Introductions

This Privacy Policy has been updated on September 20, 2023

MATRYOSHKA GAMES PRIVACY POLICY

WE RESPECT YOUR PRIVACY

If you have any privacy related concerns, please contact us at:

support@matryoshka.com

MATRYOSHKA GAMES LTD is a company registered in Cyprus, with registration number

HE 408160 and address at this date at GRIVA DIGENI 4, OROKLINI SHOPPING CENTER,

OFFICE 104, 7040, LARNACA, Cyprus (‘’MATRYOSHKA’’, ‘’We’’ “Us”), who offers

entertaining mobile applications (“App(s)’’). This privacy statement describes how

MATRYOSHKA GAMES collects and uses the information and/or data (the terms are used

interchangeably) you provide. It also describes the choices available to you regarding

our use of your information and how you can access the information. We respect your

privacy and we take protecting it seriously.

Reading Privacy Policy is important so we hope you will give it time and

attention.

This Policy applies to the following people:

● visitors to the websites (“Visitor”, “you”, "your", "yours") (including those

submitting a job application).

● people who use the Games (For the purposes of this policy, we define the term

“User”, “you”, "your", "yours" as a person which has concluded the installation of

any App(s) provided by MATRYOSHKA GAMES).

● people who make complaints to us by email.

In this Policy we refer to the Sites, the App(s) and the Ancillary Services together as the

“Services”.

MATRYOSHKA GAMES do not sell your personal information to third parties. A “sale” of

Personal Information under the CCPA is defined broadly to include the “selling, renting,

releasing, disclosing, disseminating, making available, transferring, or otherwise

communicating orally, in writing, or by electronic or other means” the Personal

Information of a Consumer to another business or third party “for monetary or other

valuable consideration.” If we decide to sell our App(s) (our business), we will inform you

about this, so you can forbid us to transfer your personal data together with our

business. If so, we will delete your data from the databases prior to a business transfer.

We adhere to the following principles in order to protect your privacy:

● principle of purposefulness - we process personal data fairly and in a transparent

manner only for the achievement of determined and lawful objectives, and they shall

not be processed in a manner not conforming to the objectives of data processing;

● principle of minimalism - we collect personal data only to the extent necessary for

the achievement of determined purposes and do not keep personal data if it is no

longer needed;

● principle of restricted use - we use personal data for other purposes only with the

consent of the data subject or with the permission of a competent authority;

● principle of data quality - we update personal data shall be up-to-date, complete and

necessary for the achievement of the purpose of data processing;

● principle of security - security measures shall be applied in order to protect personal

data from unauthorised or unlawful processing and against accidental loss,

destruction or damage, using appropriate technical and organisational measures;

● principle of individual participation - the persons shall be notified of data collected

concerning him or her, the persons shall be granted access to the data concerning

him or her and the persons have the right to demand the correction of inaccurate or

misleading data.

1. DEFINITIONS

● “Analytical data” means any data that is derived from the data mentioned herein

that is used for internal analytics purposes via Our analytic system (e.g., for statistics

analysis, marketing, enhancing the in-game experience, enhancing the Games, the

Services, etc.).

Analytical data may as well include the following data: separate ID of the User in

Analytical data, User ID in BrainCloud service by bitHeads Inc., Apps language, Paying

information (whether the User spent any money while using the Apps), Platform

information (where the Apps were installed), Store information (via which the Apps

were installed), Session ID, Start version of the Apps, Version of the Apps, First Seen

(time and date of the first launch of the Apps), Last Seen (time and date of the last

in-App action of the User), Total Spent (the amount that was spent by the User within

the Apps in USD), total amount of all Purchases made by the User, Client Event Time,

Client Upload Time, Server Upload Time, Server Received Time.

Analytical data is generated by Us. We securely store Analytical data for the

above-mentioned internal purposes without sharing it with any third party.

● “Device information” means data about your device from which you use our Games

and/or Sites that may include: your IP address and unique mobile device identification

numbers (e.g., your device ID, advertising ID), device family, device type, RAM

information, CPU information, Designated Market Area information, Operating system;

● “Games” means Our Apps including "Rescue Dash", "Tribe Dash", "Farming Fever",

"Cooking Live", "Idle Mars Colony", "Mega Farm", "Royal Cooking" ;

● “Location information” means data about your location, namely broad location data

(e.g. country, region or city-level location);

● “Sites” means Our websites, including https://matryoshka.com/ and any other

MATRYOSHKA GAMES sites on which this Policy is posted;

● “User information” means data that we collect about you (such as your nickname,

profile picture) that we receive if you link a third-party tool with the Service (for

example, Facebook, Google Play), data about your age or other data provided by you

regarding yourself.

2. PERSONAL DATA THAT WE COLLECT AND PROCESS

We may source, use and otherwise process your personal data in different ways. In all

cases we are committed to protecting your personal data.

We may use the information collected from you for a variety of purposes, primarily,

relating to providing our Services and information about our Services. We may also use

the information for such other purposes as otherwise allowed by law. For example, we

(or a supplier or our affiliate company acting on our behalf and only under our

instructions) may use your personal information, including personally identifiable

information, for such purposes, including but not limited to the purpose examples listed

below.

2.1. VISITORS TO THE SITES

The Website is essentially a brochure for MATRYOSHKA/s business, its Apps and

opportunities to work with and for MATRYOSHKA GAMES. The Website collects personal

data from you for the following purposes and on the following legal bases:

Categories of

Personal Data

Purpose examples

Legal basis

● Email;

● Any other data that

you submit in

connection with a

contact request

To collect this information

because you choose whether to

how much personal data to

provide to us in doing so

Legitimate interest in

provision with the most

detailed information

regarding Our

business, Apps and

opportunities to work

with and for

MATRYOSHKA GAMES

● Your data in CV;

● Any other data that

you submit in

connection with a

job request

To be able to receive your

requests via the recruitment

enquiries section and reply to

them

Legitimate interest in

assessing you as a

potential candidate

● Information about the candidate is stored indefinitely, until we receive a written

notification with the requirement to delete the information;

● Source of the above-mentioned personal data: we collect it directly from you.

2.2. USERS

We may collect the following categories of personal data relating to our Users for the

purposes and on legal basis mentioned below:

Categories of

Personal Data

Purpose examples

Legal basis

Data about your

progress of the game,

using connected your

social networks, if you

link a third-party tool

with the Service (for

example, Facebook,

Google Play)

● To provide you with the access

to the Apps;

● To track and analyze your

in-game experience in order to

improve Our Services and

Games.

Legitimate interest in

statistics analysis of the

use of our Apps and

Services

Data about in-app

purchases that you

make in any App(s)

provided by

MATRYOSHKA GAMES

(details of orders,

amount spent, date,

time, used vouchers or

offers)

● To track purchases and usage

information;

● To prevent cheating, crime or

fraud;

● To obtain statistical data.

Legitimate interest in

preventing fraud and

other illegal actions,

research and statistic

analysis.

Data from platforms

that the games run on

● To verify payments;

● To prevent cheating, crime or

fraud.

Legitimate interest in

preventing fraud and

other illegal actions

Device information

● To monitor the Services,

including the Website, App(s)

and operation thereof;

● To prevent cheating, crime or

fraud.

Legitimate interest in

preventing fraud and

other illegal actions

Location information

● For marketing and promotion of

our Services or related

products;

● To obtain statistical data.

Legitimate interest in

marketing and statistic

analysis

User information

● To provide the tech support;

● To obtain statistical data on the

target audience App(s).

Legitimate interest in

provision of User

support, research and

statistic analysis.

Other data that you

choose to provide to us

For analytics, tech support or

other purposes depends on the

provided data

Consent

● Source of the above-mentioned personal data: we collect it directly from you and

from Our partners;

● We also process Analytical data based on the combination of the collected data.

Source of the Analytical data: it is generated by Us.

2.3. PEOPLE WHO CONTACT OR MAKE COMPLAINTS TO MATRYOSHKA GAMES

BY EMAIL

We may collect personal data from you for the following purposes and on the following

legal bases:

Categories of

Personal Data

Purpose examples

Legal basis

● Email;

● Any other relevant

data that you

submit in

connection with a

complaint,

including data of

other individuals

identified therein.

To analyze and respond to your

complaint

Legitimate interest in

processing a complaint

● We shall retain information in relation to a complaint for a maximum of six (6) years

after its closure, in a secure environment and access to it will be restricted on a

‘need to know’ basis;

● The items of personal data collected are not of a nature whereby your rights and

freedoms as a data subject are outweighed by such data collection;

● Source of the above-mentioned personal data: we collect it directly from you.

3. USE OF COLLECTED PERSONAL DATA

Based on you consent and our legitimate interest to fulfill our obligation for

providing you with Apps, replying to your requests, enhancing your experience and

Our Services and Games, we may use any of the collected Personal data in order

and in relation to:

● contacting you (for example as part of customer service or to send you updates

about our Services) or receiving request from you (for example as part of Our

User support);

● managing your account and improving your experience when you use our

Services;

● marketing and promotion of our Services or related products, including those of

a third party’s products which are related to our Services (If you do not want

us to use your data in this way, please let us know by contacting us at:

support@matryoshka.com

● creating reports, analysis or similar services for use by us for the purposes of

research or business intelligence, for example to track potential problems or

trends with our Services;

● delivering relevant advertising to you and measuring and analyzing the

effectiveness of advertising, including advertising of third parties placed within

the Services;

● resolving disputes or issues;

● tracking purchases and usage information;

● enforcing the legal terms governing your use of our Services; and

● any other purpose as we determine, in our sole discretion, to be necessary or

required to ensure the safety and/or integrity of our users, employees, third

parties, public, and/or our Services, or to comply with requirements of any

applicable law.

4. СOMPLIANCE WITH GENERAL DATA PROTECTION REGULATION (GDPR),

CALIFORNIA CONSUMER PRIVACY ACT (CCPA) AND BRAZIL'S GENERAL

DATA PROTECTION LAW (LGPD (LEI GERAL DE PROTEÇÃO DE DADOS))

4.1. If you are located in the European Economic Area (EEA) privacy rights are

granted and all processing of Personal Data is performed in accordance

with regulations and rules following the Regulation (EU) 2016/679 of the

European Parliament and of the Council of 27 April 2016 on the protection

of natural persons with regard to the processing of Personal Data and on

the free movement of such data, known as the General Data Protection

Regulation (“GDPR”).

4.2. If you are located in California, all processing of Personal Data is performed

in accordance with regulations and rules following the California Consumer

Privacy Act, Cal. Civ. Code § 1798.100 et seq. (“CCPA”).

4.3. If you are located in Brazilia, all processing of Personal Data is performed

in accordance with regulations and rules following the Lei Geral de

Proteção de Dados (“LGPD”).

4.4. The Child Online Privacy and Protection Act (“COPPA”) regulates online

collection of information from persons under the age of 13 (covered

person). Covered persons are required to obtain parental consent before

providing personal information via this App(s). If you are a parent of a

COPPA covered person, you have the option to agree to the collection and

use of your COPPA covered person’s information. You may revoke your

consent, review your COPPA covered person’s personal information, ask to

have it deleted, and/or refuse to allow any further collection or use of your

COPPA covered person’s information at any time, contact us at

support@matryoshka.com.

5. DATA ACCESS, DATA CORRECTION, DATA DELETION, DATA PORTABILITY

AND WITHDRAWAL OF THE CONSENT

5.1. You can review, correct, update, delete or transfer their personally

identifiable information. For that, contact us directly at

support@matryoshka.com or via the "Support" button inside our games.

We will acknowledge your request within seventy-two (72) hours and

handle it promptly and as required by law.

5.1.1. Right to access. You may contact us to get confirmation as to

whether or not we are processing your personal data. When we

process your personal data, we will inform You of what categories

of personal data we process regarding You, the processing

purposes, the categories of recipients to whom personal data have

been or will be disclosed and the envisaged storage period or

criteria to determine that period.

5.1.2. Right to withdraw consent. In case our processing is based on

consent granted, You may withdraw the consent at any time by

contacting us or by using the functionalities of our Services. You

can withdraw your consents at any time by replying to the email

with your withdrawal and your Personal Data will be deleted in 48

hours. Withdrawing consent may lead to fewer possibilities to use

our Services.

5.1.3. Right to object. In case our processing is based on our legitimate

interest to run, maintain and develop our business, You have the

right to object at any time to our processing. We shall then no

longer process your personal data unless for the provision of our

Services or if we demonstrate other compelling legitimate grounds

for our processing that override your interests, rights and freedoms

or for legal claims. Notwithstanding any consent granted

beforehand for direct marketing purposes, You have the right to

prohibit us from using personal data for direct marketing purposes,

by contacting us or by using the functionalities of the Services or

unsubscribe possibilities in connection with our direct marketing

messages.

5.1.4. Right to restriction of the processing. You have the right to obtain

from us restriction of processing of your personal data, as foreseen

by applicable data protection law, e.g. to allow our verification of

accuracy of personal data after your contesting of accuracy or to

prevent us from erasing personal data when personal data are no

longer necessary for the purposes but still required for your legal

claims or when our processing is unlawful. Restriction of processing

may lead to fewer possibilities to use our Services.

5.1.5. Right to data portability. You have the right to receive your

personal data from us in a structured, commonly used and

machine-readable format and to independently transmit those data

to a third party, in case our processing is based on your consent

and carried out by automated means.

5.1.6. How to use these rights. To exercise any of the above-mentioned

rights, You should primarily use the functions offered by our

Services. If such functions are however not sufficient for exercising

such rights, You shall send us a letter or email to the address set

out below under Contact, including the following information:

name, address, phone number, email address, and a copy of a valid

proof of identity. We may request additional information necessary

to confirm your identity. We may reject requests that are

unreasonably repetitive, excessive or manifestly unfounded.

5.2. You have the right to lodge a complaint with a supervisory authority if you

think that we violate your rights. You could contact The Data Protection

Inspectorate in Cyprus via their email

commissioner@dataprotection.gov.cy.

5.3. If you are from California and dissatisfied with how we have used your

personal information you could contact The California Department of

Justice (Department) via their website

(https://www.oag.ca.gov/privacy/caloppa/complaint-form/privacy-notice).

5.4. If you are from Brazil, you can also file a complaint with Brazil’s National

Data Protection Authority (ANPD) through its official channels.

6. STORING OF INFORMATION AND DELETION

6.1. We store your Information for as long as needed to provide you with our

services unless the specific time period for storing some of your

Information is additionally defined herein. We may store Information

longer, but only in a way that it cannot be tracked back to you. When

Information is no longer needed, we delete it using reasonable measures

to protect the Information from unauthorized access or use.

6.2. We may store your Information both by using the services of Our partners

(please see Section 8 hereof) and by using Our own servers without

sharing any of your data to the third parties. Amid personal data that is

stored solely by Us is Analytical data and Device information.

6.3. We implement and maintain appropriate technical, security and

organizational measures to protect Personal Data against unauthorized or

unlawful processing and use, and against accidental loss, destruction,

damage, theft or disclosure (please see Section 7 hereof for more details).

6.4. EU Territory. We store Personal Information as long as it is needed for the

provision of our services. Traffic information is erased or made anonymous

when it is no longer needed for the purpose of the transmission or, in the

case of payable services, up to the end of the period during which the bill

may lawfully be challenged or payment pursued. Direct marketing and

provision of value-added services information (including traffic information

used for these purposes) is stored as long as the same is necessary for the

provision of these activities, or up to the time when a user opts out from

such use in accordance with this Privacy Policy. Other information is stored

for as long as we consider it to be necessary for the provision of our

services. This Section shall not prevent any technical storage or access to

information for the sole purpose of carrying out the transmission of a

communication or as strictly necessary in order for us to provide the

service you requested.

6.5. As explained in the GDPR statement, we strive to anonymize the data

when possible. Our technical logs will be automatically deleted within one

(1) month and backup logs within two (2) months. If you decide to

exercise your right to erasure we will also inform our Providers to delete all

your data.

6.6. US Territory. We will retain collected information for the period necessary

to fulfill the purposes outlined in this Privacy Policy unless a longer

retention period is required or permitted by applicable legislation.

6.7. Storing might be different depending on the territory of collecting the

information and the applicable legislation, but we always strive to store the

information only as long as it is needed for the purposes of providing,

improving or personalizing our services.

6.8. We do not use our App(s) to knowingly solicit information from or market

to children under the age of 13. In the event that we learn that we have

collected personal information from a child under 13 years of age we will

delete that information as quickly as possible. If you believe that we might

have any information from or about a child under 13 years of age please

7. INFORMATION SECURITY

7.1. We care to ensure the security of personal data. We follow generally

accepted industry standards to protect the information submitted to us,

both during transmission and once we receive it. We maintain technical,

physical, and administrative security measures to provide reasonable

protection for your Personal Data. When we or our contractors process Your

information, we also make sure that your information is protected from

unauthorized access, loss, manipulation, falsification, destruction or

unauthorized disclosure. This is done through appropriate administrative,

technical and physical measures.

7.2. There is no 100% secure method of transmission over the Internet or

method of electronic storage. Therefore, we cannot guarantee its absolute

security.

7.3. We never process any kind of sensitive data and criminal offence data. Also

we never undertake profiling of personal data.

8. CONTRACTORS

Please note that We may transfer some of your personal data to Our partners and

third parties indicated below as well as receive your personal data from the third

parties (for example, from social networks).

We strongly encourage you to read carefully the privacy documents of all

mentioned partners as We are not liable for the services of third parties and do not

control their data usage processes.

8.1. We work with third party service providers who provide website,

application development, hosting, maintenance, and other services for us.

They may be located outside of the EEA. These contractors may have

access to, or process Personal Data on behalf of us as part of providing

those services for us on the basis of the respective Data Processing

Agreements and Partners’ Privacy Policy. We limit the information provided

to these service providers to that which is reasonably necessary for them

to perform their functions.

8.2. All data transfers are performed in accordance with the highest security

regulations. Transfer of Personal Data to countries outside of the European

Economic Area may be possible only in the case, when we have obtained

your consent for it.

8.3. All processed data that is not stored by Us is stored exclusively in secure

hosting facilities provided by Vultr and Amazon CloudFront.

8.4. In order to make a purchase from us, you must use our third party

checkout options to finalize and pay for your order. In-app purchases may

be made only upon entering the app store password and you are

responsible for maintaining the security of such password. Your

authentication and security maintaining is subject to specific terms of the

app store and the OS of your mobile device. You should be aware of iOS'

15-minute and Android’s 30-minute window after the downloading of an

Application, during which in-app purchases may be made without inserting

an in-app store password. You should also take into account that OS 2.1 or

older versions of Android mobile phones do not require entering of the app

store account password to carry out in-app purchases.

8.4.1. Google Wallet: If you choose to use Google Checkout to finalize and

pay for your order, you will provide your credit card number directly

to Google Checkout. Google's Privacy Policy will apply to the

information you provide to the Google Checkout web site.

8.4.2. Apple AppStore: If you choose to use AppStore to finalize and pay

for your order, you will provide your credit card number directly to

Apple. Apple's Privacy Policy will apply to the information you

provide to Apple.

8.5. We use Google Analytics for Firebase allows us to collect data on the usage

of our Apps. We use your data only for the purposes of our internal

analytics to improve our Apps and we do not allow sharing of your data

with other parties and their products or services. Google Analytics for

Firebase collects these data: Online Identifiers, browser type and settings,

operating system, mobile network information, cookie identifiers, IP

Address (which is anonymised before any storage takes place), crash

reports, device identifiers as well as App-Instance Identifier (a randomly

generated number that identifies a unique installation of an App for the

first time). This data is collected by Google Firebase when the Users

installs the App from Google Play or App Store. We use Firebase Analytics'

own unique user ID (app.instance id), which separates one mobile phone

from another, but does not personally identify you. We are using the

following Google Analytics for Firebase features: Remote Config., Crash

Reporting, Events (about usage of our App in a pseudonymized way),

Analytics in general, Firebase Cloud Functions and Firebase Communication

Manager.

8.6. We use Google and Facebook login so you can save your progress in our

App(s). Third-party social networks/platforms may provide your publicly

available data to us if you so allow.

8.7. We use Google Analytics to collect the Information in order to analyze and

improve our App(s). If you are using one of our child directed App(s) or

mixed audience App(s) and you identified yourself as under the age of 13,

the collected Information will only be used for support for internal

operations.

8.8. We use AppsFlyer in purpose marketing analytics that enables us to

measure and analyze the effectiveness of our marketing campaigns by

understanding which marketing campaigns contributed to the

download/installation of mobile applications or such other conversion

metric (e.g. relaunch of Application) and measure and analyze certain

events and actions within Application or websites, such as in-app

purchases made by Users.

8.9. We use Amplitude Analytics for analytic user behavior and understand how

users are navigating through App(s) and which features engage the most.

8.10. We use Unity Ads, Google Ads, Facebook Ads and Apple Search Ads as a

video ad networks for iOS and Android Apps to attract new Users.

8.11. We use ironSource for advertising purposes, to analyze ads statistics and

to attract new Users.

8.12. We use BrainCloud to maintain and enhance our Apps.

9. OPT-OUT

9.1. You can deactivate local notifications by changing the notification settings

in accordance with the instructions of the operating system running on the

Users’ device.

10. APPLICATION OF THIS PRIVACY POLICY

10.1. This Privacy Policy is applicable to our website and our App(s). Our website

contains links to other websites. Once redirected to another website, this

Policy is no longer applicable.

11. ACCEPTANCE OF THESE CONDITIONS

11.1. We assume that all Users have carefully read this document and agree to

its content. If one does not agree with this privacy policy, they should

refrain from using our website and App(s).

12. CHANGES AND UPDATES TO OUR PRIVACY POLICY

12.1. We may update this Privacy Policy to reflect changes in our Information

processing practices. We encourage you to periodically review this page

for the latest information on our privacy practices. You will be informed

about material changes to our data processing practices with local in-app

notification and you can get acquainted with the changes by reviewing the

13. CONTACT US!

13.1. If you have any questions please contact us at support@matryoshka.com.

MATRYOSHKA GAMES (CY) LTD

GRIVA DIGENI 4, OROKLINI SHOPPING CENTER, OFFICE 104, 7040, LARNACA,

Cyprus

HE 408160