Muuula Privacy Policy
​
Last modified: April 14th, 2025
​
This privacy policy (“Privacy Policy” or “Policy”) describes how Muuula Games Ltd. ("Company", "we", "us" or "our") collect, use and disclose certain information, including your Personal Data, and your choices and rights.
​
The Company is the developer and operator of various mobile gaming apps (“App”), which include various brain games, memory games, skill or chance mini-game features, earn or win virtual currency, tokens or virtual prizes as further in our Terms of Use (“Service”). This Policy is incorporated in and constitute an integral part of the Terms of Use, and applies to data we collect, process and transfer when you, a user installing the App and using the Service (“you”, “your”, “user”) all in accordance with the relevant data protection and privacy laws and regulations.
​
This Privacy Policy does not cover your interaction with third-party content available in through the Service, this Privacy Policy may be different from third parties' privacy practices and we shall not be liable or responsible for the acts of those third parties.
​
In the event you are a California resident, and the California Consumer Privacy Act (“CCPA”) applies to you – please review our CCPA Privacy Notice. If you are a resident of Colorado, Connecticut, Virginia, or Utah, please refer to “Additional Notice for US Residents” paragraph of this Privacy Policy for additional information about privacy rights for residents of these U.S. jurisdictions.
​
POLICY AMENDMENTS:
We reserve the right to amend this Policy from time to time, at our sole discretion. The most recent version of the Policy will always be posted on the website. The updated date of the Policy will be reflected in the “Last Modified” heading. We will provide notice if these changes are material and, where required by applicable law, we will obtain your consent. Any amendments to the Policy will become effective within 30-days upon the display of the modified Policy.
​
WE RECOMMEND YOU TO REVIEW THIS POLICY PERIODICALLY TO ENSURE THAT YOU ARE UNDERSTAND OUR MOST UPDATED PRACTICES REGARDING YOUR PERSONAL DATA.
​
CONTACT INFORMATION AND DATA CONTROLLER INFORMATION:
Muuula Games Ltd. is incorporated under the laws of the State of Israel, is the Data Controller of (as such term is defined under the GDPR or equivalent privacy legislation).
For any question, inquiry or concern related to this Privacy Policy or the processing of your Personal Data, you may contact our privacy team as follows: privacy@muuula.com
​
DATA COLLECTION
In order to provide our services, we will collect two types of data: (i) Non-Personal Data; and (ii) Personal Data.
Non-Personal Data
Meaning aggregated, non-personal non-identifiable information, which may be made available directly or indirectly through your use of the Services (“Non-Personal Data”). We are not aware of the identity of the user from which the Non-Personal Data is collected. The Non-Personal Data which is being collected may include your aggregated usage information and technical information transmitted by your device, such as: browser version, operating system type and version, mobile network information, internet service provider, mobile carrier, device settings, etc.
Personal Data
Meaning individually identifiable information, namely information that identifies an individual or may with reasonable effort be used to identify an individual (“Personal Data” or “Personal Information”).
​
For avoidance of doubt, any Non-Personal Data connected or linked to any Personal Data shall be deemed as Personal Data as long as such connection or linkage exists.
​
We do not knowingly collect or process any Personal Data constituting or revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data, data concerning a person's health or data concerning a person’s sex life or sexual orientation (“Special Categories of Personal Data”).
​
We collect and process the following Personal Data:
-
Contact Information: If you voluntarily contact us for support or other inquiries, you may be required to provide us with certain information such as your name, email address, etc. We process such data to provide you with the support you requested or to respond to your inquiry. The correspondence with you may be processed and stored by us in order to improve our customer service and in the event, we believe it is required to continue to store it, for example, in the event of any claims or in order to provide you with any further assistance (if applicable). We process such information based on our legitimate interest. Unless you are contacting us for support, in which providing support is part of our contractual obligations to you.
-
Online Identifiers: When you install our Apps or otherwise interact and use our Services, we, directly or indirectly through our third party service providers, collect certain online identifiers or similar unique identifiers. We use the unique identifier we assigned to you during the installation to validate you are a person and to know how many individuals install our Apps or use our Services. In addition, we process Online Identifiers to provide you our Services and to enable the operation of the Services and for security and fraud prevention purposes (i.e., to prevent or to be able to address any errors or technical issues in our Services). Where we collect Online Identifiers for operation and security, we process your data based on our legitimate interest.
-
Usage Data: When you install, use or interact with the Apps, website or Services, we may further collect information related to your use and interaction with the Services such as referring app or URL (meaning the apps and website you were referred to install our Apps), user gaming data (such as access time and date, the features and content you interact with, etc.), devices data (such as the operating system, device ID, language, etc.), approximate location, conversions and your interaction with ads, your purchase and transaction history, diagnostic data (crash and error data), etc. The Usage Data is used to operate and improve the Services, including fixing any errors and bugs in the Apps. We may use the Usage Data for analytics and measurement purposes, to better understand the Services' functionality, so that we can improve it. We do not use such data to learn a person’s true identity or contact details, but mostly to have a better understanding on how our users typically use and engage with our Services. Where we process the Usage Data to enable the operation of the Apps or website and to improve our Services, we process the data based on our contractual obligations with you. Other purposes, such as operational and security, are based on our legitimate interest.
-
Tracking and Advertising: We use third party service providers that display ads and promotions during your use of the App. To customize the ads displayed and personalize the content, we or our providers collect certain data on you which includes advertising ID (e.g. IDFA; you may reset such ID based on the operating system instructions), or other tracking technologies, gameplay content, product interaction data and other interests-based information that we or our advertising partners may have received from or about you. We, and our advertising partners, process this data to deliver interest-based or otherwise more effective advertisements and content, to optimize our ad management and our users' viewing experience). Depending on your location and depending on the platform requirements, tracking technology and profiling information may be processed subject to your consent, you may withdraw consent at any time through your device settings (by resetting this permission).
-
In App Payments Information: Any In App Payments ("IAP") are processed by Apple Pay and Google Pay account. We will collect transaction identifiers; however, we do not keep any payment information; we just know you made the payment. Payment information is processed by Apple/Google and will be subject to their policies. Transaction information is processed in order to preform our contract.
​
We use various technologies to collect and store the information listed above, including cookies, pixel tags, local storage, database and server logs. We use different technologies to process your information listed above, for the purposes listed above.
​
Therefore, the actual processing operation per each purpose of use and lawful basis detailed in the table above, may differ. Such processing operation usually includes set of operations, made by automated means, such as collection, storage, use, disclosure by transmission, erasure or destruction. Transfer of Personal Data to third party countries as further detailed in the International Data Transfer section is based on the same lawful basis as stipulated in the table above.
​
In addition, we may use certain Personal Data to prevent potentially prohibited or illegal activities, fraud, misappropriation, infringements, identity thefts and any other misuse of the Services and to enforce our policies and agreements, as well as to protect the security or integrity of our databases and the Services, and to take precautions against legal liability. Such processing is based on our legitimate interests.
​
HOW WE COLLECT INFORMATION
Depending on the nature of your interaction with our Services, we may collect information as follows:
-
Automatically – we may automatically collect, directly or indirectly, Online Identifiers, device data, technical data, etc.
-
Provided by you voluntarily – we will collect Personal Data if you choose to contact us for support, make a purchase or any information you uploaded to the Apps by you or on our website.
-
Provided by third party – we will collect or receive Personal Data about you from third parties, such as app store, etc.
​
TRACKING TECHNOLOGIES AND OPT OUT OPTIONS
We use certain third party “cookies” or similar tracking technologies, including through software developer kits (“SDK”), API, pixels, etc. These tracking technologies are very helpful and can be used for various purpose, such as: (i) allowing you to navigate the App efficiently; (ii) enabling automatic activation of certain features; (iii) collect analytic data and crash data and fix any errors and improve the Service; and (iv) serve advertisement. The use of third-party advertising services, allow us to offer our Apps for free. You may use third party tools, not supported by us to opt-out of personalized advertising as detailed herein below. If you opt out of interest-based advertising, some information will still be collected for other purposes, such as research, analytics, and internal operations. You will also continue to receive contextual advertisements, but they may be less relevant to your interests.
​
Third Party Tracking Tools:
-
Google Analytics. for more information see: www.google.com/policies/privacy/partners
https://policies.google.com/technologies/managing?hl=en
https://tools.google.com/dlpage/gaoptout
https://policies.google.com/technologies/partner-sites -
AppsFlyer. For more information see: https://www.appsflyer.com/legal/privacy-policy/
-
Applovin Corporation. For more information see: https://www.applovin.com/privacy
-
Facebook. For more information see: https://www.facebook.com/privacy/policy
-
Google AdMob. For more information see: http://www.google.com/policies/privacy/partners
https://policies.google.com/technologies/managing?hl=en
https://tools.google.com/dlpage/gaoptout -
IronSource. For more information see: https://www.is.com/privacy-policy
​
Opt out:
You can also opt out of interest-based advertising with some of the service providers we use, such as Google HERE, Google Analytic HERE.
​
You can opt out of advertisements on your Android device by the following steps:
​
go to Settings > Privacy > Ads and enable opt out of Ads personalization.
​
In addition, you can reset your advertising identifier in the same section (this also may help you to see less of personalized ads). To learn even more about how to affect advertising choices on various devices and different versions, please look at the information available here.
Digital Advertising Alliance (US) HERE
Digital Advertising Alliance (Canada) HERE
Digital Advertising Alliance (EU) HERE
Network Advertising Initiative HERE
Digital Advertising Alliance AppChoices HERE
Use the Global Privacy Control (“GPC”) signals.
​
SHARING DATA - CATEGORIES OF RECIPIENTS WE SHARE PERSONAL DATA WITH:
We share your Personal Data with third parties, including with business partners or service providers that help us provide our Services. You can find here information about the categories of such third-party recipients.
-
Advertisers: We share Advertising ID with our advertising partners, so they will be able to place ads that best suit such user.
-
Service Providers: We employ other companies and individuals to perform functions on our behalf. Examples include: sending communications, processing payments, assessing credit and compliance risks, analyzing data, providing marketing assistance (including advertising management), identifying errors and crashes, conducting customer relationship management. These third-party service providers have access to Personal Data needed to perform their functions, but they are prohibited from using your Personal Data for any purposes other than providing us with requested service
-
Compelled disclosure: We may share Personal Data, in the event you request us to do so. In such event, the provisions of your Personal Data will be subject to such third parties' policies and practices only
-
Enforcement of Our Rights and Security Detections: We may disclose Personal Data to enforce our policies and agreements, as well as defend our rights, including the investigation of potential violations thereof, alleged illegal activity or any other activity that may expose us, you, or other users to legal liability, and solely to the extent required. In addition, we may disclose Personal Data to detect, prevent, or otherwise address fraud, security, or technical issues, solely to the extent required.
-
Any Acquirer of Our Business: We may share Personal Data, in the event of a corporate transaction (e.g., sale of a substantial part of our business, merger, consolidation or asset sale). In the event of the above, our affiliated companies or acquiring company will assume the rights and obligations as described in this Policy.
​
Where we share information with services provider and agents, we ensure they only have access to such information that is strictly necessary in order for us to provide the Services. These parties are required to secure the data they receive and to use the data for pre-agreed purposes only, while ensuring compliance with all applicable data protection regulations (such service providers may use other non-personal data for their own benefit).
​
YOUR RIGHTS:
We acknowledge that different people have different privacy concerns and preferences. Our goal is to be clear about what information we collect so that you can make meaningful choices about how it is used. We allow you to exercise certain choices, rights, and controls in connection with your information. Depending on your relationship with us, your jurisdiction and the applicable data protection laws that apply to you, you have the right to control and request certain limitations or rights to be executed.
​
For California Residents, please further review our CCPA Notice, and for US residents, please further see the “Additional Notice for US Residents” paragraph below - to learn more about your rights under applicable US law.
​
For detailed information on your rights and how to exercise your rights, please see the Data Subject Request Form (“DSR”) available Here.
Certain rights can be easily executed independently by you without the need to fill out the DSR Form:
-
You can correct or delete certain data at any time, through the account settings on the Apps or on the website;
-
You can opt-out from receiving interest-based advertising through the device settings;
NOTE THAT DELETING THE APP FROM YOUR DEVICE WILL NOT RESOLVED IN DELETING YOUR PERSONAL DATA. IF YOU WISH TO DELETE YOUR PERSONAL DATA YOU NEED TO SUBMIT THE DSR FORM.
​
DATA RETENTION:
In general, we retain the Personal Data we collect for as long as it remains necessary for the purposes set forth above, all under the applicable regulation, or until you will express your preference to opt-out, where applicable.
​
The retention periods are determined according to the following criteria:
-
For as long as it remains necessary in order to achieve the purpose for which the Personal Data was initially processed. For example: if you contacted us, we will retain your contact information at least until we will address your inquiry.
-
To comply with our regulatory obligations. For example: transactional data will be retained for up to seven years (or even more under certain circumstances) for compliance with our bookkeeping obligations purposes.
-
To resolve a claim we might have or a dispute with you, including any legal proceeding between us, until such dispute will be resolved, and following, if we find it necessary, in accordance with applicable statutory limitation periods.
Other circumstances in which we will retain your Personal Data for longer periods of time include: (i) where we are required to do so in accordance with legal, regulatory, tax or accounting requirements, or (ii) for us to have an accurate record of your dealings with us in the event of any complaints or challenges, or (iii) if we reasonably believe there is a prospect of litigation relating to your Personal Data. Please note that except as required by applicable law, we will not be obligated to retain your data for any particular period, and we may delete it for any reason and at any time, without providing you with prior notice if our intention to do so.
​
SECURITY MEASURES:
We work hard to protect Personal Data we process from unauthorized access or unauthorized alteration, disclosure or destruction. We have implemented physical, technical and administrative security measures for our Services that comply with applicable laws and industry such as: encryption using SSL, we minimize amount of data that we store on our servers, restrict access to Personal Data to Company's employees, contractors and agents, etc. Note that, we cannot be held responsible for unauthorized or unintended access that is beyond our control, and we make no warranty, express, implied or otherwise, that we will always be able to prevent such access.
​
Please contact us at: privacy@muuula.com if you feel that your privacy was not dealt with properly, in a way that was in breach of our Privacy Policy or if you become aware of a third party's attempt to gain unauthorized access to any of your Personal Data. We will make a reasonable effort to notify you and the appropriate authorities (if required by applicable law) in the event that we discover a security incident related to your Personal Data.
​
INTERNATIONAL DATA TRANSFER:
Our data servers in which we host and store the information are located in the US. The Company’s HQ are based in Israel in which we may access the information stored on such servers or other systems such as the Company’s ERP, CRM and other systems. In the event that we need to transfer your Personal Data out of your jurisdiction, we will take appropriate measures to ensure that your Personal Data receives an adequate level of protection as required under applicable law. Furthermore, when Personal Data that is collected within the European Economic Area ("EEA") is transferred outside of the EEA to a country that has not received an adequacy decision from the European Commission, we will take necessary steps in order to ensure that sufficient safeguards are provided during the transferring of such Personal Data, in accordance with the provision of the standard contractual clauses approved by the European Union. Thus, we will obtain contractual commitments and or assurances from the data importer to protect your Personal Data, using contractual protections that EEA and UK regulators have pre-approved to ensure your data is protected (known as standard contract clauses), or rely on adequacy decisions issued by the European Commission. Some of these assurances are well recognized certification schemes.
​
ELIGIBILITY AND CHILDREN PRIVACY:
The App and Services are not intended for the use by children (the phrase “child” shall mean an individual that is under the age defined by applicable law), and we do not knowingly process children’s information. We reserve the right to request proof of age or parental consent at any stage. We may block users whom we suspect are under the applicable age. We will discard any information we receive from a user that is under the applicable age immediately upon discovering that such a user shared information with us. Please contact us at: privacy@muuula.com if you suspect that a user under the applicable age has shared any information with us.
​
ADDITIONAL NOTICE FOR US RESIDENTS
Residents of certain U.S. states (depending on the applicable state law, acting in an individual or household context and not in a commercial or employment context or as a representative of business), including Colorado, Connecticut, Virginia, and Utah, may have additional rights under applicable privacy laws and be entitled to additional disclosures.
​
"Personal Data" under applicable US privacy laws, generally means any information that is linked or reasonably linkable to an identified or identifiable individual (and usually does not include publicly available information that is lawfully made available from government records, or that a consumer has otherwise made available to the public; de-identified or aggregated consumer information; or information excluded from the states laws scope, such as: HIPAA, GBPA, non-profit entities, etc.)
​
“Sensitive Data” means data revealing racial or ethnic origin, religious beliefs, mental or physical health condition or diagnosis, sex life, sexual orientation, citizenship, or immigration status; The processing of genetic or biometric data for the purpose of uniquely identifying an individual; Personal Data collected from a known child; Precise geolocation data.
​
We are required to provide you with a clear and accessible privacy notice that includes the categories of Personal Data processed, purpose of processing, instructions for exercising consumer rights and appealing decisions, categories of Personal Data shared with third parties, categories of third parties with whom data is shared, and any sale of data or targeted advertising.
​
Categories of Personal Data & Categories of third parties with whom Personal Data is shared:
Under the paragraph “Data Collection” of this Privacy Policy, we describe our collection and processing of Personal Data, the categories of Personal Data that are collecting and processing, and the purposes for which Personal Data is processed, stored or used.
​
Additionally, under the paragraph “Sharing Data – Categories of Recipients we Share Data With” of this Privacy Policy, we detail and disclose the categories of third parties we share Personal Data with for business purposes. We will not collect additional categories of Personal Data or use the Personal Data we collected for a materially different, unrelated, or incompatible purpose without obtaining your consent.
​
“Sale” of Personal Data:
Under US privacy laws, in principal, the term “sale” is referring to disclosing or making available Personal Data to a third-party in exchange for monetary or other valuable consideration, including for targeted advertising purposes. We do not “sell” information as most people would commonly understand that term, we do not, and will not, disclose your Personal Data in direct exchange for money or some other form of payment however, subject to the definition of the term “Sale” under US privacy laws, we may “sell” the following categories of Personal Data when we use cookies or other third-party advertising services:
​
Identifiers – online identifiers such as IP and Cookie ID;
​
Internet and electronic network activity information – such as your engagement with our App and ads.
​
Geolocation data - derived from IP (country level).
​
Consumer Rights:
Residents of certain U.S. states, including Colorado, Connecticut, Virginia, and Utah, may have additional rights under applicable privacy laws, subject to certain limitations, which may include:
​
-
Access - the right to confirm whether we are processing their Personal Data and to obtain a copy of their Personal Data in a portable and, to the extent technically feasible, readily usable format.
-
Delete - the right to delete their Personal Data provided to or obtained by us.
-
Correct - the right to correct inaccuracies in their Personal Data, taking into account the nature and purposes of the processing of the Personal Data.
-
Opt-Out - to opt out of certain types of processing, including: (i) to opt out of the “sale” of their Personal Data; (ii) to opt out of targeted advertising by us; and (iii) to opt out of any processing of Personal Data for purposes of making decisions that produce legal or similarly significant effects.
​
The paragraph “Your Rights” provides additional information regarding your principal rights.
​
Exercising Your Privacy Rights:
You may submit a request to exercise most of your privacy rights under U.S. state privacy laws by contacting us at: privacy@muuula.com.
​
When you submit a request, we will take steps to verify your identity and your request by matching the information provided by you with the information we have in our records. In some cases, we may request additional information to verify your identity, or where necessary to process your request. If we are unable to verify your identity after a good faith attempt, we may deny the request and, if so, will explain the basis for denial and how to remedy any deficiencies, where applicable.
​
Authorized agents may initiate a request on behalf of another individual by contacting us at privacy@muuula.com; authorized agents will be required to provide proof of their authorization and we may also require that the relevant consumer directly verify their identity and the authority of the authorized agent.
​
If we decline to take action on your request, we shall so inform you without undue delay, within the timeframe set out under applicable law. Our notification will include a justification for declining to take action and instructions on how you may appeal. Within the timeframe set out under applicable law of our receipt of your appeal, we will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions. If the appeal is denied, you may submit a complaint to the applicable authority or Attorney General of your jurisdiction (including - Colorado AG at https://coag.gov/file-complaint/; Connecticut Attorney General at: https://www.dir.ct.gov/ag/complaint/ or (860) 808-5318; Virginia Attorney General at https://www.oag.state.va.us/consumercomplaintform).
​
ADDITIONAL NOTICE TO BRAZIL RESIDENTS
We have created this section specifically for users in Brazil. Users in Brazil have certain privacy rights as specified under Brazilian law, including the Lei Geral de Proteção de Dados Pessoais (“LGPD”). Our Privacy Policy and the privacy controls we offer to all users are in line with these laws—this notice makes sure we cover the Brazil-specific requirements. For example, all users can request a copy of their data, request deletion, and control their privacy settings in the App. Data Controller information is available above under “Contact Information and Data Controller Information” Section. The lawful basis under the LGPD is Contract (complying with the obligations of the agreement we have entered), Legitimate Interest (we have the right, the legitimate interest, to do so), Consent (we have asked your permission) and Legal Obligations. The Table under ”Data Collection” Section above, detail the lawful basis for processing each data set.