PRIVACY POLICY

Effective date: 2026-02-26

Pandopa Office SRL (“we”, “us”, or “our”) operates the Gridpunk mobile application, web version, and related game services (the “Application”).

This Privacy Policy explains how we collect, use, store, share, and protect information when you use the Application, including when the Application displays ads or uses ad-supported features.

By using the Application, you acknowledge the practices described in this Privacy Policy.

1. Information We Collect

Information You Provide

We may collect information that you provide directly, including:

In-game identifiers, usernames, and profile-related information
Support communications, emails, and messages sent to us
Reports you submit about chat messages, players, or other conduct
Appeals or other requests relating to moderation or account actions

We do not require you to provide real names, home addresses, or payment card information to use the Application.

Information Collected Automatically

When you use the Application, we may collect information automatically, including:

Device information (device model, operating system, language, country/region)
Browser information for the web version (browser type, browser version, platform-related technical data)
App version, build number, and technical diagnostics
Gameplay events, feature usage, session activity, and performance statistics
IP address, approximate region, and connection-related information
Security, integrity, and anti-abuse signals used to protect the Application
Advertising identifiers or similar ad-related technical identifiers where available
Consent status, privacy-choice status, and ad-permission status where required by law or platform rules

Web Platform and Account Data

If you access the web version of the Application, we may process platform-related information provided through web integrations or platform services, including:

Web session identifiers and platform-provided user identifiers where available
Platform authentication or login status where supported
Browser storage, local storage, or similar technical identifiers used for functionality or security
Web-specific analytics, session, and integration events

Chat, Reports, and Moderation Data

If the Application includes chat, social, or community features, we may process user-generated content and related records, including:

Global chat, party chat, private messages, usernames, and related metadata
Timestamps, sender identifiers, recipient or channel information, and message-related technical data
Reports submitted by users and the categories selected in those reports
Moderation records such as warnings, content removals, mutes, suspensions, bans, and appeals

We process this information to operate community features, investigate abuse, enforce our Terms, protect users, and comply with legal obligations.

Purchases and Transaction Data

Purchases may be processed by third-party platforms or payment providers such as Google Play, the Apple App Store, CrazyGames, or Xsolla, depending on how you access the Application.

We may receive transaction-related information from those providers, such as:

Purchase status and order or transaction identifiers
Items purchased, virtual currency granted, and transaction timestamps
Country, currency, tax-related status, and payment confirmation status
Refund, chargeback, fraud, risk, or verification-related status where relevant

We do not collect or store:

Credit card numbers
Billing addresses entered directly into third-party checkout systems
Full payment account details

Advertising, Consent, and Ad Measurement Data

The Application may display ads, including rewarded ads, interstitial ads, banner ads, and other ad-supported formats. We may process ad-related information to request, deliver, measure, limit repetition of, and validate advertising and ad-supported rewards.

This may include:

Ad requests, impressions, clicks, view or reward-completion events, and related timestamps
Advertising identifiers, app-instance identifiers, device or browser signals, and approximate region
Fraud-prevention, invalid-traffic, fill-rate, attribution, and ad-performance data
Consent-status, privacy-choice status, and tracking-authorization status where applicable

For users in the EEA, the UK, or Switzerland, we may use Google’s consent tools or other approved consent flows to collect and manage ad-related privacy choices where required. On iOS, where applicable, we may request permission through Apple’s App Tracking Transparency framework before using tracking-related permissions such as access to IDFA.

2. How We Use Your Information

We may use collected information to:

Operate, maintain, and improve the Application
Enable online features, matchmaking, progression, and live operations
Provide chat, social, and community functionality
Review reports and enforce our Terms of Service
Process purchases, validate transactions, deliver virtual items, and handle purchase-related support
Serve ads, support rewarded-ad features, measure ad performance, limit ad repetition, and manage ad delivery
Deliver personalized ads where permitted, or non-personalized/contextual ads where required or selected
Detect cheating, fraud, spam, abuse, ad fraud, invalid traffic, chargeback abuse, and other harmful activity
Analyze gameplay, performance, stability, and user experience
Provide customer support and respond to requests or appeals
Comply with legal obligations and lawful requests

3. Legal Bases for Processing (EEA / GDPR)

If you are located in the European Economic Area (EEA), we process personal data only where we have a valid legal basis, including:

Performance of a contract — to provide and operate the Application and its core features
Legitimate interests — to secure the Application, prevent abuse, enforce rules, improve services, process purchases safely, and protect users
Legal obligations — where processing is required by applicable law, lawful requests, tax or payment compliance duties, or regulatory obligations
Consent — where consent is required under applicable law, including for certain advertising, tracking, or device-storage activities

4. Anti-Cheat, Security, and Fair Play

We may process technical, behavioral, device, browser, and integrity-related data to detect cheating, tampering, unauthorized modifications, fraud, or misuse of the Application.

This processing helps us protect the integrity of the game, our services, and other players, and may result in warnings, restrictions, suspensions, or bans where appropriate.

5. Chat Safety, Reports, and Moderation

To maintain a safe community and enforce our rules, we may review chat content, reports, and related records, including through automated tools or manual review where appropriate.

This may include investigating reported messages, removing content, issuing warnings, muting users, restricting features, suspending accounts, or permanently banning accounts.

We may also preserve relevant records where reasonably necessary for abuse prevention, dispute handling, safety investigations, or legal compliance.

6. Third-Party Services

The Application uses third-party services, SDKs, infrastructure providers, platforms, and payment providers that may process information according to their own terms and privacy policies. These may include, without limitation:

Unity
PlayFab
Photon Fusion
Photon Chat
CrazyGames
Xsolla
Facebook
Google Analytics for Firebase
Unity Analytics
Kochava
Google Play Services
Google AdMob / Google Mobile Ads
Meta Ads
AppLovin
Unity Ads
ironSource
Mintegral
Other Google AdMob mediation partners where applicable

We recommend reviewing the privacy policies of these providers, as we do not control their independent processing practices. We may also maintain industry-standard advertising authorization records, such as app-ads.txt, to support authorized ad inventory sales and supply-chain transparency.

7. Data Sharing

We do not sell your personal data.

We may share information only where reasonably necessary, including:

With service providers and infrastructure partners that help operate the Application
With platform providers for functionality, authentication, payments, fraud prevention, security, support, or ad-related integrations
With payment providers and checkout providers to process purchases, validate transactions, prevent fraud, and handle refunds or chargebacks
With advertising partners, mediation providers, and measurement or fraud-prevention partners to deliver ads, validate rewarded ads, measure performance, and prevent invalid traffic or ad fraud
When required by law, legal process, lawful request, tax obligation, or regulatory obligation
To protect our rights, users, staff, or the integrity and security of the Application
In connection with a business transfer, merger, acquisition, or reorganization, subject to applicable law

8. International Transfers

Because our service providers, platform partners, and technical systems may operate in multiple countries, your information may be processed outside your country of residence.

Where required by applicable law, we take reasonable steps to ensure that appropriate safeguards are in place for such transfers.

9. Data Retention

We retain personal data only for as long as reasonably necessary for the purposes described in this Privacy Policy, including to provide the Application, maintain security, investigate abuse, respond to reports, process transactions, comply with legal obligations, resolve disputes, and enforce our Terms of Service.

Different categories of data may be kept for different periods depending on the purpose, sensitivity, technical need, legal requirements, and payment, advertising, or fraud-prevention needs. When data is no longer required, we delete it, anonymize it, or securely de-identify it where appropriate.

10. Children’s Privacy

The Application is not intended for children under the age of 13.

We do not knowingly collect personal data from children under 13. If you believe a child has provided personal data, please contact us and we will take appropriate steps to investigate and delete it where required.

11. Your Rights (GDPR and Similar Laws)

Depending on your location, you may have rights regarding your personal data, including the right to:

Access personal data we hold about you
Request correction of inaccurate data
Request deletion of data, subject to legal exceptions
Object to or request restriction of certain processing
Request data portability where applicable
Withdraw consent where processing is based on consent
Lodge a complaint with a competent data protection authority

To exercise these rights, contact us using the details below. We may request reasonable information to verify your identity.

12. Data Security

We take reasonable technical and organizational measures to protect personal data against unauthorized access, loss, misuse, alteration, or disclosure.

However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in the Application, legal requirements, platform integrations, payment arrangements, or our data practices.

Changes become effective when posted on this page, unless a later effective date is stated. Continued use of the Application after an updated version becomes effective means you acknowledge the revised policy.

14. Contact Us

If you have questions or requests regarding this Privacy Policy, please contact us:

By email: dan.popa@nevergames.net
By visiting this page on our website: www.nevergames.net