This Privacy Policy has been updated to reflect developments in our Services, which may affect our Users, and to provide general updates to the structure and overview of this Policy so as to make it more accessible to you. Please review the Policy below for further details.
Please read the terms of this Mistplay User Privacy Notice (this “Policy”) carefully. The Policy describes to users (“User,” or “Users,” or “you”) how Mistplay Inc. (“Mistplay”, “we,” “us” or “our”) collects, uses, discloses or otherwise processes your personal data collected in connection with websites, mobile applications, progressive web applications, content, features, digital events or products we create or operate (the “Services”). This Policy is incorporated into and forms a part of Mistplay’s Global Terms of Use (the “Terms”). As used below, capitalized terms not defined in this Policy have the meaning given to them in the Terms. “Personal data” and “personal information” generally mean any information that directly or indirectly identifies you, which might vary slightly depending on applicable laws. Examples of personal data include your name, email address, gender, age, and other information about you such as data about your device or how you use the Services. This Policy does not govern your use of a third-party developer’s game that you discover and access through the Services. The processing of your data by the game developer (“Game Partners”) is governed by the game developer’s privacy policy which you should review prior to using their game and when exercising any rights subject to Game Partners privacy policy.
Please note, if you are younger than 18, you are prohibited from registering for a Mistplay user account.
Be sure to return to this page periodically to review the most current version of the Policy. We may change or otherwise modify the Policy, such as in order to reflect changes in the Services. If we modify it, we will update the "Last Updated" date and will alert users that a change has occurred within the affected Services. Please do not use the Services if you do not accept the current Policy including any addendums that apply to you in Annex A: Region-Specific Notices.
Mistplay is the controller, within the meaning of applicable laws, with regard to the collection, processing and use of personal data in the context of the Services and as described in this Policy. This means Mistplay is responsible for deciding the purpose and the means of how your personal information will be used and processed. We collect information that you direct us to collect, such as your name and email when you set up a Mistplay account; indirectly, such as your IP address or device location when you download our app; and from other sources, such as public record sources; social media platforms; or information from our partners or clients, depending on our relationship with them for the purposes listed in this Policy and in accordance with applicable laws. We have specified the personal data we collect in Annex B Table for Legal Processing Activities to this Policy.
Mistplay may link or combine the personal data we collect through several methods, including but not limited to artificial intelligence (“AI”), so that we may provide you with a personalized experience. We generally use personal data to:
The legal basis for Mistplay processing your personal data as described in this Policy will typically include one or more of the following:
For more information on the legal basis for specific processing activities, see Annex B.
We share data with the following third parties that support us in delivering and analyzing the Services.
Corporate Affiliates and Transaction Parties. We may share your personal data with our subsidiaries or affiliates under common corporate control and with counterparties as part of corporate transactions such as merger, sale of company assets, financing or acquisitions.
Law Enforcement, Regulators and Other Parties for Legal and Security Reasons. We may disclose personal data when necessary to protect the legal rights of Mistplay, Users or third parties, in order to avoid fraud, manage our risks or comply with applicable laws, legal orders or processes. This includes exchanging information with other companies for these purposes. In these cases, we disclose personal data to comply with legal obligations or to protect the legitimate interests of Mistplay or affected third parties.
Service Providers. We have agreements with various service providers to facilitate delivery of our Services, which include those we engage to give customer support, operate the technical infrastructure needed to provide the Services, assist in providing you rewards and protecting and securing our systems and Services and to help market Mistplay Services.
Service providers that we use are required by contract to have the same level of privacy protection as we have and will follow the standards of this Policy. Other providers enable us to tailor the Services we provide to you and may also combine the personal data we share with them with other data they collect about you, e.g. your use of their services.
Game Partners. We may share personal information with our Game Partners, including in some cases, their mobile measurement partners, to provide you, among other things, with personalized content, for marketing purposes, to grow our business and for attribution of game installs and for reporting purposes. If you choose to access a game recommended through our Services, you will share your personal data with the Game Partner that develops the game, subject to the Game Partners’s privacy policies.
Mistplay may also disclose aggregated information about Users along with information that does not and cannot identify any individual or device, except where limited by applicable laws. For example, we may use anonymized user ratings, review of apps and aggregated information for statistical and machine learning purposes, to provide insights into developing or enhancing Services, for marketing and advertising and for other legally permissible purposes such as testing our IT systems and features. For more information regarding the sharing of data with third parties please review the applicable sections below and notices within Annex A or contact us as instructed below.
We are based in Canada and we store information that we collect from your device on our Amazon Web Services servers in the United States. The information that we collect may be transferred, stored, or used in other jurisdictions, where some of our providers may be located. While we protect your information by choosing appropriate providers and having contractual safeguards in place with those vendors, the privacy laws in such jurisdictions may not be as protective as in, for example, Canada or the EU.
We maintain administrative, organizational procedures, technical and physical safeguards, consistent with legal requirements where the personal data was obtained, designed to ensure the security and confidentiality against unlawful or unauthorized destruction, loss, alteration, use or disclosure of, or access to, the personal data we collect and process.
If you are resident of a country in Europe, please see Annex A below for more information on international data transfers that are applicable to you.
You can always update preferences and exercise rights you may have under applicable data protection laws by contacting us as directed below. However, if you do choose to change preferences, opt-out or withdraw consent where it has been given, your experience with our Services may change, be diminished or your ability to use some of the features and options in our Services may be limited (such as access to Units and the Rewards Program described in our Terms). Please keep us informed if your personal data changes or should be corrected.
For a description of the specific rights with respect to accessing and deleting personal information that are provided to residents of certain European countries, Korea and the states of California, Colorado, Connecticut and Virginia, please see Annex A for Region-Specific Notices. We will handle your request in accordance with applicable laws, such as in relation to response time, verification of identity and content. If we cannot provide you with access to your personal data, we will inform you of the reasons why, subject to any legal or regulatory restrictions.
Depending on your jurisdiction, your rights may include:
In accordance with the Terms, you may not use the Service if you are under 18 years old. Mistplay is committed to complying with laws protecting children, within the meaning of applicable law. If you believe we might have any information from or about a child, please contact us.
Mistplay will only retain personal data for as long as is required by law, as long as you use the Services, or as long as is necessary to meet the purposes for which it was collected. For example, Mistplay account balances or rewards earned as of termination must be preserved for some period to allow for such matters as billing and tax reporting. Specifically, we destroy your personal information or store it separately if you do not interact with our services for 5 years.
Note, under the Terms, if a User does not use the Service for at least one hundred eighty days, the User’s inactive account may be terminated, Units earned may automatically expire and personal data may be deleted.
You may also ask us to delete your account. By deleting your account, however, any Units that you have earned and not redeemed will be deleted. Otherwise, if we choose to maintain or use de-identified information, we continue to do so in a de-identified manner and will not attempt to re-identify you. To delete personal data held by Game Partners, you must contact them as directed under the terms of the Game Partners privacy policy.
Like most online services and mobile applications, we may use technologies, such as cookies, web beacons (also known as pixel, tags or clear gifs) or software development kits (SDKs) as part of Services we deliver to you. We use these technologies to secure and improve our Services, to understand your preferences, collect information about your activity, browser and device and tailor our Services to your interests. We may also use these technologies to collect information when you interact with Services we offer through one of our service providers, including advertisers and marketing vendors. A cookie is a small text file that allows us to remember your actions and preferences on the website (such as your login details, your language settings and your font size preference) over a period of time so you don't have to re-enter them whenever you come back to the website or browse from one page to another.
Some web browsers provide settings that allow you to control or reject cookies or to alert you when a cookie is placed on your computer. The procedure for managing cookies is slightly different for each internet browser. You can check the specific steps in your particular browser help menu. You also may be able to reset device identifiers or opt-out from having identifiers collected or processed by using the appropriate setting on your mobile device. Depending on your jurisdiction, we get your permission before we set certain cookies and other tracking technologies. For more information on how we use cookies and other tracking technologies, please review our Cookie Notice.
If you have questions that do not relate to this Policy or data privacy, please write to our customer support team and Submit a Request. To exercise applicable data protection rights or comment about this Policy and our privacy practices to the extent you may enjoy any data subject rights as per privacy laws applicable to you, you may reach out to our data protection office at:
Data Privacy Officer
Mistplay Inc.
481 Viger St, Suite 300, Montreal
Quebec, Canada, H2Z1G6 or via email at Privacy@Mistplay.Com
We may choose or be required by law to provide different or additional disclosures relating to the processing of personal data about residents of certain countries, regions or states.
----
SPECIFIC NOTICE FOR RESIDENTS OF UNITED STATES
----
For additional disclosures specific to Users in South Korea, please see the PERSONAL INFORMATION PROCESSING POLICY and made available at https://www.mistplay.com/legal/privacy-centre.
PROCESSING PURPOSE
Categories of data used
1. Sources
Account creationand editing, and toprovide access toand deliver ourServices.
- First and last name, age, gender, email, phone number,account preferences and other communication when youreach out to us directly and take part in Promotions wemight run. (“Account Data”).
- In accordance with your privacy settings on a socialnetwork, the third party profile (e.g. Facebook, Google,Kakao) you provide for sign-up, including the first nameand last name displayed and information you provided onsuch profiles (including information in your posts), as wellas the email address and profile ID for these platforms(“Personal Data from Third-Party Social Networks”).Where offered and as required by applicable laws, you maychoose to register for and sign-in to your Mistplay accountusing your email address.
Processing is necessary for theperformance of a contract with theUser (i.e. the account creation).Without this information we will notbe able to provide the service youhave requested.
User consent
To maintain andimprove theServices
- Account Data
- Personal Data from Third-Party Social Networks
- IP address (including approximate location and country),exact geolocation data (including longitude and latitude),mobile device identifier, advertising identifier (e.g. Googleadvertising ID) or other unique identifiers, data about youroperating system, device model and device language, logdata (e.g. network connection type, applications connectedto the platform including the site you came from, go tonext, and the web page(s) you access during your sessionin the platform). We also collect data on whether certainapps relevant to the platform are already installed on yourdevice (“Device Data”).
It is in our legitimate interest tomaintain and improve our Servicesin order to provide you with the bestpossible Service.
Where required by applicable lawswe will obtain your consent.
Enabling you to redeem rewards earned in our Services or claim prizes on our Promotions
- Account Data
- Directly or indirectly we collect data related to software or applications when you play and engage with games discovered in our Service. We also collect in-game purchase information, if shared by Game Partners, including transaction types and use of virtual items, game achievements, statistics and information on bugs and malfunctions (“Gameplay Data”).
- When redeeming a reward, Mistplay verifies your face via a “video selfie” using third-party face verification technology. This video selfie provides us with a mathematical representation of your face generated through our third party provider. This video selfie is encrypted on your device before being sent to our servers for processing, and is linked to your user account. We use this information to ensure the uniqueness of your user registration within the platform and to ensure that rewards are not earned through bots, automated processes or fraudulent use of software (“Video Selfie”).
- Device Data (with precise geolocation)
- Session ID, information on how you access the Services(including frequency, what time, how long, and from which device(s)), and your approximate location or the country from which you are accessing the Services(“Usage Data”).
reward or prize from Promotions we run). Without this information we will not be able to provide the service you have requested.
Processing is necessary for the legitimate interests of Mistplay to enable you to redeem rewards, and to prevent abuse of Reward Program. You may object to the video selfie, however this may mean that you will not be able to redeem rewards. Where required by applicable laws, we will rely on User consent.
Personalization of ads and targeted advertising
- Account Data
- Device Data
- Gameplay Data
It is our legitimate interest to show you advertisements that are tailored to your interests
Where required by applicable laws we will obtain your consent.
Personalization of the Service and building User profiles
- Account Data
- Personal Data from Third
-Party Social Networks
- Device Data
- Gameplay Data
- Usage Data
It is our legitimate interest to provide you with a Service personalized to your needs.
Where required by applicable laws we will obtain your consent.
Monitor and analyze usage and activity trends, including measuring the effectiveness of our Services and marketing campaigns
- Account Data
- Device Data
- Gameplay Data
- Usage Data
It is in our legitimate interest to monitor and analyze the use and effectiveness of our Services in order to improve our Services.
Where required by applicable laws we will obtain your consent.
Send marketing communications, surveys and participating in User testing
- Account Data
- Other voluntary data you may provide when you are participating in our surveys or User testing phases. This can include income range, occupation, preference for games and other choices.
It is in our legitimate interest to keep you updated on our existing and new Services by sending you relevant marketing communications and surveys, and to process the data that we collect in this respect or via User testing.
Where required by applicable laws we will obtain your consent.
Customer service, including when contacting us by phone, email or otherwise
- Account Data
- Personal Data from Third-Party Social Networks
- Device Data
It is in our legitimate interest to provide you with customer support.
Where required by applicable laws we will obtain your consent.
Security and fraud prevention
- Account Data
- Personal Data from Third-Party Social Networks
- Device Data (including exact geolocation with longitude and latitude)
- Usage Data
It is in our and your legitimate interest to keep our platform safe and secure and to protect our Services from fraud, and to protect your personal data and our systems from any security incidents or personal data breaches.
Where required by applicable laws we will obtain your consent.