Privacy Policy

Information you provide to us. Personal information you may provide to us includes:

• Contact data: such as your first and last name, alias, salutation, email address, and phone number.
• Demographic data: such as your city, state, country of residence, postal code, gender, physical characteristics, and age.
• Profile data: such as account name, the username and password that you may set to establish an online account on the Service, biographical details, avatar, photograph or picture, date of birth, interests, preferences, links to your profiles on social media networks, and any other information that you add to your account profile.
• Transactional data: such as information relating to or needed to complete your orders on or through the Service, including order numbers and transaction history. This includes purchase considerations, consuming history and tendencies.
• Communications data: based on our exchanges with you, including when you contact us through the Service, communicate with us via email, phone, chat features, social media, or otherwise.
• Marketing data: such as your preferences for receiving our marketing communications and details about your engagement with them.
• User-generated content data: such as any communications you send to other users through the Service as well as your comments, reviews, questions, relationships to other users, messages, photos, music, videos, works of authorship, activations, and other content or information that you generate, transmit, or otherwise make available on the Service, including associated metadata. Metadata includes information on how, when, where and by whom a piece of content was collected and how that content has been formatted or edited. Metadata also includes information that users can add or can have added to their content, such as keywords, geographical or location information, and other similar data.
• Other data not specifically listed here, which we will use as described in this Privacy Policy or as otherwise disclosed at the time of collection.

Data about others. We may offer features that help users invite their contacts to use the Service, and we may collect contact details about these invitees so we can deliver their invitations. Please do not refer someone to us or share their contact details with us unless you have their permission to do so.

Third-party sources. We may combine personal information we receive from you with personal information obtained from other sources, such as:

• Public sources, such as credit bureaus, government agencies, public records, publicly accessible social media profiles, and other publicly available sources.
• Data providers, such as information services, data licensors/brokers, lead generators and cooperative databases.
• Service providers that provide services on our behalf or help us operate the Service or our business.
• Partners, such as joint marketing partners and event co-sponsors.
• Ad networks
• Data analytics providers
• Social media platforms

Automatic data collection. We, our service providers, and our advertising partners may automatically log information about you, your computer or mobile device, and your interaction over time with the Service, our communications and other online services, such as:

• Device data, such as your computer or mobile device’s operating system type and version, manufacturer and model, browser type, screen resolution, RAM and disk size, CPU usage, device type (e.g., phone, tablet), IP address, unique identifiers (including identifiers used for advertising purposes), language settings, mobile device carrier, radio/network information (e.g., Wi-Fi, LTE, 3G), and general location information such as city, state or geographic area.
• Location data, which may be approximate (for example, as inferred from network data or device settings).
• Communication interaction data such as your interactions with our email, text, chat or other communications (e.g., whether you open and/or forward emails) – we may do this through use of pixel tags (which are also known as clear GIFs), which may be embedded invisibly in our emails enabling us to detect if you have opened or forwarded a message.
• Online activity data, such as pages or screens you viewed, search history, how long you spent on a page or screen, the website you visited before browsing to the Service, navigation paths between pages or screens, information about your activity on a page or screen, access times and duration of access, and whether you have opened our emails or clicked links within them.

Tracking Technologies. Some of the automatic collection described above is facilitated by the following technologies:

• Cookies, which are small text files that websites store on user devices and that allow web servers to record users’ web browsing activities and remember their submissions, preferences, credentials, and login status as they navigate a site. Cookies used on our sites include both “session cookies” that are deleted when a web browser session ends, “persistent cookies” that remain longer, “first party” cookies that we place and “third party” cookies that our service providers and other third parties place.
• Local storage technologies, like HTML5, that provide cookie-equivalent functionality but can store larger amounts of data on your device outside of your browser in connection with specific applications.
• Web beacons, also known as pixel tags or clear GIFs, which are used to demonstrate that a webpage or email was accessed or opened, or that certain content was viewed, clicked or forwarded.
• Software development kits. An SDK is third-party computer code that we may incorporate into our applications that may be used for a variety of purposes, including to provide us with analytics regarding the use of our applications, to integrate with social media, and to add features or functionality to our app.
• Session-replay technologies, such as those provided by third parties that employ software code to record users’ interactions with the Services in a manner that allows us to watch video replays of those user sessions. The replays include users’ clicks, mobile app touches, mouse movements and scrolls during those sessions. These replays help us diagnose usability problems and identify areas for improvement.

We may use your personal information for the following purposes or as otherwise described at the time of collection:

Service delivery and operations. We may use your personal information to:

• provide and operate the Service;
• process your requests, orders and transactions;
• enable security features of the Service;
• personalize the service, including remembering the devices from which you have previously logged in and remembering your selections and preferences as you navigate the Service;
• establish and maintain your user profile on the Service;
• communicate with you about the Service, including by sending Service-related announcements, updates, security alerts, user-to-user communications, and support and administrative messages;
• communicate with you about events for which you register;
• understand your needs and interests, and personalize your experience with the Service and our communications;
• provide support for the Service, and respond to your requests, questions and feedback;
• facilitate your invitations to friends you invite to join the Service;
• facilitate social features of the Service, such as by identifying and suggesting connections with other users of the Service and providing chat or messaging functionality;
• to collect and share user testimonials; and
• fraud prevention and security.

Research and development. We may use your personal information for research and development purposes, including to develop, analyze and improve our products and services. As part of these activities, we may create aggregated, de-identified or other anonymous data from personal information. We may use this anonymous or de-identified data and share it with third parties for any lawful business purposes. We do not attempt to reidentify deidentified information derived from personal information, except for the purpose of testing whether our deidentification processes comply with applicable law.

Marketing and advertising. We and our third-party advertising partners may collect and use your personal information for marketing and advertising purposes:

• Direct marketing. We may send you direct marketing communications and may personalize these messages based on your needs and interests. You may opt-out of our marketing communications as described in the Opt-out of marketing section.
• Interest-based advertising. We and our third-party advertising partners may use cookies, pixels and other technologies to collect information about your interaction (including the data described in the Automatic Data Collection section above) with the Service, our communications and other third party online services over time, and use that information to serve online ads that they think will interest you. This is called interest-based advertising. We may also share information about our users with these companies to facilitate interest-based advertising to those or similar users on other online properties. You can learn more about your choices for limiting interest-based advertising in the Your choices section.
• Events, promotions and contests. We may use your personal information to administer promotions and contests, communicate with you about events in which you participate, or contact or market to you after collecting your personal information at an event.

Compliance and protection. We may use your personal information to:

• comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas, court orders, investigations or requests from government authorities;
• protect our, your or others’ rights, privacy, safety or property (including by making and defending legal claims);
• audit our internal processes for compliance with legal and contractual requirements or our internal policies;
• enforce the terms and conditions that govern the Service; and
• prevent, identify, investigate and deter fraudulent, harmful, unauthorized, unethical or illegal activity, including cyberattacks and identity theft.

With your consent. In some cases, we may specifically ask for your consent to collect, use, or share your personal information for further purposes, if those purposes are not compatible with the initial purpose for which that personal information was collected.

Cookies and similar technologies. In addition to the other uses included in this section, we may use the Cookies and similar technologies described above for the following purposes:

• Technical operation. To allow the technical operation of the Service, such as remembering selections as you navigate the site and remembering whether you are logged in.
• Functionality. To enhance the performance and functionality of our services.
• Analytics. To help us understand user activity on the Service, including the volume and demographics of users, which pages are most and least visited and how users move around the Service or interact with our emails. For example, we use Google Analytics for this purpose. You can learn more about Google Analytics and how to prevent the use of Google Analytics relating to your use of our sites here:https://tools.google.com/dlpage/gaoptout.

Data sharing in the context of corporate transactions,we may share certain personal information in the context of actual or prospective corporate transactions – for more information, see How we share your personal information, below.

We may share your personal information with the following parties and as otherwise described in this Privacy Policy, in other applicable notices, or at the time of collection.

Affiliates. In some cases, our corporate parent, subsidiaries, and affiliates might have access to personal information.

Service providers. Third parties that provide services on our behalf or help us operate the Service or our business (such as hosting, internet service providers, information technology, order fulfillment, customer support, online chat functionality providers, email delivery, marketing, consumer research and website/data analytics).

Third parties designated by you. We may share your personal information with third parties where you have instructed us or provided your consent to do so.

Linked third-party services. If you log into the Service with, or otherwise link your Service account to, a social media or other third-party service, we may share your personal information with that third-party service. The third party’s use of the shared information will be governed by its privacy policy and the settings associated with your account on the third-party service.

Professional advisors. Professional advisors, such as lawyers, auditors, bankers and insurers, where necessary in the course of the professional services that they render to us.

Authorities and others. Law enforcement, government authorities, and private parties in litigation, as we believe in good faith to be necessary or appropriate for the Compliance and protection purposes described above.

Corporate transactions. We may disclose personal information in the context of actual or prospective business transactions (e.g., investments in Limit Break, financing of Limit Break, public stock offerings, the sale, transfer or merger of all or part of our business, assets or shares, liquidation or reorganization). For example, we may need to share certain personal information with prospective counterparties and their advisers. We may disclose your personal information to an acquirer, successor, or assignee of Limit Break or a portion of our business assets as part of any merger, acquisition, sale of assets, or similar transaction, and/or in the event of an insolvency, bankruptcy, or receivership in which personal information is transferred to one or more third parties as one of our business assets.

Other users and the public. Your Profile data and some user-generated content may be visible to other users of the Service and the public. For example, other users of the Service may have access to your information if you choose to make your profile or other personal information available to them through the Service, including in relation to experiences made available through the Service, when you communicate through the Service, provide comments, reviews, photos, videos, survey responses, or share other content. This information can be seen, collected and used by others, including being cached, copied, screen captured or stored elsewhere by others (e.g., search engines), and we are not responsible for any such use of this information. Once you publish content, it may be copied and stored on third party systems where you might not have the ability to have it deleted. We make commercially reasonable efforts to verify that the third parties with whom our mobile application shares personal information provide a level of protection of personal information consistent with the practices described in this Privacy Policy, except that all such third parties described above other than service providers and affiliates may, to the extent permitted by law, use personal information as described in their own privacy policies.

In this section, we describe the choices available to you.

Access or update your information. If you have registered for an account with us through the Service, you may review and update certain account information by logging into the account and navigating to your account profile and settings.

Opt-out of communications. You may opt-out of marketing-related emails by following the opt-out or unsubscribe instructions at the bottom of the email, or by contacting us. It may take time for your opt-out to be effective. Please note that if you choose to opt-out of marketing-related emails, you may continue to receive service-related and other non-marketing emails.

Mobile location data. You can disable our access to your device’s precise geolocation in your mobile device settings.

Cookies. Most browsers let you remove or reject cookies. To do this, follow the instructions in your browser settings. Many browsers accept cookies by default until you change your settings. Please note that if you set your browser to disable cookies, the Service may not work properly. For more information about cookies, including how to see what cookies have been set on your browser and how to manage and delete them, visit www.allaboutcookies.org.

Blocking images/clear gifs: Most browsers and devices allow you to configure your device to prevent images from loading, so the business hosting the image will not detect that you have viewed a page. To do this, follow the instructions in your particular browser or device settings.

Do Not Track. Some Internet browsers may be configured to send “Do Not Track” signals to the online services that you visit. We currently do not respond to “Do Not Track” signals. To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.

Advertising choices. You may be able to limit use of your information for interest-based advertising through the following settings/options/tools:

• Browser settings. Changing your internet web browser settings to block third-party cookies.
• Privacy browsers/plug-ins. Using privacy browsers and/or ad-blocking browser plug-ins that let you block tracking technologies.
• Platform settings. Some platforms offer opt-out features that let you opt-out of use of your information for interest-based advertising. You may be able to exercise that option for Google and Facebook at the following websites:
  • Google: https://tools.google.com/dlpage/gaoptout
  • Facebook: https://www.facebook.com/about/ads
• Ad industry tools. Opting out of interest-based ads from companies that participate in the following industry opt-out programs:
  • Network Advertising Initiative: http://www.networkadvertising.org/managing/opt_out.asp
  • Digital Advertising Alliance: https://optout.aboutads.info
  • AppChoices mobile app, available at https://www.youradchoices.com/appchoices, which will allow you to opt-out of interest-based ads in mobile apps served by participating members of the Digital Advertising Alliance.
• Mobile settings. Using your mobile device settings to limit use of the advertising ID associated with your mobile device for interest-based advertising purposes.

You will need to apply these advertising-related opt-out settings on each device and browser from which you wish to limit the use of your information for interest-based advertising purposes. We cannot offer any assurances as to whether the companies we work with participate in the opt-out programs described above.

Declining to provide information. We need to collect personal information to provide certain services. If you do not provide the information we identify as required or mandatory, we may not be able to provide those services.

Retention Period for Personal Information. We generally retain personal information to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements, to establish or defend legal claims, or for fraud prevention purposes. To determine the appropriate retention period for personal information, including Sensitive Personal Information, we may consider factors such as the length of time we have an ongoing relationship with you and provide services to you; the amount, nature, and sensitivity of the personal information; the potential risk of harm from unauthorized use or disclosure of your personal information; the purposes for which we process your personal information and whether we can achieve those purposes through other means; whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them); whether retention is advisable in light of our legal position, such as in regard to applicable statutes of limitations, litigation or regulatory investigations; and applicable legal requirements. For example, we will retain your personal information for as long as you have an account with us or keep using our services, and the length of time thereafter during which we may have a legitimate need to reference your personal information to address issues that may arise. When we no longer require the personal information we have collected about you, we may either delete it or de-identify it.

The Service may contain links to websites, mobile applications, and other online services operated by third parties. In addition, our content may be integrated into web pages or other online services that are not associated with us. These links and integrations are not an endorsement of, or representation that we are affiliated with, any third party. We do not control websites, mobile applications or online services operated by third parties, and we are not responsible for their actions. We encourage you to read the privacy policies of the other websites, mobile applications and online services you use.

We employ technical, organizational and physical safeguards that are designed to protect the personal information we collect. However, security risk is inherent in all Internet and information technologies, and we cannot guarantee the security of your personal information.

We are headquartered in the United States and may use service providers that operate in other countries. Your personal information may be transferred to the United States or other locations where privacy laws may not be as protective as those in your state, province, or country.

The Service is not intended for use by anyone under 13 years of age. If you are a parent or guardian of a minor from whom you believe we have collected personal information in a manner prohibited by law, or if information was provided on your behalf when you were under 13, please contact us. If we learn that we have collected personal information through the Service from a child without the consent of the child‘s parent or guardian as required by law, we will comply with applicable legal requirements to delete the information.

Please note that we do not knowingly collect personal information from children or teens. Based on the app store recommendation of the Service being ages 13 or older, some users may be older than 13 but under age 18. We do not collect any personal information from users that identifies or suggests a user‘s age and we cannot actually identify which users are children or teens due to the limited personal information we receive.

The “LAST UPDATED” legend at the top of this Privacy Policy indicates when this Privacy Policy was last revised. We reserve the right to modify this Privacy Policy at any time. We will notify you by updating the “Last Updated” date. Depending on the kind of change we make, we may also notify you directly or ask for your consent to the change. Any modifications to this Privacy Policy will be effective upon our posting the modified version or as otherwise indicated at the time of posting.

Email: [email protected]

Website: https://limitbreak.com/products/puzzle-panic

Notice to South Korea users

This section applies to individuals in the Republic of Korea and, where applicable, to our provision of services that is subject to Korea’s Personal Information Protection Act (PIPA).

We have appointed a Personal Information Protection Officer under the PIPA—see How to contact us for contact details. Other PIPA disclosures are set out in this Privacy Policy.

We transfer personal information to service providers outside of South Korea for hosting, storage, customer support and security. Because these transfers are necessary to provide the Service, we rely on the bases permitted under the PIPA for cross-border outsourcing/storage and we supervise such providers

Notice to Japan users

For purposes of the Act on the Protection of Personal Information (APPI), including APPI’s extraterritorial provisions where applicable, Limit Break is the “personal information handling business operator” for the processing covered by this Privacy Policy.

General

Where this Notice to European users applies. The information provided in this “Notice to European users” section applies only to individuals in the United Kingdom and the European Economic Area (i.e., “Europe” as defined at the top of this Privacy Policy).

Personal information. References to “personal information” in this Privacy Policy should be understood to include a reference to “personal data” (as defined in the GDPR) – i.e., information about individuals from they are either directly identified or can be identified.

Controller. Limit Break, Inc. is the controller in respect of the processing of your personal information covered by this Privacy Policy for purposes of European data protection legislation (i.e., the EU GDPR and the so-called EU GDPR (as and where applicable, the “GDPR”)). See the How to contact ussection above for our contact details.

Representatives. We have appointed the following representatives in the EEA/UK as required by the GDPR - you can also contact them directly should you wish:

General Data Protection Regulation (GDPR) - European Representative.
Pursuant to Article 27 of the General Data Protection Regulation (GDPR), Limit Break has appointed European Data Protection Office (EDPO) as its GDPR Representative in the EU. You can contact EDPO regarding matters pertaining to the GDPR:

• by using EDPO’s online request form: GDPR Data Request - EDPO
• by writing to EDPO at Avenue Huart Hamoir 71, 1030 Brussels, Belgium

UK General Data Protection Regulation (GDPR) - UK Representative
Pursuant to Article 27 of the UK GDPR, Limit Break has appointed EDPO UK Ltd as its UK GDPR representative in the UK. You can contact EDPO UK regarding matters pertaining to the UK GDPR:

• by using EDPO’s online request form:UK GDPR Data Request - EDPO

• by writing to EDPO UK Ltd, Unit 33, Waterside, Schooner Court, 44-48 Wharf Road, London, N1 7UX, United Kingdom

Our legal bases for processing

In respect of each of the purposes for which we use your personal information, the GDPR requires us to ensure that we have a “legal basis” for that use.

Our legal bases for processing your personal information described in this Privacy Policy are listed below.

• Where we need to perform a contract, we are about to enter into or have entered into with you (“Contractual Necessity”).
• Where it is necessary for our legitimate interests and your interests and fundamental rights do not override those interests (“Legitimate Interests”). More detail about the specific legitimate interests pursued in respect of each Purpose we use your personal information for is set out in the table below.
• Where we need to comply with a legal or regulatory obligation (“Compliance with Law”).
• Where we have your specific consent to carry out the processing for the purpose in question (“Consent”).

We have set out below, in a table format, the legal bases we rely on in respect of the relevant purposes for which we use your personal information – for more information on these purposes and the data types involved, see ‘How we use your personal information’.

Other info

No sensitive personal information. We ask that you not provide us with any sensitive personal information (e.g., social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background or trade union membership) on or through the Service, or otherwise to us. If you provide us with any sensitive personal information to us when you use the Service, you must consent to our processing and use of such sensitive personal information in accordance with this Privacy Policy. If you do not consent to our processing and use of such sensitive personal information, you must not submit such sensitive personal information through our Service.

No Automated Decision-Making and Profiling. As part of the Service, we do not engage in automated decision-making and/or profiling, which produces legal or similarly significant effects.

Your rights

General. European data protection laws give you certain rights regarding your personal information. If you are located in Europe, you may ask us to take the following actions in relation to your personal information that we hold:

• Access. Provide you with information about our processing of your personal information and give you access to your personal information.

• Correct. Update or correct inaccuracies in your personal information.
• Delete. Delete your personal information where there is no lawful reason for us continuing to store or process it, where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal information to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons that will be described to you, if applicable, at the time of your request;
• Portability. Port a machine-readable copy of your personal information to you or a third party of your choice, in certain circumstances. Note that this right only applies to automated information for which you initially provided consent for us to use or where we used the information to perform a contract with you.
• Restrict. Restrict the processing of your personal information, if, (i) you want us to establish the personal information’s accuracy; (ii) where our use of the personal information is unlawful but you do not want us to erase it; (iii) where you need us to hold the personal information even if we no longer require it as you need it to establish, exercise or defend legal claims; or (iv) you have objected to our use of your personal information but we need to verify whether we have overriding legitimate grounds to use it.
• Object. Object to our processing of your personal information where we are relying on Legitimate Interests (or those of a third party) and there is something about your particular situation that makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedom – you also have the right to object where we are processing your personal information for direct marketing purposes.
• Withdraw Consent. When we use your personal information based on your consent, you have the right to withdraw that consent at any time. This will not affect the lawfulness of any processing carried out before you withdraw your consent.

Exercising These Rights. You may submit these requests through this secure form. We may request specific information from you to help us confirm your identity and process your request. Whether or not we are required to fulfill any request you make will depend on a number of factors (e.g., why and how we are processing your personal information), if we reject any request you may make (whether in whole or in part) we will let you know our grounds for doing so at the time, subject to any legal restrictions.

Your Right to Lodge a Complaint with your Supervisory Authority. In addition to your rights outlined above, if you are not satisfied with our response to a request you make, or how we process your personal information, you can make a complaint to the data protection regulator in your habitual place of residence.

• For users in the European Economic Area – the contact information for the data protection regulator in your place of residence can be found here: https://edpb.europa.eu/about-edpb/board/members_en
• For users in the UK – the contact information for the UK data protection regulator is below:

The Information Commissioner’s Office Water Lane, Wycliffe House Wilmslow - Cheshire SK9 5AF Tel. +44 303 123 1113; Website: https://ico.org.uk/make-a-complaint/

Data Processing outside Europe

We are a U.S.-based company and many of our service providers, advisers, partners or other recipients of data are also based in the U.S. This means that, if you use the Service, your personal information will necessarily be accessed and processed in the U.S. It may also be provided to recipients in other countries outside Europe.

It is important to note that that the US is not the subject of an ‘adequacy decision’ under the GDPR – basically, this means that the U.S. legal regime is not considered by relevant European bodies to provide an adequate level of protection for personal information, which is equivalent to that provided by relevant European laws.

Where we share your personal information with third parties who are based outside Europe, we try to ensure a similar degree of protection is afforded to it by making sure one of the following mechanisms is implemented:

• Transfers to territories with an adequacy decision. We may transfer your personal information to countries or territories whose laws have been deemed to provide an adequate level of protection for personal information by the European Commission or UK Government (as and where applicable) (from time to time).
• Transfers to territories without an adequacy decision.
  • We may transfer your personal information to countries or territories whose laws have not been deemed to provide such an adequate level of protection (e.g., the U.S., see above).
  • However, in these cases:
    • we may use specific appropriate safeguards, which are designed to give personal information effectively the same protection it has in Europe – for example, standard-form contracts approved by relevant authorise for this purpose; or
    • in limited circumstances, we may rely on an exception, or ‘derogation’, which permits us to transfer your personal information to such country despite the absence of an ‘adequacy decision’ or ‘appropriate safeguards’ – for example, reliance on your explicit consent to that transfer.

You may contact us if you want further information on the specific mechanism used by us when transferring your personal information out of Europe.