Privacy Policy

Effective date: Oct 2025

This Privacy Policy explains how we collect, use, share, and protect information when you visit viper.gs (the “Website”) and when you use our mobile games and applications published on Google Play and the Apple App Store (each an “App”, together with the Website, the “Services”). It also explains the choices and rights available to you.

We are the data controller for the processing described in this Policy. Some processing is performed on our behalf by service providers acting as data processors.

Who we are: Viper Games, LLC, a Delaware limited liability company (the “Company”, “we”, “our”, “us”).

1) Information we collect

We collect only the information necessary for operating, securing, and improving the Services, and for monetization where applicable.

A. Information you provide directly

  • Contact information (e.g., email address, name, messages) when you contact support or sign up for newsletters.
  • Feedback you submit in surveys, beta programs, or forms.

B. Information collected automatically

  • Device and technical data: device model, OS version, language, IP address, time zone, country, screen resolution, app version, and resettable identifiers (e.g., Android Advertising ID (AAID) and Apple ID for Advertisers (IDFA)). On iOS, we request permission via App Tracking Transparency (ATT) where required.
  • App activity & interactions: gameplay events, session duration, feature usage, level progress, and impression/click data on in‑app ads.
  • Diagnostics & crash data: crash logs, performance metrics, and error traces.
  • Purchase & payments data: purchase tokens/receipts, product identifiers, price, currency, and status (we do not receive full payment card data; purchases are processed by Google Play and Apple In‑App Purchases).
  • Cookies & similar technologies (Website): cookies, local storage, pixels, and beacons used for core functionality, analytics, and (where applicable) advertising.

C. Information from partners

We may receive aggregated or pseudonymous information from analytics, advertising, crash‑reporting, and anti‑fraud providers about your engagement with the Services or ads.

2) How we use information (purposes)

  • App functionality & operations: run gameplay features, entitlement checks (e.g., IAP), save progress, prevent fraud, secure accounts, and provide customer support.
  • Analytics & improvement: measure performance, fix bugs, balance game difficulty, and understand features players enjoy.
  • Personalization (where enabled): tailor difficulty, content surfacing, or frequency of certain events.
  • Advertising & monetization (where enabled): show ads and measure their performance; cap frequency; detect invalid traffic.
  • Communications & push notifications: send service messages (e.g., critical updates) and, with your consent where required, push notifications about updates, events, or offers (you can turn these off in device settings).
  • Legal & compliance: enforce our Terms, comply with law, protect our rights and users.

2a) Generative‑AI assets (transparency)

We produce some game/art/audio/text assets using generative‑AI tools. This concerns how we create content and does not involve using your personal data.

  • We do not use your personal data to train or fine‑tune our models or third‑party generative models.
  • We do not perform biometric identification or attempt to infer sensitive attributes from your data.
  • If we later introduce player‑facing AI features that process user content, we will provide a separate notice and controls (and consent where required).

3) Legal bases (EEA/UK)

Where GDPR/UK GDPR applies, we rely on:

  • Consent: for storing/reading non‑essential cookies and for personalized advertising.
  • Contract: to deliver Services you request (e.g., gameplay, purchases).
  • Legitimate interests: to perform non‑intrusive analytics, ensure security, and prevent fraud, balanced against your rights.

You may withdraw consent at any time via in‑app settings or the Website banner.

4) Sharing of information

We share information only as necessary:

  • Service providers (processors): cloud hosting, analytics, crash reporting, customer support tools, anti‑fraud, quality assurance, and email delivery.
  • Advertising/mediation partners (controllers): to show ads and measure performance, subject to your consent where required.
  • Platform providers: Google Play Billing and Apple In‑App Purchases for transaction processing and distribution.
  • Corporate transactions: as part of a merger, acquisition, or asset sale.
  • Legal reasons: to comply with law or protect users, our rights, or the security of the Services.

Examples of partner categories (exact partners may vary by title and region): Google/Firebase (Analytics, Crashlytics, Remote Config), Google AdMob and mediation partners, Unity Ads/LevelPlay, Adjust/Tenjin (attribution), Google Play Billing / Apple In‑App Purchases, and cloud/hosting/CDN vendors. Our active partner list can be requested at privacy@viper.gs.

We do not sell your personal information in the traditional sense. Where “sale” or “sharing for cross‑context behavioral advertising” is defined by law (e.g., California), we honor opt‑out rights—see Section 8.

5) International transfers

We operate globally. Where data is transferred outside your country (including to the United States, EU, or Türkiye), we use appropriate safeguards such as Standard Contractual Clauses (SCCs) or other lawful transfer mechanisms.

6) Retention

  • Crash & diagnostics: typically up to 24 months.
  • Analytics events: typically 24 months.
  • Purchase records: as required by tax, accounting, and audit laws (generally 5–10 years in many jurisdictions).
  • Support communications: up to 24 months after ticket closure.
  • Consent & preference logs: cookie banner choices, ad consent, opt‑out records retained 2–5 years, as required by law.

We may retain minimal records to honor deletion requests and legal holds.

7) Your rights

Depending on where you live, you may have rights to access, correct, delete, restrict, object to processing, portability, or withdraw consent.

  • EEA/UK (GDPR): You may object to processing based on legitimate interests and withdraw cookie/ad consent at any time. You may also lodge a complaint with your local supervisory authority (EEA list via the EDPB; UK ICO). We generally respond within 30 days, extendable where permitted.
  • California (CPRA): Rights to know, delete, correct, and opt‑out of sale/sharing; you may use an authorized agent and will not be discriminated against for exercising rights. We respond within 45 days (extendable once by 45 days).
  • Türkiye (KVKK): You may apply to us regarding your rights under Law No. 6698; we will respond within statutory timelines.

To exercise any right, contact privacy@viper.gs. We may verify your identity and region before acting on a request. If we decline your request as permitted by law, you may appeal by replying to our decision email.

8) Your choices (consent, ads, cookies)

  • In‑App privacy controls: Open Settings ▸ Privacy ▸ Data Controls to manage analytics/ad consent and to Delete My Data.
  • Android advertising ID: Reset or limit ad tracking in your device settings.
  • iOS tracking: Change your choice under iOS Settings ▸ Privacy & Security ▸ Tracking (ATT).
  • Website cookies: Use the banner to accept/reject non‑essential cookies; you can also adjust your browser settings and clear cookies. We honor Global Privacy Control (GPC) signals where legally required.
  • California: To opt out of “sale” or “sharing” for cross‑context behavioral advertising, use the “Do Not Sell or Share My Personal Information” link in the Website footer or the in‑app privacy menu.

9) Children’s privacy

Our Apps are intended for a general audience and are not directed to children under 13 (or the age defined by local law). We do not knowingly collect personal information from children without appropriate consent. If you believe we have collected data from a child, contact privacy@viper.gs and we will take appropriate steps.

10) Security

We use technical and organizational measures appropriate to the risks of our processing (e.g., encryption in transit, access controls, and logging). No system is perfectly secure, and you use the Services at your own risk.

11) Automated decision‑making

We do not use solely automated decisions that produce legal or similarly significant effects about you. We may use analytics and telemetry to adjust difficulty or surface content, but you can opt out of personalization where offered.

12) Data breach notifications

If a data breach occurs that is likely to result in a risk to your rights and freedoms, we will notify affected users and, where applicable, relevant authorities without undue delay and in accordance with applicable laws.

13) How to contact us

Viper Games, LLC

14) Changes to this Policy

We may update this Policy from time to time. The “Effective date” shows when it was last revised. Material changes will be notified within the Services or by other reasonable means.