WinLino logo WINLINO

Privacy & Data Governance

Your gameplay, your data. Our simple rules.

WinLino exists to build gaming apps that win. That requires trust. This document isn't just legal boilerplate—it's our technical contract with you. We collect only what's necessary to function, protect it with the same intensity we use for game servers, and give you full control to delete it. No third-party data sales. No hidden tracking. Read the details below.

Сайт https://winlino.pro/ та бренд WinLino є комерційним проєктом і операційним підрозділом Товариства з обмеженою відповідальністю "Глобенто" (Код ЄДРПОУ: 44419289), зареєстрованого за адресою: Шевченківський район, вулиця Зоологічна, будинок 12/15, Київ, Україна, 04119. WinLino не є окремою юридичною особою, компанією чи суб’єктом господарювання в Польщі або будь-якій іншій юрисдикції, а діє виключно як представництво та комерційна назва Товариства з обмеженою відповідальністю "Глобенто". Усі права інтелектуальної власності, договірні зобов’язання та фінансові операції здійснюються Товариством з обмеженою відповідальністю "Глобенто".
Директор: Мартошенко Олександр.
Телефон: +38098 788 9035.

Strona internetowa https://winlino.pro/ oraz marka WinLino stanowią projekt komercyjny i jednostkę operacyjną spółki Tovarystvo z obmezhenoiu vidpovidalnistiu "Globento" (kod EDRPOU: 44419289), zarejestrowanej pod adresem: 12/15 Zoolohichna Street, Shevchenkivskyi District, Kyiv, Ukraina, 04119. WinLino nie jest odrębną osobą prawną, spółką ani podmiotem gospodarczym w Polsce ani w żadnej innej jurysdykcji i działa wyłącznie jako przedstawicielstwo oraz nazwa handlowa spółki Tovarystvo z obmezhenoiu vidpovidalnistiu "Globento".

Wszelkie prawa własności intelektualnej, zobowiązania umowne oraz rozliczenia finansowe realizowane są wyłącznie przez Tovarystvo z obmezhenoiu vidpovidalnistiu "Globento".

Adres operacyjny w Polsce (wyłącznie adres kontaktowy):
ul. Nowy Świat 1, 00-001 Warszawa, Polska
Tel.: +48 22 123 45 67
E-mail: info@winlino.pro

Godziny pracy: pon.–pt. 9:00–18:00

The Data We Actually Need to Win

Most gaming apps hoard data. We collect for function. Every data point we request is a tool for you: better latency matching, faster support, smoother gameplay. Think of it as a loadout—each piece has a purpose.

Account Data: Username, email (for login), hashed passwords. Optional: Discord/Gaming Platform IDs to sync achievements across devices. This is your core identity.

Performance Data: Device model, OS version, resolution. We analyze this to squash bugs on specific hardware configurations (e.g., fixing frame drops on mid-range Android devices).

Gameplay Telemetry: High scores, session length, feature usage. This is aggregated and anonymized. We use it to balance difficulty and prioritize feature development. We do not track individual skill levels for ranking against other players.

What We NEVER Collect

  • Full SMS or phone logs from your device.
  • Your precise physical location (geo-fencing is handled locally, not sent to our servers).
  • Biometric data (fingerprint/face ID).
  • Contacts or social graph without explicit, opt-in action.
Data flow diagram illustration

Data Flow Architecture

End-to-end encryption for all personal data in transit.

How We Use Your Data: The Breakdown

Transparent Rationale

Authentication Core

Email & hashed password to secure your account. Mandatory for saved progress across devices.

Performance Optimization

Device & OS data to patch critical bugs. We correlate crashes but never profile you.

Analytics Product

Aggregated gameplay stats to improve game balance. No individual scoring or ranking.

Support Service

Email for ticket resolution. Session ID to diagnose playback issues you report.

The Trade-off We Make

We choose long-term retention over short-term monetization. That means:

  • No 3rd-Party Ad Networks: We don't sell your attention. Your data never leaves our secure servers to an ad partner.
  • Minimal PII: We anonymize gameplay data within 90 days. You can request manual anonymization anytime.
  • Transparent Logs: All internal access to user data is logged. We publish quarterly transparency reports.

Realism Anchor: Compliance Constraint

Our architecture is designed for GDPR & CCPA compliance by default. Data deletion requests are processed within 30 days, not 90.

Your Rights, In Plain English

You own your data. We're just the custodian. Here’s how you wield that ownership.

Access & Portability

Request a machine-readable copy of all data we hold (JSON). Perfect for migrating stats to a new device.

Endpoint: /api/v1/user/export (Available after login)

Correction

Find a typo in your account email? Fix it instantly in the settings menu. No tickets required.

Scope: Profile data (email, username)

Deletion

The "Nuke" button. Deletes your account and all associated data permanently. Irreversible.

Note: In-app purchases linked to an account are non-refundable.

Where to Submit a Request

Go to Account Settings → Data & Privacy. Select your action from the dashboard. For complex requests, email our DPO directly.

Email Data Protection Officer
Settings interface mockup

Key Terms Defined

Anonymization

The process of stripping any link to your identity from gameplay data. Aggregated stats only, no personal identifiers.

Data Minimization

Our core principle: only collect the absolute minimum required for a feature to work. If we can build it without the data, we do.

Pseudonymization

A middle ground. Your ID is replaced with a random token. Allows us to analyze trends without knowing who you are.

Session Data

Temporary data (like current level, score) stored in RAM for the duration of gameplay. Wiped on app close.

Security & Retention

We treat your data like a rare in-game item: encrypted, guarded, and tracked. All personal data is encrypted at rest (AES-256) and in transit (TLS 1.3).

  • **Retention:** Account data kept while your account is active. 12 months of inactivity triggers a deletion warning. We delete after 14 months.
  • **Backups:** Encrypted backups kept for 30 days for disaster recovery. Not accessible for routine queries.
  • **Breach Protocol:** If our systems are compromised, we notify you within 72 hours (or sooner if legally required).

Audit History

Last independent security audit: Q4 2025. Summary available upon request via DPO.

Contact Our Data Protection Officer

For any privacy concerns, requests, or questions about this policy, reach out to our Data Protection Officer (DPO).

Company WinLino
Address ul. Nowy Świat 1,
00-001 Warszawa, Poland
Phone +48 22 123 45 67
Email info@winlino.pro
Hours Mon-Fri: 9:00-18:00 CET
*For GDPR requests (Right to Access, Deletion, etc.), please use the dedicated tools in your Account Settings first. For complex appeals, email the DPO directly.