Effective Date: 8 December 2025

NICMIT LTD (“NICMIT,” “we,” “us,” or “our”) is committed to safeguarding the privacy and personal data of users (“you,” “your,” or “user”) who access or use our mobile applications, associated services, and website (collectively, the “Services”). This Privacy Policy is intended to provide you with a comprehensive explanation of our data collection, use, disclosure, and protection practices in accordance with applicable privacy and data protection laws, including but not limited to the United Kingdom General Data Protection Regulation (“UK GDPR”), the European Union General Data Protection Regulation (“EU GDPR”), the California Consumer Privacy Act (“CCPA”), the Brazilian General Data Protection Law (“LGPD”), the Personal Information Protection and Electronic Documents Act (“PIPEDA”), and the Singapore Personal Data Protection Act (“PDPA”), each as amended or superseded from time to time.

Your use of our Services constitutes your acknowledgement and acceptance of this Privacy Policy. If you do not agree with any provisions herein, you must immediately discontinue use of our Services.

 

 

1. Definitions

For the purposes of this Privacy Policy, the following definitions shall apply:

 

    1. “Applicable Laws” means all privacy, data protection, and related laws, regulations, and binding guidance applicable to NICMIT’s processing of Personal Data, including without limitation UK GDPR, EU GDPR, CCPA, LGPD, COPPA, PIPEDA, PDPA, and other equivalent laws in jurisdictions where users are located.
    2. “Personal Data” means any information relating to an identified or identifiable natural person, as defined under Applicable Laws.
    3. “Non-Personal Data” means information that does not identify an individual and cannot reasonably be used to determine identity, either alone or in combination with other information.
    4. “Processing” means any operation or set of operations performed on Personal Data, including collection, recording, organisation, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure, dissemination, alignment, combination, restriction, erasure, or destruction.
    5. “Controller” means the natural or legal person that determines the purposes and means of Processing Personal Data.
    6. “Processor” means a natural or legal person that Processes Personal Data on behalf of the Controller.
    7. “Third Party” means any person or entity other than the Data Subject, Controller, Processor, or persons authorised to process data under the direct authority of the Controller or Processor.
    8. “Cookies” means small text files stored on a device to retain information, track usage, and enable certain functionality.
    9. “SDK” means a software development kit embedded within our Services to provide certain functionality such as analytics, advertising, authentication, cloud storage, crash reporting, or social features.
    10. “Consent” means a freely given, specific, informed, and unambiguous indication of a Data Subject’s agreement to the Processing of their Personal Data.

 

 

 

2. Scope of This Policy

This Privacy Policy applies to all users of our mobile games, including without limitation those downloaded from Google Play Store, Apple App Store, Samsung Galaxy Store, Amazon Appstore, Huawei AppGallery, or other authorised distribution platforms, as well as to visitors to our website.

 

 

3. Data Controller

For the purposes of UK GDPR, EU GDPR, and equivalent legislation, the Data Controller is:

NICMIT LTD
Registered Office: 71–75 Shelton Street, Covent Garden, London, United Kingdom, WC2H 9JQ
Email: hello@nicmit.com

 

 

4. Categories of Data Collected

 

A. Data You Provide Directly

 

      • Email address, name, and any other contact details that you provide when you contact us for support or other enquiries (for example, via email or the contact form on our website).
      • Any additional information voluntarily included in user communications (for example, details about your device, screenshots, or descriptions of issues).

 

 

B. Data Collected Automatically

Through use of our Services, the following categories of data may be collected automatically by us or our service providers:

 

      • Device information, such as device model, operating system and version, language, screen resolution, and other technical identifiers.

      • Device identifiers and advertising identifiers (such as Google Advertising ID (GAID) or Apple Identifier for Advertisers (IDFA), where available and where permitted by your device settings or consent choices).

      • IP address and approximate geographic location (for example, country or city level, not precise GPS coordinates).

      • Gameplay and progress data, including levels reached, stars or scores, in-game items or currency, achievements, session length, and actions taken in the game. This may be associated with a device-based profile, an anonymous identifier, or, if you choose to sign in, your platform account (for example, Google Play Games or Apple account) to support cloud save and cross-device sync.

      • Usage data, such as frequency of play, features accessed, buttons tapped, menus opened, and interactions with in-game offers or rewarded ads.

      • Purchase and transaction-related information for in-app purchases or premium games (for example, product ID, purchase timestamp, store region, and whether a purchase was successfully completed or refunded). We do not receive or store full payment card numbers; those are processed by the relevant app store or payment provider.

      • Crash reports, performance data, diagnostics, and log data, which may include device information, OS version, app version, and the state of the app at the time of an error.

 

 

C. Data Collected via Third-Party SDKs

Our Services integrate third-party SDKs for advertising, analytics, crash reporting, authentication, cloud save, and other functionality. These SDKs may independently collect and process Personal Data in accordance with their respective privacy policies and your consent or device settings. Such data may include device identifiers, advertising identifiers, app usage events, crash logs, and limited information required to provide their services (for example, linking your platform account to game progress or serving rewarded ads).

 

D. Accounts, Authentication and Cloud Save

Our games do not require you to create a separate NICMIT account with a username and password. In certain titles, you may optionally choose to sign in using a platform account, such as Google Play Games on Android or Apple services on iOS. When you do so, the platform provider shares with us and/or our backend provider (for example, Unity Authentication and Unity Cloud Save) a limited identifier and authentication token so that we can:

 

      • verify that you are the same player across sessions and devices; and

      • store, sync, and restore your gameplay progress and related data in the cloud.

 

We do not receive your platform account password. You can also continue to play some games without signing in, in which case progress may be linked only to your device or an anonymous identifier.

 

 

5. Cookies and Tracking Technologies

We use Cookies and equivalent tracking technologies (including in-app SDKs) for purposes including but not limited to:

 

    • Ensuring proper functionality, security, and stability of the Services.

    • Conducting analytics to understand how users interact with our games and to improve features, performance, and stability.

    • Delivering personalised and non-personalised advertisements, where allowed by law and your consent or device settings.

 

You can control certain tracking and advertising settings at the device or platform level (for example, “Limit Ad Tracking” or “Allow Apps to Request to Track”). A detailed table of Cookies and SDK-based trackers, including provider, purpose, type, and retention period, is included in Annex A of this Policy.

 

 

6. Purposes and Legal Bases for Processing

Processing is undertaken for the following purposes:

 

    1. Service delivery – To operate, maintain, and provide access to our Services (for example, loading levels, displaying in-game UI, and allowing you to continue your game). Legal basis: Contractual necessity.

    2. Cloud save and cross-device sync – To store and restore your game progress, achievements, and other gameplay data, including when you change or reset devices, and when you choose to sign in with a platform account. Legal basis: Contractual necessity; Legitimate interests; Consent where required.

    3. Analytics – To monitor and analyse usage and trends (for example, how many players complete certain levels, session length, crashes and performance issues) in order to improve gameplay, stability, and design. Legal basis: Legitimate interests; Consent where required.

    4. Advertising and monetisation – To serve and measure personalised or contextual ads, offer rewarded ads, and understand ad performance, including through third-party ad networks. Legal basis: Consent where required; Legitimate interests for contextual and non-personalised ads.

    5. In-app purchases and entitlements – To enable purchases, verify transactions reported by the app stores, unlock and restore purchased items or “remove ads” status, and prevent fraud. Legal basis: Contractual necessity; Legal obligation; Legitimate interests.

    6. Support communications – To respond to inquiries, bug reports, refund requests, or complaints, and to provide customer support. We do not use support contact details to send general marketing emails. Legal basis: Legitimate interests; Contractual necessity.

    7. Compliance, security, and fraud prevention – To comply with legal obligations, enforce our terms, protect against fraud and abuse, and ensure the security of our Services. Legal basis: Legal obligation; Legitimate interests.

 

A jurisdiction-specific breakdown of legal bases is set out in Annex B.

 

 

7. Data Sharing and Third Parties

We disclose Personal Data to the following categories of recipients, only to the extent necessary for the purposes described in this Policy:

 

      • Advertising networks and analytics providers: including, where integrated in particular games, Google AdMob (link), Google Analytics for Firebase (link), Google Crashlytics (link), AppLovin (link), Liftoff (link), Unity Ads (link), Meta Audience Network (link), Pangle (link), and other mediation partners. These providers may collect device identifiers, advertising identifiers, IP address, coarse location, and usage data to serve, measure, and improve ads and analytics in accordance with their own privacy policies and applicable consent mechanisms.

      • Platform and authentication providers: such as Google Play Games Services, Apple services (for example, Sign in with Apple or Game Center), and Unity Technologies (including Unity Authentication and Unity Cloud Save), which help us verify users, enable achievements, leaderboards, and cloud-saved progress.

      • Store and payment platforms: such as Google Play, Apple App Store, Samsung Galaxy Store, Amazon Appstore, and Huawei AppGallery, which process purchases and handle billing. We receive confirmation of purchases and product identifiers but not full payment card details.

      • Service providers: including cloud hosting providers, crash reporting services, and other processors that host, store, or process data on our behalf under appropriate contractual safeguards.

      • Regulatory and public authorities: where required by law, regulation, legal process, or to protect our rights, users, or the public.

 

 

 

8. International Data Transfers

Where Personal Data is transferred outside the UK/EEA, such transfers will be subject to:

 

    • Adequacy decisions issued by relevant authorities; or

    • Standard Contractual Clauses approved by the European Commission or UK Information Commissioner’s Office; or

    • Other lawful transfer mechanisms under Applicable Laws.

 

 

 

9. Data Subject Rights

Depending on your jurisdiction, you may have the following rights:

 

      • Access to your Personal Data.

      • Rectification of inaccurate or incomplete Personal Data.

      • Erasure (“right to be forgotten”).

      • Restriction of Processing.

      • Data portability, where applicable.

      • Objection to certain Processing activities, including where we rely on legitimate interests.

      • Withdrawal of Consent where Processing is based on Consent, without affecting the lawfulness of Processing prior to withdrawal.

 

Jurisdiction-specific rights are detailed in Annex C.

 

How to exercise your rights and request deletion of your data

 

If you wish to access, correct, or delete your Personal Data, or to exercise any other rights described above, you may contact us using the details in Section 14. To help us locate your data, please include:

 

      • the name of the game you are playing,

      • the platform (for example, Android/Google Play or iOS/App Store), and

      • any relevant identifiers that you can provide, such as your player ID, device ID, or screenshots of your profile or settings screen.

 

 

Upon receiving a valid request for deletion, we will delete or irreversibly anonymise the Personal Data that we control and that is associated with your profile (for example, cloud-saved progress stored via Unity Cloud Save and contact emails stored in our systems), unless we are required to retain certain information for legal, regulatory, fraud prevention, or accounting purposes. Aggregated, de-identified data that can no longer be linked to you may be retained for analytics and business purposes.

 

 

10. Security Measures

We implement commercially reasonable technical and organisational measures, including HTTPS encryption for data transmission, access controls, logging, and limited retention periods, to protect Personal Data against unauthorised access, loss, misuse, or alteration. No method of transmission or storage is completely secure, and we cannot guarantee absolute security, but we strive to protect your information to the best of our ability.

 

 

11. Data Retention

Personal Data is retained only for as long as necessary to fulfil the purposes outlined in this Policy, subject to Applicable Laws. As a general rule:

 

      • Cloud-saved gameplay data and associated identifiers are retained for as long as your game profile or linked platform account remains active and for a reasonable period of inactivity afterwards, so that you can return to the game and continue where you left off, unless you request deletion sooner.

      • Analytics and crash-reporting data are retained for the periods specified by our analytics and crash-reporting providers, typically for up to several years in aggregated or pseudonymised form.

      • Transaction-related records (for example, purchase confirmations) may be retained for longer periods as required for accounting, tax, or legal compliance.

      • Email correspondence and support communications are retained for a maximum of five (5) years unless a shorter period is required by law or you request earlier deletion where permitted.

 

 

 

12. Children’s Privacy

Our Services are intended primarily for general audiences and are not directed at children under 16 years of age (or a higher age where required by local law). We do not knowingly collect Personal Data from such individuals. If you believe that a child has provided us with Personal Data in violation of this Policy, please contact us using the details below and we will take reasonable steps to delete the information as soon as practicable.

 

 

13. Amendments to This Policy

We reserve the right to amend this Privacy Policy at any time. Material changes will be indicated by revising the policy text on our website and updating the Effective Date at the top of this page. Where required by law, we will seek your consent for material changes that affect how we Process your Personal Data.

 

 

14. Contact Information

For any inquiries about this Policy or to exercise your data protection rights (including access, correction, or deletion), please contact:

 

Email: hello@nicmit.com