Privacy Policy
This Privacy Policy explains how Nevzat Atilla Özder (“we”, “us”, “our”) collects, uses, shares, and protects information when you use our mobile games (the “Apps”) and when you visit our website (the “Site”).
We publish multiple Apps over time. This Policy applies to all Apps we publish unless an App displays a different privacy policy.
1) Data Controller (who is responsible)
- Data Controller: Nevzat Atilla Özder
- Address: Çavuş Mah. Muhteşem Sk. 6B/16 Şile / İstanbul, Türkiye
- Email: support@atillaozder.com
- DPO: No DPO appointed.
2) Quick summary
- No user accounts: We do not create in-app accounts or require login.
- Purchases: Apple processes in-app purchases; we do not collect payment card details.
- Ads: We show ads via Google AdMob and Unity Ads.
- Tracking / personalized ads: We may show personalized ads only if you allow iOS App Tracking Transparency (ATT) and provide any required consent. Otherwise, we aim to show non-personalized ads where available.
- Analytics & diagnostics: We use Firebase for analytics, crash reporting (Crashlytics), performance monitoring, remote config, and messaging (push notifications).
- International processing: Our service providers may process data in the United States and other countries.
3) What information we collect
We and our service providers may collect the following categories of data depending on your device settings and how you use the Apps:
A) Identifiers (including “User ID” / “Device ID”)
- Device ID: may include the iOS Advertising Identifier (IDFA) only if you allow Tracking via Apple’s ATT prompt.
- User ID: an identifier assigned by our SDKs (for example, an app instance identifier) to support analytics, diagnostics, ad delivery/measurement, and fraud prevention.
- IP address (commonly collected by SDKs for security, analytics, diagnostics, and fraud prevention).
- Device/app info such as device model, operating system version, app version, language, and timezone.
Important clarification: “User ID” here refers to an SDK/app identifier, not your Apple ID. We do not ask for or collect login credentials in the Apps.
B) Usage Data (including “Product Interaction”, “Advertising Data”, and “Other Usage Data”)
- Product Interaction: app opens, sessions, screens viewed, and gameplay/app events.
- Advertising Data: ad impressions, clicks, and related ad interaction and measurement signals.
- Other Usage Data: general usage patterns used to understand and improve the Apps.
Firebase features used: Analytics, Crashlytics, Performance Monitoring, Remote Config, Messaging.
Important: We do not send user-provided text to analytics events.
C) Diagnostics
- Crash Data: crash logs and related diagnostics via Firebase Crashlytics.
- Performance Data: performance traces/signals via Firebase Performance Monitoring.
D) Location
- Coarse Location: country/region may be inferred from IP address or similar signals used by analytics/ads SDKs.
E) Push notifications (optional)
- If you enable push notifications, a push notification token (via Firebase Cloud Messaging) is used to deliver notifications to your device.
F) Purchases (In-App Purchases)
- Purchases are processed by Apple via the App Store.
- We do not collect payment card details.
- We use Apple’s In-App Purchase APIs to unlock content.
- We do not store purchase data on our own servers.
4) What we do not collect
Based on current App design, we do not collect:
- account credentials (no username/password in-app),
- user-generated content,
- contacts, photos, camera, microphone, health data,
- precise GPS location.
5) How we use information
We use information to:
- provide and operate the Apps (including enabling purchased content),
- monitor performance, fix bugs, and improve gameplay and stability,
- protect against fraud, abuse, and security incidents,
- show ads and measure ad performance,
- send push notifications if you opt in.
Profiling / automated decisions: Our advertising partners may use limited profiling to show relevant ads (where permitted). However, we do not use automated decision-making that produces legal effects or similarly significant effects on you (for example, decisions about your legal status, credit, employment, or eligibility for essential services).
6) Legal bases and processing grounds (GDPR/UK GDPR and Türkiye KVKK)
A) For users in the EEA/UK (GDPR / UK GDPR)
We process personal data under these legal bases:
- Consent: for tracking and personalized advertising where required (including IDFA under ATT), and for push notifications (device-level permission).
- Legitimate interests: for analytics, performance monitoring, crash reporting, and security to improve and protect the Apps (balanced against your rights).
- Contract / performance of a contract: to provide paid features/content you purchase through Apple’s in-app purchases.
B) For users in Türkiye (KVKK – Law No. 6698)
For users in Türkiye, we process personal data in accordance with the Law on the Protection of Personal Data No. 6698 (“KVKK”) and related legislation and decisions of the Personal Data Protection Authority. Your rights under KVKK are described in Section 15.
VERBIS note: Depending on our scale and legal criteria, we may have an obligation to register with the Data Controllers’ Registry (VERBIS). If registration is required for us, we will comply. (Even if registration is not required, KVKK obligations may still apply.)
7) App Tracking Transparency (ATT), IDFA, and ad personalization
- If an App uses the IDFA for advertising that qualifies as “tracking,” iOS will display Apple’s ATT prompt.
- If you choose “Ask App Not to Track,” we will not access the IDFA for tracking purposes.
- Personalized ads are enabled only when you allow ATT and provide any required consent. Otherwise, we aim to show non-personalized ads where available.
- You can change tracking permission in iOS at any time:
Settings → Privacy & Security → Tracking.
8) U.S. state privacy (including California) – opt out of targeted ads
Some U.S. state privacy laws provide the right to opt out of the “sale” or “sharing” of personal information for targeted advertising (also called cross-context behavioral advertising).
You can control targeted advertising in these ways:
- In-app privacy choices: Where applicable, we display an AdMob U.S. state privacy choices message at app start that may allow you to choose whether your data is used for targeted advertising (depending on region and availability).
- iOS Tracking (ATT): You can disable tracking permission in
Settings → Privacy & Security → Tracking. - Email request (supported): Email support@atillaozder.com with the subject “US Privacy Opt-Out” and include the App name. We will respond and apply your request where required and technically feasible.
Note: If you do not see the in-app privacy message in your region/device scenario, you can still email us for help and opt-out handling. We do not discriminate against users for exercising privacy rights.
9) Sharing of information
We do not sell personal information for money. We may share information with:
A) Service providers (processors)
We use third-party services to provide analytics, diagnostics, ads, and messaging. These providers process data under their own policies and/or on our behalf.
- Firebase (Google) – analytics, Crashlytics, performance monitoring, remote config, messaging: Firebase Privacy
- AdMob (Google) – advertising and measurement: AdMob Privacy
- Unity Ads (Unity) – advertising and measurement: Unity Privacy Policy
B) Legal and safety reasons
We may disclose information if reasonably necessary to comply with law, respond to lawful requests, protect users, prevent fraud/abuse, or enforce our terms.
10) International transfers
Our servers and/or our service providers’ servers may be located in the United States and other countries. This includes processing by partners such as Google (Firebase/AdMob) and Unity (Unity Ads), as listed in Section 9.
If you are in the EEA/UK, transfers outside your region may be protected by safeguards such as Standard Contractual Clauses (SCCs) or other lawful transfer mechanisms, depending on the provider and circumstances.
11) Data retention
We keep information only as long as needed for the purposes described in this Policy:
- Google/Firebase Analytics retention: 14 months (as configured in our Firebase/Google Analytics settings).
- Crash reporting / diagnostics (Crashlytics): retained according to Firebase configuration and as needed to investigate and resolve stability issues.
- Performance Monitoring / Remote Config / Messaging data: retained according to Firebase configuration and operational needs.
- Push notification tokens: retained while notifications are enabled and/or until the token becomes invalid (e.g., app reinstall), subject to platform behavior.
- Support emails: retained as reasonably necessary to respond and for recordkeeping and legal compliance.
12) Security
We use commercially reasonable administrative, technical, and organizational safeguards designed to protect information. No method of transmission or storage is 100% secure.
13) Do Not Track signals (DNT)
Our Apps are mobile applications and do not respond to web browser “Do Not Track” signals.
14) Children’s privacy
Our Apps are intended for general audiences and are not designed to knowingly collect personal information from children under 13. If you believe a child provided personal data to us, contact support@atillaozder.com and we will take appropriate steps (including deletion where feasible).
Children’s Privacy Policy: Click Here
15) Your rights and how to exercise them (GDPR/UK GDPR and KVKK)
A) EEA/UK users (GDPR/UK GDPR)
Depending on your location, you may have rights such as access, correction, deletion, restriction, objection, portability, and the right to withdraw consent. You may also have the right to lodge a complaint with your local data protection authority.
B) Users in Türkiye (KVKK – Law No. 6698, Article 11)
For users in Türkiye: You have rights under Article 11 of KVKK, including (among others) the right to:
- learn whether your personal data is processed,
- request information if processed,
- learn the purpose of processing and whether it is used in accordance with that purpose,
- know third parties to whom personal data is transferred (domestic/abroad),
- request correction of incomplete/incorrect data,
- request deletion or destruction under applicable conditions,
- request notification of correction/deletion to third parties to whom data was transferred,
- object to a result against you arising from analysis exclusively by automated systems, and
- request compensation for damages arising from unlawful processing.
How to exercise rights (email only)
To exercise your rights, email support@atillaozder.com and include:
- the App name,
- your device platform (iOS),
- the type of request (access/deletion/etc.),
- any details that help us locate data (approximate dates, screenshots of settings such as ATT choices).
No account deletion note (Apple)
We do not create user accounts in our Apps. If you request deletion, we will delete or restrict personal data we control where feasible. Some data may be held by our service providers (e.g., advertising/analytics providers) under their own retention settings; we will assist by applying available controls and/or directing you to relevant provider controls where appropriate.
16) Third-party links
Our Apps or Site may contain links to third-party websites/services. Their privacy practices are governed by their own policies.
17) Changes to this Policy
We may update this Policy from time to time. We will post the updated version with a new “Last updated” date. If changes are material, we may provide additional notice (such as an in-app notice).
18) Contact
- Nevzat Atilla Özder
- Çavuş Mah. Muhteşem Sk. 6B/16 Şile / İstanbul, Türkiye
- Email: support@atillaozder.com