Welcome to the services of NEXUS REALM PTE. LTD. ("NEXUS REALM PTE. LTD.," "Company," "We," "Us," or "Our"), a company incorporated in Singapore with its registered office at 60 PAYA LEBAR ROAD, #08-10, PAYA LEBAR SQUARE, SINGAPORE 409051. This Privacy Policy ("Policy") is designed to explain how we collect, use, process, disclose, protect, and transfer personal data in connection with our business operations.
We understand the importance of privacy to our clients ("Client," "You," or "Your") and to the end-users you reach through our services. We are committed to processing personal data responsibly, transparently, and in accordance with applicable data protection laws and regulations, including but not limited to Singapore's Personal Data Protection Act 2012 (PDPA) and its related provisions, and, where applicable, the General Data Protection Regulation (GDPR).
This Policy applies to your access to and use of our website, platform, software, applications, and all services we provide, including but not limited to user acquisition, ad creative production, data analytics, ad monetization consulting, and other related services (collectively, the "Services").
By accessing our website or using our Services, you acknowledge that you have read, understood, and agree to the data practices described in this Policy. If you do not agree with any part of this Policy, you must immediately cease using our website and Services.
We may update this Policy from time to time to reflect changes in our practices or updates in legal regulations. We will post any revised version on our website and update the "Effective Date" at the top of this Policy. We encourage you to review this Policy periodically to stay informed about how we are protecting your information.
2.1. Scope of Application
This Policy primarily covers two categories of personal data:
Client Data: Information we collect and process as a Data Controller related to our Clients, including their employees, representatives, and contacts. This includes personal data you provide directly to us when you register for an account, communicate with us, pay for services, or otherwise use our website and Services.
End-User Data: Information we process as a Data Processor on behalf of our Clients in the course of providing Services, such as executing advertising campaigns. This data relates to the end-users of our Clients' games or applications. In this context, our Client is the Data Controller, responsible for determining the legal basis and purposes for processing this data.
This Policy does not apply to the practices of third-party companies or individuals that we do not control, such as our Clients, the third-party platforms on which we place ads (e.g., ad networks, social media platforms), or other third-party websites to which our website may link. We recommend that you review the privacy policies of these third parties to understand their data practices.
2.2. Key Role Definitions: Data Controller vs. Data Processor
Under data protection law, distinguishing between the roles of "Data Controller" and "Data Processor" is crucial:
Data Controller: An entity that, alone or jointly with others, determines the purposes and means of the processing of personal data. When processing Client Data, NEXUS REALM PTE. LTD. is the Data Controller. For example, we decide how to use your contact information to manage your account and communicate with you.
Data Processor: An entity that processes personal data on behalf of the Data Controller. When processing End-User Data to execute advertising campaigns, NEXUS REALM PTE. LTD. is the Data Processor, and our Client (the game developer/publisher) is the Data Controller. We only process End-User Data in accordance with our Client's lawful instructions.
To provide and improve our Services, we collect several types of information. This information can be categorized as follows:
3.1. Information You Provide Directly to Us (Client Data)
We collect information that you voluntarily provide to us when you register for an account, enter into a contract, request support, communicate with us, or otherwise interact with us. This may include:
Identity and Contact Information: Your name, email address, phone number, job title, company name, and any other contact details you provide during registration or communication.
Account Information: The username, password, and other configuration information you set up when creating your account.
Financial and Transactional Information: Billing information, transaction history, and details of bank accounts or other payment methods related to your payment for Services. We employ industry-standard security measures to protect this sensitive information.
Communication Records: A record of all correspondence, feedback, questions, and information exchanged when you communicate with us via email, contact forms on our website, phone, or any other channel.
Marketing Preferences: Your preferences for receiving marketing communications from us and your interactions with our marketing campaigns.
3.2. Information We Collect Automatically (Client and Website Visitor Data)
When you visit our website or use our platform, we automatically collect certain technical information. This helps us understand user behavior, maintain and improve our Services, and ensure their security. This may include:
Log File Information: Like most websites, our servers automatically record information that your browser sends whenever you visit. These log files may include your Internet Protocol (IP) address, browser type and settings, Internet Service Provider (ISP), referring/exit pages, operating system, date/time stamps, and clickstream data.
Device Information: We may collect specific information about the device you use to access our Services, such as your hardware model, operating system version, unique device identifiers, browser type and version, language preferences, time zone settings, and mobile network information.
Usage Data: We collect information about how you interact with our website and platform, such as the pages you visit, the features you click on, the content you view, the time you spend, and the websites you visited before and after your visit.
Cookies and Similar Technologies: We use cookies (small text files stored on your device) and similar technologies (like web beacons and pixel tags) to collect this automated information. These technologies help us recognize you, remember your preferences, provide a personalized experience, analyze traffic, and measure the effectiveness of marketing campaigns. For more details on our use of cookies, please see Section 7 "Cookies and Tracking Technologies" below.
3.3. Information We Process on Behalf of Our Clients (End-User Data)
As part of our Services, we process certain data from our Clients' end-users on their behalf to serve targeted advertising and measure its performance. As a Data Processor, the types of data we collect and process are determined by our Clients (the Data Controllers) and are governed by our agreements with them. This data typically includes:
Device Identifiers: Mobile advertising IDs (e.g., Apple's IDFA or Google's GAID), IP address, and other device-level identifiers.
Device Information: Device type and model, operating system (and version), carrier, language setting, time zone, and screen resolution.
Geolocation Data: We may process approximate geolocation information (e.g., country or city inferred from an IP address) or, with the end-user's explicit consent, more precise geolocation data.
Ad Interaction Data: Information about an end-user's interaction with the ads we serve, such as which ads they viewed, which ads they clicked, which applications they installed, and certain in-app events within the advertised application.
Game/Application Data: The ID or name of the Client application the end-user is using.
We emphasize that we do not collect end-users' names, email addresses, phone numbers, or other sensitive, directly personally identifiable information unless we are instructed to do so by our Client (as the Data Controller) and they have obtained all necessary legal bases and consents for doing so.
The purposes for which we use the information we collect depend on the type of information and the specific context in which we provide our Services.
4.1. Use of Client Data (as a Data Controller)
We use your Client Data for the following purposes:
To Provide and Manage Services: To create and manage your account, process transactions, provide you with the Services you have requested, and fulfill our contractual obligations to you.
For Customer Support and Communication: To respond to your inquiries, comments, and requests, send you administrative information related to the Services (e.g., service updates, security alerts, technical notices), and provide customer support.
To Improve and Develop Services: To analyze usage trends and preferences to understand how our website and Services operate, allowing us to troubleshoot, improve existing features, and develop new products and functionalities.
For Security and Compliance: To protect the security of our website, Services, systems, and users; to prevent and detect fraud, unauthorized activities, claims, and other liabilities; and to comply with our legal and regulatory obligations.
For Marketing and Promotion: With your consent, to send you marketing communications about our products, services, offers, and events that we believe may be of interest to you. You can opt-out at any time by following the unsubscribe instructions in the communications.
4.2. Use of End-User Data (as a Data Processor)
We use End-User Data in accordance with our Clients' instructions and our agreements with them to provide our advertising Services. The primary purposes include:
Ad Serving and Personalization: To show users more relevant advertisements based on their interests, demographics, or behaviors.
Performance Measurement and Attribution: To measure the effectiveness of advertising campaigns, such as tracking ad impressions, clicks, conversions (like app installs), and return on ad spend (ROAS).
Frequency Capping: To ensure users do not see the same advertisement too frequently.
Fraud Detection and Prevention: To identify and prevent invalid traffic (e.g., bots, click fraud) to protect our Clients and the integrity of the advertising ecosystem.
Reporting and Analytics: To generate aggregated reports for our Clients on the performance of their advertising campaigns.
We rely on one or more legal bases to process your personal data, depending on the type of personal data involved and the specific context in which we collect it.
Contractual Necessity: When processing is necessary for the performance of a contract to which you (as a Client) are a party, for example, to set up your account and provide the Services you have purchased.
Legitimate Interests: When processing is in our legitimate business interests, and your interests and fundamental rights do not override those interests. Our legitimate interests include operating and improving our Services, protecting our business, communicating with you, and conducting B2B marketing.
Consent: In certain situations, we will ask for your explicit consent to process your personal data, such as before sending you direct marketing emails or placing non-essential cookies on your device. You may withdraw your consent at any time, but this will not affect the lawfulness of processing based on consent before its withdrawal.
Legal Obligation: When we need to process your personal data to comply with a legal or regulatory obligation, such as responding to a court order or a lawful request from a law enforcement agency.
For End-User Data that we process as a Data Processor, our Client (the Data Controller) is responsible for ensuring they have the appropriate legal basis (typically the end-user's consent or their legitimate interests) for processing this data.
We do not sell your personal data. We only share your information with third parties in the following limited circumstances:
Service Providers and Sub-processors: We may share information with third-party companies and individuals who perform services on our behalf (i.e., "sub-processors"), such as cloud hosting providers, data analytics companies, customer support tool providers, and payment processors. These service providers are only given access to your information as is necessary to perform these tasks on our behalf and are contractually obligated to protect your information and use it only for the purposes for which we have instructed them.
Advertising Partners and Third-Party Platforms: To execute advertising campaigns, we must share End-User Data (typically anonymized or pseudonymized device identifiers) with third-party advertising partners such as ad networks, ad exchanges, and social media platforms.
Clients: We share performance reports and analytics related to their advertising campaigns with our Clients. These reports are generally aggregated but may contain End-User Data attributed to specific activities.
Business Transfers: If NEXUS REALM PTE. LTD. is involved in a merger, acquisition, bankruptcy, reorganization, sale of assets, or other corporate transaction, your information may be sold or transferred as part of that transaction. We will notify you before such a transfer occurs and ensure that the receiving party commits to privacy protections that are substantially consistent with this Policy.
Legal Requirements and Compliance: We may disclose your information if we have a good faith belief that it is reasonably necessary to comply with a law, regulation, legal process, or mandatory governmental request; to enforce our Terms of Use or other agreements; to protect the rights, property, or safety of NEXUS REALM PTE. LTD., our users, or the public from harm.
With Your Consent: We will ask for your explicit consent to share your personal data with a third party for any purpose not described above.
We and our third-party partners use cookies and similar technologies to enhance user experience, analyze usage, and for advertising purposes.
What Cookies Are: Cookies are small text files placed on your computer or mobile device by websites that you visit.
Types of Cookies We Use:
Strictly Necessary Cookies: These cookies are essential for the website to function and enable you to use its core features, such as logging into secure areas. The website cannot function properly without these cookies.
Performance and Analytics Cookies: These cookies collect information about how visitors use our website, such as which pages they visit, how long they stay on a page, and if they get error messages. This information is anonymous and is only used to help us improve how our website works.
Functionality Cookies: These cookies allow the website to remember choices you make (such as your user name, language, or the region you are in) and provide enhanced, more personal features.
Advertising and Targeting Cookies: These cookies are used to deliver advertisements more relevant to you and your interests. They are also used to limit the number of times you see an advertisement as well as help measure the effectiveness of the advertising campaign. They are usually placed by advertising networks with the website operator’s permission.
Your Choices and Controls: Most web browsers are set to accept cookies by default. You can usually modify your browser setting to decline cookies or to alert you when cookies are being sent. Please note that if you choose to disable cookies, some parts of our website may not function properly. For end-users, mobile operating systems (like iOS and Android) provide options to reset your advertising ID and opt-out of personalized advertising.
We retain personal data for as long as necessary to fulfill the purposes for which it was collected and to comply with applicable legal requirements.
Client Data: We will retain your Client Data for as long as your account is active or as needed to provide you with Services. After your account is closed, we may retain your information for a reasonable period to fulfill our legal obligations (e.g., financial record-keeping), resolve disputes, enforce our agreements, and for other legitimate business purposes.
End-User Data: The retention period for End-User Data that we process as a Data Processor is determined by our Clients (the Data Controllers) and is governed by our data processing agreements with them. We typically retain campaign-level End-User Data for a limited period for reporting, fraud detection, and billing purposes, after which it is deleted or anonymized.
We are committed to protecting the security of your information. We implement and maintain a comprehensive, commercially reasonable set of technical, administrative, and physical safeguards designed to protect the personal data we process from accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access.
These measures include:
Technical Measures: Use of SSL/TLS technology to encrypt data in transit, deployment of advanced firewalls and intrusion detection/prevention systems, encryption or pseudonymization of sensitive data at rest, and implementation of strict access controls.
Organizational Measures: Strict internal data access policies (the "principle of least privilege"), regular data security and privacy training for our employees, and signing confidentiality and data processing agreements with all third parties that handle personal data.
Physical Measures: Securing our office premises and the data centers that host our servers against unauthorized physical access.
Despite our extensive measures, no method of transmission over the Internet or method of electronic storage is 100% secure. Therefore, we cannot guarantee the absolute security of your information.
NEXUS REALM PTE. LTD. is a global company headquartered in Singapore. To provide our Services, your personal data may be transferred to, and stored and processed in, countries and jurisdictions outside of your own, where the data protection laws may differ from those in your location.
Specifically, data may be transferred to locations where we or our service providers have facilities. When we transfer personal data outside of the European Economic Area (EEA), we will take appropriate safeguards to ensure that your data is adequately protected in accordance with this Policy and applicable law. These measures may include relying on an adequacy decision from the European Commission or entering into the Standard Contractual Clauses (SCCs) approved by the European Commission.
Depending on your jurisdiction (e.g., Singapore, EEA), you may have a range of rights in relation to your personal data. We are committed to honoring these rights. These rights may include:
The Right to Access: You have the right to request access to the personal data we hold about you and to receive a copy of it.
The Right to Rectification: You have the right to request that we correct any personal data we hold about you that you believe is inaccurate or incomplete.
The Right to Erasure (the "Right to be Forgotten"): In certain circumstances (e.g., the data is no longer necessary for the purpose for which it was collected, or you withdraw consent), you have the right to request that we delete your personal data.
The Right to Restrict Processing: In certain situations (e.g., you are contesting the accuracy of the data), you have the right to request that we temporarily stop processing your personal data.
The Right to Data Portability: In certain circumstances, you have the right to receive the personal data you have provided to us in a structured, commonly used, and machine-readable format and to have the right to transmit that data to another controller.
The Right to Object: You have the right to object to our processing of your personal data based on our legitimate interests. You also have the absolute right to object to the processing of your personal data for direct marketing purposes at any time.
The Right to Withdraw Consent: Where our processing of your personal data is based on your consent, you have the right to withdraw that consent at any time.
The Right not to be Subject to Automated Decision-Making: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
To exercise any of your rights, please contact us using the contact details provided at the end of this Policy. We will respond to your request within a reasonable timeframe in accordance with applicable law. To protect your privacy and security, we may take steps to verify your identity before processing your request.
Our Services are not directed to children under the age of 16. We do not knowingly collect or solicit personal data from children under 16. If we learn that we have inadvertently collected such information, we will take reasonable steps to delete it from our records as soon as possible. If you believe that we might have any information from or about a child under 16, please contact us immediately.
Our website may contain links to other websites that are not operated or controlled by us. We are not responsible for the content, privacy policies, or practices of these third-party websites. We strongly advise you to review the privacy policy of every site you visit.
We reserve the right to modify this Privacy Policy at any time. If we make material changes, we will notify you by posting the updated policy on our website, updating the "Effective Date," or through other appropriate communication channels. Your continued use of our Services after any such changes take effect constitutes your acceptance of the revised Privacy Policy.
If you have any questions, concerns, or requests regarding this Privacy Policy, our data practices, or if you wish to exercise your data protection rights, please contact us or our Data Protection Officer (DPO) at:
NEXUS REALM PTE. LTD.
Attn: Data Protection Officer
60 PAYA LEBAR ROAD, #08-10,
PAYA LEBAR SQUARE,
SINGAPORE 409051
Email: [email protected]
We will do our best to address your concerns in a timely and effective manner. If you are not satisfied with our response, you have the right to lodge a complaint with the data protection supervisory authority in your jurisdiction.