Privacy Policy
Your privacy and data protection rights
Quick Navigation
Your Privacy Matters
This Privacy Policy explains how King-Social collects, uses, protects, and shares your personal information. We are committed to transparency and compliance with GDPR, CCPA, and other applicable privacy laws worldwide.
Privacy Policy Overview
Effective Date: January 1, 2025
Last Updated: January 1, 2025
King-Social ("we," "our," or "us") operates the king-social.com website and related services (collectively, the "Service"). This Privacy Policy governs the collection, use, and disclosure of your personal information when you use our Service and tells you about your privacy rights and how the law protects you.
Our privacy practices comply with:
- The General Data Protection Regulation (GDPR) - EU Regulation 2016/679
- The California Consumer Privacy Act (CCPA) - California Civil Code 1798.100-1798.199
- The Children's Online Privacy Protection Act (COPPA) - 15 USC 6501-6506
- The Personal Information Protection and Electronic Documents Act (PIPEDA) - Canada
- Lei Geral de Proteção de Dados (LGPD) - Brazil Law No. 13,709/2018
- Other applicable national and international privacy laws
International Data Transfers
King-Social may transfer your personal information to countries outside your jurisdiction, including countries that may not have the same level of data protection as your home country. We ensure appropriate safeguards are in place for all international transfers:
Transfer Mechanisms
- European Commission Adequacy Decisions - Transfers to countries deemed adequate by the EU
- Standard Contractual Clauses (SCCs) - Commission Decision 2021/914/EU
- Binding Corporate Rules (BCRs) - For transfers within multinational organizations
- Certification Schemes - Privacy Shield successor frameworks
- Codes of Conduct - Industry-specific privacy codes
Current Transfer Destinations
Adequate Countries (GDPR Art. 45)
- United Kingdom
- Canada (commercial organizations)
- Japan
- Switzerland
- New Zealand
SCC-Protected Transfers
- United States (cloud services)
- Singapore (data processing)
- Australia (analytics)
- India (customer support)
Additional Safeguards
Beyond legal transfer mechanisms, we implement technical and organizational measures:
- Data minimization and pseudonymization
- Encryption in transit and at rest
- Access controls and audit logs
- Regular compliance assessments
- Data localization where required by law
Children's Privacy Protection
18+ Only Service
King-Social is intended exclusively for users who are 18 years of age or older. We do not knowingly collect personal information from children under 18 years of age, in compliance with COPPA, GDPR, and other applicable children's privacy laws worldwide.
Our Commitment to Child Protection
Age Verification Process
- Mandatory age declaration during registration
- Date of birth verification checks
- Automated age calculation and validation
- Regular account audits for compliance
- Third-party age verification services when necessary
Detection & Response
If we discover that we have collected personal information from a child under 18:
- Immediate account suspension and termination
- Deletion of all collected personal information
- Notification of the incident to relevant authorities if required
- Review and strengthening of age verification processes
Parental Responsibilities
We encourage parents and guardians to monitor their children's internet usage. If you believe your child has provided personal information to our Service, please contact us immediately at privacy@king-social.com.
Reporting Underage Users
If you suspect that a user on our platform is under 18 years of age, please report this immediately through our support channels. We take all reports seriously and will investigate promptly while maintaining appropriate confidentiality.
California Privacy Rights (CCPA/CPRA)
If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), effective January 1, 2023:
CCPA Rights
- Right to Know: Request disclosure of personal information collected, used, or shared
- Right to Delete: Request deletion of personal information
- Right to Opt-Out: Opt-out of the sale of personal information
- Right to Non-Discrimination: Equal service regardless of privacy choices
CPRA Enhancements
- Right to Correct: Request correction of inaccurate information
- Right to Limit Use: Limit use of sensitive personal information
- Right to Opt-Out of Sharing: Opt-out of sharing for cross-context behavioral advertising
- Enhanced Transparency: More detailed privacy disclosures
Categories of Personal Information (Last 12 Months)
| Category | Collected | Sold | Shared | Disclosed for Business Purposes |
|---|---|---|---|---|
| Identifiers | Yes | No | No | Yes |
| Protected Classifications | Yes (Age) | No | No | No |
| Commercial Information | Yes | No | No | Yes |
| Internet Activity | Yes | No | Yes | Yes |
| Geolocation Data | Yes (IP-based) | No | No | Yes |
| Inferences | Yes | No | Yes | Yes |
Sensitive Personal Information
We may collect the following categories of sensitive personal information:
- Account login information (username, password)
- Precise geolocation (only if explicitly consented)
We do not use or disclose sensitive personal information beyond what is necessary to provide our services or as permitted by law.
Exercising Your California Rights
California residents can exercise their rights by:
- Submitting a request through our privacy portal
- Emailing us at california-privacy@king-social.com
- Calling our California Privacy Hotline: 1-800-PRIVACY
- Using our automated verification system
We may require verification of your identity before processing requests. You may designate an authorized agent to make requests on your behalf.
Privacy Policy Updates
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will provide appropriate notice of significant changes in accordance with applicable law:
Notice Methods
- Email notification to registered users
- Prominent notice on our website
- In-app notifications for mobile users
- Social media announcements
- Updated "Last Modified" date
Notice Periods
- Material Changes: 30 days advance notice
- Legal Compliance Updates: Immediate notice
- Minor Clarifications: Notice upon publication
- New Data Uses: Opt-in consent required
Version History
We maintain a version history of our Privacy Policy to provide transparency about changes. Previous versions are available upon request and may be archived for legal compliance purposes.
Recent Updates:
- Version 3.0 (January 1, 2025): Added CPRA compliance, enhanced international transfer provisions
- Version 2.1 (October 15, 2024): Updated cookie policy, added new analytics providers
- Version 2.0 (July 1, 2024): Major revision for GDPR adequacy decision updates
Contact Information
If you have questions about this Privacy Policy, wish to exercise your privacy rights, or need to contact our Data Protection Officer, please use the following contact methods:
privacy@king-social.com
Response within 48 hours
Data Protection Officer
dpo@king-social.com
GDPR & CCPA inquiries
Privacy Hotline
1-800-PRIVACY (1-800-774-8229)
Mon-Fri, 9 AM - 6 PM EST
Postal Address
King-Social Privacy Team
123 Privacy Lane
Data City, DC 12345
Supervisory Authority Contacts
You have the right to lodge a complaint with a supervisory authority if you believe your privacy rights have been violated:
- EU/EEA: Your local Data Protection Authority
- UK: Information Commissioner's Office (ICO)
- California: California Attorney General's Office
- Canada: Office of the Privacy Commissioner
Information We Collect
Personal Information
- Full name and username
- Email address
- Date of birth (for age verification)
- IP address and device information
- Account preferences and settings
- Communication preferences
Gaming Data
- Game play history and statistics
- Virtual coin balances and transactions
- Tournament participation records
- Achievement and progress data
- Social features usage
- Login times and session duration
Technical Information
- Browser type and version
- Operating system information
- Device identifiers and characteristics
- Network connection information
- Referring websites and pages
- Crash reports and error logs
Communication Data
- Customer support communications
- Survey responses and feedback
- Chat messages and social interactions
- Marketing communication preferences
- Newsletter subscriptions
- User-generated content
Automated Data Collection
We use cookies, web beacons, and similar tracking technologies to automatically collect certain information about your visit to our Service. This includes analytics data provided by Google Analytics, Hotjar, and other third-party services that help us understand user behavior and improve our platform.
How We Use Your Information
We process your personal information based on the following legal bases under GDPR Article 6:
Legitimate Interests (Art. 6(1)(f))
- Providing and improving the Service
- Fraud prevention and security
- Analytics and performance monitoring
- Customer support and communication
- Marketing (where consent is not required)
Consent (Art. 6(1)(a))
- Marketing communications
- Non-essential cookies and tracking
- Personalized advertising
- Social media integration
Contract Performance (Art. 6(1)(b))
- Account creation and management
- Game functionality and features
- Tournament and leaderboard services
- Virtual coin transactions
Legal Compliance (Art. 6(1)(c))
- Age verification requirements
- Responsible gaming compliance
- Tax reporting obligations
- Regulatory compliance
Specific Use Cases
Service Provision & Enhancement
We use your information to operate our social casino platform, including game functionality, user accounts, leaderboards, tournaments, and customer support services.
Personalization & Recommendations
We analyze your gaming preferences and behavior to recommend games, features, and content that may interest you, improving your overall experience.
Security & Fraud Prevention
We monitor for suspicious activities, prevent unauthorized access, and maintain the integrity of our platform through various security measures and algorithms.
Analytics & Research
We analyze usage patterns, perform A/B testing, and conduct research to understand user behavior and improve our services, always in aggregated and anonymized form where possible.
Information Sharing & Disclosure
We Do Not Sell Personal Information
King-Social does not sell, rent, or trade your personal information to third parties for monetary consideration. This commitment applies globally and aligns with CCPA and GDPR requirements.
Limited Sharing Circumstances
Service Providers & Processors
We share information with trusted third-party service providers who assist in operating our Service:
- Cloud Infrastructure: Amazon Web Services (AWS), Google Cloud Platform
- Analytics: Google Analytics, Hotjar, Mixpanel
- Customer Support: Zendesk, Intercom
- Email Services: SendGrid, Mailchimp
- Content Delivery: Cloudflare, Amazon CloudFront
- Security Services: reCAPTCHA, fraud detection providers
Legal & Regulatory Requirements
We may disclose your information when required by law, including responses to court orders, subpoenas, or other legal processes. We may also share information to protect our rights, property, or safety, or that of our users or the public.
Business Transfers
In the event of a merger, acquisition, bankruptcy, or sale of assets, your information may be transferred as part of the business transaction, subject to confidentiality obligations and notice requirements.
Aggregated & Anonymized Data
We may share aggregated, anonymized, or de-identified information that cannot reasonably be used to identify you for research, analytics, or business purposes.
Data Retention Periods
We retain your personal information only as long as necessary to fulfill the purposes outlined in this Privacy Policy, comply with legal obligations, resolve disputes, and enforce our agreements. Retention periods vary based on data categories and applicable legal requirements:
| Data Category | Retention Period | Legal Basis |
|---|---|---|
| Account Information | Account lifetime + 7 years | Contract performance, legal compliance |
| Gaming Activity Data | Account lifetime + 5 years | Service provision, analytics |
| Communication Records | 3 years from last contact | Customer service, legal compliance |
| Marketing Data | Until consent withdrawn + 30 days | Consent management |
| Technical Logs | 2 years maximum | Security, system maintenance |
| Age Verification Records | Account lifetime + 7 years | Legal compliance (COPPA, national laws) |
Note: Some data may be retained longer if required by applicable law, ongoing legal proceedings, or legitimate business needs. We regularly review and purge data in accordance with our data retention schedule and applicable regulations.
Your Privacy Rights
Depending on your location, you may have the following rights regarding your personal information. These rights are protected under various privacy laws including GDPR, CCPA, and other applicable regulations:
Right to Access
Request copies of your personal information and details about how we process it.
Right to Rectification
Request correction of inaccurate or incomplete personal information.
Right to Erasure
Request deletion of your personal information under certain circumstances.
Right to Restrict Processing
Request limitation of processing in specific situations.
Right to Data Portability
Receive your personal information in a structured, machine-readable format.
Right to Object
Object to processing based on legitimate interests or for marketing purposes.
Right to Withdraw Consent
Withdraw consent for processing at any time where consent is the legal basis.
Right to Non-Automated Decision Making
Not be subject to automated decision-making without human intervention.
How to Exercise Your Rights
To exercise any of these rights, please contact our Data Protection Officer using the contact information provided below. We will respond to your request within:
- 30 days for GDPR requests (extendable to 60 days for complex requests)
- 45 days for CCPA requests (extendable to 90 days for complex requests)
- 30 days for other privacy law requests
Security Measures
We implement industry-standard security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. Our security program follows frameworks including ISO 27001:2013, SOC 2 Type II, and NIST Cybersecurity Framework:
Encryption & Data Protection
- AES-256 encryption for data at rest
- TLS 1.3 encryption for data in transit
- End-to-end encryption for sensitive communications
- Regular encryption key rotation
Access Controls
- Multi-factor authentication (MFA)
- Role-based access control (RBAC)
- Principle of least privilege
- Regular access reviews and audits
Monitoring & Detection
- 24/7 security monitoring
- Intrusion detection systems
- Anomaly detection algorithms
- Security incident response team
Infrastructure Security
- Secure cloud infrastructure (AWS/GCP)
- Network segmentation and firewalls
- Regular security patching
- Disaster recovery and backup systems
Security Incident Response
In the unlikely event of a data breach affecting your personal information, we will:
- Notify you within 72 hours of discovery (GDPR requirement)
- Report to relevant supervisory authorities as required
- Provide clear information about the breach and our response
- Offer guidance on protective measures you can take
- Implement additional safeguards to prevent future incidents
Legal Framework Compliance
This Privacy Policy ensures compliance with global privacy regulations and industry standards.
EU 2016/679
California 2018/2020
15 USC 6501-6506
Canada 2000
Last updated: January 1, 2025 | Version 3.0 | Compliant with international privacy standards and regulations