Privacy Policy

Chapter 1: Introduction and Definitions

Privacy Policy Overview

Bulang VS Online ("we," "our," or "us") is committed to protecting your privacy. We understand the importance of your personal information and are dedicated to safeguarding it. This Privacy Policy explains how we collect, use, and disclose your personal information. By using our services, you agree to the terms outlined here and in our Terms of Service. We encourage you to read this policy carefully to understand our practices regarding your data and how we will treat it. We believe in transparency and want you to feel confident about how we handle your personal information.

Our Commitment to Privacy

At Bulang VS Online, we prioritize your privacy and are committed to maintaining the confidentiality and security of your personal information. We implement industry-standard practices to ensure your data is protected and handle your information with the utmost care and respect. Our team is trained to manage your data responsibly, and we continuously review our privacy practices to ensure they meet the highest standards. We also engage with external experts to audit our practices and ensure compliance with the latest regulations and standards.

Definitions

To clarify terms used in this policy:

• Cookie: A small data file created by a website and stored by your browser, used for identification and analytics. Cookies help us understand how you interact with our services and enable us to provide a more personalized experience. They can store user preferences and other information to enhance your experience on our platform.
• Company: Refers to MysticPeak Gaming LLC, responsible for your information. We are the entity that collects and processes your data in accordance with this policy. Our company is committed to ethical data management and privacy protection.
• Device: Any internet-connected device used to access our services. This includes smartphones, tablets, and computers. We ensure compatibility across various devices to provide a seamless user experience.
• IP Address: A number assigned to devices connected to the internet, often used to identify location. This helps us understand where our users are accessing our services from and tailor our offerings accordingly.
• Personnel: Individuals employed by or contracted to Bulang VS Online. Our personnel are trained to handle your data with care and confidentiality. We conduct regular training sessions to keep our team updated on best practices.
• Personal Data: Information that can identify a person. This includes names, adid, and other identifiers. We treat personal data with the highest level of security and confidentiality.
• Service: The services provided by Bulang VS Online. Our services include our app, and any related offerings. We are committed to continuously improving our services to meet user needs.
• Third-party service: External partners providing content or services. These partners help us enhance our offerings and improve user experience. We carefully select our partners to ensure they align with our privacy standards.
• You: The individual or entity registered to use our services. You are the data subject whose information we collect and process. We respect your rights and provide you with control over your data.

Chapter 2: Data Collection and Retention

What Data Do We Collect & Data Collection Timing?

We collect personal information when you submit it to us or when we receive it from third parties. This includes data collected during account registration, service usage, and through interactions with our customer support. We ensure that data collection is conducted transparently and in accordance with applicable laws. We provide clear information about what data is collected and why.

Data Retention

We retain your information as long as necessary to provide our services and comply with legal obligations. When no longer needed, we securely delete or anonymize it. You can also contact us via email to request the deletion of your account information. Our data retention practices are designed to protect your privacy while ensuring we meet our legal and operational requirements. We regularly review our data retention policies to ensure they are up-to-date and effective.

International Data Transfer

Your information may be transferred globally, and by using our services, you consent to this transfer, in compliance with applicable data protection laws. We take steps to ensure that your data is treated securely and in accordance with this privacy policy, regardless of where it is processed. We use standard contractual clauses and other safeguards to protect your data during international transfers.

Data Access and Correction

You can request updates or corrections to your information. We take steps to verify your identity before making changes to ensure that your data is accurate and up-to-date. Our goal is to provide you with control over your personal information and ensure its accuracy. We provide easy-to-use tools for you to access and update your data.

Chapter 3: Data Usage and Third-Party Interactions

How Do We Use The Information We Collect?

Any of the information we collect from you may be used in one of the following ways:

• To personalize your experience: Your information helps us to better respond to your individual needs by tailoring our services to your preferences. We use data analytics to understand user behavior and preferences.
• To improve our app: We continually strive to improve our app offerings based on the information and feedback we receive from you, ensuring a better user experience. User feedback is invaluable to us, and we actively seek it to enhance our services.
• To improve customer service: Your information helps us to more effectively respond to your customer service requests and support needs, providing timely and efficient assistance. We aim to resolve issues promptly and to your satisfaction.

Third-Party Services and Information Use

We utilize various third-party services to enhance the functionality and user experience of our application. These services help us provide a seamless and efficient experience for our users.

• React Native: Our application is built using React Native. While React Native itself does not collect personal data, some third-party libraries used within our app might. We thoroughly vet these libraries and only incorporate those that comply with our privacy standards. We ensure that any data collected is used responsibly and ethically.
• AppsFlyer: We use AppsFlyer for mobile attribution and analytics. To provide these services, AppsFlyer collects certain device information, which may include personal data such as trackers and unique device identifiers (e.g., Google Advertiser ID or IDFA), along with usage data. This data is anonymized and used solely to improve our app's performance and enhance the user experience. We ensure that AppsFlyer complies with our privacy standards and legal requirements.
• Secure API Service: https://service.mysticpeak.org provides core application services through encrypted connections to ensure secure and reliable data exchange.
• Content Delivery Network (CDN): https://cdn.mysticpeak.org supports the efficient distribution of static resources and media content, helping improve app loading speed and overall user experience.
• Update Service: https://cfg.mysticpeak.org delivers configuration updates and resource improvements, including the latest gameplay balance values and feature/configuration updates, ensuring users can experience the most up-to-date, optimized, and stable gameplay and app performance.
• Compliance: All integrations and services are reviewed for security and compliance to safeguard user data and maintain alignment with relevant policies and regulations.

Data Security

We implement comprehensive security measures to protect your information, including:

• Encryption: Personal data is encrypted during transmission and at rest to ensure confidentiality. We use advanced encryption technologies to protect your data.
• Access Controls: Strict access controls and authentication procedures limit access to your personal data to employees, agents, contractors, and third parties with a business need to know. They process your data only on our instructions and are bound by confidentiality obligations. We regularly review access permissions to ensure they are appropriate.
• Regular Testing: We regularly test and evaluate the effectiveness of our security measures to ensure they are up-to-date and effective. We conduct vulnerability assessments and penetration testing to identify and address potential security risks.
• Security Training: Our staff undergo regular security awareness training to stay informed about best practices and potential threats. We emphasize the importance of data protection and privacy in our training programs.
• Incident Response: We have incident response and disaster recovery plans in place to quickly address and mitigate any security breaches. We conduct regular drills to ensure our team is prepared to respond effectively to incidents.

We are committed to transparency and only collect information necessary for the functioning and improvement of our services. However, while we strive to protect your data, we cannot guarantee absolute security. We continuously monitor our systems for potential vulnerabilities and take proactive measures to address them.

Children's Privacy

Our services are not intended for children under 13. We do not knowingly collect personal information from children under 13. If we become aware that we have inadvertently collected such information, we will take steps to delete it promptly. Parental consent is required for any interaction with our services by children, and we are committed to protecting the privacy of minors. We provide resources for parents to understand our practices and make informed decisions.

Governing Law

This policy is governed by United States law. By using our services, you agree to this policy. We are committed to complying with all applicable laws and regulations regarding data protection and privacy. We regularly review our policies to ensure compliance with legal requirements.

Chapter 4: GDPR Information

Information about General Data Protection Regulation (GDPR)

We may be collecting and using information from you if you are from the European Economic Area (EEA), and in this section of our Privacy Policy we are going to explain exactly how and why is this data collected, and how we maintain this data under protection from being replicated or used in the wrong way.

What is GDPR?

GDPR is an EU-wide privacy and data protection law that regulates how EU residents' data is protected by companies and enhances the control the EU residents have, over their personal data.

The GDPR is relevant to any globally operating company and not just the EU-based businesses and EU residents. Our customers’ data is important irrespective of where they are located, which is why we have implemented GDPR controls as our baseline standard for all our operations worldwide.

What is personal data?

Any data that relates to an identifiable or identified individual. GDPR covers a broad spectrum of information that could be used on its own, or in combination with other pieces of information, to identify a person. Personal data extends beyond a person’s name or email address. Some examples include financial information, political opinions, genetic data, biometric data, IP addresses, physical address, sexual orientation, and ethnicity.

The Data Protection Principles include requirements such as:

• Personal data collected must be processed in a fair, legal, and transparent way and should only be used in a way that a person would reasonably expect.
• Personal data should only be collected to fulfil a specific purpose and it should only be used for that purpose. Organizations must specify why they need the personal data when they collect it.
• Personal data should be held no longer than necessary to fulfil its purpose.
• People covered by the GDPR have the right to access their own personal data. They can also request a copy of their data, and that their data be updated, deleted, restricted, or moved to another organization.

Why is GDPR important?

GDPR adds some new requirements regarding how companies should protect individuals' personal data that they collect and process. It also raises the stakes for compliance by increasing enforcement and imposing greater fines for breach. Beyond these facts it's simply the right thing to do. At Bulang VS Online we strongly believe that your data privacy is very important and we already have solid security and privacy practices in place that go beyond the requirements of this new regulation.

Individual Data Subject's Rights - Data Access, Portability and Deletion

We are committed to helping our customers meet the data subject rights requirements of GDPR. Bulang VS Online processes or stores all personal data in fully vetted, DPA compliant vendors. We do store all conversation and personal data for up to 6 years unless your account is deleted. In which case, we dispose of all data in accordance with our Terms of Service and Privacy Policy, but we will not hold it longer than 60 days.

We are aware that if you are working with EU customers, you need to be able to provide them with the ability to access, update, retrieve and remove personal data. We got you! We've been set up as self service from the start and have always given you access to your data and your customers data. Our customer support team is here for you to answer any questions you might have about working with the API.

California Residents

The California Consumer Privacy Act (CCPA) requires us to disclose categories of Personal Information we collect and how we use it, the categories of sources from whom we collect Personal Information, and the third parties with whom we share it, which we have explained above.

We are also required to communicate information about rights California residents have under California law. You may exercise the following rights:

• Right to Know and Access. You may submit a verifiable request for information regarding the: (1) categories of Personal Information we collect, use, or share; (2) purposes for which categories of Personal Information are collected or used by us; (3) categories of sources from which we collect Personal Information; and (4) specific pieces of Personal Information we have collected about you.
• Right to Equal Service. We will not discriminate against you if you exercise your privacy rights.
• Right to Delete. You may submit a verifiable request to close your account and we will delete Personal Information about you that we have collected.
• Request that a business that sells a consumer's personal data, not sell the consumer's personal data.
• If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us.

We do not sell the Personal Information of our users.

For more information about these rights, please contact us.

California Online Privacy Protection Act (CalOPPA)

CalOPPA requires us to disclose categories of Personal Information we collect and how we use it, the categories of sources from whom we collect Personal Information, and the third parties with whom we share it, which we have explained above.

CalOPPA users have the following rights:

• Right to Know and Access. You may submit a verifiable request for information regarding the: (1) categories of Personal Information we collect, use, or share; (2) purposes for which categories of Personal Information are collected or used by us; (3) categories of sources from which we collect Personal Information; and (4) specific pieces of Personal Information we have collected about you.
• Right to Equal Service. We will not discriminate against you if you exercise your privacy rights.
• Right to Delete. You may submit a verifiable request to close your account and we will delete Personal Information about you that we have collected.
• Right to request that a business that sells a consumer's personal data, not sell the consumer's personal data.
• If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us.

We do not sell the Personal Information of our users.

For more information about these rights, please contact us.

Chapter 5: Miscellaneous

External Links

Our services may link to external websites, which have their own privacy policies. We are not responsible for the privacy practices of these websites, and we encourage you to review their policies before providing any personal information. We provide clear indications when you are leaving our site to visit an external link.

Consent

By using our app, you consent to this Privacy Policy. Your continued use of our services indicates your acceptance of this policy and any updates we may make. We encourage you to review this policy periodically to stay informed about how we are protecting your information. We provide notifications of significant changes to our policy.

Policy Changes

We may update this policy and will notify you of significant changes. We will provide notice through our app or by other means to ensure you are aware of any updates. Your continued use of our services after changes are made indicates your acceptance of the revised policy. We maintain a history of policy changes for your reference.

Contact Us

For questions, contact us via email at paxton.hannah@mysticpeak.org. We are here to assist you with any inquiries or concerns you may have regarding this privacy policy or our data practices. We value your feedback and are committed to addressing your concerns promptly and effectively.