EN

PRIVACY POLICY

Last update: March 03, 2026

PURPOSE OF THIS PRIVACY POLICY

This Privacy Policy (hereinafter, the “Policy”) aims to give you a clear vision and understanding on how your personal data is collected and processed through the use of this Website, including any data that can be provided through this Website in case of input of contact details during the conversation/messaging with our team on the Website or request to know more about our software and possible services.

Policy is committed to safeguarding and protecting your privacy (including data privacy and communication preferences). Thus, it is important to read this Policy together with any other Policy on this Website.

INTRODUCTION

Nuxgen B.V., a company incorporated in Curacao with registration number 153051, and having its registered address at Korporaalweg 10, Willemstad, Curaçao owns the website https://nuxgame.com/ (hereinafter, the “NuxGame”, “we”, “us”, “our”, or “Controller”). Nuxgame is the Controller and is responsible for your data.

NuxGame is the “Controller” in the meaning of the Article 4 7) of the Regulation

EU 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons about the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter the “GDPR”).

In case of any question regarding this Policy, please contact us via email address dpo@nuxgame.com.

By using our Website, you agree to the terms of this Policy. If you do not agree, please discontinue use of this Website.

POLICY UPDATES

We may update this Privacy Policy from time to time. If we make any changes, we will notify you by updating the date at the top of the policy. We encourage you to review the Privacy Policy whenever you access the Site to stay informed about our information practices and the ways you can help protect your privacy.

THIRD PARTIES

This Website may contain links to third-party websites and applications, clicking/proceeding the link(s) may allow third parties to automatically collect or share data about you. The NuxGame informs that we do not control these third-party websites and are not responsible for their polices and/or other statements of respective third parties. Thus, after leaving our website, take some time to read the privacy policy and any other policy of every website you visit or plan to visit.

1 TERMS AND DEFINITION

The following definitions are under Article 4 GDPR

“Personal Data” or “Data” means any information relating to an identified or identifiable natural person.

“Data Subject” means an identifiable natural person can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

“Controller” is the natural or legal person, public authority, agency, or any other body that, alone or jointly with others, determines the purposes and means of processing personal data.

“Processing” means any operation or set of operations which is performed on personal data or sets of personal data, whether by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

2 THE TYPES OF COLLECTED DATA

2.1. Personal data or personal information shall mean any information about the person under which such person can be identified. Such personal information does not include removed (anonymous/anonymized) data.

2.2. The Personal data that we may collect, use, store, and transfer (if applicable) can be divided into such groups:

2.2.1. Identification data. Consists of and is limited to person first, last and middle (if applicable) name.

2.2.2. Contact & Communications data. Consists of and is limited to email address, phone, skype, or other means of possible contact.

2.2.3. Technical data. Consists of and is limited to your IP address, type and version of browser, time zone and location, operating system and/or device, and other technology of the devices or means to access this website.

2.2.4 Website data. Consists of and is limited to information about the usage and travel on this website.

2.3. We may collect, use, and share the Aggregated Data, such as statistical or demographic data, for any purpose if such need arises. The used data is derived from part of your personal data but it is not considered as personal data based on the GDPR due to the fact that it will not directly or indirectly disclose or reveal your true identity. Specifically, your data will be used to calculate the overall amount (percentage) of visitors to the Website or its specific part.

2.4. We do NOT collect any special categories of data (e.g., race, religion, health, biometric data) as per Article 9 1 GDPR.

3 COOKIES

For detailed information regarding the type and way of Cookies used, please follow our Cookie Policy link.

4 PROCESSING OF MINORSʼ DATA

The Website is not intended for individuals under the age of 18 and we do not knowingly intend to process such data of individuals under the age of 18. If you are a parent and/or a legal guardian and found that your child had used our Website, please, contact us via available means of communication, and we will immediately apply (an) appropriate measure(s).

5 HOW IS DATA COLLECTED?

5.1. We have different ways of data collection, which include but are not limited to:

5.1.1. Information provided within our Website Contact Form and/or Website Online Chat.

In such way we collect Identification data, Contact & Communication data and etc. data if provided by the person himself. This information is collected and obtained through the voluntary submission on our Website and will be processed in order to provide a clear answer on the query/request.

The legal basis for such processing is your consent.

5.1.2. Information obtained within use of our Website.

In such way, we collect Website data and Technical data, which includes information regarding Website overview, ours and our partnersʼ products you are interested in, your dynamic IP address, browser type and operating system, referral source, etc. information.

The legal basis for such processing is monitoring and improving our Website and interaction on it.

5.1.3. Information collected via means of Third Parties and/or Publicly Available Sources.

We may collect data using services of third parties such as Analytics providers

Google Analytics, which tracks and reports Website traffic) or via use of Social Media Facebook, LinkedIn, etc.) to ensure that the provided Identification data is true.

The legal basis for such processing is protection of our own and third-party legal rights.

5.1.4.Information collected via means of Cookies & Similar Technologies.

Cookies are small-sized text files that are automatically sent to the personal device used for access on our Website. The Cookie Policy can be viewed in the respective Website Policy section following the earlier (above) provided link.

The legal basis for such processing is your consent.

5.1.5. Information collected for record and correspondence.

We may keep and process any of the mentioned above Clause 3.1.1. – 3.1.4. personal information, where it is necessary to build a defense against any legal claims.

The legal basis for such processing is protection of our own, yours, and third party (if applicable) legal rights.

6 HOW IS COLLECTED DATA USED?

6.1. The collected data is used only when the law allows such data usage. In common, the personal data will be used in such cases:

To contact you based on your Contact Form and/or Online Chat query Article 6 1 a GDPR .

When we need to conduct the Non-discloser Agreement for the further Business Offer proposal Article 6 1 b GDPR .

Where it is necessary for the legitimate interest and/or protection of our own, yoursʼ and third party (if applicable) legal rights but only if such interests and fundamental rights, do not override those interests and rights Article 6 1 d & Article 6 1 f GDPR .

It will be needed to comply with other legal obligations as a Controller Article 6 1 c GDPR .

As of Clause 4.1. (c), we may process personal Data in our legitimate interest for the below-mentioned purposes:

Collection, recording, processing, and performing statistical and other analysis of obtained information with further research for the Website and its services improvements and upgrades;

Administration and development of the Website and its services;

Improvement of Website user experience, including providing personalized services;

To contact you concerning the made request/query with further correspondence;

To conduct profiling of you and/or your activities on the Website for the purpose of the Website and its services marketing improvement.

7 PRINCIPALS OF DATA PROCESSING

7.1. Your fundamental rights are fully respected; therefore, protection of your privacy is the top priority of NuxGame. While processing the personal data, we are following such Basic Article 5 GDPR) principles:

7.1.1. Lawfulness, fairness, and transparency principles (in the meaning of Article 5 1 a GDPR . We submit your personal data (if requested) to legitimate the processing as well as we guarantee a fully transparent way of data handling.

7.1.2. Purpose limitation & data minimization principles (in the meaning of Article 5 1 b & (c) GDPR . We collect and process personal data only for legitimate and explicit purposes as explained above in this Policy. We have no intention or right to process the data incompatible with the purposes mentioned in this Policy.

7.1.3. Accuracy principle (in the meaning of Article 5 1 d GDPR . Received personal data is safely stored, thoroughly checked, and verified with your assistance to ensure its accuracy and where it is necessary to update or make some corrections for data processing, as well as to correct or erase the received information if it is inaccurate or invalid, respectively.

7.1.4. Identification principle (in the meaning of Article 5 1 e GDPR . Personal data is kept in an identifiable form that allows you to be identified by yourself and us, for the required period of time and for the processing purposes mentioned above.

7.1.5. Safety principle (in the meaning of Article 5 1 f GDPR . Personal data is securely processed via appropriate technical and/or organizational measures.

7.2. We hereby inform you that your personal data is collected only for the purposes mentioned in this Policy, and we have no intention to collect it further or outside the scope of this Policy.

7.3 Without prejudice to the stated in this Policy, we neither disclose nor have the intention to disclose or transmit your personal data to any third party without your consent, unless permitted or obliged by law or by a specific contractual agreement with you.

7.4 As data Controllers of your personal data, we hereby inform you that we comply with all applicable laws and our statutory obligations.

8 DATA SHARING AND DISCLOSURE

8.1. Following certain circumstances, we may share and disclose your personal data as explained below:

8.1.1. Legal Compliance (local & international laws; authority requests; harm prevention). We may disclose your personal information to courts, governmental authorities and/or law enforcement authorities, or authorized third parties (if applicable) to the extent applicable or permitted for such actions by law or legal necessity.

Local and International laws. We are obliged to comply with our legal obligations under the law of the Republic of Cyprus.

Authority requests. We are obliged to comply with our legal processing obligations and to provide a timely and proper respond to claims asserted

against us.

Harm Prevention. We are obliged to respond to requests in connection to criminal investigation or other illegal activity suspicions and/or any other activities where we, you, or a third party can be a subject to the legal liabilities.

8.2. Service providers (third parties). We may use services of the third party software and payment providers to help us in providing of our services on this Website. Service providers may locate inside or outside the European Union and/or European Economic Area (hereinafter the “EU” and “EEA” respectively). The Service providers have limited access to your data and are bound by the Agreement under which they are obliged to provide the same level of protection and safety of disclosed and provided information as is provided by us under this Policy.

8.3. Our Affiliates and Partners. We may share your personal information with any member of our group of companies (meaning subsidiaries companies, the ultimate holding company and its subsidiaries) as well as with our partner (independent resellers) as reasonably legally and reasonably necessary for this Policy.

8.4. Aggregated data (as explained in 2.2. of this Policy). We may share such aggregated information and/or any other anonymized information for the purpose of legal compliance, business and market analysis, demographic data analysis and research, marketing and other business purposes.

8.5. We do NOT sell personal data to third parties.

9 DATA SUBJECT RIGHTS

9.1. Based on the GDPR, you have such rights in connection with provided personal information:

9.1.1. To access or request a copy of your provided personal information and information related to its processing.

9.1.2. To request your personal information correction as of all and any inaccuracies and/or missing personal information.

9.1.3. To request your personal data in portable form (structured, commonly used, and machine readable) for transfer to another controller (where technically feasible).

9.1.4. To request to stop and restrict all and any processing of your personal data as explicitly stated by law.

9.1.5. To object to all and any processing of your personal data as explicitly stated by law.

9.1.6. To object against automated processing, including profiling, which has or may have an impact on you.

9.2. All of the rights stated in 7.1. of this Policy may be executed by sending an email letter to the Controller email mentioned in the Introduction section. Before the start of action from our side, we may ask you to identify yourself in order to guarantee the protection and safety of processed personal data.

9.3. The response to the request will be provided within one 1) month from the receipt of the letter request. Notwithstanding the above-mentioned response period, it can be prolonged for additional three 3) months based on the complexity of the request and the number of other pending requests. We may reject in fulfillment of the request with appropriate and relevant justification to such rejection.

10 WITHDRAWING CONSENT AND RESTRICTION OF PROCESSING

10.1. Where the consent to process personal data has been obtained from you and we have no other lawful and legal ground to do otherwise, you have the right to withdraw such earlier provided consent at any time by sending a letter on email mentioned in Introduction section with the specification of the consent you are willing to withdraw. Notwithstanding the above-mentioned, the withdrawal of your consent does not affect the lawfulness of any processing activities based on such consent before such consent withdrawal.

10.2. In addition to all of the above-mentioned, the GDPR may give you the right to limit the ways in which we use your personal information, specifically:

you deny the accuracy of your personal information;

the processing is unlawful, and you oppose such personal information processing;

we no longer need your personal information for the purposes of the processing, but you require the information for the establishment, exercise, or defense of legal claims; or

You have objected to the processing pursuant to the next section and pending the verification of whether the legitimate grounds of the Data Controller override your own.

11 OBJECTION OF PROCESSING

11.1 You have the right to object to the processing of personal data where it is done on a lawful basis and in our legitimate interest. If we process your personal data based on provided consent, you have the right to withdraw it. Nevertheless, we may still process your personal data where there are or may be other relevant lawful bases or we have compelling grounds to continue the processing of personal data in our interests, which are not overridden by your rights, interests or freedoms.

12 DATA RETENTION AND DELETION

12.1. We will retain your personal information for a reasonable period of time, in order to contact you and/or perform a contract between you and us as or for the period of our legal obligation (the period of to keep data can be longer due to regulatory obligation, as the case may be). When your personal data is no longer needed, it will be automatically erased.

12.2. To identify the appropriate retention period, we take into account: the size; quantity; nature and sensitivity of the personal data, including but not limited to the potential risks of harm from unauthorized use or disclosure of your personal data; the purposes for the personal data to be processed; and the applicable legal (regulatory) or other possible requirements.

12.3. You have the right to request the erasure of personal data where it is no longer necessary for us, however, there are exclusions to this right. The general exclusions, where processing is necessary, include a legal (regulatory) obligation and/or defense against all and any legal claims.

13 DATA TRANSFER

13.1.We may transfer, store, and process your information within our company ecosystem or share it with Service providers based outside the EU and/or EEA for the purpose stated in this Policy.

13.2.We take all necessary and adequate measures to keep your personal data during the transfer at the same secure level outside the EU and/or EEA, as it is within the EU and/or EEA and as it should be under this Policy.

14 SECURITY MEASURES

14.1. We implement strong security measures to protect your data:

  • Encryption: Secures data during transfer and storage.
  • Access Control: Restricted access to authorized personnel only.
  • Regular Security Audits: We review our security protocols periodically.

14.2. If a data breach occurs, we will notify affected users and regulators within 72 hours as required by the GDPR.

15COMPLAINTS

If you have any complaints or concerns about the process of your data and use of your information, you can contact the Office of the Commissioner for Personal Data Protection, which is the Independent Supervisory Authority for the protection of the individual in the Republic of Cyprus, via their website at http://www.dataprotection.gov.cy/, via their email address at

commissioner@ dataprotection.gov.cy, by telephone at the number 357 22818456, by fax at the number 357 22304565, by mail at the following postal address:

Office of the Commissioner for Personal Data Protection

P.O. Box 23378, 1682, Nicosia, Cyprus,

or by visiting their offices in person at the following office address: Office of the Commissioner for Personal Data Protection Kypranoros 15, 1061, Nicosia, Cyprus.