or if we are legally prevented from disclosing such information, or if we only store such information about you in an anonymised or aggregated manner where we cannot identify the particular User to whom the data belongs to.
    2. Accuracy: We aim to keep your personal data accurate and complete. We encourage you to keep us informed about changes that you would like reflected in our records. You are also able to update, correct or rectify certain inaccurate personal data in accordance with the mechanism provided in the Terms.
    3. Objecting: You have the right to object to processing of your personal data. You may ask us to erase or limit the use or other processing of your personal data where we relied on your consent to process your personal data by contacting us via the contact information provided in “Contact Us” section unless another legal basis for processing and retaining this data exists or applicable law requires us to retain the data.
    4. Rectification: You have the right to request the rectification of inaccurate personal data and, taking into account the purposes of the processing, to complete your personal data. You are also able to update, correct or rectify certain inaccurate personal data in accordance with the mechanism provided in the Terms.
    5. Data Portability: Provided further legal requirements are fulfilled, you have the right to request that some of your personal data is provided to you, or, where technically feasible, to have your personal data transmitted to another provider should you wish to stop using our Services in favour of another, in a structured, commonly used and machine-readable format.
    6. Erasure: You have the right to erase or request that we erase your personal data as far as legal requirements for erasure are fulfilled, such as when your personal data is no longer necessary for the purposes for which it was collected or where we have relied on your consent to process your personal data.
    7. Automated Decision-Making: As far as further legal requirements are fulfilled, you have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
    8. Opt-out of Marketing Communications sent by One Game: You can opt-out of receiving push notifications through your device settings. Please note that opting out of receiving push notifications may impact your use of the Services. For instance, you may not be notified when redemption of game coins does not go through for any reason.
    9. The Right to Withdraw Consent: Where you provided us with your consent and where we relied on your consent to collect and process your personal data, you may withdraw your consent to the collection and processing of personal data at any time by sending a written request to the contact details provided under the ‘Contact Us at ’ section in this Policy. Withdrawing consent may impact your use of whole or part of the Services, such as access to certain Services including games and eligibility for winning and/or redeeming game coins. We may still be able to process the personal data for which you have withdrawn your consent if any other legal basis applies for collection and processing of such data or if required under the applicable laws.
  • We will handle your request for exercising your data protection rights in accordance with the applicable laws. If we cannot provide you with access to your personal data, we will inform you of the reasons why, subject to any legal or regulatory restrictions. Please note that we may ask you to verify your identity before responding to such requests. Some of these rights only apply in certain circumstances and in many cases, are limited by law. For example, where fulfilling your request will adversely affect other individuals or our trade secrets or intellectual property, where there are overriding public interest reasons or where we are required by law to retain your personal data. We will respond to your requests to exercise these rights as required by applicable law.
  • You also have the right to complain to the relevant data protection authority about our collection and use of your personal data. However, we invite you to contact us with any concern, as we would be happy to try to resolve it directly. For more information, please contact your local data protection authority in the country in which you reside, or where you think an infringement of data protection laws occurred.
  1. CHANGES IN THE POLICY
  • We may periodically update this Policy to reflect the existing practice and to ensure compliance with the applicable laws. We may change or otherwise modify this Policy to reflect changes to our Services or changes to the applicable laws. If we modify this Policy, we will update the “Last Updated” date which can be found at the top of this Policy.
  • If we make any material changes to the way we collect, use, store and/or share your personal data, we will notify you by prominently posting a notice of the changes on the Services or through push notifications on the Services. We highly recommend that you check this page from time to time to inform yourself of any changes.
  • By continuing to use the Service after receiving such updates, you agree to comply with, and to be bound by such updated Policy.
  1. CONTACT US 
  • If you have any legal queries, please write to our legal team at legal@tornogames.com.
  • To exercise applicable data protection rights or have any questions or comment about this Policy and our privacy practices to the extent you may enjoy any data subject rights as per the privacy laws applicable to you, please reach out to our data protection officer at legal@tornogames.com.

ANNEXURE A

TABLE FOR LEGAL PROCESSING ACTIVITIES

PURPOSE FOR PROCESSING DATA CATEGORY LEGAL BASIS FOR PROCESSING DATA CATEGORY – ANONYMISED OR ENCRYPTED
Creation and setting up of account, help you log in and to provide access to and deliver our Services Phone number, User ID (which is automatically assigned on registration), gender, profile picture and any other information that the User chooses to share in the ‘Profile’ section of the Services (“Account Data”)

Processing is necessary for performance of a contract with the user (i.e., creation of an account) and take steps prior to entering a contract with Users. Without this information, we will not be able to provide Services which the Users have requested.

It is in our legitimate interest to verify your identity or conduct appropriate checks for fraud prevention and detection before authenticating you and granting you access to the Services.

Where required by applicable laws we will obtain your consent. Processing is necessary for compliance with our legal obligations.

Encrypted

To maintain and improve the Services, manage, and analyse the functioning of the Services, conduct our business and for administrative purposes.

We use this information to gauge market interest in different geographic regions to assist in product road-mapping, positioning and inform and tailor our Services and marketing.
IP address (including approximate location and country), exact geolocation data (including longitude and latitude), mobile device identifier, device IDs such as IDFA and Android ID, advertising identifier (e.g. Google advertising ID) or other unique identifiers, data about your operating system, device model and device language, log data (e.g. network connection type, applications connected to the Services) (“Device Data”).

It is in our legitimate interest to maintain, improve and tailor our Services in order to provide you with the best possible Services. 

 

The processing is necessary for our legitimate interests (to define types of customers for our products and services, to keep our Services updated and relevant, to develop our business and to inform our marketing strategy).

Where required by applicable laws we will obtain your consent.
Encrypted
Enabling you to redeem game coins earned on our Services.

Account Data

Payment information such as your bank details, online payment service details such as PayPal or mobile payment service details such as Venmo, Stripe, etc (“Payment Data”)

Email address which we are required to collect by our online/mobile payment service providers.

We collect data when you play and engage with games on our Service, game achievements, statistics and information on bugs and malfunctions.

Device Data (with precise geolocation)

Session ID, information on how you access the Services (including time you launched the Services, any adverts that you viewed or clicked on including User click timestamp, the objects and links you clicked on and interacted with, scrolling information, frequency, what time, how long and from which device(s)), and your approximate location or the country from which you are accessing the Services (“Usage Data”)

Processing is necessary for the performance of a contract with the User (i.e. providing you with the ability to redeem game coins).

Processing is necessary for TORNO to enable you to redeem game coins and to prevent abuse of game coin system. You may object to providing your email address; however, this may mean that you will not be able to redeem game coins.

Where required by applicable laws, we will rely on User consent.

It is necessary to protect vital interest of Users for example by identifying and preventing addictive behaviour.

It is in our legitimate interest to identify and prevent fraud and distinguishing between human and bots.

Processing is necessary for compliance with our legal obligations, for example to comply with any accounting and business laws.

Encrypted
Personalisation of ads and targeted advertising and to track the effectiveness of any advertising

Account Data

Device Data

Gameplay Data

It is in our legitimate interest to track and measure the effectiveness of any advertising, delivering interest-based advertisements and to tailor our Services so it is more relevant to our Users.

Where required by applicable laws we will obtain your consent.

Anonymised

Personalisation of the Services, building User profiles, customising, adapting, and personalising Users’ viewing of the Services and content/game consumption experience.

We use information about how you use and connect to our Services to tailor how we present our Services to you on your device.

We use this information to monitor and measure the performance of our Services.

Account Data

Device Data

Gameplay Data

Usage Data

It is in our legitimate interest to provide you with a Service personalized to your needs and tailor how we present our Services to the you and determine what products and Services may be of interest to you.

The processing is necessary for our legitimate interests (for running our business, provision of administration and IT services and network security).

Where required by applicable laws we will obtain your consent.

Encrypted
Display gameplay statistics, your Display Name/Username, User ID on the leaderboard, high scores, win records, streaks, game coins earned and track game engagement and user preferences

We collect data when you play and engage with games on our Service, game achievements, statistics and information on bugs and malfunctions, gameplay content including user game scores, recordings of your gameplay and performance records (“Gameplay Data”)

Account Data.

Usage Data

The processing is necessary for the performance of a contract with you.

It is to protect the vital interest of Users by detecting bots and preventing fraud and cheating.

Where required by applicable laws we will obtain your consent.

Encrypted
Monitor and analyse usage and activity trends including in-app searches, including measuring the effectiveness of our Services and marketing campaigns

Account Data

Device Data

Gameplay Data

Usage Data

It is in our legitimate interest to monitor and analyse the use and effectiveness of our Services in order to improve our Services.

It is to protect the vital interest of Users by detecting bots and preventing fraud and cheating.

The processing is necessary for the performance of a contract.

Where required by applicable laws we will obtain your consent.

Anonymised

Sending promotional communications, surveys, planning our promotion strategy, participating in User testing.

We use this information to develop existing products and create new products or otherwise improve our Services.

Account Data

Device Data

Gameplay Data

Usage Data

It is in our legitimate interest to keep you updated on our existing and new Services by sending you relevant marketing communications and surveys, and by processing the data that we collect in this respect or via User testing.

Where required by applicable laws we will obtain your consent.

Encrypted
To send you push notifications, SMS alerts for OTP verification, and other types of notifications on your device

Account Data

Device Data

The processing is necessary for the performance of a contract with you.

Where required by applicable laws we will obtain your consent.

Encrypted

Customer service, including when contacting us in-app chat with us feature or through email.

We use this information to develop existing products and create new products or otherwise improve our Services.

Account Data

Email address

Device Data

The processing is necessary for our legitimate interests, namely communicating with Users and responding to queries, complaints and concerns.

The processing is necessary for our legitimate interests, namely to develop our products/Services.

The processing is necessary for the performance of a contract.

Where required by applicable laws we will obtain your consent.

Encrypted
Security and fraud prevention

Account Data

Device Data (including exact geolocation with longitude and latitude)

Usage Data

It is in our legitimate interest to keep our platform safe and secure and to protect our Services from fraud, and to protect your personal data and our systems from any security incidents or personal data breaches.

Where required by applicable laws we will obtain your consent.

Encrypted
Identification and Rectification of errors Crash logs including information about usage and performance statistics, network speed, the time that certain features take to launch and errors or delays in using certain features. It is in our legitimate interest to identify and fix errors in the Services to provide smooth Services to the Users. Anonymised
We use all the personal data we collect to communicate with you, to monitor, operate, maintain and improve our technology and related services and business and to help us develop new products and services. All personal information set out above The processing is necessary for our legitimate interests, namely, to administer and improve our Services. Encrypted

ANNEXURE B

THIRD PARTY SERVICE PROVIDERS

Sr. No. Name Links
1. SMS Services – Twilio

Terms of Service: https://www.twilio.com/en-us/legal/tos

Privacy Policy: https://www.twilio.com/en-us/privacy

1. Amazon Gift Card

Terms of Use: https://www.amazon.in/gp/help/customer/display.html?nodeId=GNG9PXYZUMQT72QK

Privacy Policy: https://www.amazon.com/gp/help/customer/display.html?nodeId=GX7NJQ4ZB8MHFRNJ

2. Amazon Web Services

Terms of Service: https://aws.amazon.com/service-terms/

Privacy Policy: https://aws.amazon.com/privacy/

4. Unity

Terms of Service: https://unity.com/legal/terms-of-service

Privacy Policy: https://unity.com/legal/privacy-policy

5. Google Cloud

Terms of Service: https://cloud.google.com/terms

Privacy Policy: https://cloud.google.com/terms/cloud-privacy-notice

6. Google Firebase

Terms of Service: https://firebase.google.com/terms

Privacy Policy: https://firebase.google.com/support/privacy

7. AdMob

Terms of Service: https://www.google.com/adsense/new/localized-terms

Privacy Policy: https://policies.google.com/privacy?hl=en

8. Unity Ads

Terms of Service: https://unity.com/legal/one-operate-services-terms-of-service

Privacy Policy: https://unity.com/legal/privacy

9. Ironsource

Terms of Use: https://www.is.com/terms-of-use/

Privacy Policy: https://developers.is.com/ironsource-mobile/air/ironsource-mobile-privacy-policy/#step-1

10. Meta

Terms of Service: https://m.facebook.com/legal/terms

Privacy Policy: https://www.facebook.com/privacy/policy/?entry_point=data_policy_redirect&entry=0

11. Mintegral

Terms of Service: https://adv.mintegral.com/files/advertiser-terms-of-service.pdf

Privacy Policy: https://www.mintegral.com/en/privacy

12. AppLovin

Terms of Service: https://www.applovin.com/terms/

Privacy Policy: https://www.applovin.com/privacy/

13. Inmobi

Terms of Service: https://www.inmobi.com/terms-of-service

Privacy Policy: https://www.inmobi.com/privacy

14. Liftoff

Terms of Service: https://liftoff.io/terms-of-service/

Privacy Policy: https://liftoff.io/privacy

15. Appodeal

Terms of Service: https://appodeal.com/terms-of-service/

Privacy Policy: https://appodeal.com/privacy

16. Google ad exchange

Terms of Service: https://support.google.com/adspolicy/answer/

Privacy Policy: https://policies.google.com/privacy?hl=en

X