Astro Karts Mobile Application – Privacy Policy

1. Legal Basis and Scope

We process your personal information in accordance with:

• The General Data Protection Regulation (GDPR) (EU and UK)
• The California Consumer Privacy Act (CCPA/CPRA)
• Other relevant global data privacy regulations where applicable

For the purposes of data protection laws:

• Data Controller: Astro Karts, processing data on behalf of clients
• Data Processor: The clients/end-users of the Astro Karts App.

2. Definitions

• Personal Data: Information that identifies or could reasonably identify an individual.
• Sensitive Personal Data: Data like biometric, health, racial, or religious information (not collected).
• Processing: Actions like collection, storage, or deletion of data.
• Third Party: Any entity other than you, us, or our affiliates.

3. Information We Collect

We may collect the following types of information:

• Identifiers: Username, email address (through PlayFab login options such as email, Google account, or other PlayFab-supported methods).
• Device Information: IP address, device ID for security and analytics.
• Crypto Wallet Address (Optional): If you choose to connect a third-party crypto wallet, we only access the public wallet address and public metadata related to owned digital assets (e.g., cosmetic NFTs).

We do NOT collect or process:

• Private keys or sensitive personal data.
• Any financial transaction data, crypto sales, purchases, or exchanges.

We do not use cookies or similar tracking technologies.

Third-party services like PlayFab and WalletConnect may have their own privacy policies. We encourage you to review their policies for additional details on their data practices.

4. Purpose and Use of Information

We use collected data to:

• Provide secure login, account management, and gameplay services.
• Display personalized, cosmetic-only game content based on wallet-owned items.
• Communicate necessary updates about the app.
• Ensure compliance with platform policies.

Automated Decision-Making: We do not engage in automated decision-making or profiling that produces legal or similarly significant effects on you.

Important:

• Wallet connection is purely optional.
• No purchases, sales, transfers, financial services, or crypto rewards occur within the app.
• Our lawful bases for processing include contractual necessity, legitimate interests, and, where required, consent.

5. Wallet Connection Feature

• Wallet connection is completely optional and not required to play Astro Karts.
• Wallets are connected using secure, standardized third-party protocols (e.g., WalletConnect).
• The app reads only the public wallet address and metadata to verify digital ownership (e.g., kart skins).
• No cryptocurrency is traded, purchased, or exchanged in the app.
• Users retain full custody and control of their external wallets and digital assets.
• We do not store private keys, seed phrases, or wallet contents.

Example User Flow for Wallet Connection

1. User taps "Connect Wallet."
2. App opens a secure external wallet connection interface (e.g., WalletConnect).
3. User authorizes connection outside the app.
4. App receives public wallet address and reads owned NFTs.
5. App displays relevant bonus content (cosmetic use only).

6. Data Retention

We retain your personal data only as long as necessary for the purposes outlined, or as required by law, typically no longer than seven (7) years unless mandated by jurisdiction (e.g., for tax or accounting purposes).

You may delete your account at any time through the Account Settings section in the app, which will remove your stored personal data from our servers.

7. Security Measures

We implement appropriate safeguards, including:

• We use industry-standard encryption to protect your data in transit and at rest.
• Encryption of data in transit and at rest.
• Regular reviews of security procedures to prevent unauthorized access.

In the unlikely event of a data breach, we will notify affected users promptly as required by applicable law.

8. Data Sharing and Disclosure

We do not sell, trade, or otherwise transfer your personal information to outside parties. Disclosure of data may occur only:

• To comply with applicable laws, regulations, or legal processes.
• To protect our rights, users, and the App's integrity.

If your data is transferred outside your jurisdiction (e.g., from the EU to the U.S.), we ensure appropriate safeguards, such as Standard Contractual Clauses, to protect your data in accordance with applicable laws.

We may share data with trusted third-party processors (e.g., PlayFab for login services, WalletConnect for wallet integration) who process data on our behalf under strict confidentiality agreements.

9. Your Privacy Rights

Depending on your jurisdiction, you may have rights to:

• Access, rectify, or erase your personal data.
• Restrict or object to processing.
• Request data portability.
• Lodge a complaint with a regulatory authority.

U.S. residents (CCPA/CPRA) have additional rights to:

• Know what personal data we collect.
• Request deletion.
• Opt-out of data "sales" (note: we do not sell personal data).
• Be free from discrimination for exercising privacy rights.

Requests should be directed to: business@theegoverse.com.

We will respond to your privacy rights requests within the timeframes required by applicable law, typically 30 days for GDPR or 45 days for CCPA.

10. Children's Privacy

Astro Karts is not intended for children under the age of 13 (or 16 in certain jurisdictions). We do not knowingly collect personal data from children without appropriate consent.

11. Changes to This Privacy Policy

We may update this Privacy Policy occasionally. Updates will be posted here and indicated with a revised "Effective Date." You should review this Policy regularly.

12. Contact Us

If you have any questions about this Privacy Policy or our data practices, contact us at:

📧 Email: business@theegoverse.com