Privacy Policy
1. Scope and Application
This Privacy Policy explains how we collect, use, store, transfer, and protect personal data when you use our websites, games, apps, and support services.
2. Categories of Personal Data
We may collect:
- identity and contact details (name, email, support identifiers);
- account and profile details;
- device and technical data (IP, device ID, OS, app version);
- gameplay telemetry and analytics events;
- communications and support records;
- transaction metadata (through platform/payment providers);
- marketing preferences and consent records.
3. Sources of Data
Data is collected directly from you, automatically from your device/service interactions, and from third parties (e.g., app stores, analytics providers, fraud/security providers).
4. Purposes and Legal Bases
We process personal data for:
- account creation and service delivery;
- customer support and communication;
- analytics, service improvement, and quality assurance;
- fraud detection, abuse prevention, and security;
- legal and regulatory compliance;
- marketing communications where a lawful basis exists (consent or legitimate interest, as applicable).
5. Sharing and Recipients
We may share personal data with:
- cloud hosting and infrastructure providers;
- analytics and measurement providers;
- payment processors/platform operators;
- legal, audit, and professional advisers;
- regulators, law enforcement, and courts where required.
All recipients must process data under confidentiality and security obligations.
6. International Transfers
Where data is transferred outside your jurisdiction (including Kenya), we use lawful transfer mechanisms and safeguards as required by applicable data protection law.
7. Data Retention
We retain personal data only as long as necessary for business and legal purposes, then securely delete, anonymize, or archive it.
8. Data Subject Rights
Subject to applicable law, you may request:
- access to your personal data;
- correction of inaccurate data;
- deletion or restriction of processing;
- objection to certain processing;
- portability (where applicable);
- withdrawal of consent where processing relies on consent.
Requests can be submitted via contact details below.
9. Cookies and Similar Technologies
Our websites/apps may use cookies, SDKs, and similar technologies for functionality, analytics, and measurement. You may manage preferences through browser/device settings where available.
10. Children's Privacy
Where services are directed to or used by children, we implement age-appropriate controls and parent/guardian handling processes as required by law.
11. Security Measures
We implement reasonable technical and organizational measures, including access control, encryption where appropriate, logging, and incident response procedures.
12. Automated Decision-Making
If automated mechanisms (e.g., anti-fraud) materially affect users, we provide legally required disclosures and safeguards.
13. Kenya-Specific Compliance
For Kenya-based processing, we align with the Data Protection Act, 2019 and relevant ODPC guidance, including rights handling and lawful processing requirements.
14. Changes to this Policy
We may update this Policy from time to time. Material changes will be communicated through appropriate channels.
15. Contact and Complaints
Email: hello@novaluminastudio.com
This local policy page is hosted in-project and does not rely on external document links.