Part I. Data Collection Scope, Granularity, and Purpose Limitation

We follow strict necessity and proportionality principles. Data is processed only for lawful service operation, IAA and IAP system integrity, anti-fraud controls, compliance adaptation, and product stability. We do not intentionally collect irrelevant personal information.

1. Device Fingerprints and Identifiers

• Identifier classes may include IDFA (iOS), GAID (Android), OAID (China Android ecosystem), and encrypted pseudo-unique device identifiers.
• Device metadata may include brand, model, screen resolution, operating system version, language configuration, and battery status.
• System clock offset may be processed to detect timezone spoofing and cross-region pricing abuse.
• Identifiers are encrypted, de-risked, and not used to directly infer legal identity.

2. Network Environment Data

• IP address is used for region-level legal filtering and service governance adaptation, not precise geolocation profiling.
• Carrier/operator name, Wi-Fi state, and connection type (4G/5G/Wi-Fi) may be used for reliability and compliance routing.

3. Behavioral Signals for IAA and UX Optimization

• Ad-related metrics: ad impression identifiers, click timestamps, conversion path markers, rewarded-video completion time, early-exit status, and ad dwell duration.
• Product-loop metrics: trigger counts in core function loops, paywall modal click-through rates, onboarding loss points, and feature usage frequencies.
• Purpose: ad quality optimization, anti-fraud control, and experience tuning. We avoid collecting private content payloads unless explicitly required by core product logic and lawful basis.

4. Financial Transaction Data for IAP

• We receive official transaction receipts through App Store / Google Play APIs only.
• We never process raw payment credentials such as bank-card number, CVV, payment PIN/password, or expiry date fields.
• Order records may include order ID, item name and quantity, currency, payment amount, country code, transaction timestamp, sandbox flag, and order state (success/failure/refund).
• Purpose: order authenticity validation, fraud prevention, reconciliation, dispute handling, and lawful accounting.

All processed data is encrypted in transmission and at rest. Access is role-restricted, auditable, and log-traceable.

Part II. Deep Third-Party Sharing Architecture (Data Mapping)

We disclose only minimal and necessary information to approved partners under encrypted transport and contractual governance.

1. Mediation and Ad Monetization Layers

Ad inventory may include app-open ads, rewarded-video ads, interstitial ads, and banner ads. Partner sets are adjusted by product line, region, and legal constraints.

• Mediation examples: AppLovin MAX, Google AdMob Mediation, Unity LevelPlay (ironSource), Chartboost Mediation, TopOn, Pangle Mediation.
• Ad demand examples: Google AdMob, AppLovin, Meta Audience Network, Unity Ads, Mintegral, Liftoff Monetize (Vungle), Chartboost, Pangle, InMobi, Smaato, Start.io, BidMachine, Yandex Ads, Digital Turbine, Moloco, Criteo, DT Exchange, OpenX, PubMatic, Index Exchange, TripleLift, Ogury, Verve Group, APS, and additional compliant exchange partners supported by current mediation stacks.
• Shared fields are limited to de-identified device/ad event data required for lawful bidding, fill-rate optimization, and anti-fraud checks.

2. Attribution and Anti-Fraud Measurement

• MMP examples: AppsFlyer, Adjust, Singular, Kochava, Branch.
• Purpose: install attribution, campaign quality tracking, fake-install and ad hijack detection.

3. Payment Processors

• Apple Inc. and Google LLC process in-app purchases and receipt verification.
• Shared data is restricted to transaction-level metadata necessary for fulfillment and anti-abuse reconciliation.

4. Contractual and Audit Governance

• We sign confidentiality and data processing agreements with third parties.
• We periodically review partner compliance. Violating partners may be suspended or removed.
• Where technically feasible, users may review major sharing categories in-app and withdraw optional authorizations, understanding that ad-supported features may degrade.

Part III. Region-Specific Legal Statements

1. European Union (GDPR) and United Kingdom (UK-GDPR)

• Lawful bases include contract performance, explicit consent, and legitimate interests such as anti-fraud and service integrity.
• Legal reference alignment: GDPR/UK-GDPR Article 6 framework.
• EU/UK Representative placeholder: [Reserved for legal representative contact and registered address].
• User rights include access, correction, deletion, consent withdrawal, portability, and regulator complaint rights.
• Response target for validated requests: no later than 7 business days where legally and operationally feasible.

2. DSA Transparency Supplemental Commitments

• We disclose ad-delivery logic, recommendation logic, and core moderation standards in an understandable format.
• We maintain transparency reporting routines on complaint handling and moderation actions where required.
• If UGC is enabled, we provide notice-and-action process visibility, complaint channels, and review standards.

3. United States: CCPA, CPRA, VCDPA, and State-Level Adaptation

• We do not sell personal information in the ordinary legal sense.
• Some ad-targeting data sharing may be classified as sharing under certain statutes. Users can opt out where applicable.
• Do Not Track and comparable system controls are respected for behavior-tracking limitations in targeted advertising contexts.
• California (CPRA): rights to disclosure of 12-month collection/use/sharing categories, deletion rights, and targeted-ad opt out. Typical response target: up to 45 business days.
• Texas-focused handling: enhanced access-right support and strict treatment of sensitive categories under applicable legal thresholds.
• Virginia (VCDPA): correction and opt-out rights with practical response path, generally around 30 business days where feasible.
• Additional adaptation is maintained for Colorado, Washington, and other active US state regimes when the product scope requires it.

4. Brazil (LGPD)

• Consent-grounded data handling, clear purpose disclosure, and rights channels for access/correction/deletion/withdrawal.
• Cross-border transfers are subject to lawful mechanism checks and ANPD-related obligations where applicable.

5. China, India, Saudi Arabia, Canada, Japan and Other Key Jurisdictions

• China: PIPL, Data Security Law, and cross-border transfer regulation alignment.
• India: DPDP Act adaptation, governance accountability, and transfer control according to competent authority pathways.
• Saudi Arabia: local personal data protection and localization-sensitive processing governance.
• Canada and Japan: PIPEDA/APPI adaptation and regulator-audit preparedness.
• Additional jurisdictions are reviewed continuously for data sovereignty updates and local obligations.

Part IV. Subscription Transparency (Auto-Renew)

• Collected subscription data is limited to cycle type, trial status, subscription state (active/expired/paused), and renewal timing.
• Before purchase, we present cycle, price, trial period (if any), renewal rule, and cancellation path in clear language.
• Where platform capabilities allow, billing reminders are sent before auto-renew processing.
• Users may manage subscriptions in-app (if available) and through App Store/Google Play account subscription controls.
• Trial conversion rules are clearly presented. If users cancel during trial, no post-trial charge should apply under platform policy.

Part V. AI-Generated Content Disclosure (When Applicable)

• AI output is clearly labeled as AI-generated to avoid confusion with human-authored output.
• AI output is governed by content safety policies and may include automated + human review workflows.
• Prohibited classes include violent, exploitative, hateful, discriminatory, deceptive, unlawful, and rights-infringing content.
• AI output is assistive and does not create legal, medical, investment, or professional guarantees.
• Training and tuning data governance excludes unauthorized use of personal privacy datasets.

Part VI. Age Policy and Minor Protection

• Services are not intended for children below the minimum digital consent age under applicable law.
• Where minors are allowed by local law, parent/guardian authorization is required for regulated processing scenarios.
• For suspected unauthorized minor data processing, we implement prompt restriction and deletion actions after verification.

Part VII. Security, Retention, and Rights Requests

• Security controls include encryption, access control, operation tracing, and periodic risk review.
• Retention follows legal and operational necessity, then secure deletion/anonymization controls.
• Users may request access, correction, deletion, withdrawal, portability, objection, and complaint handling via our contact channels.

Part VIII. Cookies, SDK Permissions, and Consent Governance

• Where applicable, we use essential cookies/local storage and SDK-generated identifiers for security, session continuity, and lawful analytics.
• Non-essential measurement or personalization controls are activated only under lawful basis requirements (for example, explicit consent where required).
• Users may revoke optional consent controls through in-app settings and supported system privacy settings.
• SDK access scope is reviewed periodically to ensure permissions remain function-related and legally proportionate.

Part IX. Data Retention Schedule and Deletion Logic

• Operational logs and anti-fraud data are retained for the minimum period needed for security integrity, dispute handling, and legal compliance.
• IAP records are retained based on accounting and legal obligations in the applicable jurisdiction.
• When retention periods expire, data is securely deleted, anonymized, or irreversibly aggregated.
• User deletion requests are verified and processed according to legal obligations and exception regimes (for example, fraud prevention or legal claims).

Part X. Security Incident and Breach Response

• We maintain internal incident response procedures for suspected data exposure, tampering, or unauthorized access events.
• Technical measures may include access revocation, key rotation, containment actions, and forensic evidence logging.
• Where required by law, regulators and affected users are notified within applicable legal timelines and risk thresholds.
• Post-incident reviews are conducted to reduce recurrence risk and strengthen controls.

Part XI. Government, Judicial, and Law-Enforcement Requests

• Requests for disclosure are reviewed for legal validity, scope proportionality, and jurisdictional competence.
• Only minimally necessary data is disclosed when we are legally compelled to do so.
• Where lawful and not prohibited, users may be notified about requests affecting their data.

Part XII. Cross-Border Transfer Mechanisms

• Cross-border data transfers are governed by lawful transfer mechanisms, including adequacy determinations and contract-based safeguards where required.
• Transfer-risk evaluations are reviewed periodically to ensure practical protection and enforceable user rights.
• Regional localization mandates are implemented where legally required for specific jurisdictions.

Part XIII. Policy Updates and Notice

• This policy may be updated when law, store policy, or product functionality changes require adjustments.
• Material updates are communicated through in-app notice, website publication, or other reasonable channels.
• The latest version date is displayed at the top of this page for transparency.

Part XIV. Contact

• Business Support: support@DeerCasual.com
• General Contact: zhaoxiaotang@DeerCasual.com
• Address: No. 58 Chongchuan Road, Chongchuan District, Nantong, Jiangsu, China. Nantong Software Park (Chongchuan Science and Technology Park).