Last updated: July 28th, 2022
If you are located in the United Kingdom (“UK”) or the European Union (“EU”) your attention is drawn to the section below headed “Additional information for users of our Website/platform who are located in the United Kingdom or the European Union” (the “Addendum”).
2. COLLECTION OF PERSONAL DATA
2.1 We may collect and process the following Personal Data about you:
a. Information you give us - information that you provide us (which may include your first and last name, picture, address, age, location, e-mail address, telephone number, wallet address, social media handles, social media or third party service provider usernames, and other personal descriptions as the case may be) by filling in forms or submitting your information on our Website, or by corresponding with us (by phone, email or otherwise), for example when you:
express interest in our project;
register for an account with us on our Website;
report any problem to us;
use certain features on our Website;
request any support from us;
provide us with information via e-mail;
complete any survey or questionnaire we send you;
subscribe to our newsletters or mailing lists (if any);
provide us with comments or suggestions;
request for information about our platform or services; or
contact us via phone, email or other forms of communication.
b. Information we collect about you - information automatically collected when you visit our Website, for example:
technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, browser type and version, time zone, regional and language settings, browser plug-in types and versions, operating system and platform;
details of any transactions, purchases and payments you make on our Website; and
information about your visit or gameplay (as applicable), including the full Uniform Resource Locators (URLs), clickstream to, through and from our Website (including date and time), products you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, games you played, score, game advancement, in-game actions, and other gameplay statistics.
2.2 By visiting or using our Website/platform or our services, you acknowledge that we collect and process the above types of Personal Data and information.
3. COOKIES FOR OUR WEBSITE
3.4. We use persistent cookies and session cookies. A persistent cookie stays in your browser and will be read by us when you return to our Website or a partner website that uses our services. Session cookies only last for as long as the session (usually the current visit to a website or a browser session).
3.5. We use the following cookies:
Strictly necessary cookies - These are cookies that are required for the operation of our Website. They include, for example, cookies that enable you to log into secure areas of our Website.
Analytical/performance cookies - They allow us to recognise and count the number of visitors and to see how visitors move around our site when they are using it. This helps us to improve the way our Website works, for example, by ensuring that users are finding what they are looking for easily.
Functionality cookies - These are used to recognise you when you return to our Website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
3.6. Cookies may be erased when you exit the Website or close the browser. Others are saved on your device for your next visit. You can delete all cookies placed by our Website on your device at any time. You can also set your browser to prevent all cookies from being placed by our platform or to provide you with a warning before a cookie is placed. However, please note that some functionalities of the platform may not work if all cookies are rejected. Please check your browser’s instructions or help screen to learn more about these functions.
4. USE OF YOUR INFORMATION
4.1. We may use your Personal Data for the following purposes:
providing, operating and administering the Website, Game, platform and/or services, which shall include the personalisation of your profile and/or account, maintenance, servicing and termination of any accounts registered with the platform (if any);
processing applications for the use of the Website, Game, platform and/or services, including the facilitation, execution, or administration of any transaction(s) requested and/or authorised by you (if any);
improving, enhancing and developing our Website, Game, platform and/or services;
researching, designing and launching new features or products for our Website or Game;
managing, administering or presenting content and information on our Website, Game, platform and/or services in the most effective manner for you and for the device you use;
providing you with alerts, updates, materials or information about our services, Website, Game or other types of information that you requested or signed up to;
carrying out our contractual obligations arising from contracts entered into between you and us and for the enforcement of our legal or contractual rights;
to verify your identity so as to ensure the safety and integrity of the transactions made through our platform (including through any payment processor);
where applicable, for complying with applicable local and foreign laws and regulations applicable to us in or outside of Singapore that may include the conduct of due diligence procedures for opening of accounts and ongoing monitoring purposes;
where applicable, for legal and compliance purposes under applicable local and foreign laws that include the monitoring and compliance procedures that is in line with the internal risk management procedures, audit/financial accounting and for management reporting purposes;
to comply with any applicable legislation, law, regulations, codes of practice, rules, guidelines, including where information is to be disclosed to law enforcement agencies and other relevant authorities for investigations, crime prevention and detection purposes;
to prevent and/or detect fraudulent behaviour or transactions or potential illegal or criminal activity as part of our efforts to keep our platform safe and secure;
responding or taking part in legal proceedings, including seeking professional advice;
for direct marketing purposes (please see further details in Clause 4.2 below);
communicating with you and responding to your questions or requests;
for internal operations, including troubleshooting and data analysis to learn about and understand the behaviour and preferences of users, testing, research, statistical and survey purposes to identify products or services which we might offer to existing and future users; and
purposes directly related or incidental to the above.
4.2. We may use your Personal Data in direct marketing (i.e. offering or advertising products or services by sending the relevant information directly to you). In relation to direct marketing, where we are required to do so, we will obtain your consent before using your Personal Data for this purpose. If you prefer not to receive our direct marketing communications and/or not to have your Personal Data shared among the members of our group or with any third party for the purpose of marketing, you can have your name deleted from our direct marketing and/or shared information lists by clicking ‘unsubscribe’ at the footer of our emails or submit a request to us at email@example.com.
4.3. If we need to collect, use and/or disclose your Personal Data for additional purposes, unless excepted by law, we will inform you of the new purposes, and where necessary we will obtain your consent (or ensure that we have another lawful basis for such collection, use or disclosure) before such Personal Data will be collected, used and/or disclosed by us.
5. DISCLOSURE OF YOUR INFORMATION
5.1. We will keep your Personal Data we hold confidential but you agree we may provide your Personal Data to:
personnel, agents, advisers, auditors, contractors, financial institutions, and third party service providers in connection with our operations or services (for example staff engaged in the fulfilment of your transaction, the processing of your payment and the provision of support services);
our overseas offices, affiliates, business partners and counterparts (on a need-to-know basis only);
persons to whom we are required to make disclosure under applicable laws and regulations in or outside of Singapore; or
actual or proposed transferees of our operations (or a substantial part thereof) in or outside of Singapore.
5.2. We will also need to share your Personal Data if we are under a duty to disclosure or share it to comply with a legal obligations, in which case we will share your information with law enforcement agencies in connection with any investigation to help prevent unlawful activity.
5.3. We will also share your information with third parties in the event that:
we sell or buy any business or assets, in which case we will disclose your Personal Data to the prospective seller or buyer of such business or assets (but only to the extent we need to, and always in accordance with data protection legislation); and/or
if we or substantially all of our assets are acquired by a third party, in which case Personal Data held by us about our customers will be part of the assets transferred to such third party.
5.4. We process your Personal Data for this purpose because we have a legitimate interest to ensure our business can be continued by the buyer. If you object to our use of your Personal Data in this way, the relevant buyer of our business may not be able to provide services to you.
5.6. If we transfer any of your Personal Data to a country or territory outside Singapore, or to our group or affiliates companies located outside Singapore, or to a permitted third party located outside of Singapore, we will only do so if we ensure that the overseas receiving party is bound by legally enforceable obligations to afford the transferred data a standard of protection that is comparable to that under Singapore law. We will also ensure that any overseas recipient is able to provide appropriate technical and organisational measures to protect your Personal Data and its confidentiality.
6.1. We will use appropriate and adequate physical, technical and organisational measures to safeguard your Personal Data, for example:
all Personal Data you provide to us is stored on our secure servers;
we restrict access to Personal Data to our employees, service providers and contractors on a strictly need-to-know basis and ensure that those persons are subject to contractual confidentiality obligations; and
we review our Personal Data collection, storage and processing practices from time to time to guard against unauthorised access, processing or use.
6.2. While we will use all reasonable efforts to safeguard your Personal Data, you acknowledge that the transmission of information via the Internet is not completely secure and for this reason we cannot guarantee the security or integrity of any Personal Data that is transferred from you or to you via the internet; any transmission is at your own risk.
6.3. In the event that there is a security breach involving your Personal Data, we will inform you of the incident in accordance with the relevant data protection laws.
7. WHERE WE STORE YOUR DATA
7.1. We may store the Personal Data that we collect from you on internal servers that belong to us and/or our affiliated companies, and/or with commercial cloud storage providers engaged by us and/or our affiliated companies, including but not limited to cloud servers belonging to Amazon Web Services (“AWS Server”). These servers may be located in or outside of Singapore; at the moment, the AWS Server is currently hosted in Mumbai, India, while other AWS Servers may be set up in the future in countries such as Japan and Korea. Therefore, your data may be transferred to and stored in different jurisdictions and may also be processed by staff operating within the various countries who work for us or for one of our contractors and/or our affiliated companies.
7.2. By submitting your Personal Data, you agree to such transfer, storage or processing of your data. In such a case, we will ensure that the receiving organisations will provide a minimum standard of protection to your data that is comparable to the required protection under Singapore law.
8. YOUR RIGHTS
8.1. You may withdraw your consent and request us to stop using and/or disclosing your Personal Data for any or all of the purposes listed above by submitting your request via email to our Data Protection Officer at the contact details provided below. We will endeavour to process your request within ten (10) business days from the day of receipt of your request, otherwise, we will provide you with the estimated time frame for us to carry out your request.
8.2. If you have consented or signed up to receive marketing materials, you may withdraw your consent at any time and request us to stop sending you marketing materials or to stop using your Personal Data for any other marketing activities by submitting your request via email to our Data Protection Officer at the contact details provided below. We will endeavour to process your request within ten (10) business days from the day of receipt of your request.
8.3. Please note that depending on the nature and scope of your request for withdrawal of consent, we may not be in a position to continue providing the platform or our services to you. In our acknowledgement email to you upon your request for withdrawal of consent, we will inform you of the likely consequences of withdrawing consent.
8.4. If you do withdraw your consent, we will work with all relevant stakeholders such as data intermediaries and agents who have been authorised to collect, process or use your Personal Data to ensure that such relevant stakeholders also cease to collect, process or use your Personal Data.
8.5. You may have additional rights if you are located in the UK or the EU (see the section below headed “Additional information for users of our Website/Platform who are located in the United Kingdom or the European Union”).
9.1. You may send our Data Protection Officer requests for:
access to Personal Data which we hold about you; and/or
access to information about the ways in which we use or disclose or may have used or disclosed your Personal Data for the year immediately preceding the date of your request.
9.2. Access requests may be subject to a fee to meet our costs in providing you with details of the information we hold about you. Where such a fee is chargeable, we will let you have a written estimate of the fee before proceeding.
9.3. If we are unable to respond to your requests within thirty (30) days after receipt of your request, we will inform you within that time in writing the time by which we will be able to respond to the request.
9.4. You may have additional rights if you are located in the UK or the EU (see the section Addendum below).
10. ACCURACY OF AND CORRECTION OF PERSONAL DATA
10.1. We will make reasonable efforts to ensure the accuracy and completeness of the Personal Data you provide to us and/or update your Personal Data associated with your account on the platform. However, we also will require you to provide us with accurate, up-to-date and complete information. In order to ensure that the Personal Data that we maintain is accurate, you may send our Data Protection Officer at any time requests to update your information or for correction of errors or omissions in Personal Data which we hold about you.
10.2. We will generally not charge for correction requests, although we reserve the right to do so under unforeseen circumstances. If we are unable to respond to your requests within thirty (30) days after receipt of your request, we will inform you in writing within thirty (30) days of the time by which we will be able to respond to the request.
10.3. If you are in the UK or the EU you should refer to the Addendum below.
11. DATA PORTING REQUEST
11.1. To the extent applicable under the PDPA, as long as you have an existing direct contractual arrangement with us, you may send our Data Protection Officer a request for us to transmit your Personal Data, which was collected or created by us prior to the date of your request, which is in our possession or under our control, to another organisation in Singapore.
11.2. If we are unable to respond to your requests within thirty (30) days after receipt of your request, we will inform you in writing within thirty (30) days of the time by which we will be able to respond to the request.
12. RETENTION OBLIGATIONS
12.1. We will only retain and use Personal Data for as long as is required by law or for other legitimate business purposes including complying with our legal obligations, resolving disputes and enforcing our agreements.
12.2. We will ensure that your Personal Data is destroyed, remove them from our records, and/or ensure that it no longer contains personally identifiable information, as soon as it is reasonable to assume that:
the purpose for which the Personal Data was collected is no longer relevant; and
retention is no longer necessary for legal or business purposes.
12.3. To determine the appropriate retention period for the Personal Data we hold, we will consider the amount, nature and sensitivity of the Personal Data, the risk of harm from unauthorised use or disclosure of your Personal Data, the reasons why we handle your Personal Data, whether we can achieve those purposes through other means, and the applicable legal requirements.
12.4. We may also anonymise your Personal Data so that it can no longer be associated with you, in which case we may retain and use this information indefinitely without further notice to you.
13. THIRD-PARTY SITES
13.1. Our Website/platform or our communication with you may, from time to time, contain links to third-party websites and/or websites of our partner networks, advertisers, affiliates and third party service providers, over which we have no control.
13.2. If you follow a link to any of these websites, please note that they have their own practices and policies. We encourage you to read the privacy policies or statements of these websites to understand your rights. We accept no responsibility or liability for your access of third-party websites.
We may amend this policy from time to time by posting the updated policy on our Website and/or platform. Any changes that we make will be posted on this page and, where appropriate, notified to you by e-mail or post. You should check this policy frequently to ensure you are aware of the most recent version that will apply each time you access the Website/platform. By continuing to use our Website/platform after the changes come into effect means that you agree to be bound by the revised policy.
15. CONTACT US
Bo-Cheng Lin , Data Protection Officer (firstname.lastname@example.org)
If you are in the UK or the EU, you also have the right to make a complaint with the relevant local supervisory authority; however, we would request in the first instance that you contact us.
Please see the Addendum for contact details in your country or jurisdiction.
ADDITIONAL INFORMATION FOR USERS OF OUR WEBSITE/PLATFORM LOCATED IN THE UNITED KINGDOM OR EUROPEAN UNION
If you are in the UK or EU the Relevant Data Protection Laws will apply to our use of your Personal Data. The “Relevant Data Protection Laws” means any applicable data protection and privacy laws relating to the protection of individuals with regards to the processing of personal data including the General Data Protection Regulation (EU) 2016/679 (“EU GDPR”) (together with any applicable laws implemented by EU member states (including any replacement legislation applicable in the UK, whether or not as a result of any full or partial departure of the UK from the European Union), which contain derogations from, or exemptions or authorisations for the purposes of, the EU GDPR, or which are otherwise intended to supplement the EU GDPR); the UK Data Protection Act 2018; the ePrivacy Directive 2002/58/EC as implemented by EU member states; any corresponding or equivalent EU national laws or regulations relating to the collection, use, disclosure and processing of personal data including any amendment, update, modification to or re-enactment of such laws and guides and codes of practice issued from time to time by any supervisory authorities, in each case as amended, updated or replaced from time to time..
For the purposes of the Relevant Data Protection Laws, Infinity Interaction Pte. Ltd. is the controller of the Personal Data that we process about you.
In the event of any conflict or inconsistency with the main body of this Privacy Notice and this Addendum, this Addendum shall prevail if the Relevant Data Protection Laws apply to our use of your Personal Data.
Subject to applicable law, you may have the following rights with regard to the Personal Data we control about you:
The right to request confirmation of whether we process Personal Data relating to you, and if so, to request a copy of that Personal Data;
The right to request that we rectify or update your Personal Data that is inaccurate, incomplete or outdated;
The right to request that we erase your Personal Data in certain circumstances provided by law;
The right to request that we restrict the use of your Personal Data in certain circumstances, such as while we consider another request that you have submitted (including a request that we make an update to your Personal Data);
The right to request that we export your Personal Data that we hold to another company, where technically feasible;
Where the processing of your Personal Data is based on your previously given consent, you have the right to withdraw your consent at any time. Please note, however, that we may still be entitled to process your personal data if we have another legitimate reason (other than consent) for doing so;
In some cases, you may also have the right to object to the processing of your Personal Data; and/or
The right to lodge a complaint with the applicable data protection regulator (details of which are provided below) if you think that any of your rights have been infringed by us.
You will not have to pay a fee to access your Personal Data (or to exercise any of the other rights). We may however charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.
We may request specific information from you to help us confirm your identity and ensure your right to access your Personal Data (or to exercise any of your other rights). This is to ensure that personal data is not disclosed to any person who has no right to receive it.
We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
Subject to Relevant Data Protection Laws, we may transfer Personal Data to other countries or jurisdictions outside of the UK and/or EU. It may also be processed by staff operating outside of the UK and/or EU, including by our affiliates or suppliers.
Where we do transfer Personal Data outside of the UK and/or EU, we shall ensure that your Personal Data will be protected in a manner that is consistent with how it will be protected in the UK and/or EU. This can be done in a number of ways, for instance:
the country or jurisdiction where we transferred the personal data to will be approved by the European Commission or the UK Government (as appropriate); or
appropriate contractual safeguards will be put in place, such as the “Standard Contractual Clauses” approved by the European Commission or UK Government (as appropriate) as having an adequate level of data protection (e.g. according to an adequacy decision adopted by the European Commission) and by adopting appropriate supplementary measures necessary to bring the level of protection of the personal data undergoing transfer up to a level of protection equivalent to that within the EU/EU and UK. You can request a copy of the measures applying to the transfer of personal data by using the contact information as stated below.
In other circumstances, the law may permit us to otherwise transfer your personal data outside the UK and/or EU. In all cases, however, we will ensure that any transfer of your personal data is compliant with data protection law.
If you believe that your privacy has been breached, please contact us using the details below and provide details of the incident so that we can investigate and respond to you about your concerns.
We will review all communications and complaints submitted to us in this manner and will aim to respond to you in writing within a reasonable time. Notwithstanding the above, you have the right to make a complaint at any time to the:
Information Commissioner’s Office (ICO), the UK supervisory authority at http://www.ico.org.uk or contact their helpline on 0303 123 1113; or
Data Protection Agency in the country, you are located, details of which can be found here.