Effective Date: [November 20, 2024]
Thank you for choosing to avail our Services. We respect your privacy, and we are committed to protecting your Personal Data.
This Privacy Policy (“Policy”) applies to the processing of Personal Data (as defined below) by Nexpace Limited, registered as a Private Company Limited by Shares bearing registration number 14290, and all of its subsidiaries and affiliates (Collectively referred to as “Company”, “we”, “us”, “our”) in connection with your visits or use of our platform Nexpace which comprises our website, mobile application, games, interactive software products and services, and any supporting servers, or third-party integrations (collectively “Platform”) used to deliver our services. Third-party services may have their own privacy policies, and we encourage you to review them. This Policy is to be read and interpreted together with our Terms of Services, available at https://msu.io/policy/terms, and, which collectively govern the Personal Data processing activities relating to your access to and use of our Platform and our services. By using the Platform, you agree to be bound by our Terms of Services and this Policy. This Policy does not intend to override any clauses present in our Terms of Services. Any terms not defined in this Policy shall be deemed to have meanings given to them in the Terms of Services, as the case may be. If you have any questions about this Policy, please contact us by email at terms_policy@nexpace.io, or by registered post at Office No. 305, 14th Floor, Al Sarab Tower, Abu Dhabi Global Market Square, Al Maryah Island, Abu Dhabi, United Arab Emirates.
1. Purpose
1.1. This Policy is designed to provide you with information regarding the specific types of Personal Data we collect about you, the purposes and legal bases for processing your Personal Data and the methods by which we collect and process your Personal Data.
1.2. Personal Data includes any information which may, by itself, or in conjunction with other information be able to identify you. Further, this Policy informs you about your rights and how the data protection principles are set out in the ADGM Data Protection Regulations, 2021 (“Data Protection Regulations”) of Abu Dhabi Global Market (“ADGM”). The specific Personal Data and data points which we collect from you are explained below in section 5 of this Policy. Please commence using this Platform to avail our services only after consenting to share your Personal Data with us in the specific format shared by us with you.
1.3. Silence or inactivity with respect to our consent request will not constitute consent. If it comes to our notice that you have accessed or used the Platform without providing proper consent, as sought by us, or that you have circumvented providing your consent, we reserve the right to limit, prohibit, or restrict, your access or use of the Platform.
2. Changes to this Privacy Policy
2.1. From time to time, we may revise, amend or supplement this Policy to reflect necessary changes in law, our Personal Data collection and usage practices, our Platform, or certain advances in technology. If any material changes are made to this Policy, the changes may be prominently posted on the Platform. However, this is not obligatory for us; the onus is on you to occasionally familiarize yourself with the contents of this Policy, for your own information; and particularly to do so every time you access our Platform.
2.2. Changes to this Policy are effective when they are published.
3. Who’s Personal Data Do We Process
3.1. The Platform processes the Personal Data of the following categories of individuals:
3.1.1. Visitors: Persons that visit the Platform, but do not create an account on Nexpace.
3.1.2. Users: An individual that has signed up on the Platform to create an account to avail our Services available on the Platform. (Collectively referred to as “Data Subject”, “you” and “your”)
4. Data Processing Principles Followed and Automated Processing
4.1. Your Personal Data is collected and processed in accordance with the global best data processing principles, including lawfulness, fairness and transparency; purpose limitation; data minimisation; accuracy; storage limitation; integrity and confidentiality (security); and accountability; with all relevant laws and regulations considered; and however applicable.
5. Types of Personal Data, Purposes of Processing and Lawful Basis for Processing
Information we process | Purpose/activity | Lawful basis | Mode of Collection |
---|---|---|---|
Personal identifiers
|
|
|
|
Technical information
| Enables us to:
|
|
|
Platform communication related information |
|
|
|
Marketing data Includes your name, position and business details and includes your preferences in receiving marketing from us and our third parties and your communication preferences. |
|
|
|
Feedback and opinions |
|
|
|
Email interactions
|
|
|
|
6. Your Refusal, Failure, Inability to Provide Us With Necessary Personal Data
6.1. If you fail, neglect and/or refuse to, or are unable to provide us with any Personal Data which we necessarily need to provide our services or which we need to collect by law, we may not be able to perform the services. In this case, we have the right to discontinue your use of the Platform and/or may disapprove your service requests. In such a situation, we will notify you of our inability to provide you with our services at the earliest.
7. We Process Personal Data of Individuals Below The Age of 18
7.1. The Platform is not intended for persons under nineteen (19) years of age. We do not collect any information from persons under nineteen (19) years of age, and if we unintentionally collect personal information from any such Data Subject, we will make every effort to delete it.
8. We Process and Use Aggregated, Anonymised and De-Identified Information
8.1. We may also create, process, collect, use and share aggregated, anonymised or de-identified data such as statistical or demographic data for any purpose as permitted under applicable laws. We may analyse such aggregated and anonymized information in a manner to further enhance the level of services that we offer on our Platform for business or research purposes, including improving and customizing the Platform for ease of use and the services offered by us. Such information also includes the average number of Users of the Platform, the average clicks of the services/, the features used, the response rate, etc. and other such statistics regarding groups or individuals. In doing so, we shall not be making disclosures of any Personal Data as such information will then no longer identify you as an individual person and we ensure that the data is put beyond further use, despite being derived from your Personal Data. We may archive this information to use it for future communications for providing updates and/or surveys. Furthermore, we may also use this information to comply with legal or regulatory obligations.
9. Links to Third-Party Websites
9.1. Our services, Platform, or communications may contain links to other third-party websites which are not owned or operated by us and are regulated by their own privacy policies. If you click on a third-party link, you will be directed to that third-party’s site. We strongly advise you to review the Policy of every site you visit. We are not responsible for the privacy policies of these third-party websites, regardless of whether they were accessed using the links from our Platform. We have no control over and assume no liability for the content, privacy policies or practices of any third-party sites or services.
10. We May Share Your Personal Data with Third Parties
10.1. We may have to share your Personal Data with a selected and trusted group of third-party/ parties for reasons elaborated in this section.
10.2. We will only disclose your Personal Data to third-party service providers under strict terms of confidentiality. We do not allow our third-party service providers to use your Personal Data for their own purposes and only permit them to process your Personal Data for specified purposes and in accordance with our instructions.
10.3. Here is a list of the specific circumstances in which we share your Personal Data with third parties and specific categories of third parties with whom such data is shared:
10.3.1. To provide Services to You: To enable this we may share your Personal Data with Nexpace’s affiliates and select third-party vendors as listed below in section 10.3.5 of this Policy.
10.3.2. Applicable law, government requests, or any other relevant authority inquiry: Where we are legally required to do so, we may disclose your Personal Data to comply with applicable law, governmental requests, a judicial proceeding, court order, or legal process, such as in response to a court order or a subpoena (including in response to public authorities to meet national security or law enforcement requirements), or where we find it is necessary to investigate, prevent or take action regarding potential violations of our policies, suspected fraud, situations involving potential threats to the safety of any person and illegal activities. We may disclose your Personal Data as evidence in any litigation in which we are involved. To enable this we may share your Personal Data with the relevant law enforcement, regulatory, administrative, judicial, or government bodies, authorities or agencies.
10.3.3. Merger, acquisition: We may disclose your Personal Data in connection with, or during negotiations of, any merger, sale of Company assets, financing, acquisition of all or a portion of our business to another company, any dissolution transaction or proceeding involving sale, transfer, divestiture, or disclosure of all or a portion of our business or assets. In the event of an insolvency, bankruptcy, or receivership, your Personal Data may also be transferred as a business asset forming part of our goodwill. If another company acquires us, our business or assets, that company will possess the Personal Data collected by us and will assume the rights and obligations held by us regarding your Personal Data, as described in this Policy. To enable this we may share your Personal Data with the relevant corporate entities involved in the merger, acquisition etc. and their select vendors and service providers.
10.3.4. Advertisements: We may disclose your Personal Data to third-party advertising companies to serve ads when you visit or use the Platform. These companies may use information about your visits to our Platform and other websites that are contained in web cookies and other tracking technologies in order to provide advertisements about goods and services of interest to you, provided you have consented to the same.
10.3.5. With select third-party vendors: In connection with the performance of our Services, we may share your Personal Data with third-party vendors, service providers, contractors or agents who perform services for us or on our behalf and require access to such information to do that work. Examples of such third parties include customer relationship management, data analysis, email delivery, hosting services, customer service, quality assurance testing, technical support, operational support and maintenance services and marketing efforts. This is not an exhaustive or stationary list and may be revised from time to time.
10.4. Some of these third parties may be in a jurisdiction outside the laws stated in this Policy, in which case we will take all necessary steps to ensure that your Personal Data is treated securely and that such transfers are permitted under the applicable data protection laws. Please see section 15 for further information.
10.5. We may also use any or all of the Personal Data above to administer and manage our business in general, to detect and prevent misuse of our services (including fraud), and to enforce our Terms of Services or any other contract to which we may be a party to.
11. Marketing Communications and Opting Out
11.1. We provide you with choices regarding the Personal Data we use, particularly concerning any market research and/ or subsequent marketing, advertising and promotion. We may contact you through emails to send you information about our services or information we feel may interest you and/or to inform you about new products and services we are offering (including promotional offers) (“Marketing Communications”).
11.2. You may at any time, object to receive Marketing Communication from us. If you wish to do so, please click on the “Unsubscribe” option available on all Marketing Communications that you may receive from us or by contacting us at https://support.msu.io/hc/en-us .
11.3. You may be able to refuse or disable cookies by adjusting your web browser settings. For further information, please see the instructions provided by your web browser (typically in the “Help” section). You may need to take additional steps to refuse or disable local storage and similar technologies. If you choose to refuse, disable, or delete cookies and similar technologies, some of the functionality of the Platform may no longer be available to you.
11.4. Some web browsers may transmit “do-not-track” signals to the websites with which you communicate. Nexpace currently does not take action in response to these signals.
11.5. You have the ability to control whether you receive interest-based ads based on information collected or received about your online activities and interests over time and across unaffiliated sites and services and your different devices. You can opt out of receiving interest-based ads from companies that participate in self-regulatory programs by following the instructions provided on their websites. If you are using a mobile app, you also may need to opt out of interest-based advertising on your mobile device or through the mobile application. For more information, check your device and mobile app settings. Please note that your opt-out choice will apply only to the browser and device you are using when you opt-out.
11.6. Other Game and Device Permissions. You may be able to adjust your privacy settings for push notifications, address book sharing, and other information or features within the Platform or your device permissions. Please review the settings for the Platform and your device for more information. To stop the collection of information by a Nexpace game, you can uninstall the game using the standard uninstall process available on your device or the app marketplace or network from which you installed the game.
12. You Have Rights as to Your Personal Data
12.1. You (in so far as these laws have application and are subject to pertinent exemptions and restrictions stipulated therein) broadly have these rights under the Data Protection Law:
12.1.1. Right to access: This means that you may ask us to provide you information on several aspects (depending on the applicable law/ regulations) pertaining to the processing activities undertaken by us, including, what Personal Data concerning you is being processed by us, the purposes of such processing, and who else the Personal Data may be passed/ transferred to or shared with.
12.1.2. Right to withdraw consent: Where we rely on your consent to process your Personal Data, if you wish for us to stop processing your Personal Data, it is your right to withdraw consent, preventing us from further processing the Personal Data, without prejudicing any processing of your Personal Data which will have taken place till the receipt of your consent withdrawal request.
12.1.3. Right to rectification: If you have provided your Personal Data to us, you have the right to request that we correct, or rectify your Personal Data if the same is incorrect or outdated.
12.1.4. Right to erasure: This is your right, under certain circumstances, whereby you can ask for your Personal Data to be deleted. This would apply if the Personal Data is no longer required for the purposes it was collected for, or your consent for the processing of that Personal Data has been expressly withdrawn, or where Personal Data has been unlawfully processed. Some exceptions may apply to your exercise of this right.
12.1.5. Right to object to processing: This is your right to object to the further processing of your Personal Data which is inconsistent with the primary purpose for which it was collected, which includes processing for profiling, automation and direct marketing.
12.1.6. Right to restrict processing: This is your right to ask for a temporary halt or pause in the processing of Personal Data, such as in the case where a dispute or legal case must be concluded, or the information is being corrected.
12.1.7. Right to data portability: This is your right to ask for the Personal Data which you have provided to us, for which you have provided your consent for us to process, and which we have processed using automated means, to be provided to you in a structured, commonly used, and machine-readable or electronic format.
12.1.8. Rights in relation to automated decision making and profiling: This is your right not to be subject to a decision based solely on automated processing.
12.1.9. Right not to be discriminated against: This is your right not to be discriminated against by us. This right ensures that your Personal Data will not influence or affect us, and you are not denied any of our Services, charged a different rate for the Services, or provided with a different quality of Service simply because of your Personal Data.
12.2. If you wish to exercise any of the rights set out above or any other laws concerning Personal Data (in so far as same is applicable), please contact us at terms_policy@nexpace.io. We may need to request specific information from you to help us confirm your identity. This security measure is to ensure that your Personal Data is not disclosed to any person who has no right to receive it.
12.3. We aim to respond to all legitimate requests without undue delay and within one (1) calendar month of receipt of any request from you. Occasionally it may take us longer than one (1) calendar month if your request is particularly complex, or if you have made duplicated or numerous requests. In this case, we will notify you of receipt of such request(s) and keep you updated as to the status of progress concerning such request(s).
13. How to Update Your Information
13.1. Whenever possible, you can update your Personal Data, subject to verification by us. If you wish for us to update your Personal Data, please contact us at terms_policy@nexpace.io to make the required changes. We will retain your Personal Data for as long as your accounts have not been closed or as may be needed to provide you access to your accounts and/ or our services, and in compliance with the law.
14. Data Retention and Records
14.1. We retain Personal Data, including session data linked to your service usage or account, and all access or use of the services.
14.2. We adhere to all applicable legislative provisions and data protection laws of each jurisdiction we operate in. Should any further information be required, please contact us at terms_policy@nexpace.io.
14.3. Your Personal Data will be retained for no period longer than eight (8) years after the purposes it was collected for have been met, subject to any legal, accounting, reporting, government, regulatory or law enforcement requirements, which may require a longer retention period.
14.4. Notwithstanding the above, we may retain your Personal Data for a longer period of time, as determined on a case by case basis. To determine the appropriate retention period for your Personal Data, we consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorised use or disclosure of your Personal Data, the purposes for which we process your Personal Data and whether we can achieve those purposes through other means, and the applicable legal requirements. When we have no ongoing legitimate business needed to process your Personal Data, we will either delete, anonymise, pseudonymise, encrypt or put beyond further use your Personal Data unless necessary for the establishment or defence of legal claims or must be retained for compliance with applicable law or if it is part of a dataset used to lawfully train or refine an artificial intelligence system in a manner that does not present risks to your rights.
14.5. If this is not possible (for example, because your Personal Data has been stored in backup archives), then we will securely store your Personal Data and isolate it from any further processing until deletion is possible.
15. Data Storage and Data Transfers
15.1. Your Personal Data is stored and transferred in compliance with the applicable legislation of the ADGM.
15.2. We store and process your Personal Data in data centers within the UAE, wherever we have our premises, or where our third-party service providers are located.
15.3. We may transfer some of your Personal Data outside the ADGM. Some of the international organisations and countries to which your Personal Data will benefit from an appropriate data protection regulatory framework as evidenced by an adequacy decision by the appropriate regulatory authority. However, this may not always be possible. For such international organisations and countries, we shall transfer your Personal Data, only upon ensuring that a suitable degree of protection is afforded to it through the implementation of the necessary safeguards, such as adequate binding corporate rules or through the inclusion of standard contractual clauses in our agreements with such organisations and countries. If sought by you, we shall notify you of the specific safeguards we adopt to transfer your Personal Data to such an international organisation and/or country.
15.4. Notwithstanding section 15.3, we may transfer your Personal Data outside of the ADGM in the following circumstances:
15.4.1. The transfer is necessary for the conclusion or performance of a contract concluded in your interest between us and another natural or legal person;
15.4.2. The transfer is necessary for important reasons of public interest;
15.4.3. The transfer is required by law enforcement agencies of the UAE in accordance with applicable law;
15.4.4. The transfer is necessary for the establishment, exercise or defence of legal claims (including judicial, administrative, regulatory and out-of-court procedures); or
15.4.5. The transfer is necessary in order to protect your vital interests or those of another person, where you are physically or legally incapable of giving consent.
15.5. Should you want more information on your Personal Data which may have been shared outside the ADGM, and the purposes for doing so, please write to us at terms_policy@nexpace.io.
16. Use Of Cookies and Related Technologies
16.1. This section explains what cookies are, what information we collect using cookies and how we use cookies in respect of the Platform.
16.2. Our Platform uses cookies. A cookie is a small text file placed on your computer, system or mobile device when you visit a website or use an app. Cookies collect information about your visit to or use of a website or about your use of the application, such as the Platform. Cookies collect information such as your IP address, how they arrive at the Platform (for example, through a search engine or a link from another website or platform) and how they navigate within the Platform.
16.3. We use both session / transient cookies (which expire once you close your device web browser) and persistent cookies (which stay on your device until you delete them) to collect Personal Data to provide you with a more personalized and interactive experience in using our Platform. This type of Personal Data is collected to make our services more useful to you and to tailor your experience with us to meet your special interests and needs.
16.4. How we use cookies
16.4.1. When you use and access our Platform, we may place a number of cookie files on your device’s web browser. We use cookies to enable certain functions of the Platform i.e., to provide analytics, to prevent fraudulent or illegal activity, to store your preferences, to enable advertisement delivery, including behavioural advertising. We also use cookies to enhance your browsing experience by:
i. Recognizing when you log in and any preferred settings.
ii. Giving you a browsing experience that is unique to you and to serve you content which we believe improves your site's experience.
iii. Analysing how you use our sites which helps us to troubleshoot any problems and to monitor our own performance.
16.4.2. In addition to our own cookies, we may also use various third parties’ cookies to report usage statistics of our sites, deliver advertisements on and through our Platform, and so on.
16.5. Types of cookies we use
16.5.1. We use the following four types of cookies,
i. Essential cookies: These cookies are essential to let you move around the Platform and use its features. These cookies allow our Platform to provide services at your request. We use essential cookies to authenticate users and prevent fraudulent use of user accounts.
ii. Performance cookies: These cookies may be used to collect information about how you use the Platform e.g., which pages you visit most often, and if you experience any error messages. They also allow us to update our Platform to improve performance and tailor it to your preferences. These cookies do not collect any information that could identify you – all the information collected is anonymous.
iii. Functionality cookies: These cookies are used to remember the choices you make, e.g., your username, login details and language preferences. They also remember any customizations you make to give you enhanced, more personal features of your digital experience.
iv. Advertising and targeting cookies: These cookies are used to collect information about your visit to our sites, the content you viewed, browsing habits to deliver adverts which are more relevant to your interest, links you followed and information about your browser, device, and your IP address. They also measure the effectiveness of advertising campaigns.
16.6. Why we use cookies
Nexpace uses cookies and similar technologies for the following functions and purposes:
Function | Purpose |
---|---|
Analytics and Research | Nexpace uses analytics and research cookies to collect information about how visitors use the Platform, including the total number of people that use the Platform and the types of devices they use. Nexpace may use the information to compile reports of aggregated and de-identified information and to help make improvements to the Platform. |
Authentication | These cookies help Nexpace to identify you so that when you are signed in, you can enjoy the Platform and features fully. These cookies are essential and cannot be blocked if you wish to use the Platform. |
Service Features and Performance | Nexpace uses feature-tracking cookies to collect information about how the Platform is performing. Nexpace may use the information to compile reports and to help make improvements to the Platform. |
Security and Service Integrity | Nexpace uses security-based cookies to help ensure the security of the Platform. Nexpace may use information obtained from security and service integrity cookies to, among other things, identify possible fraudulent or abusive activities, enforce its Terms of Services, and protect your safety. These cookies are essential and cannot be blocked if you wish to use the Platform. |
Advertising | Nexpace uses advertising cookies to customize the advertising that is shown to you on the Platform and on third party websites and services. |
16.7. Cookies preferences
Please note, that if you delete cookies or refuse to accept them, you might not be able to use all of the features we offer on our Platform. You may not be able to store your preferences, and some of our pages might not display properly. The Company is not responsible and will not be held liable for any loss resulting from your decision or inability to use cookies.
17. Legal Recourse to Relevant Authorities and Right to Lodge Complaints
17.1. You have the right to make a complaint at any time to the Commissioners appointed under the ADGM Data Protection Regulations, 2021. However, we would appreciate the opportunity to address your concerns before you approach any such authority. Please contact us in the first instance so that we may try to resolve your complaint swiftly and satisfactorily. Please contact us via email at terms_policy@nexpace.io.
18. Security Precautions and Measures Exercised by Us for Protection of Your Personal Data
18.1. We are committed to ensuring that your information is secure. To prevent unauthorised access or disclosure we have put in place suitable electronic and managerial procedures to safeguard and secure the information we collect online. We use industry-standard technical mechanisms and ensure that our affiliates or vendor entities use data encryption technology while implementing restrictions related to the storage of and the ability to access your Personal Data.
18.2. Our facilities are scanned on a regular basis for security holes and known vulnerabilities, to best ensure its security.
18.3. Your Personal Data is contained behind secured networks and is only accessible by a limited number of individuals who have special access rights to such systems and are required to keep the information confidential.
18.4. Please note that no transmission over the Internet or any method of electronic storage can be guaranteed to be absolutely one hundred percent (100%) secure, however, our best endeavours will be made to secure data and the ability to access your Personal Data.
18.5. Without prejudice to our efforts to protect your Personal Data, nothing contained in this Policy constitutes a warranty of security of the facilities, and you agree to transmit data at your own risk.
18.6. Please note, that we do not guarantee that your Personal Data may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards.
18.7. Please, always check that any website on which you are asked for financial or payment information in relation to our Services is in fact legitimately owned or operated by us. The risk of impersonating hackers exists and should be taken into account when using our Platform.
18.8. If you do receive any suspicious communication of any kind or request, do not provide your information and report it to us by contacting our offices immediately at terms_policy@nexpace.io.
18.9. Since we cannot guarantee against any loss, misuse, unauthorised acquisition, or alteration of Personal Data, please accept that, you play a vital role in protecting the Personal Data relating to yourself, including the adoption of sufficient safety measures such as your choosing of an appropriate password of sufficient length and complexity and to not reveal this password to any third parties.
18.10. Furthermore, we cannot ensure and do not warrant the security or confidentiality of data transmitted to us or sent and received from us by Internet or wireless connection, including email, phone, or SMS, since we have no way of protecting that information once it leaves and until it reaches us. If you have reason to believe that your Personal Data is no longer secure, please contact us.
18.11. Please note that should your Personal Data be breached, and the security of your rights be at high risk, we shall promptly and immediately communicate to you the details of said breach to the ADGM’s Commissioner of Data Protection Controller without undue delay, but in no event after seventy two (72) hours after having become aware of it.
18.12. We shall also communicate to you the nature of the breach which has taken place, and the likely consequences of such a breach and shall describe thoroughly the measures we have implemented to address the breach and to mitigate any and all adverse effects to you and your rights. In the unlikely event of a breach occurring, please reach out to us at terms_policy@nexpace.io for further information and for further advise on how to mitigate the potential adverse effects of such a breach.
18.13. We also aim to conduct all applicable security risk assessments to ensure the availability of risk mitigation controls, to better safeguard the integrity of Data Subject information.
19. General
19.1. In the case of abuse or breach of security, we are not responsible for any breach of security or for any actions of any third parties which receive the information illegally.
19.2. We will not distribute Personal Data to be used in mailing lists, surveys, or any other purpose other than what is required to perform our Services in accordance with this Policy.
20. Contacting Us
20.1. If you have any questions about our Policy as outlined above, or if you have any complaints, please contact us at terms_policy@nexpace.io.
20.2. If you have any queries or issues pertaining to your information or our Policy or Personal Data, then please do write to us at any time by emailing us via terms_policy@nexpace.io.