Privacy Policy - Sprunki Retake Kids Friendly

Effective Date: Jan 1, 2025

1. Information We Collect

1.1 Child User Data

For players under 13, we collect only necessary gameplay data: (a) Anonymous session identifiers (b) Musical preference patterns (c) Device-generated progress metrics. All data is pseudonymized using SHA-256 encryption before storage. No voice recordings or personal identifiers are stored without explicit parental consent.

1.2 Parent/Guardian Data

Parent accounts require: (a) Verified email address (b) Two-factor authentication method (c) Consent timestamps. We collect device metadata (OS version, screen resolution) for security audits. Payment information is processed through PCI-DSS compliant third parties and never stored on our servers.

2. How We Use Information

2.1 Gameplay Optimization

Aggregated rhythm pattern data (300+ parameters) trains our adaptive AI to personalize difficulty curves. Musical creativity metrics help refine our composition tools. Session duration data informs our PlaySmart® break reminder system. All analytics are processed through GDPR-compliant machine learning models.

2.2 Safety & Security

Device fingerprints and network signatures monitor for unauthorized access attempts. Our Content Integrity System scans all user-generated content using audio waveform analysis and visual pattern recognition to detect policy violations. Security logs are retained for 90 days in encrypted format.

3. Data Sharing Practices

3.1 Third-Party Services

We use only COPPA-certified vendors: (a) AWS Cognito for authentication (b) Akamai CDN for content delivery (c) Unity Analytics for gameplay metrics. Data processing agreements prohibit secondary usage. Shared data is limited to technical identifiers (no musical content or behavioral data).

3.2 Legal Requirements

We may disclose information when legally compelled, including: (a) Court orders from jurisdictions where we operate (b) Emergency circumstances involving imminent harm prevention. All legal requests undergo review by our Child Safety Oversight Board before any disclosure.

4. Your Rights

4.1 Access & Deletion

Parents can request: (a) Full data export (JSON/CSV formats) (b) Selective deletion of specific gameplay sessions (c) Permanent account termination. Requests are processed within 72 hours through our Parent Dashboard. Deleted data is cryptographically shredded following NIST 800-88 standards.

4.2 Consent Management

Consent can be modified/withdrawn at any time via: (a) In-game parental controls (b) Email verification process. Our Consent Audit Trail feature provides timestamped records of all permissions granted. Withdrawn consent triggers immediate data processing suspension.

5. Security Protocols

5.1 Encryption Standards

All communications use TLS 1.3 with PFS (Perfect Forward Secrecy). Data at rest is encrypted using AES-256-GCM with quarterly key rotation. Musical creations are stored in isolated containers with role-based access controls. We undergo annual penetration testing by CERT-certified auditors.

5.2 Incident Response

Our 24/7 Security Operations Center monitors for anomalies using SIEM (Security Information Event Management) systems. Breach notifications are sent within 48 hours of confirmation, detailing: (a) Nature of incident (b) Affected data types (c) Remediation steps. We maintain a $5M cyber insurance policy for user protection.

6. Global Compliance

6.1 EU-US Transfers

We comply with EU-US Data Privacy Framework requirements. European user data is processed in Frankfurt AWS regions. Data transfers undergo Schrems II compliance validation through our LegalBot® assessment tool. EU representatives can be contacted via privacy@sprunki-retake.eu.

6.2 Age Verification

Our Age Estimation System combines: (a) Declared birthdate (b) Device usage patterns (c) Parental credential verification. Suspected underage users are placed in restricted mode until age confirmation. We partner with Yoti for advanced age verification in premium features.

7. Policy Changes

Substantial changes trigger: (a) In-game notifications 30 days prior (b) Email alerts to parent accounts (c) Simplified child-friendly summaries. Historical versions are archived for 7 years. Continued use after updates constitutes acceptance of revised terms.