Lua Bingo online Privacy Policy

Last updated: 10 October 2021

This Privacy Policy explains how your personal data is collected and processed by Alexandre Chimeno Bort (ACB) when you use the Lua Bingo online application (the “App”).

The App is a free to play game (with optional in-game-purchases), and in order to maintain the high quality and a great game experience we process information from and about you in particular to improve the entire experience in the App and to support internal operations.

We update this Privacy Policy from time to time. If we make changes, we will notify you by revising the date at the top of the policy and, depending on the specific changes, we will provide you with additional notice or require a renewed consent. We encourage you to review the Privacy Policy whenever you access the App to stay informed about how we process your personal data and how you can protect your privacy.

Collection of information

Information we collect automatically through the app

When you access or use the App, we automatically collect general information about you, including:

• Username: we log your username as indicated by you in the register popup.
• Birthday: we log your birthday as indicated by you in the register popup.
• Log Information: We log information about your use of the App, including the type of device you use, the features you use, access times and your IP address.
• Device Information: We collect information about the device you use to access the App, including information about the device’s software and hardware, unique device identifiers (i.e. Device ID and advertising ID), device tokens for push messages, mobile network information and time zone.
• Usage Information: We collect information relating to your use of the App, including your game progress, scores, achievements and interactions with other players.
• Consumption information: We collect information about your consumption habits relating to your use of the App, including which purchases you make with both virtual and real currencies and the reception of virtual goods in-game.

Information we collect from other sources

If you log into the App using a third party site or platform such as Facebook we access information about you from that site or platform, such as your screen name, profile information, birthday, in accordance with the authorization procedures determined by such third party site or platform provided that you have given the third party site in question such consent.

If you log into the App using a third party site or platform, you represent and warrant that your access and use of such features in connection with the App will comply with the applicable terms and policies of such site or platform; and that you are over the minimum age limit that is prescribed for such third party site or platform by the legislation in the individual jurisdictions.

Use of information – purpose and legal basis

We use information about you for the following purposes in accordance with the legal bases for each type of personal data as described below:

Username

- is being processed:

to identify the player in the game.

Birthday

- is being processed:

to send a birthday gift and to identify the player zodiac sign.

Log-, device-, usage-, and consumption information

- are being processed:

• to provide and deliver the products and services you request and send you related information as requested by you / as agreed with you;
• to provide and maintain the App and the game experience; and
• to send you technical notices, updates, security alerts, and support and administrative messages;

Our processing for the above purposes is necessary for the performance of a contract to which you are party in order to support the operation of the App, facilitate the delivery of requested products and services and enable maintenance and update of the App, see Article 6(1)(b) of the GDPR.

• to provide news and information about the App that we think will be of interest to you;
• to personalize and improve the App and provide tailored content and features;
• to monitor and analyze trends, usage and activities in connection with the App; and
• to provide users that have given us consent to share their advertising IDs with our ad network partners (as further specified under Sharing of Information) for the purpose of serving them with personalized advertisement in the App (behavioral advertising).

Our processing for the above purpose is justified by our legitimate interests in providing advertisements and content of interest to you in accordance with Article 6(1)(f) of the GDPR. The disclosure of your advertising ID to third parties for the purposes of behavioral advertising is based on your consent in accordance with Article 6(1)(a) of the GDPR (see more below under Sharing of Information).

Information from other sources

- are being processed:

• to provide and deliver the products and services you request and send you related information;

Our processing for the above purposes is justified by our legitimate interests in providing content of interest to you and improving our services in accordance with Article 6(1)(f) of the GDPR.

• to link or combine information we get from others to help understand your needs and provide you with better service; and
• to provide news and information about the App we think will be of interest to you;

Our processing for the above purposes is justified by our legitimate interests in providing content of interest to you and improving our services in accordance with Article 6(1)(f) of the GDPR.

We only process your information to the extent that is necessary to achieve the purposes for which the information has been collected.

Storage of information

ACB will store your personal data for as long as necessary in order to provide you with the App or otherwise fulfil the purposes as described above, unless further storage is required in order to establish, exercise or defend a legal claim or to comply with applicable law, including accounting rules.

Your personal data are deleted or anonymized as soon as it no longer serves one of the above mentioned purposes and in any event no later than 90 days after your interaction with the App has ceased.

Sharing of information

We disclose information about you to the following categories of recipients based on the legal bases in Sections 6(1)(b), 6(1)(c) and 6(1)(f) of the GDPR (see a description of the legal bases above):

• Social networks, see more under "Social Sharing features";
• Third parties if we are required to disclose your personal data by applicable law, rule, regulation, legal process or in connection with, or during negotiations of, any merger, sale of company assets, financing or acquisition of all or a portion of our business by another company;
• The authorities if we believe your actions are inconsistent with the spirit or language of our policies or if the disclosure is necessary to protect the rights, property and safety of ACB or others;
• Other players in order to provide certain in-app features, such as leaderboards, if you log into the App using a third-party service, such as Facebook or Apple Game Center;
• Advertising network companies in order to serve contextual advertisements (the data include your IP-address, Device ID and advertising ID).

Furthermore, if you have given your consent in accordance with Section 6(1)(a) of the GDPR, we share your advertising ID to advertising network companies for the purpose of them serving behavioral advertisements to you within the App. We use or may use the following advertising network companies:

• Unity Ads https://unity3d.com/legal/privacy-policy

• Analytics network companies in order to monitor and analyze trends, usage and activities in connection with the App (the data include your IP-address, Device and advertising ID).

Furthermore, if you have given your consent in accordance with Section 6(1)(a) of the GDPR, we share your device ID to analytics network companies for the purpose of monitorize and analyze user trends. We use or may use the following analytics network companies:

We use or may use the following analytics network companies:

• Unity Analytics https://unity3d.com/legal/privacy-policy
• Google Analytics https://policies.google.com/privacy

The recipients' use of the disclosed information will not be covered by this Privacy Policy. If you have questions concerning the processing carried out by such third parties, you should review their privacy policy.

In connection with our processing, we use data processors such as server hosting providers, technical service providers for supporting internal operations, user login services and analytics service providers.

Social sharing features

The App offers social sharing features and other integrated tools (such as the Facebook “Like” button), which let you share actions you take in the App with other media. You must be over the minimum age limit that is prescribed by the legislation in the individual jurisdictions to use any social sharing features integrated in the App. The use of such features enables the sharing of information with your friends or the public, depending on the settings you establish with the entity that provides the social sharing feature.

The App has social features from the following providers:

• Facebook
• Game Center

For more information about the processing carried out by the respective third parties in connection with social sharing features, please visit the privacy policies of the entities that provide these features, which can be found here:

• Facebook: https://www.facebook.com/about/privacy/
• Game Center: https://www.apple.com/legal/internetservices/itunes/gamecenter/

Age Limits

Generally speaking, most of our Services are not intended for children under the age of 13 (or under 16 for children located in the European Countries) (collectively, “Children”). Children are not permitted to use these Services, and we do not knowingly collect any personal information from Children.

Though our Services do not target Children as the primary audience, we may collect age information before allowing a user to proceed for certain Services. For users who identify themselves as Children in our age-gate on such Services, if we allow Children to use the Services, we will either provide a version of that Service that does not collect, use, or disclose “personal information” (as defined in the Children’s Online Privacy Protection Act (“COPPA”)), except as permitted by COPPA, or obtain legally valid parental consent.

If we learn that we have inadvertently gathered personal information that is not subject to a COPPA exception from a Child, we will delete that data as quickly as possible. If you believe that we might have any data from or about a child under the age of 16, please contact us.

Transfer to third countries

In connection with the processing, we will in certain circumstances transfer your personal data to recipients in the U.S which has been declared an unsafe third country by the European Commission.

We only transfer personal data to entities in third countries that have provided appropriate safeguards to ensure that their level of data protection is in agreement with this privacy policy and applicable law.

Consequently, the transfers will only occur based on the following safeguards:

• If the entity is certified to comply with the principles for data protection under the US-EU Privacy Shield Framework ("Privacy Shield") (you can view the entities certified under Privacy Shield at www.privacyshield.gov), or
• If we have entered into standard data protection clauses adopted by the Commission with the entity, which is deemed to offer sufficient safeguards with respect to the protection of the privacy and fundamental rights and freedoms of individuals (you can obtain a copy of the clauses by contacting ACB).

Security

ACB takes reasonable measures to help protect information about you from loss, theft, misuse and unauthorized access, disclosure, alteration and destruction.

Your rights

If you wish to use any of the rights described below, you may contact us at any time by emailing us at contact@luabingo.com

We process and answer your requests without undue delay and in any event within one month of our receipt of the request unless a longer period is required due to the complexity of the request. In this case, our response time can be up to three months in total as permitted by Article 12 of the GDPR.

Right to request access

You have the right to request access into the data that we are processing on you, see Article 15 of the GDPR, including information about:

• the purposes of the processing
• the categories of personal data concerned
• the recipients or categories of recipient to whom the personal data have been or
• will be disclosed
• the envisaged period for which the personal data will be stored

Furthermore, you have the right to obtain a copy of the personal data undergoing processing. Please note that the access may be restricted due to intellectual property or trade secrets.

The right to object

You have the right to object to our processing of your personal data on grounds relating to your particular situation when the data are processed based on the balancing-ofinterest rule in Section 6(1)(f) of the GDPR, see Article 21 of the GDPR. In this case, we will cease the processing unless there are compelling legitimate grounds for the processing which override your interests, rights and freedoms or if the processing is necessary for the establishment, exercise or defense of legal claims.

You have the right to object to our processing of your personal data for direct marketing purposes at any time. We will cease the processing of your personal data for this purpose after the objection. Please note that if you exercise this right, your user license to use the App will cease automatically.

Right to rectification and erasure

You have the right to have inaccurate personal data rectified, see Article 16 of the GDPR.

Furthermore, you have the right to have your personal data erased where one of the following grounds applies, see Article 17 of the GDPR:

• the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed,
• if you have withdrawn your consent and there are no other legal grounds for the processing,
• if you have objected to the processing and there are no overriding legitimate grounds for the processing,
• the personal data have to be erased for compliance with a legal obligation in Union or Member State law,
• the personal data have been unlawfully processed or • the personal data have been collected in relation to the offer of information society services.

Please note that your right to erasure may be limited if the data are necessary for compliance with a legal obligation or for the establishment, exercise or defense of legal claims.

The right to restriction

You have the right to obtain restriction of processing in certain circumstances, see Article 18 of the GDPR. If you have the right to restriction, we will only process your data with your consent or for the establishment, exercise or defense of a legal claim or to protect a person or important grounds of public interest

The right to withdraw consent

If we have asked for your consent to our processing of your data, you have the right to withdraw your consent at any time, see Article 7 of the GDPR.

If you withdraw your consent, we will cease processing of the data for which you have withdrawn consent, unless we have a legal obligation to keep some or parts of your data.

Please note that if you withdraw your consent, your user license to use the App will cease automatically.

The withdrawal of your consent does not affect the lawfulness of processing based on your consent before its withdrawal.

The right to data portability

You have the right to receive the personal data you have provided us with which we process in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller if the processing is based on consent or contract performance, see Article 20 of the GDPR.

Push notifications

We send push notifications or alerts to your mobile device to provide game-related information, service updates, promotional communications and other related messages, if you have agreed to such notifications. You can deactivate these notifications by changing your notification settings on your device.

Contact and complaints

ACB has the following contact information:

Address: Av. Catalunya 34 4t Alcanar 43530, Tarragona Spain

E-mail: contact@luabingo.com

If you wish to make a complaint over the processing of your personal data, you have the right to lodge a complaint to the relevant supervisory authority.

GDPR:  Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.