Jogos Privacy Policy

Last Updated: 2026-1

1. Who We Are

We are Jogos. We provide a browser-based gaming platform (the "Platform") and the Jogos mobile application (the "APP"), which includes Android installation packages and iOS applications (available through channels such as Google Play, App Store, and the Jogos official website). You can access our games and related services with or without an account (the "Account"). The Platform (including web and APP) operates globally. The web version is provided via Jogos websites (the specific URL depends on your region, as shown in your browser's address bar, the "Website").

Jogos Legal Information ("Jogos", "we", "us"):

• JOGOS LIMITED
• Registration Number 79289049 - 000- 11 - 25 - 8
• Room 5, 11th Floor, Lai Mei Centre, 50 Hoi Yuen Road, Kwun Tong, Hong Kong

We understand the trust you place in us and take the responsibility of protecting your privacy seriously. This Privacy Policy (the "Policy") details how we collect, process, disclose, retain, and protect your personal data. Please read it carefully to understand your rights and our obligations regarding your information. This Platform is intended for visitors and users who are at least thirteen (13) years old (or the minimum age in your country/region). If you are under thirteen (13) (or the local minimum age), please do not use this Platform. We do not knowingly collect or solicit personal information from children under thirteen (13) (or the local minimum age) through the Platform. We have not launched a website specifically targeted at children under the applicable minimum age, nor have we established a separate children's website privacy policy. For information about our business terms, please also read our Terms of Service.

2. What is Personal Data?

Personal data is any information that can identify you. For example, your name or email address, but it also includes data from the games you play (provided this data can be linked to your Platform Account). For mobile APP usage scenarios, personal data also encompasses: iOS Advertising Identifier (IDFA), device identifier (IDFV); Android's anonymous device identifier (OAID), Android ID, IMEI (only with user authorization and in legally necessary scenarios); mobile network-related information (e.g., phone number user voluntarily provides, SIM card information, base station location, carrier information); device operation data generated during APP use (e.g., touch behavior, background running state, launch/exit times); information collected after system permission authorization (e.g., photo album content, camera-captured content, real-time location information, microphone recordings, etc.). Jogos strongly recommends that you do not use your real name or share other personal data in any game provided on the Platform (including but not limited to multiplayer game scenarios).

3. From Whom Do We Collect Personal Data?

To operate the Platform, we may collect data from visitors and users of the Platform and Website, web game developers, individuals who provide contact details, and those who contact us via email or other means. As mentioned in section 1.3, we do collect personal data from children who are at least thirteen (13) years old (or the local minimum age).

4. What Personal Data Does Jogos Process and Why?

Jogos may collect the following personal data from you: To evaluate your job application Data Processed: Email address, name, age, gender, resume Basis: Necessary for the performance of a contract or to take steps at your request prior to entering into a contract

To register and verify your Platform account Data Processed: Email address, name, age, gender, external account, username, and password Basis: Your prior explicit, free, specific, and informed consent

To personalize your gaming experience (Account) Data Processed: Username, device and connection data, selected interests, gaming behavior, and feedback Basis: Your prior explicit, free, specific, and informed consent

To respond to your inquiries or complaints, or assist in resolving technical issues Data Processed: Name, email address, and other information you provide Basis: Necessary for the purposes of our legitimate interests (specifically to improve Platform quality)

To inform you about new Platform features Data Processed: Username and email address Basis: Necessary for the purposes of our legitimate interests (specifically to communicate Platform-related information)

To analyze Platform and game visitor statistics to improve the Platform, games, and user experience Data Processed: Visitor behavior data (usage and device data) and in-game statistics Basis: Necessary for the purposes of our legitimate interests (specifically collecting usage and performance statistics for the Platform and games)

To fulfill legal obligations Data Processed: Data required by applicable laws Basis: Necessary for compliance with a legal obligation

To prevent, detect, and combat fraud and other illegal or unauthorized activities Data Processed: Data required for detecting fraud and illegal activities, mobile device risk control data (e.g., jailbreak/ROOT status, device fingerprint, IP-device binding relationship) Basis: Necessary for the purposes of our legitimate interests (specifically preventing fraud and other illegal activities)

Jogos Marketing (e.g., newsletters) Data Processed: Username and email address Basis: Your prior explicit, free, specific, and informed consent

To enable advertising on the Platform Data Processed: Data collected via cookies, web beacons, or similar technologies (e.g., IP address, user ID, browser type, and operating system); for mobile APP scenarios: IDFA (iOS, only after user authorizes ATT tracking)/OAID (Android, for advertising purposes), device model, OS version, ad click behavior, APP page view trajectory. Basis: Your prior explicit, free, specific, and informed consent when you accept the Privacy & Cookie Policy and confirm your advertising preferences (iOS requires separate tracking authorization via the ATT framework). You can withdraw this consent at any time. For more information, refer to "Managing Advertising Preferences" and the Cookie Policy.

To fulfill obligations to game developers Data Processed: Email, Tax Identification Number, bank account information, PayPal account, preferred payment method Basis: Necessary for the performance of a contract

To support in-game purchases Data Processed: Data related to in-game purchases; mobile in-game purchase-related data (e.g., order identifier returned by payment SDK, payment channel <Apple Pay/Google Pay/Third-party payment>) Note: Jogos does not collect specific payment data when you make in-game purchases. Payment is handled by third-party payment service providers. We store your in-game purchase records and link them to your Account. Basis: Necessary for the performance of a contract

For mobile APP basic operation and experience optimization Data Processed: Device model, OS version, Android ID/IDFV (non-advertising purposes), network type (Wi-Fi/mobile data), screen resolution, APP crash logs, launch/exit times, background running state, storage permission (only for caching game resources), device language/timezone Basis: Necessary for the purposes of our legitimate interests (ensuring APP normal operation, quickly troubleshooting issues, and optimizing mobile gaming experience)

For mobile personalized push notifications Data Processed: Device notification permission, username, gaming behavior data, push identifiers (e.g., FCM/APNs tokens) Basis: Your prior explicit, free, specific, and informed consent

For mobile ad display and performance analysis (APP side) Data Processed: IDFA (iOS, only after user authorizes ATT tracking)/OAID (Android, for advertising purposes), device model, OS version, ad click behavior, APP page view trajectory Basis: Your prior explicit, free, specific, and informed consent (iOS requires separate tracking authorization via the ATT framework)

Account Registration

By registering an Account, you explicitly consent to us collecting your password, email address, user agent, and IP address. We also support login via third-party providers. If you use social media (e.g., Facebook, Apple, or Google account) to log into the Platform, you authorize that third-party service to share your user information with us (which may include name, profile picture, email, date of birth, and location). We will use this information to create an Account for you.

• Using Facebook Login as an example: Since our Platform uses email addresses as user accounts, when you grant the 'email' permission, the system reads the associated email to simplify the registration/login process, use it as an account identifier, receive important notifications, and provide personalized service reminders; after granting the 'public_profile' permission, we can obtain your Facebook public profile information such as name and profile picture, which is displayed in scenarios like social interactions and event participation on the Platform to enhance social authenticity and community trustworthiness. This information is only used to improve your experience, and we strictly guard against information leaks and misuse. Furthermore, these third-party services may use information about your visit to the Platform on their pages. If you browse these pages while logged into your Account, the information they collect may be linked to your account on their website. Please refer to their privacy policies for how these third-party services use information.

Advertising

Jogos displays advertisements from multiple advertising companies on the Platform (including personalized or non-personalized contextual ads). To show you personalized ads (only when you authorize via the Consent Management Platform "CMP"), we share specific data with third-party advertisers and ad networks (e.g., IP address, advertising identifiers, and information you authorized for personalized advertising). We also use this information to measure ad effectiveness. Upon your first visit to the Website, you can customize your advertising tracking preferences or completely reject personalized ads via the CMP. You can modify your advertising preferences at any time via the "Preferences" in the Website menu. If you choose not to receive personalized ads at all, we will still show ads, but they may be based on content rather than user interests.

User Profiling

Jogos may analyze the gameplay data from the web games you play. Based on your gameplay data, Jogos may recommend games that interest you. However, unless we have a lawful basis (e.g., compelling legitimate grounds to continue processing or to establish a legal defense, and we have notified you), we will not rely solely on automated decision-making that produces significant effects concerning you. Please note that if you are located in the European Economic Area (EEA) or the United Kingdom (UK), you have the right to object at any time to the processing of your personal data for direct marketing purposes (including profiling related to such marketing).

5. Third-Party Advertising and Cookie Statement

Our website uses Google AdSense and related advertising services. Google and its partners may use cookies or other technologies to show you personalized ads based on your past visits. These technologies may collect the following information:

• Your IP address, browser type, language settings, date and time of visit;
• The web pages you visit, your interactions, and ad click history;
• Device information (e.g., device model, operating system, screen resolution, etc.).

We use this information for purposes including:

• Providing and improving our advertising services;
• Analyzing ad effectiveness and optimizing user experience;
• Complying with Google advertising policies and applicable privacy regulations. You can visit the Google Ads & Content Network Privacy Policy to learn more about how Google uses cookies.

In mobile APP scenarios, we use mobile ad SDKs such as Google AdMob, Apple Ads, and third-party ad networks; unlike web cookies, mobile ad data collection relies on device identifiers (e.g., IDFA/OAID) and APP behavior data, not cookies. iOS follows the ATT (App Tracking Transparency) framework and only collects IDFA for ad tracking after your explicit authorization. Android uses OAID (Anonymous Device Identifier) to replace sensitive identifiers like IMEI, solely for ad delivery and performance analysis, and you can reset it at any time.

6. Managing Cookies and Advertising Choices

You can manage or reject advertising cookies in the following ways:

1. Browser Settings Most browsers allow you to reject or delete cookies. You can manage your cookie preferences in the browser's "Privacy" or "Security" options.
2. Google Ads Settings You can visit Google Ads Settings to manage or turn off personalized ads.
3. Industry Opt-Out Mechanisms You can also opt out of personalized ads via About Ads Choices or Your Online Choices. Note: If you disable advertising cookies, you may still see ads, but the ad content may no longer be related to your interests.

The mobile APP does not use cookie technology. Related data storage uses local caching and sandbox storage within the APP. You can clear cached data via "Settings > Storage Management" in the APP. Mobile ad preference and permission management methods are as follows:

• iOS System: Turn off APP tracking permission via "Settings > Privacy > Tracking"; turn off push notifications via "Settings > Notifications > Jogos"; reset Ad ID or turn off ad personalization via "Settings > Privacy > Advertising".
• Android System: Manage system-level permissions (e.g., storage, location) via "Settings > Apps > Jogos > Permissions"; turn on "Opt out of Ads Personalization" or reset Ad ID via "Settings > Privacy > Advertising".
• In-APP Settings: The "Privacy Settings" entry supports turning off personalized ads, adjusting push frequency, and managing device data collection permissions.

For users aged 13-16 during the authorization process, non-core permission authorization options such as "Advertising Tracking" and "Location Information (non-essential scenarios)" are automatically hidden. Only basic permissions like storage, network, and notifications are displayed. Teenage users can withdraw granted non-core permissions at any time via the "Privacy Center > Teenage Permission Management" in the APP, and withdrawal does not affect basic game operation.

7. User Consent and Cookie Management (GDPR / CPRA)

If you are located in the EU, UK, or California (USA), we will seek your permission via a cookie consent pop-up on your first visit. This mechanism includes:

• **Distinguishing between Essential Cookies and Advertising/Analytics Cookies;
• **Obtaining your explicit consent before loading advertising or analytics scripts (e.g., Google AdSense or Analytics);
• **Providing options to "Accept / Reject / Manage Preferences";
• **Saving your consent state (via localStorage, a cookie, or backend record) to maintain settings on future visits. Users can readjust or withdraw consent at any time via the "Cookie Settings" entry at the bottom of the website.

Upon the first launch of the mobile APP, system-level and APP-level authorization pop-ups will distinguish between necessary permissions (e.g., storage, ensuring basic game operation) and non-necessary permissions (e.g., location, camera, advertising tracking), clearly stating the purpose of each permission and data processing methods. Compliant with GDPR/CPRA requirements, iOS will separately pop up an ATT framework authorization request for ad tracking permission, and Android will display an OAID collection authorization prompt following Google Play privacy policy requirements. You can withdraw granted authorizations at any time via APP settings or system settings, and withdrawal will not affect basic APP functionality usage.

Upon first APP launch, the user's age signal is obtained via the Google Play Age Signals API (the only legitimate age determination entry). Collecting birthdays, inferring age via SDKs, or using third-party data for age identification is prohibited.

• If the age signal identifies the user as 13-16 (teenager):
  • Data selling/sharing is turned OFF by default (Default OFF). A separate "Teenager Data Sharing Authorization" pop-up appears, requiring the user to actively check "Consent to data selling/sharing" (separate checkbox, cannot be bundled with other permissions) to enable this function.
  • The pop-up clearly states: "Your personal information has been classified as sensitive personal information and is only used for core game operation. Non-essential purposes (e.g., personalized advertising) require your separate authorization", and provides a "View Sensitive Data Processing List" link.
• If the age signal identifies the user as 16+, the standard user authorization process is followed, but a one-click "Opt-out of data selling/sharing" entry must still be provided.

8. Do We Share Your Personal Data with Others?

Yes. We may share your personal data with other companies. These companies assist Jogos in performing Platform-related tasks. For example, we may disclose your personal data to IT and payment service vendors, external consultants, and other subcontractors of Jogos (who provide services for the Website and Platform).

Users: We provide features to view other users' profiles, send friend requests, and game invitations. By default, your profile is open to other users (i.e., other users can send friend requests), but only accepted friends can view your profile (including profile name, avatar and background, games played, likes, and activity). You can customize these options in "Privacy Preference Settings".

Advertising: Additionally, we may share collected information (e.g., hashed email, IP address, or browser/OS information) with identity partners/service providers. These partners return online identifiers, which we may store in first-party cookies for advertising and may share with advertising companies to enable interest-based personalized advertising (i.e., showing you ads for products you might be interested in). Jogos' advertising partners include: Google Ad Exchange - Privacy Policy Link

ID Providers: ID providers manage and distribute unique identifiers associated with users (used for tracking user behavior and preferences across platforms). Given the changing privacy environment, ID providers are adapting by using anonymous/aggregated data, strengthening data protection measures (e.g., encryption), and giving users more control over their data. Our ID providers include:

• The Trade Desk: Uses encrypted EUID. When creating an encrypted EUID, Trade Desk and Jogos act as joint controllers sharing responsibility. You can directly opt out and get more information about EUID via https://transparentadvertising.eu.
• Amazon Publisher Services: Publisher Audiences. You can opt out via https://youradchoices.com/. Accepting the Privacy Policy and consenting to these ID providers in the CMP means you authorize the sharing of these identifiers for advertising purposes.

Game Developers: Platform games may be provided by us or external developers. If necessary to fulfill contractual obligations to developers, Jogos may share specific personal data with them. We may also share personal information (e.g., email) necessary to facilitate in-game purchases. When sharing usage data of their games with developers, Jogos always anonymizes it. Additionally, if you provide game feedback, we may share it with that game's developer.

Payment Providers: In-game purchase transactions are processed by external payment providers and are subject to their privacy policies.

International Data Transfers: Jogos may share your personal data outside the European Economic Area. In such cases, Jogos will always take appropriate measures to protect your data and privacy (including implementing the European Commission's Standard Contractual Clauses ("Model Clauses") or the UK International Data Transfer Addendum). For more details on international data transfers and protective measures, please contact us via [email protected] or the contact form.

Mobile SDK Service Providers: Sharing device push tokens with push SDKs (FCM/APNs); sharing authorized advertising identifiers (IDFA/OAID) with ad SDKs (AdMob, etc.); sharing APP usage behavior data with analytics SDKs (e.g., Firebase Analytics); sharing order identifiers with payment SDKs (Apple Pay/Google Pay). We require all SDK service providers to comply with applicable privacy regulations and process data only for agreed purposes. Mobile App Distribution Platforms: Sharing non-sensitive data such as APP crash reports, download counts with Google Play and App Store, not involving your personal identification information. When sharing mobile device data with third parties: Hash OAID/IDFA to ensure data anonymization, and share only within the scope of your authorization.

In third-party SDK authorization pop-ups, each SDK's processing restrictions for teenage data are clearly marked: "For users aged 13-16, the SDK may only collect basic device information for troubleshooting; collecting advertising identifiers and behavioral data for cross-app tracking is prohibited." We sign supplementary agreements with SDK service providers requiring them to receive the age signal from the Age Signals API and strictly limit data collection based on the corresponding age group. If an SDK improperly collects teenage data, the Platform bears primary responsibility. The pop-up provides a "View SDK Permission List by Age Group" feature, allowing users to view the corresponding authorizable SDK list based on their own age.

9. How Long Do We Retain Your Personal Data?

Jogos will retain your data only for as long as strictly necessary to fulfill the purposes stated below. For your Account and associated personal data, we will retain it until you request deletion. You can delete your Account at any time via your account settings. Note: Deleting your Account is permanent, and you will no longer have access to any purchased content associated with that Account. After prolonged inactivity, Jogos may delete or archive personal data. If we hold your email, we will notify you in advance of such deletion or archiving. We may extend the data retention period if required to comply with specific laws/regulations, prevent fraud or abuse incidents, or if involved in legal claims/disputes.

Sensitive personal information (e.g., device ID, behavioral data) for teenage users aged 13-16 is retained for no more than 6 months, after which it is automatically anonymized and cannot be used for user profiling analysis.

Residual Data Processing After Account Deletion: After account deletion, core data on the server is deleted immediately. Residual data stored with CDN or third-party service providers (e.g., historical avatar caches, game screenshot backups) will be notified for deletion within 30 days after deletion. You can request a residual data deletion verification report via [email protected].

10. Can Jogos Ensure the Security of Your Data?

Yes. Providing a secure environment for your personal data is paramount to us. We are committed to doing everything reasonably possible to protect personal data security and implement appropriate security measures. Within Jogos, only personnel necessary for their work can access personal data. When using external providers ("processors") to assist in processing personal data, we ensure they process your personal data in a secure and confidential manner, always under contract. Processors may not use your personal data on their own initiative and must delete the data immediately upon completing Jogos's assignment. If you have questions about security measures, please contact us via [email protected] or the contact form.

Mobile APP-related security measures:

• Local Data Encryption: Personal data stored within the APP, such as account information and game records, is protected using AES encryption algorithms. Biometric authentication (fingerprint/Face ID) is only used for local login verification, and related verification information is not transmitted to the server.
• Transmission Security: All communication between the APP and servers uses HTTPS/TLS encryption to prevent data interception or tampering during transmission.
• Permission Minimization: Permissions are only obtained when authorized by you and are functionally necessary (e.g., storage permission only for caching game resources, camera permission only for actively uploading avatars). Corresponding data is not collected without authorization.
• Mobile Risk Prevention: Detects device jailbreak/ROOT status to prevent malicious programs from stealing local data; regularly updates APP security patches to fix known vulnerabilities.

Data Breach Notification Mechanism: In case of a data breach, we will notify you within 72 hours of discovery via registered email, APP push notification (priority), or SMS. The notification includes the type of data breached, potential risks, response measures, and our remedial actions (e.g., identity protection services, password reset instructions). If technical constraints prevent notification within 72 hours, a supplementary explanation for the delay will be provided after the incident is resolved.

11. You Control Your Data

You are always the master of your personal data. Therefore, you have the following rights:

• Access: To know what personal data of yours Jogos holds;
• Rectification: To notify us to correct inaccurate information (e.g., misspelled name or changed email). You can edit your Account's email address, location, and username;
• Erasure (Right to Deletion): To request Jogos to stop retaining your personal data. You can also withdraw granted consent at any time. If Jogos has no lawful reason to retain the data, we will delete it;
• Restriction of Processing: In certain circumstances, to request restriction of processing of your personal data (i.e., we may not process it further temporarily);
• Object to Marketing: To request to no longer receive marketing information (e.g., newsletters). You can unsubscribe via the link at the bottom of each newsletter;
• Object to Personalized Advertising: To request Jogos to stop processing data when serving personalized ads. You can manage this yourself via the CMP (see "Managing Advertising Preferences"). Note: Jogos generates revenue by allowing businesses to place ads on the Platform to provide the Platform services for free, therefore the Platform cannot be used completely ad-free;
• Object to Personalized Game Recommendations: You can one-click turn off personalized game recommendations via "In-APP Settings > Privacy Center > Personalized Recommendations > Turn Off". After turning off, a general list of popular games will be shown, not affecting other core functionalities;
• Data Portability: In certain circumstances, to request Jogos to provide a copy of your personal data for transfer to another company;
• Lodge a Complaint: To complain to Jogos at any time regarding personal data processing issues. You also have the right to complain to a data protection supervisory authority;
• Object to Automated Decision-Making: If you believe automated decision-making significantly affects your rights, interests, or legal status, you can request not to be subject to a decision based solely on automated processing;
• Withdraw Consent: If Jogos processes personal data based on your consent, you have the right to withdraw that consent at any time.

Mobile-specific data management rights and exercise methods:

• Access/Delete personal data generated on mobile: View device identifier records, APP usage behavior data, push records via "Me > Privacy Center" in the APP, and apply for deletion of related data.
• Withdraw mobile permission authorization: Withdraw authorization for notifications, ad tracking, storage, and other permissions via iOS/Android system settings (e.g., "Settings > Apps > Jogos > Permissions") or the "Privacy Settings" within the APP.
• Mobile Data Export: Supports exporting game records and account information from the APP to a portable format (e.g., CSV file), suitable for mobile sharing/transfer needs.
• Delete Account: The "Account Deletion" entry in APP settings; after deletion, locally cached personal data is automatically cleared, and relevant SDK service providers are notified to stop data collection.

Technically, automatically respond to GPC (Global Privacy Control) signals. If a user's device has GPC enabled, regardless of age group, it is automatically treated as refusing data selling/sharing, requiring no additional action.

Please exercise the above rights via [email protected] or the contact form. We will respond to all requests as soon as possible. If complexity or the volume of requests causes the response to take longer than a month, we will inform you promptly and keep you updated on progress. Additionally, before responding to a request, we may ask for more information to verify your identity.

12. Managing Advertising Preferences

Upon your first visit to the Website, you will select to accept, reject, or set up advertising services according to your preferences via the Consent Management Platform ("CMP"). You can access the CMP at any time via the "Preferences" in the Platform menu. Furthermore, you can manage cookies at the browser level by adjusting settings. Modern browsers allow blocking cookies or accepting cookies only from specific websites. You can set your browser to refuse all cookies or to prompt you when a cookie is being sent. However, refusing cookies may result in the inability to use some features of the Platform. More cookie information is available at http://www.allaboutcookies.org. Note: Restricting third-party cookies via the browser does not prevent first-party cookies from being set in this way. To learn about behavioral advertising or opt out of personalized advertising from Network Advertising Initiative (NAI) member companies, visit http://www.networkadvertising.org. Many companies also participate in self-regulatory programs for online behavioral advertising. You can learn about and opt out of their personalized advertising via http://www.aboutads.info/choices. Some ad networks require us to list their opt-out links separately. When opting out of a network, you may receive an "opt-out" cookie so the network does not assign new cookies in the future. You will still receive ads from that network, but not behaviorally targeted ads. You will need to repeat this process if you clear your browser cookies. Remember: If you opt out of behavioral advertising, you will still receive ads on the free, ad-supported Platform (but not behaviorally targeted ads). Even after opting out of Jogos' advertising practices, you may still receive contextual advertising based on interests from other companies.

Mobile ad preference management methods:

• iOS:
  • Turn off ad tracking: Settings > Privacy > Tracking > Turn off "Allow Apps to Request to Track";
  • Reset Advertising Identifier: Settings > Privacy > Advertising > Reset Advertising Identifier;
• Android:
  • Turn off ad personalization: Settings > Privacy > Advertising > Turn on "Opt out of Ads Personalization";
  • Reset Advertising ID: Settings > Privacy > Advertising > Reset Advertising ID;
• In-APP: The "Advertising Settings" entry allows you to turn off personalized ads and adjust the frequency of non-personalized ad display.

13. Children's Privacy

Jogos is committed to providing a safe environment for children. This Platform targets users over 13 and does not actively serve children under 13. If identified as under 13 via the Age Signals API, account registration will be restricted. Limited functionality is only allowed after a parent provides "verifiable consent" (e.g., via SMS verification). Special permission controls for teenagers aged 13-16: Personalized advertising and cross-platform tracking functions are automatically disabled; only non-personalized ads are shown; in-app purchases trigger a secondary confirmation (optionally notifying a parent's linked email). Parents can monitor minors' accounts via:

• Binding a parent email: In "In-APP Settings > Family Management > Bind Parent Email", parents can receive notifications about minors' purchases and account logins.
• Integrating system-level parental controls: Supports Google Play Family Link (Android) and iOS Screen Time (iOS). Parents can restrict playtime, disable in-app purchases, and view game records via corresponding system functions.

When creating an account via a Google or Facebook account, they have verified your age. If underage, Google will seek your parent's consent (policy details: https://families.google.com/familylink/privacy/child-policy). Facebook's current Terms of Service do not allow children under the minimum age to create accounts. If creating an account using email, Jogos will ask you to confirm you are at least thirteen (13) years old.

14. Third-Party SDKs and External Links Explanation

14.1 Detailed List of Third-Party SDKs

To implement core Platform functionalities (like login, payment, advertising, analytics), we have integrated the following third-party SDKs. All SDKs follow the "minimum necessary" principle for data collection and only initiate data collection after your authorization:

SDK Name	Company	Information Collected	Purpose	Privacy Policy Link
Apple ID Login SDK	Apple Inc.	Apple account associated email, device identifier (IDFV), login status	Simplify account registration/login process, ensure login security	https://www.apple.com/legal/privacy/en-ww/
Facebook Login SDK	Meta Platforms	Facebook public profile (name, avatar), associated email, login status	Third-party account quick login, optimize social interaction experience	https://www.meta.com/privacy/policy/
Google Sign-In SDK	Google LLC	Google account associated email, public profile (name, avatar), device identifier (GAID), login status	Third-party account quick login, sync game preferences within Google ecosystem	https://policies.google.com/privacy
Google AdMob SDK	Google LLC	Device identifier (IDFA/GAID), in-APP behavior data (ad clicks, page views), network type	Mobile ad delivery and performance analytics	https://policies.google.com/privacy
Firebase Analytics SDK	Google LLC	Device model, OS version, APP crash logs, launch/exit times, gaming behavior data (excluding personally identifiable information)	Product experience optimization, troubleshooting, analyzing core feature usage	https://policies.google.com/privacy
Apple Pay SDK	Apple Inc.	Order identifier, payment status (excluding sensitive payment data like card numbers, passwords)	Secure mobile payment settlement	https://www.apple.com/legal/privacy/en-ww/
Google Pay SDK	Google LLC	Order identifier, payment status (excluding sensitive payment data like card numbers, passwords)	Secure mobile payment settlement	https://policies.google.com/privacy
Xsolla Payment SDK	Xsolla Inc.	Order identifier, payment channel selection, payment status (excluding sensitive payment data), basic device info (for risk control)	In-game payment settlement for mobile and web, ensuring payment security and transaction compliance	https://xsolla.com/privacy-policy

We sign data processing agreements with all SDK service providers, requiring them to process data strictly for agreed purposes and not to collect or share information beyond the authorized scope. You can view SDK activation status via "In-APP Settings > Privacy Center > SDK Management". Some non-core function SDKs (e.g., advertising, analytics) can be manually turned off (turning off does not affect basic game operation).

14.2 Links to Other Websites

The Platform or developer games may contain links to external websites not operated by us (e.g., game developer official websites, third-party event pages). Clicking such links will redirect you to other companies' websites. You should review the privacy policy of each website you visit via such links. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party websites or services.

15. User-Generated Content (UGC) Privacy Rules

UGC content you publish on the Platform (including web and APP), including but not limited to in-game chat logs, player activity, community-shared content, avatar/nickname settings, game screenshot/video uploads, etc., is subject to the following privacy rules:

1. Data Retention: Temporary UGC like chat logs and activity content is retained for 12 months (from the date of publication), after which it is automatically anonymized (removing personal identification information, retaining only the content itself for product optimization). Account-associated UGC like avatars and nicknames are retained for the duration of the Account's existence and deleted immediately upon account deletion.
2. Review and Use: We conduct compliance reviews on UGC (e.g., filtering inappropriate content). Without your explicit consent, UGC will not be used for marketing/promotion or shared with third parties. Anonymized UGC (with personal identification information stripped) may be used for internal scenarios like Platform function optimization and game experience improvement.
3. User Control: You can manage UGC by:
   • Editing/deleting your own UGC (e.g., chat logs, activity, uploaded screenshots);
   • Restricting UGC visibility in "Privacy Preference Settings" (e.g., visible only to friends, visible only to yourself);
   • Requesting deletion of anonymized UGC that can still be linked to you (by submitting a request via [email protected]).
4. Risk Warning: Please avoid including sensitive personal information like real names, phone numbers, or addresses in UGC. Privacy risks resulting from your voluntary disclosure of information are your own responsibility.

16. Cross-Border Data Transfer Compliance Statement

As this Platform operates globally, to serve players and developers worldwide and achieve global business coverage and data management, some data may, in compliance with laws and regulations, be transferred cross-border to our servers or partners located in other countries/regions for processing and storage. We strictly adhere to international data transfer laws and regulations, including but not limited to the EU's General Data Protection Regulation (GDPR), the US California Consumer Privacy Act (CCPA), and data protection and privacy regulations in other countries and regions. During cross-border data transfers, we take necessary technical and administrative measures to ensure the legality, security, and compliance of data transfers, safeguarding the rights and interests of data subjects.

Mobile APP integrated SDK service providers may be located in different countries/regions. We sign the EU Commission's Standard Contractual Clauses (SCC) with such service providers to ensure cross-border data transfers comply with GDPR/CCPA and other regulations. Data stored locally on mobile devices (e.g., game cache, user settings) is only transferred cross-border when you authorize synchronization to the server. Adapted to iOS App Store Privacy Nutrition Labels and Google Play Data Safety section requirements, clearly disclosing mobile data collection types, purposes, and cross-border transfer situations.

For users aged 13-16 in Brazil and other South American countries, a separate notification pop-up appears before cross-border data transfer, stating: "Your sensitive personal information may be transferred to regions such as China. We have ensured data protection levels through the EU Standard Contractual Clauses (SCC)". It provides a "Refuse Cross-Border Transfer" option. Choosing this retains only local game functions and restricts non-core services like cross-region account sync, complying with the LGPD's requirement for "separate consent" for teenage data cross-border transfer.

Cross-Border Data Transfer Compliance Certification: We have completed SCC filing under GDPR (Filing Number: JOGOS-SCC-202501). Third-party compliance assessment reports can be viewed via https://jogos.com/compliance/scc-report. For the US region, we follow the Privacy Shield framework requirements to ensure compliant data transfers.

17. US Privacy Rights

Residents of certain US states have statutory rights regarding their personal information (non-absolute rights, subject to exceptions). In this section, "personal information" is defined as information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household, pursuant to the California Consumer Privacy Act of 2018 ("CCPA"). Residents of these states have rights including access, confirmation, correction, obtaining a copy, deletion, and opting out of the sale/sharing of personal information, and the right to object to user profiling for targeted advertising. Depending on circumstances, we may need to obtain consent before collecting sensitive personal information and restrict its use/disclosure. Detailed rights explanations and exercise methods will be provided upon request.

The categories of personal information we collect/process (and may have collected/received in the 12 months preceding a policy update) are the same as in Section 4 of this policy. We use this data for the business purposes listed under "Why Process?" in Section 4. Additionally, Jogos does not collect or process sensitive personal information for inferring user characteristics. Although we generally do not sell personal information, under CCPA and other state laws, certain activities described in Sections 4-5 of this policy may be considered a "sale" or "sharing." If applicable state law deems it a "sale" or "sharing" of personal information, Jogos will comply with relevant legal requirements. Jogos's data retention practices are detailed in Section 6 "How Long Do We Retain Your Personal Data?". Depending on your state of residence, your rights may include:

• Right to Know and Delete: To request deletion of personal information we collected about you and to know information about our data practices over the past 12 months;
• Right to Opt-Out: To request to opt-out of the sale/sharing of your personal information, targeted advertising, and user profiling that produces legal or similarly significant effects. Click here to opt-out: jogos.com;
• Right to Limit Use and Disclosure of Sensitive Personal Information: To request limits on the use and disclosure of your sensitive personal information;
• Right to Obtain Consent: We may need to obtain your consent before processing sensitive personal information;
• Right to Confirm and Obtain a Copy: To request confirmation of whether we are processing your personal information and, where feasible, to obtain a copy of it;
• Right to Correction: To request correction of inaccurate personal information we hold;
• Right Against Discrimination for Exercising Privacy Rights: To not be discriminated against for exercising CCPA rights. We will not discriminate against you for exercising your rights.

Compliant with CCPA/CPRA requirements for mobile APPs, providing a clear "Opt-Out of Selling/Sharing Personal Information" entry within the APP's "Privacy Center". Adapted to iOS App Store Privacy Nutrition Label specifications, fully disclosing mobile data collection, use, sharing, and cross-border transfer situations. Following US state privacy protection requirements for mobile device identifiers (e.g., IDFA), prohibiting unauthorized collection, and clearly informing users of methods to reset/disable identifiers.

Please exercise the above rights via [email protected] or the contact form.

18. Changes to the Privacy Policy

We may revise this Policy from time to time. The "Last Updated" date at the top will be updated upon changes. If you have an Account, we will also notify you via email. You can always access the latest version of the Policy on the Website.

19. More Questions About Data

If you have any questions, concerns regarding this Policy or data processing, or need to report privacy violations, please contact us through the following channels:

1. Online Feedback System: "Me > Help & Feedback > Privacy Complaint" entry within the APP, or the "Contact Us > Privacy Issues" section on the web;
2. Dedicated Email: [email protected] (please indicate "Privacy Complaint/Inquiry + Username" in the email subject);
3. Response Timeline: We will complete the review and provide feedback on processing results within 15 working days of receiving the request. If the issue is complex and requires extended processing, we will inform you in advance and provide the reason for the extension (maximum extension not exceeding 30 working days).

We hope you will contact us first. If your question or complaint is not resolved satisfactorily, you also have the right to lodge a complaint with the data protection supervisory authority in your country/region.

---

Jogos Cookie Policy

1. Who We Are

We are Jogos. We provide a browser-based gaming platform (the "Platform") where you can easily discover and experience a variety of different web games. You can access our Platform with or without an account (the "Account"). The Platform is provided via Jogos's website (as shown in your browser's address bar, the "Website").

2. What are Cookies?

Cookies are small files saved on your computer when you visit a webpage, containing information associated with your web browser and a specific website, stored in a specific folder on your hard drive. If you return to that website, the page can recognize the visitor via the cookie and continue the historical record. A web beacon is a (usually transparent) pixel-sized image placed on a website to monitor user behavior. Cookies are used to enhance visitor-friendliness: By recognizing visitors through cookies, it avoids repeated entry of the same data each visit (e.g., login information or screen settings). This policy explains what cookies are, why they are used, and the cookies we use on our Website. For more on privacy and data protection rights, please see the Privacy Policy.

The mobile APP does not use cookie technology. Related data storage uses alternatives like: NSUserDefaults and sandbox storage on iOS; SharedPreferences and local file storage on Android. Such storage is only used for caching game resources, saving user settings, and recording game progress. Data is accessed only within the APP and is not shared with third parties without your authorization. You can delete non-essential locally stored data via "Settings > Storage Management" within the APP. Account-related core data must be deleted from the server via the account deletion operation.

3. What Types of Cookies Are There?

They are typically divided into two main categories:

• First-Party Cookies: Created by the website to optimize functionality (e.g., language selection or remembering an online shopping cart). Set by the website you are visiting.
• Third-Party Cookies: Created and placed by third parties other than the website you are visiting (e.g., social media or Google Analytics). Used to record user behavior. Technically essential cookies for the normal operation of the Platform do not require permission; other cookies require permission.

4. Why Use Cookies?

Cookies are typically used to enhance visitor-friendliness: avoiding repeated data entry. Similar to commercial websites, Jogos and authorized third-party service providers use technologies like cookies to automatically collect information and store it in log files (based on various legitimate business interests and purposes). With your consent or based on legitimate business purposes, we use cookies, beacons, and similar technologies to support your navigation/use of the Website and access to secure areas, and for statistical analysis, improving Platform usage, and generating aggregated reports. Cookies are essential for us to optimize each Platform visit, providing a better gaming experience or relevant ads you might be interested in. For example, cookies record your choices (e.g., language, newsletter preferences) and help provide relevant services and suggestions.

5. What is the Legal Basis?

On the free, ad-supported Platform, we use these technologies based on legitimate business interests (including providing standard ad controls, determining user response to ads/promotions, and delivering targeted ads we or authorized third parties believe are most relevant to you).

6. Which Cookies Do We Use?

First-Party Cookies: We only use first-party cookies to optimize your Platform user experience and gaming experience (e.g., recording language choice, pages visited, and time spent). Game Distributors: The Platform may offer games from third-party game distributors. When playing, your personal data may be processed by a third party (directly or via technologies like cookies). We will clearly prompt you when clicking such games. Note: Choosing a third-party game means you are playing in that game developer's environment (which we cannot control). Therefore, it is recommended to read that distributor's privacy statement before playing. Jogos's main game partners include: Game Distribution - [Privacy Policy Link] Third-Party Cookies: Third parties may use information collected by cookies/web beacons for online behavioral advertising and/or multi-site advertising. The types of information they collect and their purposes are detailed in their privacy policies (we recommend you review them). Jogos is not responsible for any cookies or web beacons deployed by third parties for any purpose. Third-party cookies that may be used on the Website include: Google Adsense - Privacy Policy LinkGoogle Analytics: The Website also uses third-party cookies like Google Analytics (a free website statistics service from Google that provides detailed insights into traffic sources, visit paths, and pageviews, helping website administrators adjust content based on visitor behavior and interests).

7. How to Manage Cookies?

Upon your first visit to the Website, you will choose to accept, reject, or set up cookies according to your preferences via the Consent Management Platform ("CMP"). You can access the CMP at any time via the "Preferences" button in the top-right corner of the Website (next to the "Login" button) and configure advertising preferences. Furthermore, you can manage cookies at the browser level by adjusting settings. Modern browsers allow blocking cookies or accepting cookies only from specific websites. You can set your browser to refuse all cookies or to prompt you when a cookie is being sent. However, refusing cookies may result in the inability to use some features of the Platform. More information is available at http://www.allaboutcookies.org. Note: Restricting third-party cookies via the browser does not prevent first-party cookies from being set in this way. To learn about behavioral advertising or opt out of personalized advertising from NAI member companies, visit http://www.networkadvertising.org. Many companies also participate in self-regulatory programs for online behavioral advertising. You can learn about and opt out of their personalized advertising via http://www.aboutads.info/choices. Some ad networks require us to list their opt-out links separately. When opting out of a network, you may receive an "opt-out" cookie so the network does not assign new cookies in the future. You will still receive ads from that network, but not behaviorally targeted ads. You will need to repeat this process if you clear your browser cookies. Remember: If you opt out of interest-based advertising, you will still receive ads on the free, ad-supported Platform (but not interest-based ads). Even after opting out of Jogos's practices, you may still receive interest-based ads from other companies.

8. Changes to the Cookie Policy

We may revise this Policy from time to time. The "Last Updated" date at the top will be updated upon changes. If you have an Account, we will also notify you via email. You can always access the latest version of the Policy on the Platform.

9. More Questions About Cookies

If you have any questions or concerns regarding this Policy or the use of cookies, please send an email to [email protected] or use the contact form.