Privacy Policy - Word FaceOff (wordza) Last Updated: November 6, 2025 This Privacy Policy explains how People Park Yazılım Bilişim ve Teknoloji Limited Sirketi ("we," "us," "our") collects, uses, shares, and safeguards information when you use Word FaceOff (wordza) (the “App”). Contact: info@peoplepark.app 1) Who We Are & Scope This Policy applies to the App and related in-app events, analytics, advertising, and purchase flows on iOS and Android. 2) Information We Collect 2.1 Device & Technical Data Device identifiers (IDFA on iOS with consent; AAID on Android), app version, OS version, language, time zone, IP address, and coarse location (country/region inferred from IP). Diagnostics such as crash logs and performance data. 2.2 App Events, Analytics & Advertising Gameplay and engagement events (e.g., app open, level start/complete, session duration). Monetization events (e.g., ad impressions, subscription purchase/renewal). Attribution signals (e.g., Apple SKAdNetwork/AdAttributionKit postbacks on iOS; Google attribution on Android). 2.3 Purchases & Support Limited purchase metadata and store receipts/tokens for validation (payments are processed by Apple or Google; we do not receive full payment card details). Messages you send to support (email content, attachments you provide). 2.4 SDKs & Similar Technologies The App uses third-party SDKs for measurement, fraud prevention, and ad delivery. Mobile tracking uses SDK/device identifiers rather than web cookies. We do not request precise GPS location or contacts. If platform SDKs infer region/country for fraud prevention or ad serving, this is handled by those SDKs. 3) How We Use Data Provide & operate the App, including saving progress and delivering features. Analytics & improvement (aggregate statistics, A/B tests, stability, crash reduction). Advertising & measurement: show ads; if you consent (where required), we enable personalized ads and advertiser tracking. Otherwise, we show non-personalized/contextual ads. Safety & integrity: fraud prevention, abuse detection, legal compliance. 4) Legal Bases (EEA/UK users) Contract: to provide core App functionality. Legitimate interests: security, fraud prevention, and de-identified analytics (balanced against your rights). Consent: IDFA/personalized ads and certain analytics/measurement under regional rules. You can withdraw consent at any time in Privacy Options or OS settings. 5) Sharing & Third-Party SDKs We share data with service providers solely to operate, measure, and improve the App: Meta (Facebook) SDK / App Events. We send app events and limited device/usage data for ads measurement and performance. Meta may act as an independent controller for Business Tools data it receives. We enable automatic app event logging only after the required consent (e.g., ATT). You can toggle these in-app. iOS attribution via SKAdNetwork/AdAttributionKit may apply. Google Mobile Ads (AdMob). Ad delivery, frequency capping, fraud prevention, and measurement; supports non-personalized ads if consent is not granted or where required. Firebase (Analytics/Crashlytics/Performance). Aggregate analytics, crash diagnostics, performance telemetry. Apple / Google. App store billing, receipts/entitlements validation and compliance. We may disclose information if required by law or to protect rights, safety, and integrity. We do not sell your personal data. In certain US states’ laws, “share” for cross-context behavioral advertising occurs only with your consent, and you can opt-out via Privacy Options and OS settings. 6) Your Choices & Regional Controls iOS (ATT): allow/deny tracking in Apple’s prompt and later in Settings > Privacy. We only access IDFA if you grant permission. EEA/UK consent: we request consent before personalized ads/advertiser tracking; change your choice anytime in Privacy Options. Android: manage ad personalization and reset the Advertising ID in Settings. We honor User Messaging Platform (UMP) consent where applicable. US Do Not Sell/Share: use in-app Privacy Options or contact us. 7) Data Retention We retain personal data only as long as needed for the purposes above, then delete or de-identify it. Typical analytics/ad event logs are retained for a limited period consistent with provider defaults and legal requirements. 8) Your Rights Depending on your location, you may have rights to access, correct, delete, restrict or object, data portability, and to withdraw consent. You may also lodge a complaint with your local data authority. Requests: info@peoplepark.app 9) Open-Source Notices The App includes third-party components under open-source licenses (e.g., Apache-2.0). We provide an “Open Source Licenses” screen listing packages and license texts. 10) Changes to This Policy We may update this Policy and will notify you in-app or via official channels.