Privacy Policy

Last updated: 2018-05-27.

This Privacy Policy applies to your ("you", "the User", "the Player") use of the service Paper Fruits ("the Service", "the App", "the Game") by Pixel Ceremony Oy ("the Company", “us”, “our” or “we”).

This privacy policy describes:

  • What personal data we collect about you and why.
  • How we protect your personal data.
  • Who we share data with.
  • What rights you have regarding the data collection.

The latest version of this privacy policy is always available at http://www.paper-fruits.com/privacy-policy. If we make any material changes, we will post a message in the Service that you will see when you start the app. Your continued use of the Service is subject to the latest privacy policy.

The data we collect

The following details the data we collect, how long we retain the data (at maximum), and why we collect it. In addition to the retention periods mentioned below, your data may survive in backups for up to 90 additional days.

When we say that we gather data for "Analytics", we mean that the data is used for statistical purposes to understand player behaviour, so that we can make informed choices when improving the Service and future products and services. Analytics data is primarily processed in aggregated form so that data from an individual user cannot be distinguished.

Our employees may view your data, including "Analytics" data, individually only when:

  • it is necessary to fulfill a support request by you, or
  • it is necessary to investigate a technical issue affecting only a very small number of players, or
  • it is necessary to investigate cheating, fraud or threats to the security and stability of the Service or its users.

In these cases, we will avoid looking at all of your data and only look at what is necessary to resolve the issue at hand.

Our collection of analytics data is classified as a "legitimate interest" under the EU's General Data Protection Regulation ("GDPR").

Personal data collected to make the Service work

Data Retention Reason
The player name you chose 10 years This is shown to other players in multiplayer and in high score lists.
Hashed device identifier, shared by all applications on the device made by the Company. 10 years This identifies you to us and enables the app to use its online features, such as publishing high scores.

It is also used by analytics to associate new data with previous data.
Randomly generated public identifier 10 years Used for multiplayer connectivity to avoid broadcasting the hashed device identifier.
Facebook ID 1 year Only stored if you log in to Facebook in the game. Enables viewing the high scores of your friends.
Facebook IDs of friends also playing the game not stored For showing friends that play the same game and their scores, and to initialte multiplayer games between friends.
IP address 30 days (technical logs only) For investigating technical problems and detecting cheating, fraud and attacks.
Device ID for advertisers (on iOS) or Google Play advertiser ID (on Android) Depends on third party Collected by third party analytics providers, detailed below.

Non-personal data linked to personal data

Data Retention Reason
Gameplay statistics, such as various scores, ranks and ratings 10 years For displaying high score lists and for multiplayer matchmaking, and for analytics.
Platform type (e.g. 'Android' or 'iOS') 10 years For analytics.
Receipts of in-app purchases 1 year For analytics.
Device model and characteristics (e.g. display size, OS version) 1 year For analytics.
Technical performance data (e.g. frames per second and memory usage) 1 year For analytics.
Events during gameplay (e.g. "level completed with score X", "achievement Y unlocked", "multiplayer initiated with Z", last session duration) 1 year For analytics.
Number of Facebook friends also playing the game 1 year For analytics.
Number of player invites sent 1 year For analytics.
Technical errors (e.g. "null pointer exception") 1 year For analytics.

Data shared with third parties

We share some data with third parties that help us provide the Service or to do analytics processing. The third parties listed here are classified as "controllers" or "processors" of your data under the GDPR. As a brief and incomplete summary of what this means, "controllers" may use the data for their own purposes while "processors" may only operate on the data under our express instructions.

Data Third party Further information
Any analytics data mentioned above + device advertiser ID Unity Analytics Acts as a data processor and data controller for analytics data.

Collects data such as device type, country, device language, in-game behavior and purchases, IP address, Apple’s Advertising Identifier (IDFA), and Google Play advertising ID.

Their FAQ: https://unity3d.com/legal/gdpr
Their Privacy Policy: https://unity3d.com/legal/privacy-policy
Any analytics data mentioned above + device advertiser ID Flurry Acts as a data processor for analytics data.
In-app purchase receipts Google Play Your use of in-app purchases is covered by Google Play's Terms of Service.
In-app purchase receipts Apple App Store Your use of in-app purchases is covered by Apple's Terms of Service.
The fact that you use the Service Facebook Your use of Facebook in the Game is covered by Facebook's Terms of Service and Privacy Policy.

If you log in to Facebook in the Game, Facebook will know that you play the Game. Facebook will not be contacted if you do not log into Facebook in the Game.
All data Google Cloud Platform Acts as a data processor.

How we protect your data

We employ technical and administrative safeguards to protect your data against unauthorized access, alteration and loss. We implement a set of industry best practices, such as encryption and minimisation of access, in reasonable proportion with the sensitivity of the data we process.

Third party controllers and processors may transmit and process data outside the EU. We've taken steps to ensure that all transmission to and processing by third parties is done securely and complies with the GDPR.

Your rights and options

Under the GDPR, you have the following rights on all data that we hold on you or that any third party we've shared your data with holds on you:

  • You may request a copy of all the data.
  • You may request the deletion of all the data.
  • You may request that we correct any incorrect data.
  • You may restrict the processing of data e.g. if you need the data kept as evidence for a legal claim. Please see Article 18 of the GDPR for the exact conditions.
  • You may object to processing for direct marketing purposes.
  • You may object to processing for analytics purposes.

You can opt out of analytics in the privacy settings screen in the app. For anything else, please send an e-mail to support(at)pixelceremony.com. Fulfilling these requests may require certain actions within the App by you. We aim to fulfill these requests within 30 days, unless we are overwhelmed by the amount of such requests.

After a data deletion request has been fulfilled, your data may survive in backups for up to 90 additional days. If we restore a backup containing data you requested to be deleted, we will delete your data again.

Data deletion requests are device-specific.

If you resume your use of the app after a data deletion request has been fulfilled, more data may be collected.

We will keep a record of all correspondence regarding these requests for up to 1 year.

Age limits

We do not knowingly collect or solicit personal data about anyone under the age of 16 or knowingly allow such persons to use our Services. If you are under 16, please do not send any data about yourself to us, including your name, address, telephone number, or email address. No one under the age of 16 may provide any personal data. If we learn that we have collected personal data about a child under the age of 16, we will delete that data as quickly as possible. If you believe that we might have any data from or about a child under the age of 16, please contact us.

Contact

If you have questions or would like to exercise your rights regarding personal data we collect, please contact us at support(at)pixelceremony.com

  • Name of data controller: Pixel Ceremony Oy
  • Business ID: 2738036-5
  • Address: Pohjoiskaari 15 A 2, 00200 Helsinki, Finland