Privacy Policy

1. Introduction and Scope

Vertex Games Pte. Ltd. (UEN: 202211401Z), a company incorporated in Singapore (“Vertex Games,” “we,” “us,” or “our”), is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard personal data when you visit our website at vertexgames.sg (the “Site”).

This Policy applies to the Site only. Personal data collected through our games is governed by the End User License Agreement and in-game Privacy Notice applicable to each title.

We comply with applicable data protection laws, including Singapore's Personal Data Protection Act 2012 (PDPA), the EU General Data Protection Regulation (GDPR), the UK GDPR, and the California Consumer Privacy Act (CCPA) / California Privacy Rights Act (CPRA), where each applies to you based on your location.

If you do not agree with this Policy, please do not use the Site.

2. Data Controller and Data Protection Officer

The data controller for personal data collected through this Site is:

Vertex Games Pte. Ltd.
1 Fusionopolis Way, #07-01 CONNEXIS
Singapore 138632

We have appointed a Data Protection Officer (DPO) as required under the PDPA. You may contact our DPO for any data protection matters at:

Email: legal@vertexgames.sg
Subject line: “Data Protection Enquiry”

If you are located in the EU or UK, our DPO also serves as the point of contact for GDPR and UK GDPR purposes. Where required, we will appoint an EU or UK representative and update this Policy accordingly.

3. Personal Data We Collect

Data you provide directly. When you use the Site's contact forms, submit a job application, or subscribe to our newsletter, we collect information you choose to provide, which may include your name, email address, phone number, and the content of your message or application.

Data collected automatically. When you visit the Site, we automatically collect certain technical data. This includes your IP address, browser type and version, device type, operating system, referring URLs, pages visited, and the time and duration of your visit. This data is used to maintain the security and performance of the Site and to analyse usage patterns.

Cookies and tracking technologies. We use cookies and similar technologies to operate the Site and gather analytics. A full description of the cookies we use and your choices is set out in Section 8 below.

We do not collect sensitive personal data (such as racial or ethnic origin, health data, or financial account details) through this Site.

4. Legal Basis for Processing

We process your personal data only where we have a lawful basis for doing so. The legal bases we rely on are:

Consent. Where you have given us clear, specific consent — for example, by subscribing to our newsletter or accepting non-essential cookies. You may withdraw your consent at any time without affecting the lawfulness of processing before withdrawal.

Contractual necessity. Where processing is necessary to take steps at your request before entering into a contract, or to perform a contract with you — for example, processing a job application or responding to a service enquiry.

Legitimate interests. Where processing is necessary for our legitimate interests — such as improving Site performance, preventing fraud, and ensuring network security — provided those interests are not overridden by your rights and interests. We conduct a balancing assessment before relying on this basis.

Legal obligation. Where we are required to process your data to comply with applicable law, including regulatory obligations and court orders.

For users in Singapore, the PDPA's concept of deemed consent by notification applies where we have notified you of our purposes and you have not objected. However, we prefer to rely on express consent where practicable.

5. How We Use Your Personal Data

We use personal data collected through the Site for the following purposes:

• To respond to your enquiries and provide customer support;
• To process job applications and assess candidates for open positions;
• To send newsletters and marketing communications where you have opted in, and to manage opt-out requests;
• To operate, maintain, and improve the Site, including diagnosing technical issues;
• To detect, investigate, and prevent fraudulent or unlawful activity;
• To comply with legal obligations and respond to lawful requests from authorities;
• To conduct research and analytics to better understand how the Site is used.

We will not use your personal data for purposes that are incompatible with the purposes described above without notifying you and, where required, obtaining your consent.

6. Disclosure and Sharing of Personal Data

We do not sell your personal data to third parties.

We may share your personal data with:

Service providers. We engage third-party vendors to perform services on our behalf, such as website hosting, email delivery, analytics, and recruitment platform providers. These vendors are contractually bound to process personal data only as instructed by us, to maintain appropriate security measures, and not to use your data for their own purposes.

Analytics providers. We use analytics services (such as Google Analytics) to understand how visitors use the Site. Where these services operate outside Singapore, we ensure appropriate transfer safeguards are in place (see Section 9). You can opt out of Google Analytics data collection by installing the Google Analytics Opt-out Browser Add-on.

Legal and regulatory authorities. We may disclose personal data where required by law, judicial order, or to protect the rights, property, or safety of Vertex Games, our users, or others.

Corporate transactions. In the event of a merger, acquisition, or sale of assets, personal data may be transferred to the successor entity. We will provide notice before your personal data is transferred and becomes subject to a different privacy policy.

We require all third parties that receive personal data from us to maintain appropriate confidentiality and security standards consistent with this Policy and applicable law.

7. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, as follows:

• Enquiry and contact form data: Up to 2 years from the date of last contact, unless a longer period is required for legal claims.
• Job application data: Up to 2 years from the conclusion of the relevant recruitment process, in line with applicable employment law requirements. Unsuccessful applicants will be notified if we wish to retain their data for future opportunities, and their consent will be sought.
• Newsletter subscription data: For the duration of your subscription, and deleted within 30 days of an opt-out request.
• Analytics and technical logs: Up to 14 months from collection, in line with standard analytics data retention practices.
• Data subject to legal proceedings: Retained for the duration of the proceedings and any applicable limitation periods.

When data is no longer required, we securely delete or anonymise it. Anonymised data may be retained indefinitely for analytical purposes, as it can no longer identify you.

8. Cookies and Tracking Technologies

Cookies are small text files placed on your device when you visit the Site. We use the following categories of cookies:

Strictly necessary cookies enable core Site functionality such as navigation and security. They do not require your consent and cannot be disabled without affecting Site functionality.

Analytics cookies help us understand how visitors interact with the Site by collecting information about page visits, session duration, and error messages. These cookies are only placed with your consent. You may withdraw consent at any time via our Cookie Settings link in the Site footer.

Marketing and preference cookies may be used to personalise your experience or to support advertising campaigns. These are only placed with your explicit consent.

Where required by applicable law (including the GDPR and Singapore's PDPA Advisory Guidelines on electronic marketing), we obtain your consent before placing non-essential cookies. A cookie consent banner is displayed on your first visit. You may change your preferences at any time using the Cookie Settings link.

Most browsers allow you to refuse or delete cookies through your browser settings. Disabling strictly necessary cookies may affect your ability to use the Site.

9. International Transfers of Personal Data

Vertex Games is headquartered in Singapore. Personal data collected through the Site is primarily stored on servers in Singapore or in jurisdictions with adequate data protection frameworks as assessed by the relevant authorities.

Where we transfer personal data to third-party service providers located in other countries, we ensure appropriate safeguards are in place, including:

• Standard Contractual Clauses approved by the European Commission (for transfers subject to GDPR);
• International Data Transfer Agreements (for transfers subject to UK GDPR);
• Binding contractual obligations meeting the PDPA's transfer limitation obligation (for transfers subject to Singapore law);
• Transfers to countries deemed to provide adequate protection by applicable authorities.

We do not transfer personal data to countries that lack an adequate level of protection without implementing the safeguards described above.

10. Children's Privacy

The Site is not directed to children under the age of 13. We do not knowingly collect personal data from children under 13 without verified parental consent, in compliance with the US Children's Online Privacy Protection Act (COPPA), Singapore PDPA guidelines, and GDPR Article 8.

If we become aware that we have collected personal data from a child under 13 without appropriate consent, we will delete that data promptly.

For users between the ages of 13 and 18, we encourage parents and guardians to supervise their online activity. If you are a parent or guardian and believe your child has provided us with personal data without appropriate consent, please contact us at legal@vertexgames.sg.

11. Your Rights

Depending on your jurisdiction, you have the following rights regarding your personal data:

All users. You have the right to request access to the personal data we hold about you, to request correction of inaccurate or incomplete data, and to request deletion of your data where it is no longer necessary for the purposes for which it was collected.

EU and UK users (GDPR and UK GDPR). You have the additional rights to: restrict processing; receive your data in a portable, machine-readable format (data portability); object to processing based on legitimate interests or direct marketing; and withdraw consent at any time where processing is based on consent. You also have the right to lodge a complaint with your national data protection supervisory authority.

Singapore users (PDPA). You have the right to request access to and correction of your personal data held by us. You may also withdraw consent to the collection, use, or disclosure of your personal data, subject to reasonable notice and legal or contractual restrictions.

California users (CCPA / CPRA). You have the right to know what personal data we collect, use, disclose, and sell (we do not sell personal data). You have the right to delete your personal data, to correct inaccurate personal data, and to opt out of the sharing of personal data for cross-context behavioural advertising. We will not discriminate against you for exercising any of these rights.

To exercise any of these rights, please submit a request to legal@vertexgames.sg with the subject line “Data Rights Request.” We will verify your identity before processing your request and will respond within the timeframe required by applicable law (generally 30 days, extendable by a further 30 days where necessary for complex requests).

12. Data Security

We implement appropriate technical and organisational measures to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access. These measures include encryption of data in transit (TLS) and at rest, access controls, regular security assessments, and staff training on data protection obligations.

No method of electronic transmission or storage is completely secure. In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours as required by GDPR, and notify affected individuals without undue delay where required by applicable law, including the PDPA.

13. Changes to This Policy

We may update this Policy from time to time to reflect changes in our practices or applicable law. For material changes — including changes to the purposes of processing, the categories of data collected, international transfer mechanisms, or your rights — we will provide at least 30 days' advance notice by posting a prominent notice on the Site and, where we hold your email address, by sending you a notification.

Your continued use of the Site after the effective date of a material change constitutes acceptance of the revised Policy. If you do not agree to the revised Policy, please discontinue use of the Site and exercise your right to deletion as described in Section 11.

14. Contact Us

For all privacy-related enquiries, data rights requests, or concerns, please contact:

Data Protection Officer
Vertex Games Pte. Ltd.
1 Fusionopolis Way, #07-01 CONNEXIS
Singapore 138632
Email: legal@vertexgames.sg

We aim to acknowledge receipt of enquiries within 3 business days and to resolve them within 30 days. If you are not satisfied with our response, you have the right to lodge a complaint with the Personal Data Protection Commission of Singapore (pdpc.gov.sg), or with the data protection authority in your country of residence.