This Privacy Policy applies to personal information that we hold about players and customers, suppliers and prospective suppliers, job applicants, visitors to our websites, people who contact us, and anyone else whose personal information we process in connection with the Services.
GameWinner (HongKong) Network Technology Co., Limited, a company incorporated in Hong Kong SAR and doing business under the GWSVIP brand (“GWSVIP”, “we”, “us”, or “our”), operates the Mobile Goddess games, mgoddess.com websites, and related services (collectively, the “Services”). We generally act as the data controller when we decide why and how personal information is processed. In some commercial arrangements, we may instead act as a data processor on behalf of another controller, such as a publisher; in that case, the other controller's privacy notice may also apply.
“Personal information” means information relating to an identified or identifiable person. Some technical, aggregated, or de-identified information described below may not be personal information under every law, but we include it so that our practices are understandable. We are committed to handling information responsibly and explaining what we collect, where it comes from, why we use it, who receives it, how long we keep it, and how you can exercise your rights.
Privacy at a glance. This summary is a guide to the complete policy and does not replace the details below.
The information we hold depends on our relationship with you, the Service you use, the features you choose, the permissions you grant, and the law that applies. A particular Game may collect only part of the information listed below.
We may process information needed to provide a Game, maintain an Account, improve the experience, support you, prevent fraud and cheating, process entitlements, operate community features, and communicate with you. This may include:
The mgoddess.com websites are intentionally minimal. We do not currently run first-party analytics trackers, advertising pixels, or cross-site advertising cookies on the website. We store a language preference in a functional cookie and browser localStorage, and a visual-theme preference in localStorage. Cloudflare processes standard request and security logs, including IP address, user agent, requested URL, response information, and timestamp, to deliver and protect the site.
Some pages request third-party resources: YouTube thumbnails from i.ytimg.com, library files from jsDelivr, game images from our content CDN, and Google Fonts on the press page. When your browser loads such a resource, the provider receives the IP address, user agent, referrer information allowed by the browser, and requested resource under its own privacy policy.
For suppliers and prospective suppliers, we may collect business contact details, role and organisation, correspondence, contract and due-diligence information, service-performance records, invoices, tax information, and, where necessary to pay for services, bank-account or payment details. We may also process information relevant to security access, compliance, conflicts, and the services supplied.
For job applicants, we may collect contact details, CV or resume, employment and education history, portfolio, references, interview notes, work-authorisation information, compensation expectations, and other information relevant to the position. We retain application information only as long as reasonably necessary to assess the application, comply with law, resolve disputes, or consider the person for another role with permission where required.
We do not generally seek special-category or sensitive personal information such as health information, religious or political beliefs, ethnicity, sexual orientation, precise financial credentials, or government identifiers. If a feature or legal process requires such information, we will provide an appropriate notice and rely on consent or another lawful basis required by the applicable law.
We collect information in different ways depending on how you interact with us.
You may provide identity, contact, Account, support, payment-reference, or other information when you:
As you interact with a Game or website, we may automatically collect technical, device, network, gameplay, transaction, crash, security, and usage information through app events, SDKs, server logs, local storage, cookies, pixels, tokens, or similar technologies. The actual technologies differ by Service and are subject to device permissions and applicable consent rules.
For the current mgoddess.com website, automatic storage is limited as described in Sections 1.2 and 4. A Game may use additional analytics, crash-reporting, attribution, anti-fraud, community, or advertising technology. The technologies actually used depend on the platform and shipped build. The applicable store label, in-product permission or consent screen, and this policy should be read together; a specific in-product notice controls for the feature it describes where law permits.
We may receive personal information from a third party when you link it to a Service, make it available through privacy settings, or interact with that third party in connection with a Service. Sources may include:
Depending on the relationship and Service, we may use personal information to:
Cookies are small text files stored by a browser. Games and websites may also use SDK storage, localStorage, pixels, tags, beacons, server logs, and similar technologies. Depending on the Service, these technologies can keep a user signed in, remember preferences, maintain security, prevent fraud, measure performance and usage, diagnose problems, support attribution, personalise a Service, or serve and measure advertising.
Current Mobile Goddess website. The website uses only functional storage: a language-preference cookie and localStorage entries for language and theme. It does not currently use first-party analytics cookies, advertising cookies, cross-site tracking cookies, or fingerprinting. You can remove or block the functional cookie through browser settings, although the site may no longer remember your language choice.
Games and partners. A particular Game may use analytics, crash-reporting, attribution, anti-fraud, social, or advertising technologies. Where law requires consent, the technology will be activated only after the required choice. Device and platform controls can limit advertising identifiers, tracking, notifications, and permissions. We will update this policy and the relevant consent interface when practices materially change.
Your browser or device may allow you to delete stored data, block cookies, reset or delete an advertising identifier, deny tracking, limit permissions, or clear a Game's local storage. A control may apply only to that device or platform and may not delete Account information held on a server. Blocking storage that is strictly necessary for sign-in, language, security, or fraud prevention may cause the affected feature to stop working or require you to repeat a preference.
The legal basis depends on the information, purpose, relationship, and jurisdiction. We rely on one or more of the following:
For legitimate interests, we consider the purpose, necessity, reasonable expectations, nature of the information, likely benefits and harms, safeguards, and the rights of the affected person. Relevant interests may include operating and securing a multiplayer service, detecting fraud or cheating, understanding performance, improving a Game, maintaining business records, and establishing or defending claims. You may object to this processing where applicable law gives you that right.
Consent is requested through a clear choice where the applicable law requires it. Refusing or withdrawing optional consent does not affect the lawfulness of earlier processing, but it may disable the optional feature that depends on the information. We do not treat consent to one purpose as consent to an unrelated purpose, and we do not rely on consent where the processing is necessary to perform a contract or comply with law.
If we need sensitive information, we will identify the additional legal condition required for that information, limit collection to the relevant purpose, and apply safeguards appropriate to the risk. Where law requires a specific notice, documented assessment, or consultation before high-risk processing begins, that requirement applies in addition to the bases listed here.
Protecting children's privacy is important to us. Store age ratings describe content suitability, while the minimum contractual age is set out in the Terms. Data-protection laws separately determine when a child can consent to processing.
In the United States, COPPA generally requires notice and verifiable parental consent before collecting personal information from a child under 13. Other jurisdictions set their own digital-consent ages, including ages between 13 and 16 in the EEA. We do not knowingly collect personal information from a child below the applicable consent age without the consent or other authorisation required by law.
For a Game directed to children, or where we know a user is below the relevant age, we may use an age gate, limit data collection, restrict chat, social, advertising, profile, or purchasing features, request a parent or guardian's contact details, and use reasonable methods to verify consent. Parents and guardians should teach children not to disclose personal information through chat or community features.
If you believe a child provided personal information without the required permission, contact [email protected]. We will investigate and delete or restrict the information as required.
A parent or guardian may ask to review, correct, or delete a child's information and may withdraw a previously granted permission, subject to identity and guardianship verification. If consent is withdrawn or cannot be verified, we may disable the features that require that information or close the affected Account, while retaining only the records that law, safety, fraud prevention, or dispute resolution requires.
We may share personal information where necessary to provide a Service, respond to a request, carry out a purpose described in this policy, protect users, complete a transaction, or comply with law. Recipients may include:
Service providers must use information only for the contracted purpose and protect it appropriately. We use aggregated or de-identified information where that is sufficient, but we do not describe information as anonymous if it can reasonably be linked back to a person.
Advertising in Games. Our Games may serve in-game advertising. Advertising and measurement partners may receive a device advertising identifier, consent status, approximate location derived from IP, device information, and ad-interaction events. On iOS, cross-app tracking occurs only with the permission required by App Tracking Transparency. On Android, you can delete or reset the advertising ID and use available privacy controls. Our app-ads.txt file identifies companies authorised to sell advertising inventory; it is an anti-fraud list, not a complete list of data recipients.
Social features may be a core component of a Game. Depending on the feature and your settings, other players may see your profile data, nickname, avatar, guild or club, leaderboard position, achievements, in-game activities, friend relationships, status, and messages or UGC that you post. Information posted in a public or group area may be copied, shared, or retained by other users outside our control.
A Service may include social-media interaction tools, third-party friends lists, voice or text chat, community platforms, or other partner features. If you choose to activate, link, or use one, the partner may receive the information needed for that user-directed interaction and process it under its own privacy policy. We will request consent before enabling partner access where applicable law requires it. Review the feature's visibility settings and the partner's policy before sharing information.
Do not publish another person's personal information without permission. Use the available reporting and blocking tools to report harassment, unsafe behavior, or unlawful content.
The Services operate globally. Personal information may therefore be transferred to, stored in, or processed by us, affiliates, platform providers, and service providers in countries outside the place where you live or work. Those countries may have different data-protection laws.
We do not state that all information is stored exclusively in the United States. The location depends on the Game, platform, hosting arrangement, support route, and provider involved. A platform store or independent provider may also process information in locations described in its own policy. Cross-border access by support, security, engineering, or professional advisers can itself be a transfer under some laws.
Where transfer restrictions apply, the relevant transfer must rely on an available lawful mechanism, which may include an adequacy decision, the European Commission's Standard Contractual Clauses, the UK International Data Transfer Addendum, another approved contract, a legally permitted derogation, or de-identification that removes the information from the scope of the restriction. Consent is used only where it is valid for the particular transfer and the law permits that basis.
Contractual safeguards do not make every destination legally identical to your home country. Depending on the risk and legal requirement, supplementary measures may include access restrictions, encryption, data minimisation, transfer assessments, vendor obligations, audit rights, incident duties, or limits on onward transfers. You may contact us for information about safeguards relevant to your information, subject to confidentiality and security restrictions.
Depending on where you live and the circumstances, you may have rights to:
These rights are not absolute. We may refuse or limit a request where an exception applies, for example when information is needed to comply with law, protect another person's rights, preserve evidence, prevent fraud, establish or defend a claim, or complete a transaction. If we cannot comply, we will explain the reason where the law permits.
Submit a request through an available in-game privacy or deletion tool or email [email protected] from the address linked to your Account. Describe the Service, Account, and right you wish to exercise. We may verify identity and Account ownership before acting. We respond within the period required by law and will not discriminate against you for exercising a right. A request is normally free; where the law permits, we may charge a reasonable fee or refuse a manifestly unfounded, excessive, or repetitive request.
If an authorised agent submits a request for you, we may ask for signed authority and may still verify your identity directly where the law permits. We use verification information only to process and document the request. When a request affects another person's privacy, the integrity of a Game, anti-fraud systems, or confidential business information, we may provide a limited response or a secure summary instead of disclosing the protected material.
You can update some information through your profile and control permissions, advertising choices, notifications, and linked accounts through the relevant Game, platform, browser, or device settings.
EEA and United Kingdom. The legal bases in Section 5 apply. You may object to processing based on legitimate interests, withdraw consent, and lodge a complaint with your supervisory authority. Where legally required, we will publish the contact details of an appointed EU or UK representative through this policy or a regional notice.
California. California residents may have rights to know, access, delete, correct, and obtain information about categories of collection and disclosure, and to opt out of a “sale” or “sharing” as those terms are broadly defined. In-game advertising disclosures may qualify as sale or sharing even when no money is paid for personal information. Email [email protected] with “California opt-out” to submit the request. We will provide and honour any additional in-product control or recognised browser signal required by law for the relevant Service. If our use or disclosure of sensitive personal information triggers a right to limit, we will provide the method required by law.
Other regions. We honour additional rights and procedures required by applicable local law.
Where you have consented, or another lawful basis permits it, we may use contact, preference, Account, gameplay, purchase, and engagement information to send news, tailored suggestions, offers, event information, surveys, or promotions relating to our Games and Services.
You may opt out of marketing email through the unsubscribe link, change in-game message categories, turn off device notifications, or contact us. Opting out of marketing does not stop essential transactional, security, legal, support, Account, or purchase messages.
You may control interest-based advertising through the consent interface in the relevant Game and through platform settings. On iOS, use App Tracking Transparency and privacy settings; on Android, use the advertising privacy controls to delete or reset the advertising ID or opt out where available.
After an opt-out, we may retain a limited suppression record so that we can respect your request and avoid contacting you for the excluded marketing purpose.
We retain personal information only as long as necessary for the purposes described in this policy, including providing the Service, maintaining an Account, complying with law, resolving disputes, enforcing agreements, preventing fraud, and protecting users. We periodically review whether information is accurate, current, and still required.
Retention depends on the information and Service. Account and gameplay information is generally retained while the Account is active and for a limited period after deletion; backup removal may take additional time. Purchase, tax, and accounting records are retained for the legally required period. Support and complaint records are kept for the time needed to answer the matter, document the response, handle a dispute, and meet an applicable limitation or legal period. Security and server logs are kept for a risk-based rolling period. Supplier and applicant information is kept for the relationship, recruitment process, and applicable legal limitation period.
We may retain information needed to investigate unlawful activity, protect systems and users, preserve evidence, comply with an authority, establish or defend claims, or honour a marketing opt-out. When information is no longer required, we delete it, aggregate it, or irreversibly anonymise it.
We may use properly de-identified and aggregated information for research, statistics, service planning, and improvement without further notice where it can no longer reasonably be associated with you.
We use physical, technical, and organisational measures appropriate to the nature of the information and risk, including encryption in transit, access controls, authentication, least-privilege practices, logging, backups, supplier controls, and incident-response procedures. No system is completely secure, and we cannot guarantee that an incident will never occur.
Keep credentials confidential, use available security features, and notify us if you suspect Account compromise. If a personal-data breach requires notification, we will notify affected people and the relevant authority as required by law.
Our websites and Services may contain links to other sites, social-media buttons, embedded content, platform-store links, or partner integrations. We do not control those third parties and are not responsible for their content, security, availability, or privacy practices. A link is not an endorsement.
Once you follow a link or use a third-party feature, that party's terms and privacy policy apply. Review those policies before providing information. Section 1.2 identifies third-party resources currently loaded by the Mobile Goddess website.
A third-party page may collect information as soon as your browser or device requests its content, even if you do not create an account with that party. Leaving the Services, opening an app-store page, playing embedded media, using a social button, or loading a remote image may disclose technical request information to the relevant provider. Use browser, platform, or device controls if you do not want to load an optional third-party resource.
Questions, comments, complaints, and requests concerning this policy or personal information should be sent to GWSVIP at [email protected]. Include the relevant Game or Service and enough information for us to understand the request, but do not send passwords or full payment-card details.
If you remain concerned about our use of information, you may also complain to the data-protection or privacy authority in your country or region.
We may update this policy to reflect changes in law, technology, Services, providers, data practices, or security requirements. We will post the updated version here, change the “Last updated” date, and state when the new version takes effect. Subject to applicable law, the updated policy governs processing from its effective date.
Where a change is material, we will provide an appropriate notice through the relevant Game, website, email, or another channel. If applicable law requires renewed consent, we will request it before the new processing begins, for example through an in-game notice or consent screen. Continued use alone will not replace consent where the law requires an affirmative choice.
GWSVIP · Privacy contact: [email protected] · See also our Terms of Service.