We, PUBLEX (Blokh Ilia) hereinafter referred to as “Publex”, the company acting and organized under the laws of the Israel, with address: Netanya, Oved Ben Ami 2, represented by Ilya Blokh, care about personal data security and comply with all the laws and regulations on the personal data protection, including European Union General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA). Our users can be sure that their privacy and protection of their personal information are the most significant values for Publex.
1. Key Terms and Definitions
In order to clarify the meaning of the specific provisions of this Policy we provide the following definitions of the terms used in the Policy:
1.1. “Personal data” or “personal information” refers to any kind of information that can identify you as personal data subject, including your online identifier, e-mail, login, name etc.
1.2. “Publex”, “we”, “us”, or “our” refer to Publex Publishing Limited.
1.3. “Publex User”, “Publex Users”, “you”, “your”, “personal data subject”, or “personal data subjects” refer to the users of Publex Services.
1.4. “Personal data subject” or “personal data subjects” refer to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly, or indirectly by reference to one or more identifiers, including online identifier, e-mail, tracking data.
1.5. “Service” or “Services” refer to applications for mobile platforms or devices and web applications, including web applications accessible on third-party social networking services – “SNS” (collectively referred to as “Publex Applications”), and advertisements implemented into Publex Applications, web-pages of Publex at application stores (AppStore, Google Play etc.), accounts, pages, and societies of Publex in social networks (Facebook, Instagram etc.), chats and online dialogues implemented by Publex into Publex Applications, web domains and subdomains of Publex and Publex’s partners using the Services of Publex, including Publex.com (collectively referred to as “Sites”), and other web forums or messaging boards in Publex Applications and our Sites (collectively referred to as “Forums”).
“Publex Applications” refer to applications:
– that were developed by Publex;
– that were developed by a third party but were published on behalf of Publex under exclusive, sole, permanent, world-wide, transferable, sub-licensable and unlimited license.
1.6. “In-Game Account” refers to the account created by Publex User on one of the Publex Applications.
1.7. “Processing” refers to any operation or set of operations which is performed on personal data, such as collection, storage, use, transfer, deletion, destruction, retrieval, and any other operation in respect of the personal data.
1.8. “Controller” refers to Publex as a legal entity which determines the purposes and means of the processing of personal data.
1.9. “Recipient” refers to a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not.
1.10. “Processor” refers to a natural or legal person, public authority, agency or other body which processes personal data on behalf of Publex.
1.11. “Third Party” or “Third Parties” refer to a natural or legal person, public authority, agency, or body, other than a processor, that can receive personal data from a controller.
1.12. “Consent” refers to freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she signifies agreement to the processing of personal data relating to him or her.
2. Consent to Processing of Personal Data
2.1. Your freely given consent forms a legal basis for the processing of your personal data by Publex. By giving such consent you also confirm the understanding that your personal data may be transferred to both EU and non-EU countries under Section 7 of this Policy.
2.3. The dialog box specified in para.2.12 of this Policy will also contain the statement “I confirm that I am 16+ (or holding parental responsibility)”. There will also be a box next to the statement provided in this paragraph of the Policy by ticking which either you confirm that you are 16 years of age or more, or the person holding parental responsibility over you consents to the processing of your personal data.
2.4. You have a right to withdraw your consent to the processing of your personal data at any time. If you would like to withdraw your consent, please send us the verifiable request via e-mail email@example.com. In the verifiable request, please identify your online identifier (such as Game Center ID) or other identifiers by which we can identify the personal data related to your use of our Services. However, we cannot guarantee that after the withdrawal of your consent you will be able to use all the features of the Services. To learn more about the opportunities of obtaining the full access to the Services of Publex, please read our Terms of Service by following the link https://Publex.com/terms_of_service
2.5. If you send us the request to withdraw your consent in accordance with para.2.4 of this Policy, you also have the right to request the erasure (deletion) of your personal data that we collected during your use of our Services. Please send us the verifiable request via e-mail firstname.lastname@example.org. We will not be able to erase your personal data if the processing of this personal data is necessary for the performance of our Terms of Service that you agreed to, for the compliance with legal obligations of Publex, or when there are other legal grounds for processing your personal data established by GDPR.
3. Controllers and Processors of Your Personal Data
3.1. Publex is the Controller of your personal data that determines the purposes and means of processing your personal data by establishing this Policy and by concluding contracts on processing with other legal entities that Publex involves in processing of your personal data as Processors.
3.2. The following categories of legal entities are involved in processing your personal data as Processors:
3.2.1. Legal entities that provide attribution tracking mechanisms, ad mediation services and ad networks services in respect of Publex Applications;
3.2.2. Legal entities that use the analytical tools in respect of the behavior of Publex Users and their use of Publex Applications and other Services;
3.2.3. Legal entities that use advertising networks for promoting Publex Applications and other Services;
3.2.4. Legal entities that use the personal data received from the Controller for developing and improving Publex Applications under the written contract with Publex;
3.2.5. Legal entities that store processed personal data of Publex Users.
3.3. The Processors determined in para.3.2 of this Policy process your personal data only under and to the extent provided by the written contracts concluded between the Controller and the Processors. Such written contracts do not violate the Processors’ obligations provided in Art.28 GDPR and your rights as personal data subjects.
4. The Categories of Personal Data Publex Collects from You
4.1. In order to provide you with our Services, we can collect and further process the following categories of your personal data:
4.1.1. Your Identifier for Advertisers (IDFA) or other kinds of Device ID that aggregate all the tracking information on how you use our Services through your device (hereinafter referred to as “Device ID”). You can get information on what is Device ID by following the link https://www.appsflyer.com/mobile-attribution-glossary/device-id/. To learn more about IDFA and how it is used in tracking technologies, please follow the link https://www.appsflyer.com/mobile-attribution-glossary/idfa/
4.1.2. Your online identifier that directly or indirectly identifies you as personal data subject, including but not limited to Facebook ID, Google Play ID, Game Center ID etc. To learn more about online identifiers, please follow the link https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/what-is-personal-data/what-are-identifiers-and-related-factors/. For the purposes of this Policy, the term “online identifiers” also includes profile names that you use in social networks for communication with other Publex Users and Publex.
4.1.3. Your e-mail address.
4.1.4. Your login or in-game nickname and password that you can create by obtaining access to Publex Applications.
4.1.5. First and family names of Publex Users.
4.1.6. Mobile telephone number.
4.1.7. Country of residence.
4.2. Besides, when you contact us through our web-site https://publex.games/ or other Sites of Publex, you may be required to provide us with the information about your IT-project that you would like to publish and promote by use of our Services.
4.3. We do not collect sensitive Information: we do not ask you to send us, and you do not disclose, any sensitive personal data (such as social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, criminal background or trade union membership) on or through the Publex Services or otherwise.
5. How We Obtain and Further Process Your Personal Data
5.1. Our Processors determined in para.3.2.1 of this Policy implement into the Publex Applications attribution tracking technologies and track the use of the device (e.g. smartphone) by Publex User. In doing this, such Processors use the Device ID of the device that aggregates all the personal data on the behavior of the device user. In particular, such Device ID can aggregate personal data on what web-resources the device user visited, which ads did the device user click, what applications for mobile devices did the user buy or download, how many application launches did the device user make. When Publex User downloads or installs and launches Publex Application, the Publex Application obtains the information about the Device ID that belongs to the device of the Publex User, and tracks all the behavioral personal data aggregated on this Device ID. Besides, when you launch the Publex Application, we can also receive and process your personal data specified in para.4.1.7 of this Policy for purposes determined in Section 6 of the Policy.
5.3. When Publex User creates an In-Game Account, he or she is required to provide Publex with an online identifier of such Publex User (such as Facebook ID or Google Play ID). Publex User may also be required to provide Publex with login or nickname used in Publex Application and password created by Publex User for the protection of In-Game Account. Some of the Publex Applications can also require Publex User to provide first and family names, e-mail address, and the mobile telephone number needed for creation of In-Game Account.
5.4. Besides, when you create an In-Game Account, you may provide us with personal data specified in paras.4.1.8 and 4.1.9 of this Policy, or you can allow us to obtain and process such personal data by providing us with consent on obtaining these types of personal information from your profile in a social network (e.g. Facebook). To learn more about the purposes of processing such personal data, please read Section 6 of this Policy.
5.5. The Controller can transfer personal data specified in para.5.3 of this Policy to the Processors determined in para.3.2.5 of the Policy for storage. The Controller can transfer online identifiers specified in para.5.3 of this Policy to the Processors determined in para.3.2.4 of the Policy for improvement and further development of Publex Applications. All the purposes of processing your personal data are listed in Section 6 of this Policy.
5.6. If you provide us with the personal information determined in para.4.2 of this Service, we store and use your personal data solely for the purpose of negotiating with you on the terms of the contract with Publex on the publishing and promotion of your IT-project.
5.7. If you chat, leave comments or feedback, or otherwise use our Sites for the purposes of communication with other Publex Users or Publex itself, we can store and use your profile names for the purposes of profile advertising.
5.8. If you use our Sites or Forums for purposes of communication and violate this Policy or our Terms of Service, we have the right to block your In-Game Account or otherwise block or restrict your access to the Services of Publex, including block of access to our social network accounts and pages.
5.9. We store your personal data for the period of your use of our Services and until you have an active and valid In-Game Account. If we or you block or delete your In-Game Account or you otherwise cease to use our Services, we will continue to process personal data that was collected before the deletion of your In-Game Account or before the moment you otherwise ceased to use our Services for reaching the purposes specified in Section 6 of this Policy, and in any event for not more than for 8 years.
6. Purposes of Processing Your Personal Data
6.1.1. Creation of In-Game Accounts and providing Publex Users with an opportunity to use Publex Applications and other Services;
6.1.2. Blocking or deletion of your In-Game Account or restriction of your access to our Services by other means for the violation of this Policy and Terms of Service;
6.1.3. Marketing purposes, including retargeting, profiling advertising, and use of look-a-like advertising targeting;
6.1.4. Identification and suggestion of connections with other Publex Users, as well as enabling you to communicate with other Publex Users and Publex itself;
6.1.5. Operation and improvement of our Services, including improvement and development of Publex Applications;
6.1.6. Marketing analysis, including understanding of your preferences and your use of our Services, and mobile applications and web-sites in general;
6.1.7. Responding to your requests, comments, and questions and providing you with customer support;
6.1.8. Sending you related information, including confirmations, invoices, technical notices, updates, security alerts, and support and administrative messages; and
6.1.9. Communicating with you about promotions, rewards, upcoming events, and other news about Services offered by Publex and our selected partners.
6.1.10. Compliance with applicable laws or legal process and/or response to requests from public and government authorities.
7. Storage of Your Personal Data
7.1. We and our Processors can store your personal data both inside and outside European Union. Some of our storage servers are located in the Israel while others are located in European Union. The storage servers of our Processors can be located both in European Union and in the Israel and other jurisdictions outside European Union.
7.2. While we and our Processors take all the reasonable and necessary measures aimed at protection of your personal data against unauthorized access by third parties, we shall inform you about the possible risks of such storage of your personal data in jurisdictions outside European Union under Art.49(1)(a) GDPR. Such possible risks include:
7.2.1. Efforts of hacking attacks. Publex takes all the necessary measures to prevent such attacks and do not allow hackers to access your personal data. Such measures are determined in Section 9 of this Policy.
7.2.2. Storage of personal data in the jurisdictions to which Publex has no access. However, Processors that store your personal data in such jurisdictions use all the necessary security mechanisms for protecting your personal data in accordance with Section 9 of this Policy. Furthermore, their storage authority is restricted and controlled by the written contracts with Publex.
7.2.3. Existence of different rules and regulations on personal data processing in such jurisdictions that are different from GDPR. However, Publex and its Processors provide personal data subjects with the level of guarantees granted to personal data subjects by GDPR.
7.3. When you push the button “I accept provided in para.2.2 of this Policy, you express your consent to the possible transfer of your personal data to both EU and non-EU countries.
8. Publex Users’ Rights
8.1. You as the personal data subject have the following rights relating to the processing of your personal data:
8.1.1. Right of access (right to obtain from Publex as the Controller confirmation as to whether your personal data are being processed and other information concerning your personal data, including information about the purposes of processing, the categories of processed personal data, the categories of recipients of your personal data, the period of personal data storage);
8.1.2. Right to lodge a complaint with a supervisory authority (a supervisory authority is a state authority in your country which supervises the compliance with GDPR by legal and natural persons that process personal data of data subjects);
8.1.3. Right to rectification (right to the rectification of inaccurate personal data concerning you);
8.1.4. Right to erasure (right to obtain the erasure of personal data concerning you);
8.1.5. Right to restriction of processing (right to obtain from Publex as the Controller restriction of processing on the legal grounds provided in Art.18 GDPR (for example, when the accuracy of the personal data is contested by you or we no longer need the personal data for the purposes of the processing));
8.1.6. Right to data portability (the right to receive the personal data concerning you, which you have provided to Publex, in a structured, commonly used and machine-readable format, and the right to transmit those data to another controller without hindrance from us);
8.1.7. Right to object (right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you, including the right to object at any time to processing of personal data concerning you for marketing purposes);
8.1.8. Right not to be subject to a decision based solely on automated processing, including profiling;
8.1.9. Right to file the request or complaint to Publex as the Controller of your personal data.
8.1.10. Right to withdraw your consent to personal data processing.
9. How We Secure Your Personal Data Against Unauthorized Use
9.1. We employ reasonable security measures to protect your personal data from access by unauthorized persons and against unlawful processing, accidental loss, destruction and damage.
9.2. We do not use vulnerability scanning and/or scanning to PCI standards. We use regular Malware Scanning. Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. We implement a variety of security measures when Publex Users enter, submit, or access their information to maintain the safety of their personal data. All transactions are processed through a gateway provider and are not stored or processed on our servers.
9.3. Besides, our servers on which we store your personal data allow access to these servers and data stored on them only by use of special SSH-keys. To learn more about SSH keys please follow the link https://jumpcloud.com/blog/what-are-ssh-keys/
9.4. The access to the services of our Processors aimed at tracking behavioral data and promotion of Publex Services is carried out by entering special username and password and sometimes with use of Two-Factor Authentication (2FA).
10. Cookies Policy
10.2. We and our Processors determined in para.3.2.4 of this Policy use local storage of Publex Applications for saving the progress of Publex Users in such Publex Applications. However, neither Publex, nor our Processors have access to the information about the saved progress, except for cloud save scripts used in some of our Publex Applications.
11. Transfer of Personal Data to Third Parties
11.1. We do not sell or otherwise transfer your personal data to any third parties. We have never sold any personal data to any third parties, and have not done so within the last 12 (twelve) calendar months. We are not planning to sell your personal data to any third parties in future. We can only transfer your personal data to the Processors determined in this Policy for the purposes specified in the Policy.
11.2. If we decide to change our policy on the sale of your personal data in future, we will provide you with all necessary updates and notifications in accordance with CCPA.
12. Data Protection Officer (DPO)
12.1. Because we regularly and systematically monitor personal data subjects on a large scale, we have appointed the Data Protection Officer (DPO) in accordance with Art.37 GDPR. Our DPO is Anastasia Romakha of Moscow, 2nd Paveletzky proezd, building 5 block 1.
12.2. Our DPO monitors the compliance with GDPR by Publex and our Processors, and performs other tasks provided by Art.39 GDPR.
14. Contacting Us
14.1. You can contact Publex regarding the application of this Policy or the rights Publex Users via our e-mail email@example.com. You can also contact us through our DPO appointed by Publex in accordance with this Policy. Besides, you may send us a mail to our physical address: Oved Ben Ami, 2, Netanya, Israel.
15. Privacy rights of Californian residents under CCPA
15.1. Right to receive information and access information.
You have the right to request us to disclose the following information we have collected:
(1) The categories of personal information we have collected about you.
(2) The categories of sources from which the personal information is collected.
(3) The business or commercial purpose for collecting or selling personal information.
(4) The categories of third parties with whom we share personal information.
(5) The specific pieces of personal information we have collected about you.
We shall provide this information only upon receipt of a verifiable consumer request.
There are two ways to submit a request for providing an information: 1) send the request via e-mail: firstname.lastname@example.org; 2) send us a mail to our physical address: Oved Ben Ami, 2, Netanya, Israel. If we need additional information to verify your identity, we will contact you to request that information. If we deny your request, we will explain the reason in our response.
Upon receiving a verifiable consumer request from you to access personal information we shall promptly take steps to disclose and deliver, free of charge to you the personal information required by this section. The information may be delivered by mail or electronically, and if provided electronically, the information shall be in a portable and, to the extent technically feasible, in a readily useable format that allows you to transmit this information to another entity without hindrance. We may provide personal information to you at any time, but shall not be required to provide personal information to you more than twice in a 12-month period.
15.2. Right to deletion
You have the right to request us to delete any personal information about you which we have collected.
We may retain personal information necessary to: (a) protect our business, systems, and users from fraudulent activity, (b) to address technical issues that impair existing functionality, (c) necessary for us, or others, to exercise their free speech or other rights, (d) comply with law enforcement requests pursuant to lawful process, (e) for scientific or historical research, (f) for our own internal purposes reasonably related to your relationship with us, or to comply with legal obligations. Additionally, we need certain types of information so we can provide our services to you.
There are two ways to submit a request for deletion: 1) send the request via e-mail: email@example.com; 2) send us a mail to our physical address: Oved Ben Ami, 2, Netanya, Israel. If we need additional information to verify your identity, we will contact you to request that information. If we deny your request, we will explain the reason in our response.
15.3. Right to opt-out
However, we have provided you with a system to record your preference that your data not be sold in the future. You may make this request in two ways: 1) send the request via e-mail: firstname.lastname@example.org; 2) send us a mail to our physical address: Oved Ben Ami, 2, Netanya, Israel.
15.4. No discrimination based upon the exercise of the opt-out right
We shall not discriminate against a consumer because the consumer exercised any of the consumer’s rights under this title, including, but not limited to, by:
(1) Denying goods or services to the consumer.
(2) Charging different prices or rates for goods or services, including through the use of discounts or other benefits or imposing penalties.
(3) Providing a different level or quality of goods or services to the consumer.
(4) Suggesting that the consumer will receive a different price or rate for goods or services or a different level or quality of goods or services.
Nothing in this subdivision prohibits us from charging a consumer a different price or rate, or from providing a different level or quality of goods or services to the consumer, if that difference is reasonably related to the value provided to us by the consumer’s data.