Privacy Policy of the Idle Zombie Miner: Gold Tycoon project (the “Project”)

1. WHY DO WE HAVE THIS POLICY?

2. WHO ARE WE?

Data Controller

3. WHAT DATA DO WE COLLECT AND WHY?

Data Processing Overview

4. FACEBOOK VERIFICATION AND INTEGRATION

How It Works

• Consent and Connection:
  If you choose to verify your account via Facebook or enable social features (such as sharing achievements or inviting friends), you will be redirected to Facebook. There, you will be asked to grant permission for our Game to access specific data from your Facebook account.
  
  
• Data Received from Facebook:
  With your consent, we may receive the following information from Facebook:
  • Your public profile (name, profile picture, friend list)
  • Your email address
  • Any additional information you permit Facebook to share
• Purpose of Facebook Data Processing:
  The data obtained is used solely to:
  • Verify your identity and facilitate login via Facebook
  • Enable social features within the Game
  • Enhance your overall gaming experience
• Voluntary Integration and Revocation:
  Facebook integration is entirely optional. Should you choose not to link your Facebook account, core features of the Game remain available, though certain social functionalities will not be enabled. You may revoke your consent at any time via your account settings or the Facebook interface. Once revoked, we will cease processing data obtained from Facebook for these purposes.
  
  
• Compliance:
  All processing of Facebook data is conducted in accordance with this Privacy Policy and Facebook’s own policies.
  
  

  5. LEGAL BASES FOR DATA PROCESSING

  We process your personal data only when necessary for providing access to and improving the Game. Our legal bases for processing include:
  • Contract: For account creation, management, and processing in-game transactions.
  • Legitimate Interests: For security measures, fraud prevention, and the analysis of user behavior to enhance the gaming experience.
  • Consent: For processing data based on your explicit permissions (e.g., marketing communications, Facebook integration, targeted ads).
  • Legal Obligations: To comply with applicable laws such as tax reporting and consumer protection regulations.
  
  

  6. HOW DO WE SHARE YOUR DATA?

  We do not sell your personal data. However, to provide you with our services, we may share your data under the following circumstances:
  1. Service Providers and Partners:
     • Technical/Customer Support Providers: Companies that help us operate and maintain the Game.
     • Cloud/Hosting Services: Providers that securely store and process data on our behalf.
     • Analytics and Advertising Partners: Third parties that assist us in understanding usage patterns and delivering relevant ads (subject to your consent).
     • Software Providers: Partners offering services in accordance with our instructions and contractual obligations regarding data protection.
     We maintain an up-to-date list of these third-party partners here. This list includes the partner names, the nature of the services they provide, and, where applicable, links to their own privacy policies. We update this list whenever we add or remove a vendor to ensure transparency and compliance with applicable laws.
     
     
  2. Affiliates and Business Transfers:
     Data may be shared within our corporate group or transferred in connection with mergers, acquisitions, or asset sales, subject to confidentiality agreements.
     
     
  3. Legal and Regulatory Requirements:
     We may disclose data to comply with legal obligations, respond to lawful requests, or protect the rights, property, or safety of our users or the public.
     
     
  4. International Transfers:
     When data is transferred outside the EEA, we ensure appropriate safeguards (such as Standard Contractual Clauses) are in place.
  If you reside in other regions (e.g., Brazil, Korea), we will also use appropriate or equivalent safeguards to ensure lawful data transfers, in line with LGPD or PIPA requirements.
  
  

  7. DATA RETENTION

  We retain your personal data only as long as necessary to fulfill the purposes outlined in this Policy or as required by law. For example:
  • Account Data: Retained for as long as your account is active; if deletion is requested, data is generally removed or anonymized within 30 days (except where longer retention is required, e.g., 7 years for financial records).
  • Usage and Analytics Data: Retained in aggregated or anonymized form indefinitely unless you opt out.
  • Support Data: Retained for the duration of the support case or as required by law.
  Once the purpose for which data is processed has been fulfilled, personal data is securely deleted.
  
  

  8. HOW CAN YOU CONTROL YOUR DATA?

  You have the following rights regarding your personal data:
  • Access: Request a copy of the data we hold about you.
  • Correction: Request correction of inaccurate or incomplete data.
  • Deletion (“Right to be Forgotten”): Request deletion of your personal data (note that this may result in loss of access to the Game).
  • Restriction and Objection: Request that we limit or cease processing your data.
  • Withdraw Consent: Revoke consent for data processing where it is based on your permission (e.g., marketing communications, Facebook integration).
  Additional rights for specific regions:
  • Data Portability (GDPR, some other jurisdictions): Receive your data in a structured, commonly used, and machine-readable format.
  • Right to Lodge a Complaint: You may file a complaint with a supervisory authority (for example, in the EU or Brazil) if you believe we have processed your data unlawfully.
  • Request for Suspension of Processing (Korea): Under PIPA, users may request temporary suspension of processing under certain conditions.
  
  
  To exercise these rights, please contact us via the in-game “Help” section or email: support@zombieminer.com.
  
  We may require you to verify your identity before processing your request, which we will typically complete within 30 days.
  
  Read more
  You have all the technical capabilities to determine how the Data shall be used. We are constantly improving the data management methods available to you.
  You can form a request within the Project by sending a request in the Help section or Account. You are entitled to obtain information from us on how we handle your personal data, to see copies of all personal data held by us and to request that your personal data is amended, corrected or deleted from our systems. You can also limit, restrict or object to the processing of your data.
  For exercising your rights, you can:
  - at any time withdraw your consent for Data Processing;
  - access to your Data received by us. You are entitled to access the Data about you received by us which means you have the right to request the provision of information about Data storage, access to Data, as well as copies of the stored Data;
  - require limitation of Data processing for the time required to verify the reliability of the information provided;
  - change the Data. You may discretionary determine the Data, which shall be associated with your Account.
  - object to the processing of your Data. If you believe that we have no legitimate reason for processing your Data, please contact us using email: support@zombieminer.com. If we fail to satisfy your claim, you have the right to file a complaint with the local supervisory authority.
  - delete Data related to the Account.
  The procedure for withdrawing consent to the processing and deletion of Data:
  PLEASE NOTE that the Data is used by us solely for the purpose of providing you access to the Project and improving the quality of the Services. By deleting Account Data, you will lose access to the Project and your Data will be permanently deleted.
  
  
  

  9. HOW DO WE PROTECT YOUR DATA?

  We implement robust technical and organizational measures to safeguard your data against unauthorized access, alteration, or loss. Our security measures include:
  • Data Encryption: During both storage and transmission.
  • Access Controls: Restricting data access to authorized personnel only.
  • Two-Factor Authentication: For sensitive account operations.
  • Regular Audits and Security Assessments: To continuously identify and mitigate vulnerabilities.
  Read more
  We provide you with access to international Project and strive to comply with applicable local laws. Please note that our Services are provided "as is" and you should get to know with applicable laws. By continuing your use of the Project, you are warrant that your use of the Project is not contrary to the applicable law and Terms of Service.
  
  Vistrex Limited respects the confidentiality of your data and strives to ensure the highest level of protection. Despite the measures we are taking to protect your information, any measures that we apply will not have any effect if you neglect the data security.
  
  The project implemented reliable means of protection to ensure the security of your data. We do everything possible for your safety when using the Project and are constantly improving our information protection methods. As some means of protecting information from unauthorized access, alteration, disclosure or destruction, we use the following methods:
  - data encryption during storage and transmission;
  - we carry out two-stage user authentication when requesting an action with the Data;
  - we improve the techniques and methods of collecting, storing and processing the Data;
  - access to the Data, in encrypted and impersonal form, have only authorized employees, consultants or interested groups of people who need access to this information to perform their duties;
  - all persons having access to the Data are briefed on working with data, their knowledge and skills are systematically being checked.
  In spite of all measures taken by us, your careful attitude to the Account and access to it has a great importance in the safety of your Data. To prevent unauthorized access to your Data and Account, we strongly recommend you not to share access to the account to any third parties and to comply with the rules of the project and use of the Services. In case of your violation of the Terms of Service of the Services, we will not be able to guarantee the security of your Data.
  
  WARNING! The following actions are prohibited by this Policy and the Terms of Service, and may also violate the confidentiality of your data:
  - transfer of information about the Account and (or) access rights to third parties. Please note that our official representative will never request access to your Account;
  - the use of unauthorized third-party programs, the use of robot programs and (or) programs that change the game process, including assistance in the game process. In addition to the fact that the use of such programs is expressly prohibited by the Terms of Service, they may contain malicious software that could harm the security of your data;
  - the acquisition of in-game values from third parties. By acquiring in-game values bypassing the Terms of Service, you can become a victim of fraudsters.
  Vistrex Limited appreciate the help of our users in identifying and addressing potential vulnerabilities, as we take the security of our systems and data extremely seriously. Please report any security vulnerabilities found in our systems or applications to us as soon as possible.
  
  In your email, please include a detailed description of the vulnerability, including any relevant technical details that may help us understand the nature and severity of the issue. If possible, please also include steps to reproduce the vulnerability, so that we can more easily investigate and remediate the issue. We take all reports of security vulnerabilities seriously, and we will investigate each report promptly and thoroughly.
  We may also contact you for additional information or clarification, so please be sure to include your contact information in your email. Thank you for helping us maintain the security of our systems and data. We greatly appreciate your contribution to our security efforts.
  
  
  Please keep your account credentials secure and do not share them with others. If you suspect any security breach, contact us immediately at support@zombieminer.com.
  
  

  10. CHILDREN’S PRIVACY

  Idle Zombie Miner Gold Tycoon is not directed to children under the age of 16 (or under the minimum digital age in your jurisdiction, if higher). We are committed to ensuring that if children do engage with our Game, their personal data is handled responsibly and in compliance with relevant regulations.
  
  No Knowing Collection of Children’s Data
  We do not knowingly collect personal information from children under the age of 16 (or below the minimum age of consent in your country) without verifiable parental consent.
  
  If we discover that we have inadvertently collected personal data from a child without proper consent, we will promptly delete or anonymize that data.
  
  Age Restriction and Verification
  Age Gate: Where feasible, we implement checks (e.g., age prompts) to discourage children under the required age from providing personal data.
  
  Parental/Guardian Consent: If a user is under the required age, they must obtain permission from a parent or legal guardian before accessing or using the Game’s services. We may request a parent’s email address or other verification information to ensure consent is valid and verifiable.
  
  Limited Data Collection
  Any data collected in connection with children’s activity (e.g., for support requests or gameplay functionality) is minimized to what is strictly necessary for providing our services. We do not use such data for behavioral advertising or other purposes not permitted by law.
  
  Parental Controls and Guidance
  We encourage parents and guardians to familiarize themselves with online safety practices and monitor their children’s in-game activities. Please visit our Parental Guide for tips on protecting children’s privacy, managing in-app purchases, and setting controls to ensure a child-friendly experience.
  
  Parental Rights
  Parents or legal guardians may request to review, delete, or prevent further collection of their child’s personal data. If you believe we have collected information from a child contrary to applicable law, contact us immediately, and we will take appropriate measures.
  
  Contact for Children’s Data Concerns
  If you have concerns about the data we may hold from or about a child, or wish to withdraw consent previously given, please contact our support team: support@zombieminer.com
  
  

  11. CALIFORNIA PRIVACY RIGHTS

  For California residents, additional rights are available under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), including:
  • Right to Know: Request details about the personal data we have collected about you in the past 12 months.
  • Right to Delete: Request deletion of your personal data (subject to legal exceptions).
  • Right to Opt-Out: While we do not sell your data, you may opt out of any sharing that could fall under such a definition.
  • Right to Correct: Request corrections to any inaccurate information.
  • Right to Non-Discrimination: You will not be treated differently for exercising your privacy rights.
  To exercise these rights, please contact: support@zombieminer.com
  
  

  12. CHANGES TO THIS POLICY

  We reserve the right to modify or update this Privacy Policy at any time. Should significant changes be made, we will notify you via the Game or other appropriate channels. Your continued use of the Game after updates constitutes acceptance of the revised Policy.
  
  

  13. CONTACT US

  If you have any questions, concerns, or requests regarding this Privacy Policy or our data processing practices, or if you wish to request previous versions of this Policy, please contact us at:
  
  Vistrex Limited
  Address: 19 Omonoia Avenue, Constantinides Building, Office 203, Limassol, 3052, Cyprus
  Email: support@zombieminer.com.
  
  FAITHFULLY YOURS,
  VISTREX LIMITED
  
  This Policy is written in English. In the event of any discrepancies between translations, the English version shall prevail.