Privacy Policy
Effective date: March 27, 2026
✔ Applies worldwide to our games, apps, software products, and websites.
🧰 We use widely adopted services: Firebase Analytics/Crashlytics, Google AdMob, Unity Ads, Google Play Games Services, Apple Game Center/iCloud (if enabled), AppsFlyer, SKAdNetwork, Paddle (payment processing).
🚫 We do not sell personal data. We may 'share' certain identifiers and app events for targeted advertising as defined by US state laws. You can opt out in the app.
👶 We do not knowingly collect data from children.
1) Who we are
Light Side LLC (‘we’, ‘us’) develops and publishes video games, applications, and software developer tools (such as UniText). We act as the data controller for the processing described in this Policy.
2) Scope
This Policy covers Light Side Gaming Business Unit, our software products and associated license sales, and our websites operated under the Light Side brand, worldwide.
3) Data we process
- Usage & diagnostics (events, sessions, IP address, coarse location/country, device/OS, app version) — analytics, crash detection, product improvement.
- Game progress & identifiers (player/account ID, achievements, cloud saves, anti-cheat signals) — core functionality and sync.
- Purchase information (SKU, region, purchase token/receipt, license tier, company name for software license purchases) — purchase fulfillment, license delivery, refunds, fraud prevention. For software license purchases through our website, Paddle.com Market Limited acts as the Merchant of Record and an independent data controller for payment data. Paddle collects billing information (name, email, billing address, payment method) directly. We never receive or store your payment card details. Paddle shares limited buyer data with us (email, name, country, purchase details) for order fulfillment under legitimate interest. See Paddle's Privacy Policy.
- Ads/attribution data (ad impressions, clicks, resettable advertising IDs such as IDFA/AAID, SKAdNetwork postbacks, context signals) — showing ads, frequency capping, measurement (ad-supported titles).
- Support data (email, message content, attachments, device diagnostics you choose to send) — customer support and troubleshooting.
4) Purposes & legal bases
Depending on your location, we rely on: (a) consent (where required for advertising/analytics cookies/SDKs in the EEA/UK, and for access to IDFA under Apple ATT); (b) performance of a contract (to deliver the game/app, cloud saves, and purchases); (c) legitimate interests (security, anti-fraud, crash diagnostics, non-personalized analytics); and (d) compliance with legal obligations (tax/accounting). You may withdraw consent at any time via in‑app settings or our consent banner (where shown).
5) Advertising choices (opt-out)
You can opt out of ‘targeted advertising’ and certain measurement at any time in **Settings → Privacy → Advertising choices**. For California and other US states, you can use the button **‘Do Not Sell or Share My Personal Information’** to opt out of ‘sharing’ for cross‑context behavioral advertising. On Android/iOS you can also reset or limit the advertising identifier in OS settings. We honor Apple ATT choices and SKAdNetwork measurement when IDFA is unavailable.
6) Apple App Tracking Transparency (iOS)
On iOS, we request permission via Apple’s App Tracking Transparency. If you decline, we do not access the IDFA and only use contextual ads and privacy‑preserving measurement (e.g., SKAdNetwork).
7) Third‑party services (processors)
Firebase Analytics / Crashlytics
Firebase Analytics collects usage and stability metrics; Crashlytics helps diagnose crashes. Data may include device/OS info, app version, events, and crash logs.
Google AdMob / Unity Ads
Ad networks (e.g., Google AdMob, Unity Ads) show ads and measure performance using resettable advertising IDs and context signals. You can reset or limit ad tracking in your OS.
Google Play Games Services
Google Play Games Services for cloud saves, achievements, leaderboards, and platform integrations.
AppsFlyer
AppsFlyer provides install attribution and campaign performance using identifiers and non‑sensitive event data.
Paddle (Merchant of Record)
Paddle.com Market Limited acts as our Merchant of Record and online reseller for software license purchases. Unlike our other service providers, Paddle is an independent data controller (not our data processor) for buyer payment data collected during checkout. Paddle processes payment information, issues invoices/receipts, determines and collects applicable taxes, and handles payment-related customer service. We receive only limited buyer data (email, name, country, purchase amount) for order fulfillment. See Paddle's Privacy Policy for how Paddle handles your data.
Except for Paddle (which is an independent data controller as described above), we engage these providers under data‑processing contracts; they must protect data and use it only on our instructions.
8) Sharing
We do not sell personal data. We disclose data to: (a) service providers acting as our data processors (Firebase, AppsFlyer, etc.); (b) platform providers (Google/Apple); (c) Paddle.com Market Limited, acting as an independent data controller and our Merchant of Record for software license sales; and (d) where required by law or to protect rights, safety, and integrity. We only use buyer data received from Paddle for order fulfillment, product support, and fraud prevention.
10) International transfers
We are based in Georgia (Tbilisi). Your data may be transferred to and processed in countries outside your country of residence, including the United States, United Kingdom, and EU member states, where our service providers (including Paddle, Firebase/Google, AppsFlyer) operate. Where data is transferred internationally, we use appropriate safeguards such as Standard Contractual Clauses (SCCs) or rely on adequacy decisions. Some providers participate in the EU‑US Data Privacy Framework. Under Georgian personal data protection law, transfers to countries not on the approved adequacy list are made with appropriate safeguards or with your consent. You can contact us to request information about these safeguards.
11) Children
We do not knowingly collect personal data from children. In mixed‑audience titles we apply an age gate and disable personalized ads/attribution for users identified as under the applicable age (e.g., under 13 in the US, under 16 in the EEA/UK for ad ‘sharing’). If you believe a child provided data to us, please contact us and we will delete it and disable personalization.
12) Your rights
Depending on your region, you may have rights to access, correct, delete, port, object, restrict, withdraw consent, or appeal our decision. To exercise rights, use the in‑app request form or contact us at the email below. We respond within 10 working days (Georgian law), 30 days (EEA/UK GDPR), or 45 days (US state privacy laws). California residents may use an authorized agent. You have the right not to be discriminated against for exercising your rights. EEA/UK residents can lodge a complaint with a supervisory authority. Georgian residents can contact the Personal Data Protection Service (https://personaldata.ge).
13) Cookies & consent
Our websites currently do not use non‑essential cookies/SDKs. If this changes, we will show a consent banner that lets you accept, reject, or change choices at any time.
14) Accounts and deletion
You can create an in‑game account to sync progress and use social features. You can delete your account at any time in **Settings → Account → Delete account** or by contacting us. Deleting an account removes personal data and cloud saves linked to the account within 30 days (backups may persist for a limited period). You can also disconnect Google Play Games or Apple Game Center from their respective settings.
15) User‑generated content (UGC) & moderation
UGC (e.g., chat, profiles, guild names) is visible to other players as part of gameplay. We moderate to enforce our community rules and may take action on abuse reports. Do not share sensitive information in UGC.
16) Security
We use technical and organizational measures appropriate to the risk (encryption in transit, encryption at rest where applicable, access controls, least privilege, logging, regular patching, incident response). No system is 100% secure.
17) Changes
We may update this Policy from time to time. We will post a new version with a new effective date.
18) Contact
Data controller: Light Side LLC.
Address: Georgia, Tbilisi, Saburtalo district, Bakhtrioni street, N22, flat N75.
Email: privacy@lightside.media.
This Policy complies with the EU General Data Protection Regulation (GDPR), the UK GDPR, applicable US state privacy laws (including the CCPA/CPRA), and the Georgian Law on Personal Data Protection (effective March 1, 2024).
Address: Georgia, Tbilisi, Saburtalo district, Bakhtrioni street, N22, flat N75.
Email: privacy@lightside.media.
This Policy complies with the EU General Data Protection Regulation (GDPR), the UK GDPR, applicable US state privacy laws (including the CCPA/CPRA), and the Georgian Law on Personal Data Protection (effective March 1, 2024).
19) Key definitions
‘Personal data’ means information that identifies or relates to an identifiable individual. ‘Processing’ means any operation performed on personal data. ‘Controller’ determines purposes and means; ‘processor’ processes on behalf of a controller. ‘Targeted advertising’ means displaying ads based on personal data obtained from activity across non‑affiliated apps or websites.
foot_note