Privacy Policy (original) (raw)

Privacy Policy

Last update: [8 November 2022]

[ARETIS LIMITED] (“ARETIS” or “we”) highly values your privacy. This privacy policy (the “Policy”) sets out how we collect, use and protect your personal data when you access, use and play games, features, content and services via websites, mobile applications and other channels or portals developed and managed by ARETIS(the “Services”).

1. Who We Are

[ARETIS LIMITED], a company incorporated under the laws of [Hong Kong], is the controller (or a similar role) who is responsible for handling your personal data under this Policy.

1. The Data We Collect a bout You
   • We collect both personal and non-personal data when you useour Services 。Personal data means any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier of that natural person.
   • We collect the following types of data for the purposes stated below:

1. Special Categories of Personal Data
   • Certain categories of personal data, such as details about your race or ethnicity, religious or philosophical beliefs and so on, are considered more sensitive than other categories of personal data in certain jurisdictions and require a higher level of protection.
   • Toclarify, our Services do not collect any types of those special categories of personal data.
2. How Your Personal Data is Collected

We may collect your personal data through our Services, or by post, phone, email or other means you choose to interact with us.

1. Legal Basis for Collection and Use of Personal Data

We only process your personal data where this is a legal basis permitted by the applicable law. The legal basis will depend on the context and purpose for which we collect and use your data, which may include:

• Consent: certain data will be collected when you have given us informed consent. You may withdraw your consent at any time but this will not affect the validity of the processing activities prior to the withdrawal.
• Contractual necessity: it is necessary for us to collect and process certain data to enable us to enter into a contract with you and perform our contractual obligations.
• Fulfilment of legal obligation: we may be required by the applicable law to collect and use your personal data to comply with our legal obligations.
• Legitimate interests: in certain jurisdictions we may rely on legitimate interests to collect and use your personal data to operate and improve our business.
• Other: we may also collect and use your personal data based on other legal bases under the applicable law.

1. Cookies, SDK and Similar Technologies
   • Our Services use cookies, SDK and similar technologies to deliver essential and additional functions. Please see [SDK List]for more information on the types of SDKs we incorporate into our mobile applications.
   • The information collected by the SDKs are for the purposes of:
     * providing and improving our Services;
     * analyzing how our Services are used by users;
     * displaying and running in-app advertisements;
     * studying and analyzing the functionality and performance of the Services and activities related to the Services;
     * protecting the Services and usersfrom fraud, misuse and unlawful use of the Services’ and related data and assets.

We do not have access to the information collected by the SDKs.

1. Third-party Links

Our Services may include links to third-party websites, plug-ins and applications. Clicking on those links may allow you to visit websites and applications of third parties. Please read the privacy policy of the third-party websites, plug-ins and applications you visit to know how they collect and use your personal data.

1. Disclosure
   • We will not disclose your personal data to third parties unless we have obtained your consent or there are other legal bases for such disclosure.
   • We may engage a data processor (and/or sub-processor) to process your personal data for the purposes in this Policy, in which case we will request the data processor (and/or sub-processor) to keep your personal data in strict confidence and only process data to the extent it is necessary to perform its contractual or statutory obligations.
   • We may disclose your personal data to third parties to whom we may choose to sell, transfer or merge parts of our business or our assets, in which case the new owners will assume all our rights and obligations in this Policy.
   • We may also disclose your personal data for the purposes of national security, law enforcement, or public interests.
2. International Transfer of Data
   • We may choose to store your personal data on a local server or a server located in a foreign country depending upon the IT configurations of our websites and mobile applications, which may be adjusted from time to time.
   • Where the transfer of your personal data to a server located in a foreign country satisfies the definition of international transfer or cross-border transfer of personal data under the applicable law, we will determine the legal basis for the transfer and take appropriate security measures to ensure a level of protection as required under the applicable law.
3. Data Retention

We will only retain your personal data for as long as reasonably necessary to fulfil the purposes set out in this Policy. We will either delete or anonymize your personal data when it is no longer required to satisfy the purposes set out in this Policy.

1. Your Legal Rights
   • You may have certain legal rights in relation to processing of your personal data, which may include:

• Access right: you may request access to your personal data in our possession.
• Rectification right: you may request us to correct your personal data if it is inaccurate.
• Erasure right: you may request us to delete your personal data.
• Restriction right: you may request us to restrict how we process your personal data.
• Portability right: you may request us to help you transfer your personal data to other entities.
• Withdrawal of consent: you may withdraw your consent at any time.
• Right to complain and report: you have the right to complain to the relevant supervisory authority.
  • The above rights may only apply in limited circumstances under the applicable law and if we decide not to respond to your claim for the above rights, we will explain reasons.

1. Children’s Data
   • Our Services are designedand provided to users of various age groups. We will not collect personal data from any users who are under the age of 13. If parents or legal guardians suspect that their children, under the age of 13, have provided us with personal data inadvertently, they may request such personal data be removed by contacting us at [service@aretis.cc].
   • Users who are between 13 and 18 years old (or the relevant age defined as a minor in the respective jurisdiction) should seek the consent of their parents or legal guardians before using our Services.
2. Data Security

We are committed to keeping your personal data safe. We take reasonable and appropriate administrative, technical, organizational, and physical security and risk management measures in accordance with applicable laws to ensure that your personal data is adequately protected against accidental or unlawful destruction, damage, loss or alteration, unauthorized or unlawful access, disclosure or misuse, and all other unlawful forms of processing of your personal data in our possession.

1. Changes to this Policy
   • This Policy may be changed from time to time.
   • If we change anything important about this Policy (e.g., the type of personal data we collect), we will provide a prominent link together with the updated policy for your reference onour Services.
2. Contact Us

If you have any questions about this Policy, including any requests to exercise your legal rights, please contact our data protection department at [service@aretis.cc].