Japan Addendum to Privacy Notice

Effective: ?August 16, 2024

This section applies to the personal information of Users in Japan and supplements the other sections of �й�Pվ��s Global Privacy Policy, which continue to apply.

Joint Use of Personal Data

We may jointly use collected personal data subject to the following conditions.

Personal data items to be used jointly

Items as stated in 1. INFORMATION WE COLLECT ABOUT YOU of �й�Pվ��s Global Privacy Policy.

Purpose of joint use

Purposes as stated in 2. USE OF PERSONAL DATA of �й�Pվ��s Global Privacy Policy.

Scope of joint users

�й�Pվ subsidiaries or affiliates under common corporate control with us, including �й�Pվ USA, located in Canada and USA.

Person responsible for managing personal data for joint use

Name of person responsible: �й�Pվ Inc.
Address: Suite 200 - 1001 Blvd Robert-Bourassa, Montr��al, QC H3B 0A7
Name of representative: Jason Heller, CEO

International Transfer

For the purposes stipulated in 2. Use of personal data of �й�Pվ��s Global Privacy Policy, the personal data we collect may be mainly handled in the USA and Canada, and to the extent that the applicable law allows, we may transfer our collected personal data to third parties located in the countries below. ?The links below provide details of the data protection systems in these countries provided by the Japan Personal Information Protection Commission (��PPC��).

Country/areas of the recipient third party

Summary of Personal information protection system in the country/area

Member state of the European Economic Area including Czech Republic

Member state of the European Economic Area (EEA) which has a data protection system that Japan recognizes as equivalent to that of Japan. .

Canada

Country recognized by the European Commission as offering an adequate level of data protection among private sectors, and participating in the APEC Cross-Border Privacy Rules (��CBPR��) System. No rules that may seriously impact individuals�� rights or interest have been found. .

USA

Country not recognized by the European Commission as offering an adequate level of data protection, but participating in the APEC CBPR System. No rules that may seriously impact individuals�� rights or interest have been found. .

Country has a data protection system that Japan recognized as equivalent to that of Japan and is recognized by the European Commission as offering an adequate level of data protection. .

Australia

Country not recognized by the European Commission as offering an adequate level of data protection, but participates in the APEC CBPR System. No rules that may seriously impact individuals�� rights or interest have been found. .

New Zealand

Country recognized by the European Commission as offering an adequate level of data protection among private sectors, but not participating in the APEC Cross-Border Privacy Rules (��CBPR��) System. No rules that may seriously impact individuals�� rights or interest have been found. .

South Korea

India

Country not recognized by the European Commission as offering an adequate level of data protection, nor participating in the APEC CBPR System. However, no rules that may seriously impact individuals�� rights or interest have been found. ?The Information Technology Act, 2000, and the Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011 (collectively, ��Laws��) set out at least some of the obligations of business operators, etc. or the rights of the individuals corresponding to the eight (8) principles of the OECD Privacy Guidelines. In particular, while no relevant provisions relating to the accountability principle could be found, the other seven principle of the OECD Guidelines are at least partially reflected in the Laws. .

Additionally, to the extent required by the Act on the Protection of Personal Information (��APPI��), we will put in place appropriate and reasonable measures to protect your personal data with such third parties receiving the personal data and thus ensure that such third parties will implement the measures with an adequate level required for business operators handing personal information under the APPI.

Third Parties Receiving Your Personal Data

�й�Pվ may transfer or allow the collection of your personal data to third parties overseas of the Categories of third parties in the table below. The countries where the third party is located are listed in the table below and you may find the information of its data protection system in the table above. The information in the following table is not exhaustive and may change from time to time. Please check this Notice periodically if you would like to know the latest information. ?All transfers are required for �й�Pվ to deliver you the Services, unless such transfer is specifically noted below as optional. ?Capitalized terms are defined in the Privacy Notice.

Categories of third parties

Entrusted Parties

Country to which data will be transferred

Personal Data to be Transferred

Grounds for Transfer

Method and/or Retention

Company and Affiliate(s); ?Outsourced service providers

�й�Pվ, Inc.?

�й�Pվ USA?

Deel, Inc.?

etc.

Canada

USA

As set forth in the ��Information We Collect About You�� and ��How We Share Personal Information About You�� sections of the Privacy Notice

To provide the Services, as set forth in the sections, "Use of Personal Data" and "How we Share Personal Information About You" sections of the Privacy Notice

Upon accessing and using �й�Pվ Services. ?Data will be retained for as long as you use the Services, unless additional retention is required by law or for compliance purposes.

Infrastructure, Storage, Data Analytics, Providers

Amazon WebServices, Inc.

DataBricks

Mixpanel

Google Play Services?

etc.

Canada
?
USA
?
UK
?
Europe
?
Australia
?
New Zealand
?
Japan
?
South Korea

As set forth in the ��Information We Collect About You�� and ��How We Share Personal Information About You�� sections of the Privacy Notice

To operate the technical infrastructure for the Services, process your rewards redemption, communicate with you, and secure our platform and systems

Upon accessing and using �й�Pվ Services. ?Data will be retained for as long as you use the Services, unless additional retention is required by law or for compliance purposes.

Fraud Detection Service Providers

GeoComply

Maxmind, Inc.

IPQualityScoreLLC?

etc.

Canada
?
USA
?
UK
?
Europe
?
Australia
?
New Zealand
?
Japan
?
South Korea

Account Data

Personal Data from Third Party Social Networks

Device Data

Gameplay Data

Usage Data

To prevent fraudulent conduct and harmful activity within the Services

Upon accessing and using �й�Pվ Services. ?Data will be retained for as long as you use the Services, unless additional retention is required by law or for compliance purposes.

Platform Communication

Braze Inc.?

etc.

Canada
?
USA
?
UK
?
Europe
?
Australia
?
New Zealand
?
Japan
?
South Korea

Account Data?

Usage Data?

Gameplay Data?

Device Data

To communicate with �й�Pվ users as part of the Services

Upon accessing and using �й�Pվ Services. ?Data will be retained for as long as you use the Services, unless additional retention is required by law or for compliance purposes.

Service administration

TangoCard

IC Group Inc.?

SurveyMonkey

The Rocket Science Group LLC d/b/a Mailchimp

etc.

Canada
?
USA
?
UK
?
Europe
?
Australia
?
New Zealand
?
Japan
?
South Korea

Name and contact information

To process gift card redemption and administer surveys, sweepstakes, and email marketing services

Upon accessing and using �й�Pվ Services. ?Data will be retained for as long as you use the Services, unless additional retention is required by law or for compliance purposes.

Customer Support Providers

PTW CanadaSolutions, Inc.

Zendesk

etc.

Canada

USA

Czech Republic

India

Account Data Gameplay Data Loyalty Tier Status

To provide you with customer support, to process your support request, and to contact you.

Information will be collected by email and customer support software tools.

Mobile Measurement & Analytics Partners

Appsflyer

Adjust

Singular

Tenjin

Airbridge

etc.

Canada
?
USA
?
UK
?
Europe
?
Australia
?
New Zealand
?
Japan
?
South Korea

Mobile device identifier, advertising identifier (e.g. Google advertising ID)

To credit and calculate loyalty rewards for your game discovery and engagement; and for operational purposes, including reporting, billing, and attribution.

Data is transferred when you install a game discovered on �й�Pվ or when you click on an advertisement of �й�Pվ. Data is retained for as long as you have a �й�Pվ account.

Advertising Platforms and Networks
?
(Optional data transfer)

AdAction Interactive LLC

AdColony Inc.

adjoe GmbH

Adpick

Avowtech

Applovin Corporation

Aragon Advertising, LLC

AuraBidease Inc.

Digital Turbine Media, Inc.

Facebook Inc.

Fluent, LLC

Fyber Media GmbH

Glance

Google LLC

HangMyAds

IGAworks, Inc.

InMobi Pte Ltd.

IPONWEB GmbH

Ironsource

Liftoff Mobile Inc.

Mobivity Holding Inc.

Moloco, Inc.

MyAppFree

Play2Pay

Quora Inc.

Reddit

Remerge Inc.

Revenue Universe, LLC

Septeni Co., Ltd.

Snapchat

Tapjoy Inc.

TikTok Technology Canada
Inc.

Twitter

tvScientific

Unity Technologies

Vibe.co

Vungle Inc

YouAppi Inc.

etc.

Canada
?
USA
?
UK
?
Europe
?
Australia
?
New Zealand
?
Japan
?
South Korea

Mobile device identifier, advertising identifier (e.g. Google advertising ID); IP address; ?Usage Data; Gameplay Data

Grounds for transfer is consent. ?Data transferred will be used to market and advertise the Services; and to prevent you from receiving advertisements of �й�Pվ in other channels.

Information will be collected upon consent. �й�Pվ will retain the data until you opt-out or delete account. ?Advertiser��s retention period is up to 40 days.

Effective: ?July 25, 2024

This section applies to the personal information of Users in Japan and supplements the other sections of �й�Pվ��s Global Privacy Policy, which continue to apply.

Joint Use of Personal Data

We may jointly use collected personal data subject to the following conditions.

Personal data items to be used jointly

Items as stated in 1. INFORMATION WE COLLECT ABOUT YOU of �й�Pվ��s Global Privacy Policy.

Purpose of joint use

Purposes as stated in 2. USE OF PERSONAL DATA of �й�Pվ��s GlobalPrivacy Policy.

Scope of joint users

�й�Pվ subsidiaries or affiliates under common corporate control with us, including �й�Pվ USA, located in Canada and USA.

Person responsible for managing personal data for joint use

Name of person responsible: �й�Pվ Inc.
Address: 481 Ave VigerWest, Suite 300
Montreal (QC) H2Z 1G6, Canada
Name of representative: Jason Heller, CEO

International Transfer

Country/areas of the recipient third party

Summary of Personal information protection system in the country/area

Member state of the European Economic Area including Czech Republic

Member state of the European Economic Area (EEA)which has a data protection system that Japan recognizes as equivalent to that ofJapan. .

Canada

USA

Country has a data protection system that Japan recognized as equivalent to that of Japan and is recognized by the European Commission as offering an adequate level of data protection. .

Australia

New Zealand

South Korea

India

Additionally, to the extent required by the Act on the Protection ofPersonal Information (��APPI��), we will put in place appropriate and reasonablemeasures to protect your personal data with such third parties receiving the personal data and thus ensure that such third parties will implement themeasures with an adequate level required for business operators handing personal information under the APPI.

Third Parties Receiving Your Personal Data

Categories of third parties

Entrusted Parties

Country to which data will be transferred

Personal Data to be Transferred

Grounds for Transfer

Method and/or Retention

Company and Affiliate(s); ?Outsourced service providers

�й�Pվ, Inc.?

�й�Pվ USA?

Deel, Inc.?

etc.

Canada

USA

As set forth in the ��Information We Collect About You�� and ��How We Share Personal Information About You�� sections of the Privacy Notice

To provide the Services, as set forth in the sections, "Use of Personal Data" and "How we Share Personal Information About You" sections of the Privacy Notice

Upon accessing and using �й�Pվ Services. ?Data will be retained for as long as you use the Services, unless additional retention is required by law or for compliance purposes.

Infrastructure, Storage, Data Analytics, Providers

Amazon WebServices, Inc.

DataBricks

Mixpanel

Google Play Services?

etc.

Canada

USA

UK

Europe

Australia

New Zealand

Japan

South Korea

As set forth in the ��Information We Collect About You�� and ��How We Share Personal Information About You�� sections of the Privacy Notice

To operate the technical infrastructure for the Services, process your rewards redemption, communicate with you, and secure our platform and systems

Upon accessing and using �й�Pվ Services. ?Data will be retained for as long as you use the Services, unless additional retention is required by law or for compliance purposes.

Fraud Detection Service Providers

GeoComply

Maxmind, Inc.

IPQualityScoreLLC?

etc.

Canada

USA

UK

Europe

Australia

New Zealand

Japan

South Korea

Account Data

Personal Data from Third Party Social Networks

Device Data

Gameplay Data

Usage Data

To prevent fraudulent conduct and harmful activity within the Services

Upon accessing and using �й�Pվ Services. ?Data will be retained for as long as you use the Services, unless additional retention is required by law or for compliance purposes.

Platform Communication

Braze Inc.?

etc.

Canada

USA

UK

Europe

Australia

New Zealand

Japan

South Korea

Account Data

Usage Data

Gameplay Data

Device Data

To communicate with �й�Pվ users as part of the Services

Upon accessing and using �й�Pվ Services. ?Data will be retained for as long as you use the Services, unless additional retention is required by law or for compliance purposes.

Service Administration

TangoCard

IC Group Inc.?

SurveyMonkey

The Rocket Science Group LLC d/b/a Mailchimp

etc.

Canada

USA

UK

Europe
?
Australia

New Zealand

Japan

South Korea

Name and contact information

To process gift card redemption and administer surveys, sweepstakes, and email marketing services

Upon accessing and using �й�Pվ Services. ?Data will be retained for as long as you use the Services, unless additional retention is required by law or for compliance purposes.

Customer Support Providers

PTW CanadaSolutions, Inc.

Zendesk

etc.

Canada

USA

Czech Republic

India

Account Data

Gameplay Data

Loyalty Tier Status

To provide you with customer support, to process your support request, and to contact you.

Information will be collected by email and customer support software tools.

Mobile Measurement & Analytics Partners

Appsflyer

Adjust

Singular

Tenjin

Airbridge

etc.

Canada

USA

UK

Europe

Australia

New Zealand

Japan

South Korea

mobile device identifier, advertising identifier (e.g. Google advertising ID)

To credit and calculate loyalty rewards for your game discovery and engagement; and for operational purposes, including reporting, billing, and attribution.

Data is transferred when you install a game discovered on �й�Pվ or when you click on an advertisement of �й�Pվ. ?Data is retained for as long as you have a �й�Pվ account.

Advertising Platforms and Networks

(optional data transfer)

Canada

USA

UK

Europe

Australi

New Zealand

Japan

South Korea

mobile device identifier, advertising identifier (e.g. Google advertising ID); IP address; Usage Data; Gameplay Data

Grounds for transfer is consent. ?Data transferred will be used to market and advertise the Services; and to prevent you from receiving advertisements of �й�Pվ in other channels.

Information will be collected upon consent. ?�й�Pվ will retain the data until you opt-out or delete account. ?Advertiser��s retention period is up to 40 days.

�й�Pվ

JAPAN ADDENDUM TO MISTPLAY PRIVACY NOTICE

Effective: ?August 16, 2024

Joint Use of Personal Data

International Transfer

Third Parties Receiving Your Personal Data

Effective: ?July 25, 2024

Joint Use of Personal Data

International Transfer

Third Parties Receiving Your Personal Data