PRIVACY NOTICE

Effective Date: May 12, 2025

GAMEGEARS LTD (hereinafter "GameGears," "we," "us," or "our") respects your privacy and strives to protect your personal data. This Privacy Notice ("Notice") explains how we collect, use, disclose, retain, and protect personal data obtained through the Website. Where any applicable laws impose stricter requirements than those described in this Notice, GameGears will comply with those stricter standards in the relevant region.

Quick Summary

Who We Are: GameGears is a company based in Cyprus and is part of the GDEV Inc. For purposes of European data protection laws (GDPR), GameGears LTD is the data controller of your personal data collected via this Website. In certain cases (for example, international data transfers within our corporate group), our parent company GDEV Inc. may also act as a joint data controller.

What Data We Collect: The information we collect depends on how you interact with us. If you simply browse our Website, we collect minimal data. If you contact us (e.g. via a form or email), we collect your contact details and any information you provide. If you apply for a job, we collect the data needed to process your application (such as your name, contact details, CV, work history, etc.). If you participate in a contest or promotion, we collect the data needed to administer the contest (such as your name, contact info, and possibly a shipping address for prizes). We may also collect business contact information of employees of our partners or vendors for collaboration purposes.

How We Use Your Data: We use personal data to operate and improve our Website and services, to respond to inquiries, to process job applications and hiring, to run contests and deliver prizes to winners, to manage our relationships with partners and vendors, and to comply with legal obligations. We also use data for our legitimate business interests – for example, to protect the security of our services, prevent fraud, or understand how users interact with our Website (using analytics, with your consent where required).

Legal Bases (GDPR): When the GDPR applies, we only process personal data when we have a lawful basis. These include your consent (e.g. for optional cookies or marketing emails), contractual necessity (e.g. processing an application or providing a service you requested), legal obligations (complying with laws or regulations), and legitimate interests (for purposes like improving services or ensuring security, after balancing your rights).

Data Sharing: We do not sell or rent your personal data to third parties. We may share your information with trusted service providers who help us run our business (such as hosting providers, analytics services, customer support tools, or recruitment platforms). We may also share data with our affiliates and group companies (including our parent company, GDEV Inc.) for business operations and internal administration, under strict data protection safeguards. In certain circumstances we may disclose data if required by law or government request, or in the context of a corporate transaction (such as a merger or sale of the company), as described in more detail below.

International Transfers: As an international company, we may transfer your data to countries outside of your own (including outside the European Economic Area). For example, data collected in the EEA might be accessed by GameGears or GDEV Inc. in other jurisdictions. Whenever we transfer personal data out of the EEA, we ensure appropriate safeguards are in place (such as European Commission Standard Contractual Clauses) so that your data remains protected.

Data Retention: We keep your personal data only as long as necessary for the purposes it was collected, or as required by law. For instance, if you apply for a job and are unsuccessful, we will delete your data once the process is concluded unless we have your permission (or a lawful interest) to keep it in our talent pool – and even then, we won't keep it longer than 2 years without your objection. Contest participant data is kept for the duration of the contest and any required period afterward (for example, to announce winners or fulfill prizes). When data is no longer needed, we delete it or anonymize it.

Your Rights: Under GDPR and other applicable laws, you have rights regarding your personal data. These include the right to access your data, correct or update it, delete it, or object to or restrict certain processing. If we are processing your data based on consent, you have the right to withdraw that consent at any time. You can also lodge a complaint with a data protection authority if you believe your rights are being violated. We detail these rights later in this Notice, along with how you can exercise them.

Data Security: We take security seriously. We implement technical and organizational measures such as encryption, access controls, and regular security audits to protect your data against unauthorized access or loss. However, no method of transmission or storage is 100% secure, so we cannot guarantee absolute security. You should also take care to keep any passwords or access credentials confidential.

Contact Us: If you have any questions about this Notice or your personal data, you can reach out to us. We provide contact details (including an email address) at the end of this Notice. We will respond to your inquiries and support you in exercising your rights regarding your data.

Please read the full Privacy Notice below for more detailed information and examples for each of these points.

Who We Are (Controller Information)

For the purposes of the GDPR and other applicable data protection laws, the "data controller" of your personal data collected via the Website is GameGears LTD, a company registered in Cyprus. Our contact details are:

Address: 55 Griva Digeni, 3101 Limassol, Cyprus
Email: support@gamegears.online

GameGears LTD is part of the GDEV group of companies. GDEV Inc., our parent company, may jointly determine the purposes and means of processing your data in certain situations (particularly for global operations and international data transfers within our group). In such cases, GDEV Inc. may be considered a joint controller of your personal data alongside GameGears. You may contact either GameGears or GDEV regarding the processing of your data (for GDEV inquiries, you can reach GDEV's privacy team at privacy@gdev.inc).

We will process your personal data only for the purposes defined in this Notice. Please note: If we rely on your consent to process certain data, you have the right to withdraw that consent at any time (this will be explained further below in the section on Your Rights).

Who This Notice Applies To

This Privacy Notice applies to the following categories of individuals ("data subjects"):

  • Website Visitors: Individuals who browse, view, or interact with our Website.
  • Job Applicants: Candidates who apply for employment or internship positions at GameGears LTD.
  • Partners' Employees: Employees, directors, representatives, or other authorized individuals of our business partners, affiliates, or vendors, whose personal data may be shared with us in the course of business relationships.
  • Contest Participants: Individuals who enter or participate in contests, competitions, or promotional events organized by GameGears on our Website or through our services.

Please note: If you engage with any of our specific GameGears projects, mobile applications, or games, those may be governed by separate privacy policies specific to each project or game. This Notice covers the use of personal data on our main Website and general corporate activities.

What Data We Collect

We collect different types of personal data depending on your interactions with us. "Personal data" means any information relating to an identified or identifiable individual. The categories of data we collect include:

Website Visitors

We generally do not collect personal information from casual visitors to our Website unless you choose to provide it to us. For example, if you fill out a contact form, subscribe to a newsletter, or send us an email, we will collect the information you provide (such as your name, email address, phone number, and the content of your communication). We may also collect some information automatically from your device when you visit our Website. If you simply browse our Website without interacting with forms or input fields, we do not actively collect any identifying information about you aside from the data collected by essential cookies or analytics with your consent.

If you do contact us through the Website or via email, we will retain a record of that correspondence, which may include your contact details and any other information you choose to share with us in your message.

Job Applicants

When you apply for a job at GameGears, we collect the personal data necessary to process your application and assess your candidacy. This typically includes:

  • Identification and Contact Information: Your full name, email address, phone number, and home address.
  • Application Materials: Your résumé/CV, cover letter, portfolio or work samples (if applicable), and any links you provide (e.g. to your LinkedIn profile or personal website).
  • Professional History: Details of your current and prior employment, work experience, skills, and education credentials (such as degrees or certifications).
  • Qualifications: Any professional licenses, certifications, or permits you hold, and skills or languages you have that are relevant to the position.
  • References and Background Information: Names and contact details of references you provide, and any information obtained through reference checks or background screenings (where lawful and with your knowledge).
  • Other Information You Provide: Any other personal information you choose to share during the application or interview process, such as your career preferences, salary expectations, availability, or willingness to relocate.

In some cases, we may collect information from publicly available sources for recruitment purposes (for example, your public professional social media profiles on platforms like LinkedIn), but only where relevant to the hiring process and permitted by law.

We use this information to evaluate your qualifications, to communicate with you about your application and schedule interviews, and to make hiring decisions. Your application data will be accessible to GameGears's recruiting team and hiring managers involved in the decision. If you are hired, this information will become part of your employment record (and you'll receive a separate employee privacy notice). If you are not hired, we will delete or archive your application data as described in the Data Retention section below.

Talent Pool: With your permission (or where we have a legitimate interest that is not overridden by your rights), we may retain your application details to consider you for future job openings at GameGears or within our GDEV group. We will not keep your data for these future opportunities for more than 2 years after the end of the recruitment process unless you affirmatively consent to a longer retention or applicable law allows/requires us to do so. You always have the right to withdraw your consent or object to this extended retention, and upon such withdrawal or objection, we will delete your data (unless we have another lawful basis to keep it, such as a legal requirement).

Contest and Promotion Participants

If you enter a contest, competition, sweepstakes, or other promotional event run by GameGears, we will collect the personal data needed to register you for and administer the contest. This typically includes:

  • Identification and Contact Details: Your name, email address, and any other contact information required (for example, phone number or mailing address if a physical prize is to be delivered).
  • Entry Information: Any content you submit as part of the contest (such as responses, images, or other materials, if the contest involves user submissions) and any contextual information (like your username or profile if the contest is run via an online platform).
  • Participant/Winner Details: Information generated through the contest, such as your entry number, the fact that you participated, and whether you are selected as a winner or finalist. If you win, we may need additional information to award your prize (e.g., your shipping address for delivery of a physical prize, sizing information for merchandise, or bank details if a cash prize is transferred). We may also ask for proof of eligibility (such as age or residency) if this is required by the contest rules or by law.

We use contest participants' data to manage the contest (e.g., to verify eligibility, record entries, contact winners, and deliver prizes). We may also announce or publish the results of our contests, which could include limited personal information about winners. For example, per contest rules, we might publish the winner's first name, username or nickname, and country or city of residence on our Website or on social media, to congratulate winners and maintain transparency. If we plan to use your data for any promotional purposes beyond the contest administration (such as using a contest submission in our marketing materials), we will obtain your consent as required by law and by the contest's terms.

All contest or promotion activities will be governed by their own official rules or terms, which may provide more specific details about data handling. We will process your personal data in line with those rules and this Privacy Notice. In many cases, entering a contest may require your consent to certain data uses (for instance, by entering, you may agree that we can use your name and likeness for announcing the winners). Where required, we will seek your consent for processing personal data, and you can withdraw consent at any time (though doing so might affect your participation if that data is essential for administering the contest).

Employees of Partners and Vendors

We may collect and process personal data about individuals who work for or with our business partners, suppliers, vendors, or other companies we collaborate with. This data is typically business-related and is used for maintaining our professional relationships. It may include:

  • Contact Information: Name, job title, work email address, work phone number, and company address of our contacts at partner organizations.
  • Identification Details: In some cases, we might record identification details required for due diligence or contracting, such as the name and identification of a signatory to a contract, or proof of authority for a representative.
  • Communications: Any correspondence or communications with us on behalf of the partner company, which might include emails or meeting notes that contain your name or opinions.
  • Other Business Information: Any other personal information provided to us in the course of the business relationship, which could include bank account details for invoice payments (if you are a sole proprietor or if your personal account is used), or information about your role and responsibilities at the partner company.

We use this information to communicate and cooperate with our partners and vendors, to manage contracts and deliver services, and to fulfill our business obligations. This data is used in a professional context and is generally limited to what is necessary for business communications, managing the partnership, and compliance with any applicable laws (such as anti-corruption or trade compliance laws requiring us to know our partners).

Note: If you are an employee or representative of a partner company, we expect that you have any necessary authorization from your employer to engage with us and provide personal data as needed. If we receive your data from a partner (for example, if a vendor gives us a contact person's details), we will treat that data in accordance with this Notice and any other agreement with the partner.

How We Use Your Data (Purposes of Processing)

We process personal data for the following purposes, in each case to the extent relevant to your relationship with us:

  • Website Functionality and Communication: To operate and maintain our Website and to provide you with the content or services you request. For example, if you fill out a contact form or email us, we use your data to respond to your inquiry or provide support. We also use data to personalize your experience on our Website (such as remembering your preferences) and to ensure the Website functions properly on your device.
  • Recruitment and Hiring: To process job applications and manage our recruitment process. This includes reviewing your credentials, contacting you about interviews or assessments, and making decisions about hiring. If you are a candidate, we use your data to communicate with you throughout the hiring process (e.g., scheduling interviews or sending offer letters), to assess your suitability for roles, and if applicable, to onboard you as an employee. We may also retain your information (with appropriate consent or legal basis) to inform you of or consider you for future opportunities at GameGears or within our group.
  • Contest and Promotion Administration: To organize and run contests, sweepstakes, or promotional events. We use your data to register your participation, ensure you meet the eligibility criteria, communicate with you about the contest (e.g., to provide updates or notify you if you win), select and verify winners, and deliver prizes. We might also use your name or likeness to announce winners publicly, as described in the contest rules. All such processing will be done in accordance with the official contest terms and any consent you have given.
  • Partner and Vendor Relations: To engage in business-to-business communications and transactions. If you work for a partner or service provider, we use your contact information to communicate about projects, orders, contracts, and support. We also use this data to manage our corporate accounts, payments, and legal compliance related to our partners and suppliers.
  • Legal Compliance: To comply with our legal and regulatory obligations. This includes using personal data where necessary to fulfill tax and accounting requirements, employment and social security obligations (for staff and applicants as applicable), and any lawful requests by public authorities. We may also process data to comply with court orders, defend our legal rights, or respond to legal claims. For example, if required, we might use and retain personal data to fulfill obligations under data protection laws (such as demonstrating consent), or to meet regulatory requirements in certain jurisdictions.
  • Protection of Rights and Interests (Legitimate Interests): To protect the rights, property, or safety of GameGears, our users, employees, or the public. This includes processing data for fraud prevention, IT/network security, and to detect or prevent illegal activities that could affect our business or users. We may also conduct analytics on how our Website is used in order to understand and improve our services (for example, analyzing aggregated usage patterns to improve navigation or content). Where we rely on legitimate interests for such processing, we will ensure our interests are balanced against your privacy rights and will implement safeguards as needed. If local law requires it, we will obtain your consent for analytics or marketing activities (for instance, for certain cookie use or email newsletters).

In summary, we will use your personal data only for the purposes we have told you about. If we need to use your data for a new purpose that is incompatible with the purposes above, we will inform you and, if necessary, seek your consent or ensure another legal basis is in place.

Legal Bases for Processing

If you are located in the European Economic Area (EEA) or another region with similar data protection laws, we process your personal data under certain legal bases as defined by the GDPR and local laws. The legal bases we rely on include:

  • Consent (Art. 6(1)(a) GDPR): We will ask for your consent in situations where we are required to do so. If you participate in certain optional activities (such as contests or providing optional information in an application), we might also rely on your consent for processing that data. Whenever we rely on consent, you have the right to withdraw it at any time (which will not affect the lawfulness of processing done before your withdrawal).
  • Contractual Necessity (Art. 6(1)(b) GDPR): When we need to process your data to enter into or fulfill a contract with you. For instance, if you apply for a job, processing your personal data is necessary in order to take steps at your request prior to potentially entering into an employment contract. Likewise, if you are a contest participant, we may process your data as necessary to perform our obligations under the contest terms (e.g. delivering a prize). If you are a partner's employee, we process your data to carry out our contract with your employer (our business partner). In general, any time you request a service or take an action that requires us to use your data (like contacting us for information), this legal basis may apply.
  • Legal Obligation (Art. 6(1)(c) GDPR): When processing is necessary for us to comply with a law or regulation. For example, retaining certain records for tax, audit, or regulatory purposes, or providing information to authorities if legally required, would fall under this basis. Another example is that data protection laws themselves might mandate certain processing: if you exercise your rights under GDPR and contact us to remove your data, we will process that request under our legal obligation to comply with GDPR.
  • Legitimate Interests (Art. 6(1)(f) GDPR): We process certain data as needed for purposes of our legitimate interests, as long as those are not overridden by your interests or fundamental rights and freedoms. We have a legitimate interest in ensuring the security and integrity of our Website and services, in communicating with our users, partners, and candidates, and in improving our business. For instance, using analytics to understand how users navigate our Website, or keeping a candidate's information on file for a short period for possible future roles, can be based on legitimate interest. When we rely on this basis, we carefully consider and balance any potential impact on you (both positive and negative) and your rights. You have the right to object to processing based on our legitimate interests (see Your Rights below). If you object, we will reconsider the balance or cease the processing unless we have compelling legitimate grounds or it is needed for legal claims.

We will always clearly indicate the legal basis we are relying on if you request that information, and you can find many of the purposes and bases matched in the sections above. Note that if we collect any special categories of personal data (which is rare in our context and would typically only happen if you volunteer it, such as revealing health information during a job application process), we would process such data only with your explicit consent or if otherwise permitted by law (Art. 9(2) GDPR).

Sharing Your Data with Third Parties

We treat your personal data with care and confidentiality. We do not sell your personal information to third parties for profit. However, in the normal course of running our business, we may share your data with certain categories of recipients under strict conditions, as outlined below:

  • Service Providers (Processors): We may share personal data with third-party companies that provide services to us, such as cloud hosting providers, data analytics services, email delivery services, customer support tools, recruitment management platforms, marketing or PR agencies, and IT/security service providers. These third parties process data on our behalf and are contractually obligated to handle data securely and only for the purposes we specify. We require all service providers to respect the confidentiality of personal data and to comply with applicable data protection laws (including GDPR requirements via Data Processing Agreements, where appropriate).
  • Affiliates and Group Companies: We may share your information within our corporate group, including with our parent company GDEV Inc. and other subsidiaries or affiliates of GDEV, if this is necessary for internal administrative purposes or to support the services we provide to you. For example, your data might be shared with another entity in the GDEV group that provides IT support or centralized human resources services. In all cases, any GameGears affiliate that accesses your data will uphold an equivalent level of data protection and will use the data only as described in this Notice. GameGears and GDEV Inc. (or other affiliates) may act as joint controllers in such data sharing scenarios, and we ensure compliance with any legal requirements for joint control arrangements.
  • Legal Obligations and Safety: We will disclose personal data to courts, law enforcement agencies, regulatory bodies, or other public authorities if we believe we are legally required to do so, or if such disclosure is necessary to comply with a legal obligation or order. We may also share data when we believe in good faith that it is necessary to: investigate, prevent, or take action regarding suspected or actual illegal activities or fraud; enforce our terms of service or other agreements; protect our rights, property, or safety, or that of our users, employees, or others. This could include exchanging information with other companies and organizations for the purposes of fraud protection or credit risk reduction, in accordance with applicable laws.
  • Business Transfers: In the event that GameGears undergoes a business transaction such as a merger, acquisition by another company, reorganization, or sale of some or all of its assets, personal data may be transferred to the acquiring or successor entity as part of the transaction. If such a transfer occurs, we will ensure that your personal data remains subject to confidentiality obligations and that you are notified (for example, via a notice on our Website or other appropriate communication) of any change in ownership or use of your personal information, as well as any choices you may have regarding your personal data as a result of the transaction.

In all cases of sharing, we only share the minimum information necessary for the third party to carry out its responsibilities. We also ensure, where possible, that any third party receiving personal data has appropriate safeguards in place to protect it. If any sharing involves transferring your data out of your country (including outside the EEA), we will handle it as described in the next section (International Data Transfers).

International Data Transfers

GameGears LTD is headquartered in Cyprus and primarily processes data within the European Economic Area (EEA). However, as part of a global group (GDEV Inc.) and with service providers around the world, your personal data may be transferred to and processed in countries outside of your country of residence, including countries outside the EEA or United Kingdom that may not have the same level of data protection laws as your home jurisdiction.

Transfers within the GDEV Group: If you are in the EEA, note that our parent company, GDEV Inc., and some of our affiliated companies or group teams might be located outside the EEA (for example, development studios or corporate offices in other countries). In such cases, personal data may be accessed or processed in those countries for the purposes described in this Notice (e.g., a central HR team reviewing a job application, or a centralized IT system hosted in another region). GDEV Inc. as a joint controller will ensure that any intra-group transfer of personal data from the EEA is governed by appropriate safeguards. Typically, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission, along with additional security and organizational measures, to ensure that EEA personal data remains protected when processed in a third country. We may also rely on an adequacy decision by the European Commission if the country has been officially recognized as providing an adequate level of data protection.

Transfers to Service Providers: Many of our external service providers (such as cloud hosting, email services, or analytics tools) are based in or have servers in countries outside the EEA (for example, the United States). When we transfer personal data to these providers, we do so in compliance with data export requirements. This means that if personal data from EEA individuals is transferred to a provider in a country that the EU does not consider as having adequate data protection, we will put in place a lawful transfer mechanism. This often involves signing Standard Contractual Clauses with the provider, and when necessary, implementing supplementary measures (such as encryption in transit and at rest, and careful review of any government access laws in the destination country) to uphold the privacy and security of the data.

Regardless of where your data is processed, we will take all necessary measures to ensure that your personal information is handled securely and in accordance with this Privacy Notice and the GDPR. We understand the importance of safeguarding personal data in international contexts and will not transfer your personal data to third parties in other countries unless we are satisfied that adequate levels of protection are in place.

If you have questions about our international data transfer practices, or if you would like to obtain a copy of the relevant transfer safeguards (such as the SCCs) we have put in place, you can contact us using the details provided in the Contact Information section below. We will be happy to provide you with additional information on how we protect your personal data in the context of cross-border transfers.

Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, or to comply with applicable legal or contractual requirements. Once personal data is no longer needed, we will either delete it or anonymize it (so that it can no longer be associated with an individual). Below are some general guidelines for how long we keep different types of data:

  • Website Inquiries and Communications: If you contact us via a contact form or email, we will retain your data for as long as it takes to address your inquiry or request. After we have resolved your issue or answered your question, we may keep a copy of the correspondence for a certain period in case you have follow-up questions or for our records. Typically, routine inquiries are kept for up to 1 year after resolution, though this period may be extended if needed (for example, to establish a paper trail of communications in case of a dispute or for providing ongoing support you requested).
  • Job Applications: For candidates who apply to GameGears, we retain personal data through the duration of the recruitment process for the position you applied for. If you are not selected for the job, we will generally delete or anonymize your application data within a short period after the position is filled or closed. However, if we consider you for future employment opportunities – for example, if we think you could be a good fit for a later opening – we may keep your application information in our talent pool for up to two (2) years from the end of the recruitment process, unless you object to such retention or withdraw your consent (if we asked for consent). This retention allows us to re-contact you about new roles. If you prefer that we do not retain your data for this purpose, you can let us know at any time (see Your Rights below), and we will delete your data. In any event, we will not keep unsuccessful applicant data for longer than 2 years for future consideration without obtaining your renewed consent. Note that if a particular law requires us to keep interview notes or candidate evaluation records for a certain period (for example, for equal opportunity monitoring or legal defense), we may retain some data for that purpose, but we will inform you if so. Successful candidates who are hired will have their data retained as part of their employment record, in accordance with our internal employee data retention policies (which will be communicated separately).
  • Contest and Promotion Data: Personal data collected in connection with contests, promotions, or sweepstakes will be kept for the duration of the contest and for a period afterward as needed to conclude the promotion and comply with any legal requirements. For example, we will retain winners' details long enough to verify their identity, deliver prizes, and handle any tax or legal reporting obligations (some jurisdictions require us to keep a record of contest winners for a certain time). Typically, once the contest is completely finished and all obligations are met, we will delete or anonymize contest-related personal data. Non-winning entries may be deleted shortly after winners are announced (unless the contest rules specify otherwise). If the contest involved any publication of results (like posting the winner's name), that information might remain publicly visible according to the contest rules, but we will minimize personal details.
  • Partner/Vendor Data: For our contacts at partner companies or vendors, we retain personal data for as long as the business relationship is active and as required by our contractual or legal obligations. For instance, if you are our point of contact at a vendor, we will keep your contact information while we are working together and perhaps afterward if needed for audits or legal purposes. Once the relationship ends, we will typically delete or update contact information during our periodic data reviews, unless we need to retain it for enforcing an agreement or resolving any post-contract issues. Business records (which might contain personal data, like emails or signed contracts) are retained as long as necessary for business archival purposes, often up to several years after the relationship ends, depending on the type of record and applicable laws (for example, contracts may be kept for a number of years after expiration).

In all cases, when determining retention periods, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure if we keep it longer than necessary, the purposes for which we process it and whether we can achieve those purposes through other means, and applicable legal requirements (such as statutes of limitations, record-keeping laws, and regulatory guidance).

If you withdraw consent for a particular processing or exercise your right to deletion, we will review your request and, if no other lawful basis for retaining the data applies, we will delete the relevant data. For example, if you had given consent for us to retain your details in our talent pool and then you withdraw that consent, we will remove your data from the pool (unless we need to keep some information for a legal reason, like to defend against a discrimination claim, in which case we would inform you). Similarly, if you unsubscribe from a newsletter, we will stop sending it and remove your email from the active mailing list (but we might retain the request to unsubscribe as proof of compliance).

End of Life: Once the applicable retention period expires, or if we no longer have a legitimate reason to keep your data, we will ensure it is securely deleted or rendered anonymous (so that it is no longer associated with you). For backup systems, the data will be overwritten or securely destroyed as those backups cycle out of use.

Data Security Measures

We are committed to securing your personal data and have implemented appropriate technical and organizational measures to protect it against unauthorized access, loss, alteration, or disclosure. These measures include, for example:

  • Encryption: We use encryption protocols where appropriate to protect data during transmission (for instance, data you submit through our Website forms is typically encrypted via HTTPS) and, in some cases, we encrypt data at rest. This helps ensure that even if data is intercepted or our systems are compromised, your information remains protected.
  • Access Controls: We limit access to personal data to employees and contractors who need it to perform their job duties ("need-to-know" basis). All such personnel are subject to confidentiality obligations. We use password protection, two-factor authentication, and role-based access permissions in our systems to prevent unauthorized access to data.
  • Security Testing and Maintenance: We regularly monitor our systems for possible vulnerabilities and attacks. This includes keeping our software and infrastructure up to date with security patches, using firewalls and intrusion detection systems, and performing periodic security assessments or audits. We also have procedures for identifying and handling security incidents.
  • Internal Policies & Training: We maintain internal privacy and security policies that outline the proper handling of personal data. Our staff are trained on data protection principles and security practices. We strive to foster a culture of privacy and security awareness. For example, employees are trained to recognize phishing attempts and to follow safe data handling procedures.
  • Vendor Due Diligence: When we engage third-party service providers that may process personal data on our behalf, we vet their security practices and certifications. We require them to have appropriate security measures and to notify us in case of any data breach involving our information.

Despite all of these efforts, please note that no method of transmission over the Internet, or method of electronic storage, is completely secure. While we do our best to protect your personal data, we cannot guarantee absolute security. It is important for you as well to play a role in keeping your data secure. We encourage you to use unique and strong passwords for any accounts and to keep those passwords confidential. If you suspect any unauthorized access or loss of your personal data in relation to GameGears, please contact us immediately so we can investigate and take necessary measures.

Your Rights as a Data Subject

Depending on your jurisdiction (and particularly if you are in the EEA or UK under the GDPR, or in a similar regime), you have certain rights regarding the personal data we hold about you. We respect these rights and have processes in place to help you exercise them. These rights include:

  • Right to Withdraw Consent: If we are processing your personal data based on your consent, you have the right to withdraw that consent at any time. For example, you may withdraw consent for receiving marketing emails by clicking the "unsubscribe" link in any email or contacting us. If you withdraw consent, we will stop the specific processing that was based on consent. (Note: withdrawing consent does not affect the lawfulness of processing done before the withdrawal.)
  • Right of Access: You have the right to request confirmation of whether we are processing your personal data, and if so, to request a copy of the personal data we hold about you. This is commonly known as a "Data Subject Access Request." We will provide you with a copy of your data, along with information about how we use it, who we share it with, how long we keep it, and the sources of the data if not collected directly from you, as required by law.
  • Right to Rectification: If you believe that any personal data we have about you is incorrect or incomplete, you have the right to request that we correct or update it. For example, if you change your phone number or notice that we misspelled your name, you can ask us to fix it. We rely on you to provide accurate information, and we will make corrections promptly upon request.
  • Right to Erasure ("Right to be Forgotten"): You may ask us to delete or remove your personal data in certain circumstances. This right applies, for instance, if the data is no longer necessary for the purposes for which it was collected, if you have withdrawn your consent and we have no other legal basis to continue processing, or if you object to processing based on our legitimate interests and we have no overriding grounds to continue. Please note that this right is not absolute – sometimes we may need to retain certain information if required by law or if we have a compelling legitimate reason. We will inform you if that is the case.
  • Right to Restrict Processing: You have the right to request that we limit the processing of your personal data in certain situations. For example, if you contest the accuracy of your data, you can request that we restrict processing while we verify the accuracy; or if you have objected to processing (see below), you can request restriction while we consider your objection. When processing is restricted, we can still store your information but will not use it for the moment (except to the extent necessary, e.g., to secure the data or with your consent, or for legal reasons).
  • Right to Object: You have the right to object to our processing of your personal data when that processing is based on legitimate interests (Art. 6(1)(f) GDPR) or when done for direct marketing purposes. If you object to processing based on legitimate interests, we will evaluate your objection and will stop processing the personal data in question unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or unless the processing is required for the establishment, exercise, or defense of legal claims. If you object to direct marketing (including any profiling related to direct marketing), we will cease processing your data for those purposes immediately.
  • Right to Data Portability: For data that you have provided to us and that we process by automated means based on your consent or on a contract with you, you have the right to request a copy of that data in a structured, commonly used, machine-readable format (for example, a CSV file), and you have the right to have that data transmitted to another controller where technically feasible. This right is intended to allow you to take your data to another service provider easily. It's not applicable to all data, only to the subset that meets those criteria (provided by you, processed by automated means, under consent or contract).
  • Right to Lodge a Complaint: If you believe we have infringed your privacy rights or violated data protection laws, you have the right to lodge a complaint with a supervisory authority. In the EEA, this typically means the data protection authority in the country where you live or work, or where an alleged infringement took place. For example, if you are in Cyprus, you could contact the Office of the Commissioner for Personal Data Protection in Cyprus. We would appreciate the chance to address your concerns directly before you do this, so we encourage you to contact us first, but you are within your rights to reach out to the authorities at any time.

To exercise any of your rights, please contact us using the contact information provided in this Notice. For security reasons, we may need to verify your identity before fulfilling certain requests (for example, by asking you to provide information that matches our records). This is to ensure that personal data is not disclosed to anyone who does not have the right to receive it.

We will do our best to respond to your request promptly and in any event within the timeframes set by applicable law (GDPR requires us to respond within one month in most cases, with a possible extension of two further months if necessary, taking into account the complexity and number of requests). We will inform you if we need more time or if for some reason we cannot comply with your request (for example, if it would adversely affect the rights and freedoms of others, or if another legal requirement prevents us from fulfilling it). Normally, we will not charge a fee for processing your request. However, if your requests are manifestly unfounded or excessive (for instance, repetitive requests), we may charge a reasonable fee or refuse to act on the request, as permitted by law.

Changes to this Privacy Notice

We reserve the right to update or modify this Privacy Notice at any time. As our services evolve or as legal requirements change, we may need to amend the information in this Notice to accurately reflect our data practices and compliance with the law. If we make material changes to this Notice, we will notify users by posting the updated Notice on this Website and updating the "Effective Date" at the top, and/or by any other reasonable means. In some cases, if changes are significant or if required by law, we may also notify you directly (for example, via email if we have your contact information) about the changes.

We encourage you to review this page periodically to stay informed about how we are protecting your personal data. Your continued use of the Website or our services after any modifications to this Notice will constitute your acknowledgment of the changes. If you do not agree with any changes to the Notice, you should stop using the Website and can contact us if you have concerns.

Contact Information

If you have any questions, concerns, or requests regarding this Privacy Notice or how GameGears LTD handles your personal data, please do not hesitate to contact us. You can reach our data protection contact (Data Protection Manager) at:

GameGears LTD – Data Protection Manager
55 Griva Digeni, 3101 Limassol, Cyprus
Email: support@gamegears.online

We will address your inquiry as soon as possible, typically within 30 days. If you are contacting us to exercise one of your data subject rights (see Your Rights above), please provide enough information for us to verify your identity (if we don't already have it) and to locate your data (e.g., the email address you used to interact with us, date of contact, etc.). This will help us process your request efficiently.

Important: If any consent you have given us for processing personal data expires or is withdrawn, we will cease processing your data that was based on consent. We will also delete such data, unless we have another legal basis to keep it (for example, we may need to retain certain information to comply with a legal obligation or to establish, exercise, or defend legal claims).

Final Provisions

This Privacy Notice is provided in the English language, which will be the binding version in case of any translations. If we provide a version of this Notice in another language and there is any inconsistency or discrepancy between the two versions, the English version shall prevail.

By using our Website or interacting with us, you confirm that you have read and understood this Privacy Notice. We appreciate your trust in GameGears to handle your personal data responsibly and in accordance with applicable law.

FAITHFULLY YOURS,
GAMEGEARS LTD

3101, Cyprus, Limassol, 55 Griva Digeni
support@gamegears.online