PRIVACY POLICY

GFUN PRIVATE LIMITED
UEN: 202609051M
Address: 8D DEMPSEY ROAD, #03-02, SINGAPORE 249672
Effective Date: 1 December 2025

GFUN PRIVATE LIMITED (“GFUN”, “we”, “us”, “our”) is a company incorporated in Singapore.
This Privacy Policy describes how we collect, use, disclose, transfer, and protect personal data when you access or use:

(collectively, the “Services”).

This Policy complies with major global privacy frameworks including GDPR, LGPD, CCPA/CPRA, and other applicable international laws.

1. Data Controller

The data controller is:

GFUN PRIVATE LIMITED
Registered in Singapore
Email: hello@gfun.studio
Website: https://gfun.studio

Where required under Article 27 GDPR, GFUN may appoint an EU Representative.

2. Categories of Personal Data Collected

2.1 Device & Technical Data

  • IP address
  • Device type and model
  • Operating system
  • App version
  • Advertising identifiers (IDFA, GAID)
  • Language and region
  • Time zone
  • Network information
  • Crash logs and diagnostics

2.2 Gameplay & Usage Data

  • Session duration
  • Level progression
  • In-game interactions
  • Virtual currency balances
  • Ad interactions
  • Fraud detection signals

2.3 Transaction Data

  • Purchase confirmations
  • Transaction IDs
  • Refund status

Payment data is processed by Apple/Google. GFUN does not store full payment credentials.

2.4 Communication Data

  • Email inquiries
  • Customer support tickets
  • Survey responses

2.5 Advertising & Attribution Data

Collected via SDKs and partners for:

  • Attribution measurement
  • Campaign optimization
  • Fraud prevention
  • Ad frequency capping

3. Sources of Data

  • Directly from users
  • Automatically via SDKs
  • Advertising and analytics partners
  • App distribution platforms

4. Legal Bases for Processing (GDPR)

  • Performance of contract
  • Legitimate interest (e.g., fraud prevention, analytics)
  • Consent (personalized ads, tracking)
  • Legal obligation

Where required, we use consent management mechanisms (CMP).

5. Purpose of Processing

  • Provide and operate the Services
  • Improve gameplay and retention
  • Detect fraud and cheating
  • Serve contextual and personalized ads
  • Measure marketing performance
  • Comply with legal obligations
  • Enforce our Terms

6. Advertising & Analytics Partners

We work with partners including but not limited to:

  • AppLovin
  • Meta
  • Google
  • Unity Technologies

These partners may:

  • Deliver advertisements
  • Conduct attribution
  • Prevent fraud
  • Optimize ad performance

Users may reset advertising identifiers in device settings.

7. IAB TCF 2.2 Compliance (EU)

  • We may implement a TCF 2.2-compliant CMP.
  • Users may accept or reject processing purposes.
  • Consent preferences are stored and can be modified.
  • Purposes may include storage, measurement, personalization, and ad selection.

8. International Data Transfers

Data may be transferred to:

  • Singapore
  • United States
  • European Union
  • Brazil
  • Other jurisdictions

We rely on SCCs, adequacy decisions, and other safeguards.

9. Data Retention

We retain data only as long as necessary for:

  • Service provision
  • Legal compliance
  • Fraud prevention
  • Accounting and audit

10. Data Subject Rights

10.1 GDPR Rights (EU/EEA)

  • Access
  • Rectification
  • Erasure
  • Restriction
  • Data portability
  • Object to processing
  • Withdraw consent

10.2 LGPD Rights (Brazil)

  • Confirm processing
  • Access data
  • Correct inaccuracies
  • Request anonymization
  • Revoke consent
  • Request deletion

10.3 CCPA/CPRA (California)

  • Request disclosure of collected data
  • Request deletion
  • Opt-out of sale/share
  • Limit use of sensitive personal information

We do not sell personal information.
However, certain ad-sharing practices may qualify as “sharing” under CPRA.

Requests: hello@gfun.studio

11. Children’s Privacy (COPPA)

  • No knowing collection from children under 13 without parental consent.
  • Personalized ads may be disabled for child-directed games.
  • Age gates may be implemented.

Parents may contact hello@gfun.studio.

12. Security Measures

  • Encryption in transit
  • Access control restrictions
  • SDK review
  • Monitoring & logging
  • Fraud detection systems

13. Data Breach Notification

  • Risk assessment
  • Notify regulators where required
  • Notify affected users if required

14. Data Protection Governance

  • Internal data mapping
  • Records of Processing Activities (RoPA)
  • Vendor assessment
  • Subprocessor registry
  • Incident response plan

15. Automated Decision-Making

  • Fraud detection
  • Ad optimization
  • Gameplay balancing

No significant legal effects are produced without safeguards.

16. Changes to This Policy

We may update this Policy periodically.
Material changes will be communicated via in-app notice or website update.

17. Contact

GFUN PTE. LTD.
Singapore
Email: hello@gfun.studio
Website: https://gfun.studio