Privacy Policy
Your privacy is important to us. This comprehensive Privacy Policy explains how attilano ("we," "us," or "our") collects, uses, discloses, and safeguards your information when you use our website and mobile applications.
Last Updated: January 1, 2024
1. Introduction
attilano ("we," "us," or "our") operates the website www.cojhrhvk.com and mobile applications published on the Apple App Store and Google Play Store (collectively, the "Services"). We are committed to protecting your privacy and ensuring the security of your personal information.
This Privacy Policy ("Policy") describes how we collect, use, disclose, and safeguard your information when you use our Services. It also explains your rights regarding your personal data and how you can contact us about our privacy practices.
By using our Services, you agree to the collection and use of information in accordance with this Policy. If you do not agree with our policies, please do not use our Services.
Important: This Privacy Policy applies to all users of our Services, including children and minors. We are committed to complying with all applicable privacy laws, including the Children's Online Privacy Protection Act (COPPA), General Data Protection Regulation (GDPR), and California Consumer Privacy Act (CCPA).
2. Information We Collect
2.1 Information You Provide Directly
We may collect the following types of information you provide to us:
- Account Information: When you create an account, we may collect your name, email address, username, password, and profile picture.
- Contact Information: If you contact us for support or inquiries, we may collect your email address and the content of your communications.
- User Content: Any content you generate, upload, or share through our Services, such as in-game messages, comments, or feedback.
- Payment Information: If you make purchases, payment processor information (we do not store full credit card numbers).
- Survey Responses: Information you provide when participating in surveys or promotions.
2.2 Automatically Collected Information
When you access our Services, we may automatically collect certain information, including:
- Device Information: Device type, operating system, unique device identifiers, and device settings.
- Usage Data: Game play data, session duration, features accessed, in-app purchases, and interaction patterns.
- Log Information: IP address, browser type, referring/exiting pages, and date/time stamps.
- Location Data: General geographic location based on IP address (not precise GPS location unless you consent).
- Cookies and Similar Technologies: As described in our Cookie Policy.
2.3 Information from Third Parties
We may receive information about you from third parties, including:
- App Stores: Information from Apple App Store or Google Play Store when you download our apps.
- Advertising Partners: Aggregated or anonymized information from advertising networks.
- Social Media: If you link your social media account to our Services.
- Analytics Providers: Data from analytics services that help us understand user behavior.
3. How We Use Your Information
We use the information we collect for the following purposes:
- Providing Services: To deliver, maintain, and improve our games and Services.
- Account Management: To create and manage your account and provide customer support.
- Personalization: To customize your experience, remember your preferences, and recommend content.
- Analytics: To understand how users interact with our Services and improve user experience.
- Advertising: To display relevant advertisements and measure their effectiveness.
- Security: To detect, prevent, and address fraud, cheating, and security issues.
- Legal Compliance: To comply with applicable laws, regulations, and legal processes.
- Communication: To send you updates, newsletters, and marketing communications (with your consent).
- In-App Purchases: To process transactions and deliver purchased content.
4. Advertising and Third-Party Ad Networks
Our mobile applications include advertising to support our free-to-play model. We work with various advertising platforms and networks to display ads. Below is information about our advertising partners and ad types:
4.1 Ad Types We Use
We may display the following types of advertisements:
- Splash Ads (Launch Screen Ads): Full-screen advertisements displayed when the app launches or transitions between screens.
- Rewarded/ Incentive Ads: Videos or ads that users can watch voluntarily in exchange for in-app rewards (coins, extra lives, etc.).
- Interstitial Ads: Full-screen ads that appear at natural transition points during gameplay.
- Banner Ads: Standard rectangular advertisements displayed at the top or bottom of the screen.
- Native Ads: Ads designed to match the look and feel of our app's content.
- Playable Ads: Interactive ads that allow users to try a mini-version of a game before downloading.
4.2 Advertising Partners
We may work with the following advertising platforms and networks:
| Advertising Platform | Purpose | Privacy Policy |
|---|---|---|
| Google AdMob | Mobile advertising, analytics, and ad delivery | Google Privacy Policy |
| Facebook Audience Network | Targeted advertising on Facebook platforms | Facebook Privacy Policy |
| Unity Ads | Game advertising and monetization | Unity Privacy Policy |
| AppLovin | Mobile advertising and user acquisition | AppLovin Privacy Policy |
| ironSource | Mobile advertising and monetization | ironSource Privacy Policy |
| Chartboost | Mobile game advertising network | Chartboost Privacy Policy |
| Vungle (by Liftoff) | Mobile video advertising | Liftoff Privacy Policy |
| AdColony | Mobile video advertising | AdColony Privacy Policy |
| MoPub (Twitter) | Mobile ad mediation and optimization | Twitter Privacy Policy |
| Mintegral | Mobile advertising platform | Mintegral Privacy Policy |
| Pangle | Global mobile advertising | Pangle Privacy Policy |
| CrossInstall | Mobile app install advertising | CrossInstall Privacy Policy |
| Ogury | Mobile advertising with consent management | Ogury Privacy Policy |
| Smaato | Global mobile advertising | Smaato Privacy Policy |
| Tapjoy | Mobile advertising and monetization | Tapjoy Privacy Policy |
4.3 How Advertising Partners Use Your Data
Our advertising partners may collect and use information about your device, including:
- Device identifiers ( IDFA, GAID)
- IP address and location data
- App usage and installation data
- Advertising IDs and opt-out preferences
- Conversion tracking data
- Interest-based advertising data
This information is used to deliver personalized advertisements based on your interests, measure ad effectiveness, and prevent irrelevant or unwanted ads.
4.4 Opting Out of Personalized Advertising
You can opt out of personalized advertising through your device settings:
- iOS (Apple): Settings > Privacy > Apple Advertising > Personalized Ads (toggle off)
- Android (Google): Settings > Google > Ads > Opt out of Personalized Ads
- Device-level opt-out: Many ad networks honor the "Limit Ad Tracking" or "Opt out of Ads Personalization" settings
Note: Even if you opt out, you may still see contextual ads based on the current content you're viewing, but they will not be personalized based on your interests.
5. Data Sharing and Disclosure
We may share your information in the following circumstances:
- With Service Providers: Companies that help us operate our Services (hosting, analytics, payment processing, customer support).
- With Advertising Partners: As described in Section 4, for advertising purposes.
- With Analytics Providers: To help us understand user behavior and improve our Services.
- Business Transfers: In connection with a merger, acquisition, or sale of assets.
- Legal Requirements: When required by law, court order, or governmental authority.
- Protection of Rights: To protect our rights, privacy, safety, or property, or that of others.
- With Your Consent: When you have given us permission to share your information.
We do not sell your personal information to third parties for their direct marketing purposes.
6. Children's Privacy (COPPA Compliance)
We take children's privacy seriously and comply with the Children's Online Privacy Protection Act (COPPA), the UK Age Appropriate Design Code, and other applicable child protection laws.
6.1 Age Verification
Our Services may include age-gating to identify users who are under the age of 13 (or 16 in certain jurisdictions). If we identify a user as a child, we will:
- Apply additional privacy protections
- Seek parental consent before collecting personal information
- Limit data collection to what is necessary for the Service
- Not display behavioral advertising to children
- Not share children's personal information with third parties for advertising
6.2 Parental Controls
Parents and guardians can:
- Request access to their child's personal information
- Request deletion of their child's account and data
- Refuse further collection or use of their child's information
- Consent to collection without consenting to third-party disclosure
To exercise these rights, please contact us at attilano@icloud.com with "Children's Privacy Request" in the subject line.
6.3 School-Age Children
If our apps are used in educational settings (e.g., schools), we comply with applicable student privacy laws including:
- Family Educational Rights and Privacy Act (FERPA)
- Student Privacy Pledge
- Applicable state-level student privacy laws
7. Data Retention
We retain your information for as long as necessary to provide our Services and fulfill the purposes outlined in this Policy. The retention period varies based on:
- Type of information collected
- Purpose of collection
- Whether you have an active account
- Legal requirements
Default Retention Periods:
- Account Data: Retained while account is active, plus 2 years after deletion
- Usage Analytics: Anonymized after 26 months
- Advertising Data: Maximum 13 months for ad-related identifiers
- Support Communications: Retained for 3 years for quality and legal purposes
- Children's Data: Deleted upon parent request or when child reaches adulthood in their jurisdiction
When information is no longer needed, we securely delete or anonymize it.
8. Data Security
We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:
- Encryption: Data in transit is encrypted using TLS/SSL; sensitive data at rest is encrypted.
- Access Controls: Strict access controls limiting who can access personal data.
- Regular Security Audits: Periodic security assessments and penetration testing.
- Secure Development: Security training for developers and secure coding practices.
- Incident Response: Established procedures for responding to data breaches.
While we strive to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.
Data Breach Notification: In the event of a data breach that affects your personal information, we will notify you in accordance with applicable laws (typically within 72 hours of becoming aware, as required by GDPR).
9. International Data Transfers
Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws.
When we transfer data internationally, we ensure appropriate safeguards are in place:
- Standard Contractual Clauses (SCCs): Approved by the European Commission
- Binding Corporate Rules: For transfers within corporate groups
- adequacy decisions: For transfers to countries with adequate data protection
- Your Consent: Where appropriate, we may seek your explicit consent
10. Your Rights Under GDPR (European Users)
If you are located in the European Economic Area (EEA), you have the following rights under the General Data Protection Regulation (GDPR):
| Right | Description |
|---|---|
| Right of Access | Request a copy of your personal data |
| Right to Rectification | Request correction of inaccurate data |
| Right to Erasure | Request deletion of your data ("right to be forgotten") |
| Right to Restrict Processing | Request limitation of data processing |
| Right to Data Portability | Receive your data in a portable format |
| Right to Object | Object to processing based on legitimate interests |
| Right to Withdraw Consent | Withdraw consent at any time |
| Right to Lodge Complaint | File a complaint with a data protection authority |
To exercise these rights, contact us at attilano@icloud.com. We will respond within one month.
11. Your Rights Under CCPA (California Residents)
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA):
- Right to Know: Know what personal information is collected, used, shared, or sold
- Right to Delete: Request deletion of your personal information
- Right to Opt-Out: Opt out of the sale of your personal information
- Right to Non-Discrimination: Not be discriminated against for exercising your rights
- Right to Correct: Request correction of inaccurate personal information
- Right to Limit Use: Limit use of sensitive personal information
11.1 "Do Not Sell or Share My Personal Information"
California residents may opt out of the "sale" or "sharing" of their personal information. We do not sell personal information for monetary consideration. However, "sharing" under CCPA may include allowing third-party ads to be served based on your activity.
To opt out of this sharing, please email attilano@icloud.com with "CCPA Opt-Out Request" in the subject line.
11.2 Categories of Information We Collect (CCPA)
- Identifiers (name, email, IP address, device IDs)
- Commercial information (purchases, in-game transactions)
- Internet/electronic activity (game play, app usage)
- Location data (general geographic location)
- Inferences (preferences, characteristics, behaviors)
12. Additional Rights in Other Jurisdictions
We respect privacy laws in all jurisdictions where we operate. Here are some key ones:
12.1 United Kingdom (UK GDPR)
UK residents have rights similar to EU GDPR, including the right to contact the UK Information Commissioner's Office (ICO) if you have concerns.
12.2 Canada (PIPEDA)
Canadian residents have rights under the Personal Information Protection and Electronic Documents Act, including access to your information and recourse for complaints.
12.3 Australia (Privacy Act 1988)
Australian users can request access to and correction of their personal information. Contact the Office of the Australian Information Commissioner for complaints.
12.4 Brazil (LGPD)
Brazilian users have rights including access, correction, deletion, and portability of their personal data under Lei Geral de Proteção de Dados.
12.5 Japan (APPI)
Japanese users have rights regarding their personal information under the Act on the Protection of Personal Information.
12.6 South Korea (PIPA)
Korean residents have comprehensive rights including access, correction, deletion, and suspension of processing under the Personal Information Protection Act.
13. Third-Party Services and Links
Our Services may contain links to third-party websites, applications, or services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any personal information.
Our Services may also integrate third-party services, including:
- Social Media Platforms: Facebook, Twitter, Instagram integration
- Analytics Services: Firebase Analytics, Unity Analytics, Adjust, AppsFlyer
- Payment Processors: Apple Pay, Google Play Billing
- Cloud Services: Firebase, AWS, Google Cloud
- Customer Support: Zendesk, Intercom
14. App Store Compliance
Our mobile applications are published on the Apple App Store and Google Play Store. We comply with all applicable store policies and guidelines:
14.1 Apple App Store
- App Tracking Transparency (ATT): We request your permission before tracking your activity across other companies' apps and websites
- Apple Privacy Nutrition Labels: Accurate disclosure of data collection in App Store listings
- Kids Category: Apps designed for children comply with all COPPA and store kid-safe requirements
- Data Use: All data collection practices align with Apple's developer guidelines
14.2 Google Play Store
- Data Safety Section: Accurate completion of Google's Data Safety form
- Families Policy: Compliance with Google Play's Families policy requirements
- Ad Policy: Adherence to Google's ad policies and disclosure requirements
- Device Access: Clear justification for all requested device permissions
14.3 App Store Regulatory Compliance
- Age Ratings: Accurate age ratings based on content (all our games are rated for Everyone or Everyone 10+)
- Content Guidelines: Compliance with store content guidelines
- In-App Purchases: Clear disclosure of in-app purchase pricing and terms
- Subscription Policies: Transparent subscription terms and easy cancellation
15. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. We will:
- Post the updated policy on this page with a new "Last Updated" date
- Notify you of material changes through the app or via email
- Obtain your consent for significant changes where required by law
- Keep previous versions available upon request
Continued use of our Services after changes constitutes acceptance of the updated Policy.
16. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:
attilano
Email: attilano@icloud.com
Website: https://www.cojhrhvk.com
For data protection inquiries, please include "Privacy Request" in your subject line. We will respond to all legitimate requests within the timeframes required by applicable law.
Data Protection Officer
For EU/UK GDPR inquiries, you may also contact our Data Protection Officer at attilano@icloud.com.
EU Representative
Under GDPR Article 27, our EU representative is available at the contact email above.
17. Cookie and Tracking Technologies
For detailed information about our use of cookies and similar tracking technologies, please see our Cookie Policy.
18. Glossary of Terms
- Personal Data: Any information relating to an identified or identifiable natural person
- Processing: Any operation performed on personal data (collection, storage, use, etc.)
- Data Controller: Entity determining purposes and means of processing
- Data Processor: Entity processing data on behalf of the controller
- Consent: Freely given, specific, informed, and unambiguous indication of agreement
- Breach: Security incident resulting in accidental or unlawful destruction, loss, or access