Last updated: May 24, 2024

1. OVERVIEW

This is the Privacy Policy of TINY BOOM LIMITED ("we," "us," or "our").

This Privacy Policy informs you of our policies regarding the collection, use, and disclosure of personal data when you use one or more of our mobile ("App(s)") and the rights and choices you have associated with that data.

"Personal data" or "personal information" refers to any details about a person and can be used to identify or connect them to their identity.

Personal data includes any information related to a specific person and can be used to identify them directly or indirectly. This includes details such as an identification number or unique characteristics connected to their physical, mental, economic, cultural, or social identity.

All users accessing our App ("Users") are subject to this Privacy Policy, so please read it carefully before downloading, installing, or using our App(s).

Our App is intended for individuals aged 18 years or older, and we do not knowingly collect or request personal information from anyone under 18. If you are under 18, please refrain from using or disclosing any information on this App or its features. If we become aware that we have gathered personal information from a child under 18 without verified parental consent, we will promptly delete that data. If you suspect we have obtained information from or about a child under 18, please get in touch with us immediately.

We operate as the data controller under the GDPR unless indicated otherwise.

2. INFORMATION WE PROCESS

Based on the circumstances outlined below, we may collect and otherwise process the following general categories of personal information: (i) Identifiers (like a real name, postal code, unique personal identifier, online identifier, Internet Protocol address, email address, or other similar identifiers), (ii) Geolocation data (like physical location or movements), (iii) Internet or other similar network activity (like information on your interaction with an application, or advertisement), (iv) Commercial information (like records of purchasing or consuming histories or tendencies).

Personal information associated with the categories mentioned above is obtained from the following sources:

1. From you indirectly (Automatically processed information):

• Device Details: When you access the App using a mobile device, specific details about your device are collected, including "device identifiers." These identifiers are small data files or similar structures stored on or linked to your mobile device, uniquely identifying it (but not you personally).

• Device Information: This includes the type of your mobile device, operating system and its version, model and manufacturer, screen size, screen density, orientation, battery status, and memory usage.

• Internet Connection Details: This includes your mobile carrier, network provider, network type, Internet Protocol (IP) address, session timestamps and durations, connection speed, and browser type.

• Location Information: This includes your IP address, country code, region, state, city associated with your SIM card or device, language settings, time zone, and nearby commercial points of interest (e.g., "coffee shop").

• Other device identifiers: This may include user identifiers if they are set up by the App’s developer.

Information about the App: Details such as the app's name, API key (identifier for the app), version, and properties may be reported for automated processing and analysis. Some services may also record the list of applications and/or processes installed or running on your device.

Cookies and Similar Technologies: When you use the App, cookies and similar technologies such as pixels, web beacons, and scripts may be utilized. A cookie, a small text file with information, is downloaded to your device upon accessing the App and sent back to the server with each subsequent use. This aids in the efficient operation of the App, allowing us to track user visits to specific areas or features and the links or ads they interact with. We utilize this aggregated data to analyze and optimize App usage, improve our marketing strategies, and deliver content and features tailored to your interests. Advertisers or partners may also employ cookies or similar technologies to provide ads or services within the App.

Log File Information: Whenever you request access to the App, log file information is automatically reported. It may also be provided during the App installation on your device. When using our App, analytics tools automatically capture specific log file details, such as the start and stop times of your App usage and your interactions with the App.

Ad-related data: information that includes the time an ad is served, whether it was clicked, the ad content, type (text, image, video), placement in the App, and your response.

In-app events: When you use our App, analytics tools automatically track what you do within the App, such as completing tutorial steps, leveling up, making payments, buying in-app items, and any special events or limits related to how your data is handled.

The data your device sends through our App (e.g., Identity For Advertisers for iOS devices) is analyzed using third-party automatic data processing technologies, such as advertising or analytics tools. Typically, this data is non-personal, meaning it cannot be directly linked to any specific individual, and we only access it in an aggregated form. We use this information based on our legitimate interest. However, some of these integrated technologies (see Section 4 for the list) initiate automated processing of your personal data, including profiling. Profiling involves the automated processing of personal data to evaluate certain personal aspects about you, such as analyzing or predicting your preferences, interests, behavior, location, or movements.

Information processing via automatic data processing technologies begins automatically once you give our App permission to track your activity. You can withdraw your permission anytime—see Section 9 below for details on how to opt-out.

Please note that we do not control the information automatically provided to advertising or analytics tools and cannot take responsibility for its processing, and keep in mind that certain services engage in personal data profiling and may gather information related to your identity and/or your mobile device using technologies beyond our scope of responsibility. We do not control, supervise, or guarantee how third parties process your personal data, which may be collected independently of our App. Any requests for information regarding disclosing your personal data should be directed to these third parties (refer to Section 4).

2. Directly from you (Information that you submit):

Contact information (such as your name, email address, and any information provided, including message contents or attachments) submitted to us via email is required to perform the contract between you and us effectively. We use this information to respond promptly to your inquiries, fulfill your requests, send you requested communications, and provide the requested services.

3. THE PURPOSE OF PROCESSING

We use automatically processed information and information you submit for the following purposes:

1. to provide the app, maintain it, improve it, personalize your experience, test it, and monitor its effectiveness.

2. to send you push notifications with technical notices, updates, security alerts, and support and administrative messages, and to respond to you when you contact us.

We use automatically processed information to provide you with interest-based (behavioral) advertising or other targeted content, including online ads or other forms of marketing.

We may use your information to prevent, detect, and investigate fraud, security breaches, and potentially prohibited or illegal activities, protect our trademarks, and enforce the law. 

If we use your information for any purpose other than those listed here, we will notify you and obtain your consent as applicable law requires.

4. SHARING OF THE DATA

While we meticulously select third-party providers dedicated to implementing technical and organizational measures to safeguard user personal data, we cannot guarantee the security of information transmitted to these third parties. Therefore, we are not liable for any accidental loss or unauthorized access to your personal data resulting from the actions of third parties.

We won't sell your personal data to third parties. However, we may share your information from tools like log files, device identifiers, and location data with third-party organizations that provide automatic data processing technologies for the App. We don't control or influence how these third parties use their tracking technologies.

Furthermore, we may share certain information, such as cookie data, with third-party advertising partners. This enables third-party ad networks to deliver targeted advertisements that they believe will interest you.

We may engage the following categories of recipients (including third-party providers and advertising partners) in processing your information for various business purposes, such as providing us with the necessary infrastructure for the delivery and improvement of our App, and performing App-related services:

1. Amplitude Inc. (analytics), located in the U.S.A., https://amplitude.com/privacy;

2. Firebase (Google LLC) (analytics and marketing services), located in the U.S.A., https://policies.google.com/privacy, https://firebase.google.com/support/privacy?hl=en;

3. Facebook (Metal Platform, Inc.) (analytics, ad management), located in the U.S.A., https://www.facebook.com/privacy/policy/?entry_point=data_policy_redirect&entry=0;

4. Adjust GmbH (analytics), located in Germany, https://www.adjust.com/terms/privacy-policy/;

5. RevenueCat, Inc. (analytics), located in the U.S.A., https://www.revenuecat.com/privacy/.
   
   

You can obtain more information about the services and privacy options available, including opt-out choices, at the respective websites and privacy policies associated with those services.

Our App may contain links to third-party websites or services, or you may access our App from a third-party site. Please be aware that we are not responsible for the privacy practices of these third-party sites or services, including the information or content they contain. You are responsible for any risks from using these third-party websites or resources.

We may disclose your personal information in situations necessary for legitimate reasons, such as public interest or unforeseen circumstances as required by law. Additionally, we may disclose your personal information in good faith to protect our rights, your safety, or the safety of others, investigate fraud, or respond to a government request.

Furthermore, if we are involved in a merger, acquisition, or sale of all or a portion of our assets, we will prominently notify you in our App of any change in ownership or usage of your personal information. We will also provide information on any options you may have regarding your personal information.

5. HOW LONG WE KEEP AND USE YOUR DATA

We will keep your personal information only as long as necessary to provide the App's services and meet our legal obligations. If you no longer want us to use or store your information, you can request that we delete your personal data.

However, specific data may be retained for a limited period (not exceeding the necessary storage duration) if required to comply with legal obligations, such as taxation, accounting, or auditing. This data may also be kept to maintain data backup and security measures, prevent fraud, or address other malicious activities.

6. INTERNATIONAL DATA TRANSFERS

We provide our Apps to users worldwide.

Please be aware that we may transfer information, including personal data, to a country, territory, or specific sectors within that country or territory, where data protection and confidentiality regulations may not provide the same level of protection for personal data as your country does.

Using the App, you acknowledge and agree to the potential transfer of your personal data to any third country, territory, or specified sectors within that third country or an international organization.

We rely on hosting organizations for data storage. Taking your privacy seriously, we encrypt your personal data before transmitting it to these hosts whenever feasible. It's important to note that we only partner with hosting organizations that have met our rigorous security and reliability criteria.

7. DATA SECURITY

We implement reasonable and appropriate measures to safeguard personal information against loss, misuse, unauthorized access, disclosure, alteration, and destruction. These measures consider the risks associated with processing and the nature of the personal information involved.

To ensure the security of your personal information, we employ technical and organizational measures consistent with data protection principles. This includes utilizing encryption algorithms to protect your personal data and, where possible, employing hashing methods.

While we strive to protect your personal data, it's important to note that no method of transmission over the Internet or electronic storage is entirely secure. Although we do our utmost to safeguard your personal information, we cannot guarantee its security. In the event of a security breach compromising your personal information, we will promptly notify you in accordance with applicable law.

8. YOUR RIGHTS AND CHOICES

To Individuals in the European Economic Area (EEA) and the UK

If you reside in the European Economic Area ("EEA") or the UK, applicable privacy laws (in particular EU-GDPR and UK-GDPR, respectively) give you certain rights regarding your personal data.

According to both EU-GDPR and UK-GDPR, you have the following options concerning your personal data that was collected:

• Data Access and Portability. You can request copies of your personal information.

• Change or Correct Data. You can ask us to correct, change, update, or rectify your data.

• Data Retention and Deletion. User data is generally retained for as long as necessary to provide the App. However, specific retention times can vary based on the processing context. You have the right to ask to delete all or some of the personal data held about you.

• Restriction of Processing. Under certain circumstances, you may have the right to limit how your personal information is used.

To exercise the above-mentioned rights, you can contact us at privacy@tinyboom.com. Please remember that we ensure the above-mentioned rights only concerning the information we physically access and store.

When your personal information is processed automatically, you may object to such processing in some circumstances. Where your personal information is processed for direct marketing purposes, you may ask to cease processing your data for these direct marketing purposes. To exercise your right, please contact the recipients listed in Section 4 of this Privacy Policy to learn how to object to processing your data. Most have clear instructions on privacy pages, functional API, or other options.

If you don’t want us to share device identifiers and geolocation data with service providers, please check your device settings to opt-out, as described in Section 9 below.

If you are in the European Union or the UK, you may address your privacy questions and requests at privacy@tinyboom.com.

To Residents of California: Your California Privacy Rights

The California Consumer Privacy Act of 2018 (CCPA) provides those residing in California with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.

The CCPA provides consumers (California residents) with the following rights regarding their personal information:

• Right to Access. You have the right to request that we disclose, no more than twice in twelve months, any of the following for the period that is twelve months before the date the request is made:

• The categories of personal information we have collected about you.

• The categories of sources for the personal information we have collected about you.

• The business or commercial purpose for our collecting or selling your personal information.

• The categories of third parties to whom we share your personal information.

• The specific pieces of personal information we have collected about you.

• Whether we have sold or disclosed your Personal Information for a business purpose, and if so, two separate lists disclosing:

• sales, identifying the categories of personal information that we have sold about you in the prior 12 months as well as the categories of third parties to whom we sold that personal information, by category or categories of personal information for each category of third parties to whom your personal information was sold; and

• disclosures for a business purpose, identifying the categories of personal information that we have disclosed about you in the prior 12 months as well as the categories of third parties to whom we disclosed your personal information, by category or categories of personal information for each category of third parties to whom your personal information was disclosed.

Once we receive and confirm your verifiable consumer request, data outlined in this section above (Right to Access) will be disclosed to you.

• Deletion rights. You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions outlined in the CCPA. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personal information from our records unless an exception applies.

• Right to Opt-Out (“Do Not Sell”). You have the right to tell us not to disclose or transfer your personal information to a third party in exchange for something of value. The CCPA refers to this as your right to say “Do Not Sell” my personal information. 
  
  

As noted herein, we do not sell personal information. If we decide to sell personal information in the future, we will post an appropriate notice and opt-out method and not sell any personal information previously collected.

However, if you don’t want us to process your personal information further, please contact us at privacy@tinyboom.com. In most cases, the App cannot continue operating without functional data, so you will be advised to remove it from your device. 

If you don’t want us to share device identifiers and geolocation data with third-party service providers, please check your device settings as described in Section 9 below.

• Non-discrimination. You are entitled to exercise the rights described in this section free from discrimination. This means that we will not discriminate against you in a manner prohibited by the CCPA because you exercise your CCPA rights.

Unless permitted by the CCPA, we will not:

• Deny you goods or services.

• Charge you different prices or rates for goods or services, including by granting discounts or other benefits or imposing penalties.

• Provide you with a different level or quality of goods or services.

• Suggest that you receive a different price or rate for goods or services or a different level or quality of goods or services.

Now that you are aware of your California privacy rights, please note the following:

• All the categories of personal information are listed in Section 1 of this Privacy Policy ʺ2. INFORMATION WE PROCESSʺ has been collected by us from Users within the last twelve (12) months.

• In the preceding twelve (12) months, we have disclosed your personal information included in each category of personal information (i), (ii), (iii), and (iv) listed in Section 2 of this Privacy Policy ʺ2. INFORMATION WE PROCESSʺ for each business purpose described above depending on your use of the App described herein.

• We are not in the business of selling information about you to anybody, which indicates that no personal information has ever been sold.

How to Exercise Your California Privacy Rights

To request access to your personal information or request deletion, please submit a verifiable consumer request to us at privacy@tinyboom.com

Consumers may exercise these rights via an authorized agent who meets the agency requirements of the CCPA. Only you or a person registered with the California Secretary of State you authorize to act on your behalf may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request for your minor child.

Please include the wording “Consumer rights to maintain confidentiality in the state of California” in the text of your request.

Any request you submit to us is subject to an identification and residency verification process, so when submitting a verifiable request, you should be ready to:

• Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative, which may include name, address, city, state, zip code, and email address. We may use this information to surface security questions to verify your identity. If you request an authorized agent acting on your behalf, such authorized agent must provide written authorization confirming or a power of attorney signed by you.

• Describe your request with sufficient detail that allows us to understand, evaluate, and respond to it appropriately. 

We will not be able to respond to your request or provide you with personal information if we cannot (i) verify your identity or authority to make the request or (ii) confirm the personal information relates to you. We may ask you for additional information or documents to verify your identity. We may also check with third-party identity verification services to verify your identity before taking any action with your personal information. This is regarded as a safeguard measure to prevent disclosure of your personal information under a fake or scum request.

We ensure that personal information provided in a verifiable consumer request will be used only to verify the requestor’s identity or authority to make the request and not for any other purpose. We will keep it for the adequate term reasonably needed for the abovementioned purpose and delete it after the purpose is fulfilled.   

We try to respond to a verifiable consumer request within forty-five (45) days of receipt. We will inform you of the reason and extension period in writing if we require more time. Please note that we are only required to respond to two requests per customer each year.

If you are not a resident of the EEA, UK, or California, depending on your location, you may be able to make requests to access, correct, and/or delete certain personal information that you provide to us. For your protection, we may require proof and verification of identity and jurisdiction of residency before we can answer the above requests. If you wish to make such a request, contact us at privacy@tinyboom.com. If we change or delete your personal information or if you decline to share certain personal information with us actively, we may not be able to provide you with some of the App's features and functionality. Once we have verified you, we will honor such requests at our discretion and under applicable law.

9. HOW TO OPT-OUT

Marketing tracking

Either choose the option "Limit Ad Tracking" on your iOS device in Settings > Privacy > Advertising or Choose the option “Allow Apps to Request to Track" off your iOS device in Settings > Privacy > Tracking. Please refer to the instructions here: https://support.apple.com/en-us/HT202074, https://support.apple.com/en-us/HT212025.

Location tracking

Settings > Privacy > Location Services. Choose the applicable App and set the “Share My Location” status to “Never”. Please refer to this instruction: https://support.apple.com/en-us/HT203033.

Please be aware that opting out of interest-based advertising does not eliminate all ads. You may still see contextual ads based on non-personal information, such as those related to the content of other digital products you use.

10. CHANGES TO THE PRIVACY POLICY

We update this Privacy Policy regularly to keep up with our practices and legal requirements.

If we change this Privacy Policy, we'll update it and share the new version on this page and other important places. Depending on the situation, we may also inform you about the changes in other ways.

11. HOW TO CONTACT US

If you have questions about this Privacy Policy, please message us at privacy@tinyboom.io.