Privacy Policy

Introduction

WEMIX MENA. LTD. (“we”, “us”, “our”) takes the protection of personal data (“Personal Data”) very seriously. Please read this privacy policy (the “Policy”) to learn what we are doing with your Personal Data, how we protect it, and what privacy rights you may have under applicable data protection and privacy laws, such as the European Union General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act of 2018 (“CCPA”).

Our Role With Respect to Your Personal Data

Within the scope of this Policy, WEMIX MENA. LTD. acts as a data controller or “business” for the Personal Data we process. This means that we decide how and why Personal Data is collected and further processed.

WEMIX MENA. LTD and WEMIX PTE. LTD. have concluded a Joint Controller Agreement which sets out the duties of both Controllers in accordance with Art. 26 of the General Data Protection Regulation (GDPR) and the equivalent provisions of the applicable data protection laws. You can refer to the Contact details for the Joint Controller here.

Lawful Bases for Processing

To use your Personal Data, we must have a valid reason, which under some laws is called the “lawful basis for processing” or “legal grounds for processing.” We may process your Personal Data based on these reasons:

  • Your Consent: We may use your Personal Data because you have actively indicated that it is okay for us to do so. This includes situations where you have given permission for us to send you marketing emails or to participate in beta testing of our service during the pre-registration process.

  • Legal Obligation: We may be required to process your Personal Data in order to comply with a legal obligation.

  • Legitimate Interests: Where it is necessary for our legitimate interests, we may process your Personal Data, to the extent that your interests and fundamental rights do not override those interests. Here is what it normally means for us:

    • Product Improvement: We may use data to enhance the services features and functionality, making them more useful and user-friendly.

    • Customer Engagement: Keeping users and subscribers informed about updates, new features, and content that may interest them.

    • Research and Development: Using aggregated and anonymized data to conduct research on trends and user behavior to improve the services.

    • Marketing and Promotion: Promoting the services to a wider audience and providing tailored recommendations based on user data.

    • Security and Fraud Prevention: Protecting the services and its users from security threats, fraud, and abuse.

    • Legal Compliance: Ensuring compliance with relevant laws and regulations, including the rules from other countries besides yours.

    • Business Operations: Managing day-to-day operations and ensuring the app’s sustainability and growth.

If we use legitimate interests as the reason for using your Personal Data, you can ask us for more details about why we think it is a good idea. Just get in touch by using the contact details here.

When we use your Personal Data because you gave us permission (consent), you can change your mind at any time. However, this will not undo the things we did with your data before you changed your mind. It also will not change the things we are allowed to do with your data based on other reasons.

What Personal Data We Process and How We Obtain It

In this Privacy Policy, “personal data” means any information about an identified or identifiable individual. The type of personal data we collect from you depends on how you interact with us and our Services. The table below describes the categories of Personal Data we have collected about you in the last 12 months.

Personal Data We Collect, Process, or Store

How We Obtain It

  • WEMIX PLAY account information such as identifiers and email address

  • Purchased Information such as purchased product name, amount, Game name of using product.

Collected from third parties (WEMIX PTE. LTD.) by the user upon payment.

  • Information required to facilitate the processing of your purchases through third parties, e.g., Alchemy: Transaction date and time, transaction number.

Collected, created, or provided by the user upon payment.

Without this information, we are not able to provide you with all the requested services, and the services we are able to provide may differ depending on the information you provide us. We will not collect additional categories of Personal Data without informing you.

For What Purposes Do We Use Your Personal Data?

We may process your Personal Data for the following purposes:

  • To process purchase and payment instruction, process the using WEMIX PAY in WEMIX PLAY. (In this case, Third Parties can process the transaction and invoice on our behalf.)

  • To provide you with the Services. We use your information to facilitate the functionality of our Services, and customize the Services (where applicable).

  • To improve the quality of our Services. We use your information to maintain, improve, and administer our Services, including by troubleshooting, data analytics, and testing.

  • To keep our Services and users safe. This includes detecting users illegally using our programs; and to otherwise prevent and respond to fraud, abuse, security risks, and technical issues.

  • To send you electronic correspondence. We may send you emails or otherwise communicate with you in order to manage inquiries and requests from you.

  • To send you email, SMS, or in-app marketing communication.

  • To ensure our Services function properly when the information is collected through essential cookies.

  • To manage your preferences in relation to use of cookies and other tracking technologies.

  • To comply with applicable laws and regulations. This includes using your information to ensure compliance with our legal obligations (such as recordkeeping obligations and transparency obligations).

  • To resolve disputes, enforce our contractual agreements, and to establish, exercise or defend legal claims.

How Long We Keep Your Personal Data

We will only retain your personal data for as long as necessary to fulfill the purposes set out above, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

Some of the main criteria we use to determine specific retention periods include recording keeping obligations under applicable law or industry standards, relevance to potential litigation, whether data is necessary for us to exercise our rights or maintain the services. For more information on data retention periods, please contact us by using the information below.

Sharing Personal Data with Third Parties

The following table describes the categories of information we have disclosed to third parties for business purposes, and the categories of those third parties.

Personal Data Disclosed for Business Purposes?

Category

Categories of Third Parties Receiving Personal Data

Identifiers:

WEMIX PLAY user identifier, Email address

  • Provider that processes transaction and invoice mail: Alchemy

Commercial information:

Payment information

  • Provider that processes transaction: Alchemy

International Transfers of Your Personal Data

We are a global company located in Abu Dhabi, United Arab Emirates. Our service providers and other third parties with whom we share Personal Data with operate globally.

International Transfers of Your Personal Data: Europe

When your Personal Data is safeguarded by the EU or UK General Data Protection Regulation, or Swiss data protection law, before sending it to parties the European Economic Area (“EEA”), the UK, or Switzerland, we will do one of two things:

  • Seek your consent; or

  • Demand privacy and security: We will ensure the third party maintains the same level of privacy and security for your Personal Data as we do.

In some cases, the authorities of a country may have determined that the laws of other countries, territories or sectors within a country provide a level of protection equivalent to domestic law. You can see here the list of countries, including the Republic of Korea, territories and specified sectors that the European Commission recognized as providing an adequate level of protection for personal data, here the list of the UK, and here the list of Switzerland.

We are accountable for the protection of your Personal Data when we transfer it to others. We either send it to a country, territory or sector within a country that is recognized as providing the same level of personal data protection as the country of origin, or use safeguards like the Data Privacy Framework (as defined below), Binding Corporate Rules or the Standard Contractual Clauses (also known as the “SCCs”) approved by the European Commission under Article 46.2 of the GDPR, with necessary adjustments for transfers from the UK or Switzerland, or use specific transfer instruments like the UK International Data Transfer Agreement.

Other Disclosures of Your Personal Data

We may disclose your Personal Data to the extent required by law, or if we have a good-faith belief that we need to disclose it in order to comply with official investigations or legal proceedings (whether initiated by governmental/law enforcement officials, or private parties). If we have to disclose your Personal Data to governmental/law enforcement officials, we may not be able to ensure that those officials will maintain the privacy and security of your Personal Data.

We may also disclose your Personal Data if we transfer all or some of our company’s business interests, assets, or both, or in connection with a corporate restructuring. Finally, we may disclose your Personal Data to our subsidiaries or affiliates, but only if necessary for business purposes, as described in the section above.

We reserve the right to use, transfer, and share aggregated, anonymous data for any legal purpose. Such data does not include any Personal Data. The purposes may include analyzing usage trends or seeking compatible advertisers, sponsors, and customers.

What Privacy Rights Do You Have?

You have specific rights regarding your Personal Data that we collect and process. Please note that you can only exercise these rights with respect to Personal Data that we process about you when we act as a data controller or as a “business” under the CCPA. To exercise your rights with respect to information processed by us on behalf of one of our customers, please read the privacy policy of that Customer.

Right to Know What Happens to Your Personal Data

This is called the right to be informed. It means that you have the right to obtain from us all information regarding our data processing activities that concern you (or that of your child), such as how we collect and use your Personal Data, how long we will keep it, and who it will be shared with, among other things.

We are informing you of how we process your Personal Data with this Policy.

Right to Know What Personal Data WEMIX MENA. LTD. Has About You

This is called the right of access. This right allows you to (1) get confirmation of whether we process Personal Data about you (2) ask for full details of the Personal Data we hold about you and certain related information; (3) get a copy or access to the Personal Data

You have the right to obtain from us, including confirmation of whether or not we process Personal Data concerning you, and, where that is the case, a copy or access to the Personal Data and certain related information.

Once we receive and confirm that the request came from you or your authorized agent, we will disclose to you:

  • The categories of your Personal Data that we process;

  • The categories of sources for your Personal Data;

  • Our purposes for processing your Personal Data;

  • Where possible, the retention period for your Personal Data, or, if not possible, the criteria used to determine the retention period;

  • The categories of third parties with whom we share your Personal Data;

  • If we carry out automated decision-making, including profiling, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for you;

  • The specific pieces of Personal Data we process about you in an easily-sharable format;

  • If we disclosed your Personal Data for a business purpose, the categories of Personal Data and categories of recipients of that Personal Data for disclosure;

  • If we rely on legitimate interests as a lawful basis to process your Personal Data, the specific legitimate interests; and

  • The appropriate safeguards used to transfer Personal Data from the EEA or the UK to a third country, if applicable.

Under some circumstances, we may deny your access request. In that event, we will respond to you with the reason for the denial.

For security and legal compliance, we cannot disclose certain sensitive information like Social Security numbers, driver’s license numbers, financial account numbers, health insurance or medical IDs, passwords, or security questions and answers. However, we can inform you if we have such information without disclosing specific details.

Right to Change Your Personal Data

This is called the right to rectification. It gives you the right to ask us to correct without undue delay anything that you think is wrong with the Personal Data we have on file about you (or your child), and to complete any incomplete Personal Data.

If your account settings do not allow you to change the information yourself, please contact us and we will do our best to change the Personal Data for you.

Right to Delete Your Personal Data

This is called the right to erasure, right to deletion, or the right to be forgotten. This right means you can ask for your Personal Data to be deleted.

Sometimes we can delete your information, but other times it is not possible for either technical or legal reasons. If that is the case, we will consider if we can limit how we use it. We will also inform you of our reason for denying your deletion request.

Right to Ask Us to Limit How We Process Your Personal Data

This is called the right to restrict processing. It is the right to ask us to only use or store your Personal Data for certain purposes. You have this right in certain instances, such as where you believe the data is inaccurate or the processing activity is unlawful.

Right to Ask Us to Stop Using Your Personal Data

This is called the right to object. This is your right to tell us to stop using your Personal Data. You have this right where we rely on a legitimate interest of ours (or of a third party). You may also object at any time to the processing of your Personal Data for direct marketing purposes.

We will stop processing the relevant Personal Data unless: (i) we have compelling legitimate grounds for the processing that override your interests, rights, or freedoms; or (ii) we need to continue processing your Personal Data to establish, exercise, or defend a legal claim.

Right to Port or Move Your Personal Data

This is called the right to data portability. It is the right to ask for and receive a portable copy of your Personal Data that you have given us or that you have generated by using our Services, so that you can:

  • Move it;

  • Copy it;

  • Keep it for yourself; or

  • Transfer it to another organization.

We will provide your Personal Data in a structured, commonly used, and machine-readable format. When you request this information electronically, we will provide you a copy in electronic format.

Right to Withdraw Your Consent

Where we rely on your consent as the legal basis for processing your Personal Data, you may withdraw your consent at any time. If you withdraw your consent, our use of your Personal Data before you withdraw is still lawful.

If you have given consent for your details to be shared with a third party and wish to withdraw this consent, please also contact the relevant third party in order to change your preferences.

Right to Non-Discrimination

We will not discriminate against you for exercising any of your privacy rights. Unless the applicable data protection laws permit it, we will not:

  • Deny you goods or services;

  • Charge you different prices or rates for goods or services, including through granting discounts or other benefits or imposing penalties;

  • Provide you a different level or quality of goods or services; or

  • Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

How Can You Exercise Your Privacy Rights?

To exercise any of the rights described above, please submit a request by contacting us by email at wemixpay_privacy@wemix.com (Privacy Team).

Verification of Your Identity

In order to correctly respond to your privacy rights requests, we need to confirm that YOU made the request. Consequently, we may require additional information to confirm that you are who you say you are.

We will only use the Personal Data you provide us in a request to verify your identity or authority to make the request.

Verification of Authority

If you are submitting a request on behalf of somebody else, we will need to verify your authority to act on behalf of that individual. When contacting us, please provide us with proof that the individual gave you signed permission to submit this request, a valid power of attorney on behalf of the individual, or proof of parental responsibility or legal guardianship. Alternatively, you may ask the individual to directly contact us by using the contact details above to verify their identity with Wemade and confirm with us that they gave you permission to submit this request.

Response Timing and Format of Our Responses

We will confirm the receipt of your request within ten (10) business days and, in that communication, we will also describe our identity verification process (if needed) and when you should expect a response, unless we have already granted or denied the request.

Please allow us up to a month to reply to your requests from the day we received your request. If we need more time (up to 90 days in total), we will inform you of the reason why and the extension period in writing.

If we cannot satisfy a request, we will explain why in our response. For data portability requests, we will choose a format to provide your Personal Data that is readily useable and should allow you to transmit the information from one entity to another entity without difficulty.

We will not charge a fee for processing or responding to your requests. However, we may charge a fee if we determine that your request is excessive, repetitive, or manifestly unfounded. In those cases, we will tell you why we made that determination and provide you with a cost estimate before completing your request.

Data Integrity & Security

We are strongly committed to keeping your Personal Data safe. We have implemented and will maintain technical, administrative, and physical measures that are reasonably designed to help protect your Personal Data from unauthorized processing. Unauthorized processing includes unauthorized access, exfiltration, theft, disclosure, alteration, or destruction. Some of those measures include encryption and redaction and we also have dedicated teams to look after information security and privacy.

Right to Lodge a Complaint with a Supervisory Authority

If the EU or UK General Data Protection Regulation applies to our processing of your Personal Data, you have the right to lodge a complaint with a supervisory authority if you are not satisfied with how we process your Personal Data.

Specifically, you can lodge a complaint in the Member State of the European Union of your habitual residence, place of work, or the alleged violation of the GDPR. In the UK, you can lodge a complaint with the UK Information Commissioner’s Office.

Changes to this Policy

If we make any material change to this Policy, we will post the revised Policy to this web page. We will also update the “Effective” date. By continuing to use our services after we post any of these changes, you accept the modified Policy.

Contact Us

If you have any questions about this Privacy Policy or wish to contact the Company regarding your personal data or concerns you have about this Privacy Policy, please contact:

[WEMIX MENA. LTD.]

  • Company: WEMIX MENA. LTD.

  • Address: Desk 76, Floor No. 11, Al Sarab Tower, ADGM Square, Al Maryah Island, Abu Dhabi, United Arab Emirates

  • Email: wemixpay_privacy@wemix.com

[WEMIX PTE. LTD.]

  • Company: WEMIX PTE. LTD. (Joint Controller)

  • Address: 6 EU TONG SEN STREET #11-10W THE CENTRAL SINGAPORE (059817)

  • Phone: +65 3174 0791

  • Email: privacy@wemade.com

Please allow up to one month for us to reply.

[European Union Representative]

We have appointed VeraSafe as our representative in the EU for data protection matters. While you may also contact us, VeraSafe can be contacted on matters related to the processing of Personal Data.

[United Kingdom Representative]

We have appointed VeraSafe as our representative in the UK for data protection matters. While you may also contact us, VeraSafe can be contacted on matters related to the processing of Personal Data.

Execution Date : December 19, 2024

PreviousTerms of Service

Last updated