🔓

Privacy Policy

Introduction (Last Updated: May. 16th 2025)

This Privacy Policy ("Policy") explains how GenPlay ("Company," "we," "us," or "our") collects, uses, shares, and protects the personal information of users ("you") of our mobile application and related services (collectively, the "Services"). We take your privacy very seriously and are committed to complying with applicable laws and protecting your personal information.

Please read this Policy carefully. By accessing or using our Service, you agree to the terms of this Policy. If you do not agree with the terms of this Policy, please do not access or use the Service.

Information We Collect and How We Collect It

We may collect your personal information in the following ways:

Information You Provide Directly:

Account Creation (via OAuth): When you sign up for or log in to our Services using your Google or Apple account, we may receive information from the respective OAuth provider, such as your email address, username (or profile name), and profile picture (if permitted by the provider and consented to by you). We do not collect or store your passwords directly.
User-Generated Content (UGC): Any content you create or share on the Services, such as game play videos, screenshots, related text descriptions, and comments, may contain personal information. This can include your or others' likeness (image), voice, in-game chat content, and user IDs visible in the video.
Customer Support and Inquiries: When you request customer support or contact us, we may collect information you provide, such as the content of your inquiry, your email address, and device information necessary to resolve the issue.

Information Automatically Collected During Service Use:

Device Information: Model of your mobile device, operating system (OS) version, language settings, unique device identifiers (e.g., Advertising ID (ADID, IDFA) - however, we do not use these for personalized advertising and may collect them only for limited purposes such as service analytics and fraud prevention), IP address.
Log Information: Time of your service use, access IP address, app version information, error logs, and service activity records (e.g., videos watched, features clicked).
Cookies and Similar Technologies: We may use cookies and similar technologies (e.g., local storage) to provide the Services, improve user experience, and analyze service usage. You may refuse the use of cookies through your browser or device settings, but this may limit your ability to use some features of the Services.

Information Collected from Non-Registered Users: Even if you use the Services without an account, we may automatically collect certain information, such as your IP address, device information, and service usage records. Such information is collected in a non-directly identifiable form or limited to the minimum necessary for service provision and analysis.

How We Use Your Information

We use the personal information we collect for the following purposes:

Providing and Operating the Services: Creating and managing accounts, identifying and authenticating users, storing, processing, displaying, and streaming UGC (videos, etc.) you upload, linking to game store download pages, and providing the seamless functionality of the Services.
Improving Services and Developing New Services: Enhancing user experience, analyzing service usage statistics (using de-identified or anonymized data where possible), resolving errors, and conducting research for the development of new features and services.
User Support and Communication: Responding to customer inquiries and resolving issues, delivering important notices regarding the Services, and informing you of changes to our terms and policies.
Legal Compliance and Dispute Resolution: Complying with applicable laws or regulatory requirements, responding to orders from government authorities or courts, investigating and preventing violations of our service terms, and assisting in the resolution of disputes between the Company and users or among users.
Enhancing Security and Preventing Misuse: Maintaining the security of the Services, protecting system integrity, and detecting and responding to abusive or fraudulent activities (e.g., violations of terms, uploading illegal content).

We will not use your personal information beyond the scope of the purposes stated above, and notably, we do not provide your personal information to third parties for personalized advertising purposes.

How We Share Your Information

As a general principle, we do not share your personal information with external parties or provide it to third parties without your consent. However, we may provide personal information in the following exceptional cases:

With Your Prior Consent: We may share information restrictively only when you have explicitly consented to the provision of such information.
When Required by Law or for Investigative Purposes: If required by a court order, subpoena, or other legitimate legal process, or if requested by law enforcement agencies according to procedures and methods prescribed by law for investigative purposes.
For Essential Service Provision (Limited):

OAuth Providers (e.g., Google, Apple): When you log in via OAuth, minimal information (e.g., authentication tokens) may be exchanged with the respective provider. This is part of the information you have already provided to that OAuth provider and is essential for implementing the login functionality.
Cloud Service Providers (e.g., Amazon Web Services): We use trusted cloud service providers like AWS for service operation and data storage. In this case, your data may be stored and processed on AWS servers located in the United States, which may constitute a 'data processing entrustment.' We manage and supervise such entrusted parties to ensure their compliance with data protection laws when entering into such agreements.

Affiliated Entities: If we engage in a business transaction such as a merger or acquisition, your data may be transferred as part of the agreement.
To Avert Imminent Danger to Life or Bodily Harm: If deemed clearly necessary for the urgent protection of the life, body, or property interests of you or a third party.

Under no circumstances do we sell your personal information to third parties or provide it for personalized advertising purposes.

User-Generated Content and Public Information

User-Generated Content (UGC) such as videos, comments, and profile information that you upload to the GenPlay Services may be visible to other users of the Services. When you upload or share UGC, you should be aware that any personal information contained within that content (e.g., your face, voice, real name, contact information) may be disclosed to others.

Please note the following in particular:

Scope of Disclosure: Videos you upload and related information (descriptions, tags, etc.) are generally made public for other users to search and view.
Personal Information in UGC: If your video contains your own or others' likeness, voice, in-game IDs, etc., this may be exposed to other users. You are responsible for obtaining any necessary lawful consent from third parties before uploading content containing their personal information. We may not be liable for issues arising from such actions.
Profile Information: Certain parts of your profile information, such as your username (nickname) and profile picture, may be visible to other users within the Services.

You should exercise caution when posting content or sharing information on the Services and avoid including sensitive personal information that you do not wish to make public.

Children's Privacy

The GenPlay Services are not directed to children under the age of 13 (or the applicable age that defines a child in your country of residence). We do not knowingly collect personal information from children under 13.

If we obtain "actual knowledge" (e.g., through a report from a parent or legal guardian, or discovery of content clearly indicating a child's personal information) that we have collected personal information from a child under 13, we will promptly delete that information or take reasonable steps to obtain verifiable consent from the child's parent or legal guardian if required by law.

Parents or legal guardians who believe that their child has provided personal information to us without their consent should contact us using the contact information provided in the section below. We will review the information and take appropriate actions, including deletion.

Users must not upload personal information of children under 13 (such as photos, videos, names, etc.) to the Services without the explicit and verifiable consent of their parent or legal guardian. This is also prohibited under our Terms of Service.

Your Rights and Choices

You may have the following rights under applicable law, and we respect and support your exercise of these rights:

Right to Access: You may request to access the personal information we hold about you at any time.
Right to Rectification: If your personal information is inaccurate or incomplete, you may request its correction.
Right to Deletion/Erasure: You may request the deletion of your personal information under certain conditions, such as when you delete (deactivate) your account or when the purposes for collecting and using your personal information have been achieved.
Right to Restrict Processing: You may request the restriction of processing of your personal information under certain conditions.
Right to Data Portability: Under certain conditions, you may have the right to receive the personal information you provided in a machine-readable format or to request its transfer to another controller.

California Resident Rights:

If you are a California resident, you may have additional rights under CalOPPA and other California laws.

Information Disclosure: This Privacy Policy discloses the categories of personal information we collect and the purposes for which it is used.
"Do Not Track" Signals: Some web browsers offer a "Do Not Track" (DNT) signal. As there is currently no uniform standard for DNT signals, our Services do not specifically respond to them at this time. However, we do not provide your personal information to third parties for personalized advertising purposes.
Should laws such as the CCPA/CPRA become applicable to us in the future, we will ensure additional rights under such laws (e.g., the right to opt-out of the "sale" of personal information - which is not applicable to us, the right to non-discrimination, etc.), and detailed information will be provided separately.

How to Exercise Your Rights:

To exercise the rights described above, please contact us at the email address provided in the section below. We will process your request within a reasonable period after receipt and notify you of the results. We may request additional information to verify your identity when processing your request.

Data Security

We take reasonable technical, administrative, and physical security measures to protect your personal information.

Technical Measures:
Data Encryption: Your personal information may be encrypted during transmission (using SSL/TLS) and when stored (e.g., using encryption features provided by AWS).
Access Control: Access to personal information processing systems is granted only to a minimum number of personnel necessary for performing their duties, and Role-Based Access Control (RBAC) is applied. We manage access using tools like AWS IAM (Identity and Access Management).
Security Systems: To prevent leakage or damage of personal information due to hacking or viruses, we install security programs, conduct periodic updates and inspections, install systems in areas where external access is controlled, and monitor and block access technically and physically.
Administrative Measures:
Internal Management Plan: We establish and implement an internal management plan for the secure processing of personal information.
Regular Employee Training: We conduct regular training on personal information protection for employees who handle personal information.
Use of OAuth Authentication: By using Google/Apple OAuth authentication, we do not directly store or manage your service passwords, thereby reducing related security risks.

While no security measure is perfect, we will continuously strive to protect your personal information. In the event of a security incident such as a data breach, we will endeavor to respond promptly and notify you in accordance with applicable laws.

Data Retention and Deletion

We, in principle, destroy your personal information without delay after the purposes of its collection and use have been achieved. However, if it is necessary to retain personal information pursuant to the provisions of applicable laws, we may store it for a certain period prescribed by such laws.

Retention Period:
Member Information: Until membership withdrawal (account deletion). However, it may be retained for a certain period after withdrawal for purposes such as dispute resolution and compliance with legal obligations.
UGC (Videos, etc.): Retained until you delete the content yourself or withdraw your membership. However, it may be exceptionally retained if necessary for legal compliance or actions under the Terms of Service.
Automatically Collected Information (Log Records, etc.): Retained for the minimum period necessary for service analysis and improvement, and fraud prevention (e.g., 3 months to 1 year), and then destroyed.
Destruction Procedure and Method:
Personal information stored in electronic file format is permanently deleted using a technical method that makes a record unrecoverable.
Personal information recorded and stored in paper documents is shredded or incinerated.

We regularly review and manage personal information to avoid retaining unnecessary data.

Third-Party Links and Services

Our Service may contain links to third-party websites or applications, including game download links. We are not responsible for the privacy practices of these third-party services.

Data Protection Contact Information

To protect your personal information and handle complaints and inquiries related to personal information, we have designated the following data protection department and contact information:

Department: Privacy Team
Email Address: privacy@gameplaylabs.org

You may report or make inquiries regarding any privacy-related concerns arising from your use of the Services to the above contact department, and we will respond to your reports and inquiries promptly and sufficiently.

Changes to This Privacy Policy

When we make changes to this Privacy Policy, we will revise the "Last Updated" date at the top of this Policy and post the updated Policy on our Service.

For non-material changes that do not significantly alter your rights or the way we handle your personal information, the revised Policy will be effective immediately upon posting, with the "Last Updated" date reflecting the date of the revision. We encourage you to review this Policy periodically to stay informed of our practices.
For material changes that significantly affect your rights or the way we process your personal information (such as, but not limited to, collecting new categories of personal data, using your data for new purposes not previously disclosed, or sharing your data with new categories of third parties for different objectives), we will provide you with reasonable advance notice before such changes take effect. This notice will be provided through prominent means, such as via email to your registered email address or a conspicuous notice within our Service.