[Latest Updated: 01/19/2026]
Welcome to Arknights: Endfield! We take your privacy seriously!
The data controller under this Privacy Policy (this “Policy") is Gryph Frontier Pte. Ltd. (“Gryph Frontier”, “we”, “us” or “our”).
This Policy applies to your interaction with our game or related services (collectively, the "Services") via our websites, mobile applications, or other third - party platforms authorized by us. This Policy describes the categories of personal data we collect, how we use it, how and when it may be shared, and how we store and protect it (collectively, “process”), as well as the rights and choices you have with respect to your data.
Please read this Policy carefully before using the Services. If you have any questions regarding this Policy, you may contact us at privacy@gryphline.com. If you do not agree with our policies and practices, please do not use our Services.
If you reside in the European Economic Area (EEA), the United States, or other specific jurisdictions, additional or different provisions may apply. Please refer to the "Appendix: Jurisdiction-Specific Supplements" for full details.
In the event of any conflict or inconsistency between the English version and any other language of this Policy, the English version shall prevail.
Table of Contents
1. How We Collect and Use Your Personal Data
2. Sources of Your Personal Data
3. Cookies and Similar Technologies
4. How We Share Your Personal Data with Third Parties
5. Your Rights
6. Children’s Privacy
7. International Transfers of Your Personal Data
8. Data Retention
9. Data Security
10. Changes to this Policy
11. Contact Us
Appendix: Jurisdiction-Specific Supplements
• European Economic Area (EEA), Switzerland, and the United Kingdom
• United States (California)
• United States (Virginia, Colorado, Connecticut, Utah, Oregon, Texas, Montana, Delaware, Iowa, Nebraska, New Hampshire, and New Jersey)
• Japan
• Republic of Korea
• Singapore
• Thailand
• Canada
• Australia
1. How We Collect and Use Your Personal Data
Registration and Login
You can register a Gryphline Account using your email address (which serves as a unified account for logging in to other games, communities, and other products and services). Alternatively, you can log in with a third-party account to create a game account.
• Gryphline Account: If you register using your email address, we will collect the email address and username you provide.
• Third-Party Account: If you choose to log in using a third-party account (e.g., Facebook, Google, Apple), we will collect the data you authorize the third party to share with us (typically including authorization ID, nickname, avatar, Open ID, and User Token).
Age Verification
We may ask for your country/region and age information to determine if we need to obtain consent from your parent or legal guardian.
Profile Page
You may decide which information to display on your profile page, such as your avatar, nickname, bio, and gameplay data (e.g., your game characters). This information will be visible to other players. You manage or hide this information at any time.
Playing the Game
When you play the game, we automatically collect the following device and application data:
• IP Address: We collect your IP address to determine your country or region so that we can provide the game services applicable to your jurisdiction.
• Gameplay Data: We collect your gameplay data (e.g., game progress data, such as game level and scores, game behavior data, game logs, and game statistics) to enable you to view your gameplay history, and for the purposes of operational analytics, customer support, and maintaining game security.
• Device Data (e.g., Mobile Devices or PCs): We collect this data to ensure the game functions properly, adapt to your device environment, maintain network stability, and identify and resolve potential technical issues or functional anomalies.
Sharing on Social Media
When you decide to share your gaming moments on social media (such as Facebook, TikTok, X, or Naver), the shared materials may contain specific gameplay information (e.g., in-game screenshots, gacha results, and factory blueprints).
Payments
When you make in-game purchases, we collect your recharge history, purchase history, order number/transaction ID, order timestamp, and transaction amount to verify your transaction and protect the security of your virtual items.
To facilitate faster checkouts for future purchases, you may choose to save your payment account information (e.g., your PayPal account or other details you voluntarily provide). We will encrypt and store such information and implement strict access controls to safeguard your data security. Additionally, if you are located in the United States or Canada, we collect your postal code to determine the applicable tax rate. You may withdraw your consent at any time by unchecking the relevant option during a future transaction. Once unchecked, we will no longer retain the previously saved information.
In-Game Social Interaction
You may team up with other players, add friends, and communicate via in-game text chat. When other players view your profile by clicking on your avatar, they will see the public information you choose to showcase on your profile page (such as your avatar, nickname, bio, and specific gameplay data). When you become friends with another player, we will store this friend relationship. You may also communicate with other players using preset dialogue options in the game.
Customer Support
When you contact our customer support team for assistance, troubleshooting, or general inquiries, we collect the information you voluntarily provide (including purchase data you provide to explain the issue, device data, contact details, and other supporting materials), as well as relevant gameplay and account data automatically collected by our system to help diagnose and resolve the reported issue.
Direct Marketing
If you consent to receive marketing communications from us, we will send you news, event updates, and promotional information related to the game. You may unsubscribe at any time via the toggle in the game’s “Settings” menu, or by following the unsubscribe instructions included in the marketing communications.
Participation in User Surveys, Marketing Campaigns, and Other Events
When you participate in our user surveys, marketing campaigns, or other events, we collect the personal data you voluntarily provide (e.g.,your email address), subject to the specific requirements of each event.
If you win a physical prize by participating in our events, we will collect your name, shipping address, postal code, and contact details for prize fulfillment and delivery. If you win a digital prize, we will collect your email address to deliver the reward. You may withdraw your consent or request the deletion of this data at any time by contacting us at privacy@gryphline.com.
Reporting
When you report a user for cheating or violating our User Agreement, we collect the information you voluntarily provide, including the reason, incident description, and time of the report, to verify the alleged misconduct and take appropriate enforcement actions.
Exercising Your Rights
When you submit a request to exercise your rights over your personal data (such as accessing or deleting your data), we require specific information to verify your identity, validate, process, and respond to your request. This includes your country/region, email address, user ID, account information, and any other supporting information necessary to verify your identity and fulfill your request.
Advertising and Analysis
To measure the effectiveness of our ads, we may automatically collect your advertising identifier (e.g., IDFA in iOS or GAID on Android), device information, network data, in-app activity data, interaction data, and IP address. Furthermore, to conduct necessary data analysis to provide you with better services, we may also automatically collect interaction data related to your use of our Services (e.g., the advertisements you view). You may manage your preferences and withdraw your consent at any time through the Cookie Management Tool we provide. You can also limit ad tracking and withdraw consent for advertising identifiers through system settings of your mobile phone, iPad, or other devices (e.g., "Tracking" settings on iOS or "Ads" settings on Android).
Game Tools
We provide certain game tools to enhance your gaming experience. To enable you to view comprehensive character progression status, generate detailed growth recommendations, and help you view and manage character configurations, we will—subject to your authorization—synchronize specific game data (such as game card, characters, outfits, infrastructure, battle records, and real-time gameplay data) to our game tools page. You may access and log in to the corresponding page of the official community directly through the game tool. You may withdraw your authorization at any time through the authorization toggle within the game.
Network and Operational Security
To provide a fair, safe, and stable online environment, we automatically collect certain personal data such as account information, device information, in-game screenshots, and anti-cheating related information, for the purposes of security verification (e.g., password settings, login device records), cheating behavior identification and detection, account maintenance (e.g., password recovery, account status checks), account risk identification (e.g., abnormal login alerts, login device management), troubleshooting, and detecting offensive or sensitive language. Additionally, given the multi-version nature of the Game, your data may be used to support, optimize, and maintain the development and updates of different game versions. To achieve these purposes, we automatically collect IP address, Open ID, as well as device logs, system information, and application data.
Error, Fault, and Crash Handling
We automatically collect your personal data to analyze the causes of errors, resolve crash issues, optimize performance, and improve overall stability. The specific data collected may vary depending on the device. To achieve these purposes, we automatically collect user ID, Identifier for Vendor (IDFV), game logs, device data, system data, process data, network data, and application data.
In addition to the purposes described above, we may also process your personal data to analyze and improve the performance and quality of the Services, to comply with legal obligations and respond to lawful requests from public authorities, to establish, exercise, or defend legal rights, to conduct user research and related studies, and for any other purposes that we disclose at the time of collection or that are carried out with your consent where required.
2. Sources of Your Personal Data
We primarily collect your personal data in the following ways:
• Data you voluntarily provide directly to us;
• Data automatically collected from your mobile phone, computer, and other devices and applications through automated means.
We may also collect personal data from:
• Other game players;
• Our service providers and business partners, including advertising networks;
• App stores and game download platforms;
• Social media and publicly sources;
• Inferences drawn from the data we hold.
3. Cookie and Similar Technologies
We and our third-party partners may use cookies, pixels, and other similar technologies to automatically collect data when you use our Services. For more information on how we use cookies and similar technologies, please refer to our Cookie Policy.
We use Google cookies, including Google Analytics. For details about how Google uses these cookies, please visit https://business.safety.google/privacy/. You may disable, limit, or remove these technologies through your browser or device settings. However, certain features of our Services may not function properly. Please note that cookie-based opt-out mechanisms do not apply to mobile applications. Information on how to opt out of personalized advertising in certain mobile can be found at the following links: Android System, iOS System and Other System.
4. How We Share Your Personal Data with Third Parties
We share your personal data with third parties only where necessary and in accordance with applicable laws, specifically as follows:
Our Affiliates
To achieve the purposes set out in this Policy, we may disclose your personal data to our affiliates. We require that affiliates handle and protect your personal data strictly in accordance with this Policy.
Regulatory Authorities, Judicial Authorities, and Law Enforcement Agencies
We may disclose your personal data when we believe in good faith that disclosure is necessary to respond to lawful requests (such as court orders, search warrants, or subpoenas) from public authorities (based on national security, law enforcement, or legal processes). In such circumstances, we may not be permitted to obtain your consent or notify you in advance.
Third-Party Service Providers and Business Partners
We may disclose your personal data to our third-party service providers and business partners, including third-party account login service providers, data analysis service providers, advertising service providers, cloud service providers, and payment service providers.
Business Transfers and Acquisitions
If we participate in or are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, asset sale, or service migration to other providers, your personal data may be sold or transferred as part of such transaction in accordance with law and/or contract.
Other Third Parties
We may disclose your personal data for security or protection needs, including where we believe in good faith that an emergency poses a risk to your health or safety, or to that of others or the public. We may also disclose such information as necessary to protect the legal rights or property of Gryph Frontier or relevant third parties, provided such disclosure complies with laws and regulations.
5. Your Rights
Depending on applicable data protection laws, you may have different data subject rights. For details on the specific rights and how to exercise them under the laws of different jurisdictions, please refer to the appendix applicable to you. If you wish to exercise any of these rights, please send an email to privacy@gryphline.com.
We will respond within the statutory period. To ensure your data security (e.g., preventing unauthorized data processing), we may require you to provide necessary additional information for identity verification. Your rights may include:
• Right to Know: Confirm whether we are processing your personal data.
• Right to Access and Data Portability: You may access the personal data we maintain about you, how it is processed, and with whom it is shared. Certain personal data can be viewed directly in your account profile after you log in. In certain jurisdictions, you may also have the right to obtain a copy of specific personal data we process about you, including personal data processed on the basis of your consent or under a contract with you.
• Right to Rectification: You may ask us to correct any inaccurate or incomplete personal data that we hold about you. In some cases, we may provide self-service tools for you to correct personal data.
• Right to Erasure: You may request to delete your personal data or your account at: [Settings] – [User Center] – [Game Management] – [Delete Game Account]. Where applicable laws allow or require us to retain certain personal data for legitimate purposes—such as complying with legal obligations or for the establishing, exercising, or defending legal claims—we will retain such data and inform you accordingly.
• Right to Restrict or Object to Processing: You may request that we restrict the processing of your personal data in certain circumstances, specifically when:
• You dispute the accuracy of your data;
• The processing is unlawful, and you prefer that the data be restricted rather than erased;
• We no longer need your data for processing purposes, but you need it to establish, exercise, or defend legal claims; or
• You have objected to certain processing activities and are awaiting our determination of the outcome.
• Right to Withdraw Consent: Subject to applicable laws, you may withdraw your consent you have previously provided for specific processing activities. Please note that this right applies only where we rely on your consent as the legal basis for processing. Note that this will not affect the lawfulness of processing based on consent before its withdrawal, nor will it affect processing based on lawful grounds other than consent.
• Right to Appeal Our Decision: Where permitted by applicable law, you may appeal our decision regarding your request by notifying us and providing supporting information relevant to your appeal.
• Right to Lodge a Complaint: If you believe we have violated data protection laws, you may lodge a complaint with the supervisory authority in your jurisdiction or file a lawsuit with the competent judicial authority.
6. Children’s Privacy
We are committed to continuously protecting children's privacy. Under applicable laws, child users must secure verifiable consent from a parent or legal guardian before accessing or using the Services.
We do not intentionally collect personal data from children without the consent of their parents or legal guardians. If we become aware that a child has provided personal data to us in violation of applicable laws, we will delete such data (unless we are legally obligated to retain it) and, where applicable, terminate the child’s account. If you believe that we may possess any personal data regarding a child, please contact us at privacy@gryphline.com.
7. International Transfers of Your Personal Data
Your personal data may be processed on servers located in Singapore, Japan, Germany, and the United States, and stored in our data center in Singapore. The data protection laws in these jurisdictions may differ from those in your jurisdiction, and they may offer a lower level of protection. We will take appropriate safeguards to protect your personal data to ensure an equivalent level of protection as required by applicable laws. For information specific to certain jurisdictions, please refer to the appendix applicable to you.
For more details on the safeguards we adopt for the international data transfers, please contact us at privacy@gryphline.com.
8. Data Retention
The retention period for each category of personal data is limited to the time reasonably necessary to fulfill the purposes set out in this Policy and proportionate to those purposes, or for the period required to comply with legal requirements (e.g., tax, audit, or statutory obligations). Where it is not possible to define a fixed retention period, we will determine the retention duration based on documented criteria, such as the nature and sensitivity of the data, legal/audit requirements, security and fraud-prevention needs, and relevant technical or operational constraints. Once the personal data is no longer needed for these purposes, we will take technical and organizational measures to delete, de-identify, aggregate, or anonymize the data, in accordance with applicable legal requirements.
9. Data Security
We take reasonable and appropriate technical and organizational measures to protect your data and to ensure your data is processed safely in accordance with this Policy. The specific safeguards we use may vary depending on the sensitivity of your personal data involved.
However, despite our efforts to address potential security risks in our Services and in the systems where customer data is stored, no website, internet transmission, or data storage system can be guaranteed to be completely secure. We therefore cannot guarantee that unauthorized access, hacking, data loss, or other breaches will never occur, or that your information will be completely secure while it is being transmitted to our Services. If you have any questions about the security of our Services, please contact us at privacy@gryphline.com.
10. Changes to This Policy
We are committed to improving our Services and periodically introducing new features. These updates may require us to collect additional personal data or use existing data for new purposes. In addition, laws and regulations regarding personal data and privacy may change. As a result, we may need to revise this Policy from time to time. Any updated version will be marked with a new "Last Updated" date displayed at the top of this Policy. For material changes, we will notify you in the manner prescribed by applicable law and obtain your renewed consent where required. You understand and agree that, except for the aforementioned circumstances, if you continue to use our Services after this Policy is updated, you are deemed to have accepted the new version of this Policy. If you do not agree, you may stop using our Services. We encourage you to check the "Last Updated" regularly to stay informed of policy changes.
11. Contact Us
If you have any questions, comments, or concerns regarding this Policy and/or privacy practices, please contact us at privacy@gryphline.com.
Appendix: Jurisdiction-Specific Supplements
For users residing in the jurisdictions identified below, the jurisdiction-specific supplements shall apply to you.
European Economic Area (EEA), Switzerland, and UK
This section applies only to residents of the European Economic Area (EEA), the United Kingdom (UK), and Switzerland ("You"). This Appendix supplements the main body of this Policy. In the event of any inconsistency between this Appendix and the main body of this Policy, this Appendix shall prevail.
Data Controller, Collection, Use, Disclosure, and Retention of Personal Data
For information regarding the Data Controller and their contact details, the categories of personal data we process, the purposes of processing, the categories of recipients of personal data, and the criteria used to determine the retention period of personal data, please refer to the following sections of the main body of this Policy:
• How We Collect and Use Your Personal Data
• Personal Data Sources
• How We Share Your Personal Data with Third Parties
• Data Retention
To improve service quality and enhance your user experience, we may also share data with third-party service providers that have been designated as “Gatekeepers” under the Digital Markets Act (DMA). Such sharing involves transfer of your personal data described in this Policy for advertising and service-optimization purposes. You may withdraw consent at any time by contacting us at privacy@gryphline.com.
Legal Basis for Processing
Under applicable laws, we require a lawful ground ("Legal Basis") to process your data. The table below sets out the Legal Basis we rely on for each category of personal data processed. It also informs you of the possible consequences of failure to provide such data.
|
Scenario |
Personal Data |
Consequence |
Legal Basis |
|
Registration and Login |
• Gryphline Account: Email address, username • Third-party Account: Authorized ID, nickname, avatar, Open ID, user token |
If we do not collect or use this data, you will not be able to create or log in to an account to use our Services.
|
Necessary for the performance of our contract with you (provision of game services) or to take steps at your request prior to entering into a contract. |
|
Age Verification |
Age information, user country/region |
If we do not collect or use this data, we will not be able to determine whether we are required to obtain consent from your parent or legal guardian. |
Necessary for compliance with a legal obligation. |
|
Profile Page |
Avatar, nickname, bio, gameplay data (e.g., your game characters) |
If we do not collect or use this data, you will not be able to display such data on your profile page. |
We collect and use this data with your consent. |
|
Playing the Game |
IP address, gameplay data (including game progress data, game logs, game behavior data, and game statistics), device data |
If we do not collect or use this data, you will not be able to use the basic functions of our game (e.g., you will not be able to enter the game, connect to the network, save progress, or play normally). |
Necessary for the performance of our contract with you (provision of game services) or to take steps at your request prior to entering into a contract. |
|
Sharing on Social Media |
Gameplay information (e.g., in-game screenshots, gacha results and factory blueprints) |
If we do not collect or use this data, you will not be able to share content on social media. |
Necessary for the performance of our contract with you (provision of game services) or to take steps at your request prior to entering into a contract. |
|
Payments |
Recharge history, purchase history, order number/transaction ID, order timestamp, transaction amount |
If we do not collect or use this data, you will not be able to complete your payment using our payment features. |
Necessary for the performance of our contract with you (provision of game services) or to take steps at your request prior to entering into a contract. |
|
Express Checkout |
• Payment account information (e.g., your PayPal account and other payment account information you voluntarily provide) • Postal code (U.S. and Canada only) |
If we do not collect or use your payment account information, you will not be able to select credit card or PayPal as express checkout options for future payments; If we do not collect or use your postal code, we will not be able to calculate and apply the correct tax rate (U.S. and Canada only). |
We collect and use this data with your consent. |
|
In-game Social Interaction |
Avatar, nickname, bio, gameplay data, friend relationship, preset dialogue options |
If we do not collect or use this data, you will not be able to add friends, form teams, or use chat and other in-game social features. |
Necessary for the performance of our contract with you (provision of game services) or to take steps at your request prior to entering into a contract. |
|
Customer Support |
• Purchase data, device data, contact details, other supporting materials you voluntarily provide • Gameplay and account data related to customer service (for troubleshooting purposes) |
If we do not collect or use this data, we will not be able to verify your identity, troubleshoot and locate the issue, or process your request. |
Necessary for the performance of our contract with you (provision of game services) or to take steps at your request prior to entering into a contract. |
|
Direct Marketing |
Phone number, email address |
If we do not collect or use this data, you will not receive any marketing or promotional communications. |
We collect and use this data with your consent. |
|
Participation in User Surveys, Marketing Campaigns and Other Events |
• Data you voluntarily provide when you participate in our surveys, campaigns or other events (e.g., your email address) • Your name, shipping address, postal code and contact details (only if you win a physical prize) • Email address (only if you win a digital prize) |
If we do not collect or use the data required to take part in an event, you will not be able to participate in that event; If we do not collect or use the data required for prize delivery (such as the shipping data or email address), we will not be able to deliver any prize you have won to you. |
We collect and use this data with your consent. |
|
Reporting |
Description of the content you are reporting, the time the report is submitted, the reason for the report |
If we do not collect or use this data, you will not be able to submit a report or use the reporting feature properly. |
Necessary for the performance of our contract with you (provision of game services) or to take steps at your request prior to entering into a contract. |
|
Exercising Your Rights |
Your country/region, email address, user ID, account information |
If we do not collect or use this data, we will not be able to verify your identity and process your GDPR rights requests in a timely manner. |
Necessary for compliance with a legal obligation. |
|
Advertising and Analytics |
Advertising ID (e.g., IDFA in iOS or GAID on Android), device data, network data, in-app activity data, interaction data, IP address. |
If we do not collect or use this data, we will not be able to effectively measure the performance of our advertising campaigns or use analytics to improve and optimize the services we provide to you. |
We collect and use this data with your consent. |
|
Game Tools |
Game data (e.g., game card, characters, outfits, infrastructure, battle records, and real-time gameplay data) |
You will not be able to view a more complete picture of your character progression or receive more detailed build recommendations. You will also be unable to view or manage your character builds in the relevant game tools. |
We collect and use this data with your consent. |
|
Network and Operational Security |
IP address, Open ID, device logs, system data, application data |
If we do not collect or use this data, we will not be able to effectively carry out security verification, account risk identification (e.g., abnormal login alerts and login device management), troubleshooting, or the detection and filtering of offensive or sensitive content, and we may not be able to maintain a fair, secure and stable online environment. |
Necessary for the performance of our contract with you (provision of game services) or to take steps at your request prior to entering into a contract; Legitimate Interests (Network security, fraud prevention, maintaining a fair environment).
|
|
Error, Fault, and Crash Handling |
User ID, Identifier for Vendor (IDFV), game logs, device data, system data, process data, network data, application data |
If we do not collect or use this data, we will not be able to diagnose the causes of errors or crashes, fix related issues, or effectively maintain the stability and performance of our services. |
Necessary for the performance of our contract with you (provision of game services) or to take steps at your request prior to entering into a contract; Legitimate Interests (ensuring the stable and secure operation of our services, troubleshooting issues, and improving and optimizing our products and services). |
International Data Transfers
Your personal data may be transferred to countries and regions outside the EEA, Switzerland, and the UK (including the United States, Singapore, etc.). The European Commission has not issued an adequacy decision for these countries. To ensure your data receives a level of protection equivalent to that of the EEA, UK, and Switzerland after being transferred, we have entered into the European Commission’s Standard Contractual Clauses (SCCs) with our business partners and service providers and implemented other appropriate safeguards.
Your Rights
As a resident of the EEA, UK, or Switzerland, you have the following rights:
• Right of Access and Right to Data Portability: You may ask us to confirm whether we are processing your personal data, provide you with details of such processing, and give you a copy of your personal data. You may ask us to provide your personal data in a structured, commonly used, machine-readable format, or you can ask to have it ported directly to another controller.
• Right to Rectification: You may ask us to correct any inaccurate or incomplete personal data that we hold about you.
• Right to Erasure (Right to be Forgotten): You may ask us to delete the personal data that we hold about you.
• Right to Restriction of Processing: You may request that we restrict the processing of your personal data in certain circumstances (for example, where you believe that the personal data we hold about you is not accurate or lawfully held).
• Right to Object: You may request that we stop processing your personal data for specific purposes (including marketing and profiling).
• Right to Withdraw Consent: If we process your personal data based on your consent, you have the right to withdraw your consent at any time. You may withdraw consent by contacting us or updating your preference settings. Note that this will not affect the lawfulness of processing based on consent before its withdrawal, nor will it affect processing based on lawful grounds other than consent.
• Rights related to Automated Decision-Making: We do not employ solely automated decision-making, as a matter of course, that results in automated decisions being taken (including profiling) that legally affect you or similarly significantly affect you. Automated decisions are decisions made automatically based on computer determinations (using software algorithms), without human review. If you are to be subjected to automated decision-making, we will make it clear at the time and you have the right to contest the decision, to express your point of view, and to require a human review of the decision.
• Right to Lodge a Complaint: You have the right to lodge a complaint with the data protection authority in your country or the equivalent supervisory authority:
• EEA Data Protection Authorities (DPAs)
• Swiss Federal Data Protection and Information Commissioner (FDPIC)
• UK Information Commissioner’s Office (ICO)
If you wish to exercise these rights, you may contact our Data Protection Officer (DPO) by emailing privacy@gryphline.com. To ensure data security (e.g., to prevent unauthorized data processing), we may require you to provide necessary additional information for identity verification. We will respond within the statutory timeframe.
United States (California)
This section applies solely to residents of California ("You"). This Appendix supplements the main text of this Policy. In the event of any inconsistency between this Appendix and the main text of this Policy, this Appendix shall prevail.
Collection, Use, Sale, and Sharing
In the preceding 12 months, we have collected the relevant types of personal information described in the "How We Collect and Use Your Personal Data" section of this Policy from you. We obtain personal information from various sources, as detailed in the "Sources of Your Personal Data" section of this Policy.
We do not use your sensitive personal information.
In the preceding 12 months, we have not sold your personal information to any third party.
In the preceding 12 months, to support our business operations, we have shared your personal information with the following third parties:
• Sharing your personal information with advertising providers to acquire new users and monitor advertising effectiveness.
Under CCPA, "Sale" refers to the disclosure of personal information to a third party for monetary or other valuable consideration; "Sharing" refers to the disclosure of personal information to a third party for cross-context behavioral advertising (regardless of whether monetary consideration is involved).
For California residents under the age of 13, we will process your personal information only after obtaining consent from your parent or other legal guardian.
Your Rights
Under the California Consumer Privacy Act / California Privacy Rights Act (CCPA/CPRA), you have the following rights:
• Right to Opt-Out of Sale or Sharing of Personal Information.
• Right to Limit Use and Disclosure of Sensitive Personal Information. You have the right to limit the use and disclosure of your sensitive personal information to purposes other than those authorized by law, such as providing goods or services to you or helping to ensure security and integrity.
• Right to Non-Discrimination. We will not treat you unfairly (e.g., by denying services) for exercising any of your rights.
• Shine the Light. You may request that we inform you whether we have shared your personal information with third parties for their direct marketing purposes in the preceding calendar year.
• Content Removal for Users Under 18. California residents under the age of 18 may contact us at privacy@gryphline.com to remove the content they have posted on the Services themselves. Such requests must:
(a) Clearly identify the content to be removed; and
(b) Provide sufficient details to locate the content on our platform. We accept such requests only by email. We are unable to process incomplete requests. Please note: We cannot guarantee complete or permanent removal of the content, as it may have been copied or reposted by other users.
How to Exercise Your Rights
You may exercise your rights by sending us an email. To facilitate the expeditious processing of your request, please indicate in the subject line that you are a California resident and clarify your specific request (e.g., data access, data deletion, etc.). In the body of the email, please clearly state your specific requirements (e.g., specific data to be corrected or deleted) .To exercise your "Right to Opt-Out of Sale or Sharing of Personal Information," you may, for instance, disable the relevant switch in our Cookie Management Tool or limit ad tracking via your device's system settings (such as the "Tracking" option in iOS or "Ads" setting in Android on mobile phones or iPads).
To comply with CCPA/CPRA regulations and protect each user's information from unauthorized access, we will verify your identity (before formally processing your request). If the initial verification is unsuccessful, we may require you to provide additional information for verification. We will only collect information that is necessary for identity verification, such as verification code received by your App account or your historical transaction data. Any personal information you disclose to us for verifying your identity will be used solely for verification purposes. We will respond to your request within the period prescribed by law. We may deny or partially fulfill certain requests as permitted or required by law. For example, if you request deletion of your personal information, we may retain information as necessary for legal purposes (such as tax accounting). If your request is denied, we will provide an explanation for the decision.
If you believe that your rights under the CCPA have not been respected, you can file a complaint with the California Attorney General's Office. You may contact the Attorney General's Office at https://oag.ca.gov/contact/consumer-complaint-against-business-or-company or by calling (916) 210-6276.
You may also contact us at privacy@gryphline.com directly, and we will respond within 45 days. If reasonably necessary, we may extend this period once by an additional 45 day, we will notify you within the first 45 days.
Authorized Agent
You may choose to submit a request through an authorized agent, provided that:
• The authorized agent is registered with the California Secretary of State; and
• You have signed a valid written authorization document granting the authorized agent authority to act on your behalf.
If you use an authorized agent to exercise your right to know or delete, additionally, your authorized agent must:
• Submit a copy of a document signed by you that expressly authorizes the agent to act on your behalf.;
• (Subject to applicable law) Provide information necessary to verify your identity and confirm the agent's authority. The specific information required for verification will depend on your prior interactions with us and the sensitivity of the personal information involved.
United States (Virginia, Colorado, Connecticut, Utah, Oregon, Texas, Montana, Delaware, Iowa, Nebraska, New Hampshire, and New Jersey)
The following content applies only to residents of Virginia, Colorado, Connecticut, Utah, Oregon, Texas, Montana, Delaware, Iowa, Nebraska, New Hampshire, and New Jersey.
Under applicable laws, you may request to:
• Confirm whether we are processing your personal information and provide a copy of it.
• Correct inaccuracies in your personal information (excluding residents of Iowa and Utah).
• Delete your personal information;
• Opt-out of the processing of your personal information for targeted advertising, sale, or certain profiling.
When you play our game, we may collect, use, and disclose your device information, browsing information, usage data, and purchase history for the purposes of targeted advertising as described above. Some laws applicable define this type of activity as "Sharing" personal information. You may exercise your rights directly by using the Cookie Management Tool we provide to disable the relevant switches, or by limiting ad tracking through your device's system settings (e.g., the "Tracking" settings on iOS or the "Ads" settings on Android phones or iPads). You may also submit such requests by email.
Japan
This section applies only to residents of Japan ("You"). This Appendix supplements the main body of this Policy. In the event of any inconsistency between this Appendix and the main body of this Policy, this Appendix shall prevail.
Business Operator Information
Name of Business: Gryph Frontier Pte. Ltd.
Address: 9 Straits View, #06-07, Marina One West Tower, Singapore, 018937
Representative: Yifeng Huang
Purposes of Use
For information on the purposes of use of the personal information we handled, please refer to the section "How We Collect and Use Your Personal Data" in the main body of this Policy. If we use your personal data for new purposes, we will seek additional consent from you.
Your Rights
We respect your rights regarding your personal information as a user in Japan. This section outlines your specific rights under Japan's Act on the Protection of Personal Information (APPI) and the procedures for exercising them.
• Right to Disclosure: You have the right to request information about:
• The personal data we hold about you.
• Our records of when and to which third parties we have provided your personal data.
• Right to Correction, Addition, or Deletion: If the personal data we hold about you is inaccurate, you have the right to request that we correct, add to, or delete it.
• Right to Cease Use, Delete, or Stop Third-Party Provision: You have the right to request that we stop using or deleting your personal data, or stop providing it to third parties under certain conditions, such as:
• If your data is used for purposes other than those we stated.
• If your data was collected through improper means.
• If your data was provided to third parties in violation of the APPI.
• If we no longer need to use your data.
• In situations where a data breach has occurred or your rights might be harmed.
• Right to Request Information on Protective Measures: You also have the right to request more detailed information about the measures we take to protect your data, specifically:
• Security Control Measures: A summary of the measures we implement to keep your data safe.
• Cross-Border Transfers: When we transfer your data to third parties in other countries, you can request information about the data protection systems of that country and the measures the recipient takes to protect your data.
If you wish to exercise these rights, you may contact us at privacy@gryphline.com. To ensure data security (e.g., to prevent unauthorized data processing), we may require you to provide necessary additional information for identity verification. For requests regarding the notification of purpose of use or disclosure of personal data, we may charge a reasonable fee to the extent permitted by applicable law. We will respond within the statutory timeframe.
Cross-Border Transfer
By acknowledging this Policy, you consent to the transfer of your personal information to third parties described in the section "How We Share Your Personal Data with Third Parties" of this Policy, which may include transfer to countries outside of Japan where our service providers, servers, or affiliates are located, such as the United States, Singapore, etc.
We require recipients located outside Japan to implement data protection measures that are equivalent to the standards required under Japanese law (known as "Equivalent Action" under the APPI). Specifically, we secure such Equivalent Action by executing Standard Contractual Clauses (SCCs) and taking necessary measures to ensure the continuous implementation of these measures by the recipients.
Prior to consenting to this Policy, you may contact us at privacy@gryphline.com to request details regarding the personal information protection regime of the recipient's country, the measures implemented by the recipient, and any other information to assist you in deciding whether to consent to the cross-border transfer.
Republic of Korea
This section applies only to residents of Republic of Korea ("You"). This Appendix supplements the main body of this Policy. In the event of any inconsistency between this Appendix and the main body of this Policy, this Appendix shall prevail.
Purpose of Processing, Items Processed, and Retention Period of Personal Information
We collect your personal information for the purposes described in this Policy. Regarding the legal basis for processing personal information, the following provisions of the Personal Information Protection Act (“PIPA”) apply:
• Consent: We use this information after obtaining your consent in accordance with Article 15(1)1 of PIPA.
• Performance of Statutory Obligations: We use this information when necessary to comply with legal obligations under Article 15(1)2 of PIPA.
• Performance of a Contract: We use this information when necessary to perform a contract with you and to provide our services to you, in accordance with Article 15(1)4 of PIPA.
• Legitimate Interests: We use this information where it serves our legitimate interests, in accordance with Article 17(1)2 and Article 15(1)6 of PIPA.
(1) Personal Information Processed Without Consent
To the extent necessary to provide our services, we collect and use the following personal information pursuant to Article 15(1)4 of PIPA (Necessary for the performance of a contract with you).
We will retain this personal information for the shorter of: (i) the period necessary to achieve the purposes described in this Policy; or (ii) the lifetime of your use of the Services (that is, until your account is deleted or we complete your deletion request), unless a longer retention period is required or permitted under applicable Korean laws.
|
Scenario |
Personal Information Items |
Purpose |
|
Registration and Login |
• Gryphline account: Email address, username • Third-party account: Authorized ID, nickname, avatar, Open ID, user token |
To allow you to create and manage your game account, log in to the game, and use account-related services. |
|
Profile Page |
Avatar, nickname, bio, gameplay data (e.g., your game characters) |
To display such information on your profile page, which can be accessed by you and other players. |
|
Playing the Game |
IP address, gameplay data (including game progress data (e.g., level and score), game logs (e.g., login logs, purchase records, activity logs, and upgrade logs), game behavior data, and game statistics), device data (including terminal model, device ID, device name, device type and version, device resolution, package name, device settings, system version, app ID, and network type information) |
To provide basic game functions, such as providing services applicable to your country or region, saving your game progress, ensuring the game runs normally, adapting to different device environments, and ensuring network connection stability. |
|
Sharing on Social Media |
Gameplay information (e.g., in-game screenshots, gacha results, and factory blueprints) |
To allow you to share game content to Facebook, TikTok, X, and Naver (Korea only). |
|
Payments |
Recharge history, purchase history, order number/transaction ID, order creation timestamp, transaction amount |
To respond to your recharge or other purchase requests, provide transaction record inquiries, and secure your virtual items. |
|
In-game Social Interaction |
Avatar, nickname, gameplay data (e.g., access level, exploration level, chapter progression, and statistics on the number of virtual items owned), friend relationship, preset dialogue options |
To provide interactive features such as adding friends, forming teams, or using chat. |
|
Customer Support |
Purchase data, device data, contact details, other supporting materials you voluntarily provide Gameplay and account data related to customer service (for troubleshooting purposes) |
To verify your identity, locate issues, or process your requests. |
|
Reporting |
Description of the reported content, the time the report is submitted, the reason for the report |
To respond to and process your reporting requests. |
|
Network and Operational Security |
SDK logs, server IP, Open ID, system information (e.g., system version, brand, CPU architecture, and country language), root status, app version, device information (e.g., device type, IDFA, network type, brand, language, region, sensor information, camera information, battery information, system kernel, SIM card insertion status, and screen brightness), jailbreak status (iOS) |
To perform security verification, account risk identification (e.g., abnormal login alerts and login device management), troubleshooting, and detection of offensive or sensitive wording, in order to provide you with a fair, secure, and stable online environment. |
|
Error, Fault, and Crash Handling |
Registration/login time, game version, user ID, device name, device model, mobile memory, CPU usage, CPU model, device system version, RAM, ROM, CPU architecture, Root status, simulator usage status, running process information, system time, process name, network type, application version, application package name, SDK version, SDK version/app name and version number, IDFV |
To analyze the causes of errors, fix crash issues, and maintain system service stability. |
(2) Personal Information Processed With Consent
We process the following personal information on the basis of your consent pursuant to Article 15(1)1 of PIPA (Consent).
We will retain this personal information from the date we obtain your consent for the shorter of: (i) the period necessary to achieve the purposes described in this Policy; or (ii) the lifetime of your use of the Game (i.e., until your account is deleted or we complete your deletion request), unless a longer retention period is required or permitted under applicable Korean laws. After the relevant retention period expires, we will delete or anonymize the personal information in accordance with applicable Korean laws.
|
Scenario |
Personal Information Items |
Purpose |
|
Express Checkout |
• Payment account information (e.g., PayPal account, last four digits of the card provided by the payment provider, expiration date, and cardholder name) • Postal code (US or Canada only) |
• We collect your payment account information to provide convenient credit card or PayPal payment options for future payments; • (US or Canada only) We collect your postal code to apply the accurate tax rate during payment. |
|
Direct Marketing |
Phone number, email address |
To send you marketing-related information. |
|
Participation in User Surveys, Marketing Campaigns, and Other Events |
• Data you voluntarily provide when you participate in our surveys, campaigns or other events (e.g., your email address) • Your name, shipping address, postal code and contact details (only if you win a physical prize) • Email address (only if you win a digital prize) |
We collect your survey response information to allow you to participate in our events; We collect your shipping information to deliver event prizes to you. |
|
Advertising and Analytics |
Advertising ID (e.g., IDFA in iOS or GAID on Android), device ID, device information, access records, interaction data, page views, and behavioral statistics |
For advertising performance analysis and data analysis to provide you with better services. |
|
Game Tools |
Game data (e.g., game card, characters, outfits, infrastructure, battle records, and real-time data) |
To provide game tool functions that offer a more complete picture of character progression, more detailed build recommendations, and support viewing and managing character configurations within the game tools. |
(3) Statutory Retention Periods
In principle, personal information is destroyed without delay when the processing purpose is achieved or the retention period specified in the tables above expires. However, if we are obligated to retain personal information according to the provisions of relevant laws and regulations, such personal information will be retained for the period stipulated by such laws and regulations. In such cases, the retained information will be used solely for the purpose of such retention, and the retention periods are as follows:
• Pursuant to the Commercial Act:
• Records related to business ledgers and important documents: At least 10 years.
• Vouchers and supporting documents: At least 5 years.
• Pursuant to the Framework Act on National Taxes, Corporate Tax Act, and Value-Added Tax Act:
• Ledgers, tax invoices, receipts, and other evidentiary documents related to all transactions: At least 5 years from the day following the statutory filing deadline for the relevant national tax for the taxable period to which the transaction belongs.
• Pursuant to the Act on the Consumer Protection in Electronic Commerce:
• Records regarding contracts, subscription cancellation, payment, and the supply of goods: At least 5 years.
• Records regarding customer services or dispute resolution: At least 3 years.
• Records regarding trademarks and advertisements: At least 6 months.
• Pursuant to the Protection of Communications Secrets Act:
• Log records, access logs, and access IP information related to Services use: At least 3 months.
• Data on communication dates, times, party numbers, frequency, and communication device location: At least 12 months (or 6 months for specific telephone Services).
(4) Cookies and Similar Technologies
During your use of our services, certain information may be automatically generated and collected. For details, please refer to our Cookie Policy.
(5) Methods of Collection
We collect or receive information related to you from various sources and in various ways. Please refer to the section "How We Collect and Use Your Personal Data" in the main body.
(6) Personal Information of Minors
In accordance with PIPA and other applicable Korean laws, we collect personal information from children under the age of 14 only after obtaining the consent of their legal representative. We therefore ask for your country/region and age information so that we can determine whether we are required to obtain consent from your legal representative. Where such consent is required, we will also collect the legal representative’s contact details (e.g., email address) for the purpose of verifying the authenticity of the consent.
If we become aware that we have collected personal information from a child under the age of 14 without prior consent from their legal representative, we will promptly take reasonable measures to delete the relevant personal information. For more information on the rights of legal representatives and how to exercise them, please see the section “Your Rights and How to Exercise Them” below.
Procedures and Methods of Destruction
We shall destroy personal information without delay when it becomes unnecessary, such as upon the expiration of the retention period or achievement of the processing purpose. If personal information must be retained according to other laws despite the expiration of the retention period or achievement of the processing purpose, the relevant personal information shall be stored and destroyed according to those laws.
• Destruction Procedures: The procedure for destroying personal information is as follows: When a reason for destruction arises (e.g., the purpose is achieved or the retention period expires), the relevant business department shall perform the deletion in accordance with our internal policies. The Information Security Department then verify the destruction process. If applicable laws require us to retain the information, the information will be stored and destroyed in accordance with that law.
• Destruction Method: We will destroy personal information using the following methods:
• Electronic files: Data will be destroyed by formatting or permanent deletion.
• Paper documents: Documents will be destroyed by shredding.
Provision of Personal Information to Third Parties
We provide your personal information to third parties as follows.
|
Recipient Name & Contact |
Personal Information Items Provided |
Purpose of Provision |
Recipient's Retention Period |
|
AppsFlyer Inc. (Appsflyer) (privacy@appsflyer.com) |
IP address, Device information (e.g., device type and device identifiers), and information about your engagement with webpages, apps, and ads |
User acquisition and monitoring advertising performance. |
6 months |
|
Google LLC (Firebase) https://firebase.google.com/support |
Technical information, technical identifiers, engagement information, contact information, activity data |
Data analysis, evaluating advertising performance. |
6 months |
|
Meta Platforms, Inc. (Facebook analytics) https://www.facebook.com/help/contact/507739850846588 |
Contact information, event data, and hashed data
|
User acquisition and monitoring advertising performance. |
6 months |
|
Apple Inc. (Apple Account) https://www.apple.com/legal/privacy/contact/ |
Device information, IP address, login token |
Providing third-party login services and identity verification. |
Until you delete your account, withdraw consent, or the processing purpose is achieved. |
|
Google LLC (Google Account) https://support.google.com/policies/answer/9581826 |
|||
|
Meta Platforms, Inc. (Facebook Account) https://help.meta.com/support/privacy/ |
|||
|
Google LLC (Google Play) https://support.google.com/policies/answer/9581826 |
Payment information |
Providing in-app payment processing and settlement and ensuring transaction security. |
Until you delete your account, withdraw consent, or the processing purpose is achieved. |
|
Apple Inc. (App Store) https://www.apple.com/legal/privacy/contact/ |
|||
|
PayPal Holdings, Inc. (PayPal) https://www.paypal.com/us/legalhub/paypal/privacy-full?country.x=US&locale.x=en_US |
|||
|
Google LLC (Google Ads) https://support.google.com/policies/answer/9581826 |
Advertising information |
Delivering advertisements and user acquisition. |
Until you delete your account, withdraw consent, or the processing purpose is achieved. |
Entrustment of Personal Information Processing
For the performance of the services detailed in this Policy, we entrust certain tasks to the following professional service providers.
|
Entrusted Entity |
Entrusted Tasks |
|
Alibaba Cloud (Singapore) |
Providing data hosting services. |
|
Google LLC (Firebase) |
Providing notification pushing services. |
|
NICE Information Service Co., Ltd. |
Providing real-name verification services. |
|
Wuhan Jiyi network technology Co.,Ltd. (GeeTest) |
Providing bot verification services. |
Transfer of Personal Information to Overseas Third Parties
We transfer personal information to overseas third parties as follows.
We will process your personal information in Singapore. Additionally, where entrusted processors or other recipients are located outside Korea, we will transfer your personal information in accordance with PIPA Article 28-8 and applicable provisions. We will implement appropriate safeguards, including contractual, organizational, and technical security measures.
|
Recipient Name & Contact |
Receiving Country |
Personal Information Items Transferred |
Purpose of Transfer |
Transfer Date & Method |
Recipient's Retention Period (If provided) |
Legal Basis |
|
AppsFlyer Inc. (Appsflyer) (privacy@appsflyer.com) |
United States unless otherwise described in the service provider’s privacy policy. |
IP address, Device information (e.g., device type and device identifiers), and information about your engagement with webpages, apps, and ads. |
Acquiring new users and monitoring advertising performance. |
Continuous transfer via an encrypted network connection when you use the Services. |
https://www.appsflyer.com/legal/privacy-policy/ |
PIPA Articles 28-8(1)1 |
|
Google LLC (Firebase) https://firebase.google.com/support |
United States unless otherwise described in the service provider’s privacy policy. |
Technical information, technical identifiers, engagement information, contact information, and activity data. |
Conducting data analysis and evaluating advertising performance. |
Continuous transfer via an encrypted network connection when you use the Services. |
https://policies.google.com/privacy |
PIPA Articles 28-8(1)1 |
|
Meta Platforms, Inc. (Facebook analytics) https://www.facebook.com/help/contact/507739850846588 |
United States unless otherwise described in the service provider’s privacy policy. |
Contact information, event data, and hashed data.
|
Acquiring new users and monitoring advertising performance. |
Continuous transfer via encrypted network connection when you use the Services. |
https://www.facebook.com/privacy/policy/?entry_point=data_policy_redirect&entry=0 |
PIPA Articles 28-8(1)1 |
|
Apple Inc. (Apple Account) |
United States unless otherwise described in the service provider’s privacy policy. |
Device information, IP address, login token |
Providing third-party login services and identity verification. |
Continuous transfer via encrypted network connection when you use the Services. |
https://www.apple.com/legal/privacy/contact/ |
PIPA Articles 28-8(1)1, 3 |
|
Google LLC (Google Account) |
United States unless otherwise described in the service provider’s privacy policy. |
Continuous transfer via encrypted network connection when you use the Services. |
https://support.google.com/policies/answer/9581826 |
PIPA Articles 28-8(1)1, 3 |
||
|
Meta Platforms, Inc. (Facebook Account) |
United States unless otherwise described in the service provider’s privacy policy. |
Continuous transfer via encrypted network connection when you use the Services. |
https://help.meta.com/support/privacy/ |
PIPA Articles 28-8(1)1, 3 |
||
|
Apple Inc. (App Store) |
United States unless otherwise described in the service provider’s privacy policy. |
Payment information |
Providing in-app payment processing and settlement and ensuring transaction security. |
Continuous transfer via encrypted network connection when you use the Services. |
https://www.apple.com/legal/privacy/contact/ |
PIPA Articles 28-8(1)1, 3 |
|
Google LLC (Google Play) |
United States unless otherwise described in the service provider’s privacy policy. |
Continuous transfer via encrypted network connection when you use the Services. |
https://support.google.com/policies/answer/9581826 |
PIPA Articles 28-8(1)1, 3 |
||
|
PayPal Holdings, Inc. (PayPal)
|
United States unless otherwise described in the service provider’s privacy policy. |
Continuous transfer via encrypted network connection when you use the Services. |
https://www.paypal.com/us/legalhub/paypal/privacy-full?country.x=US&locale.x=en_US |
PIPA Articles 28-8(1)1, 3 |
||
|
Google LLC (Google Ads) |
United States unless otherwise described in the service provider’s privacy policy. |
Advertising information |
Delivering advertisements and acquiring new users. |
Continuous transfer via encrypted network connection when you use the Services. |
https://support.google.com/policies/answer/9581826 |
PIPA Articles 28-8(1)1 |
You may contact us at privacy@gryphline.com to refuse the transfer of your personal information overseas. If you refuse, your personal information will not be transferred to overseas third parties. However, you may not be able to use our services for which overseas transfer of personal information is necessary.
Your Rights and How to Exercise Them
(1) Your Rights
You have the right to exercise rights related to your personal information under applicable laws, such as requesting access, modification or deletion, suspension of processing, or objecting to or requesting an explanation on an automated decision concerning your personal information pursuant to applicable law. You may also exercise your right of withdrawal of consent to the collection, use, or provision of your personal information.
If we process or disclose any sensitive information under Article 23 of PIPA (e.g., health, biometric identifiers), we will obtain your separate and explicit consent in advance.
(2) How to Exercise Your Rights
To exercise your rights, you may contact us at privacy@gryphline.com ,or contact the Chief Privacy Officer (CPO) and/or department listed below. To verify your identity, validate, process, and respond to your request, we require specific information. This includes your country/region, email address, user ID, account information, and any other supporting information necessary to verify your identity and fulfill your request.
Your legal representative (if you are a child under the age of 14) and any authorized agent whom you have delegated to exercise your rights on your behalf may also submit requests to exercise the above rights. In such cases, you must also submit a power of attorney in accordance with applicable law.
(3) Your Controls and Choices
We use automatic collection technologies like "cookies" to provide our Services. Cookies are small text files sent by the server to the user's browser and stored on their device. Except for necessary Cookies, we will only place functional Cookies and analytical Cookies after obtaining your consent. You can adjust your choices via "Cookie Settings" at any time to withdraw or change your consent, but this will not affect the lawfulness of processing prior to the withdrawal. Please refer to our Cookie Policy for more details.
You can also take any of the following actions to manage your preferences or opt-out of direct marketing. Please be assured that even if you opt-out of marketing communications, you can still continue to use our services.
• Email Promotional Offers: When you provide us with your email address, we may send you certain marketing emails as required by applicable law. We will provide a way to opt-out of marketing communications as required by applicable law. You can unsubscribe at any time via the switch button in the "Settings" page or by following the unsubscribe instructions contained within the marketing message.
Department Responsible for Privacy Protection & Grievance Handling
We designate the following department responsible for overseeing personal information processing, handling complaints, and providing remedies:
• Department Name: Legal Department
• Contact: privacy@gryphline.com
Singapore
This section applies only to residents of Singapore ("You"). This Appendix supplements the main body of this Policy. In the event of any inconsistency between this Appendix and the main body of this Policy, this Appendix shall prevail.
By clicking to accept this Policy, you consent to the cross-border transfer of your personal data to countries or regions where our service providers, servers, or affiliates are located.
You are entitled to access your personal data and obtain information regarding its usage and disclosure. Additionally, you have the right to request the correction of any inaccurate personal data.
You may contact our designated Data Protection Officer (DPO) by privacy@gryphline.com.
Thailand
By clicking to accept this Policy, you acknowledge that you have read, understood, and agreed to this Policy. If you do not agree to this Policy, please do not use our Services.
If you are under the age of 13, please do not use our Services unless you have obtained consent from your parent or guardian.
You may:
• Withdraw your consent for the processing of your personal data (only where the legal basis for processing is consent); however, please note that if the processing of your personal data is necessary for the Service, we may not be able to provide the intended Service without it;
• Request that we: (1) provide access to or correct your personal data;(2) stop any automated processing or profiling (where applicable); (3) suspend, restrict the use or provision of, and/or delete your personal data;
• Request that we provide your personal data in a machine-readable format to you or a third party; and/or
• Lodge a complaint with the relevant authority.
Canada
If you are located in Canada, you have the right to access, update, and correct the personal information we process about you. If you wish to obtain written information regarding our policies and practices with respect to the use of service providers located outside Canada to process your personal information, you may contact us at privacy@gryphline.com.
We require service providers to adhere to privacy and security standards that are equivalent to our own. We utilize data protection agreements and other reasonable measures to ensure the confidentiality and security of your personal information, and to prevent it from being used for any purposes other than those set out in this Policy.
Australia
We take reasonable steps to ensure that third-party recipients located outside Australia handle your personal information in a manner consistent with Australian privacy laws. However, you acknowledge that we do not control, and are not liable for, the acts and omissions of these third-party recipients. You have the right to access the personal information we hold about you, including details regarding its usage and disclosure. You also have the right to request the correction of any inaccurate personal information we hold.
If you are under the age of 13, please do not use our Services unless you have obtained consent from your parent or guardian.
Where feasible, you may register for and use our games or websites under a pseudonym without disclosing your real identity. You acknowledge and agree that if you do not provide us with your personal information, we may be unable to provide you with certain features or Services.
If you are dissatisfied with our response to your request to access or correct your personal information, or with our response to your privacy complaint regarding your personal information, you may contact the Office of the Australian Information Commissioner (Phone: +61 1300 363 992 or Email: enquiries@oaic.gov.au).