We, 10K RIDERS PUBLISHING LTD (hereinafter referred to as “10k Riders”), the company acting and organized under the laws of the Republic of Cyprus, with address: Archiepiskopou Makariou III, 155 PROTEAS HOUSE, 5th floor, 3026, Limassol, Cyprus, represented by Director Popi Charalampous, care about personal data security and comply with all the laws and regulations on the personal data protection, including European Union General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA). Our users can be sure that their privacy and protection of their personal information are the most significant values for 10k Riders.
1. Key Terms and Definitions
In order to clarify the meaning of the specific provisions of this Policy we provide the following definitions of the terms used in the Policy:
1.1. “Personal data” or “personal information” refers to any kind of information that can identify you as personal data subject, including your online identifier, e-mail, login, name etc.
1.2. “10k Riders”, “we”, “us”, or “our” refer to 10k Riders Publishing Limited.
1.3. “10k Riders User”, “10k Riders Users”, “you”, “your”, “personal data subject”, or “personal data subjects” refer to the users of 10k Riders Services.
1.4. “Personal data subject” or “personal data subjects” refer to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly, or indirectly by reference to one or more identifiers, including online identifier, e-mail, tracking data.
1.5. “Service” or “Services” refer to applications for mobile platforms or devices and web applications, including web applications accessible on third-party social networking services – “SNS” (collectively referred to as “10k Riders Applications”), and advertisements implemented into 10k Riders Applications, web-pages of 10k Riders at application stores (AppStore, Google Play etc.), accounts, pages, and societies of 10k Riders in social networks (Facebook, Instagram etc.), chats and online dialogues implemented by 10k Riders into 10k Riders Applications, web domains and subdomains of 10k Riders and 10k Riders’s partners using the Services of 10k Riders, including 10k Riders.com (collectively referred to as “Sites”), and other web forums or messaging boards in 10k Riders Applications and our Sites (collectively referred to as “Forums”).
“10k Riders Applications” refer to applications:
– that were developed by 10k Riders;
– that were developed by a third party but were published on behalf of 10k Riders under exclusive, sole, permanent, world-wide, transferable, sub-licensable and unlimited license.
1.6. “In-Game Account” refers to the account created by 10k Riders User on one of the 10k Riders Applications.
1.7. “Processing” refers to any operation or set of operations which is performed on personal data, such as collection, storage, use, transfer, deletion, destruction, retrieval, and any other operation in respect of the personal data.
1.8. “Controller” refers to 10k Riders as a legal entity which determines the purposes and means of the processing of personal data.
1.9. “Recipient” refers to a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not.
1.10. “Processor” refers to a natural or legal person, public authority, agency or other body which processes personal data on behalf of 10k Riders.
1.11. “Third Party” or “Third Parties” refer to a natural or legal person, public authority, agency, or body, other than a processor, that can receive personal data from a controller.
1.12. “Consent” refers to freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she signifies agreement to the processing of personal data relating to him or her.
2. Consent to Processing of Personal Data
2.1. Your freely given consent forms a legal basis for the processing of your personal data by 10k Riders. By giving such consent you also confirm the understanding that your personal data may be transferred to both EU and non-EU countries under Section 7 of this Policy.
2.3. The dialog box specified in para.2.12 of this Policy will also contain the statement “I confirm that I am 16+ (or holding parental responsibility)”. There will also be a box next to the statement provided in this paragraph of the Policy by ticking which either you confirm that you are 16 years of age or more, or the person holding parental responsibility over you consents to the processing of your personal data.
2.4. You have a right to withdraw your consent to the processing of your personal data at any time. If you would like to withdraw your consent, please send us the verifiable request via e-mail firstname.lastname@example.org. In the verifiable request, please identify your online identifier (such as Game Center ID) or other identifiers by which we can identify the personal data related to your use of our Services. However, we cannot guarantee that after the withdrawal of your consent you will be able to use all the features of the Services. To learn more about the opportunities of obtaining the full access to the Services of 10k Riders, please read our Terms of Service by following the link https://10k Riders.com/terms_of_service
2.5. If you send us the request to withdraw your consent in accordance with para.2.4 of this Policy, you also have the right to request the erasure (deletion) of your personal data that we collected during your use of our Services. Please send us the verifiable request via e-mail email@example.com. We will not be able to erase your personal data if the processing of this personal data is necessary for the performance of our Terms of Service that you agreed to, for the compliance with legal obligations of 10k Riders, or when there are other legal grounds for processing your personal data established by GDPR.
3. Controllers and Processors of Your Personal Data
3.1. 10k Riders is the Controller of your personal data that determines the purposes and means of processing your personal data by establishing this Policy and by concluding contracts on processing with other legal entities that 10k Riders involves in processing of your personal data as Processors.
3.2. The following categories of legal entities are involved in processing your personal data as Processors:
3.2.1. Legal entities that provide attribution tracking mechanisms, ad mediation services and ad networks services in respect of 10k Riders Applications;
3.2.2. Legal entities that use the analytical tools in respect of the behavior of 10k Riders Users and their use of 10k Riders Applications and other Services;
3.2.3. Legal entities that use advertising networks for promoting 10k Riders Applications and other Services;
3.2.4. Legal entities that use the personal data received from the Controller for developing and improving 10k Riders Applications under the written contract with 10k Riders;
3.2.5. Legal entities that store processed personal data of 10k Riders Users.
3.3. The Processors determined in para.3.2 of this Policy process your personal data only under and to the extent provided by the written contracts concluded between the Controller and the Processors. Such written contracts do not violate the Processors’ obligations provided in Art.28 GDPR and your rights as personal data subjects.
4. The Categories of Personal Data 10k Riders Collects from You
4.1. In order to provide you with our Services, we can collect and further process the following categories of your personal data:
4.1.1. Your Identifier for Advertisers (IDFA) or other kinds of Device ID that aggregate all the tracking information on how you use our Services through your device (hereinafter referred to as “Device ID”). You can get information on what is Device ID by following the link https://www.appsflyer.com/mobile-attribution-glossary/device-id/. To learn more about IDFA and how it is used in tracking technologies, please follow the link https://www.appsflyer.com/mobile-attribution-glossary/idfa/
4.1.2. Your online identifier that directly or indirectly identifies you as personal data subject, including but not limited to Facebook ID, Google Play ID, Game Center ID etc. To learn more about online identifiers, please follow the link https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/what-is-personal-data/what-are-identifiers-and-related-factors/. For the purposes of this Policy, the term “online identifiers” also includes profile names that you use in social networks for communication with other 10k Riders Users and 10k Riders.
4.1.3. Your e-mail address.
4.1.4. Your login or in-game nickname and password that you can create by obtaining access to 10k Riders Applications.
4.1.5. First and family names of 10k Riders Users.
4.1.6. Mobile telephone number.
4.1.7. Country of residence.
4.2. Besides, when you contact us through our web-site https://10000Riders.com/ or other Sites of 10k Riders, you may be required to provide us with the information about your IT-project that you would like to publish and promote by use of our Services.
4.3. We do not collect sensitive Information: we do not ask you to send us, and you do not disclose, any sensitive personal data (such as social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, criminal background or trade union membership) on or through the 10k Riders Services or otherwise.
5. How We Obtain and Further Process Your Personal Data
5.1. Our Processors determined in para.3.2.1 of this Policy implement into the 10k Riders Applications attribution tracking technologies and track the use of the device (e.g. smartphone) by 10k Riders User. In doing this, such Processors use the Device ID of the device that aggregates all the personal data on the behavior of the device user. In particular, such Device ID can aggregate personal data on what web-resources the device user visited, which ads did the device user click, what applications for mobile devices did the user buy or download, how many application launches did the device user make. When 10k Riders User downloads or installs and launches 10k Riders Application, the 10k Riders Application obtains the information about the Device ID that belongs to the device of the 10k Riders User, and tracks all the behavioral personal data aggregated on this Device ID. Besides, when you launch the 10k Riders Application, we can also receive and process your personal data specified in para.4.1.7 of this Policy for purposes determined in Section 6 of the Policy.
5.3. When 10k Riders User creates an In-Game Account, he or she is required to provide 10k Riders with an online identifier of such 10k Riders User (such as Facebook ID or Google Play ID). 10k Riders User may also be required to provide 10k Riders with login or nickname used in 10k Riders Application and password created by 10k Riders User for the protection of In-Game Account. Some of the 10k Riders Applications can also require 10k Riders User to provide first and family names, e-mail address, and the mobile telephone number needed for creation of In-Game Account.
5.4. Besides, when you create an In-Game Account, you may provide us with personal data specified in paras.4.1.8 and 4.1.9 of this Policy, or you can allow us to obtain and process such personal data by providing us with consent on obtaining these types of personal information from your profile in a social network (e.g. Facebook). To learn more about the purposes of processing such personal data, please read Section 6 of this Policy.
5.5. The Controller can transfer personal data specified in para.5.3 of this Policy to the Processors determined in para.3.2.5 of the Policy for storage. The Controller can transfer online identifiers specified in para.5.3 of this Policy to the Processors determined in para.3.2.4 of the Policy for improvement and further development of 10k Riders Applications. All the purposes of processing your personal data are listed in Section 6 of this Policy.
5.6. If you provide us with the personal information determined in para.4.2 of this Service, we store and use your personal data solely for the purpose of negotiating with you on the terms of the contract with 10k Riders on the publishing and promotion of your IT-project.
5.7. If you chat, leave comments or feedback, or otherwise use our Sites for the purposes of communication with other 10k Riders Users or 10k Riders itself, we can store and use your profile names for the purposes of profile advertising.
5.8. If you use our Sites or Forums for purposes of communication and violate this Policy or our Terms of Service, we have the right to block your In-Game Account or otherwise block or restrict your access to the Services of 10k Riders, including block of access to our social network accounts and pages.
5.9. We store your personal data for the period of your use of our Services and until you have an active and valid In-Game Account. If we or you block or delete your In-Game Account or you otherwise cease to use our Services, we will continue to process personal data that was collected before the deletion of your In-Game Account or before the moment you otherwise ceased to use our Services for reaching the purposes specified in Section 6 of this Policy, and in any event for not more than for 8 years.
6. Purposes of Processing Your Personal Data
6.1.1. Creation of In-Game Accounts and providing 10k Riders Users with an opportunity to use 10k Riders Applications and other Services;
6.1.2. Blocking or deletion of your In-Game Account or restriction of your access to our Services by other means for the violation of this Policy and Terms of Service;
6.1.3. Marketing purposes, including retargeting, profiling advertising, and use of look-a-like advertising targeting;
6.1.4. Identification and suggestion of connections with other 10k Riders Users, as well as enabling you to communicate with other 10k Riders Users and 10k Riders itself;
6.1.5. Operation and improvement of our Services, including improvement and development of 10k Riders Applications;
6.1.6. Marketing analysis, including understanding of your preferences and your use of our Services, and mobile applications and web-sites in general;
6.1.7. Responding to your requests, comments, and questions and providing you with customer support;
6.1.8. Sending you related information, including confirmations, invoices, technical notices, updates, security alerts, and support and administrative messages; and
6.1.9. Communicating with you about promotions, rewards, upcoming events, and other news about Services offered by 10k Riders and our selected partners.
6.1.10. Compliance with applicable laws or legal process and/or response to requests from public and government authorities.
7. Storage of Your Personal Data
7.1. We and our Processors can store your personal data both inside and outside European Union. Some of our storage servers are located in the Russian Federation, while others are located in European Union. The storage servers of our Processors can be located both in European Union and in the Russian Federation and other jurisdictions outside European Union.
7.2. While we and our Processors take all the reasonable and necessary measures aimed at protection of your personal data against unauthorized access by third parties, we shall inform you about the possible risks of such storage of your personal data in jurisdictions outside European Union under Art.49(1)(a) GDPR. Such possible risks include:
7.2.1. Efforts of hacking attacks. 10k Riders takes all the necessary measures to prevent such attacks and do not allow hackers to access your personal data. Such measures are determined in Section 9 of this Policy.
7.2.2. Storage of personal data in the jurisdictions to which 10k Riders has no access. However, Processors that store your personal data in such jurisdictions use all the necessary security mechanisms for protecting your personal data in accordance with Section 9 of this Policy. Furthermore, their storage authority is restricted and controlled by the written contracts with 10k Riders.
7.2.3. Existence of different rules and regulations on personal data processing in such jurisdictions that are different from GDPR. However, 10k Riders and its Processors provide personal data subjects with the level of guarantees granted to personal data subjects by GDPR.
7.3. When you push the button “I accept provided in para.2.2 of this Policy, you express your consent to the possible transfer of your personal data to both EU and non-EU countries.
8. 10k Riders Users’ Rights
8.1. You as the personal data subject have the following rights relating to the processing of your personal data:
8.1.1. Right of access (right to obtain from 10k Riders as the Controller confirmation as to whether your personal data are being processed and other information concerning your personal data, including information about the purposes of processing, the categories of processed personal data, the categories of recipients of your personal data, the period of personal data storage);
8.1.2. Right to lodge a complaint with a supervisory authority (a supervisory authority is a state authority in your country which supervises the compliance with GDPR by legal and natural persons that process personal data of data subjects);
8.1.3. Right to rectification (right to the rectification of inaccurate personal data concerning you);
8.1.4. Right to erasure (right to obtain the erasure of personal data concerning you);
8.1.5. Right to restriction of processing (right to obtain from 10k Riders as the Controller restriction of processing on the legal grounds provided in Art.18 GDPR (for example, when the accuracy of the personal data is contested by you or we no longer need the personal data for the purposes of the processing));
8.1.6. Right to data portability (the right to receive the personal data concerning you, which you have provided to 10k Riders, in a structured, commonly used and machine-readable format, and the right to transmit those data to another controller without hindrance from us);
8.1.7. Right to object (right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you, including the right to object at any time to processing of personal data concerning you for marketing purposes);
8.1.8. Right not to be subject to a decision based solely on automated processing, including profiling;
8.1.9. Right to file the request or complaint to 10k Riders as the Controller of your personal data.
8.1.10. Right to withdraw your consent to personal data processing.
9. How We Secure Your Personal Data Against Unauthorized Use
9.1. We employ reasonable security measures to protect your personal data from access by unauthorized persons and against unlawful processing, accidental loss, destruction and damage.
9.2. We do not use vulnerability scanning and/or scanning to PCI standards. We use regular Malware Scanning. Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. We implement a variety of security measures when 10k Riders Users enter, submit, or access their information to maintain the safety of their personal data. All transactions are processed through a gateway provider and are not stored or processed on our servers.
9.3. Besides, our servers on which we store your personal data allow access to these servers and data stored on them only by use of special SSH-keys. To learn more about SSH keys please follow the link https://jumpcloud.com/blog/what-are-ssh-keys/
9.4. The access to the services of our Processors aimed at tracking behavioral data and promotion of 10k Riders Services is carried out by entering special username and password and sometimes with use of Two-Factor Authentication (2FA).
10. Cookies Policy
10.2. We and our Processors determined in para.3.2.4 of this Policy use local storage of 10k Riders Applications for saving the progress of 10k Riders Users in such 10k Riders Applications. However, neither 10k Riders, nor our Processors have access to the information about the saved progress, except for cloud save scripts used in some of our 10k Riders Applications.
11. Transfer of Personal Data to Third Parties
11.1. We do not sell or otherwise transfer your personal data to any third parties. We have never sold any personal data to any third parties, and have not done so within the last 12 (twelve) calendar months. We are not planning to sell your personal data to any third parties in future. We can only transfer your personal data to the Processors determined in this Policy for the purposes specified in the Policy.
11.2. If we decide to change our policy on the sale of your personal data in future, we will provide you with all necessary updates and notifications in accordance with CCPA.
12. Data Protection Officer (DPO)
12.1. Because we regularly and systematically monitor personal data subjects on a large scale, we have appointed the Data Protection Officer (DPO) in accordance with Art.37 GDPR. Our DPO is Anastasia Romakha of Moscow, 2nd Paveletzky proezd, building 5 block 1.
12.2. Our DPO monitors the compliance with GDPR by 10k Riders and our Processors, and performs other tasks provided by Art.39 GDPR.
14. Contacting Us
14.1. You can contact 10k Riders regarding the application of this Policy or the rights 10k Riders Users via our e-mail firstname.lastname@example.org. You can also contact us through our DPO appointed by 10k Riders in accordance with this Policy. Besides, you may send us a mail to our physical address: Archiepiskopou Makariou lll, 155 PROTEAS HOUSE, 5th floor, 3026, Limassol, Cyprus.
15. Privacy rights of Californian residents under CCPA
15.1. Right to receive information and access information.
You have the right to request us to disclose the following information we have collected:
(1) The categories of personal information we have collected about you.
(2) The categories of sources from which the personal information is collected.
(3) The business or commercial purpose for collecting or selling personal information.
(4) The categories of third parties with whom we share personal information.
(5) The specific pieces of personal information we have collected about you.
We shall provide this information only upon receipt of a verifiable consumer request.
There are two ways to submit a request for providing an information: 1) send the request via e-mail: email@example.com; 2) send us a mail to our physical address: Archiepiskopou Makariou lll, 155 PROTEAS HOUSE, 5th floor, 3026, Limassol, Cyprus. If we need additional information to verify your identity, we will contact you to request that information. If we deny your request, we will explain the reason in our response.
Upon receiving a verifiable consumer request from you to access personal information we shall promptly take steps to disclose and deliver, free of charge to you the personal information required by this section. The information may be delivered by mail or electronically, and if provided electronically, the information shall be in a portable and, to the extent technically feasible, in a readily useable format that allows you to transmit this information to another entity without hindrance. We may provide personal information to you at any time, but shall not be required to provide personal information to you more than twice in a 12-month period.
15.2. Right to deletion
You have the right to request us to delete any personal information about you which we have collected.
We may retain personal information necessary to: (a) protect our business, systems, and users from fraudulent activity, (b) to address technical issues that impair existing functionality, (c) necessary for us, or others, to exercise their free speech or other rights, (d) comply with law enforcement requests pursuant to lawful process, (e) for scientific or historical research, (f) for our own internal purposes reasonably related to your relationship with us, or to comply with legal obligations. Additionally, we need certain types of information so we can provide our services to you.
There are two ways to submit a request for deletion: 1) send the request via e-mail: firstname.lastname@example.org; 2) send us a mail to our physical address: Archiepiskopou Makariou lll, 155 PROTEAS HOUSE, 5th floor, 3026, Limassol, Cyprus. If we need additional information to verify your identity, we will contact you to request that information. If we deny your request, we will explain the reason in our response.
15.3. Right to opt-out
However, we have provided you with a system to record your preference that your data not be sold in the future. You may make this request in two ways: 1) send the request via e-mail: email@example.com; 2) send us a mail to our physical address: Archiepiskopou Makariou lll, 155 PROTEAS HOUSE, 5th floor, 3026, Limassol, Cyprus.
15.4. No discrimination based upon the exercise of the opt-out right
We shall not discriminate against a consumer because the consumer exercised any of the consumer’s rights under this title, including, but not limited to, by:
(1) Denying goods or services to the consumer.
(2) Charging different prices or rates for goods or services, including through the use of discounts or other benefits or imposing penalties.
(3) Providing a different level or quality of goods or services to the consumer.
(4) Suggesting that the consumer will receive a different price or rate for goods or services or a different level or quality of goods or services.
Nothing in this subdivision prohibits us from charging a consumer a different price or rate, or from providing a different level or quality of goods or services to the consumer, if that difference is reasonably related to the value provided to us by the consumer’s data.