Tab to main content
Top Arcade

Privacy Policy for Top Arcade

Last updated: 14th October 2025

This Privacy Policy ("Policy") governs how Top Arcade ("we," "us," or "our") collects, uses, stores, and protects information when you access or use our online platform ("Platform"), which features a collection of mini-games ("Games"). It applies to all users worldwide and complies with global privacy laws, including the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), Personal Data (Privacy) Ordinance (Cap. 486) (Hong Kong), and Google's advertising and data usage policies.

By accessing or using the Platform, you acknowledge that you have read, understood, and agree to be bound by this Policy. If you do not agree, please discontinue use of the Platform immediately. We reserve the right to update this Policy periodically; significant changes will be notified via a banner on the Platform or email (if we have your contact information).

2. Information We Collect

2.1 Personal Information

We collect personal information only when voluntarily provided by you or necessary for Platform functionality:

  • Account Creation: Email address, username, password (hashed), and profile preferences (e.g., avatar).
  • Support & Feedback: Information from messages, bug reports, or customer service inquiries (e.g., screenshots, descriptions of issues).
  • In-Game Activities: Pseudonymous player IDs, progress tracking, and leaderboard submissions (if you opt into social features).

2.2 Non-Personal Information

Automatically collected data to improve the Platform and user experience:

  • Device & Technical Data: IP address, browser type/version, operating system, device model, unique device identifiers (e.g., IDFA, AAID), and network information.
  • Usage Analytics: Game playtime, levels completed, features accessed, clicks, and interactions with ads or menus.
  • Location Data: Approximate geographic region derived from your IP address (no precise GPS data is collected).

2.3 Cookies & Tracking Technologies

We use cookies, web beacons, and similar tools to:

  • Necessary Cookies: Enable core Platform functions (e.g., session management, saving game progress).
  • Analytics Cookies: Track usage patterns (e.g., Google Analytics) to optimize game performance and content.
  • Advertising Cookies: Serve personalized ads based on your interests (see Section 5 for details).

You may manage cookie preferences via your browser settings, but disabling necessary cookies may limit Platform functionality.

3. Legal Basis for Processing (GDPR Compliance)

For users in the European Union (EU), we process personal data based on the following legal grounds:

  • Consent: For cookies, marketing communications, and personalized ads (you may withdraw consent at any time via Section 8).
  • Legitimate Interest: To operate the Platform, prevent fraud, and improve services (we ensure our interests do not override your privacy rights).
  • Contractual Necessity: To fulfill account-related obligations (e.g., saving game progress for registered users).

4. How We Use Your Information

Collected data is used for the following purposes:

4.1 Platform & Game Functionality

  • Deliver, maintain, and update the Platform and Games (e.g., fixing bugs, adding new features).
  • Track game progress, high scores, and user preferences (e.g., language settings).

4.2 User Experience Optimization

  • Personalize content (e.g., recommending games based on play history).
  • Analyze usage trends to improve load times, gameplay, and feature relevance.

4.3 Communication

  • Respond to support requests, feedback, or inquiries within 48 hours.
  • Send service updates (e.g., account verification, password resets).

4.4 Advertising & Marketing

  • Serve targeted ads via third-party partners (see Section 5).
  • Measure ad performance (e.g., click-through rates) to optimize ad relevance.

4.5 Legal & Security

  • Detect and prevent fraud, unauthorized access, or technical abuse.
  • Comply with legal obligations, court orders, or regulatory requests (including cross-jurisdictional legal demands).

5. Third-Party Sharing & Links

5.1 Service Providers

We share data with third parties solely to support Platform operations. These parties are contractually obligated to protect your information and use it only for authorized purposes:

  • Advertising Partners: Ad networks (e.g., Google Ads, AdMob, Ogury, The Trade Desk) to deliver personalized ads.
  • Analytics Providers: Tools like Google Analytics, Mixpanel, or Firebase to analyze user behavior.
  • Hosting & Cloud Services: Third-party servers to store data and ensure Platform uptime.
  • Payment Processors (if applicable): For in-game purchases (we do not store full payment details; processors may collect card numbers or payment tokens).

5.2 Third-Party Ad Partners

Key advertising partners include:

Adform, Equativ, LoopMe, Ogury, Seedtag, The Trade Desk OpenPath, Venatus, and others.

You may opt out of personalized ads via the Network Advertising Initiative (NAI) or Digital Advertising Alliance (DAA).

5.3 Links to External Sites

The Platform may contain links to third-party websites (e.g., social media, game developer sites). We are not responsible for their privacy practices; review their policies before providing information.

6. Data Retention & Deletion

We retain data only as long as necessary to fulfill the purposes outlined in this Policy:

  • Personal Information: Retained until you delete your account or request removal (unless required by law to retain it longer).
  • Usage Data: Retained for 13 months (or up to 24 months for security debugging).
  • Non-Personal/Aggregated Data: May be retained indefinitely for analytics or historical record-keeping.

Upon account deletion, we will anonymize or delete your personal data within 30 days, except for data required by law or to resolve disputes.

7. Children's Privacy

We strictly comply with the Children's Online Privacy Protection Act (COPPA) and GDPR requirements for children:

  • We do not knowingly collect personal information from users under 16.
  • If we discover underage data, we will delete it within 48 hours of notification.
  • Parents/guardians may contact us (Section 12) to request deletion of a child's data.

8. Your Rights

Depending on your jurisdiction, you may exercise the following rights by contacting us (Section 12):

8.1 Global Rights

  • Access: Request a copy of your personal data in a machine-readable format (e.g., CSV).
  • Correction: Update inaccurate or incomplete information (e.g., outdated email address).
  • Deletion: Request permanent removal of your account and associated data (subject to legal exceptions).

8.2 EU/EEA Rights (GDPR)

  • Right to Restrict Processing: Temporarily halt data use (e.g., during a data accuracy dispute).
  • Data Portability: Transfer your data to another service provider.
  • Withdraw Consent: Opt out of cookies or marketing communications (via email unsubscribe links or Section 12).

8.3 California Rights (CCPA)

  • Opt-Out of Sale/Sharing: Request to stop sharing your data with third-party advertisers (use the DAA/NAI links in Section 5.2).
  • Non-Discrimination: We will not penalize you for exercising your CCPA rights (e.g., restricting access to free features).

9. International Data Transfers

Your information may be transferred to countries outside your jurisdiction (e.g., the U.S., EU, or Hong Kong). We ensure compliance with global data laws by:

  • Using Standard Contractual Clauses (SCCs) approved by the European Commission.
  • Relying on the EU-U.S. Data Privacy Framework or UK Adequacy Decision (for UK users).
  • Implementing technical safeguards (e.g., encryption) for cross-border data transfers.

10. Security Measures

We protect your data with industry-standard safeguards:

  • Encryption: Data in transit (SSL/TLS) and at rest (AES-256).
  • Access Controls: Role-based permissions for internal staff.
  • Regular Audits: Penetration testing and vulnerability scans quarterly.
  • Incident Response: Data breach notifications within 72 hours (as required by GDPR).

No system is 100% secure; we cannot guarantee absolute protection against unauthorized access.

11. Policy Updates

This Policy is updated periodically. Major changes will be posted with a revised "Last updated" date, and you will be notified via:

  • A banner on the Platform (for non-registered users).
  • Email (for registered users with verified email addresses).

It is your responsibility to review this Policy regularly. Continued use of the Platform after updates constitutes acceptance of the revised terms.

Contact Us

For questions, concerns, or to exercise your rights, contact our Privacy Team at:

Email: privacy@arcade.top

Response Time: 30 days for data access/correction requests; 7 days for deletion requests.

Top Arcade is committed to protecting your privacy. By using our Platform, you confirm that you have read and understood this Policy.