(Last modified: June 1, 4)

This privacy policy (“Privacy Policy”) governs the data collection, processing, and usage

by SAB-GAMES mobile games studio (“Company”, “we” or “us”) and our privacy

practices with respect to the data we collect from individuals who access and use our

application Rewall (“App”) and the SDK integrated into third-party apps, provided by

SAB-GAMES mobile games studio, located at 100047 Uzbekistan, Tashkent,

Uzbekiston Ovozi str., 2. This Privacy Policy constitutes an integral part of our Terms &

Conditions of Use. Definitions used herein but not defined herein shall have the

meaning ascribed to them in our Terms.

If you have any questions about this Privacy Policy, please contact us at:

support@rewall.app.

Amendments

We reserve the right to periodically amend or revise the Privacy Policy which will go into

effect immediately upon the implementation of the revised Privacy Policy on our App.

The last revision date will be reflected in the “Last Modified” heading located at the top

of the Privacy Policy. We will make a reasonable effort to notify you in the event that we

implement any changes that substantially change our privacy practices. We recommend

that you review this Privacy Policy periodically to ensure that you understand our

privacy practices and to check for any amendments.

Types of Data We Collect

We may collect aggregated, non-personal non-identifiable information which may be

made available or gathered via your use of our App or SDK (“Non-Personal Data“). We

are not aware of the identity of the individual from which the Non-Personal Data is

collected.

We may also collect from you, during your access or interaction with the App or SDK,

individually identifiable information, namely information that identifies an individual or

may with reasonable effort be used to identify an individual (“Personal Data” or

“Personal Information” as defined under applicable law). This may include online

identifiers, name, emails, etc., subject to applicable law.

If we combine Personal Data with Non-Personal Data, we will treat the combined data

as Personal Data.

EU General Data Protection Regulation (“GDPR”) & Lawful Basis for Data

Processing

The types of data that we collect, the purpose for processing such data, and the lawful

basis for which we do so subject to the GDPR, are specified in the table below.

Please note that SAB-GAMES acts as the Controller of the Personal Data detailed

herein, as defined under the GDPR.

Type of Data

How Do We Use It?

Becoming a User: If you are or wish to

become a User of our App you will be

required to provide us with certain

information such as: your email

address. In addition, to ship the prize

under the Rewall App (as requested

voluntarily by the User) you will be

required to provide additional

information such as: your full name,

shipping address, and phone number

(optional).

We will use this data for the purpose of

designating your App account. Your email

address will be used to send you needed

information related to our App (e.g., notify

you regarding any updates to our App, etc.)

and promotional and marketing emails. If

requested by you, we will use the

information provided by you for the purpose

of shipping your prize under the Rewall App.

Our lawful basis under the GDPR for the

collection of this information is performance

of a contract (i.e., providing you the services

you requested) and necessity of processing

for the purposes of our legitimate interests.

Contacting Us: If you voluntarily

support, to submit a request, or for

other inquiries whether by sending us

an email or through other means of

communications, e.g., any online form

available on our website or app, you

may be asked to provide us with your

contact information such as your full

name, email address, and country.

We will use this data, as well as our contact

history, solely for the purpose of responding

to your inquiries and providing you with the

support or information you have requested.

We will retain our correspondence with you

for as long as needed, subject to applicable

law.

Online Identifiers and Technical Non-

Personal Data: When you access our

App or interact with our SDK within

third-party apps, we may collect

certain online identifiers which include,

as applicable, your IP address,

Advertising ID, and IDFA. We may

also collect technical data transmitted

from your device (e.g., actions in the

App, your browser type, language

used, type of operating system, type of

device, etc.) and approximate

geographical location (country).

We use this data for our legitimate interests

of (i) operating, providing, maintaining,

protecting, managing, customizing, and

improving our App and SDK and the way in

which we offer it; (ii) enhancing your

experience; (iii) auditing and tracking usage

statistics and traffic flow; (iv) protecting the

security of the App and SDK, as well as our

and third parties’ rights (subject to

applicable law requirements); and (v)

advertising purposes. If we use third-party

cookies on our website, or in the event of

the collection of online identifiers, we will

obtain your consent if required under

applicable law.

Information From Other Sources:

Users may interact with the SDK

within third-party apps. By interacting

with such third-party apps through our

SDK, you allow the Company and its

affiliates to access information related

to your use of the App or SDK.

We will use this data for user verification

and login.

California Consumer Privacy Act 2018 (“CCPA”) & Categories of Personal

Information Collected and Shared

Under the CCPA, “Personal Information” is defined as any information that identifies,

relates to, describes, references, is capable of being associated with, or could

reasonably be linked, directly or indirectly, with a particular consumer, household or

device.

Please note that, under the CCPA Personal Information does not include: publicly

available information from government records and de-identified or aggregated

consumer information, information excluded from the CCPA’s scope (e.g., health or

medical information covered by applicable laws such as the Health Insurance Portability

and Accountability Act of 1996 (HIPAA)); and information covered by certain sector-

specific privacy laws (e.g., the California Financial Information Privacy Act (FIPA)).

As required under the CCPA, please see below a table detailing the categories of

Personal Information that we collect (and have collected within the last 12 months):

Category

Examples of Personal Information that We

Collect

Identifiers.

Such as a real name, alias, postal address, unique

personal identifier, online identifiers (such as IDFA

and Google advertising IDs), Internet Protocol

address, email address, account name, or other

similar identifiers.

Personal information

categories listed in the

California Customer Records

statute (Cal. Civ. Code §

1798.80(e)).

Such as a name, address, and telephone number.

Some personal information included in this category

may overlap with other categories.

Commercial information.

Such as records of products or services purchased,

obtained, or considered, or other purchasing or

consuming histories or tendencies.

Internet or other similar

network activity.

Such as information on a consumer's interaction

with the application, or advertisement.

Geolocation data.

Such as geolocation and physical location.

As required under the CCPA, please see below information regarding disclosures of

Personal Information for a business purpose:

In the preceding twelve (12) months, Company has disclosed the following categories of

Personal Information for a business purpose: A. Identifiers. B. Geolocation data.

We disclose your Personal Information for a business purpose to the following

categories of third parties:

● Service providers – for shipment services, etc.

● Data aggregators.

When we disclose Personal Information for a business purpose, we enter a contract that

describes the purpose and requires the recipient to both keep that personal information

confidential and not use it for any purpose except performing the contract.

How We Collect Data

Depending on the nature of your interaction with the App or SDK, the above-detailed

data is collected as follows:

● In the event, you voluntarily choose to provide us with information, e.g., when

you contact us, create an account or request us to ship your prize under the

Rewall App.

● Automatically, including through the use of cookies (as detailed below), and other

similar tracking technologies.

We will ask for your consent to collect Personal Data and offer you the choice to opt-out

of such collection if we are required to do so in accordance with applicable law.

Cookies & Tracking Technologies

We use cookies and other similar tracking technologies when you access the App we

offer. This use is a standard industry-wide practice. A "cookie" is a small piece of

information that an app assigns and stores on your device while you are viewing the

app. Cookies can be used for various purposes, including allowing you to navigate

between pages efficiently, as well as for statistical purposes and advertising purposes.

You can find more information about cookies at: www.allaboutcookies.org and

https://cookiepedia.co.uk/.

There are several types of cookies, the three main and common ones are:

● Essential, Functionality, Operation & Security Cookies - essential for enabling

user movement around the App, for the App to function properly, and for security

purposes. Please note that these cookies either cannot be disabled, or if

disabled, certain features of the Services may not work.

● Analytic, Measurement & Performance Cookies - used to collect information

about how users use the App (clickstream, navigation, time, and date of access,

etc.) in order to improve our Services and the way we offer them, as well as

assessing the performance of the content available in the App. We further use

this information to compile reports and calculate payments in the course of

relationships with our business partners whose services are displayed in our

App.

● Preference, Targeting & Advertising Cookies - used to advertise across the

internet and to display relevant ads tailored to users based on the parts of the

App they have (e.g., the cookie will indicate you have visited a certain webpage

and will show you ads relating to that webpage).

Cookies Opt-Out

Please note that most browsers will allow you to erase cookies from your computer's

hard drive, block acceptance of cookies, or receive a warning before a cookie is stored.

By following the instructions of your device preferences, and by adjusting the privacy

and security settings of your web browser, you may remove cookies, however, if you

block or erase cookies some features of the Services may not operate properly and

your online experience may be limited.

You may opt-out directly from third-party retargeting cookies or other ad-technology

trackers through self-regulator services like the Network Advertising Initiative’s (“NAI”)

website – NAI consumer opt-out page or the Digital Advertising Alliance’s (“DAA”)

website – DAA opt-out page.

Sharing Data with Third Parties

We do not share any Personal Data collected from you with third parties or any of our

partners except in the following events. We require these parties to process such

information in compliance with this Privacy Policy and subject to security and other

appropriate confidentiality safeguards:

● Legal Requirement: We will share your information in this situation, only if we are

required to do so in order to comply with any applicable law, regulation, legal

process, or governmental request (e.g., to comply with a court injunction, comply

with tax authorities, etc.);

● Policy Enforcement: We will share your information, solely to the extent needed

in order to: (i) enforce our policies and agreements; or (ii) to investigate any

potential violations thereof, including without limitations, detect, prevent, or take

action regarding illegal activities or other wrongdoings, suspected fraud, or

security issues;

● Company’s Rights: We will share your information in order to establish or

exercise our rights, to prevent harm to our rights, property, or safety, and to

defend ourselves against legal claims when necessary, subject to applicable law;

● Third-Party Rights: We will share your information, solely to the extent needed in

order to prevent harm to the rights of our users, yourself, or any third party’s

rights, property, or safety;

● Business Purpose - we may disclose your personal information to a third party for

a business purpose, as detailed above.

● Service Providers – we share your information with third parties that perform

services on our behalf (e.g. customer service, tracking, servers, service

functionality, marketing and support, shipment, etc.) these third parties may be

located in different jurisdictions.

● Corporate Transaction - we may share your information, in the event of a

corporate transaction (e.g. sale of a substantial part of our business, merger,

consolidation, or asset sale). In the event of the above, our affiliated companies

or acquiring company will assume the rights and obligations as described in this

● Authorized Disclosures - we may disclose your information to third parties when

you consent to a particular disclosure. Please note that once we share your

information with another company, that information becomes subject to the other

company’s privacy practices.

We may share aggregate or Non-Personal Data with our affiliated companies and

additional third parties in accordance with the terms of this Privacy Policy. We may store

any type of information on our servers or our cloud servers, use or share Non-Personal

Data in any of the above circumstances, as well as for the purpose of providing and

improving our App and SDK, aggregate statistics, marketing, and conduct business and

marketing analysis, and to enhance your experience.

Your Rights

Data protection and privacy laws may provide you with some of the principal rights

(depending on your jurisdiction) with respect to your Personal Data. Following is a

summary of your data subject rights (which may vary depending on jurisdiction):

Your Right to be Informed

You have the right to be informed with the Company’s details (e.g. name, address, etc.),

as well as why and how we process Personal Data. This right includes, among others,

the right to be informed with the identity of the business, the reasons and lawful basis

for processing Personal Data, and additional information necessary to ensure the fair

and transparent processing of Personal Data. Further, under the CCPA, you have the

right to be informed of the categories of Personal Information collected, sold, and

disclosed by us in the previous 12 months, therefore we ensure our privacy policy

discloses all of the above and is updated every 12 months.

Right to Access

You have a right to request us to confirm whether we process certain Personal Data

related to you, as well as a right to obtain a copy of such Personal Data, with additional

information regarding how and why we use this Personal Data. After we receive such a

request, we will analyze and determine the veracity and appropriateness of the access

request and provide you with the applicable confirmation of processing, the copy of the

Personal Data or a description of the Personal Data and categories of data processed,

the purpose for which such data is being held and processed, and details about the

source of the Personal Data if not provided by you. Our response detailed above will be

provided within the period required by law. Notwithstanding the above, note the GDPR

and CCPA provide different protections, the GDPR enables access to all Personal Data

processed by the controller, however, the CCPA access right applies only to Personal

Information collected in the 12 months prior to the request.

The Right of Rectification

The Company must ensure that all Personal Data that it holds and uses about a data

subject is correct. If such data is not accurate, a data subject has the right to require

that the Company updates such data so it is accurate. In addition, if the Company has

passed on incorrect information about a data subject to a third party, the data subject

also has a right to oblige the Company to inform those third parties that this information

should be updated.

Rectification Access

If Personal Data held by us is not accurate, you may require us to update such data so

it is accurate. Further, in the event we have passed on incorrect information about you

to a third party, you also have a right to oblige us to inform those third parties that the

applicable information should be updated.

Erasure Rights ("right to be forgotten" or “right of deletion”, as applicable)

The Company is legally obligated to comply with a request to delete Personal Data if:

the data is no longer needed for the original purpose and no new lawful purpose exists

for continued processing; the lawful basis for processing is the consent of the data

subject and such consent is withdrawn; the data subject exercises his or her right to

object to the Company’s processing of his or her Personal Data, and the Company has

no overriding grounds for processing the data; the Personal Data is processed

unlawfully; or erasure of the data is necessary to comply with applicable laws. In

addition, if the Company has passed on Personal Data to a third party, a data subject

also has a right to oblige the Company to tell those third parties that the information

should be erased. The right to erasure is not absolute. Even if a data subject falls into

one of the categories described above, the Company is entitled to reject the data

subject’s request and continue processing data if such processing is: necessary to

comply with legal obligations; necessary to establish, exercise or defend legal claims; or

is necessary for scientific research, etc.; necessary to perform a contract between you

and us; necessary to detect security incidents, protect against malicious, deceptive,

fraudulent, or illegal activity, or prosecute those responsible for that activity; necessary

to debug to identify and repair errors that impair existing intended functionality; and to

enable solely internal uses that are reasonably aligned with your expectations based on

our relationship with you – all subject to applicable laws.

Right to Object

With regards to Personal Data processed by us under the lawful basis of our legitimate

interests (such as direct marketing), you may object to our processing on such grounds.

However, even if we receive your objection, we will be permitted to continue processing

the Personal Data in the event that (subject to applicable laws and regulations): (i) our

legitimate interests for processing override your rights, interests, and freedoms (e.g.

fraud prevention or compliance with a legal obligation); (ii) the processing of such

Personal Data is necessary to establish, exercise or defend a legal claim or right, etc.

The Right of Restriction

A data subject may limit the purposes for which the Company may process its Personal

Data. The Company’s processing activities may be restricted if: the accuracy of the data

is contested; processing is unlawful and the data subject requests restriction instead of

erasure; the Company no longer needs the data for its original purpose, but the data is

still required to establish, exercise or defend legal rights; or consideration of overriding

grounds in the context of an erasure request.

The Right to Withdraw Consent

A data subject may withdraw its consent to the processing of its Personal Data.

Exercising this right will not affect the lawfulness of processing its Personal Data based

on such data subject’s consent before its withdrawal.

Data Portability

You may request us to send or "port" your Personal Data held by us to a third-party

entity, however, note, the GDPR and CCPA apply differently to this right, thus, we will

handle this according to the jurisdiction you are subject to.

The Right to Lodge a Complaint

A data subject may lodge a complaint with a data protection supervisory authority

regarding the processing of its Personal Data.

Nondiscrimination

Under the CCPA, you must not be discriminated for exercising any of your rights,

including by denied goods or services, charging you with different fees for goods or

services, including through the use of discounts or other benefits, or imposing penalties;

suggested you will receive a different price or rate for goods or services.

Notwithstanding the above, it is allowed to set up schemes for providing financial

incentives and you can opt-in to become part of them.

Response Timing and Format

We endeavor to respond to a verifiable consumer request with undue delay and in any

event within 30 days from the receipt of the request subject to GDPR and between 10-

45 days from receipt of a request subject to CCPA. If we require more time, we will

inform you of the reason and extension period in writing. The response we provide will

also explain the reasons we cannot comply with a request, if applicable. For data

portability requests, we will select a format to provide your Personal Data that is readily

usable and should allow you to transmit the information from one entity to another entity

without hindrance.

We do not charge a fee to process or respond to your verifiable consumer request

unless it is excessive, repetitive, or manifestly unfounded. If we determine that the

request warrants a fee, we will tell you why we made that decision and provide you with

a cost estimate before completing your request.

Further, note, under the CCPA your rights only apply to the Personal Information

collected 12 months prior to the request and you are not entitled to submit more than 2

requests in a 12 months’ period.

If you wish to submit a request to exercise any of your rights, please contact us at:

● Emailing us at support@rewall.app.

We respect data subject rights and will process and handle all valid requests.

In the event that you contact us and request to exercise any of your rights detailed

above, we may request that you provide us with certain information in order to verify

your identity and locate your data. Such process may take a certain period, subject to

applicable privacy laws (for example one month under the GDPR).

Please note that, you may have different rights than those which we listed above

subject to privacy protection laws in your jurisdiction.

If you wish to receive more information or in the event that you have any additional

complaints about your privacy rights, please contact us at: support@rewall.app.

Data Retention

We retain Personal Data only for as long as necessary to meet our legal and ethical

obligations, which for different types of PII will be different periods.

1. We will retain Personal Data in accordance with our record retention policy. We

perform periodic reviews of our databases and have established specific time

limits for data retention, based on the criticality of the Personal Data and the

purposes of the data processing. We will also retain Personal Data to meet any

audit, compliance, and business best practices.

2. Personal Data that is no longer retained will be anonymized or deleted. Non-

Personal Data, metadata, and statistical information concerning the use of our

Services are retained by the Company perpetually. Some Personal Data may

also be retained on our third-party service providers’ servers until deleted in

accordance with their privacy policy and their retention policy.

Security

We use physical, technical, and administrative security measures for the services that

we believe are in compliance with applicable laws and industry standards in order to

prevent your information from being accessed without the proper authorization,

improperly used or disclosed, unlawfully destructed, or accidentally lost. It is important

for you to remember, however, that unfortunately, the transmission of information via

the internet cannot be 100% secure. As such, although we will do our best to protect

your Personal Data, we cannot guarantee the security of data transmitted via our App

and any transmission of your data shall be done at your own risk.

Please contact us at: support@rewall.app if you feel that your privacy was not dealt with

properly or was dealt with in a way that was in breach of our Privacy Policy or if you

become aware of a third party's attempt to gain unauthorized access to any of your

Personal Data. We will make a reasonable effort to notify you and the appropriate

authorities (if required by applicable law) in the event that we discover a security

incident related to your Personal Data.

Links

Links to other services, sites, documents, files, materials, and applications may be

provided by the Company as a convenience to our Users. The Company is not

responsible for the privacy practices or the content of other sites and applications and

you visit them at your own risk. This Privacy Policy applies solely to Personal Data

collected by us.

Children

Our App is not directed nor is it intended for use by children (the phrase "child" shall

mean an individual that is under the age defined by applicable law which with respect to

the European Economic Area (“EEA“) is under the age of 16 and with respect to the

U.S.A, under the age of 13) and we do not knowingly process a child’s information. We

will discard any information that we receive from a user that is considered a "child"

immediately upon our discovery that such a user shared information with us. Please

any information with us.

Transfer of Your Data

We may store or process your Personal Data in a variety of countries including the

United States. Please note, that if you are a resident of the EEA we will, in the absence

of an EC Adequacy decision relevant to the destination country or to the transfer, seek

to rely on appropriate safeguards such as a valid Privacy Shield certification (in the case

of a data transfer to a Privacy Shield certified US recipient), or enter into appropriate

EC-approved standard contractual clauses when your Personal Data is being

transferred out of the EEA. If you are a resident of a jurisdiction where the transferring

of your Personal Data requires your consent, then your consent to this Privacy Policy

includes your express consent for such transfer of your data. By providing any Personal

Data to us pursuant to this Privacy Policy, all Users, fully understand and

unambiguously consent to this Privacy Policy and to the collection and processing of

such Personal Data abroad. By submitting your Personal Data through the App, you

consent, acknowledge, and agree that we may collect, use, transfer, and disclose your

Personal Data as described in this Privacy Policy.

Do Not Track Disclosure

Our website does not respond to Do Not Track signals. For more information about Do

Not Track signals, please see: http://www.allaboutdnt.com/.

If you have any questions about this Privacy Policy, you may contact us as follows:

● By sending an email to: support@rewall.app

● By mail at: SAB-GAMES 100047 Uzbekistan, Tashkent, Uzbekiston Ovozi str., 2