PRIVACY AND DATA PROTECTION POLICY

Last updated 8 April 2026
Press to go directly to Children’s Privacy and Safety

ALL DATA SUBJECTS ARE REQUIRED TO READ THIS PRIVACY AND DATA PROTECTION POLICY TO UNDERSTAND HOW COMPANY COLLECTS, USES, PROCESSES AND STORES PERSONAL DATA WHILE CONDUCTING ITS ACTIVITIES AND WHAT SECURITY MEASURES ARE BEING APPLIED.

1. Purposes and Scope of Policy.

a. Purposes. This Privacy and Data Protection Policy regulates the relationships between TURBO ROCKET GAMES LLC (hereinafter referred to as “the Company”, “we”, “our”) and Users, employees, contractors, stakeholders etc. (hereinafter referred to as “the Users” or “the other Data Subjects”) regarding the collection, use and processing of the Users` Personal Data.

b. Scope. This Privacy and Data Protection Policy (“the Policy”) of the Company applies within all affiliates of the Company which are under the legal authority, under the supervision of or controlled by the Company.

c. Compliance. While conducting its activities, TURBO ROCKET GAMES LLC adheres to all conditions and requirements stipulated by the current legislation of the USA and European legislation, including but not limited to the GDPR, as well as by other international acts concerning data protection.

2. Definitions.

“Automated decision-making” means the ability to make decisions by technological means without human involvement.

“Advertising contractors” means the Company’s contractors, namely Unity Technologies (“Unity”), and KIDOZ Limited (“KIDOZ”), Azerion Technology B.V. (“Azerion”). These contractors provide contextual advertising within our Games without collecting any Personally Identifiable Information, including Persistent Identifiers.

“Child” means:

· outside the EU: person under the age of 13 years old;

· within the territory of the EU: person under the age of 16 years old.

“Data controller” (“controller”) means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the using and processing of Personal Data.

“Data processor” (“processor”) means a natural or legal person, public authority, agency or other body which processes Personal Data on behalf of the controller;

“Data Protection Authority” (hereinafter referred to as “the DPA”) means an independent public authority which is established by a State and is responsible to monitor the compliance with the applicable laws in order to protect the fundamental rights and freedoms of Data Subjects regarding the collecting, using and processing of their Personal Data and to facilitate the free flow of Personal Data. For the purposes of this Policy, DPA means a German Data Protection Authority, namely the Federal Commissioner for Data Protection and Freedom of Information.

“Data Subject” means any living individual who is the subject of Personal Data held by the Company, including Users and other independent contractors/employees and other stakeholders.

“Data Subject consent” means any freely given, specific, informed and unambiguous indication of the Data Subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of Personal Data.

“Filing system” means any structured set of Personal Data which are accessible according to specific criteria, whether centralized, decentralized or dispersed on a functional or geographical basis.

“Game” means the game produced by the Company, which is available for Services provided.

“Persistent Identifiers” means any identifier that can be used to recognize a User over time and across different websites or online services. This includes, but is not limited to, cookies, device IDs, IP addresses, device serial numbers, unique device identifiers, or any other unique identifier that allows tracking of a User across sessions or services.

“Personal Data” or “Personally Identifiable Information” means any information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with natural person (also referred to as “individual”, “Data Subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. This includes data of an identified natural person used to formulate behavioral profiles of this particular person. This also includes personal data collected online from a child as defined under the Children’s Online Privacy Protection Act (hereinafter referred to as “the COPPA”), including any information that can be used to identify or contact a child.

“Personal Data breach” means a breach of security leading to the accidental, or unlawful, destruction, loss, alteration, unauthorized disclosure of, or access to, Personal Data transmitted, stored or otherwise processed.

“Processing” means any operation or set of operations which is performed with the Personal Data or with sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

“Profiling” means any form of automated processing of Personal Data intended to evaluate certain personal aspects relating to a natural person, or to analyze or predict performance of that person at work, economic situation, location, health, personal preferences, reliability, or behavior.

“Services” means services provided by the Company that include:

· creation of an account which makes it possible to associate the User’s game progress with him/her and save it on the Company’s servers;

· providing support with authorization, account management, account security, Game client software errors, in-game problems, in-game purchases, and bans (technical and player assistance).

“Special categories of personal data” (hereinafter referred to as “the sensitive data”) means Personal Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade-union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.

“Third party” means a natural or legal person, public authority, agency or body other than the Data Subject, controller, processor and persons who are authorized to process Personal Data under the direct authority of the controller or processor.

“User” means the Data Subject, who has downloaded and/or played the Games, including children whose Personally Identifiable Information is processed by the Company in accordance with applicable child privacy laws.

3. General Provisions.

a. Legal bases. The Company may receive Personal Data from the Users or from its contractors in order to deliver its contractual obligations. If the Company receives Personal Data directly from Users, such Personal Data is processed in accordance with applicable legal bases, which may include the performance of a contract, compliance with legal obligations, legitimate interests, or consent, where required by applicable law. For child users, the Company processes Personal Data in accordance with applicable child privacy laws, and provides parents or guardians with direct notice and appropriate rights to review, manage, and delete their child’s Personal Data, as described in this Policy. If the Company receives Users` Personal Data from contractors or other third parties, those parties have to obtain the Users` consent to transfer such Personal Data to the Company for the purposes of further processing.

b. Personal Data Inclusions. Personal Data includes data of an identified natural person used to formulate behavioral profiles of this particular person. Personal Data includes anonymized data if the process of anonymization to which such data were submitted has been reversed, using exclusively its own means, or if such data can be reversed applying reasonable efforts. For the purposes of this clause, determination of what the reasonable efforts are shall take objective factors into account, such as cost and time necessary to reverse the process of anonymization, depending on the available technology, and the exclusive use of its own means.

c. Applications. The Users have a right to apply to the Company or to the appropriate Data Protection Authority as to his/her Personal Data breach if he/she becomes aware of it earlier than the Company.

d. Selling or Disclosing of Personal Data. The Company warrants that it neither sells nor discloses for business purposes Personal Data of its Users, including persons who are less than 16 years of age, to any legal persons, individuals or third parties and complies with other requirements of the applicable laws in this regard.

4. Compliance.

The Company undertakes the following actions in order to ensure compliance with the accountability principle of the applicable laws:

a. The legal basis for processing Personal Data is clear and unambiguous;

b. All staff involved in handling Personal Data understand their responsibilities for following good data protection practice;

c. Training in regard of data protection has been provided to all the staff;

d. Rules regarding consent are followed;

e. Necessary means are available to Data Subjects wishing to exercise their rights regarding Personal Data, and such enquiries are handled effectively;

f. Regular reviews of procedures involving Personal Data are carried out;

g. Privacy by design is adopted for all new or changed systems and processes;

h. These actions are being reviewed on a regular basis as part of the management process concerned with data protection.

i. The Company has developed all internal documents to define roles concerning Personal Data processing within the Company among the staff.

5. Principles of Processing.

a. Lawfulness, Fairness and Transparency. Personal Data is processed on a lawful basis of our legitimate interest and your consent, with all the information regarding the processing of Personal Data available to Data Subjects and on a basis of accessible, easy-understandable, clear and plain-language communication with Data Subject relating to the processing of Personal Data.

b. Purpose Limitation. Personal Data is collected strictly for purposes specified via this Policy and is not further processed in a manner that is incompatible with them, except as for the purposes of public interest, statistical, scientific or historical research.

c. Data Minimization. Personal Data is collected strictly within the amounts necessary for the purposes for which they are processed.

d. Accuracy. Personal Data is accurate and kept up to date. The Company ensures that inaccurate Personal Data is erased or rectified without delay.

e. Integrity and Confidentiality. Personal Data is processed by the Company in a manner that ensures an appropriate level of security of Personal Data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures.

6. Purposes of Processing.

a. Purposes of the Company. Personal Data of the Users are collected by the Company for such purposes as:

1. creation of an account, which makes it possible to associate the User’s game progress with him/her and save it on Turbo Rocket Games LLC’s servers;

2. providing support with authorization, account management, account security, Game client software errors, in-game problems, in-game purchases, and bans (technical and player assistance) to the User.

3. conducting analytics for improving the Games and enhancing the User experience.

b. Purposes of Contractors. Company’s contractors may process Users` Personal Data for such purposes as:

1. displaying advertising materials provided to target market (contextual advertising) within Games;

2. ensuring the Users’ possibility to send a request to our Company;

3. for any other purposes that the contractors establish themselves.

c. Disclaimer.

1. The Company does not collect, use or process Personal Data for any other purposes except as specified herein.

2. Personal Data of the Users within the EU are not collected by the Company or its contractors for the purposes of marketing and advertising. Advertisements provided are context-specific and do not require Personal Data.

3. The Company is not liable for the processing of Personal Data conducted by the Company’s Advertising contractors.

7. Personal Data.

a. Collected Data. While conducting its activities, the Company collects, uses and processes the following Personal Data of the Users:

1. E-mail address.

2. Unique nickname.

3. IP address. The Company uses the User’s IP address to define their country while the User creates an account, and displays the field pre-filled for them. The Company does not process or store the User’s IP address after account registration.

4. State of location and age information. Personal Data concerning the User’s state of location and age are stored on their mobile device. The Company may have access to these Users’ Personal Data only provided that the User has created an account and given consent to the processing of his/her Personal Data.

5. Analytics data. The Company may collect additional information for analytics purposes, including country, language, device name, screen resolution, operating system name and version, in-game events (e.g., session start, in-game actions), game performance, device model, device operating system, and device screen size.

Important: We may collect and provide Advertising contractors with a limited set of technical data (e.g., device screen size or country), without revealing any Personal Data or Personally Identifiable Information that is necessary for contextual advertisements.

We collect Personally Identifiable Information from children only as permitted under applicable child privacy laws, as further described in clause 10(c) of this Policy. Any sharing of such data is conducted in accordance with clause 20(b) of this Policy.

b. Role of the Company. While collecting and processing Personal Data of the Users, the Company acts as the joint controller together with its Advertising contractors, and the corresponding range of the controller`s rights and responsibilities arises.

c. Disclaimer.

1. The Company does not collect and/or use and/or process any sensitive data.

2. The Company is not responsible for how the Advertising contractors process Personal Data they collect from the Users.

3. The Company does not use automated decision-making.

8. Lawfulness of Processing.

a. Moment of Collection. Users’ Personal Data are collected by the Company while the appropriate User is registering in the Game. Users’ Personal Data are collected by the Company’s Advertising contractors while the appropriate User is launching the Game for the first time. Herewith, Personal Data are being collected based on the Users’ consent providing of which is specified herein.

b. Consent Request Form. The Company processes Personal Data in accordance with applicable data protection laws and on the basis of consent that must be obtained from the User. Consent is to be provided by filling-in the Consent Request Form, which the Company provides the appropriate User with.

c. Privacy Notice. Company provides the User with the Privacy Notice, which contains, including but not limited to, the precise information concerning the purposes of processing and the information on methods of processing, as well as on the period for which such Personal Data are to be stored. Privacy Notice is to be provided to the Users within the Game before the appropriate consent/registering form is filled in.

d. Obtaining Consent. The consent is considered to be provided to the Company after the User has placed the tick in front of the “I accept” button on the appropriate Consent Request Form provided by the Company through the Game for each separate purpose of processing of Personal Data.

e. Essence of Consent. By giving consent, the User acknowledges and accepts all terms and conditions specified in the Privacy Notice and Consent Request Form, as well as all the conditions specified in this Policy.

f. Obligation of Company. The Company shall be able to demonstrate that consent was obtained in accordance with the provisions of the applicable laws for each processing operation if it is required by the supervisory authority.

g. Legitimate interest. Our Company may collect Personal Data like necessary cookies for ensuring the functionality of the website.

9. Use of Cookies.

We use cookies and other tracking technologies on our website (“the Website”) for a number of purposes, including enabling the functionality of the Website, enhancing user experience and understanding the online behavior of people who interact with our Website.

We do not use cookies to identify you directly. We only use cookies for the following purposes:

Necessary: these cookies and other tracking technologies are essential for your use of the Website and our compliance with applicable data protection laws. We can use them to provide the basic functions of the website.

Functional: these cookies enable our Website to remember choices that you make, i.e., to optimize the chatbot functionality or language choices.

To learn more about cookies, please read our Cookies Policy.

10. Users` Age.

a. Applicable Laws. As regards the matters of the Users` age, the Company adheres to the provisions of GDPR and COPPA.

b. Permissible Processing. Company collects, uses and processes Personal Data obtained on the basis of consent from the Users who have reached:

1. outside the EU, the age of 13 years old;

2. within the territory of the EU, the age of 16 years old.

c. Personal Data of Children. Company does not process Personally Identifiable Information of сhildren, except as permitted under applicable child privacy laws. In such cases, the Company provides parents or guardians with direct notice regarding the processing of their child’s Personally Identifiable Information and ensures that parents or guardians have the right to review, manage, and request deletion of such Personal Data.

d. Notification of Violation. The Company asks the Users to send feedback by email to the Company if the Users know that the Company processes Personally Identifiable Information of a child. After receiving such feedback, the Company will delete such Personal Data immediately.

e. Disclaimer. The Company will not be liable for any consequences if it becomes clear that the User has not reached the age of 16 at the moment of the consent being provided.

f. Limitations. Company does not condition the participation of Data Subjects who are the children to games, internet applications or other activities in exchange for the provision of Personal Data except if it is strictly necessary for the activities which Company conducts.

g. Website Users’ Age.

1. The use of the Website shall be lawful if a person is at least 13 years old.

2. Any use of the Website by a person under 13 years is unlawful and constitutes a violation of the Company’s Terms of Use and Privacy and Data Protection Policy.

11. Advertisement Serving

a. General Information. Our Games may contain advertisements served by Advertising contractors defined in this document.

b. Contractor. Our Games may display advertisements served by Azerion Technology B.V. (“Azerion”), Unity Technologies (“Unity”) and KIDOZ Limited (“KIDOZ”), which are the providers of kid-safe advertising services that are designed specifically for the compliance requirements of younger audiences, including those aged under 13. Azerion, Unity and KIDOZ place contextual advertising on our Games without collecting any Personally Identifiable Information, including Persistent Identifiers.

c. COPPA Compliance. Azerion (through SuperAwesome SDK) and KIDOZ are certified as COPPA-compliant by the kidSAFE Seal Program, an FTC-Approved COPPA Safe Harbor Program. Please visit www.kidsafeseal.com for more information. Unity complies with COPPA requirements for operators of applications directed to children under 13 y.o. Please visit docs.unity3d.com/Manual/UnityAnalyticsCOPPA.html for more information.

d. GDPR Compliance. Azerion (through SuperAwesome SDK), Unity and KIDOZ also provide advertising services in compliance with the General Data Protection Regulation (EU 2016/679). Adopting an approach of “privacy by design and by default”, Azerion, Unity and KIDOZ utilise proprietary technologies so that it neither collects, stores, nor shares your Personal Data to provision advertisements or target advertising to you.

e. CCPA Compliance. Azerion (through SuperAwesome SDK), Unity and KIDOZ also provide advertising services in compliance with the California Consumer Privacy Act. Azerion, Unity and KIDOZ ensure the fulfillment of the consumers’ rights to opt out of the sale of your personal information, request the deletion of certain personal information, and/or request a disclosure of personal information from the company.

f. Certification. Azerion (through SuperAwesome SDK) is a valid licensee and participating member of the Entertainment Software Rating Board’s Privacy Certified Program (“ESRB Privacy Certified”). To protect your privacy, Azerion (through SuperAwesome SDK) has voluntarily undertaken this privacy initiative, and its services have been reviewed and certified by ESRB Privacy Certified to meet established online information collection, use and disclosure practices. As a licensee of this privacy program, Azerion’s services are subject to frequent audits and other enforcement and accountability mechanisms administered independently by ESRB Privacy Certified.

g. Contact Information.

You may contact Azerion directly at [email protected], on + 31 20 760 2040, or by post: Privacy Team, Azerion Technology B.V., Boeing Avenue 30, 1119 PE Schiphol-Rijk, The Netherlands.

You may contact Unity directly at [email protected], on +14155393162 or by post: Privacy Terms, Unity Technologies, 30 Third Street, San Francisco, CA 94103 USA.

You may contact KIDOZ directly at [email protected], on the online contact form available at kidoz.net/contact-2/ or by post: Privacy Terms, №16, 6-9 Bridgewater Square, London, EC2Y8AG, UK.

12. Subscriptions (Wild Club)

The Company offers optional subscription features (Wild Club subscription). Subscription purchases are processed by third-party app store providers, including Apple, Google, and Amazon.

In connection with subscription features, the Company may receive and process limited subscription-related information from the applicable app store provider, such as the subscription status, start and end dates, and a transaction or receipt identifier, solely for the purpose of enabling subscription functionality within the Game.

Parents and guardians may manage subscription purchases through the applicable app store and control access to subscription-related features through the Parental Dashboard.

13. Request Handling.

a. General Information. To provide the possibility of making requests by our Users, we use services provided by our contractors. Zendesk helps us keep track of your tech support and data subject requests, and processes multiplayer nickname and account nickname (to identify you and contact you in case of further questions and request-related communication), IP address (to identify your non-precise geolocation so we can tailor our support services to you).

b. Contractor. There are a bunch of occasions when our Users want to make requests to our Company. Zendesk Inc. provides services which help us ensure Users’ right to make requests to our Company.

c. GDPR Compliance. Zendesk provides services in compliance with the General Data Protection Regulation (GDPR), and their technical and organizational measures include binding corporate rules, appointing a Data Protection Officer, and other measures described on Zendesk’s website.

d. CCPA Compliance. Zendesk provides its services in compliance with the California Consumer Privacy Act (CCPA). Measures taken by Zendesk to comply with CCPA are described on Zendesk’s website.

e. Security Certifications. Zendesk maintains SOC 2 Type II, ISO 27001:2013, ISO 27018:2014, ISO 27701:2019 and other Certificates.

f. Contact Information. Zendesk, Inc., Attn: Privacy Team and DPO, 989 Market Street, San Francisco, CA 94103, United States, [email protected].

14. Withdrawal of Consent.

a. General Information. The User is entitled to withdraw the consent at any time he/she wishes.

b. Manual. To withdraw the consent, the User needs to access the Settings, Privacy tab in the Game. Withdrawal of consent will delete the User’s account automatically.

c. Submission of the Request. User is entitled to send an appropriate request for withdrawing the consent to the Company. The withdrawal of the consent is considered to be properly made after the Data Subject has sent such a letter of withdrawal to the Company.

d. Procedure of Withdrawal. Company shall examine such a request within 72 hours from the moment the respective form of withdrawal is received, and make the adequate decision.

15. Storage Period.

a. Data Retention Policy under COPPA.

We are committed to retaining personal information collected from children only for as long as is reasonably necessary to fulfill the specific purposes described in this Policy. The purposes for which such personal information is collected and the business need for retaining it are described in Section 6 of this Policy.

We have established a specific timeframe for the deletion of personal information collected from children, as set out in Section 15 of this Policy.

When such information is no longer reasonably necessary for these purposes, we will delete it using reasonable measures designed to protect against unauthorized access to, or use of, the information in connection with its deletion.

We review and update our data retention periods on a regular basis to ensure ongoing compliance with applicable laws and our internal data protection standards.

b. General Information. Taking into account the purposes of the processing, the period of storage of Personal Data is 365 days since the date the Users’ accounts have been used for the last time (authorization, saving progress on the Company’s servers etc.).

c. Expiration of Storage period. After an expiration of the storage period, the Company is obliged to delete Personal Data or ask the User to provide the Company with a new consent if the necessity of the processing of such Personal Data remains actual for the Company, or another purpose of processing appears.

d. Right of Company. The Company is entitled to stop the storage of and delete the User’s Personal Data collected earlier at any time if such Personal Data are not needed anymore. Herewith, the Company is obliged to notify the User that his/her Personal Data was deleted.

e. Exception. The Company may keep storing Personal Data if a subsequent processing is stipulated by law and is deemed relevant for a purpose which is not compatible with the original purpose of processing stated in this Policy. Herewith, “processing for compatible purposes” means further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes.

f. Data Backups. For data recovery in the event of a data failure we save data backups. If you choose to delete your Personal Data, it will be deleted from live servers, but may still be stored in previously done backups for a period up to 1 year.

The data in backups is stored using security measures described in this Policy and will only be used in case of critical data failure on a live database.

One can expect Personal Data to not be in the recent backup for 24 hours after successful Personal Data removal.

If a technical issue happens, we would use the most recent backup possible, in which Personal Data will most likely already be deleted.

g. Data subject requests. Personal data about the Data Subject, contained in a request, is stored no more than 1 month from support ticket closure.

16. Data Subjects’ Rights.

a. List of Rights. This Policy provides all Data Subjects with the opportunity to exercise any of the following rights:

1. right to access. Data Subjects have a right to know whether their Personal Data are being processed and, if so, access such data.

2. right to rectification. If Personal Data are inaccurate, the respective Data Subject is entitled to ask the Company to correct them indeed.

3. right to erasure or right to be forgotten. Data Subjects have a right to obtain from the Company the erasure of the Data Subjects’ Personal Data without undue delay, and the Company has the obligation to erase such Personal Data without undue delay.

4. right to restriction of the processing. Data Subjects have a right to limit processing of their Personal Data with several exceptions under the scope of the applicable laws.

5. right to be informed. The Company is obliged to inform Data Subjects what data is being collected, how it’s being used, how long it will be kept and whether it will be shared with any third parties. This information must be communicated concisely and in plain language.

6. right to data portability. Data Subjects are permitted to obtain and reuse their Personal Data for their own purposes across different services. This right only applies to Personal Data that Data Subject has provided to the Company by way of consent.

7. right to object. Data Subjects can object to the processing of Personal Data that are being processed by the Company. The Company must stop processing Personal Data unless the Company can demonstrate compelling legitimate grounds for the processing that override the interests, rights and freedoms of the individual or if the processing is for the establishment or exercise of defense of legal claims.

8. right not to be subject to a decision based solely on automated processing. Data Subjects have a right to object to any automated profiling which means any form of automated processing of Personal Data intended to evaluate certain personal aspects relating to a natural person, or to analyses or predict that person’s performance at work, economic situation, location, health, personal preferences, reliability, or behavior (hereinafter referred as “the Profiling”), that is occurring without consent. Herewith, Data Subjects have a right to request their Personal Data are to be processed with human involvement.

9. right not to be discriminated. Data Subjects have the right not to be discriminated by the Company because of exercising any of their rights under this Policy.

10. right to authorize. The Data Subject has a right to authorize another person solely to fill in the request on the Data Subject`s behalf, and the Company shall comply with requests received from a person authorized by Data Subject.

b. Exercising of Rights. To exercise any of the rights mentioned above, the User should click on the corresponding menu and complete the appropriate form via the following link: https://turborocketgames.com/account.

c. Manual. Detailed terms on how to exercise these rights are stated in the respective procedures, that are accessible via the following link: https://turborocketgames.com/account.

d. Timescales. Timescales within which the Users may exercise the rights mentioned in this section are as follows:

The right to be informed	When the Personal Data are collected (if provided by Data Subject)
The right to access	One month
The right to rectification	One month
The right to erasure	Without undue delay
The right to restrict processing	Without undue delay
The right to data portability	One month
The right to object	On receipt of objection
Rights related to automated decision making and profiling.	Not specified
Right not to be discriminated	During the whole period of processing
Right to authorize	During the whole period of processing

17. Non-Discrimination.

a. General Information. The Company hereby assures and warrants that it does not involve any discrimination of the Users because of the User`s exercising of any of their rights, including, but not limited to, by:

Denying goods or services to the Users;

Charging different prices or rates for goods or services, including through the use of discounts or other benefits or imposing penalties, except as provided under this Policy;

Providing a different level or quality of goods or services to the Users;

Suggesting that Users will receive a different price or rate for goods or services or a different level or quality of goods or services, except as provided under this Policy.

b. Exception. Notwithstanding clause 14 (b), after a prior notification, the Company may offer a different price, rate, level, or quality of goods or services to Users if that price or difference is directly related to the value provided to the Users by the Users` data.

c. Disclaimer. The Company’s denial of the Users` for reasons permitted by the applicable laws shall not be considered discriminatory.

18. Personal Data Security.

a. General Information. The Company is responsible for ensuring that any Personal Data that the Company holds and is responsible for is kept securely and is not under any conditions disclosed to any third party unless that third party has been specifically authorized by the Company to receive that data and is under an appropriate obligation of confidentiality.

The Company maintains a written information security program that contains administrative, technical, and physical safeguards to protect the security and confidentiality of Users’ Personal Data and Personally Identifiable Information collected from children.

b. Security Requirements. The Users’ Personal Data shall be treated with the highest security and must be kept:

1. (if required) in a lockable room with controlled access; and/or

2. (if required) in a locked drawer or filing cabinet; and/or

3. if computerized, password protected in line with corporate requirements in the Access Control Policy, and/or

4. stored on (removable) computer media, which are encrypted.

c. Right to Clarify. The User is entitled to request the Company to clarify what security measures are applied while processing the User’s Personal Data.

19. Data Breach Notification.

a. Types of Breaches. There are three different types of breaches:

1. “Confidentiality breach” means an unauthorized or accidental disclosure of, or access to Personal Data.

2. “Integrity breach” means an unauthorized or accidental alteration of Personal Data.

3. “Availability breach” means an accidental or unauthorized loss of access to, or destruction of Personal Data.

b. General Information. The Company takes all reasonable steps to minimize the risk of any breach while processing Personal Data.

c. Notification Procedure.

1. In a case of a Personal Data breach, the Company shall, without undue delay and where feasible, not later than 72 hours after having become aware of it, notify the Personal Data breach to the Supervisory Authority, unless the Personal Data breach is unlikely to result in a risk to the rights and freedoms of the Users.

2. The risk assessment that the Company has to carry out will determine whether the risk to the rights and freedoms of the Users affected is considered to be sufficiently high to require the notification of the Users.

3. Likewise, in the case of a Personal Data breach, which is likely to result in a high risk to the rights and freedoms of the Users, the Company shall, without undue delay, notify the appropriate User whose Personal Data has been compromised. However, if any subsequent measures have been taken to mitigate the high risk to the Users, so that it is no longer likely to happen, then communication with the User is not required.

d. Documentation. The Company documents all Personal Data breaches, comprising the facts relating to the Personal Data breach, its effects and the remedial action taken. That documentation shall enable the Supervisory Authority to verify compliance with the applicable laws.

20. Data Transfer.

a. General Information. The Company may transfer the Users’ Personal Data to its business and Advertising contractors specified herein and which are registered within the European Union and the USA. The Company transfers Personal Data in accordance with the provisions of the applicable laws and on the basis of the adequacy decision if needed.

b. Transfer to Third Countries. The Company may transfer Рersonal Data to third countries, including the onward transfers from third countries to another third country. Transfers of Personal Data to third countries, as specified hereinabove sometimes may be connected with possible risks pursuant to the absence of an adequacy decision and appropriate safeguards under the GDPR in this regard. If the adequacy decision and/or appropriate safeguards regarding the transfer of the personal data to third countries are absent, the Company transfers Personal Data based on the consent provided by the Data Subject.

c. Purposes of Transfer. The Company may transfer the Users’ Personal Data to third parties, which are the Company’s business contractors, only for the purposes of Personal Data processing, such as technical and player assistance.

d. Contractors. Our contractors are the following:

1. Chartboost (Chartboost Inc., USA);

2. Unity (Unity Technologies, Inc., USA);

3. KIDOZ (KIDO’Z Ltd, Israel);

4. Azerion (Azerion Technology B.V.)

5. Zendesk (Zendesk, Inc., USA);

6. DevToDev (DevToDev Ltd., Israel)

7. DigitalOcean (DigitalOcean, LLC, United States)

8. Ubuntu (Canonical Ltd., United Kingdom)

9. Slack (Slack Technologies, LLC, United States)

10. Google Play (Google LLC, United States)

11. App Store (Apple Inc., United States)

12. Amazon (Amazon.com, Inc., United States)

21. Children’s Privacy and Safety.

WildCraft: Animal Sim Online is certified by the kidSAFE Seal Program. The kidSAFE Seal Program is an independent safety certification service and seal-of-approval program designed exclusively for children-friendly websites and technologies, including kid-targeted game sites, educational services, virtual worlds, social networks, mobile apps, tablet devices, and other similar interactive services and technologies. Click on the seal or go to www.kidsafeseal.com for more information.

a. General Information. We do not collect children’s Personally Identifiable Information if we have no legal grounds to such collection. Our Company may collect children’s Personal information only where permitted by applicable child privacy laws and following the provision of direct notice to parents or guardians. Parents have the right to know which children’s Personal information is collected and to review the collected Personally Identifiable Information.

b. Game Access Without Account Creation

Children may access and play the Game without creating an account. In this mode, gameplay data may be stored locally on the child’s device and is not associated with a personal account on the Company’s servers.

An account may be created to enable additional features, such as saving game progress across devices. Access by the Company to account-related data is limited unless a parent or guardian provides an email address for parental notification and account management purposes.

с. Direct Notice

If a User is identified as under the applicable age threshold, the Company requests an email address of a parent or guardian for parental notification purposes.

The Company uses the parent or guardian email address to send a direct notice informing them about the child’s account, the categories of information that may be collected from the child, and the available parental options to manage or delete the child’s information.

The parent or guardian email address is used solely for the purposes of providing required notices, enabling parental account controls, responding to parental requests, and maintaining account-related communications. The Company does not use parent or guardian email addresses for marketing or advertising purposes.

d. Parental Consent on Third-Party Sharing. Our Company will obtain specific parental consent before sharing children’s Personally Identifiable Information with any third parties. Parents will be informed of the identities or categories of such third parties (including the public if information is made publicly available) and the purposes of such disclosure. This means that parents may consent to the collection and use of their child’s Personally Identifiable Information by the Company while withholding consent for disclosure to third parties.

Exception: The Company may only share children’s Personally Identifiable Information with third parties without parental consent if such sharing is essential for the operation of the Company’s Website and services. Any third parties receiving such Personal information are strictly prohibited from using it for any other purpose.

e. Collected personal data. Our Company may collect children’s age, country and other data created during usage of our services, like multiplayer nickname, pet nickname, clan name the child is in, and in-game language. Multiplayer nicknames are not unique and do not allow the identification of an individual user.

f. Persistent identifiers. The Company may collect Persistent Identifiers for specific internal operations, such as maintaining services and performing network communications, in accordance with the purposes described in Section 6. The Company does not use Persistent Identifiers to contact, profile or track children, nor for any purpose other than supporting the provision of its internal operations. The Company does not disclose Persistent Identifiers to third parties.

Reasonable technical and organizational measures are in place to prevent unauthorized use or disclosure of Persistent Identifiers, as described in Section 18.

g. Parent Dashboard. To exercise the right to review and delete children’s Personally Identifiable Information, parents need to open the main menu. From the main menu, parents can access Parental Dashboard by clicking the “Parents” option on the top left.

On first access, parents will be asked to complete a one-time setup by entering their age, solving a simple math problem to confirm they are a parent, and creating a 4-digit password. After setup is complete, parents can access the Parent Dashboard at any time using their password.

Parents can review the Personally Identifiable Information of their child by pressing “Data” on the right-hand side of the Dashboard.

To manage other settings, parents can select “Safety” on the left-hand side to open the settings menu, where they can control safety features of the game (in-game chat, friends chat, clans, and friend features) (WildCraft only).

Parents can manage subscriptions by pressing “Manage” on the right.

Parents can also delete their own personal data from the account or deactivate the child’s account (which deletes all of the child’s Personal information). To do so, parents should click “Account” within “Safety,” after which they will be redirected to sign in to the Turbo Rocket account on the web.

h. Contractors. Our Contractors do not collect children’s Personally Identifiable Information, which can associate children with separate players. We only work with CCPA and COPPA-compliant advertisers; in case you have any doubts or concerns about a particular advertiser, please let us know.

i. Storage and Deletion. Once children’s Personally Identifiable Information is collected in accordance with clause 10(c) of this Policy, we retain it only for as long as is reasonably necessary to fulfill the specific purpose(s) described in Section 6. When the information is no longer needed for those purposes, we delete it using reasonable measures to prevent unauthorized access or use during the deletion process.

For more details on the business need for retaining such information and the timeframe for secure deletion, please refer to clause 15(a) of this Policy (Data Retention Policy under COPPA).

j. Contact Information. You may contact us via our Support SDK. For making requests via the Support SDK we may collect personal data like multiplayer nickname and account nickname. Information about requests is stored no more than 1 (one) month after ticket closing.

You may also contact us via phone:

+1 (302) 203-9863

or via email:

[email protected].

22. Additional Conditions.

a. Current Version of Policy. A current version of this Policy is available to all subjects concerned on the Website at the following link: https://turborocketgames.com/privacy-policy/.

b. Company Information. TURBO ROCKET GAMES LLC is registered at the following address: 1013 Centre Road, Suite 403-B United States, Wilmington, Delaware, 19805 is committed to compliance with all relevant EU and the USA laws in respect of Personal Data and protection of the “rights and freedoms” of individuals while collecting, using and processing the Personal Data in accordance with the applicable laws.

c. Data Protection Officer.

We designated a Data Protection Officer (hereinafter referred to as “DPO”) in order to ensure that our Company processes personal data in compliance with the applicable data protection rules and regulations. You can contact the DPO directly using the following details:

External Data Protection Officer

Legal IT Group LLC

Office 1, 38 Volodymyrska Str.

01030 Kyiv, Ukraine

Email: [email protected]

d. Updating Policy. Company updates this Policy at least once in 12 months. If the Company makes material changes to this Policy, the Company will notify the Users by email or by posting a notice on the website prior to the effective date of the changes. By continuing to access the Game or use the website after those changes become effective, the Users agree to the revised Policy.

To manage your cookies consent please click below
Manage consent

BACK TO NEWS

Cookie	Duration	Description
__cfduid	1 month	The cookie is used by cdn services like CloudFare to identify individual clients behind a shared IP address and apply security settings on a per-client basis. It does not correspond to any user ID in the web application and does not store any personally identifiable information.
cli_user_preference	1 year	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
cookielawinfo-checbox-analytics	1 year	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	1 year	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	1 year	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-advertisement	1 year	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Advertisement".
cookielawinfo-checkbox-necessary	1 year	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	1 year	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
CookieLawInfoConsent	1 year	The cookie is used to store the summary of the consent given for cookie usage. It does not store any personal data.
viewed_cookie_policy	1 year	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
S	1 hour	Cookie used to save your session info.
SESSIONID	session	Cookie used to save your session id if you are using account.
trp_language	1 month	Cookie used to save your language preference.