top of page

Privacy Policy

1. Introduction

At NIGHTBYTE GAMES YAZILIM VE TEKNOLOJİ A.Ş., we value your privacy and are committed to protecting your personal data. This policy outlines how we collect, use, and protect your information in compliance with the Personal Data Protection Law – Turkey (Kişisel Verilerin Korunması Kanunu – KVKK), General Data Protection Regulation (GDPR), Children’s Online Privacy Protection Act (COPPA), Personal Information Protection and Electronic Documents Act - Canada (PIPEDA), California Consumer Privacy Act (CCPA), EU e-Privacy Directive (2008/52/EU), and other international laws where applicable.

2. Data Collection and Use

We collect personal data under the requirements of KVKK, GDPR, PIPEDA, and other applicable regulations:

  • Personal Information: Name, e-mail address, account details, and contact information.

  • Payment Data: Transaction history, credit card information (processed via third-party payment processors).

  • Device and Log Information: IP address, operating system, browser type, and device information.

  • Usage Data: In-game behaviors, chat logs, interaction history, and user preferences.

  • Third-Party Data: Social media integration or other connected platforms where users choose to log in with third-party credentials (Facebook, Google etc.).

  • Cookies and Tracking Technologies: We use cookies to track your preferences and gather usage statistics. You can manage these through your browser settings.

Data Usage Purposes:

  • Service Provision: To provide, improve, and personalize our services and handle transactions.

  • Security and Compliance: To manage player behavior, maintain the security of our services, and prevent fraud or cheating.

  • Analytics and Marketing: For analytics and advertising purposes, including targeted marketing based on your consent.

  • Legal Compliance: To comply with legal obligations or protect vital interests in accordance with KVKK, GDPR, and PIPEDA.

3. Third-Party Data Sharing

We share your personal data with trusted third parties, ensuring full compliance with KVKK, GDPR, and PIPEDA. The data shared depends on the services we provide and the region in which you reside.

  • Service Providers: These include payment processors, cloud storage services, analytics providers, and customer support platforms. These service providers process data on our behalf and are contractually obligated to protect the confidentiality and security of your information.

  • Marketing Partners: We may share non-personally identifiable data with advertising platforms (such as Google Ads, Facebook Ads) to deliver targeted advertisements based on your behavior and preferences. These third parties help us analyze the effectiveness of marketing campaigns and understand user interaction with our services.

  • Game Developers and Publishers: To provide certain features, such as cross-platform gameplay, we may share data with external game developers or publishers. The shared data is limited to the minimum necessary to deliver the requested feature.

  • Legal and Regulatory Disclosures: We may disclose your personal data to governmental authorities or regulatory bodies in response to lawful requests, such as subpoenas or court orders, and in compliance with local laws.

4. International Data Transfers

We operate globally, and your data may be transferred to and processed in countries outside of your jurisdiction. When data is transferred internationally, we ensure it is adequately protected in compliance with KVKK, GDPR, and PIPEDA. We rely on the following safeguards to protect data during international transfers:

  • Standard Contractual Clauses (SCCs): We implement SCCs for data transfers outside the European Economic Area (EEA) to ensure that your data remains protected.

  • Adequacy Decisions: If data is transferred to countries that have been recognized as providing an adequate level of data protection by relevant authorities (e.g., the European Commission), we transfer data in compliance with those adequacy decisions.

  • Other Safeguards: Where SCCs or adequacy decisions are not applicable, we implement other appropriate safeguards to ensure that your data is protected.

5. Cookies and Tracking Technologies

We and our third-party partners use cookies and similar technologies in accordance with KVKK, GDPR, and the e-Privacy Directive to enhance your experience, analyze trends, and gather demographic information.

Types of Cookies Used:

  • Essential Cookies: These cookies are necessary for the basic operation of our services, such as keeping you logged in or remembering items in your cart.

  • Performance and Analytics Cookies: These cookies help us understand how users interact with our services, improve performance, and gather usage statistics.

  • Targeting and Advertising Cookies: These cookies are used to deliver personalized advertisements across different platforms based on your activity and preferences.

Managing Cookies: You can manage cookies by adjusting your browser settings to limit or disable them. However, please note that disabling cookies may affect the functionality of our services.

6. User Rights

As a user, you have several rights related to your personal data under KVKK, GDPR, PIPEDA, CCPA, and other applicable laws. These rights include:

  • Access: Request a copy of the personal data we hold about you.

  • Correction: Request that we correct any inaccuracies or incomplete data.

  • Deletion: Request the deletion of your personal data under certain circumstances ("right to be forgotten").

  • Restriction of Processing: Request that we limit the processing of your data under specific conditions.

  • Data Portability: Request a structured, machine-readable copy of your data and transfer it to another service provider.

  • Withdraw Consent: Withdraw consent for data processing at any time where consent is the legal basis for processing.

  • Opt-out of Marketing: Opt-out of receiving marketing communications or personalized advertisements.

To exercise any of these rights, please contact us at contact@nightbytegames.com

7. Security and Data Retention

We implement appropriate security measures, including encryption and access control, to protect your personal data from unauthorized access, alteration, or misuse. We retain your data only for as long as necessary to fulfill the purposes outlined in this policy or to comply with legal obligations. Once your data is no longer needed, it is securely deleted or anonymized.

8. Child Privacy

We comply with applicable regulations, including KVKK, GDPR, COPPA, and PIPEDA, when collecting personal data from children. Depending on the region, specific age-related consent requirements apply:

  • Parental Consent: We require verifiable parental consent before collecting data from children under the applicable age threshold.

  • Parental Rights: Parents can review, delete, or withdraw consent for the further collection of their child’s personal data.

  • Data Minimization: We only collect the data necessary to provide services to children, ensuring data protection by design and default.

9. Voice and Text Data Collection

For services with voice or text chat functionality, we may collect and review communication data to enforce community guidelines, prevent harassment, and detect cheating. This data is securely stored and only reviewed when necessary, such as when a user reports misconduct. Once no longer required, the data is deleted.

10. Changes to this Policy

We may update this privacy policy periodically to reflect changes in our practices or legal requirements. When significant changes are made, we will notify you via email or through in-app notifications. We encourage you to review this policy regularly.

11. Contact Us

If you have any questions or wish to exercise your rights, please contact us at:

NIGHTBYTE GAMES YAZILIM VE TEKNOLOJİ A.Ş.

contact@nightbytegames.com

Müeyyetzade Mah. Kemeraltı Cad. BAU No: 24 İç Kapı No: 3 Beyoğlu / İstanbul

Additional Information for Canadian Users

If you are a resident of Canada, your personal data is processed in accordance with PIPEDA. In addition to the general rights outlined, Canadian users have the following rights:

  • Access: You have the right to request access to your personal data at any time. You can also request to know how we have collected and used your information.

  • Correction: If the information we hold about you is inaccurate, you can request to have it corrected.

  • Withdrawal of Consent: You may withdraw your consent at any time, subject to legal or contractual restrictions.

  • Data Security: We follow PIPEDA guidelines to ensure your personal data is kept secure, including encryption and secure storage.

For Canadian users, any complaints regarding data protection can be directed to the Office of the Privacy Commissioner of Canada (OPC).

Additional Information for Californian Users

As a resident of California, you are entitled to specific rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: You can request detailed information regarding the categories and specific pieces of personal data we collect about you, the sources from which we collect it, the purposes for collecting it, and the third parties with whom we share it.

  • Right to Delete: You may request that we delete your personal data, subject to exceptions (such as legal requirements or ongoing service provisioning).

  • Right to Opt-Out of Data Sales: Under the CCPA, you have the right to opt-out of the sale of your personal data. While we do not sell personal data, you can exercise this right to prevent data sharing with third parties for targeted advertising purposes.

To submit a CCPA request, please contact us using the details in the Contact Us section.

Additional Information for EU Users

If you are an EU resident, your personal data is processed in accordance with the General Data Protection Regulation (GDPR). As an EU user, you have enhanced rights under GDPR, including:

  • Right to Access: You have the right to request access to the personal data we hold about you, along with details about how we process it.

  • Right to Rectification: You can request the correction of inaccurate or incomplete data.

  • Right to Erasure: Also known as the "right to be forgotten," you can request that we delete your data when it is no longer needed, or when you withdraw consent.

  • Right to Restriction: You can ask us to limit the processing of your personal data in specific circumstances.

  • Right to Data Portability: You can request a copy of your data in a structured, machine-readable format and transfer it to another service provider.

  • Right to Object: You can object to the processing of your personal data for certain purposes, such as direct marketing or profiling.

  • Right to Lodge a Complaint: If you believe your data rights have been violated, you have the right to lodge a complaint with your local Data Protection Authority (DPA).

We take the necessary steps to ensure that your data is processed securely and in full compliance with GDPR. For any questions or to exercise your rights, please contact us through the details provided in the Contact Us section.

bottom of page