> For the complete documentation index, see [llms.txt](https://brn-metaverse.gitbook.io/whitepaper-v1.7/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://brn-metaverse.gitbook.io/whitepaper-v1.7/game-overview-endless-clash/privacy-policy-and-personal-data-protection-kvkk-clarification.md). # Privacy Policy and Personal Data Protection (KVKK) Clarification Effective Date: April 10, 2026 This Privacy Policy and Personal Data Protection (KVKK) Clarification Text explains how your personal data is collected, used, transferred, stored, and protected within the scope of the Endless Clash game and related services ("Services") operated by BRN Metaverse YAZILIM ANONİM ŞİRKETİ (“Company”). It also outlines your rights pursuant to the Law No. 6698 on the Protection of Personal Data (“KVKK”) and, to the extent applicable, international data protection standards. *** #### 1. Identity of the Data Controller Your personal data is processed by the following company in its capacity as the Data Controller: * **Trade Name**: BRN Metaverse YAZILIM ANONİM ŞİRKETİ * **Address**: Yayla Mahallesi Şinasi Dural Caddesi No: 1 Tuzla / İstanbul, Türkiye * **Tax Identification Number**: 1871558308 * **Registered Electronic Mail (KEP)**: * **Support Email**: *** #### 2. Processed Personal Data, Purposes, and Legal Grounds Your personal data is processed based on the conditions set forth in Article 5 of the KVKK for the following purposes: **A. Account, Identity, and Account Linking Data** * Processed Data: Player nickname, player ID, e-mail address, account status information, and data regarding the association of the account with Google Play, Apple, or e-mail accounts. * Purposes: Creation and management of your game account, execution of login and authentication processes, ensuring account security, fulfilling support requests, account linking/synchronization, and delivery of Services. * Legal Ground: Necessity for the establishment or performance of a contract. **B. Guest Account and Local Game Data** * Processed Data: Guest account status, temporary user identifiers linked to the device, local game progress data, and records that may be transferred to a permanent account upon subsequent linking. * Purposes: Enabling users to start the game with a guest account, temporary preservation of game progress, and the transfer/synchronization of progress to a permanent account (Google Play, Apple, or e-mail) if linked later. * Legal Ground: Necessity for the establishment or performance of a contract and the legitimate interests of the data controller. **C. Usage, In-Game Behavior, and Analytics Data** * Processed Data: Game progress, level/battle progression, tutorial completion status, in-game interactions, session duration, retention data, and analytical records regarding player behavior. * Purposes: Improving the game experience, optimizing game mechanics, managing difficulty levels and matchmaking, conducting in-game balancing studies, and analyzing player engagement and performance. * Legal Ground: Performance of a contract and the legitimate interests of the data controller. **D. Financial Transaction and Purchase Data** * Processed Data: In-app purchase history, purchased packages, payment confirmation info, and store-sourced transaction/receipt data. * Purposes: Crediting purchased content to your account, managing order and refund processes, verifying in-app purchase records, and fulfilling applicable accounting and tax obligations. * Important Note: We do not process or store your credit or debit card information. Payment transactions are handled directly through Apple App Store or Google Play Store infrastructure. * Legal Ground: Establishment, exercise, or protection of a right and fulfillment of legal obligations. **E. Technical, Device, and Security Data** * Processed Data: IP address, device model, operating system information, application version, crash reports, technical error logs, and security/session identifiers. * Purposes: Identification and resolution of technical issues, ensuring the application functions correctly on your device, performance improvements, execution of cybersecurity processes, and detection/prevention of abuse or fraudulent attempts. * Legal Ground: Legitimate interests of the data controller and fulfillment of legal obligations. **F. Attribution, Campaign Measurement, and Advertising Identifiers** * Processed Data: Advertising identifiers (e.g., IDFA/GAID), campaign source information, attribution data, and measurement records related to ad performance. * Purposes: Measuring the performance of user acquisition campaigns, analyzing the advertising source of installations, evaluating advertising budget efficiency, and assessing campaign quality. * Legal Ground: Legitimate interests of the data controller; however, on iOS devices, operations categorized as "tracking" and access to advertising identifiers are only conducted if Apple App Tracking Transparency (ATT) permission is granted. Additional user consent or opt-in mechanisms may be applied in specific jurisdictions. **G. Data Regarding Rewarded Ad Usage** * Processed Data: Rewarded ad view information, validation records regarding whether an ad was completed, in-game rewards granted in exchange for ads, and relevant session/technical validation data. * Purposes: Operating rewarded ad features provided upon user request, verifying ad views, granting the relevant in-game reward, measuring ad performance, and preventing abuse. * Important Note: Certain ads in the game are displayed only upon the user's explicit choice. For example, a user may choose to watch an ad to gain an in-game advantage. Such ads are not shown automatically, mandatorily, or unexpectedly. * Legal Ground: Legitimate interests of the data controller; on iOS devices, access is subject to ATT permission. *** #### 3. Method of Personal Data Collection Your personal data is collected electronically through automatic or semi-automatic methods when you use our Services, start the game as a guest, create or link an account, perform in-app interactions, or contact us via support channels. In this context, SDKs, APIs, system logs, store infrastructures, local storage mechanisms, and support systems may be utilized. *** #### 4. To Whom and For What Purpose Personal Data May Be Transferred Your personal data may be transferred only to the extent necessary and limited to the following purposes: * Analytics and Measurement Service Providers: Data may be transferred to service providers such as Firebase Analytics ([Firebase Privacy Policy](https://firebase.google.com/support/privacy)) and Adjust ([Adjust Privacy Policy](https://www.adjust.com/terms/privacy-policy)) for analyzing user behavior, measuring app performance, tracking retention, and event analysis. * Marketing and User Acquisition Channels: Limited data may be shared with marketing channels such as Meta ([Meta Privacy Policy](https://www.facebook.com/privacy/policy/)), TikTok ([TikTok Privacy Policy](https://www.tiktok.com/legal/page/us/privacy-policy/en)), Google Ads ([Google Ads Privacy Policy](https://support.google.com/adspolicy/answer/54817?hl=en)) and Unity ([Unity Privacy Policy](https://unity.com/legal/game-player-and-app-user-privacy-policy)) to measure campaign performance and conduct attribution. * Rewarded Ad Service Providers: If the optional rewarded ad feature is used, data may be shared with ad providers to verify completion and deliver rewards. * Platform Providers: We may share limited data with app store providers such as Apple and Google in connection with in-app purchases, subscription status tracking (renewal, cancellation), verification, billing, delivery, and account linking processes. Your payment transactions are processed directly through these platforms; therefore, direct financial data, such as your credit card number, is neither collected nor stored by us. * Authorized Public Institutions: Data may be disclosed to courts, regulatory bodies, and other authorized public authorities upon lawful request. * International Transfers: Since the servers of our service providers may be located abroad, your personal data may be transferred abroad in accordance with Article 9 of the KVKK, based on valid transfer mechanisms and appropriate technical/administrative measures. *** #### 5. App Tracking Transparency (ATT) and Automated Profiling On iOS devices, the use of in-app data for tracking and access to advertising identifiers is only carried out if you grant Apple ATT permission. If you do not grant permission, core application functions remain unaffected; however, attribution and personalized rewarded ad performance may be limited. Limited automated profiling may be conducted for in-game balancing and matchmaking; these processes do not produce adverse legal effects for you. *** #### 6. Data Retention and Account Deletion Policy * Account Deletion: You may delete your account and associated data via the “Settings > Delete Account” path within the application. You may also [submit a deletion request ](https://docs.google.com/forms/d/e/1FAIpQLSd1O5IQf1xBn22hN0lT1sI8NlvGccl1i2GjJhCOV-FrDpeBoA/viewform)via the form on our official website. * Guest Accounts: Data for guest accounts is stored locally or associated with a temporary ID. This data may be lost if the app is uninstalled or the account is not linked to a permanent one. * Retention Periods: Upon a deletion request, game progress and account data are deleted or anonymized. However, financial records may be kept for 10 years and technical/security logs for up to 2 years due to legal obligations. *** #### 7. Children’s Privacy and Regional Age Limits Our Services are not directed to children under the age of 13 in the United States. In the EEA and other jurisdictions, the age of digital consent varies by local law. We do not knowingly collect data from children below these limits. If such data is discovered to have been processed, the account will be closed and the data deleted. *** #### 8. Data Security and Breach Notification Reasonable technical and administrative measures are implemented to ensure data security. In the event of a personal data breach, the situation will be reported to the relevant authorities and affected users within the periods prescribed by law. *** #### 9. Your Rights Under Article 11 of the KVKK You have the right to: * Learn whether your personal data is being processed, * Request information if processed, * Learn the purpose of processing and whether it is used accordingly, * Know the third parties to whom data is transferred (domestically or abroad), * Request correction of incomplete or inaccurate data, * Request deletion or destruction of data under KVKK conditions, * Object to outcomes resulting exclusively from automated analysis, * Claim compensation for damages arising from unlawful processing. *** #### 10. Application Method You may submit your formal requests via: 1. **Written Application**: To Yayla Mahallesi Şinasi Dural Caddesi No: 1 Tuzla / İstanbul. 2. Via KEP: To **** . 3. Via Email: To **** (only via your email address previously registered in our system). **Requests will be finalized as soon as possible and within 30 days at the latest, depending on the nature of the request.** --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://brn-metaverse.gitbook.io/whitepaper-v1.7/game-overview-endless-clash/privacy-policy-and-personal-data-protection-kvkk-clarification.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.