Bubadu Privacy Policy

I.ABOUT US
If you have any privacy related concerns, please contact us at: [email protected]

Bubadu d.o.o is a company registered in Slovenia, with registration number 7117060000 and address at this date at Bračičeva ulica 21, 1380 Cerknica, Slovenia, EU (‘’Bubadu’’, ‘’We’’), who offers entertaining mobile applications (‘’App/s’’). This privacy statement describes how Bubadu collects and uses the information and/or data (the terms are used interchangeably) you provide. It also describes the choices available to you regarding our use of your information and your rights. We respect your privacy and we take protecting it seriously.

Should you have any data processing or privacy related questions, please contact our DPO, Primož Furlan by sending an email to: [email protected] (subject 'DPO'').

II. HOW WE USE YOUR DATA

We process your data to offer our Services, for security reasons, for internal analytics and to show you advertisements.

TO OFFER OUR SERVICES

We process the data so that you can play the games, use in-app purchases, receive local notifications and use other functionalities with the app. We use it to maintain and analyse the functioning of the App, to respond to your questions as well as to comply with our legal obligations.

FOR ADVERTISING

Bubadu apps are designed for families which is why we decided to set the ‘’do not track’ option for all users of our Android and iOS apps. This means that we do not collect advertising identifiers and we don’t pass it to our partners either.

When using our apps, you will see ads that are based on the content of the app you are using (‘’contextual ads’’). We do not track our users, so we will never show you ads based on your behaviour or interest. We use your information for cross promoting our Apps and services, meaning to promote one of our apps while you are playing a different app of ours.

In order to offer some of our Apps for free, we need to use the Information to display advertisements (banners, interstitials, rewarded videos) with the help of our Advertising Providers. The Apps include third parties’ SDK’s to collect the Information needed to display advertisements. The Information is used for ad serving features such as frequency capping (so that you are not displayed with the same ad twice etc.) and ad mediation. The Information may be stored on the user’s device through generally accepted industry technologies used within our apps (such as cookies, local storage). Our Advertising Providers may use cookies and other web-tracking technologies to collect non-personal information in case the user clicks on any of their advertisements.

Our Advertising Providers are allowed to use the Information to provide contextual advertisements, conduct ad mediation, for support for internal operations and on an anonymized basis to improve their products by conducting research and analysis with the use of aggregated advertising information to understand and optimize how the advertisements are used.

We select Advertising Providers attentively to maintain compliance with applicable privacy laws hence we only allow the display of contextual advertisements to Apps that are child directed or mixed audience. Furthermore, we flag users in child directed or mixed audience apps in order to ensure our Advertising Providers are able to comply with child protection legislation namely COPPA restrictions in the US territory, meaning they are allowed to use your information (if any) solely for the purposes of internal operations and contextual advertising but are prohibited from contacting a user, including through behavioural advertising; to amass a profile on a user; or use the Information for any other purpose.

FOR INTERNAL ANALYTICS

We use the Information we collect with the help of our Analytics Providers to constantly improve our Apps and make them better for you. We and our Analytics Providers try to understand and optimise how our Apps are used, improve our marketing efforts, provide our content and features that are of interest to you, conduct statistics, analytics, research and development in order to continuously improve our apps and make them better for you. This includes correcting technical malfunctions, customization, providing better and improved content, developing new offers, measuring traffic and usage of our apps, promoting the apps and improving the user experience. We use aggregated and anonymized data log files and the activities of the user within our apps for internal analytics to improve our Apps.

We also use your information to permit certain functionalities available within the apps (such as in-app purchases).

We log basic events so that we can understand your actions within the app (gaming level reached, first opened the app, how many items you buy, in which currency etc.), we see system events or errors, we track metrics such as user engagement and behaviour per screen so that we can improve the App and make it more appealing, we can see how many users installed our app in a specific country etc.

We chose our Providers carefully and request their compliance with valid legislation. For a full list of our third party service providers, please see Our Providers section.

FOR SAFETY AND SECURITY

We use your information for enhancing the safety and security of our Apps, products and services. We will use your IP address on third party web servers for security reasons to help us detect and prevent fraudulent activity.

LEGAL BASIS

We use your data in a way you would reasonably expect, as our services are free and our data processing has minimal impact on your privacy. For these reasons we are relying on contractual basis and legitimate interests of contextual advertising and internal analytics as the legal basis for our data processing.

Contract performance This covers data that is processed by us in order to provide you with Services that you have requested.

Legitimate interests This covers data processed by us for the purposes that can be reasonably expected within the context of your use of our Services to pursue our legitimate interests, in order to improve our Services and your experience, for advertising, for internal analytics and to ensure a safe and secure service.

III. THE DATA WE COLLECT

TECHNICAL DATA

We and our Providers collect anonymous information by which users cannot be directly or indirectly identified. This may include various technical information, such as information about your device, your browser type, screen resolution, device type, language, version and type of operating system, mobile phone carrier, network provider, network status, SDK version, browser cookies, API key, application version, Android or iOS Vendor, location (specific enough to identify state and city and used for analytics and advertising), storage size, screen size, firmware, aggregated data log files from servers, session information, levels achieved and in-app purchases.

ADVERTISING DATA

We use the ‘’do not track’’ option for all our Apps which means that we do not collect advertising identifiers and do not pass it to the advertiser.

We use our own identifier for advertising (‘’Bubadu Identifier’’), and we can’t connect it with any data that could personally identify you or your device. This means that the data is anonymous.

Bubadu Identifier is a random string in a text file on your device. When sent to our server, it will be coded in a way that we will not be able to decode it.

Advertisement response (including clicks on ads, if it originated a follow-up action to a third party e.g, “conversion” event), which advertisements are shown, the date and time a particular ad is served, angle view, information about the advertisements reviewed by the user.

We collect and we allow our Providers to collect some of these information, such as: IP address, location data (specific enough to identify a state for cross promo ads and city for analytics), raw data log files on servers (IP address, date, time, requests, state etc.). Contextual advertising can come from the type of device being used, game/app genre, or selected language. Our Advertising Providers collect data regarding advertisement performance, user’s interaction with ads and our Apps.

We use StoreKit Ad Network, or SKAdNetwork, a privacy-centric API operated by Apple. It helps ad networks and advertisers measure their ad activity (such as impressions, clicks, and app instals) on an aggregated level.

IP ADDRESS

We will collect your IP address on third party webservers for security reasons to help us detect and prevent fraudulent activity and to get country information needed for cross promo ads.

ANALYTICS IDENTIFIER

We use user_pseudo_id for analytics. This is a unique identifier based on app install. We can’t connect user_pseudo_id with any data that could personally identify you or your device. The data is anonymous and we use it on an aggregate basis meaning that we combine data from many users.

CHILDREN’S DATA

We pride ourselves on offering entertaining Apps for family audience of all ages. Because we want your child to use our Apps in a safe environment, we have limited the collection and usage of Information for all our Apps.

We limit our Advertising Providers to show you only contextual ads and they are prohibited from conducting behavioural advertising, profiling or contacting you in any other way.

Kids Privacy Assured by PRIVO: COPPA Safe Harbor Certification

Bubadu d.o.o. is a member of the PRIVO Kids Privacy Assured COPPA Safe Harbor Certification Program (“the Program”). The Program certification applies to the digital properties listed on the validation page that is viewable by clicking on the PRIVO seal. PRIVO is an independent, third-party organization committed to safeguarding children's information collected online. The PRIVO COPPA certification seal posted on this page indicates Bubadu d.o.o. has established COPPA compliant privacy practices and has agreed to submit to PRIVO’s oversight and consumer dispute resolution process. If you have questions or concerns about our privacy practices, please contact us at +386 1 7096 060 or [email protected] If you have further concerns after you have contacted us, you can contact PRIVO directly at [email protected]

COPPA Safe Harbor Certification

IV. WHO HAS ACCESS TO YOUR DATA

We cannot provide all services necessary for the successful operation of our Apps by ourselves. We therefore enable our Providers to collect some information from you. When using the Third Party Services, you adhere to their data processing practices, as defined in their Privacy Policies available below. We encourage you to read the Privacy Policies before using such services. We strive to obligate our Advertising and Analytics Providers to comply with this Privacy Policy, but we cannot provide any guarantee on their behalf. We have entered into Data Processing Agreements with our Providers to make sure your data is safe.

We adhere to the generally accepted industry practices regarding the collection and the usage of information by our Providers and strive to limit their usage to the services they provide for us. You recognize and agree that Bubadu is not liable for the Third Party Service Provider’s terms and conditions and their use of your Information. If you for example click on the ad within our App and get redirected to third party site, your data processing will be governed by such third party provider’s terms and privacy policy. For more information on the Provider’s Information processing practices, please read their privacy policies.

THIRD PARTY SERVICE PROVIDERS

By voluntarily signing into Third Party Providers functionalities within our App, you allow the usage of your data to such third parties.

Google Wallet If you choose to use Google Checkout to finalize and pay for your order, you will provide your credit card number directly to Google Checkout. Google's Privacy Policy will apply to the information you provide to the Google Checkout web site.
https://payments.google.com/payments/apis-secure/u/0/get_legal_document?ldo=0&ldt=buyertos&ldr=US
https://payments.google.com/payments/apis- secure/u/0/get_legal_document?ldo=0&ldt=privacynotice

Apple AppStore If you choose to use AppStore to finalize and pay for your order, you will provide your credit card number directly to Apple. Apple's Privacy Policy will apply to the information you provide to Apple.
http://www.apple.com/legal/internet-services/itunes/us/terms.html
http://www.apple.com/legal/privacy/

Amazon If you choose to use Amazon to finalize and pay for your order, you will provide your credit card number directly to Amazon. Amazon's Privacy Policy will apply to the information you provide to Amazon.
https://payments.amazon.com/help/201212430
https://payments.amazon.com/help/201751600

Huawei App Gallery If you choose to use Huawei App Gallery
https://privacy.consumer.huawei.com/legal/hiapp/terms.htm?country=DE&branchid=1&language=sl

In-App purchases Our Apps have in-app purchases. In order to make a purchase from us, you must use our third party checkout options to finalize and pay for your order. In-app purchases may be made only upon entering the app store password and you are responsible for maintaining the security of such password. Your authentication and security maintaining is subject to specific terms of the app store and the OS of your mobile device. You should be aware of the iOS’ 15-minute and Android’s 30-minute window after the downloading of an Application, during which in-app purchases may be made without inserting an in-app store password.

Third Party Sites Our Apps may contain links to third party websites, products, or services. For example, the Apps may feature offers from third party advertisers or the ability to engage in transactions with such entities. Please note that while using such third party offerings, you are using sites, products, and services developed and administered by people or companies not affiliated with or controlled by us. We are not responsible for the actions of those people or companies, the content of their sites, products or services, the use of information you provide to them, or any products or services they may offer. Our link to such third parties does not constitute our sponsorship of, or affiliation with, those people or companies. Nor is such linking an endorsement of such third party’s privacy or information security policies or practices or their compliance with laws. Information collected by third parties, which may include such things as location information or contact details, is governed by their privacy practices. These other websites or services may place their own cookies or other files on your computing device, collect information or solicit personal information from you. We encourage you to learn about the privacy practices of third parties with which you interact. We are not responsible or liable for your interaction with such third parties, the information requests initiated by such third parties, or the subsequent use, treatment or dissemination of information you voluntarily choose to provide to them.

ADVERTISING PROVIDERS

We show ads with COPPA settings for the US territory enabled, meaning that the Advertising Providers are obligated to comply with COPPA restrictions as stated herein. Some of the Advertising Providers store or transfer data outside EEA. The data is transferred to countries with a current determination of adequacy, adhering to Binding Corporate Rules, EU-US Privacy Shield or other acceptable manners.

We show third party advertisements from these ad partners
Kidoz: https://kidoz.net/website-and-kidoz-sdk-privacy-policy
AdMob: https://policies.google.com/privacy
https://support.google.com/admob/answer/6128543?hl=en
Unity Ads: https://unity3d.com/legal/privacy-policy
AppLovin: https://www.applovin.com/privacy
Vungle: https://vungle.com/privacy
inMobi: https://www.inmobi.com/privacy-policy
IronSource: https://developers.ironsrc.com/ironsource-mobile/air/ironsource-mobile-privacy-policy
Huawei Prime ads: We have integrated the HUAWEI Ads SDK (com.huawei.hms:ads-prime) into your app. https://developer.huawei.com/consumer/en/doc/development/HMSCore-Guides/publisher-service-personal-data-0000001050066921

SuperAwesome: SuperAwesome Trading Limited (“SuperAwesome”) is a provider of kid-safe advertising services that are designed specifically for the compliance requirements of younger audiences, including those aged under 13. SuperAwesome places contextual advertising on applications without collecting any personally identifiable information, including persistent identifiers.

SuperAwesome is certified as COPPA-compliant by the kidSAFE Seal Program, an FTC-Approved COPPA Safe Harbor Program. Please go to www.kidsafeseal.com for more information.

SuperAwesome is a valid licensee, and participating member, of the Entertainment Software Rating Board’s Privacy Certified Program (“ESRB Privacy Certified”). To protect your privacy, SuperAwesome has voluntarily undertaken this privacy initiative, and its services have been reviewed and certified by ESRB Privacy Certified to meet established online information collection, use and disclosure practices. As a licensee of this privacy program, SuperAwesome’s services are subject to frequent audits and other enforcement and accountability mechanisms administered independently by ESRB Privacy Certified.

SuperAwesome also provides advertising services in compliance with the General Data Protection Regulation (EU 1996/679). Adopting an approach of ‘privacy by design and by default’, SuperAwesome utilises proprietary technologies so that it neither collects, stores nor shares your personal data to provision advertisements or target advertising to you.

You may contact SuperAwesome directly at [email protected] on + 44 203 668 6677, or by post: Privacy Team, SuperAwesome Trading Limited, 22 Long Acre, London WC2E 9LY, United Kingdom.

ANALYTICS PROVIDERS

Google Analytics for Firebase and Big Query allows us to collect data on the usage of our Apps. We use your data only for the purposes of our internal analytics to improve our Apps and we do not allow sharing of your data with other parties and their products or services. Google Analytics for Firebase collects these data: user_pseudo_id, browser type and settings, operating system, mobile network information, IP Address (which is anonymised before any storage takes place), and crash reports. This data is collected by Google Firebase when the users installs the App from Google Play of App Store. We use Firebase Analytics' own user_pseudo_id, which is based on app install and does not separate one mobile device from another and can not personally identify you. We are using the following Google Analytics for Firebase features: Remote Config., Crash Reporting, Events (about usage of our App in a pseudonymized way), Analytics in general, Firebase Cloud Functions and Firebase Communication Manager. For more information, please see:
https://firebase.google.com/policies/analytics/,
https://support.google.com/analytics/answer/6004245?hl=en,
https://policies.google.com/technologies/partner-sites,
https://firebase.google.com/terms/.

We use Google Analytics to collect the Information in order to analyze and improve our Apps.
https://www.google.com/analytics/terms/us.html
https://www.google.com/intl/en/policies/privacy/

Digital Ocean

We use Digital Ocean services to store the data on their servers based in the US. The data transfer provides appropriate safeguards by virtue of Digital Ocean having certified its compliance with the Privacy Shield and shall process such data in compliance with the Privacy Shield. We have entered into a Data processing agreement with Digital Ocean. For more information, please see: https://www.digitalocean.com/security/gdpr/.

Webserver Providers

We use third party Webserver Providers, namely CloudFlare to store your IP address for the purposes of security to help us detect and prevent fraudulent activity. These services may collect your information when you use our services, web applications, and APIs. The information may include but is not limited to IP addresses, location data, Log File, User Agent String, Unique ID, system configuration information, cookies and related technologies, other information about traffic to and from our Apps (collectively, “Log Data”). The Webserver Providers collect and use Log Data to operate, maintain, and improve their Services for the purpose of providing security. For example, Log Data can help us to detect new threats, identify malicious third parties, and provide more robust security protection for our services. Where Webservers Providers use information collected from Resolver Users to operate and improve the Cloudflare Resolver, such as to assist us in our debugging efforts if an issue arises, they will not combine the information collected from DNS queries with any other data in any way that can be used to identify individual end users. Some of the Webserver Providers store or transfer data outside EEA. The data is transferred to countries with a current determination of adequacy, adhering to Binding Corporate Rues, EU-US Privacy Shield or other acceptable manners. Our advertising partners may collect some data. Please see these providers privacy policies for more info: https://www.cloudflare.com/privacypolicy.

DISCLOSURE FOR LEGAL PURPOSES

We may also disclose information in the following cases:

  • if required by law, for example to comply with a court order, subpoena, regulation, legal process or other governmental request;

  • to exercise or protect the rights, property or personal safety of the Company, our users or others;

  • to enforce this privacy statement, including investigation of potential violations thereof;

  • upon fulfilling legal requirements of local legislation (for example verifiable parental consent of a legal guardian for child directed apps in the US etc.) in order to supply certain services/information third party might legally request from us

  • to detect, prevent, or otherwise address fraud, security or technical issues;

  • if Bubadu is involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified of any change in ownership or uses of your information via our website;

  • to respond to claims that any content published on the Bubadu Apps violates any right of a third party

V. YOUR RIGHTS

We have adhered to the data minimisation principle and we only collect the data we need for our processing purposes. We anonymize the data on our end so that we can not tie it back to you.

DEACTIVATE LOCAL NOTIFICATIONS

You can deactivate local notifications by changing the notification settings in accordance with the instructions of the operating system running on the users’ device.

iOS: You will be asked to accept or refuse local notifications after the App is downloaded. If you do not accept, you will not receive local notifications. Please note that if you accept, some mobile phones will allow you to disable notifications later on by using the settings on your mobile phone. To manage notifications on your mobile phone please follow these instructions: Open your Settings menu and tap “Notifications”; Find the Application; Tap on the icon of Application; Manage the “Notifications” option by sliding it OFF or ON.

Android: After an Application is downloaded, you will automatically receive local notifications. Some of our Apps offer disabling of local notifications by entering the homepage of the App and choosing the “Settings” option. Here, local notifications can be disabled by choosing the uncheck option ‘’0’’. For other Apps your local notification can be disabled within your mobile phone settings.

OPT OUT OF ADS

You can opt out of displaying ads by choosing these options ‘’Remove Ads’’ or ‘’Buy Full Version’’ available within the App (a button on home screen) or in the app store.

OPT-OUT OF THIRD PARTY PROVIDERS

You are always free to opt out of the information collection by Third Party Providers by not logging in or using their services. For example Apple, Google etc. may use your data for the functionalities within the App, should you not want them to do so, please do not log in or use their services. Some of the Third Party Providers store or transfer data outside EEA.

RIGHT TO OBJECT AND TO RESTRICTION OF PROCESSING

Because we process your data on legitimate interests basis, you have the right to object to our processing as well as the right to restrict our processing namely the marking of stored personal data with the aim of limiting their processing in the future.

We have limited the amount of data we collect and we don’t use advertising identifiers anymore. We also anonymise/pseudonymise our data processing where feasible.

When you use our free App version you have the right to object to data processing for advertising by choosing these options ‘’Remove Ads’’ or ‘’Buy Full Version’’ available within the App (as button on homepage) or in the app store. When you choose this option we disable any future advertising and stop sharing and using your data for advertising.

You will still be shown cross-promo ads, namely ads for our services within our Apps, which means that your Bubadu identifier will only be used for this type of advertising without involving any third parties.

We will use your country data to show appropriate cross promo ads, but we won’t store it for more than three (3) days.

Your data will be automatically deleted from our logs within one (1) month and from backup logs within two (2) months.

Should you not feel comfortable with this lighter version of your data processing, you have the right to object to us using your data for analytics by sending an email to [email protected] or exercise your right to erasure by deleting the app which will also delete all related data.

CCPA RIGHTS

If you are a California resident, California Consumer Privacy Act (CCPA) may permit you to opt out of the sale of your personal information to third parties (as those terms are defined in the CCPA). CCPA recognizes certain exceptions to the definition of sale, such that not all transfers of personal information are considered sales. For example, transferring information to a "service provider" under the law is not a sale. We are not selling any information to third parties and we don’t allow tracking of data to third parties.

Right to access, data portability, copy and rectification

We have anonymised your data and we are not able to identify your specific device. For this reason we can offer these rights.

We do store your IP address which is already available to you on the operating system within your mobile device, but we only use it in case of a security incident. For this reason, we are not able to offer the exercise of this right.

Should you have any concerns about exercising these rights, please contact us and we will reevaluate our decision.

Right to erasure

Should you wish to terminate our services and request the deletion of all data, please uninstall our app. The logs with your data will be automatically deleted within one (1) month and backup logs within two (2) months.

Right to file a complaint

Should you have any data processing or privacy related questions, please contact our DPO, Primož Furlan by sending an email to: [email protected]u.com (subject 'DPO''). Should you have any concerns or complaints our DPO is not able to solve, you have the right to lodge a complaint with a supervisory authority, Informacijski pooblaščenec, Zaloška cesta 59, 1000 Ljubljana, Slovenija by sending an email to [email protected]

VI. STORING, TRANSFER, RETENTION AND DELETION OF DATA

RETENTION AND DELETION

To ensure your privacy we will store Bubadu Identifier on our server for 3 days. Afterwards, it will be stored on our backup logs and on your device and we will use it only when needed for advertising for as long as you use our Services or until you delete the App. Cross promo data are deleted within three 3 days.

Your IP address, Bubadu identifier and raw data logs will be deleted within one (1) month and it takes one (1) additional month for us to delete backup logs.

Traffic information is erased or made anonymous when it is no longer needed for the purpose of the transmission or, in the case of payable services, up to the end of the period during which the bill may lawfully be challenged or payment pursued. Location information is stored to the extent and for the duration necessary for the provision of a value-added service.

TRANSFER

We store our data on the US territory so we will transfer the data to the US if you are using our Apps elsewhere. The data transfer provides appropriate safeguards by virtue of Digital Ocean having certified its compliance with the Privacy Shield and shall process such data in compliance with the Privacy Shield.

VII. SECURITY

We follow generally accepted industry standards and internal procedures to protect information submitted to us, both during transmission and once we receive it.

The information are encrypted and password protected and we have integrated commercially reasonable efforts to assure that your information remains secure when maintained by us, but please be aware that no security measures are perfect or impenetrable.

If you have any questions about security of our mobile applications, you can contact us at [email protected] We have implemented and shall maintain appropriate technical and organizational security measures to protect your data and to preserve the security and confidentiality.

VII. GENERAL

CHANGES TO THE PRIVACY POLICY

We may update this Privacy Policy to reflect changes in our information processing practices. We encourage you to periodically review this page for the latest information on our privacy practices. You will be informed about material changes to our data processing practices with local in-app notification and you can get acquainted with the changes by reviewing the Privacy Policy link available within the App.

CONTACT AND INFORMATION

If you have any questions, please contact us at: [email protected] or write to us to the address: Bubadu d.o.o., Bračičeva ulica 21, 1380 Cerknica, Slovenia, Europe.


Last updated on August 22, 2022