Privacy Policy

SIA MUNCHMUNCHDEV and its affiliates (“Company,” “we,” “us”) are committed to safeguarding the privacy of our users (“User,” “you”). Whether the information pertains to you or your children, we strive to ensure its protection. This Privacy Policy outlines our practices concerning the collection and use of information when you access our products (as defined in the Terms of Use) and our website (collectively referred to as the “Service”).

1. Your Consent

By installing our apps on your mobile device or using our website, munchmunchdev.com, you acknowledge that we may collect information that can directly or indirectly identify you (“Personal Data”).

By accessing, connecting to, or using our apps and website, you agree to the terms of this Privacy Policy, including the collection and processing of your Personal Data.
Important: If you, or if applicable, your legal guardian, do not agree with any part of this Privacy Policy, you must not install, access, or use our apps or website. If already installed, please uninstall and delete them promptly from your device.
If you are under 18 years old, you confirm that your legal guardian has reviewed and agreed to this Privacy Policy on your behalf.

2. Partner Developers and Publishers

We collaborate with partner developers to create our games. These developers may independently collect and process Personal Data within the games. Please Note: Such data processing falls outside the scope of this Privacy Policy, and we are not responsible for it. For more details, please refer to the privacy policies of our partner developers.

Similarly, our games may be published through partner publishers who may also collect Personal Data. Please Note: The processing of Personal Data by our partner publishers is beyond the scope of this Privacy Policy, and we are not liable for it. You are encouraged to review the privacy policies of our partner publishers for further information.

3. Third-Party Links

Our website may contain links to third-party websites, applications, or services provided by independent entities. These providers operate under their own privacy policies, cookie policies, and terms of service. We encourage you to review their policies before engaging with their services. Please Note: We are not responsible for how third parties handle your Personal Data.

4. Data Collection Methods

We collect Personal Data in the following ways:

• Social Media: If you contact us via social networks, we may collect publicly available information from your profile.
• Directly Provided: Information you submit to us, such as through forms or social media interactions.
• Automatically Collected: Information gathered via cookies and other electronic means when you play our games or browse our website.

5. Policy Updates

We may update this Privacy Policy periodically. Continued use of our games or website (munchmunchdev.com/privacy) after any updates indicates your acceptance of the revised policy.

If significant changes are made, and explicit consent is required for further processing of your Personal Data, we will notify you and seek your renewed consent.

6. Data Controller

The entity responsible for determining the purposes and methods of Personal Data processing is SIA MUNCHMUNCHDEV, registered in the Republic of Latvia under Registration Number 40203498684.

IMPORTANT:
If you do not agree with this Privacy Policy, please refrain from playing our games or using our website.

Personal Data Collection and Processing

If you are a consumer who interacts with the apps or the website, we may collect certain additional information (that you provided to the e-commerce platform or merchant, through a third party’s API, our SDK, pixel, or other similar technologies), including the following:

We prioritize your privacy and aim to collect only the Personal Data necessary for achieving the stated purposes. The categories of Personal Data we process are outlined below.

Use of Personal Data

For In-Game Users
Purpose of Processing:
To assess and enhance the quality of game content, we collect the following data:

• Game progress to identify challenging stages.
• Ad display performance and functionality with game content.
• Game performance metrics, such as frames per second (FPS).
• User retention and playtime duration.
• Game testing data.

Types of Personal Data:
Game Data:

• Game name and configuration version.
• Session ID, Event ID, and Event type (e.g., “install,” “level_completed,” “show_ad”).
• Event context (custom data related to gameplay, currency, placements, etc.).
• FPS, event time, and install time.

Device Data:

• Device name and operating system (OS).
• Unity device ID and advertiser IDs (GAID/IDFA).
• Attribution network device ID (e.g., Adjust ID).

Legal Basis:
Legitimate interest:

• Your interest: Accessing high-quality game content.
• Our interest: Improving user engagement and attracting more players.

For Identifying Game Issues
Purpose of Processing:
To detect and resolve game issues, including:

• Game crashes or freezes.
• Loading errors.
• Gameplay problems.
• Ad display and functionality issues.
• Errors and warnings.

Types of Personal Data: (As listed under “For In-Game Users.”)

Legal Basis:
Legitimate interest:

• Your interest: Experiencing error-free gameplay.
• Our interest: Enhancing game reliability and user satisfaction.

For Financial Analysis
Purpose of Processing:
To evaluate financial performance, including:

• Ad impressions and revenue.
• Game-generated income (e.g., ads, in-app purchases).
• User acquisition costs.

Types of Personal Data:
Advertisement Data:

• Ad type and placement details.
• Impression counts and revenue figures.
• Custom data based on events, game, and user.

Attribution Data:

• Ad network, campaign, and creative names.
• Source app ID and tracker tokens.

Device Data: (As listed under “For In-Game Users.”)

Legal Basis:
Legitimate interest:

• Your interest: Receiving relevant and valuable ads.
• Our interest: Evaluating ad effectiveness and improving monetization.

For Marketing Analysis
Purpose of Processing:
To segment users by geography, activity, or number for user acquisition and monetization strategies.

Types of Personal Data: (Combines Game Data, Device Data, Attribution Data, and GeoIP.)

Legal Basis:
Legitimate interest:

• Your interest: Discovering relevant games and ads.
• Our interest: Targeting and retaining users effectively.

For Website and Social Media Users
Purpose of Processing:
To respond to queries, including:

• Questions, complaints, or employment applications.
• Evaluation of job candidates for potential employment.

Types of Personal Data:

• Email, name, phone number.
• Social media information.
• CV and relevant certifications.
• Other details provided in the query.

Legal Basis:
Legitimate interest:

• Your interest: Receiving a timely response to your query.
• Our interest: Ensuring quality customer service and efficient recruitment.

Other Situations: M&A Due Diligence
Purpose of Processing:
To provide potential investors and their legal counsel with necessary information, which may include Personal Data of game players, website visitors, or social media users.

Types of Personal Data:

• Information requested by potential investors or legal counsel.

Legal Basis:
Legitimate interest:

• Your interest: Interacting with a resource-enriched entity.
• Our interest: Securing investments and expanding resources.

Personal Data Processing and Storage Location

Retention Period

We retain your Personal Data only as long as necessary to fulfill the purposes outlined in the section “Personal Data Collection and Processing.”

Retention Timeframes

• For Game Players (App Users): Personal Data is retained for the duration of your use of the application and up to two years after you stop using it, but no more than three years in total.
• For Website or Social Media Users: Personal Data is stored as long as necessary to respond to your query and for an additional two years thereafter.
• For M&A Due Diligence: Personal Data is stored for the duration of our cooperation with the business partner.

Once these retention periods have expired, your data will be securely deleted as soon as possible.

Storage and Security

Your data is securely stored on servers provided by Google Cloud, physically located in Finland (EU). To ensure the protection of your Personal Data, we implement the following measures:

• Pseudonymization and encryption of Personal Data.
• Ongoing measures to maintain the confidentiality, integrity, availability, and resilience of processing systems.
• Procedures to restore data availability in case of physical or technical incidents.
• Regular testing and evaluation of security measures.
• User identification and authorization protocols.
• Protection of data during transmission and storage.
• Physical security of processing locations.
• Event logging and system configuration controls.
• IT security governance and management processes.
• Certification and assurance of data handling processes.
• Data minimization and quality assurance measures.
• Limited data retention policies.
• Measures for accountability and erasure of Personal Data.
• Support for data portability.

We use the HTTPS protocol for secure data transmission and SSL certificates for data storage protection. Additional tools ensure data security during processing, including caching as needed.

Cookies and Local Storage

When you use our Service, we may employ common industry technologies like cookies and Flash (or similar tools), collectively referred to as “Local Storage.” These tools store certain information on your device to enable automatic activation of features and enhance your experience by making it more seamless and efficient.

The cookies used by our Service are session-based and do not contain any personal information beyond your session key. These cookies are automatically deleted when your session ends.

Managing Local Storage:
You can easily control or disable Local Storage options:

• Most browsers allow you to delete cookies from your hard drive, block cookie acceptance, or receive notifications before a cookie is stored.
• To manage Flash Local Storage settings, use the specific instructions provided by the Flash technology provider.

Note: Disabling or deleting cookies, or altering Flash settings, may limit some functionalities and affect your overall experience on our Service.

Third-Party Cookies

We may also utilize third-party cookies (e.g., Google Authentication). These cookies are set by external providers rather than by us. Such cookies are read-only and not altered by our Service. They may also be activated when you visit other websites or apps that use similar technologies.

Third-party cookies generally store non-personal information, such as:

• Pages you have visited.
• Duration of your browsing activity.

These cookies help us and third parties analyze and improve your browsing experience while keeping your data anonymous.

Sharing Personal Data with Third Parties

Sharing with Third Parties
We may share your Personal Data collected through our games and via cookies or similar technologies with third-party companies listed below, solely for the purposes outlined in the section “Personal Data Collection and Processing.”

International Data Transfers
Some of these third parties (or their group entities) may be located outside the European Union, including in countries that do not provide an adequate level of data protection. In such cases, we adhere to GDPR-compliant measures, such as:

• Utilizing Standard Contractual Clauses (SCC) approved by the European Commission.
• Employing other legal derogations where applicable.

You may review the relevant SCC by following the links provided in the next clause. If the link is unavailable, please contact us via the methods outlined in the “Contact Us” section to request access.

Third Parties and Purposes of Data Sharing

Google Firebase

• Privacy Policy and SCC: Google Privacy Policy.
• Data Transfer: To the USA and Singapore under Firebase Data Processing and Security Terms.
• Purpose: To monitor and improve the quality of game content.

Google Analytics

• Privacy Policy and SCC: Google Privacy Policy.
• Data Transfer: To the USA and Singapore under Google Ads Controller-Controller Data Protection Terms and Google Ads Data Processing Terms.
• Purpose: To analyze user preferences, evaluate ad effectiveness, and deliver personalized advertising aligned with your interests.

Crash and Error Support Services

• Google Firebase Crashlytics
  • Privacy Policy and SCC (if applicable): Google Privacy Policy.
  • Data Transfer: To the USA and Singapore under Firebase Data Processing and Security Terms.
  • Purpose: To identify issues within the Games.
• Unity
  • Privacy Policy and SCC (if applicable): Unity Privacy Policy.
  • Data Transfer: To the USA under the Data Processing Addendum.
  • Purpose: To identify problems in the Games and support marketing analysis as well as quality assurance of game content.

User Acquisition, Monetization, and Mediation Services

• Meta
  • Privacy Policy and SCC (if applicable): Meta Privacy Policy.
  • Data Transfer: To the USA under the Data Processing Addendum.
  • Purpose: Financial analysis.
• Unity Ads
  • Privacy Policy and SCC (if applicable): Unity Privacy Policy.
  • Data Transfer: To the USA under the Data Processing Addendum.
  • Purpose: Financial analysis.
• Google AdMob (Including Native)
  • Privacy Policy and SCC (if applicable): Google Privacy Policy.
  • Data Transfer: To the USA and Singapore under Google Ads Controller-Controller Data Protection Terms and Google Ads Data Processing Terms.
  • Purpose: Financial analysis.
• Google Ads
  • Privacy Policy and SCC (if applicable): Google Privacy Policy.
  • Data Transfer: To the USA and Singapore under Google Ads Controller-Controller Data Protection Terms and Google Ads Data Processing Terms.
  • Purpose: Financial analysis.
• Applovin
  • Privacy Policy and SCC (if applicable): Applovin Privacy Policy.
  • Data Transfer: To the USA under the Data Processing Agreement and Addendum.
  • Purpose: Financial analysis.
• Mintegral
  • Privacy Policy and SCC (if applicable): Mintegral Privacy Policy.
  • Data Transfer: To the USA, Russia, India, Singapore, China, Hong Kong, Seychelles based on consent.
  • Purpose: Financial analysis.
• IronSource
  • Privacy Policy and SCC (if applicable): IronSource Privacy Policy.
  • Data Transfer: To the USA, China, and India under the Data Protection Addendum.
  • Purpose: Financial analysis.
• AdColony
  • Privacy Policy and SCC (if applicable): AdColony Privacy Policy.
  • Data Transfer: To China, India, UAE, Vietnam, Turkey, Indonesia, South Africa, USA, Philippines, Russia, Singapore, Australia under the Data Processing Agreement.
  • Purpose: Financial analysis.
• TikTok
  • Privacy Policy and SCC (if applicable): TikTok Privacy Policy.
  • Data Transfer: To the USA, Russia, UAE, Indonesia, India under jurisdiction-specific terms and controller-to-controller data terms.
  • Purpose: Financial analysis.
• Other Advertising Partners
  Includes Vungle, Fyber, InMobi, Pangle, Smaato, Bidmachine, Chartboost, Moloco, and Potensus, each with its respective privacy policy and data transfer details.

Third-Party Cookies Providers

• Google Analytics
  • Privacy Policy and SCC (if applicable): Google Privacy Policy.
  • Data Transfer: To the USA and Singapore under Google Ads Controller-Controller Data Protection Terms and Google Ads Data Processing Terms.
  • Purpose: To analyze website user behavior, evaluate advertising effectiveness, and deliver personalized ads.

Partner Developers

We may grant our partner developers limited and personalized access to Personal Data via our internal systems. Access is restricted to the data relevant to games developed by their respective teams, ensuring no cross-team access to unrelated game data.

Independent Third-Party Processing

1. In-App Purchases:
   When you make payments within the Games, your payment details are processed by the relevant app store:
   • Google Play Store: Google Privacy Policy.
   • Apple App Store: Apple Privacy Policy.
     We only receive non-identifiable details like transaction ID, product ID, and purchase time.

Cloud Save with Apple Game Center:
If you use Apple Game Center, Apple collects your Game data to save your progress, according to Apple’s GameCenter Privacy Policy. We can access your Game Center ID but no other identifiable personal data. To stop data sharing, sign out of Game Center in your Apple settings.

Contact Information

If you have any questions about how we process your Personal Data, please feel free to reach out to us at support@munchmunchdev.com.Additionally, as a company registered under the laws of the Republic of Latvia, our Personal Data processing activities are overseen by the Data State Inspectorate. Should you have any concerns about how your Personal Data is being handled, you are entitled to contact this regulatory authority for further assistance.