Privacy Policy

PRIVACY POLICY

Effective date: May 14, 2026

This Privacy Policy explains how NP Yazılım ve Bilişim Hizmetleri A.Ş. (“no-pact”, “we”, “our” or “us”) collects, uses, and protects your personal data when you access or play our games (the ‘Service’).

We process your data only when we have a valid legal basis to do so. Where your data is strictly necessary to provide the Service, create your account, or ensure the games function properly, we process this data to fulfill our contractual obligations to you.

For processing activities that fall outside of core game functionality—such as using third-party tracking tools (e.g., Meta, Adjust, Google Firebase) for analytics, serving personalized advertisements, or sending promotional marketing—we rely on your explicit, informed consent.

We will ask for your explicit opt-in consent before collecting or sharing data for these purposes. You are not required to provide consent to play our games, and you have the right to withdraw your consent at any time by adjusting your in-game settings or contacting us at info@nopact.com. Withdrawing your consent will not affect the lawfulness of any processing that occurred before the withdrawal

HOW WE COLLECT AND USE INFORMATION
no-pact’s primary goals in collecting and using information are to create your account, provide Services to you, improve our Service, contact you, conduct research and create reports for internal use. We store information on servers located primarily in the United States and Ireland via Amazon Web Services and may store information on servers and equipment in other countries.

MOBILE PLATFORMS
We may collect and record certain information such as your unique device ID, hardware type, the version of your operating system (“OS”), your device name, your email address (if you have connected to Facebook), and your location (based on your Internet Protocol (“IP”) address). This information is useful to us for troubleshooting and helps us understand usage trends.

FACEBOOK CONNECT AND GAME CENTER
You may connect your no-pact user account to your Facebook account or to Apple’s Game Center (“SN Service”). We may collect and record information through the SN Service in accordance with the policies and terms of that SN Service. The information we collect when you connect your user account to an SN Service may include: (1) your name, (2) your SN Service user identification number and/or user name, (3) locale, city, state and country, (4) sex, (5) birth date, (6) email address, (7) profile picture or its URL, and (8) the SN Service user identification numbers for your friends that are also connected to no-pact’s game(s).

CUSTOMER SERVICE
We may collect your email address when you contact our customer service group and we may use that email address to contact you about your gaming experience with no-pact games and notify you about company news and promotions.

GAME DATA COLLECTION
We collect data about your interactions with our games and with the other players inside the game via server log files. This data is stored within Amazon Web Services.

THIRD PARTY SERVICES
Our services may contain third party tracking tools from our service providers, examples of which include Adjust, Amplitude, Google Firebase, Google Admob, Meta and Applovin. Such third parties may use cookies, APIs, and SDKs in our services to enable them to collect and analyze user information on our behalf. The third parties may have access to information such as your device identifier, locale (specific location where a given language is spoken), geo-location information, and IP address.

HOW WE USE THE INFORMATION WE COLLECT
We may use the information we collect through your use of the Services for a variety of purposes, primarily related to providing and improving the quality of our Services. For example, we may use the information we collect in the following ways:

Providing, administering, and facilitating your use of the Services, including the creation of game accounts
Managing your account preferences, establishing your Profile and Registration Information
Connecting you with your friends and/or contacts that are using the Services
Analyzing trends and user traffic to improve our Service
Notifying you of products, new products, services, features, promotions, enhancements, and updates, including in-game updates, loyalty and rewards programs, and updates to the Services and Privacy Policy
Marketing our products and/or services to you, including sending you offers, promotions information, newsletters, e-mail campaigns, and communications regarding new, improved or existing products, contests and/or sweepstakes
Resolving technical problems; handling or responding to customer support questions and issues
Enabling user-to-user communication and interaction and soliciting input and feedback to improve user experience
Tracking purchases and usage information

DISCLOSURE OF YOUR INFORMATION
no-pact does not share your personal information except as approved by you or as described below:

– We may release your information as permitted by law or when we believe that release is appropriate to comply with the law; enforce or apply our rights; or protect the rights, property, or safety of us or our users, or others. This includes exchanging information with other companies and organizations for fraud protection.
– If you opt-in or otherwise agree to have your information shared with a third party for marketing purposes, we will share you information with the third party (or third parties) in which case the third party’s use of your information is subject to the third party’s own privacy policy.
– We may share your information with third party companies that perform services on our behalf, including payment processing, order fulfillment, data analysis, marketing services, e-mail campaigns, hosting services, and customer service. While providing the services for us, these companies may access your personal information, and are required to use it solely as directed by us for the purpose of our requested service.
– In the event that no-pact undergoes a business transition, such as a merger, acquisition, corporate divestiture or dissolution (including bankruptcy), or a sale of all or a portion of its assets, we may share, disclose or transfer all of your information, including personal information, to the successor organization in such transition.

HOW WE KEEP YOUR INFORMATION SECURE

no-pact takes commercially reasonable security measures to protect against unauthorized access to, or unauthorized alteration, disclosure or destruction of, sensitive data that you share and we collect and store. These security measures may include practices such as keeping your sensitive data on a secured server behind a firewall, transmitting sensitive information entered on our site or mobile application using secure socket layer technology (SSL), internal reviews of our data collection practices and platforms, as well as physical security measures to guard against unauthorized access to systems where we store your information. Although we make good faith efforts to store the information collected on the Service in a secure operating environment that is not available to the public, we cannot guarantee the absolute security of that information during its transmission or its storage on our systems. Further, while we attempt to ensure the integrity and security of our network and systems, we cannot guarantee that our security measures will prevent third-party “hackers” from illegally obtaining access to this information. We do not warrant or represent that your information will be protected against, loss, misuse, or alteration by third parties.

OUR LEGAL BASES FOR PROCESSING YOUR DATA

We will only collect and process your personal data where we have a valid legal basis to do so under applicable data protection laws, such as the General Data Protection Regulation (GDPR).

The legal basis we rely on depends on the specific context in which we collect your data and the purposes for which we use it. We process your information according to the following legal bases:

Purpose of Processing	Types of Data Involved	Legal Basis
Providing the Service: Creating your account, saving game progress, facilitating user-to-user interaction, and enabling in-game purchases.	Device ID, SN Service ID (e.g., Facebook/Game Center), in-game interaction data, location (locale/country).	Performance of a Contract: Processing is necessary to deliver the game and services you requested according to our Terms of Service.
Customer Support: Resolving technical problems, answering your questions, and managing your account preferences.	Email address, Device ID, user name, communication history.	Performance of a Contract / Legitimate Interest: Necessary to support the product you use and our legitimate interest in providing good customer service.
Security and Fraud Prevention: Protecting against malicious activity, unauthorized access, and cheating to ensure a fair and secure gaming environment.	IP address, Device ID, server log files.	Legitimate Interest: Necessary for our legitimate interest in maintaining the security and integrity of our games and network.
Game Improvement (Internal Analytics): Analyzing trends, tracking game balancing, and fixing bugs using our own internal server logs.	Anonymized or aggregated gameplay data, server log files.	Legitimate Interest: Necessary for our legitimate interest in developing, optimizing, and improving our products.
Third-Party Analytics and Advertising: Using third-party tools (like Meta, Google Admob, Applovin, Adjust) to analyze user acquisition, serve targeted advertisements, and track ad performance.	IP address, Device ID, geo-location, advertising identifiers (IDFA/GAID).	Consent: We rely on your explicit opt-in consent before deploying these third-party tracking tools. You may withdraw this consent at any time.
Direct Marketing: Sending you promotional emails, newsletters, and offers regarding new games or updates.	Email address, name.	Consent: We rely on your explicit consent to send direct marketing communications. You may unsubscribe at any time.
Legal Compliance: Exchanging information with authorities or other organizations when required by law or to protect our rights.	Varies depending on the specific legal request or situation.	Legal Obligation: Processing is necessary to comply with a binding legal obligation or court order.

Regarding Legitimate Interests: When we rely on legitimate interests as our legal basis, we conduct a balancing test to ensure that our interests are not overridden by your fundamental rights and privacy expectations. You have the right to object to processing based on legitimate interests.

YOUR DATA PRIVACY RIGHTS

Depending on your location and applicable data protection laws (such as those in the European Economic Area, the UK, and California), you have specific rights regarding your personal information. We are committed to honoring these rights for all our users.

You have the right to:

Access and Know: Request a copy of the personal data we hold about you, as well as information about how and why we process it, and with whom it is shared.
Rectification (Correction): Request that we correct or update any inaccurate or incomplete personal data we hold about you.
Erasure (Deletion): Request that we delete your personal data (often referred to as the ‘right to be forgotten’). Please note that we may need to retain certain information for legal, accounting, or security purposes.
Data Portability: Request to receive your personal data in a structured, commonly used, and machine-readable format, or ask us to transfer it directly to another service provider where technically feasible.
Object to or Restrict Processing: Object to our processing of your data (particularly for direct marketing purposes) or request that we restrict the processing of your data under certain circumstances.

Additional Rights for California Residents (CCPA/CPRA)

Right to Opt-Out of Sale or Sharing: While no-pact does not sell your data for direct monetary compensation, sharing data with third-party advertising networks (like Admob or Meta) for targeted advertising may be considered a ‘sale’ or ‘sharing’ under California law. You have the right to opt-out of this sharing.
Right to Non-Discrimination: We will not discriminate against you (such as by denying services or providing a lower quality of service) for exercising any of your privacy rights.

How to Exercise Your Rights:
To exercise any of these rights, or to change your communication preferences, please contact us at info@nopact.com.

We will acknowledge your request promptly and respond within the timeframes required by applicable law (typically within 30 to 45 days). For your protection, we may need to verify your identity before fulfilling certain requests. If you are a resident of the EEA or UK and are unsatisfied with our response, you also have the right to lodge a complaint with your local data protection supervisory authority.

INTERNATIONAL DATA TRANSFERS

no-pact operates globally. To provide our Services, your personal information may be transferred to, stored, and processed in countries outside of your country of residence, including the United States, Ireland, and Türkiye.

Please be aware that the data protection laws in these countries may differ from those in your home country and may not offer the same level of legal protection. However, we are committed to ensuring that your privacy rights remain protected regardless of where your data is processed.

Safeguards for Users in the EEA, UK, and Switzerland:
If you are a resident of the European Economic Area (EEA), the United Kingdom, or Switzerland, we will only transfer your personal data to third countries if we have implemented appropriate legal safeguards. We rely on the following mechanisms:

Adequacy Decisions: We may transfer your data to countries that have been officially recognized by the European Commission (or the UK Government) as providing an adequate level of data protection.
Standard Contractual Clauses (SCCs): For transfers to countries without an adequacy decision (such as the United States or Türkiye), we rely on legally binding agreements known as Standard Contractual Clauses, which have been approved by the European Commission and the UK Information Commissioner’s Office. These clauses contractually obligate us and our third-party service providers (such as Amazon Web Services) to protect your data to the same strict standards required in Europe.

By using our Service and providing your consent where required, you acknowledge the transfer of your information to these facilities and to the third parties with whom we share it as described in this Policy. You may request a copy of the Standard Contractual Clauses we use by contacting us at info@nopact.com.

DATA RETENTION AND DELETION

We retain your personal information only for as long as is strictly necessary to fulfill the purposes for which it was collected, as outlined in this Privacy Policy, or as required to comply with our legal obligations, resolve disputes, and enforce our agreements.

Our specific retention periods are determined by the following criteria:

Active Accounts: We retain your account information and game progression data for as long as your account remains active. If your account is inactive for a continuous period of 12 to 24 months, we will notify you and subsequently delete or anonymize your data.
Customer Support: Information provided for customer service inquiries is retained until the issue is resolved, and for a short period thereafter (12 months) for quality assurance and legal defense purposes.
Analytics and Marketing: Data collected via third-party tracking tools for analytics or marketing is retained according to the default retention periods of those specific platforms (typically 14 to 26 months), after which it is automatically deleted or aggregated.
Legal and Financial Obligations: We may retain transaction or purchase history for longer periods (e.g., up to 10 years) where required by applicable tax, accounting, or commercial laws.

What Happens When Data is Deleted:
When your data reaches the end of its retention period, or when we fulfill a valid deletion request from you, your personal information will be permanently and securely deleted from our active databases. We may alternatively irrevocably anonymize the data so that it can no longer be linked back to you, which we may keep indefinitely for statistical research.

Backups and Archives:
Upon deletion from our active systems, residual copies of your data may temporarily remain in our encrypted backup systems designed for disaster recovery. This backup data is isolated, not processed for any other purpose, and will be permanently overwritten and destroyed as part of our automated backup cycling process.

CHILDREN’S PRIVACY AND AGE OF CONSENT

Protecting the privacy of young users is highly important to us. Our Services are not directed at, and we do not knowingly collect personal data from, children under the applicable legal age of digital consent in their jurisdiction.

For users in the United States: In compliance with the Children’s Online Privacy Protection Act (COPPA), we do not knowingly collect or solicit personal information from anyone under the age of 13.
For users in the European Economic Area (EEA) and the United Kingdom: In compliance with the General Data Protection Regulation (GDPR) and UK GDPR, we do not knowingly collect or solicit personal information from anyone under the age of 16, unless a lower age of consent (no lower than 13) is specifically established by your country of residence.

If you are under the applicable age of consent in your region, please do not use our Services, attempt to register an account, or send any personal data to us. We do not offer a mechanism for verified parental consent at this time.

Discovery and Deletion:
If we learn that we have inadvertently collected personal data from a child under the applicable legal age of consent without verified parental authorization, we will take immediate steps to permanently delete that information from our records. If you are a parent or guardian and believe that we might hold any information from or about your child, please contact us immediately at info@nopact.com.

CHANGES TO THE POLICY
We reserve the right to change this Policy at any time. If we decide to change this Policy, we will post those changes on this page and update the date at the top of the page. The changes will be effective when posted. Please check this page on a regular basis so that you remain aware of what information we collect and how we use it.

PARTNER AND VENDOR PRIVACY POLICY LINKS

https://unity.com/legal/privacy-policy
https://www.apple.com/legal/privacy/en-ww/
https://policies.google.com/privacy
https://www.adjust.com/terms/privacy-policy
https://legal.applovin.com/privacy/
https://www.facebook.com/privacy/policy/
https://amplitude.com/privacy
https://www.gameanalytics.com/trust
https://www.mintegral.com/en/privacy
https://advertising.inmobi.com/privacy-policy
https://www.digitalturbine.com/legal/privacy-policy
https://www.pangleglobal.com/privacy/enduser-en
https://www.bidmachine.com/privacy-policy
https://bigoads.com/privacy
https://liftoff.ai/privacy-policy/
https://cdn.iads.unity3d.com/privacy-policy/privacypolicy.html

CONTACT INFORMATION

For the purposes of applicable data protection laws, including the GDPR, the Data Controller responsible for your personal information is:

NP Yazılım ve Bilişim Hizmetleri A.Ş. (no-pact)

Istanbul, Türkiye

Email: info@nopact.com

Data Protection Officer (DPO) / Privacy Team:
If you have specific questions about how we handle your data, wish to exercise your privacy rights, or want to contact our Data Protection Officer, please email us at: info@nopact.com.