Our terms

Data Protection Addendum for Mainland China

This Privacy and Data Protection Addendum For Mainland China (“Chinese DPA”) supplements the Terms of Service available at https://gameanalytics.com/terms/, and any other agreements (“Agreement”) as updated from time to time between you, either an individual or a legal entity that you represent as an authorized employee or agent (“Partner”), and GameAnalytics Ltd (“GA”) for GA’s products and services (“Service(s)”). This Chinese DPA is an agreement incorporated into and form part of the Agreement. This Chinese DPA shall be effective since the effective date of the Agreement, and survive termination or expiry of the Agreement. To the extent there are any prior agreements with regard to the subject matter of this Chinese DPA, this Chinese DPA supersedes and replaces such prior agreements. In case of any conflict between a provision of this Chinese DPA and the Agreement, as it relates to Personal Information, the provision of this Chinese DPA shall prevail. Capitalized terms used herein and not defined herein will have the meaning set forth in the Agreement and/or the Data Protection Laws.

This Chinese DPA applies when GA collects or processes Personal Information of Users which is transferred or made available by Partner and which is protected or otherwise regulated by Data Protection Laws. The parties hereby agree to comply with the following provisions.

1. Definitions.

1.1. “Affiliates” means with respect to a Party, all entities which, directly or indirectly, control, are being controlled by, or are under common control with such Party.

1.2 “Data Protection Rules” means any applicable laws, regulatory policy, national standard, industry standard of the mainland areas of the People’s Republic of China (for the sole purpose of this Chinese DPA, the Hong Kong S.A.R of People’s Republic of China, Macao S.A.R. of People’s Republic of China, and Taiwan areas of People’s Republic of China are not included) and/or any applicable policy of any platform that is engaged in providing service for GA and Partner with respect to the processing of Personal Data which GA or Partner is subject to, including but not limited to any law or regulation, regulatory policy, national standard, industry standard, policy pursuant to the Agreement that is similar, equivalent to, successors to, or that are intended to or implement the laws or regulations.

1.3 Privacy Requirements means any applicable Data Protection Rules, any industry standard, rule or guideline of GA.

1.4″GA Privacy Policy” means the privacy policy available at GA’s official website at https://gameanalytics.com/privacy/ which may be updated from time to time.

1.5 “Personal Data” or “Personal Information’ means information relating to an identified or identifiable Individual, anonymous data is included in the scope of Personal Data.

1.6 “process” or “processing” “process” or “processing” includes collection, storage, use, process, transmit, making available, disclose to the public, erasure, etc.

1.7 “Service(s)” means Services provided by GA and/or its Affiliates to Partner according to the Agreement.

1.8 “User” means end users who visits or uses Partner’s Product (including mobile application).

2. Compliance with Privacy Requirements

Each party confirms that it has complied, and will continue to complied with the obligations related to personal data protection as set out by Privacy Requirements.

3. Processing by Partner

3.1 Partner shall read carefully and ensure that its privacy policy and any process of Personal Data comply with the Privacy Rules, provisions of this Chinese DPA, rules issued by GA’s official website, agreements signed between both parties, GA Privacy Policy, etc. before integrating GA’s SDK.

3.2 Partner acknowledges and agrees that GA’s SDK has the function to process Personal Data, and agrees that the processing of Personal Data by GA’s SDK is for the necessity of providing Services.

3.3 Partner guarantees that it shall prominently announce and display its privacy policy in its Products in accordance with the Privacy Requirements and this Chinese DPA. The content of such privacy policy shall meet the following (without limitation) requirements:

3.3.1 Partner’s privacy policy shall be independently written, easily understandable and clearly reminding. After the User enters the main function interface, he or she can access to the privacy policy within no more than 4 time’s click or swipe.

3.3.2 Partner warrants that when the Product runs for the first time, the User will be notified to read its privacy policy by pop-up window and other obvious ways. After the User confirms and agrees to the privacy policy, GA’s SDK is authorized by Partner to process the Personal Data.

3.3.3 The User should be given the choice to choose actively whether to accept Partner’s privacy policy, which means the User’s acceptance should not be obtained by default or deceived.

3.3.4 The content Partner should clearly inform its User through its privacy policy and other documents includes but not limited to: (a) the type of Personal Data processed by Partner, the purpose, the processing method, the retention period, etc.; (b) Partner has chosen GA as its partner, Partner has used GA’s Services, and GA related information, including but without limitation to, GA’s company name and contact information, the types, processing purposes, and processing methods of Personal Data processed by GA/GA’s Affiliates and partner, and any other information that shall be notified to Users according to Privacy Requirements; (c) that GA will process Personal Data in accordance with GA Privacy Policy, and User shall be notified of the link to GA Privacy Policy, and User can access the GA Privacy Policy by clicking on the link; (d) any other information that needs to be included to meet the Privacy Requirements.

3.4 Partner acknowledges that neither GA nor GA’s Affiliates has establish direct relationship with Users. Therefore, Partner warrants that it has provided appropriate notices to and obtained valid consents from Users with regard to the processing of Personal Data by GA’s SDK, to the extent necessary for GA to process the Personal Data and any data related to the Agreement according to GA Privacy Policy, including without limitation, for GA or GA’s Affiliates to process Personal Data for purpose of providing Services. Partner shall also warrants that the ways, methods, procedures, etc.of obtaining Users’ consent does not violate the Privacy Requirements.

3.5 Upon request of GA, Partner shall provide GA with all the records of consents of Users. Partner understands and agrees that GA’s requirement for Partner to provide Users’ consents records does not relieve Partner’s legal liability arising out of making available the Personal Data to GA by Partner, nor does it constitute or lead to GA’s legal liability arising out of making available Personal Data to GA by Partner.

3.6 If Partner’s Product target to the Users or some Users who are defined as children (child under the age of 14), GA will not provide Services to such Product and such child User, and in this circumstance, Partner is not allowed to transfer or make available any child User’s Personal Data to GA, unless Partner has complied with the following requirements:

3.7.1 Partner has obtained prior consent of GA;

3.7.2 Partner warrants that it shall comply with any Privacy Requirement related to Personal Data protection of children and minors. If Partner may transfer or make available Personal Data of child User who are under the age of 14 to GA, Partner warrants that is has taken related measures and has obtained valid and explicit consents from its parents or any other authorized guardian (including the ways, manners and procedures shall be legal), and make reasonable effort to confirm that such consents are provided from parents or any other authorized guardian, to the extent for Partner and GA to process the Personal Data of Child User pursuant to this Chinese DPA and the Agreement.

3.7.3 Partner shall comply with any other provision directed by GA.

3.8 Due to the restriction of the current status of technology and the business mode, it is difficult for GA to actively identify child User’s Personal Data. If Partner realizes any processing of child User’s Personal Data by GA without GA’s acknowledgement or without any verifiable consent of parent or guardian, Partner shall notify GA in a timely manner. GA will try its best effort to delete such Personal Data. If GA realizes the above-mentioned situation by itself, GA will also delete the Personal Data in a timely manner, except for any retention as required by laws and regulations.

3.9 Partner warrants that it has provided adequate notices to, and obtained valid consents from, its employees, in each case, to the extent necessary for GA and/or its, Affiliates to send direct marketing by email to Partner’s employees in relation to the products and services of GA and/or its Affiliates, in accordance with the GA Privacy Policy (https://gameanalytics.com/privacy/). Partner will provide on request records of all consents obtained from its employees to GA and shall notify GA in writing within 24 hours of Client receiving employee’s objection to or withdrawal of consent.

3.10 Partner shall not cause GA to violate any Privacy Requirement when processing Personal Data in accordance with this Chinese DPA and GA Privacy Policy due to its acts or omissions, or cause GA to process Personal Data beyond the scope of User’s authorization and consent in accordance with this Chinese DPA and GA Privacy Policy.

3.11 Partner shall provide Users with easy-to-operate mechanisms to access, correct, delete their Personal Data, revoke or change their authorization and consent, and cancel their personal accounts, etc., to ensure that Users can realize their personal data rights in accordance with Privacy Requirements.

3.12 Partner guarantees that the retention for the relevant Personal Data and data provided to GA (or allowed to be collected by GA) does not exceed the legally necessary storage period which is necessary for Partner to process such Personal Data and data, nor does it exceed the legally necessary storage period which is necessary for providing related services based on such Personal Data and data. The processing of such Personal Data and data due to the cooperation between Partner and GA has not exceeded the above-mentioned period.

3.13 Partner guarantees that it will not steal or obtain Personal Data in other illegal ways, or illegally sell or illegally provide Personal Data to any third party (including GA). Partner will not disclose, tamper with, or destroy Personal Data it collected.

3.14 GA will from time to time update the SDK due to the upgrade and optimization of the SDK and the Products, improvement of safety performance, legal and regulatory requirement, etc. Different version of SDK may collect different data field. In order to ensure the cooperation between both parties legal and compliance, and to practically fulfill the obligation to protect Users’ Personal Data, Partner shall ensure that it has upgraded the GA SDK to the officially most updated version so as to avoid any illegal issue arising out of using the SDK old version and any risk of being fined by the regulatory authority by Partner or GA. GA will inform Partner in effective ways such as notifications, station letters, announcements, etc., after the GA SDK is upgraded. Partner shall pay close attention to it and update the SDK version as soon as possible.

4. GA’s Processing

GA and/or its Affiliates will Process Personal Information in accordance with the GA Privacy Policy.

5. Limitation of Access

Each party will limit access to Personal Information to those personnel who require such access only as necessary to fulfill such party’s obligation under the Agreement. Each party is responsible to make sure that all relevant personnel of such party adhere to this Chinese DPA.

6. Information Security

Each party will maintain appropriate administrative, physical, organizational and technical safeguards aimed at maintaining an appropriate level of security, confidentiality and integrity of the Personal Information, in accordance with applicable Data Protection Laws, and official guidelines as provided by the competent authorities and good industry practice. Each party undertakes to regularly monitor compliance with these safeguards and will not materially decrease the overall security controls during the term of the Agreement.

7. Assistance

The parties shall, on request, provide each other with all reasonable and timely assistance (at their own expense) and co-operation to enable the other party to comply with its obligations under the Data Protection Laws, including in order to enable the other party to respond to: (a) any request from a Data Subject to exercise any of its rights under Data Protection Law; (b) any other correspondence, enquiry or complaint received from a Data Subject, regulator or other third party in connection with the processing of the Personal Information (“Correspondence”). Each party shall make commercially reasonable effort to promptly inform the other if it receives any Correspondence directly from a data subject in relation to the Personal Information.

8. Audit

Partner will make available all information necessary, including records of consents referred to in Section 4 as above under this Chinese DPA, to demonstrate Partner’s compliance with this Chinese DPA and will permit and contribute to any data audits reasonably required by GA upon GA’s prior written request and advanced notice.

9. Indemnification

The parties will indemnify each other and hold each other harmless from any cost, charge, damages, expense or loss (including but without limitation reasonable attorney fee, arbitration cost or litigation cost, investigation cost) which they cause each other as a result of their breach of any of the provisions of this Chinese DPA. Any limitation of liability specified in the Agreement will not be applicable to this Chinese DPA.

10. Governing Law and Dispute Resolution

The governing law and dispute resolution specified in Article 16.1 of the Terms of Service will also apply to this Chinese DPA.

11. Miscellaneous.

1. Any alteration or modification of this Chinese DPA is not valid unless made in writing and executed by duly authorized personnel of both parties.

2. Invalidation of one or more of the provisions under this Chinese DPA will not affect the remaining provisions. Invalid provisions will be replaced to the extent possible by those valid provisions which achieve essentially the same objectives.

3. Upon termination or expiry of the Agreement and this Chinese DPA, GA may continue to process the Personal Information provided that such processing complies with the requirements of this Chinese DPA and the Privacy Requirements.

4. Partner acknowledges that GA and/or its Affiliates may disclose this Chinese DPA and any relevant privacy provisions in the Agreement to any supervisory authority, regulator or other competent authority, to the extent required under the applicable law. Such disclosure will not constitute a breach of GA’s confidentiality obligation under the Agreement.

Get game industry insights,
delivered to your inbox

Announcing HyperBid 🎉

New mediation platform. Built for games.

Sign up to get free access to GameAnalytics premium products.