Privacy Policy

1. Introduction and Scope

Welcome to CrazyRadish Game Studio ("CrazyRadish," "Company," "we," "our," or "us"). This Privacy Policy explains how we collect, use, process, disclose, and safeguard your personal information when you use our mobile games, visit our website, or interact with our services (collectively, the "Services").

Territorial Scope: This Privacy Policy applies to all users worldwide and has been designed to comply with privacy laws in multiple jurisdictions including but not limited to:

• European Union (GDPR)
• United States (CCPA, COPPA, state privacy laws)
• Canada (PIPEDA, provincial privacy laws)
• Brazil (LGPD)
• United Kingdom (UK GDPR, DPA 2018)
• Australia (Privacy Act 1988)
• Japan (APPI)
• South Korea (PIPA)
• Singapore (PDPA)
• Other applicable jurisdictions where our services are available

Consent and Legal Basis: By using our Services, you acknowledge that you have read and understood this Privacy Policy. Depending on your jurisdiction, our processing of your personal information may be based on:

• Your explicit consent
• Performance of a contract with you
• Compliance with legal obligations
• Protection of vital interests
• Legitimate business interests (where permitted by law)

2. Information We Collect (Comprehensive)

2.1 Personal Information (Directly Provided)

Identity Data:

• Full name, username, display name
• Email address, phone number
• Date of birth (for age verification)
• Profile pictures and avatars
• Social media handles and profiles

Contact Data:

• Billing and shipping addresses
• Emergency contact information
• Communication preferences
• Customer support interactions and correspondence

Financial Data:

• Payment card information (processed by secure third-party processors)
• Billing addresses and payment history
• Transaction records and purchase history
• Refund and chargeback information
• Tax identification numbers (where required)

Account Data:

• Login credentials (encrypted passwords)
• Security questions and answers
• Two-factor authentication settings
• Account preferences and settings
• Linked social media accounts

2.2 Automatically Collected Information (Technical Data)

Device Information:

• Device type, model, manufacturer
• Operating system and version
• Unique device identifiers (IDFA, GAID, etc.)
• Hardware specifications (RAM, storage, processor)
• Screen resolution and display settings
• Battery level and charging status
• Network connection type (WiFi, cellular)

Usage and Gameplay Data:

• Game progress, levels completed, achievements unlocked
• In-game purchases and virtual currency transactions
• Gameplay statistics and performance metrics
• Time spent in games and session duration
• Feature usage and interaction patterns
• Game crashes and error reports
• Leaderboard rankings and competitive data

Technical and Performance Data:

• IP address and geolocation data
• Browser type, version, and language settings
• App version and build information
• Performance metrics (loading times, frame rates)
• System logs and diagnostic information
• Network latency and connection quality

Behavioral and Analytics Data:

• Click-through rates and engagement metrics
• User journey and navigation patterns
• A/B testing participation and results
• Personalization and recommendation data
• Marketing campaign effectiveness data

2.3 Third-Party and Integrated Service Data

Social Media Integration:

• Facebook, Google, Apple, Twitter profile information
• Friends lists and social connections
• Shared content and social interactions
• Social media authentication tokens

Advertising and Marketing Data:

• Advertising identifiers and tracking pixels
• Campaign attribution data
• Cross-device tracking information
• Marketing preferences and opt-out status

App Store and Platform Data:

• Download and installation data
• App store reviews and ratings
• Platform-specific identifiers
• Distribution channel information

2.4 Sensitive Personal Information

We may collect limited sensitive information only when necessary and with appropriate consent:

• Biometric Data: Voice recordings for customer support (with consent)
• Health Data: Accessibility preferences and requirements
• Location Data: Precise geolocation (only with explicit consent)
• Communication Content: Chat messages, forum posts, user-generated content

2.5 Apple Platform-Specific Data Collection

iOS App Store Data:

• App Store Receipt Data: Purchase receipts, transaction IDs, bundle IDs
• StoreKit Information: Product identifiers, purchase dates, quantity
• Subscription Receipt Data: Subscription status, expiration dates, auto-renewal info
• Family Sharing Data: Shared purchase information, family member access
• Promotional Offer Data: Discount codes, introductory pricing usage

Apple Services Integration Data:

• Sign in with Apple: User identifier, email (real or private relay), name (optional)
• Game Center: Player ID, display name, achievements, leaderboard data
• iCloud Sync: Game save data, user preferences, cross-device sync info
• Apple Push Notifications: Device tokens, notification preferences, delivery status
• Siri Shortcuts: Voice command data, shortcut usage patterns (if applicable)

iOS Privacy Framework Data:

• App Tracking Transparency: Tracking permission status, IDFA access
• Location Services: Precise/approximate location, usage frequency
• Camera/Microphone: Permission status, usage duration (if applicable)
• Photos Access: Selected photos, limited library access data
• Contacts Access: Contact information (if permission granted)
• Motion & Fitness: Step count, motion data (if applicable)

TestFlight and Beta Testing Data:

• Beta tester Apple ID and contact information
• TestFlight app usage and crash reports
• Beta feedback and bug reports
• Device information for beta compatibility
• Beta app installation and usage metrics

2.6 Special Categories of Data (GDPR Article 9)

We generally do not collect special categories of personal data. However, if such data is inadvertently collected, we will:

• Delete it immediately upon discovery
• Implement additional safeguards if retention is legally required
• Obtain explicit consent if processing is necessary
• Notify relevant authorities as required by law

3. How We Use Your Information (Detailed Purposes)

3.1 Core Service Provision

Game Operations and Functionality:

• Delivering game content and features
• Synchronizing game progress across devices
• Managing user accounts and profiles
• Processing in-app purchases and transactions
• Enabling multiplayer and social features
• Providing leaderboards and competitive features
• Delivering personalized game experiences

Technical Operations:

• Maintaining service availability and performance
• Troubleshooting technical issues
• Implementing security measures and fraud prevention
• Conducting system maintenance and updates
• Optimizing game performance and loading times

3.2 User Experience Enhancement

Personalization and Recommendations:

• Customizing game content based on preferences
• Recommending games and features
• Tailoring difficulty levels and challenges
• Personalizing user interfaces and settings
• Providing relevant in-game offers and promotions

Analytics and Improvement:

• Analyzing user behavior and engagement patterns
• Conducting A/B testing for feature optimization
• Measuring game performance and user satisfaction
• Identifying areas for improvement and new features
• Understanding user preferences and trends

3.3 Communication and Support

Customer Service:

• Responding to support requests and inquiries
• Providing technical assistance and troubleshooting
• Processing refund and billing inquiries
• Handling account recovery and security issues
• Investigating and resolving user complaints

Marketing and Communications:

• Sending service updates and announcements
• Delivering promotional content and offers
• Conducting surveys and feedback collection
• Providing newsletters and community updates
• Notifying about new games and features

3.4 Business Operations

Financial and Commercial:

• Processing payments and managing billing
• Calculating taxes and regulatory fees
• Managing refunds and chargebacks
• Conducting financial reporting and analysis
• Preventing payment fraud and abuse

Legal and Compliance:

• Complying with legal obligations and regulations
• Responding to law enforcement requests
• Protecting intellectual property rights
• Enforcing terms of service and community guidelines
• Conducting internal audits and investigations

3.5 Security and Safety

Fraud Prevention and Security:

• Detecting and preventing fraudulent activities
• Monitoring for suspicious behavior and abuse
• Implementing account security measures
• Protecting against cyber attacks and threats
• Ensuring child safety and age-appropriate content

Content Moderation:

• Monitoring user-generated content for violations
• Enforcing community guidelines and standards
• Removing inappropriate or harmful content
• Protecting users from harassment and abuse
• Maintaining safe gaming environments

3.6 Research and Development

Product Development:

• Developing new games and features
• Improving existing products and services
• Conducting market research and analysis
• Testing new technologies and innovations
• Evaluating user needs and preferences

AI and Machine Learning:

• Training algorithms for game personalization
• Developing recommendation systems
• Improving fraud detection capabilities
• Enhancing content moderation systems
• Optimizing game balance and difficulty

3.7 Apple Platform-Specific Data Usage

App Store and Subscription Management:

• Processing in-app purchases and subscription renewals
• Validating App Store receipts and transaction authenticity
• Managing subscription status and billing cycles
• Handling refund requests and subscription cancellations
• Supporting Family Sharing functionality
• Implementing promotional offers and pricing tiers

Apple Services Integration:

• Authenticating users through Sign in with Apple
• Synchronizing game data across devices via iCloud
• Managing Game Center achievements and leaderboards
• Delivering push notifications through APNs
• Supporting Siri Shortcuts and voice commands
• Enabling Handoff and Continuity features

iOS Privacy Framework Compliance:

• Respecting App Tracking Transparency preferences
• Managing location services permissions and usage
• Handling camera, microphone, and photo access
• Processing contacts and calendar data (if permitted)
• Supporting accessibility features and preferences
• Implementing Screen Time and parental controls

App Store Review and Compliance:

• Maintaining App Store Review Guidelines compliance
• Updating privacy nutrition labels and disclosures
• Supporting TestFlight beta testing programs
• Responding to App Store review feedback
• Ensuring age-appropriate content and features

3.8 Legal Basis for Processing (GDPR Compliance)

Our processing activities are based on the following legal grounds:

• Consent (Article 6(1)(a)): Marketing communications, optional features, tracking permissions
• Contract Performance (Article 6(1)(b)): Game delivery, account management, subscription services
• Legal Obligation (Article 6(1)(c)): Tax reporting, law enforcement compliance, App Store requirements
• Vital Interests (Article 6(1)(d)): Emergency situations, child safety
• Legitimate Interests (Article 6(1)(f)): Analytics, fraud prevention, security, service improvement
• Public Task (Article 6(1)(e)): Regulatory compliance, public safety

4. Information Sharing and Disclosure (Comprehensive)

Fundamental Principle: We do not sell, rent, or trade your personal information to third parties for their marketing purposes. We only share information as described below and with appropriate safeguards.

4.1 Service Providers and Business Partners

Cloud Infrastructure and Hosting:

• Amazon Web Services (AWS), Google Cloud Platform, Microsoft Azure
• Content delivery networks (CDNs) for game assets
• Database hosting and backup services
• Server monitoring and performance optimization

Analytics and Performance:

• Google Analytics, Firebase Analytics
• Unity Analytics, GameAnalytics
• Crash reporting services (Crashlytics, Bugsnag)
• Performance monitoring tools

Payment Processing:

• Apple App Store, Google Play Store
• Stripe, PayPal, other payment processors
• Fraud detection and prevention services
• Tax calculation and compliance services

Marketing and Advertising:

• Facebook Ads, Google Ads platforms
• Mobile advertising networks (Unity Ads, AdMob)
• Email marketing services (Mailchimp, SendGrid)
• Attribution and campaign tracking services

Customer Support:

• Help desk and ticketing systems (Zendesk, Intercom)
• Live chat and messaging platforms
• Knowledge base and FAQ systems
• Community forum platforms

4.2 Platform and Distribution Partners

App Stores and Platforms:

• Apple App Store, Google Play Store
• Steam, Epic Games Store
• Console platforms (PlayStation, Xbox, Nintendo)
• Regional app stores and distribution platforms

Social Media Integration:

• Facebook, Google, Apple Sign-In services
• Social sharing and authentication platforms
• Gaming social networks and communities

4.3 Legal and Regulatory Disclosure

Law Enforcement and Legal Requests:

• Court orders, subpoenas, and legal process
• Law enforcement investigations
• National security requests (with appropriate legal basis)
• Regulatory inquiries and compliance audits

Legal Protection and Safety:

• Protecting our rights, property, and safety
• Protecting users' rights, property, and safety
• Preventing fraud, abuse, and illegal activities
• Enforcing our terms of service and policies

4.4 Business Transactions

Corporate Transactions:

• Mergers, acquisitions, and corporate restructuring
• Sale of business assets or subsidiaries
• Bankruptcy or insolvency proceedings
• Due diligence processes (with appropriate safeguards)

Investment and Financing:

• Investor due diligence (aggregated data only)
• Financial audits and reporting
• Regulatory compliance reporting

4.5 User-Directed Sharing

Social Features:

• Leaderboards and competitive rankings
• Social media sharing (with user consent)
• Multiplayer game interactions
• Community forums and user-generated content

Third-Party Integrations:

• Connected apps and services (with user authorization)
• Cross-platform game synchronization
• Social media account linking

4.6 Aggregated and De-identified Data

We may share aggregated, de-identified, or anonymized data that cannot reasonably identify you, including:

• Industry research and market analysis
• Academic research and studies
• Business intelligence and benchmarking
• Public reporting and transparency initiatives

4.7 Data Processing Agreements and Safeguards

Contractual Protections:

• Data Processing Agreements (DPAs) with all service providers
• Standard Contractual Clauses for international transfers
• Confidentiality and non-disclosure agreements
• Security and data protection requirements

Vendor Management:

• Regular security assessments and audits
• Compliance monitoring and reporting
• Incident response and breach notification procedures
• Right to audit and inspect data handling practices

5. Data Security (Comprehensive Protection)

5.1 Technical Security Measures

Encryption and Data Protection:

• Encryption in Transit: TLS 1.3 for all data transmissions
• Encryption at Rest: AES-256 encryption for stored data
• Database Encryption: Encrypted databases with key management
• End-to-End Encryption: For sensitive communications
• Key Management: Hardware Security Modules (HSMs) for key storage

Network and Infrastructure Security:

• Firewalls and intrusion detection systems
• DDoS protection and traffic filtering
• Virtual Private Networks (VPNs) for remote access
• Network segmentation and isolation
• Regular security scanning and vulnerability assessments

Application Security:

• Secure coding practices and code reviews
• Regular security testing and penetration testing
• Input validation and sanitization
• SQL injection and XSS protection
• API security and rate limiting

5.2 Organizational Security Measures

Access Controls:

• Role-based access control (RBAC)
• Principle of least privilege
• Multi-factor authentication (MFA) for all systems
• Regular access reviews and deprovisioning
• Privileged access management (PAM)

Employee Security:

• Background checks for security-sensitive positions
• Security awareness training and education
• Confidentiality agreements and security policies
• Regular security training updates
• Incident response training and drills

Physical Security:

• Secure data centers with 24/7 monitoring
• Biometric access controls and surveillance
• Environmental controls and disaster protection
• Secure disposal of hardware and media
• Clean desk and clear screen policies

5.3 Monitoring and Detection

Security Monitoring:

• 24/7 Security Operations Center (SOC)
• Real-time threat detection and response
• Security Information and Event Management (SIEM)
• Behavioral analytics and anomaly detection
• Automated incident response systems

Compliance and Auditing:

• Regular internal and external security audits
• Compliance with industry standards (ISO 27001, SOC 2)
• Penetration testing and vulnerability assessments
• Security metrics and reporting
• Continuous improvement programs

5.4 Incident Response

Incident Management:

• Dedicated incident response team
• 24/7 incident reporting and escalation
• Forensic investigation capabilities
• Communication and notification procedures
• Post-incident analysis and improvement

5.5 Security Limitations and User Responsibilities

Important Notice: While we implement comprehensive security measures, no system is 100% secure. Users should:

• Use strong, unique passwords for their accounts
• Enable two-factor authentication when available
• Keep their devices and apps updated
• Report suspicious activities immediately
• Avoid sharing account credentials

6. Data Retention (Detailed Policies)

6.1 General Retention Principles

We retain personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, comply with legal obligations, resolve disputes, and enforce our agreements.

6.2 Specific Retention Periods

Account Data:

• Active Accounts: Retained while account is active
• Inactive Accounts: Deleted after 3 years of inactivity
• Deleted Accounts: Most data deleted within 30 days
• Backup Data: Removed from backups within 90 days

Gameplay Data:

• Game Progress: Retained for 5 years after last activity
• Analytics Data: Aggregated data retained for 7 years
• Performance Data: Retained for 2 years
• Crash Reports: Retained for 1 year

Financial Data:

• Transaction Records: Retained for 7 years (tax compliance)
• Payment Information: Not stored (handled by processors)
• Billing History: Retained for 7 years
• Refund Records: Retained for 7 years

Communication Data:

• Customer Support: Retained for 3 years
• Marketing Communications: Until opt-out or 5 years
• Chat Messages: Retained for 1 year
• Forum Posts: Retained indefinitely (unless deleted by user)

6.3 Legal and Regulatory Retention

Compliance Requirements:

• Tax Records: 7 years (varies by jurisdiction)
• Employment Records: As required by local law
• Legal Proceedings: Until resolution + statute of limitations
• Regulatory Investigations: As directed by authorities

6.4 Data Deletion and Anonymization

Secure Deletion:

• Cryptographic erasure for encrypted data
• Multi-pass overwriting for unencrypted data
• Physical destruction of storage media when necessary
• Certificate of destruction for sensitive data

Anonymization Process:

• Removal of direct identifiers
• Aggregation to prevent re-identification
• Statistical disclosure control techniques
• Regular re-assessment of anonymization effectiveness

6.5 User-Initiated Deletion

Users can request deletion of their data at any time. We will:

• Process deletion requests within 30 days
• Provide confirmation of deletion completion
• Retain only data required by law or legitimate interests
• Anonymize data that cannot be deleted

7. Children's Privacy (Global Compliance)

Age Restrictions by Jurisdiction:

• United States (COPPA): Under 13 years old
• European Union (GDPR): Under 16 years old (or lower age set by member states, minimum 13)
• United Kingdom: Under 13 years old
• Canada: Under 13 years old
• Australia: Under 18 years old (with parental consent from 13-17)
• Brazil (LGPD): Under 18 years old (with parental consent from 13-17)
• Other jurisdictions: As defined by local laws

Our Commitment:

• We do not knowingly collect personal information from children below the applicable age limit
• We do not target advertising to children
• We implement age-appropriate design and safety measures
• We provide parental controls where required by law

Parental Rights: If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately. We will:

• Delete the child's information from our systems
• Cease any further collection from that child
• Provide you with information about what data was collected (if any)

8. International Data Transfers and Safeguards

Cross-Border Transfers: Your information may be transferred to and processed in countries other than your own. We ensure compliance with applicable data protection laws through:

8.1 GDPR Transfer Mechanisms

• Adequacy Decisions: Transfers to countries with EU adequacy decisions
• Standard Contractual Clauses (SCCs): EU-approved contractual safeguards
• Binding Corporate Rules: Internal data protection rules
• Certification Schemes: Approved certification mechanisms

8.2 Other Regional Safeguards

• CCPA: Service provider agreements and contractual safeguards
• PIPEDA: Comparable privacy protection requirements
• LGPD: International cooperation agreements and adequate protection
• APPI: Supplementary rules and consent mechanisms

8.3 Technical and Organizational Measures

• Encryption in transit and at rest
• Access controls and authentication
• Regular security assessments
• Data minimization and purpose limitation
• Incident response procedures

9. Your Rights and Choices (Global)

We respect your privacy rights and provide comprehensive controls over your personal information. Depending on your location and applicable laws, you may have the following rights:

9.1 Universal Rights (Available to All Users)

• Right to Information: Receive clear information about how we process your data
• Right of Access: Request access to your personal information we hold
• Right to Rectification: Correct inaccurate or incomplete personal information
• Right to Deletion: Request deletion of your personal information ("Right to be Forgotten")
• Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent

9.2 GDPR Rights (EU/EEA/UK Residents)

• Right to Restriction: Restrict processing of your personal information
• Right to Data Portability: Receive your data in a structured, machine-readable format
• Right to Object: Object to processing based on legitimate interests or direct marketing
• Right to Automated Decision-Making: Not be subject to automated decision-making, including profiling
• Right to Lodge a Complaint: File a complaint with your local data protection authority

9.3 CCPA Rights (California Residents)

• Right to Know: Know what personal information we collect, use, disclose, and sell
• Right to Delete: Request deletion of personal information we have collected
• Right to Opt-Out: Opt-out of the sale of personal information (we do not sell personal information)
• Right to Non-Discrimination: Not receive discriminatory treatment for exercising privacy rights
• Right to Correct: Request correction of inaccurate personal information

9.4 PIPEDA Rights (Canadian Residents)

• Right to Access: Access personal information we hold about you
• Right to Correction: Correct inaccurate personal information
• Right to Withdraw Consent: Withdraw consent for collection, use, or disclosure
• Right to File Complaints: File complaints with the Privacy Commissioner of Canada

9.5 LGPD Rights (Brazilian Residents)

• Right to Confirmation and Access: Confirm processing and access your data
• Right to Correction: Correct incomplete, inaccurate, or outdated data
• Right to Anonymization or Deletion: Request anonymization or deletion of unnecessary data
• Right to Portability: Port data to another service provider
• Right to Information: Information about public and private entities with whom we share data

9.6 Additional Regional Rights

• Australia (Privacy Act): Access, correction, and complaint rights
• Japan (APPI): Disclosure, correction, and suspension rights
• South Korea (PIPA): Access, correction, deletion, and suspension rights
• Singapore (PDPA): Access and correction rights

9.7 How to Exercise Your Rights

To exercise any of these rights, please contact us using the methods provided in Section 15. We will:

• Respond to your request within the timeframes required by applicable law (typically 30 days)
• Verify your identity before processing requests
• Provide responses free of charge (unless requests are excessive or unfounded)
• Inform you if we cannot fulfill your request and explain why

10. Cookies and Tracking Technologies (Comprehensive)

10.1 Types of Cookies and Technologies

Essential Cookies:

• Session management and authentication
• Security and fraud prevention
• Load balancing and performance
• Basic functionality and navigation

Analytics and Performance Cookies:

• Google Analytics, Firebase Analytics
• Game performance monitoring
• User behavior analysis
• A/B testing and optimization

Advertising and Marketing Cookies:

• Facebook Pixel, Google Ads conversion tracking
• Cross-device tracking and attribution
• Personalized advertising delivery
• Marketing campaign effectiveness

Social Media and Integration Cookies:

• Social login and sharing functionality
• Embedded social media content
• Social network integration features

10.2 Mobile App Tracking Technologies

Device Identifiers:

• Advertising ID (IDFA on iOS, GAID on Android)
• Device fingerprinting techniques
• App installation and usage tracking
• Cross-app tracking and attribution

SDKs and Third-Party Tools:

• Analytics SDKs (Unity Analytics, GameAnalytics)
• Advertising SDKs (AdMob, Unity Ads)
• Crash reporting SDKs (Crashlytics)
• Performance monitoring tools

10.3 Cookie Management and User Controls

Browser Controls:

• Cookie settings and preferences
• Third-party cookie blocking
• Private/incognito browsing modes
• Cookie deletion and management tools

Mobile App Controls:

• Limit Ad Tracking (iOS) / Opt out of Ads Personalization (Android)
• Reset Advertising ID options
• App-specific privacy settings
• Platform-level tracking controls

Our Cookie Consent Tools:

• Cookie banner and consent management
• Granular consent options
• Consent withdrawal mechanisms
• Cookie preference center

10.4 Impact of Disabling Cookies

Disabling certain cookies may affect:

• Website and game functionality
• Personalization features
• Social media integration
• Analytics and improvement efforts
• Advertising relevance and frequency

11. Third-Party Services and Integrations

11.1 Third-Party Links and Websites

Our games and website may contain links to third-party websites, services, or applications. We are not responsible for the privacy practices, content, or security of these third parties. We encourage you to:

• Review their privacy policies before providing information
• Understand their data collection and use practices
• Check their security measures and reputation
• Be cautious about sharing personal information

11.2 Social Media Platforms

Integrated Platforms:

• Facebook: Login, sharing, social features
• Google: Authentication, cloud save, analytics
• Apple: Sign in with Apple, Game Center
• Twitter: Sharing and social interactions
• Discord: Community features and communication

Data Sharing with Social Platforms:

• Profile information (with your consent)
• Game achievements and progress (if you choose to share)
• Social interactions and connections
• Usage analytics (as permitted by platform policies)

11.3 Advertising Networks and Partners

Advertising Partners:

• Google AdMob and Google Ads
• Facebook Audience Network
• Unity Ads and Unity Analytics
• Apple Search Ads
• Regional advertising networks

Data Shared with Advertising Partners:

• Device identifiers and advertising IDs
• General demographic information
• App usage and engagement metrics
• Conversion and attribution data

11.4 Analytics and Performance Services

Analytics Providers:

• Google Analytics and Firebase
• Unity Analytics and Cloud Build
• GameAnalytics and deltaDNA
• Crashlytics and Bugsnag
• Custom analytics solutions

12. Artificial Intelligence and Machine Learning

12.1 AI/ML Applications in Our Services

Game Personalization:

• Difficulty adjustment and game balancing
• Content recommendations and suggestions
• Personalized offers and promotions
• Adaptive user interfaces and experiences

Content Moderation:

• Automated detection of inappropriate content
• Spam and abuse prevention systems
• Chat message filtering and moderation
• Image and video content analysis

Fraud Detection and Security:

• Suspicious activity detection
• Payment fraud prevention
• Account security monitoring
• Behavioral anomaly detection

12.2 Data Used for AI/ML Training

Training Data Sources:

• Aggregated and anonymized gameplay data
• User interaction patterns and behaviors
• Performance metrics and analytics
• Content engagement and feedback data

Data Protection in AI/ML:

• Data minimization and purpose limitation
• Anonymization and pseudonymization techniques
• Differential privacy and noise injection
• Regular model auditing and bias detection

12.3 Automated Decision-Making Rights

Your Rights Regarding Automated Decisions:

• Right to know when automated decision-making is used
• Right to request human intervention and review
• Right to contest automated decisions
• Right to explanation of automated decision logic

Safeguards and Oversight:

• Regular algorithm auditing and testing
• Bias detection and mitigation measures
• Human oversight and intervention capabilities
• Transparency in automated decision processes

13. Emerging Technologies and Future Developments

13.1 Virtual and Augmented Reality

As we develop VR/AR experiences, we may collect:

• Motion and gesture data
• Eye tracking and gaze patterns
• Spatial mapping and environment data
• Biometric responses and reactions

13.2 Blockchain and Cryptocurrency

For blockchain-based features, we may process:

• Wallet addresses and transaction data
• NFT ownership and trading information
• Cryptocurrency payment data
• Smart contract interactions

13.3 Internet of Things (IoT) Integration

Future IoT integrations may involve:

• Connected device data and status
• Environmental sensors and conditions
• Wearable device integration
• Smart home and assistant integration

14. Apple Developer and iOS-Specific Privacy Provisions

14.1 App Store Connect and Developer Program

Apple Developer Account Information:

• Developer program membership details
• App Store Connect account data
• App submission and review information
• Developer certificates and provisioning profiles
• TestFlight beta testing data
• App Store analytics and sales reports

App Store Review and Compliance:

• App review submissions and feedback
• Compliance with App Store Review Guidelines
• Privacy nutrition labels and disclosures
• App Store rejection and approval history
• Metadata and app description information

14.2 iOS App Privacy and Data Collection

iOS-Specific Data Types (App Privacy Report Compliance):

• Contact Info: Name, email address, phone number, physical address
• Health & Fitness: Health and fitness information (if applicable)
• Financial Info: Payment info, credit info, purchase history
• Location: Precise location, coarse location
• Sensitive Info: Racial or ethnic data, sexual orientation, pregnancy info
• Contacts: Contact list (if permission granted)
• User Content: Photos, videos, audio, gameplay content, customer support
• Browsing History: Browsing history (if applicable)
• Search History: Search history within our apps
• Identifiers: User ID, device ID, purchase history, advertising data
• Usage Data: Product interaction, advertising data, crash data, performance data
• Diagnostics: Crash data, performance data, other diagnostic data

14.3 App Store Subscriptions and In-App Purchases

Subscription Management:

• Subscription Status: Active, expired, cancelled, refunded subscriptions
• Auto-Renewal Information: Renewal dates, billing cycles, pricing tiers
• Family Sharing: Shared subscription access and family member data
• Promotional Offers: Introductory pricing, promotional codes usage
• Subscription History: Purchase dates, upgrade/downgrade history
• Refund Processing: Refund requests and Apple's refund decisions

In-App Purchase Data:

• Transaction identifiers and receipts
• Purchase validation and verification
• Consumable and non-consumable purchase records
• Restore purchase functionality data
• StoreKit transaction information

App Store Server-to-Server Notifications:

• Real-time subscription status updates
• Billing retry notifications
• Subscription cancellation events
• Refund notifications from Apple
• Family sharing status changes

14.4 Apple Services Integration

Sign in with Apple:

• Apple ID Information: Verified email address, name (if shared)
• Private Email Relay: Apple-generated private email addresses
• Authentication Tokens: Identity tokens and authorization codes
• Team ID and Client ID: Developer-specific identifiers
• User Verification: Real user indicators and fraud prevention data

Game Center Integration:

• Game Center player ID and alias
• Leaderboard scores and achievements
• Multiplayer match data and invitations
• Friend connections and social gaming data
• Game Center profile information

iCloud Integration:

• Game save data synchronization
• User preferences and settings backup
• Cross-device game progress sync
• iCloud storage usage and quotas

Apple Push Notification Service (APNs):

• Device tokens for push notifications
• Notification delivery status and feedback
• Push notification content and metadata
• Silent push notification data

14.5 iOS Privacy Features and Compliance

App Tracking Transparency (ATT) Framework:

• Tracking Permission: User consent for cross-app tracking
• IDFA Access: Identifier for Advertisers usage (with permission)
• Tracking Status: Authorized, denied, not determined, restricted
• SKAdNetwork: Privacy-preserving attribution data

Privacy Permissions and System Dialogs:

• Location Services: Always, when in use, never permissions
• Camera and Microphone: Media capture permissions
• Photos Library: Limited, full, or no access permissions
• Contacts Access: Full or limited contacts permission
• Calendar and Reminders: Calendar access permissions
• Motion & Fitness: HealthKit and motion data permissions

iOS 15+ Privacy Features:

• Mail Privacy Protection: Email tracking prevention impact
• Hide My Email: Apple's email relay service integration
• Private Relay: iCloud+ traffic routing (if applicable)
• App Privacy Report: System-generated privacy usage reports

14.6 Apple Developer Program Compliance

App Store Review Guidelines Compliance:

• Guideline 5.1.1: Privacy policy requirements and accessibility
• Guideline 5.1.2: Permission request justification
• Guideline 5.1.3: Kids category privacy requirements
• Guideline 5.1.4: HealthKit data usage restrictions
• Guideline 5.1.5: Location services usage requirements

Privacy Nutrition Labels (App Store):

• Data linked to user identity
• Data used to track users
• Data not linked to user identity
• Data collection purposes and categories
• Third-party data sharing disclosures

TestFlight and Beta Testing:

• Beta tester information and feedback
• Crash reports and diagnostic data from beta versions
• TestFlight usage analytics and metrics
• Beta app distribution and access logs

14.7 Apple Platform Data Retention and Deletion

iOS App Data Retention:

• App Uninstall: Local data deletion upon app removal
• iCloud Sync Data: Retained according to iCloud policies
• Game Center Data: Retained per Apple's Game Center policies
• Subscription Data: Retained for billing and compliance purposes

User-Initiated Data Deletion:

• Account deletion through iOS app settings
• Game Center data removal requests
• iCloud data deletion coordination
• Subscription cancellation and data cleanup

14.8 Apple Privacy Contact and Compliance

Apple-Specific Privacy Contacts:

• iOS Privacy Officer: ios-privacy@crazyradish.com
• App Store Compliance: appstore-compliance@crazyradish.com
• Subscription Support: ios-subscriptions@crazyradish.com
• Developer Relations: apple-dev@crazyradish.com

Apple Privacy Reporting:

• Regular privacy nutrition label updates
• App Store Connect privacy disclosures
• Compliance with Apple privacy audits
• Transparency reporting to Apple when required

15. Accessibility and Inclusive Design

15.1 Accessibility Data Collection

To provide accessible experiences, we may collect:

• Accessibility preferences and settings
• Assistive technology usage data
• Disability-related accommodation requests
• Feedback on accessibility features

15.2 Inclusive Privacy Practices

We ensure our privacy practices are inclusive by:

• Providing privacy notices in multiple formats
• Supporting assistive technologies
• Offering alternative communication methods
• Accommodating diverse user needs

12. Data Breach Notification

In the event of a data breach that may affect your personal information, we will:

• GDPR Compliance: Notify supervisory authorities within 72 hours and affected individuals without undue delay
• CCPA Compliance: Notify affected California residents and the California Attorney General as required
• Global Standards: Follow notification requirements of all applicable jurisdictions
• Transparency: Provide clear information about the nature of the breach and steps taken

13. Automated Decision-Making and Profiling

We may use automated processing for:

• Game personalization and recommendations
• Fraud detection and security measures
• Customer support optimization

Your Rights: You have the right to not be subject to decisions based solely on automated processing that produce legal or significant effects. You may request human intervention, express your point of view, or contest such decisions.

14. Regional-Specific Provisions

14.1 European Union/EEA/UK Specific Provisions

• Data Controller: CrazyRadish Game Studio acts as data controller
• Legal Basis: Processing based on consent, contract performance, or legitimate interests
• DPO Contact: dpo@crazyradish.com (when required)
• Supervisory Authority: Contact your local data protection authority for complaints

14.2 California Specific Provisions (CCPA/CPRA)

• Do Not Sell: We do not sell personal information and have not sold it in the past 12 months
• Sensitive Personal Information: We limit use of sensitive personal information to disclosed purposes
• Third-Party Disclosure: We may share information with service providers under strict contractual limitations
• Retention: We retain personal information only as long as reasonably necessary

14.3 Canadian Specific Provisions (PIPEDA)

• Consent: We obtain meaningful consent for collection, use, and disclosure
• Purpose Limitation: Personal information is used only for identified purposes
• Accountability: We are responsible for personal information under our control
• Complaints: Contact the Privacy Commissioner of Canada for unresolved issues

14.4 Brazilian Specific Provisions (LGPD)

• Data Controller: CrazyRadish Game Studio
• DPO Contact: encarregado@crazyradish.com (when required)
• Legal Basis: Consent, contract performance, or legitimate interest
• ANPD: Contact the National Data Protection Authority (ANPD) for complaints

15. Updates to This Privacy Policy

We may update this Privacy Policy to reflect changes in our practices, technology, legal requirements, or other factors. We will:

• Post the updated policy on our website with a new "Last Updated" date
• Notify you of material changes through email or in-app notifications
• Obtain your consent for material changes where required by law
• Provide a summary of key changes when significant updates are made

Continued use of our Services after changes constitutes acceptance of the updated policy, unless additional consent is required by applicable law.