Privacy Policy

This Privacy Policy explains how Bodron Cosmin (“we”, “us”) collects, uses, shares and protects personal data when you use the Crack the Code Multiplayer mobile app and website (the “Service”). We act as the data controller for the processing described here.

1. Who we are & contact

• Controller: Bodron Cosmin(sole developer), Romania
• Support / privacy: support@crackthecodemultiplayer.com
• Mailing address: available upon request

2. Categories of data we collect

• Account data: email, display name, avatar, hashed password.
• Gameplay data: matches, ELO/ratings, leaderboards, seasons, reports, sanctions.
• Device & network: IP, device/OS info, app version, language, crash and event logs.
• Anti-cheat/abuse signals: suspicious traffic patterns, duplicate devices, automation indicators.
• Communications: support messages, email preferences; transactional emails unless you opt-in to marketing.
• Ads/SDK: pseudonymous identifiers for Google AdMob (see §8).
• Derived data: performance stats, skill brackets, risk scores for anti-fraud/matchmaking.

3. Sources

Directly from you (app/site), automatically from your device, and from service providers (e.g., AdMob), consistent with your device settings and consent.

4. Purposes & legal bases

• Provide the Service (account, gameplay, leaderboards, rewards) — contract necessity.
• Security & anti-fraud/anti-cheat — legitimate interests and/or legal obligations.
• Communications — contract/legal; marketing only with consent.
• Compliance — legal obligations.

5. Profiling & automated decisions

We use automated scoring for matchmaking, leaderboards and anti-cheat. These do not produce legal or similarly significant effects. You can request human review of sanctions via support.

6. Retention

• Account & gameplay: while active; upon deletion we remove or irreversibly pseudonymize within 30 days.
• Security/event logs: 12–24 months (shorter where feasible).
• Support tickets: 24 months.
• Legal/financial records (if prizes/payments apply): up to 5–10 years as required by law.

7. Sharing & recipients

We do not sell personal data. We use reputable service providers to host the Service, send emails, store data and deliver ads/analytics where applicable. These providers act as processors under contracts that require confidentiality and security. We may also disclose information to authorities or legal advisors where required by law.

8. Cookies, SDKs & ads

Website: we use only essential cookies necessary for core functionality. If in the future we use analytics/marketing cookies in the EEA/UK, we will request your consent via a banner and you can change preferences at any time.

Mobile: the app may show ads using a mobile ad provider (e.g., AdMob). The provider may collect device identifiers and interaction signals to deliver and measure ads and to combat fraud. We respect your device privacy settings (e.g., limit ad tracking/opt‑out) and, where required, present a consent dialog.

In regions where consent is required (e.g., EEA/UK), we use Google’s User Messaging Platform (UMP) to request your ad consent. You can change preferences at any time in the app via Profile → Manage ads consent. If you do not consent, we show only non‑personalized ads.

9. International transfers

Data may be processed outside your country. Where required, we rely on Standard Contractual Clauses (SCCs) or other lawful safeguards. You can request a copy via the contact above.

10. Your rights

• Access, rectification, erasure, restriction, portability, objection (where applicable).
• Withdraw consent at any time (does not affect prior processing).
• California: right to know, delete, correct, and to opt-out of certain sharing. We do not sell personal information.

To exercise rights: in-app (Profile → Delete Account) or email support@crackthecodemultiplayer.com. We may verify your identity and respond within statutory timeframes.

Supervisory authorities

EEA users may complain to their local authority. In Romania: ANSPDCP — dataprotection.ro. UK users may contact the ICO.

12. Transactional emails & audit copies

For support and fraud‑prevention purposes, certain transactional emails (for example, reward delivery confirmations) may be copied to our internal support mailbox. Access is restricted and messages are retained for a limited period (normally up to 90 days). Legal basis: our legitimate interests in ensuring service integrity and providing customer support.

13. Children

The Service is not directed to children under 16 (or the age required in your country). We close ineligible accounts when discovered.

14. Do Not Track / Global Privacy Control

We do not respond to DNT signals, but where legally required we honor Global Privacy Control (GPC) as a web opt-out signal.

15. Changes

We may update this Policy. Material changes will be notified in-app or on the website and apply from the effective date above.

16. Contact

Questions or requests: support@crackthecodemultiplayer.com.