Explore

Privacy Policy

Last updated on February 13, 2025

Introduction

GG XYZ (“we”, “us”, or “our”) is committed to protecting your personal data. This Privacy Policy outlines how we collect, use, disclose, and safeguard your information when you use our services, in compliance with international data privacy laws (GDPR, COPPA, PPDA). By using GG XYZ, you agree to the practices described in this Policy. If you do not agree, please discontinue use of our services.

Personal Data We Collect

We collect personal data that you provide to us and data automatically collected when you use our services:

Information You Provide: When you create an account or use our platform, you may provide personal details such as your name, email address, contact information, and any other information necessary for account setup or customer support.
Usage Data: We collect data about how you interact with our services. This includes your IP address, browser type, device information, pages visited, and the dates/times of access. This information helps us understand user engagement and improve our website.
Cookies and Analytics: We use cookies and similar technologies to enhance your experience. For example, we use Google Analytics to gather aggregated usage statistics. Google Analytics uses cookies to collect information like how often users visit the site and what pages they view. This data is used in anonymized or aggregated form to improve our services. You can refuse or disable cookies via your browser settings, and Google also offers an opt-out browser add-on if you wish to prevent your data from being used by Google Analytics.
Blockchain Data: If our services involve blockchain technology, certain data (such as transaction records or blockchain addresses) may be recorded on a public blockchain. Note that data on a blockchain is typically public and immutable, meaning it cannot be altered or deleted once added. We strive to avoid storing personal identifiers on-chain whenever possible, or we use cryptographic techniques (e.g., hashing or encryption) so that any personal data on the blockchain is protected and rendered indecipherable to unauthorized parties.

How We Use Your Data

We use the collected personal data for the following purposes:

Providing and Improving Services: To operate our platform, facilitate your activities (e.g. gameplay, transactions, or other features), and improve the functionality and user experience of GG XYZ.
Communication: To contact you with service updates, responses to inquiries, customer support, and information about changes to our terms or policies. We may also send you marketing or promotional communications if you have given consent (you can opt out at any time).
Analytics and Development: To analyze usage of our services (for example, through Google Analytics as noted above) and to develop new features or enhance existing ones. This helps us understand user needs and preferences on an aggregate level.
Security and Fraud Prevention: To maintain the security of our platform, prevent unauthorized access, detect fraud or other illegal activities, and enforce our Terms of Service.
Legal Compliance: To comply with applicable laws, regulations, legal processes, or governmental requests. We may also use your data to establish or exercise our legal rights or defend against legal claims.

We will only use your personal data for purposes you have been informed of and consented to, or which are otherwise permitted by law. Where required by GDPR, we rely on appropriate legal bases for processing (for example, your consent, performance of a contract, our legitimate interests, or compliance with a legal obligation).

How We Share Your Data

We respect your privacy and do not sell your personal data. We only share your information in limited circumstances, such as:

Service Providers: We may share data with third-party vendors and service providers who perform functions on our behalf. For example, these include cloud hosting providers, analytics services (like Google Analytics), email delivery services, or customer support tools. These parties are bound by contractual obligations to keep personal data confidential and use it only for the purposes we authorize.
Affiliates and Partners: If GG XYZ is part of a group of companies, we may share information with our affiliates for business and operational purposes, consistent with this Policy. We may also share data with trusted business partners who collaborate with us in providing services (for instance, a partner co-hosting an event or promotion), but only as needed and with appropriate protections in place.
Legal Requirements: We may disclose your data if required to do so by law or in response to valid requests by public authorities. This includes sharing information when necessary to comply with laws and regulations, respond to a court order or subpoena, or meet law enforcement or national security requests.
Protection of Rights: If necessary, we will share information to enforce our terms, protect our operations or users, or investigate and prevent fraud or security issues. For example, we may exchange information with other companies and organizations for fraud protection and credit risk reduction.
Business Transfers: In the event of a merger, acquisition, reorganization, or sale of some or all of our assets, personal data may be transferred as part of that transaction. We will ensure that any acquiring entity is bound to respect your personal data in a manner consistent with this Privacy Policy. If such a transfer occurs, you will be notified and we will outline your choices regarding your personal information.

Data Security

We take reasonable security measures to protect your personal data from unauthorized access, use, alteration, or disclosure. These measures include administrative, technical, and physical safeguards appropriate to the sensitivity of the data. For example, we implement access controls to limit who can view your information, use encryption and secure protocols to protect data transmission, and regularly monitor our systems for vulnerabilities. We also encourage you to choose a strong password and keep your login credentials confidential. While we strive to protect your information, please note that no method of transmission over the internet or electronic storage is completely secure. Therefore, we cannot guarantee absolute security of your data, but we continuously update and improve our security practices in line with industry standards.

Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, or to comply with legal, accounting, or regulatory requirements. In practice, this means:

Operational Retention: We keep your data while your account is active or as long as needed to provide you with our services. For example, information associated with your account will be kept until you delete your account or request deletion, or after a period of inactivity as defined by our retention policies.
Legal Retention: We may retain certain information for longer periods if required by law (for instance, to comply with finance or tax regulations), or if necessary to resolve disputes or enforce our agreements.
Deletion and Anonymization: When personal data is no longer needed for the purposes for which it was collected, we will either delete it in a secure manner or anonymize it so it can no longer be associated with you. If deletion is requested or required, we will also instruct third parties holding that data (such as service providers) to delete it, provided no lawful reason for retention remains.

Blockchain Data: Please note that any personal data recorded on a blockchain may not be erasable due to the blockchain’s immutable design. If personal information (such as a username or public address linked to you) is stored on a public blockchain, it effectively cannot be altered or removed. In such cases, we will take steps to protect your privacy, such as minimizing the personal data written to the blockchain or using encryption techniques to render the data indecipherable without specific keys. Once data is on the blockchain, it may remain there indefinitely as part of the ledger’s history. This is an important aspect of using blockchain-based services on our platform.

Your Rights and Choices

You have rights regarding your personal data, and we are committed to honoring them. These rights may vary depending on your jurisdiction (for example, EU residents have additional rights under GDPR), but we extend core privacy rights to all users where feasible. These rights include the ability to access, rectify, or delete your personal data, restrict its processing, and object to certain uses of your data. In particular:

Access and Correction: You have the right to request a copy of the personal data we hold about you and to correct any inaccuracies. If any of your information is outdated or incorrect, please let us know so we can update it.
Deletion (Right to be Forgotten): You may request that we delete your personal data. When you make such a request, we will erase your information from our non-blockchain systems, provided we do not have a legal obligation to retain it. Please note: as explained in the Blockchain Immutability section, data stored on a blockchain cannot be deleted or changed, and thus we may not be able to completely erase information that has been recorded on a public blockchain ledger. We will, however, delete any link or reference to that data in our systems and do everything reasonably possible to honor your request.
Withdrawal of Consent: Where we rely on your consent to process personal data (such as for receiving marketing emails), you have the right to withdraw that consent at any time. Withdrawing consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, and it may be done by contacting us or using available tools (like an “unsubscribe” link in emails).
Objection and Restriction: You have the right to object to certain processing of your data or ask us to limit processing. For example, you can object to processing done for direct marketing, or request restriction of processing if you contest the accuracy of your data or if you need the data for a legal claim. We will evaluate and comply with such requests in accordance with applicable laws.
Data Portability: For data that you provided to us and which we process by automated means on the basis of consent or contract, you have the right to request a common electronic copy of such data, or ask us to transfer it to another service provider where technically feasible.
Complaint: If you believe your privacy rights have been violated, you have the right to lodge a complaint. EU residents can contact their local Data Protection Authority; Singapore users can reach out to the Personal Data Protection Commission (PDPC). We encourage you to contact us first, and we will do our best to address your concerns.

To exercise any of these rights, please contact us (see the “Contact Us” section below). We may need to verify your identity before fulfilling certain requests (to protect your privacy and security). We will respond to your request within a reasonable timeframe and in accordance with applicable law. There is no fee for making a request, but repeated or excessive requests may incur a reasonable fee as permitted by law.

Children’s Privacy (Age Restrictions)

Our services are not intended for children or anyone under the age of 13 (or the equivalent minimum age in the relevant jurisdiction). We do not knowingly collect personal data from individuals under this age without verifiable parental consent. If you are a minor above the minimum age, you should use our services only with the involvement and consent of a parent or guardian. If we discover that we have unintentionally collected personal information from a child without proper consent, we will take prompt steps to delete that information from our records. If you believe a child under the minimum age has provided us with personal data, please contact us immediately so we can investigate and address the issue.

Compliance with PDPA and GDPR

We are based in Singapore and manage personal data in accordance with the PDPA and other applicable Singapore laws. At the same time, we recognize and comply with the GDPR for users in the European Union, as well as applicable data protection laws in other jurisdictions where we operate. Our data protection practices incorporate principles and requirements from these laws, ensuring that we:

Obtain consent or have a lawful basis for processing personal data as required. (For instance, we seek your consent for marketing communications, and rely on contract necessity or legitimate interests for providing the core services.)
Collect and use personal data only for reasonable purposes notified to you, and only as much data as is necessary for those purposes (this reflects both PDPA’s purpose limitation obligation and GDPR’s data minimization principle).
Implement appropriate privacy safeguards and security measures (aligned with PDPA’s protection obligation and GDPR’s integrity and confidentiality principle) to protect personal data from unauthorized access or misuse.
Honor your rights regarding your personal data, as detailed in the previous section, in line with PDPA’s access and correction obligations and GDPR’s data subject rights.
When transferring personal data across borders (for example, if we store data on servers outside of your country), we ensure the transfer is compliant with legal requirements. This means that if your data is moved out of Singapore, we abide by PDPA’s Transfer Limitation conditions (ensuring the recipient is bound by standards comparable to PDPA), and if data is transferred out of the EU, we rely on appropriate safeguards such as Standard Contractual Clauses or transferring to countries with an adequacy decision under GDPR.
Maintain openness about our personal data practices by providing this Privacy Policy and updating it as needed (reflecting PDPA’s openness obligation and GDPR’s transparency requirements). We also designate a Data Protection Officer to oversee our compliance with these laws and to handle any questions or concerns.

By adhering to these and other applicable requirements, we ensure that our handling of your personal data meets the high standards of both Singapore and international data protection laws. If you have any questions about our legal compliance or need further information about how we manage your personal data under PDPA, GDPR, or other laws, please reach out to us.

Changes to This Privacy Policy

We may update or revise this Privacy Policy from time to time to reflect changes in our practices or relevant laws. When we make changes, we will post the updated Policy with a new effective date and, if the changes are significant, we may provide a more prominent notice (such as on our homepage or via email notification). Effective Date: This Policy is effective as of the date at the top of this document. We encourage you to review this Policy periodically to stay informed about how we are protecting your information. Your continued use of GG XYZ after any changes to this Policy constitutes acceptance of those changes.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us. We have appointed a Data Protection Officer (DPO) who is responsible for overseeing our privacy compliance and handling data protection inquiries. You can reach out to our DPO at:

Email: privacy@gg.xyz (Attn: Data Protection Officer)

Address: DPO, GG XYZ, 10 ANSON ROAD #33-10C INTERNATIONAL PLAZA SINGAPORE (079903),

We will do our best to respond promptly to your inquiries and resolve any issues. Your privacy is important to us, and we welcome your feedback.

SWAP TOKENS

Sell

$0.00

Buy

$0.00