top of page

Bloomscape Interactive

PRIVACY POLICY

This Privacy Policy (hereinafter referred to as "this Policy") applies to the mobile game product (hereinafter referred to as "this Product") developed and operated by Bloomscape Interactive Inc. (registered address: 7055 E Bayaud Ave, Denver, CO 80230, USA) (hereinafter referred to as "we/us"). We attach great importance to user privacy and commit to strictly complying with relevant U.S. laws and regulations, including the California Consumer Privacy Act (CCPA) and the Children's Online Privacy Protection Act (COPPA), to protect the security and legitimate rights and interests of users' (hereinafter referred to as "you") personal information. This Policy details how we collect, use, store, share, and protect your personal information, as well as the rights you are entitled to. Please carefully read and understand this Policy before using this Product. If you do not agree to any content of this Policy, please do not use this Product.​

1. Collected Information and Permission Description​

We only collect necessary information with your explicit authorization to implement the core functions of this Product and optimize user experience. The collection of permissions follows the principle of "prioritizing sensitive permissions and minimizing necessity", as detailed below:​

(1) Sensitive Permissions and Information Collection​

  1. Location Information Permission​

  • Collection Method: We will only collect your approximate location information (based on IP address) or precise location information (based on GPS) when you actively enable "Location Services" on your device and authorize this Product to access location information.​

  • Collected Content: Precise location information (latitude and longitude), approximate location information (city, region).​

  • Collection Objects: All users of this Product (if you refuse authorization, you will only be unable to use location-based functions such as regional rankings and nearby player matching, without affecting the core gameplay of the Product).​

  • Purpose: To provide regionalized content recommendations, nearby player interaction matching, regional ranking statistics, and other functions.​

  1. Camera and Microphone Permissions​

  • Collection Method: We will only temporarily access the camera or microphone when you actively enable the permission and trigger relevant functions (such as custom avatar shooting, voice chat), and will not collect them automatically in the background.​

  • Collected Content: Images/videos captured by the camera (only for uploading custom avatars or interactive sharing within the Product), audio recorded by the microphone (only for in-game voice chat functions).​

  • Collection Objects: Users who actively use the above functions (refusing authorization will prevent you from using the corresponding functions without affecting other usage experiences).​

  • Purpose: To meet users' needs for custom avatars, real-time voice communication within the Product, etc.​

  1. Storage Permission (including album and file access)​

  • Collection Method: After obtaining your authorization, we will only access device storage when you upload local images as avatars, save product screenshots, or download product resources.​

  • Collected Content: Local image files you actively upload, screenshot files generated by the Product, and resource files required for product installation and operation.​

  • Collection Objects: All users (refusing authorization may prevent you from uploading custom avatars, saving screenshots, etc., but will not affect the basic operation of the Product).​

  • Purpose: To implement functions such as custom avatar settings, product screenshot saving, and local caching of product resources.​

  1. Account and Identity-related Information​

  • Collection Method: Obtained through information you actively fill in when registering a product account, or synchronized when logging in through third-party accounts (such as Google Play, Apple ID, Facebook) with authorization.​

  • Collected Content: Account name, bound email address, mobile phone number (if you actively provide it), nickname and avatar of the third-party account (only for account association display).​

  • Collection Objects: All users who register and use this Product's account.​

  • Purpose: For account registration and login verification, account security protection, password retrieval, in-product message notifications, etc.​

(2) General Permissions and Information Collection​

  1. Device Information Permission​

  • Collected Content: Device model, operating system version, unique device identifiers (such as IMEI, Android ID, IDFA, only used for device identification and anti-cheating), network type (Wi-Fi/mobile data), device operating status (such as memory, storage space).​

  • Collection Method: Automatically collected after the product is installed and running (no separate authorization required, as it is necessary information for realizing the basic operation of the product).​

  • Collection Objects: All users of this Product.​

  • Purpose: For product compatibility adaptation, fault troubleshooting, anti-cheating detection, and optimizing product operating performance.​

  1. Product Usage Behavior Information​

  • Collected Content: Your operation records within the Product (such as login time, usage duration, completed tasks, obtained props, interaction data, recharge records), and interface interaction behaviors (such as clicks, browsing records).​

  • Collection Method: Automatically recorded during the operation of the Product (no additional authorization required).​

  • Collection Objects: All users of this Product.​

  • Purpose: For optimizing product gameplay design, providing personalized content recommendations, statistics of product operation data, and handling user feedback issues.​

(3) Information Sharing and Sale Description​

  1. Information Sharing: We will not arbitrarily share your personal information with any irrelevant third parties. Sharing may only occur in the following circumstances:​

  • With your explicit authorization: For example, if you agree to share in-product achievements to third-party social platforms (such as Facebook, Twitter), only the public information you actively select (such as achievement screenshots, nickname) will be shared.​

  • Cooperative service providers: To implement product functions (such as payment, server hosting, customer service support), we will share necessary information with cooperative third-party service providers (such as payment institution Stripe, server provider AWS, customer service tool Zendesk), but require them to strictly abide by confidentiality obligations and only use the information to provide corresponding services, not for other purposes.​

  • Legal compliance requirements: We may disclose necessary information in accordance with court subpoenas, legal orders, or requirements of government regulatory authorities, or to protect the legitimate rights and interests of us, users, and the public (such as preventing fraud, handling illegal and irregular behaviors).​

  1. Information Sale: We will not sell, lease, or otherwise transfer your personal information to third parties for profit purposes, unless we obtain your explicit written consent.​

(4) Data Storage Servers​

All your personal information and product data will be stored on data center servers located in Virginia, USA provided by Amazon Web Services (AWS). We will strictly comply with the privacy protection laws and regulations of the region where the servers are located, and ensure the security and integrity of data storage through multiple encryption and access control measures.​

2. Information Security Assurance Measures​

We adopt a multi-layered security protection system to ensure that your personal information is not accessed, used, or disclosed without authorization:​

  1. Technical Protection: Adopt SSL/TLS encrypted transmission technology to ensure the security of data during transmission; encrypt stored sensitive information (such as account passwords) using hashing algorithms with salt; deploy firewalls, intrusion detection systems (IDS), data desensitization, and other technologies to prevent network attacks.​

  1. Management Specifications: Establish strict information security management systems, clarify data access rights, and only authorized personnel can access user information; conduct privacy protection training for employees, require them to sign confidentiality agreements, and violators will bear corresponding responsibilities.​

  1. Emergency Response: Formulate emergency plans for data security incidents. In the event of data leakage, loss, or other security incidents, we will immediately take remedial measures and promptly notify you and regulatory authorities in accordance with relevant laws and regulations.​

  1. Third-party Supervision: Regularly conduct security assessments on cooperative third-party service providers, requiring them to comply with the same privacy protection standards as us to ensure the security of user information throughout the entire process.​

3. Data Retention and Deletion Mechanisms​

  1. Data Retention Period: We only retain your personal information for the shortest period necessary to achieve the purposes stated in this Policy:​

  • Account information (such as account name, bound email): Retained during the existence of your account; if the account is not logged in for 18 consecutive months, we will notify you by email. If you still do not log in within 30 days after the notification, the account will be cancelled and the relevant account information will be deleted (except as required by laws and regulations to be retained).​

  • Product usage behavior data, device information: Retained for 12 months after your account is cancelled, or until the expiration of the retention period specified by laws and regulations (such as data used for compliance audits and anti-cheating tracing will be retained for no more than 2 years).​

  • Sensitive information (such as location information, voice data): Temporarily retained only during the use of the function, and automatically deleted after the function ends (such as voice chat data will be deleted within 72 hours after the call ends, and location information will be deleted within 24 hours after the regional function is used).​

  1. Data Deletion Methods:​

  • Active deletion: You can cancel your account through the "Settings - Account Management - Delete Account" function in the Product or by contacting customer service. After the account is cancelled, we will complete the deletion of all personal information within 30 days (including server-stored data and associated data on third-party cooperative platforms), and the deleted data cannot be recovered.​

  • Passive deletion: If you violate the User Agreement of this Product, we have the right to cancel your account and delete relevant information; if laws and regulations require mandatory deletion, we will execute it in accordance with the requirements.​

  • Technical Assurance: Deletion adopts methods such as "complete overwriting" and "physical destruction of storage media" to ensure that data cannot be recovered.​

4. Protection of Minors' Rights and Interests​

We attach special importance to the privacy protection of minors and strictly comply with the requirements of the Children's Online Privacy Protection Act (COPPA):​

  1. If you are a minor under the age of 13, you must use this Product with the consent of your parents or legal guardians, and only guardians may provide necessary registration information (such as the guardian's email address, contact information). We will not actively collect personal information of minors.​

  1. Guardians may inquire about, correct, or delete the minor's personal information, request account cancellation, or withdraw previous authorization consent through the contact information provided in this Policy.​

  1. This Product does not contain any harmful content targeting minors, nor does it set functions that induce minors to over-consume; all recharge functions are equipped with payment limits and identity verification (such as requiring the guardian's password) to prevent irrational consumption by minors.​

  1. If we discover that we have collected personal information of minors without the guardian's consent, we will immediately delete the relevant data and contact the guardian to explain the situation.​

5. Your Rights​

In accordance with relevant U.S. privacy laws and regulations (such as CCPA, GDPR, applicable to eligible users), you are entitled to the following rights, and we will provide you with relevant services free of charge:​

  1. Right to Know: The right to inquire about the specific circumstances of the collection, use, storage, and sharing of your personal information by us (you can request it through customer service).​

  1. Right of Access: The right to request us to provide a copy of your personal information (in electronic document format).​

  1. Right to Rectification: The right to request us to correct your personal information if it is incorrect (such as an incorrect bound email address for the account).​

  1. Right to Erasure (Right to be Forgotten): The right to request us to delete your personal information (except in cases where retention is required by laws and regulations).​

  1. Right to Withdraw Consent: The right to withdraw previously granted permissions at any time (such as turning off location information, camera permissions), which can be operated through device system settings or in-product settings. Withdrawal of consent does not affect the legality of information use based on the consent before withdrawal.​

  1. Right to Data Portability: The right to request us to transfer your personal information to another service provider designated by you (subject to technical feasibility requirements).​

  1. Right to Object: The right to object if you believe that our processing of your personal information is improper, and to request us to explain the basis for the processing.​

To exercise the above rights, you can submit an application through the channels provided in the "Contact Information" section of this Policy. We will verify your identity (such as requesting account information, bound email verification) within 15 working days after receiving the application and provide a processing result; if you are dissatisfied with the processing result, you can file a complaint with the U.S. Federal Trade Commission (FTC) or the privacy regulatory authority of your state.​

6. Use of Cookies and Similar Technologies​

  1. Definition of Cookies: Cookies are small text files that our servers store on your device when you access this Product (including the product's official website) to identify the device, record usage preferences, etc.​

  1. Purpose of Use:​

  • Remember your account login status to avoid repeated logins;​

  • Record your product setting preferences (such as sound volume, image quality);​

  • Count product traffic and user behavior data to optimize the user experience;​

  • Prevent account theft, cheating, and other irregular behaviors.​

  1. Your Control Options: You can choose to disable or delete Cookies through functions in your device's browser or product settings; however, disabling Cookies may result in being unable to remember the login status, unable to save preference settings, and other issues, affecting the use of some product functions.​

  1. Third-party Cookies: Our cooperative parties (such as advertising service providers, analytics tool providers) may use third-party Cookies to provide personalized advertising, statistical analysis, and other services. The relevant usage rules are formulated by the third parties themselves, and we are not responsible for their behaviors. You can learn more details and manage permissions through the privacy policies of third-party platforms.​

7. Policy Updates​

  1. We may revise this Policy in accordance with changes in laws and regulations, product function updates, or privacy protection needs. The revised Policy will be posted on the product's official website and in-product announcement board for a public notice period of no less than 7 natural days.​

  1. If the revised content has a material impact on your rights (such as expanding the scope of information collection or changing information sharing rules), we will explicitly notify you through in-product pop-ups, bound email notifications, or other means. Your continued use of this Product will be deemed as acceptance of the revised Policy; if you do not agree, you may choose to cancel your account and stop using the Product.​

  1. The update date of this Policy will be indicated at the end of the document, and the revised Policy will take effect after the public notice period expires.​

8 Contact Information

If you have any questions, complaints, or suggestions regarding this Privacy Policy, or need to exercise relevant rights, you can contact us through the following channels:​

  1. Email Address: info@bloomscapeinteractive.com (Monday to Friday, 9:00 AM - 6:00 PM MDT; we will respond within 3 business days).​

  1. Mailing Address: Privacy Department, Bloomscape Interactive Inc., 7055 E Bayaud Ave, Denver, CO 80230, USA.​

  1. In-product Customer Service: Open "Settings - Help & Support" in this Product and submit an online inquiry (we will respond within 24 hours on business days).​

bottom of page