(Last updated on May 2018)
Bubadu is a trademark of Pilcom d.o.o, a company registered in Slovenia, with registration number 1318349000 and address at this date at Bračičeva ulica 21, 1380 Cerknica, Slovenia, EU (‘’Bubadu’’, ‘’We’’), who offers entertaining mobile applications (‘’App/s’’). This privacy statement describes how Bubadu collects and uses the information and/or data (the terms are used interchangeably) you provide. It also describes the choices available to you regarding our use of your information and how you can access the information. We respect your privacy and we take protecting it seriously.
We have changed our data processing practices to comply with the Regulation (EU) 2016/679 (EU GDPR) by following the data minimisation principle and anonymising, pseudonymising or deleting personal data where feasible. When using our services the advertising identifier will be anonymised by encryption in a way that we won’t be able to decrypt it without your help. This means that we will only store these personally identifiable data: a) analytics identifier used for the purposes of internal analytics and b) IP address on third party webservers for security reasons to help us detect and prevent fraudulent activity and to get country information needed for cross promo ads. We will still need to enable our Advertising Providers to collect your advertising identifier, IP address and other data to show you ads. We have executed Data Processing Agreements with such partners to make sure your data is safe. Your can opt out of advertising at any time by following instructions in Right To Object Section of this GDPR Statement. Should you not want Third Party Providers (Apple, Google, FB ) to use your data for the functionalities within the App, please do not log in or use their services. Some of the Third Party Providers store or transfer data outside EEA.
You can use our Apps in two ways. By using the free version, we will anonymise personally identifiable information, but still enable the transfer of your advertising identifier, IP address and other data to our Advertising Providers and Analytics Providers. We will show you only contextual ads and we do not allow any profiling or behavioural ads. Our free App versions already include the minimal possible data collection and processing, so we are confident you will feel comfortable sharing your data with us. By voluntarily signing into Third Party Providers functionalities within our App, you allow the usage of your data to such third parties (FB, Game Centre, in-app purchase providers).
Because we process your data on legitimate interests basis, you have the right to object to our processing as well as the right to restriction on processing namely the marking of stored personal data with the aim of limiting their processing in the future. We have limited the amount of personal data we collect to advertising identifier and IP address and anonymise/pseudonymise our processing where feasible. When you use our free App version, we process your data only for analytics to improve our services and to display ads. You have the right to object to data processing for advertising and analytical services by choosing these options ‘’Remove Ads’’ or ‘’Buy Full Version’’ available within the App (as button on homepage) or in the app store. When you choose this option we disable any future advertising and analytics and stop sharing and using your data for these purposes. You will still be shown cross-promo ads, namely ads for our services within our Apps, which means that your encrypted advertising identifier will only be used for this type of advertising without involving any third parties. We will use your country data to show appropriate cross promo ads, but we won’t store it for more than three (3) days. Your IP address will be processed on third party web servers and shall be used for security reasons only. Your data will be automatically deleted from our logs within one (1) month and from backup logs within two (2) months. Should you want to object to Third Party Providers functionalities data collection within our App, stop using these functionalities, namely FB and Game Center or opt out of notifications within the settings of your mobile device and request deletion of data by contacting us or such providers. Should you not feel comfortable with this lighter version of your data processing, you have the right to object to us using your data by sending an email to support(at)bubadu.com or exercise your right to erasure.
We are processing your data on legitimate interests basis and have limited the amount of data we collect to advertising identifiers and IP address which is already available to you on the operating system within your mobile device. For these reasons, we are not able to offer the exercise of these rights. Should you have any concerns about exercising these rights, please contact us and we will revaluate our decision.
Should you wish to terminate our services and request the deletion of all data, please send us an email to: support(at)bubadu.com and add your advertising identifier number. The logs with your data will be deleted within one (1) month and backup logs within two (2) months. We will also ask our Providers to delete the data they may have.
We process your data by conducting internal analytics to improve our service, to display contextual ads and for security reasons. We have adhered to the data minimisation principle and we only collect the data we need for our processing purposes. We anonymize and/or pseudonymise the data on our end. We use your data in a way you would reasonably expect, as our services are free and our data processing has minimal impact on your privacy. For these reasons we are relaying on legitimate interests of contextual advertising and internal analytics as the legal basis for our data processing. We also enable you to use our services in a way that your data will be anonymised and shall not be used for analytics and advertising, please see ‘’Right to delete’’ Section of this GDPR Statement. As a best practice, you will be informed about the legitimate interests data processing and your right to object with a notice in the form of a pop up banner.
Should you have any data processing or privacy related questions, please contact our DPO, Primož Furlan by sending an email to: support(at)bubadu.com (subject 'DPO''). Should you have any concerns or compaints our DPO is not able to solve, you have the right to lodge a complaint with a supervisory authority, Informacijski pooblaščenec, Zaloška cesta 59, 1000 Ljubljana, Slovenija by sending an email to [email protected]
We and our Providers collect anonymous information by which users cannot be directly or indirectly identified (‘’Non-Personal Information’’). Non-Personal Information may include various technical information, such as information about your device, your browser type, screen resolution, device type, language, version and type of operating system, mobile phone carrier, network provider, network status, SDK version, browser cookies, API key, application version, Android or iOS Vendor, Flash version, geo location (not specific enough to identify a city or town), storage size, screen size, firmware, aggregated data log files from servers, session information, levels achieved, in-app purchases, advertisement response (including clicks on ads, if it originated a follow-up action to a third party e.g, “conversion” event), which advertisements are shown, the date and time a particular ad is served, angle view, information about the advertisements reviewed by the user.
We collect and we allow our Providers to collect some of these personal information through which you can be indirectly identified, such as: IP address, advertising identifier (IDFAs - iOS, IDFVs, Advertising ID - Android), geo-location data (specific enough to identify a town and state), raw data log files on servers (IP address, date, time, requests, state etc.), cookies, pixels, the activities of the user in our App (characteristics obtained by your use, such as data about Apps you used, any actions or movements within the Apps, date and time, response times, download errors, length of visits, interaction information such as scrolling, clicks, and mouse-overs, what tools in the Apps the user uses, user’s interaction with the service and user’s behaviour on the service), player identifier string when using game center and push tokens (‘’Personal Information’’). Our Advertising Providers collect data regarding advertisement performance, user’s interaction with ads, our Apps and user’s interests. The Information is used only for limited purposes as stated in Section ‘’Usage of Information’’ taking into account the limitations regarding collection and usage of certain Information in Section ‘’Children’s Information Collection’’. Non-personal Information and Personal Information is commonly referred to as the ‘’Information’’.
We pride ourselves on offering entertaining Apps for family audience of all ages. Because we want your child to use our Apps in a safe environment, we have limited the collection and usage of the collected Information for Apps that are directed to children. We have also integrated an age gate in order to limit the collection and usage of Information for users under the age of 16 in specific territories (US included) for the mixed audience Apps.
The age gate is being conducted after the download of some of our Apps for specific territories in order to assure the privacy and protection of younger users of our apps. If you do not pass the age gate the features enabling potential collection and sharing of personally identifiable information such as game center feature and interaction with third party social networks or platforms are disabled for your device ID. For your safety, it is not possible to change your age later on. We do not store your year of birth, but only the information whether your device ID passed the age gate or not.
We also limit the Provider’s usage of Information collected from users of child directed or mixed audience Apps that do not pass the age gate. Our Advertising Providers are allowed to show you contextual ads, but are prohibited from conducting behavioral advertising, profiling or contacting you in any other way.
We use the Information we collect with the help of our Analytics Providers to constantly improve our Apps and make them better for you, as well as to display advertisements with our Advertising Providers which enables us to offer some of our apps to you for free. We chose our Providers carefully and request their compliance with valid legislation.
We and our Analytics Providers use the Non-Personal Information to understand and optimize how our Apps are used, improve our marketing efforts, provide our content and features that are of interest to you, for statistics, analytics, research and development in order to continuously improve our apps and make them better for you. This includes correcting technical malfunctions, customization, providing better and improved content, developing new offers, measuring traffic and usage of our apps, promoting the apps and improving the user experience. We use aggregated and anonymized data log files and the activities of the user within our apps for internal analytics to improve our Apps.
We also use your Information to permit certain functionalities available within the apps (such as in-app purchases), permit you to use the Game Center Features, the Social Features and the features which are available while using the "Log in with Facebook" feature as well as send you local notifications to your device. We will only use local notifications to remind you about your activities within the App.
Our Advertising Providers are allowed to use the Information to provide contextual advertisements, conduct ad mediation, for support for internal operations and on an anonymized basis to improve their products by conducting research and analysis with the use of aggregated advertising information to understand and optimize how the advertisements are used.
We select Advertising Providers attentively to maintain compliance with applicable privacy laws hence we only allow the display of contextual advertisements to Apps that are child directed or mixed audience. Furthermore, we flag persistent identifiers used in child directed or mixed audience apps in order to ensure our Advertising Providers are able to comply with child protection legislation namely COPPA restrictions in the US territory, meaning they are allowed to use Personal Information solely for the purposes of internal operations and contextual advertising but are prohibited from contacting a user, including through behavioral advertising; to amass a profile on a user; or use the Information for any other purpose.
We use third party Webserver Providers, namely CloudFlare to store your IP address for the purposes of security. Please see Section ‘’Webserver Providers’’ for more info on how they use your data.
Sometimes we need to disclose the Information for other lawful purposes, as customary for all App developers.
Apart from sharing the Information with our Analytics and Advertising Providers (together with Third Party Services Providers as defined in Section ‘’Our Providers’’ referred to as the ‘’Providers’’) as stated in Section ‘’Usage of Information’’ we may also disclose Information in the following cases:
if required by law, for example to comply with a court order, subpoena, regulation, legal process or other governmental request;
to exercise or protect the rights, property or personal safety of the Company, our users or others;
to enforce this privacy statement, including investigation of potential violations thereof;
upon fulfilling legal requirements of local legislation (for example verifiable parental consent of a legal guardian for child directed apps in the US etc.) in order to supply certain services/information third party might legally request from us
to detect, prevent, or otherwise address fraud, security or technical issues;
if Bubadu is involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified of any change in ownership or uses of your information via our website;
to respond to claims that any content published on the Bubadu Apps violates any right of a third party
Apple AppStore: If you choose to use AppStore to
finalize and pay for your order, you will provide your credit card
information you provide to Apple.
Windows AppStore: If you choose to use AppStore to
finalize and pay for your order, you will provide your credit card
the information you provide to Microsoft.
Amazon: If you choose to use Amazon to finalize and pay
for your order, you will provide your credit card number directly to
provide to Amazon.
In-App purchases: Our Apps enable in-app purchases. In order to make a purchase from us, you must use our third party checkout options to finalize and pay for your order. In-app purchases may be made only upon entering the app store password and you are responsible for maintaining the security of such password. Your authentication and security maintaining is subject to specific terms of the app store and the OS of your mobile device. You should be aware of the iOS’ 15-minute and Android’s 30-minute window after the downloading of an Application, during which in-app purchases may be made without inserting an in-app store password. You should also take into account that OS 2.1 or older versions of Android mobile phones do not require entering of the app store account password to carry out in-app purchases.
Third Party Sites: Our Apps may contain links to third party websites, products, or services. For example, the Apps may feature offers from third party advertisers or the ability to engage in transactions with such entities. Please note that while using such third party offerings, you are using sites, products, and services developed and administered by people or companies not affiliated with or controlled by us. We are not responsible for the actions of those people or companies, the content of their sites, products or services, the use of information you provide to them, or any products or services they may offer. Our link to such third parties does not constitute our sponsorship of, or affiliation with, those people or companies. Nor is such linking an endorsement of such third party’s privacy or information security policies or practices or their compliance with laws. Information collected by third parties, which may include such things as location information or contact details, is governed by their privacy practices. These other websites or services may place their own cookies or other files on your computing device, collect information or solicit personal information from you. We encourage you to learn about the privacy practices of third parties with which you interact. We are not responsible or liable for your interaction with such third parties, the information requests initiated by such third parties, or the subsequent use, treatment or dissemination of information you voluntarily choose to provide to them.
We show third party advertisements from ad partners Admob, inMobi, Unity Ads, AppLovin, AdColony, Vungle, Superawesome, Kidoz, myTarget, Mobvista, ironSource (for more information on data processing please see https://developers.ironsrc.com/ironsource-mobile/air/ironsource-mobile-privacy-policy/). For the Apps that are directed to children and/or mixed audience but the users did not pass the age gate, we show ads with COPPA settings for the US territory enabled, meaning that the Advertising Providers are obligated to comply with COPPA restrictions as stated herein. Some of the Advertising Providers store or transfer data outside EEA. The data is transferred to countries with a current determination of adequacy, adhering to Binding Corporate Rues, EU-US Privacy Shield or other acceptable manners. Although we encrypt the advertising identifiers, our ad partners are able to collect personally identifiable data such as advertising identifier, IP address, cookies, pixels, location as well as other data.
We use Google Analytics to collect the Information in order to analyze and improve our Apps. If you are using one of our child directed Apps or mixed audience Apps and you identified yourself as under the age of 13, the collected Information will only be used for support for internal operations.
We use Digital Ocean services to store the data on their servers based in the US. The data transfer provides appropriate safeguards by virtue of Digital Ocean having certified its compliance with the Privacy Shield and shall process such data in compliance with the Privacy Shield. We have entered into a Data processing agreement with Digital Ocean. For more information, please see https://www.digitalocean.com/security/gdpr/.
We use third party Webserver Providers, namely CloudFlare to store your IP address for the purposes of security to help us detect and prevent fraudulent activity. These services may collect your information when you use our services, web applications, and APIs. The information may include but is not limited to IP addresses, location data, Log File, User Agent String, Unique ID, system configuration information, cookies and related technologies, other information about traffic to and from our Apps (collectively, “Log Data”). The Webserver Providers collect and use Log Data to operate, maintain, and improve their Services for the purpose of providing security. For example, Log Data can help us to detect new threats, identify malicious third parties, and provide more robust security protection for our services. Where Webservers Providers use information collected from Resolver Users to operate and improve the Cloudflare Resolver, such as to assist us in our debugging efforts if an issue arises, they will not combine the information collected from DNS queries with any other data in any way that can be used to identify individual end users. Some of the Webserver Providers store or transfer data outside EEA. The data is transferred to countries with a current determination of adequacy, adhering to Binding Corporate Rues, EU-US Privacy Shield or other acceptable manners. Although we encrypt the advertising identifiers, our ad partners are able to collect personally identifiable data such as advertising identifier, IP address, cookies, pixels, location as well as other data. Please see these providers privacy policies for more info: https://www.cloudflare.com/privacypolicy. With using NGINX we store your IP address and logs locally and the same are deleted within 30 days. We use MaxMind to determine the country from IP address, where this in not possible using Cloudflare and based on country show GDPR legitimate interests notice and for ad optimization.
You are always free to opt out of the Information collection by Third Party Providers by not logging in or using their services. You can deactivate local notifications by changing the notification settings in accordance with the instructions of the operating system running on the users’ device.
iOS: You will be asked to accept or refuse local notifications after the App is downloaded. If you do not accept, you will not receive local notifications. Please note that if you accept, some mobile phones will allow you to disable notifications later on by using the settings on your mobile phone. To manage notifications on your mobile phone please follow these instructions: Open your Settings menu and tap “Notifications”; Find the Application; Tap on the icon of Application; Manage the “Notifications” option by sliding it OFF or ON.
Android and Windows: After an Application is downloaded, you will automatically receive local notifications. Some of our Apps offer disabling of local notifications by entering the homepage of the App and choosing the “Settings” option. Here, local notifications can be disabled by choosing the uncheck option ‘’0’’. For other Apps your local notification can be disabled within your mobile phone settings.
You can opt out of analytics and displaying ads by choosing these options ‘’Remove Ads’’ or ‘’Buy Full Version’’ available within the App (a button on home screen) or in the app store. You also have the right to erasure which can be exercised by sending an email to support(at)bubadu.com and adding your advertising identifier. For request to delete IronSource data collection, please send an email to [email protected] and add your advertising identifier.
We store your Information for as long as needed to provide you with our services. We may store Information longer, but only in a way that it cannot be tracked back to you. When Information is no longer needed, we shall delete it using reasonable measures to protect the Information from unauthorized access or use.
As explained in the GDPR statement, we strive to anonymize the data when possible. Our technical logs will be automatically deleted within one (1) month and backup logs within two (2) months. If you decide to exercise your right to erasure we will also inform our Providers to delete all your data.
Storing might be different depending on the territory of collecting the information and the applicable legislation, but we always strive to store the information only as long as it is needed for the purposes of providing, improving or personalizing our services.
Data Log Files Storing We store raw data log files on servers for one month, afterwards the data is deleted.
We follow generally accepted industry standards and internal procedures to protect Information submitted to us, both during transmission and once we receive it.
The Information are encrypted and password protected and we have integrated commercially reasonable efforts to assure that your Information remains secure when maintained by us, but please be aware that no security measures are perfect or impenetrable. If you have any questions about security of our mobile applications, you can contact us at support(at)bubadu.com. We have implemented and shall maintain appropriate technical and organizational security measures to protect Personal Information and to preserve the security and confidentiality.
If you have any questions, please contact us at: support(at)bubadu.com or write to us to the address: PILCOM d.o.o., Bračičeva ulica 21, 1380 Cerknica, Slovenia, Europe.