top of page
Kronos Studios Inc

Privacy Policy

This Privacy Policy applies to the upcoming game product (hereinafter referred to as "this Product") developed by Kronos Studios Inc. (hereinafter referred to as "we"). We deeply value user privacy, and this Privacy Policy is intended to clearly inform you of how we collect, use, store, share and protect your personal information during the operation of the Product, as well as the rights you enjoy. This Policy complies with the requirements of relevant U.S. laws and regulations such as the California Consumer Privacy Act (CCPA), the Children's Online Privacy Protection Act (COPPA), and Google Developer Policies.

I. Information We Collect and Related Permission Instructions

1.1 Sensitive Permissions and Corresponding Information Collection

The collection of sensitive permissions is for the purpose of realizing the core or specific functions of the Product, and will only be activated after obtaining your explicit authorization and consent, as follows:

  • Location Permission: If this Product includes location-based game functions (such as regional leaderboards, offline linkage activities, etc.), we will collect your approximate location information (derived from IP address) or precise location information (obtained through the device's GPS module) after your authorization. The collection method is real-time acquisition through the device system interface, and we only collect this information from users who use the relevant functions. This information will not be shared with any third parties, nor will it be traded for commercial purposes.

  • Camera Permission: If this Product includes functions such as avatar customization and AR gameplay, we will obtain image information through the device camera after your authorization. The collection method is real-time capture and temporary storage only locally (additional consent will be obtained if upload is required), and we only collect this information from users who use the relevant functions. This information will not be shared with any third parties, nor will it be traded for commercial purposes.

  • Microphone Permission: If this Product includes functions such as voice chat and voice command control, we will collect voice information through the device microphone after your authorization. The collection method is real-time recording and encrypted transmission, and we only collect this information from users who use the relevant functions. This information is only used to realize voice interaction functions, will not be shared with any third parties, nor will it be traded for commercial purposes.

  • Contacts Permission: If this Product includes social functions such as friend invitations and friend assistance, we will read your address book contact information (only obtain contact name and mobile phone number/account association information) after your authorization. The collection method is reading through the device system interface, and we only collect this information from users who use the relevant social functions. This information is only used to help you quickly invite friends; we will not store complete address book information, nor will it be shared or sold to third parties.

1.2 General Permissions and Corresponding Information Collection

  • Storage Permission: To realize functions such as game resource caching and local backup of user data (such as game saves), we will access the device's internal storage or external storage after your authorization. The collection method involves reading and writing game-related data packets, save files, etc., and this information is collected from all users who use this Product. This information will not be shared with third parties nor sold.

  • Device Information Permission: To ensure the stable operation of the game, conduct anti-cheating detection and adapt to different devices, we will strictly comply with the specifications for device identifiers in the Google Play Developer Policies. We will not collect non-resettable identifiers such as IMEI, and only collect device model, operating system version, Android ID (which will be encrypted and anonymized and only used for device identification during the app lifecycle), hardware configuration and other information. The collection method is automatic acquisition through the device system interface, and we only collect information directly related to function implementation from users of this Product. This information will not be shared with third parties nor sold, and we will regularly audit the anonymized data to ensure compliance.

1.3 Information Sharing and Sale Instructions

We will not sell your personal information to any third party for commercial gain. Except for the following circumstances, we will not share your personal information with any third party: 1) Third parties that have obtained your explicit authorization and consent; 2) Partners necessary for realizing the functions of this Product, such as service providers providing server hosting services (they can only access encrypted information and must abide by confidentiality obligations); 3) Situations where provision is required in accordance with legal and regulatory requirements or mandatory orders from government departments.

1.4 Information Storage Server Instructions

The user information we collect will be stored in a server cluster located in California, USA, provided by Amazon Web Services (AWS). All data will be encrypted during transmission and storage to ensure information security.

II. Information Security Assurance Measures

To protect the security of your personal information, we have adopted multi-level technical and management assurance measures:

  1. Data Encryption Technology: User information adopts the SSL/TLS encryption protocol during transmission and the AES-256 encryption algorithm for encryption during storage to ensure the security of data in both transmission and storage links.

  2. Access Control Mechanism: We have established a strict employee access authority management system. Only personnel in necessary positions are authorized to access user information, and all access behaviors are recorded in real time and audited regularly.

  3. Security Audit and Monitoring: We have deployed a professional security monitoring system to monitor abnormal behaviors in servers and data transmission in real time. We also conduct regular security audits and penetration tests to promptly detect and fix potential security vulnerabilities.

  4. Emergency Response Mechanism: We have formulated a complete emergency response plan for data security incidents that complies with the California Consumer Privacy Act (CCPA) and Google Developer Policies. In the event of a security incident such as data leakage, we will notify you through your reserved email or in-app notification within 72 hours of discovering the incident (including the type of leaked information, scope of impact and remedial measures), and simultaneously report to the U.S. Federal Trade Commission (FTC) and relevant state regulatory authorities. At the same time, we will keep incident handling records for at least 24 months for regulatory inspection.

III. Data Retention and Deletion Mechanism

3.1 Data Retention Period

For your personal information, we will retain it for the necessary period to achieve the collection purposes stated in this Policy, as follows: 1) During the existence of your user account, we will retain information related to the account (such as account name, game saves, etc.); 2) If you cancel your account, we will delete your personal information within 15 working days after the account cancellation is completed, or anonymize it so that it cannot be associated with a specific individual; 3) For information necessary to perform legal and regulatory obligations or resolve disputes, we will retain it for another 12 months after the obligations are fulfilled or the disputes are resolved, and then delete or anonymize it.

3.2 Data Deletion Method

When data reaches the retention period or you apply to delete personal information, we will adopt the following deletion methods: 1) Locally stored data: Completely deleted through device system interface commands; 2) Server-stored data: Completely deleted by "multiple overwriting" to ensure that data cannot be recovered; 3) Partner-stored data: If it involves information stored by partners, we will notify the partners to delete it synchronously and require them to provide a deletion certificate.

IV. Your Rights

In accordance with relevant U.S. laws and regulations and Google Developer Policies, you enjoy the following rights regarding personal information, and we will provide you with convenient ways to exercise them:

  1. Right to Know: You have the right to know the specific circumstances of our collection, use, storage and sharing of your personal information. You can inquire through this Privacy Policy or contact our customer service for more detailed information.

  2. Right to Access: You have the right to access your personal information, including your account information, game saves, authorized permission list, etc. You can query it by yourself through the "Settings-Personal Center-My Information" module in the Product.

  3. Right to Correct: If you find that your personal information is incorrect or incomplete, you have the right to request us to correct it. You can correct it yourself through relevant modules in the Product (such as account nickname, avatar, etc.). For information that cannot be corrected by yourself, you can contact customer service for assistance.

  4. Right to Delete: In accordance with the provisions of laws and regulations, you have the right to request us to delete your personal information. You can apply to cancel your account through the "Settings-Account Security-Cancel Account" module in the Product to delete information, or directly contact customer service to apply for deletion of specific information.

  5. Right to Withdraw Authorization: You have the right to withdraw authorization for various permissions. You can adjust the permission status by yourself through the "Settings-Privacy-Permission Management" module in the Product, or withdraw authorization through the permission management function in the device system settings. After withdrawing authorization, we will no longer collect corresponding information, but it will not affect the legal use of information collected based on authorization before.

  6. Right to Opt-Out of Sale and Sharing: In accordance with the requirements of CCPA and CPRA (California Privacy Rights Act), we clearly will not sell or "share" (referring to disclosure for cross-context behavioral advertising purposes) your personal information to any third party. If future business model changes may involve the above-mentioned behaviors, we will set up a dedicated "Privacy Center" in the Product to provide a clear one-time opt-out option (Opt-Out Preference Signal) that complies with industry technical standards, and notify you 30 days in advance via email or in-app notification.

V. Minor Usage Regulations

We attach great importance to the privacy protection of minors and strictly abide by the requirements of the Children's Online Privacy Protection Act (COPPA). The specific regulations are as follows:

  1. This Product strictly complies with COPPA requirements and does not provide services to minors under the age of 13. We will conduct preliminary screening through an age verification mechanism during user registration (such as integrating third-party age verification services). If a user is found to be a minor under the age of 13, we will immediately terminate the service and delete all their personal information (including locally cached data) within 7 working days, while recording the deletion log. If a guardian finds that a minor has registered by mistake, they can contact us to provide guardianship certification and the minor's account information, and we will complete the verification and processing within 3 working days.

  2. For minors aged 13 to 18, they must obtain the consent of their parents or legal guardians before using this Product. The personal information provided by minors during use is deemed to have obtained guardian consent.

  3. Guardians have the right to check, correct or delete the minor's personal information, and also have the right to request us to terminate the provision of services to the minor. Guardians can contact us through the channels provided in the "Contact Information" section of this Policy, and we will cooperate with the processing in a timely manner after verifying the guardian's identity.

VI. Use of Cookies

To enhance the game experience, realize personalized services and conduct data analysis, we will use Cookies technology when you use this Product. The specific instructions are as follows:

  1. Cookies are small text files stored locally on your device, which can help us identify your device, record your game preferences (such as language settings, image quality selection, etc.), and track game usage to optimize product performance.

  2. The Cookies and similar technologies (such as SDK local storage) we use strictly comply with Google Developer Policies and are divided into necessary and functional categories: Necessary Cookies are only used to ensure core functions such as account login status and game progress saving; they cannot be disabled and are not used for advertising purposes. Functional Cookies are used to remember personalized services such as game quality settings and language preferences. You can directly turn them off through "Product Settings-Privacy Center-Cookies Management" or disable them through device browser settings. We will not use Cookies data for cross-app tracking or behavioral advertising, and all Cookies will be marked with a validity period (maximum 13 months).

  3. We will not collect sensitive personal information through Cookies, nor will we sell the information in Cookies to third parties. The retention period of Cookies is consistent with the data retention period, and you can manually delete the Cookies files in the device at any time.

VII. Policy Updates

This Privacy Policy may be revised accordingly with the update of laws and regulations, the iteration of product functions or the adjustment of business models. We will notify you through the following methods: 1) After this Product is launched, if there are major changes to the Policy, we will pop up a prompt window on the Product login interface, requiring you to read and confirm the new Policy; 2) For non-major changes, we will update it on the "Settings-About-Privacy Policy" page in the Product and mark the update date.

After this Policy is revised, it will take effect from the date you confirm your consent; if you continue to use this Product after the Policy update, it will be deemed that you have accepted the revised Privacy Policy. We recommend that you review this Policy regularly to learn about the latest privacy protection measures.

VIII. Contact Information

If you have any questions, suggestions about this Privacy Policy, or need to exercise your rights related to personal information, please contact us through the following methods:

We will reply within 15 working days after receiving your contact request and provide corresponding assistance according to your needs.

Kronos Studios Inc.

October 31, 2025

bottom of page