Warlordes Privacy Policy

1.0 INTRODUCTION & PURPOSE

Hammer Games Limited ("We" or “Us” or “Our” or "Hammer Games" or "Hammer Games Warlordes" or "Warlordes" or "Ugarsoft Limited"  or “the Company”) are committed to ensuring compliance with emerging data protection regulations in Nigeria and in the international community. Our commitment is fueled by emerging trends in the data regulatory environment, which requires a high level of transparency and accountability on how personal data is used and managed.

To run a gaming platform, we collect, process, store, share and where necessary, delete personal data. Consequent to our mandate to decide how and why such data is processed, we are data controllers/administrators under the Nigeria Data Protection Act 2023 as amended and are thereby subject to the provisions of the Act.

This Policy is designed pursuant to the forgoing and in consideration of our responsibility to conduct safe processing of personal data.

This Policy therefore outlines strict requirements for collection, processing, storage and deletion of personal data pertaining to our Customers, based on extant provisions of the Nigeria Data Protection Regulation (2019), Nigerian Data Protection Act (2023) and other globally accepted, basic principles on data protection.

2.0 GLOSSARY/DEFINITIONS

In this Policy, the following terms shall have the meanings referenced here, unless the context requires otherwise:

• “Consent” of freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her;
• “Data” means characters, symbols and binary on which operations are performed by a computer, which may be stored or transmitted in the form of electronic signals, stored in any format or any device;
• "Data Controller" means a person who either alone, jointly with other persons or in common with other persons or as a statutory body determines the purposes for and the way personal data is processed or is to be processed;
• “Data Protection Officer (DPO)” means the person appointed as such under the Data Protection Laws and in accordance with its requirements. A DPO is responsible for advising Hammer Games (including its employee) on their responsibilities under the Data Protection Laws, for monitoring compliance with Data Protection Law;
• “Data Subject” means any person, who can be identified, directly or indirectly, by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity;
• “Personal Data” means any information relating to an identified or identifiable natural person (‘Data Subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person; It can be anything from a name, address, a photo, an email address, bank details, accounts and posts on social networking websites, medical information, and other unique identifier such as but not limited to MAC address, IP address, IMEI number, IMSI number, SIM, Personal Identifiable Information (PII) and others;
• “Personal Data Breach” means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of or Access to personal data transmitted, stored or otherwise processed;
• “Personal Identifiable Information (PII)” means information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in a particular context;
• “Processing” means any operation or set of operations, which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
• ‘Laws and Regulations” means the Nigeria Data Protection Regulation (2019), the Nigerian Data Protection Act (2023) and any subsequent amendment or other applicable laws and regulations.

3.0 CONSENT

The consent of a Data Subject (“You” or “Your”) is the starting point for personal data processing, unless anything different is permissible by operation of law. You have the option to give, withhold, or otherwise revoke your consent to the processing of your personal data.

Note however that certain categories of personal data must be processed by the company in order to establish a relationship with you or carry out your instructions or fulfill our legal obligations for your benefit. It will be impossible for the company to carry out its obligations in respect to you if you conceal this information, and the company may not be able to render certain services to you.

You thereby give your consent to the processing of your Personal Data as contained in this document by clicking or selecting “I Accept or I Agree”.

IF YOU DO NOT AGREE WITH THE TERMS CONTAINED IN THIS DOCUMENT, YOU ARE EXPRESSLY PROHIBITED FROM CONTINUING TO ACCESS OUR SERVICES AND WE SHALL NOT PROVIDE OUR SERVICES TO YOU. BY CONTINUING TO ACCESS OUR SERVICES, WE SHALL ASSUME THAT YOU HAVE GIVEN YOUR CONSENT IN THESE REGARDS.

4.0 INFORMATION COLLECTION AND HOW WE USE IT

We collect several different types of information for various purposes to provide and improve our services to you.

Types of Personal Data We Collect

Personal Information: While using our services, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you ("Personal Data"). Personally identifiable information may include, but is not limited to the following:

• Full name;
• Email Address;
• Facebook or Google Account information;
• Phone Number;
• Date of Birth;
• Postal Address;
• Bank information;
• Identity document;
• User ID;
• Password;
• Authentication number or unique PIN in applicable instances;
• Biometrics in applicable instances;

Usage Data: We may also collect information that your browser sends whenever you access our services through our website and/or when you access our services through our mobile application (Mobile App). This includes but not limited to the following:

• The Internet Protocol (IP) address of your device
• Browser type
• Browser version
• Your activities on our website and/or mobile app
• Date/Time Logs and Time stamps
• Unique device identifiers

Additionally, when you access our services through a mobile device, the following information may also be collected:

We may request access or permission to access and track location-based information from your mobile device, either continuously or while you are using our mobile app, to provide location-based services. If you wish to change our access to this information or limit permissions, you may do so in your device's settings.

We may request access or permission to certain features from your mobile device, including your mobile device's camera, calendar, Bluetooth, contacts, storage and other features as applicable. If you wish to change our access or permissions to these features, you may do so in your device's setting.

We may automatically collect some of your device information (such as your mobile device ID, model and Manufacturer), operating system, version information, IP address and diagnostic data.

We use cookies and similar tracking technologies to track the activities on our Services. Cookies are files with a small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Tracking technologies also used are beacons, tags, and scripts to collect and track information and to improve and analyze our Service. You can at any time instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to access some or all of our Services.

We may use third-party Service Providers to monitor and analyze the use of our Service.

We may use Google Analytics which is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Service. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network.

You can opt out of Google Analytics by installing the Google Analytics opt-out add-on/plugin.

For more information on the privacy policies of Google, please visit the Google Privacy & Terms web page located at https://policies.google.com/privacy?hl=en

We may also use other third-party providers like NET Core Platform Script, Facebook Pixel Code and other scripts to collect anonymous information such as the number of visitors to the site, and the most popular pages or offerings.

Note that you have the option at all times to accept or reject usage of nonessential cookies when you visit our website or use our mobile app. Should you wish to stop the usage of the nonessential cookies, you can delete such cookies associated with our website on your browser or refuse permission through your device settings.

Also note that Our Service may contain links to other sites that are not operated by us. If you click on a third-party link, you will be directed to that third party's site. We strongly advise you to review the Privacy Policy and Terms of use/service of every site you visit.

Therefore, you acknowledge that we have no control over and assume no responsibility for the content, privacy policies or practices of any third-party sites or services.

How we use Information: The purpose we collect personally identifiable information is to enable us to provide you with gaming services and to ensure our services are provided with ease and problem free.

It should be noted that usage of data may be extended beyond the above provisions, whenever necessary for the purposes of meeting legal, regulatory, contractual obligations, and other legitimate business interests. Thus, your data is used for, but not limited to the following:

• To provide and maintain our services;
• To notify you about changes to our service;
• To allow you participate in the interactive features of our services;
• To provide customer care activities and support to you;
• To comply with Laws and Regulations;
• To provide you with loyalty benefits and programs;
• To comply with our internal policies;
• To analyze valuable information in order to improve our services;
• To detect, prevent and address technical issues;
• To monitor the usage of our services;
• To be able to pay out winnings to contest winners;
• To monitor our communications with you for customer service improvement, training, quality assurance purpose and fraud analysis and prevention;
• To send your marketing and promotional materials;
• To enable us to deliver targeted advertising to you for our Business Purposes. We may use your information to develop and display content and advertising (and work with third parties who do so) tailored to your interests and/or location and to measure its effectiveness.

5.0 LAWFUL PROCESSING

Hammer Games processes data in accordance with laws and regulations. The basis and principles for lawful processing of data are as stated below:

• Data Subject has given consent to the processing of his or her personal data;
• Processing is necessary for the provisions of our services to the Data Subject;
• Processing is necessary for compliance with a legal obligation to which Hammer Games is a subject;
• Processing is necessary in order to protect the vital interests of the Data Subject or of another natural person;
• Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official public mandate for which Hammer Games is obligated to;
• We shall not obtain personal data except the specific purpose of collection is made known to the Data Subject;
• We shall ensure that consent of Data Subject has been sought and obtained without fraud, coercion, or undue influence before processing his or her information;
• Where processing of personal data is based on consent, we shall confirm the Data Subject’s capacity to give consent and also ensure that the Data Subject has consented to processing of his or her personal data;
• Where the Data Subject's consent is given in the context of a written declaration, we shall request for consent in a manner which is clearly distinguishable from other matters, in an intelligible and easily accessible form, using clear and plain language;
• Where the Data subject is unable to read, we shall ensure that the declaration is read to the subject in a language that he understands.
• Before obtaining consent, we shall inform the data subject of his/her rights in accordance with the provisions of the Laws and Regulations and the ease to withdraw his/her consent at any time.
• When assessing whether consent is freely given, we shall take utmost account of whether the performance of a contract, including the provision of a service, is conditional on consent to the processing of personal data that is not necessary or excessive for the performance of the contract.
• Where Data may be transferred to a third party for any reason, we shall request for consent of the data subject before transferring his/her information.
• By Virtue of its regulatory oversight over our operations, the National Lottery Regulatory Commission shall have full Access to personal data of Data Subjects under our management. For this purpose, we shall not require any consent from you before sharing information with our Regulators; neither will we require any consent from you before sharing information with security operatives and designated government agencies where necessary approvals are obtained.
• We shall store data for a period which is reasonably required. This shall be for the lifespan of our gaming platform and 2 years thereafter following our cessation of business.

6.0 CHILDREN PRIVACY

We do not offer our services or enter into a relationship with minors (persons under the age of 18).

We shall at no time, knowingly collect personally identifiable information from anyone under the age of 18.

If you are a parent or guardian and you are aware that your children have provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we will take steps to remove that information from our servers.

7.0 YOUR PRIVACY RIGHTS

Your privacy rights include the following:

• You have the right of access to your personal data;
• You have the right to withdraw your consent given to us for the processing of your Data at any time;
• You have the right to the rectification of your personal data;
• You have the right to object to the processing of your personal data;
• You have the right to restrict the processing of your personal data;
• You have the right to data portability;
• You have the right to the erasure of your personal data;
• You have the right to lodge a complaint with our Data Protection Officer in the event of a violation of your rights;
• You have the right to lodge a complaint with the Nigerian Data Protection Commission in the event of violation of your rights;
• You have the right to be informed of any person or location to which we may disclose or share your personal information.

These rights are not absolute and may be limited in certain manners and in certain instances by permissible laws and regulations.

8.0 THIRD PARTY ACCESS TO YOUR PERSONAL DATA

In furtherance of our commitment to ensure compliance with extant provisions of the Laws and Regulations with respect to processing of personal data by Third Parties, we shall:

Execute a Non-Disclosure or Confidentiality Agreement (the terms of which shall not conflict with Laws and Regulations) with any third party engaged to undertake any project/contract which would expose such a party to our data bank before granting Access to the information of concerned Data Subjects.

Ensure full adherence with the provisions of the Laws and Regulations by the Third Party in relation to processing of information received from Data Subject by putting in place adequate sanctions and penalties to deter the third parties from breaching the terms of the Non-Disclosure & Confidentiality Agreement.

9.0 SECURITY OF YOUR DATA

Hammer Games being a Data Controller and taking into consideration the nature, scope, context, and purpose of processing as well as the risk of varying likelihood and the severity for the rights and freedom of natural persons, shall develop security measures to:

Protect data and our systems from hackers;

Set up firewalls to protect our ICT infrastructure from malware, pharming, phishing and other security attacks;

Store data securely with Access given only to specific authorized individuals;

Employ data encryption technologies;

Undertake continuous development of our organizational policy for handling personal data (and other sensitive or confidential data), protection of emailing systems; and

Ensure continuous capacity building for staff in line with the requirements of the Laws and Regulations and standard of best practices.

10.0 DATA PROTECTION CONTROL

Compliance with this Data Protection Policy and the Regulation shall be reviewed periodically in line with data protection audit requirements and other controls. The ultimate performance of these controls is the responsibility of our Board of Directors through such officers of the Company as may be designated by the Board of Directors, from time to time.

11.0 BREACH OF THIS POLICY

A breach of this policy could have severe consequences on Hammer Games, our ability to provide services, or maintain the integrity, confidentiality, or availability of services rendered to our users/customers. Any intentional misuse resulting in a breach of any part of this policy will be disciplined in line with the provisions of our staff handbook.

12.0 TRAINING

Hammer Games shall ensure that employees who collect, access and process Personal Data receive adequate data privacy and protection training in order to develop the necessary knowledge, skills and competence required to effectively manage and process the compliance framework under this Privacy Policy and applicable Laws and Regulations.

Hammer Games shall, on an annual basis, develop a capacity building plan for its employees on data privacy and protection in line with the applicable laws and regulations.

13.0 DATA PROTECTION OFFICER (DPO)

Hammer Games has appointed a Data Protection Officer (DPO) responsible for overseeing the data protection strategy and its implementation to ensure compliance with Laws and Regulations. The DPO shall be a knowledgeable person on data privacy and protection principles and shall be familiar with the provisions of the applicable laws and Regulations as foretasted.

The main tasks of the DPO shall include:

Administering data protection policies and practices of Hammer Games;

Monitoring compliance under the Laws and Regulations, and other data protection laws, data protection policies, awareness-raising, training, and audits;

Advice Hammer Games, management, employees and third parties who carry on processing activities of their obligations under applicable laws and regulations;

Acts as the contact point/person for Hammer Games;

Monitor and update the implementation of the data protection policies and practices of Hammer Games and ensure compliance amongst all employees of Hammer Games;

Ensure that Hammer Game undertakes a Data Protection Impact Assessment and curb potential risk in Hammer Game’s data processing operations; and

Maintain a database of all Hammer Games personal information.

14.0 DATA PROTECTION AUDIT

Hammer Games shall conduct an annual data protection audit through a licensed Data Protection Compliance Organization (DPCO) to verify Hammer Game’s compliance with the provisions of Laws and Regulations.

The audit report will be certified and filed by the DPCO to the Nigeria Data Protection Commission as required under applicable laws and regulation.

15.0 EFFECTIVE DATE

The effective date of this Policy is 1st of January, 2024.

16.0 AMENDMENT / REVIEW TO POLICY

This Policy may be amended from time to time and shall be reviewed on a yearly basis to bring it up to speed to acceptable standards.

We shall place notices on all our platforms and likewise notify you via your email about any changes to this Policy.

17.0 CONTACT

If you have any questions or comments about this policy, you may contact our Data Protection Officer (DPO) by email at dataprivacy[@]hammagergames.com or by post to:

Data Protection Officer, Hammer Games Limited

Suite D7, Bethel Plaza, 36 Garden Avenue, G.R.A, Enugu State, Nigeria.