Privacy Policy

Last updated: October 27, 2025

This Privacy Policy explains how Cardexor (“we”, “us”) collects, uses, and shares information when you use our mobile game and related services (the “Service”). By using the Service, you consent to the practices described here.

Note: This policy is provided for convenience and transparency. It is not legal advice.

1. Information We Collect

1.1 Account & Profile

If you create a Cardexor account, we may collect: email address, username, in‑game identifiers, and authentication tokens.

1.2 Device & App Information

We collect device model, OS version, app version, language, country/region, and basic device identifiers (e.g., advertising ID if enabled).

1.3 Gameplay & Progress

We store gameplay telemetry (e.g., levels, artifacts collected, guild membership, achievements, session timestamps) to operate the game and sync your progress.

1.4 Purchases

If you make in‑app purchases, we receive purchase receipts and transaction metadata from the app store to fulfill content and handle refunds.

1.5 Diagnostics & Logs

Crash reports and performance metrics help us monitor stability and fix bugs. This may include stack traces and limited device context.

1.6 Support Requests

If you contact support, we process your email and any information you voluntarily provide to resolve the issue.

1.7 Cookies / Similar Technologies (Website)

Our website may use cookies or local storage for essential functionality, analytics, or remembering preferences.

2. How We Use Information

• Provide and operate the Service (save progress, matchmaking, events).
• Personalize content and measure engagement.
• Process purchases and prevent fraud/abuse.
• Fix bugs, improve performance, and develop new features.
• Communicate with you about updates, events, and support.
• Comply with legal obligations and enforce our terms.

3. Legal Bases (EEA/UK)

Where applicable, we process data based on: (i) contract (to deliver the Service), (ii) legitimate interests (e.g., security, analytics), (iii) consent (where required, e.g., certain analytics/ads), and (iv) legal obligations.

4. Sharing & Disclosure

We share information with:

• Service providers (hosting, analytics, crash reporting, customer support, payment processing) under data‑processing agreements.
• Platform providers (e.g., Google Play) as needed to deliver purchases, updates, and compliance.
• Law enforcement/Authorities when required by law or to protect rights, users, and the Service.
• Business transfers if we engage in a merger, acquisition, or asset sale (your data may be transferred as part of the transaction).

We do not sell personal data.

5. International Transfers

Your information may be processed and stored in countries outside your own. Where required, we implement appropriate safeguards (e.g., standard contractual clauses) to protect your data.

6. Data Retention

We retain information as long as necessary for the purposes described in this policy, for the duration of your account, and as needed to comply with legal obligations, resolve disputes, and enforce agreements. When no longer needed, we take steps to delete or anonymize data.

7. Your Rights

Depending on your location, you may have rights to access, rectify, erase, restrict or object to processing, withdraw consent, and data portability. To exercise these rights, contact us at support@cardexor.com. We will respond within the timeframes required by law.

7.1 California (CCPA/CPRA)

Residents have rights to access, delete, correct, and opt out of certain data sharing. We do not sell personal information. To exercise rights, contact support@cardexor.com.

7.2 Children

The Service is not directed to children where prohibited by applicable law. If you believe a child provided us personal data without parental consent, contact us to request deletion.

8. Security

We use technical and organizational measures to protect your data, including encryption in transit, access controls, and monitoring. However, no method of transmission or storage is completely secure.

9. Third‑Party Services

Our Service may link to third‑party sites or services (e.g., social networks, app stores). Their privacy practices are governed by their own policies.

10. Contact Us

Data Controller: Cardexor Email: support@cardexor.com Postal: (Add mailing address here)

11. Changes to This Policy

We may update this policy from time to time. We will post the updated version with a new “Last updated” date, and take additional steps if required by law.