Last Updated: February 19, 2021
1. INFORMATION WE COLLECT
We collect information that alone or in combination with other information held by us could be used to identify you (" Personal Data") as follows:
Personal Data You Provide: We collect Personal Data when you interact with the Service or contact us. The Personal Data collected or processed during these interactions may vary based on what you choose to share with us, but it will generally include your username, password, email address, social media profile information, and contacts (including friends you have invited to the Service), and contacts stored on your device (in order to display them to you for social features).
Geolocation: We collect your location information while you use the App through various technologies, including your device IP address, the Wi-Fi access points you connect to the Service through, GPS coordinates (e.g. latitude/longitude), and mobile/cell tower triangulation methods. If you want to opt out of the collection of your location data, adjust your settings in your mobile device to limit the App's access to your location data.
In App Payments: Any payments you make through the Service are processed through your device by Apple, Inc. ("Apple") or Google, Inc. ("Google"). Such payments are subject to the privacy policies of Apple or Google, respectively, over which Illumix has no control. We do not receive financial information related to payments you make through the Service, but we may receive non-financial information such as your name, approximate physical location, and items purchased.
Personal Data We Collect Through Our Social Media Pages: We have pages on social media sites like Instagram, Facebook, Twitter, and LinkedIn ("Social Media Pages"). When you interact with our Social Media Pages, we will collect Personal Data that you elect to provide to us through your settings on the Social Media Site, such as your contact details. In addition, the companies that host our Social Media Pages may provide us with aggregate information and analytics regarding the use of our Social Media Pages.
Personal Data We Receive Automatically When You Use the App: We receive certain information automatically when you use the App:
- Device information: we may collect information about your device including the IP address, the device type, non-permanent resettable identifiers (i.e., advertising ID), the operating system version, data connection type (WiFi/mobile data), and name of your Mobile Service Provider. Information collected may depend on the type of device you use and its settings.
- Usage Information: we collect information related to the actions you take while playing games through the App in the Service (such as the moves you make during a game) and we also collect information related to your interaction with the App, such as the length of time you play a game, usernames you create, items you purchase in-game, camera usage (analytic data only, no capturing or transmission of images or video occurs), and diagnostics when errors are experienced (crash/error reporting).
Personal Data We Receive Automatically When You Use the Sites: When you visit, use and interact with the Sites, we may receive certain information about your visit, use or interactions. For example, we may monitor the number of people that visit our Sites, peak hours of visits, which page(s) are visited on our Sites, the domains our visitors come from (e.g., google.com, yahoo.com, etc.), and which browsers people use to access and visit our Sites (e.g., Firefox, Microsoft Internet Explorer, etc.), broad geographical information, and Site-navigation pattern. In particular, the following information is created and automatically logged in our systems:
- Log data: Information that your browser automatically sends whenever you visit the Sites ("log data"). Log data includes your IP address (so we understand which country you are connecting from when you visit the Sites), browser type and settings, the date and time of your request, and how you interacted with the Sites.
- Usage Information: We collect information about how you use our Sites, such as the types of content that you view or engage with, the features you use, the actions you take, and the time, frequency and duration of your activities.
- HOW WE USE PERSONAL DATA
We use Personal Data to provide the Service and allow you to play our augmented reality games, including tracking the activities you take while playing games in the Service to provide you with gameplay experiences based on the actions you have taken. This processing is necessary to perform our contract with you.
We also use Personal Data as necessary for the following legitimate business interests:
- To respond to your inquiries, comments, feedback or questions;
- To manage our relationship with you, which includes sending administrative information to you relating to our Service and changes to our terms, conditions, and policies, and asking you to leave a review or take a survey;
- To administer and protect our business and the Sites, prevent fraud, criminal activity, or misuses of our Sites, and to ensure the security of our IT systems, architecture and networks (including troubleshooting, testing, system maintenance, support and hosting of data); and
- To comply with legal obligations and legal process and to protect our rights, privacy, safety or property, and/or that of our affiliates, you or other third parties, and recover debts due to us.
For information about what we mean by legitimate interests and the rights of individuals in the European Union ("EU"), please see the "EU Users" section below.
We also use Personal Data with your consent, if required, to allow you to invite and connect with your friends through the Service and to track your location to provide you with gameplay experiences based on your real-world location.
Marketing. We may contact you to provide information we believe will be of interest to you. For instance, if you elect to provide your email address, we may use that information to send you promotional information about our products and services (such as to let you know that a game you are interested in is available for download). If we do, where required by law, for example if you are in the EU, we will only send you such emails if you consent to us doing so at the time you provide us with your Personal Data. You may opt out of receiving emails by following the instructions contained in each promotional email we send you or by contacting us. If you unsubscribe from our marketing lists, you will no longer receive marketing communications, but we will continue to contact you regarding our Sites and Services and to respond to your requests.
- HOW WE SHARE AND DISCLOSE PERSONAL DATA
In certain circumstances we may share your Personal Data with certain categories of third parties without further notice to you, unless required by the law, as set forth below:
- Vendors and Service Providers: To assist us in meeting business operations needs and to perform certain services and functions, we may share Personal Data with service providers, including hosting providers; email communication software providers and advertising providers; mapping platform providers; game development platforms; payment processors; and analytics services. Pursuant to our instructions, these parties will access, process or store Personal Data in the course of performing their duties to us.
- Business Transfers: If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of all or a portion of our assets, or transition of service to another provider, your Personal Data and other information may be shared in the diligence process with counterparties and others assisting with the transaction and transferred to a successor or affiliate as part of that transaction along with other assets.
- Legal Requirements: If required to do so by law or in the good faith belief that such action is necessary to (i) comply with legal or regulatory obligations, including to respond to lawful requests from public authorities and to meet national security or law enforcement requirements, (ii) protect and defend our rights or property, (iii) prevent fraud, (iv) act in urgent circumstances to protect the personal safety of users of the Sites, or the public, or (v) protect against legal liability.
- DATA RETENTION
If you have elected to receive marketing communications from us, we retain information about your marketing preferences until you opt out of receiving these communications and in accordance with our policies.
To determine the appropriate retention period for your Personal Data, we will consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure of your Personal Data, the purposes for which we use your Personal Data and whether we can achieve those purposes through other means, and the applicable legal requirements.
- UPDATE YOUR INFORMATION
If you need to change or correct your Personal Data, or wish to have it deleted from our systems, you may contact us at firstname.lastname@example.org. We will address your request as required by applicable law.
Our Service is not directed to children. Illumix does not knowingly collect Personal Data from children. If you have reason to believe that a child has provided Personal Data to Illumix through the Service please contact us and we will endeavor to delete that information from our databases. We consider children to be anyone younger than 16.
- EU USERS
Scope. This section applies to individuals in the EU (for these purposes, reference to the EU also includes the European Economic Area countries of Iceland, Liechtenstein and Norway, the United Kingdom, and, to the extent applicable, Switzerland).
Data Controller. Illumix is the data controller for the processing of your Personal Data. You can find our contact information, and the contact information of our EU-based representative, in the "Contact Us" section below.
Your Rights. Pursuant to the European Union General Data Protection Regulation (or GDPR), you have the following rights in relation to your Personal Data, under certain circumstances:
- Right of access: If you ask us, we will confirm whether we are processing your Personal Data and, if so, provide you with a copy of that Personal Data along with certain other details. If you require additional copies, we may need to charge a reasonable fee.
- Right to rectification: If your Personal Data is inaccurate or incomplete, you are entitled to ask that we correct or complete it. If we shared your Personal Data with others, we will tell them about the correction where possible. If you ask us, and where possible and lawful to do so, we will also tell you with whom we shared your Personal Data so you can contact them directly.
- Right to erasure: You may ask us to delete or remove your Personal Data, such as where you withdraw your consent. If we shared your data with others, we will tell them about the erasure where possible. If you ask us, and where possible and lawful to do so, we will also tell you with whom we shared your Personal Data with so you can contact them directly.
- Right to restrict processing: You may ask us to restrict or 'block' the processing of your Personal Data in certain circumstances, such as where you contest the accuracy of the data or object to us processing it (please read below for information on your right to object). We will tell you before we lift any restrictions on processing. If we shared your Personal Data with others, we will tell them about the restriction where possible. If you ask us, and where possible and lawful to do so, we will also tell you with whom we shared your Personal Data so you can contact them directly.
- Right to data portability: You have the right to obtain your Personal Data from us that you consented to give us or that was provided to us as necessary in connection with our contract with you, and that is processed by automated means. We will give you your Personal Data in a structured, commonly used and machine-readable format. You may reuse it elsewhere.
- Right to object: You may ask us at any time to stop processing your Personal Data, and we will do so:
- If we are relying on a legitimate interest to process your Personal Data — unless we demonstrate compelling legitimate grounds for the processing or we need to process your data in order to establish, exercise, or defend legal claims;
- If we are processing your Personal Data for direct marketing. We may keep minimum information about you in a suppression list in order to ensure your choices are respected in the future and to comply with data protection laws (such processing is necessary for our and your legitimate interest in pursuing the purposes described above);
- Right to withdraw consent: If we rely on your consent to process your Personal Data, you have the right to withdraw that consent at any time. Withdrawal of consent will not affect any processing of your data before we received notice that you wished to withdraw consent.
- Right to lodge a complaint with the data protection authority: If you have a concern about our privacy practices, including the way we handled your Personal Data, you can report it to the data protection authority that is authorized to hear those concerns (in the UK, the Information Commissioner's Office (ICO), who can be contacted at https://ico.org.uk/concerns, and in other EU countries the data protection authority of the country in which you are located).
Please see the "Contact Us" section below for information on how to exercise your rights.
Illumix is based in the U.S. The U.S. may have data protection laws less stringent than or otherwise different from the laws in effect in the EU. Transfers of your Personal Data to Illumix in the U.S. are necessary to perform the agreement we have entered into, or are about to enter into, with you.
Before July 16, 2020, we relied on our EU-U.S. Privacy Shield certification to transfer Personal Data that we received from the EU to Illumix in the U.S. but on July 16, 2020, the European Court of Justice ruled that the EU-U.S. Privacy Shield is no longer available for these data transfers. Before September 8, 2020, we relied on our Swiss-U.S. Privacy Shield certification to transfer Personal Data that we received from Switzerland to Illumix in the U.S. but on September 8, 2020 the Swiss Federal Data Protection and Information Commissioner determined that the Swiss-U.S. Privacy Shield is no longer available for these data transfers. We continue to comply with the Privacy Shield Principles described in the "Privacy Shield" section below as required by the U.S. Department of Commerce.
- PRIVACY SHIELD
General. We rely on our Privacy Shield certification to transfer Personal Data that we receive from the EU and Switzerland to Illumix in the U.S. and we process such Personal Data in accordance with the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability ("Privacy Shield Principles"), as described below.
Accountability for Onward Transfers. We may be accountable for the Personal Data we receive under the Privacy Shield that we may transfer to third-party service providers (described in the section "How We Share and Disclose Personal Data" above). If such service providers process Personal Data in a manner inconsistent with the Privacy Shield Principles, we are responsible for the harm caused.
Access. EU users have certain rights to access, correct, amend, or delete Personal Data where it is inaccurate, or has been processed in violation of the Privacy Shield Principles. Please see the "Your Rights" section above for more information on the rights of users in the EU (and, to the extent applicable, users in Switzerland).
Recourse, Enforcement, Liability. In compliance with the Privacy Shield Principles, Illumix commits to resolve complaints about our processing of your Personal Data. EU and Swiss users with inquiries or complaints regarding this Privacy Shield Policy should first contact Illumix at: email@example.com.
We have further committed to refer unresolved Privacy Shield complaints to an alternative dispute resolution provider. If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider JAMS (free of charge) at https://www.jamsadr.com/eu-us-privacy-shield.
If your complaint is not resolved through these channels, under certain conditions a binding arbitration option may be available before a Privacy Shield Panel. For additional information, please visit: https://www.privacyshield.gov/article?id=ANNEX-I-introduction.
We are subject to the investigatory and enforcement powers of the Federal Trade Commission with respect to Personal Data received or transferred pursuant to the Frameworks.]
- CALIFORNIA PRIVACY RIGHTS DISCLOSURES
Where provided for by law and subject to any applicable exceptions, California residents may have the right:
- To know the categories of Personal Data that Illumix has collected about you, the business purpose for collecting your Personal Data, and the categories of sources from which the Personal Data was collected;
- To access the specific pieces of Personal Data that Illumix has collected about you;
- To know whether Illumix has disclosed your Personal Data for business purposes, the categories of Personal Data so disclosed, and the categories of third parties to whom we have disclosed your Personal Data;
- To have Illumix, under certain circumstances, delete your Personal Data;
- To instruct businesses that sell Personal Data to stop doing so – Illumix, however, does not sell Personal Data; and
- To be free from discrimination related to the exercise of these rights.
If you would like to exercise any or all of these rights, you may do so by emailing us at firstname.lastname@example.org or submitting a request to email@example.com. After we receive your request, we may request additional information from you to verify your identity. Your authorized agent may submit requests in the same manner, although we may require the agent to present signed written permission to act on your behalf, and you may also be required to independently verify your identity with us and confirm that you have provided the agent permission to submit the request.
- LINKS TO OTHER WEBSITES
- TEXT MARKETING TERMS & CONDITIONS
We are using a text messaging platform, which is subject to the following terms and conditions. By opting-in for our text marketing and notifications in, you agree to these terms and conditions. By entering your phone number in the checkout and initialising a purchase, subscribing via our subscription form or a keyword, you agree that we may send you text notifications (for your order, including abandoned cart reminders) and text marketing offers. You acknowledge that consent is not a condition for any purchase. Your phone number, name and purchase information will be shared with our SMS platform "SMSBump Inc, a European Union company with offices in Sofia, Bulgaria, EU. This data will be used for sending you targeted marketing messages and notifications. Upon sending the text messages, your phone number will be passed to a text messages operator to fulfill their delivery.
If you wish to unsubscribe from receiving text marketing messages and notifications, reply with STOP to any mobile message sent from us or use the unsubscribe link we provided you with in any of our messages. You understand and agree that alternative methods of opting out, such as using alternative words or requests will not be accounted as a reasonable means of opting out. Message and data rates may apply.
For any questions please text "HELP" to the number you received the messages from. You can also contact us for more information. If you wish to opt out please follow the procedures above.
You use the Service at your own risk. We comply with industry standards to protect Personal Data both online and offline from loss, misuse, and unauthorized access, disclosure, alteration or destruction. However, no Internet or e-mail transmission is ever fully secure or error free. In particular, e-mail sent to or from us may not be secure. Therefore, you should take special care in deciding what information you send to us via the Service or e-mail. Please keep this in mind when disclosing any Personal Data to Illumix via the Internet. In addition, we are not responsible for circumvention of any privacy settings or security measures contained on the Service, or third party websites.
- YOUR CHOICES
Whether or not you provide Personal Data to us is completely up to you, but if you choose not to provide information that is needed to use some features of our Sites, you may be unable to use those features. You can also contact us to request access to your data or to ask us to update, correct, or delete your Personal Data.
- CONTACT US
If you are an individual in the EU, you can also contact VeraSafe Ireland Ltd. ("VeraSafe"), who has been appointed as Illumix's representative in the EU pursuant to Article 27 of the GDPR on matters related to the processing of personal data activities that take place in the EU.
To make such an inquiry, please contact VeraSafe at:
or via telephone at: +420 228 881 031.
Alternatively, VeraSafe can be contacted at:
VeraSafe Ireland Ltd.
Unit 3D North Point House
North Point Business Park
New Mallow Road
If you are an individual in the UK, you can also contact VeraSafe, who has been appointed as Illumix's representative in the UK pursuant to Article 27 of the UK GDPR on matters related to the processing of personal data activities that take place in the UK.
To make such an inquiry, please contact VeraSafe at:
or via telephone at: +44 (20) 4532 2003.
Alternatively, VeraSafe can be contacted at:
VeraSafe United Kingdom Ltd.
37 Albert Embankment
London SE1 7TL