Privacy Policy

1. Data Controller

The data controller responsible for your personal data is:

Data Protection Officer (DPO)

GAMEBION LTD has not appointed a Data Protection Officer as we do not fall under the mandatory DPO appointment criteria specified in GDPR Article 37. For all data protection matters, please contact us directly at privacy@gamebion.com.

EU Operations

As GAMEBION LTD is established in Cyprus (EU Member State), we operate directly within the European Union and are subject to EU data protection laws including the General Data Protection Regulation (GDPR).

2. Data Processing

Purposes of Data Processing

We process your personal data for the following purposes:

• Game Updates & Newsletter: To send you information about Era of Valor game development, updates, and launch notifications
• Customer Support: To respond to your inquiries, provide technical support, and resolve issues
• Website Analytics: To understand how visitors use our website and improve user experience using Google Analytics
• Legal Compliance: To comply with applicable laws, regulations, and legal processes
• Security: To protect our website, users, and business from fraud, abuse, and security threats
• Marketing Communications: To send promotional materials about our games and services (with your consent)

Types of Data Collected

Information You Provide:

• Contact Information: Email address, name (optional)
• Communications: Messages, feedback, and support requests you send to us
• Marketing Preferences: Your consent choices for receiving marketing communications

Information Automatically Collected:

• Technical Data: IP address, browser type, operating system, device information
• Usage Data: Pages visited, time spent on site, referral sources, click patterns
• Cookies: Session cookies, preference cookies, analytics cookies (see Cookies section)
• Google Analytics Data: Pseudonymized usage statistics and website performance metrics

Whether You Must Provide Personal Data

Providing certain personal data is necessary for us to deliver specific services:

• Support Requests: If you contact us for support, we require at least an email address and the content of your request so we can respond. If you do not provide this information, we may be unable to process or respond to your request.
• Newsletter / Marketing Communications: If you subscribe to receive newsletters or updates, we require your email address. If you do not provide it, you cannot receive such communications.
• Website Security and Functionality: Certain technical data (such as IP address and device/browser information) is processed automatically when you use the Website. Without this processing, we may not be able to ensure the Website's security and reliable operation.

Data Retention

We retain personal data for the following periods:

• Newsletter Subscriptions: Until you unsubscribe or request deletion
• Support Communications: 3 years from last contact for quality assurance
• Website Analytics: 2 or 14 months (as configured in Google Analytics)
• Marketing Consent Records: 3 years after consent withdrawal for compliance purposes
• Legal Compliance: As required by applicable law (typically 6-7 years for business records)

International Data Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA). Below are the specific transfers and their safeguards:

Google Analytics (Google LLC, United States)

• Data Transferred: Website usage analytics, pseudonymized user behavior data
• Safeguards: Google's EU-US Data Privacy Framework certification and Google Ads Data Processing Terms
• Adequacy Decision: EU-US Data Privacy Framework provides adequate level of protection
• Additional Information: Google's Data Privacy Framework compliance

Email Service Providers (Various locations)

• Data Transferred: Email addresses, communication content for newsletter delivery
• Safeguards: Standard Contractual Clauses (SCCs) approved by the European Commission
• How to obtain copies: Contact privacy@gamebion.com to request copies of relevant SCCs

Hosting Services (Various locations)

• Data Transferred: Website data, server logs, technical information
• Safeguards: Standard Contractual Clauses and/or adequacy decisions where applicable
• Additional Measures: Encryption in transit and at rest, access controls

International Data Transfers Summary

Some of our service providers may process personal data outside the European Economic Area ("EEA"), including in the United States.

Where we transfer personal data outside the EEA, we rely on appropriate safeguards, such as:

• an adequacy decision where applicable; and/or
• Standard Contractual Clauses approved by the European Commission ("SCCs"); and/or
• for eligible U.S. recipients, certification under the EU–U.S. Data Privacy Framework ("DPF"), where applicable.

For example, when we use Google Analytics, Google may process certain usage and device data in the United States. In such cases, we rely on Google's applicable transfer mechanism (such as DPF certification where available and/or SCCs, depending on the specific service and configuration).

Your Rights: You may request more information about our international transfers and obtain a copy of relevant safeguards (such as SCCs), where applicable, by contacting us at privacy@gamebion.com.

3. Legal Basis for Processing

Under the General Data Protection Regulation (GDPR), we process your personal data based on the following legal grounds:

Consent (Article 6(1)(a) GDPR)

We rely on your explicit consent for:

• Newsletter subscriptions and game update notifications
• Marketing communications about our games and services
• Non-essential cookies (analytics, marketing)

Your Rights: You can withdraw consent at any time by unsubscribing from emails, rejecting non-essential cookies via the cookie banner (which you can reopen at any time to change your choice, including selecting "Necessary only"), using your browser settings (or the Google Analytics Opt-out Browser Add-on), or contacting us. Withdrawal does not affect the lawfulness of processing before withdrawal.

Contract Performance (Article 6(1)(b) GDPR)

Processing is necessary for:

• Providing customer support and responding to your inquiries
• Delivering services you request from us
• Managing your account and preferences

Legitimate Interest (Article 6(1)(f) GDPR)

We rely on legitimate interest for:

• Website Security: Protecting against fraud, abuse, and security threats
• Business Operations: Aggregated internal analytics (e.g., server logs and usage metrics) to improve our services and website
• Legal Claims: Establishing, exercising, or defending legal claims

Balancing Test: We have assessed that these interests do not override your fundamental rights and freedoms. You have the right to object to processing based on legitimate interest.

Legal Obligation (Article 6(1)(c) GDPR)

We process data when required by law, including:

• Compliance with tax and accounting regulations
• Responding to lawful requests from authorities
• Meeting data protection and privacy law requirements

Provision of Personal Data and Consequences

We inform you about the necessity of providing personal data and consequences of not providing it:

Required Data:

• Email Address (Newsletter): Required for newsletter subscription. Without providing your email, we cannot send you game updates and notifications.
• Email Address (Support): Required to respond to your inquiries. Without providing contact information, we cannot provide customer support.
• Contact Information (General): Required for communication purposes. Without this information, we cannot respond to your requests or provide requested services.

Optional Data:

• Name: Optional for personalization. Not providing your name will not affect our ability to provide services.
• Marketing Preferences: Optional. You can use our services without consenting to marketing communications.

Automated Decision-Making and Profiling

We do not engage in automated decision-making, including profiling, that produces legal effects or similarly significantly affects you as defined under GDPR Article 22. All processing of your personal data involves human oversight and decision-making.

Our use of Google Analytics for website optimization does not constitute automated decision-making under Article 22, as it does not produce legal effects or significantly affect individual users.

4. Your Privacy Rights

Under the General Data Protection Regulation (GDPR) and other applicable privacy laws, you have the following rights:

Right of Access (Article 15 GDPR)

You have the right to:

• Request confirmation of whether we process your personal data
• Obtain a copy of your personal data
• Receive information about how we process your data

Right to Rectification (Article 16 GDPR)

You can request correction of:

• Inaccurate personal data
• Incomplete personal data

Right to Erasure - "Right to be Forgotten" (Article 17 GDPR)

You can request deletion of your personal data when:

• The data is no longer necessary for the original purpose
• You withdraw consent and there's no other legal basis
• You object to processing and there are no overriding legitimate grounds
• The data has been unlawfully processed

Right to Restriction of Processing (Article 18 GDPR)

You can request restriction when:

• You contest the accuracy of the data
• Processing is unlawful but you don't want erasure
• We no longer need the data but you need it for legal claims
• You've objected to processing pending verification

Right to Data Portability (Article 20 GDPR)

You can request to:

• Receive your data in a structured, commonly used format
• Transmit your data to another controller

This right applies only to data processed based on consent or contract and by automated means.

Right to Object (Article 21 GDPR)

You can object to processing based on:

• Legitimate interests: You can object at any time
• Direct marketing: You can object at any time (absolute right)
• Scientific/historical research: Unless necessary for public interest

Right to Withdraw Consent

Where processing is based on consent, you can:

• Withdraw consent at any time (for example, by reopening the consent banner and selecting "Necessary only" or an equivalent option)
• Withdrawing consent is available through the same interface used to provide it (the consent banner)
• Withdrawal does not affect the lawfulness of processing based on consent before its withdrawal

Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority, particularly in the EU Member State where you:

• Have your habitual residence
• Have your place of work
• Believe an infringement occurred

Cyprus Data Protection Authority: www.dataprotection.gov.cy

How to Exercise Your Rights

To exercise any of these rights:

• Email: privacy@gamebion.com
• Subject Line: "Privacy Rights Request - [Type of Request]"
• Include: Your name, email address, and specific request
• Response Time: We will respond within 1 month (may extend to 3 months for complex requests)
• Verification: We may request additional information to verify your identity

Automated Decision-Making and Profiling

We do not use automated decision-making, including profiling, that produces legal effects concerning you or similarly significantly affects you within the meaning of GDPR Article 22.

We may use limited analytics or segmentation (e.g., to understand the effectiveness of communications), but we do not carry out automated decision-making or profiling that produces legal effects or similarly significantly affects you.

5. Cookies and Tracking Technologies

What are Cookies?

Cookies are small text files stored on your device when you visit our website. We also use similar technologies like web beacons, pixels, and local storage. These technologies help us provide you with a better browsing experience and understand how our website is used.

Types of Cookies We Use

Strictly Necessary Cookies

These cookies are essential for the website to function properly and cannot be disabled:

• Session Cookies: Maintain your session while browsing
• Security Cookies: Protect against cross-site request forgery
• Language Preference: Remember your language selection
• Cookie Consent: Remember your cookie choice (e.g., Accept All or Necessary Only)

Legal Basis: Legitimate interest (essential website functionality)

Analytics Cookies

These cookies help us understand how visitors interact with our website:

• Google Analytics:
  • _ga (2 years): Distinguishes unique users
  • _ga_[ID] (2 years): Persists session state
  • _gid (24 hours): Distinguishes unique users
• Data Collected: Page views, session duration, bounce rate, traffic sources, device information (pseudonymized)
• Purpose: Website optimization, content improvement, user experience enhancement

Legal Basis: Consent (you can opt-out)

Third Party: Google LLC - Google Privacy Policy

Marketing Cookies (Future Use)

We may use marketing cookies in the future for:

• Retargeting campaigns
• Social media integration
• Advertisement personalization

Legal Basis: Consent (will require explicit opt-in)

Cookie Management

Cookie Banner

When you first visit our website (or after you clear your browser cookies), you will see a cookie banner allowing you to:

• Accept All: Consent to the use of essential and non-essential cookies (including analytics cookies)
• Accept Necessary Only: Use only essential cookies. If you choose this option, we will not set analytics cookies on your device

Browser Settings

You can also manage cookies through your browser settings:

• Chrome: Settings > Privacy and Security > Cookies
• Firefox: Options > Privacy & Security > Cookies
• Safari: Preferences > Privacy > Cookies
• Edge: Settings > Cookies and Site Permissions

Withdrawing Consent for Analytics Cookies

If you previously accepted analytics cookies and wish to withdraw your consent, you can do so by:

• Clearing your browser cookies for this website and revisiting the Website to make a new selection in the cookie banner
• Installing the Google Analytics Opt-out Browser Add-on
• Adjusting your browser settings to block third-party cookies
• Contacting us at privacy@gamebion.com for assistance

Note: Disabling certain cookies may affect website functionality and your user experience.

6. Contact Information