This Summary Privacy Policy ("Summary") explains how we, the data controller, Aniplex Inc. (4-5 Rokubancho, Chiyoda-ku, Tokyo, 102-8353 Japan) (“Aniplex”) and any legal entities controlled by Aniplex which are listed under https://www.aniplex.co.jp/eng/ (“We”, "Us" and "Our") collect, use, disclose and/or store information or data of any kind about or related to you ("Personal Data") in connection with Our service “Madoka Magica Magia Exedra” including, application ("Application") and Our website https://madoka-exedra.com/en/ (collectively, the “Service”). It also describes your data protection rights, including your right to object to some of the processing which We carry out. More information about your rights, and how to exercise them, is set out in the Full Privacy Policy below.

• 1. Scope of Applicability
  This Summary sets out an overview of the Full Privacy Policy below which applies to you if you use the Service.
  
  
• 2. Processing of your Personal Data
  We collect and use the following Personal Data related to your use of the Service:
  a. Information you provide to Us, such as registration information, e.g., user name.
  b. Information that We collect automatically (if required, subject to your consent), such as your IP address or other identifiers. If you download and use Our Application through the Play Store, you will be asked whether you consent to Our collection and use of the Android Advertising ID (AAID).
  c. Information We receive from third parties, e.g., service providers that work on Our behalf, which may provide Us with information that is necessary to validate your transaction; other Service users, for example who report your in-Application behaviour to Us; and our third party advertising and social media partners.
  
  
• 3. Processing Purposes
  We collect and use your Personal Data related to your use of the Service (collectively, the "Collected Data") to provide you with features and functions of the Service.
  
  
• 4. Legal Justifications for the Processing of the Collected Data
  One of the key privacy law requirements is that any processing of Personal Data has to have a legal justification.
  
  
• 5. Data transfers and Recipients including International Data Transfers
  In accordance with applicable law, We transfer your Personal Data to Our service providers, including Our affiliates, and other third parties. Some of the aforementioned recipients are located in jurisdictions outside the European Union and European Economic Area (jointly the "EU") such as the UK, the United States, Japan and/or other jurisdictions that may not provide the same level of data protection as your home country/region. In the absence of an adequacy decision of the EU Commission (which currently exists for transfers to the UK, Japan and the US where the recipient has registered with the Data Privacy Framework), We put in place appropriate measures to ensure that your Personal Data are adequately protected at all times (including – the appropriate standard contractual clauses provided by the EU Commission or a vendor's Processor Binding Corporate Rules).
  
  
• 6. Retention periods for and deletion of Collected Data
  Collected Data will generally be deleted once they are no longer needed for the purposes motivating their original collection or as required by applicable law.
  
  
• 7. Your statutory rights
  As set forth by applicable law, you have certain rights with regard to the processing of your Personal Data, each as per the conditions defined in applicable law and further explained in the Full Privacy Policy, namely the right to get access to your data (including a right to obtain a copy), to get them rectified, erased, or transferred (data portability), as well as the right to restrict and object (to) Our processing. Where we are relying on your consent, you also have the right to withdraw consent to Our processing at any time. In the EU, please refer any of your questions to support_en@madoka-exedra.com.
  
  
• 8. How to Delete Your Account
  You may delete your account by taking the steps set out in the Full Privacy Policy below.
  
  
• 9. Changes to this Privacy Policy
  From time to time, We may have to update this Privacy Policy. We will let you know of any material changes to this Privacy Policy through your account.
  
  
• 10. Contact Information and how to contact Us
  If you have questions or concerns regarding this Privacy Policy, you should first contact Aniplex. You can contact Us about this Privacy Policy by writing to Us at:
  Name: Aniplex Inc.
  Address: 4-5 Rokubancho, Chiyoda-ku, Tokyo, 102-8353 Japan
  Email: support_en@madoka-exedra.com
  
  If you are in the EU, please contact Our representative in the EU:
  Name: Sony Europe BV
  Address: Taurusavenue 16, 2132LS Hoofddorp, the Netherlands
  Email: privacyoffice.SEU@sony.com
  
  
• 11. Complaints
  In case of complaints, you also have the right to lodge a complaint with the competent supervisory authority, in particular in the Member State of your habitual residence or alleged infringement of the GDPR. For a list of EU national data protection authorities, please click here. For contact details of the Swedish, Polish, Norwegian and Danish data protection authorities, please refer to paragraph 10 of the Full Privacy Policy.

This Full Privacy Policy explains how we, the data controller, Aniplex Inc. (4-5 Rokubancho, Chiyoda-ku, Tokyo, 102-8353 Japan) (“Aniplex”) and any legal entities controlled which are listed under https://www.aniplex.co.jp/eng/ (the term “control” in this context means the direct or indirect ownership of at least fifty percent (50%) of the voting interest in such corporation or the power in fact to control the management decisions of such entity) by Aniplex (including, Aniplex of America Inc., a wholly owned subsidiary of Aniplex Inc.) (“We”, "Us" and "Our") collect, use, disclose and/or store information or data of any kind (e.g., user name, account ID, email address etc.) about or related to you, even if such information cannot directly identify you on its own but can be used in combination with other information that is stored by Us ("Personal Data") in connection with Our Service “Madoka Magica Magia Exedra” including, application ("Application") and Our website https://madoka-exedra.com/en/ whether accessed via computer, mobile device or other technology (collectively, the “Service”). It also describes your data protection rights, including your right to object to some of the processing which We carry out.

• 1. Scope of Applicability
  This Privacy Policy applies to you if you use the Service.
  
  
• 2. Processing of your Personal Data
  We process the following Personal Data related to your use of the Service (collectively, the “Collected Data”):
  
  a. Personal Data you provide to Us:
  
  • Contact information such as email address.
  • Unique identifiers such as country/region of residence, date of birth, user name, account ID.
  • Preference and other information such as favourite character(s).
  • A user name and an account ID is necessary to use the Service. If you choose not to provide necessary information, you may not be able to access or participate in the whole or a part of the Service or a particular feature We offer.
  • We may offer social features like text chat or message. When you use these features, the information you share may be seen or heard by others, including users who can access public chats but who you may not be directly speaking to. We may collect and use the information you provide, including to moderate the content to enforce Our Terms of Use. If you disclose any information relating to other people, to Us, or to Our service providers in connection with the Application using such social features, We may use the information in accordance with this Privacy Policy.
  
  b. Personal Data We collect by technical means:
  In addition to any information that you choose to provide to the Service, whenever you use, visit or interact with the Service, We, as well as any third-party analytics providers or other service providers, may (subject to your consent where necessary under applicable laws) use a variety of technologies that automatically or passively collect information about how the Service is accessed and used, including but not limited to, domain name, internet service provider, network type, browser type and version, operating system, language settings, device model, device settings, device state (accelerometer, gyro, battery, light), Application information, software development kit (SDK) ID and version, install and use of the Application, action within the Application, crash and error report, the page and ad served or clicked, time on the Service, and the preceding page views, which might be qualified as Personal Data ("Usage Information"). We may also automatically (if required, subject to your consent), collect your IP address or other unique identifiers such as identifier for advertisement (IDFA/AAID), identifier for vendor (IDFV/ ANDROID ID) and push notification token (collectively, "Device Identifiers") for the computer, mobile device, technology or other device (collectively, "Devices") you use to access the Service. A Device Identifier is a number that is automatically assigned to your Device when you access a property or its servers, and Our computers identify your Device by its Device Identifier. If you download and use Our Application through the Play Store, you will be asked whether you consent to Our collection and use of the Android Advertising ID (AAID). Some mobile service providers (if required, subject to your consent) may also provide Us or Our third-party service providers with information regarding the physical location of the Device used to access the Service. The technologies used on the Service to collect Usage Information, including Device Identifiers, include:
  
  
  • Cookies, which may be html files, Flash files or other technology, are small text files that help store user preferences and activity ("Cookies"). A Cookie (if required, subject to your consent) may be placed on a Device when that Device is used to access or visit the Service. Cookies may be used for purposes such as remembering you and your preferences, tracking your visits to the Service and customizing your experience on the Service. You may configure your browser or Device to block the use of certain cookies. You may also make use of Our cookie consent tool to amend your choices, which can be found https://madoka-exedra.com/en/. However, please note that if you choose to disable cookies on your Device, some features of the Service and Our online offerings may not function properly.
  • Web Beacons, also known as image tags, pixel tags, clear GIFS or web bugs, are small pieces of code used to collect advertising data, such as counting page views, promotion views or advertising responses (“Web Beacons”). Web Beacons or similar technologies may be used for various purposes, including, without limitation, to count visitors to the Service, to monitor how users navigate the Service, to count how many sent emails were actually opened or to determine whether content sent was actually viewed.
  • Embedded Scripts: An embedded script is programming code that is designed to collect information about your interactions with the Service, such as the links you click on. The code is temporarily downloaded onto your Device from Our server or a third-party service provider, is active only while you are connected to the Service, and is deactivated or deleted thereafter.
  • Ad Serving and Traffic Measurement Services
    We license technology to serve advertisements on the Service and within its videos and other content as that content is served across the Internet. In addition, We may use third party network advertisers to serve advertisements on the Service and third-party analytics service providers (such as Google Analytics https://policies.google.com/technologies/partner-sites?hl=en) to evaluate and provide Us with information about the use of the Service and viewing of Our content. We do not share the information that you provide to Us, such as your name and/or email address with these third parties, but ad network providers, the advertisers, the sponsors, and/or analytics service providers may set and access their own cookies, web beacons and embedded scripts on your Device from the Service. These cookies, web beacons, and embedded scripts may collect personal information or other information about your use of the Service over time and other third-party websites or applications and they may otherwise collect or have access to information about you, including Usage Information. Cookies and web beacons, including those set by third party network advertisers, may be used to target advertisements; analyse user demographic data; analyse user attribution (i.e. which ads have brought you to Our Services); analyse user engagement and purchase behaviour; prevent you from seeing the same advertisements too many times; and conduct research regarding the usefulness of certain advertisements to you. Embedded content and plugins. Please note that third parties may collect personal information about your online activities over time and across different websites when you visit or use the Service or other online websites and services. For example, some third parties' embedded content or plugins on the Service, such as social media sharing tools, allow their operators to learn that you have visited or interacted with the Service, and they may combine this information with other, identifiable information they have collected about your visits to other websites or online services. These third parties may handle this information, and other information they directly collect through their content and plugins, pursuant to their own privacy policies. Joint control statement: In some circumstances We may act as a “joint controller” with such companies – for example, if We collect your Personal Data through Facebook’s Pixel for this activity, We are a Joint Controller with Meta Platforms Ireland Ltd which means We are providing you with the transparency information you are entitled to as part of this notice, but you should contact Meta Platforms Ireland Ltd if you wish to exercise your data protection rights. Further information, including how Meta Platforms Ireland Ltd enables you to exercise your data protection rights, and subsequently processes your information as independent data controller can be found in Meta Platforms Ireland Ltd’s Privacy Policy.
    Online Tracking. Some web browsers incorporate a “Do Not Track” feature that signals to websites that you visit that you do not want to have your online activity tracked. How browsers communicate the Do Not Track signal is not yet uniform. For this reason, the Service do not respond to such signals, except where required by law. Cookie Management Tool. You can either allow or refuse Us to set and use Cookies and similar technologies by setting your preference on the Cookie Preference Centre.
  
  c. Personal Data We Receive from Third Parties
  
  • (1) Transactions:
    You may purchase certain items from the Service. This Privacy Policy applies to any Personal Data you provide in connection with any such purchases. In　some instances, you may be directed to a third party site to initiate your transaction. These third party sites will be clearly identified and link to their own privacy policies so you know which company is collecting your Personal Data. We only receive Personal Data necessary to allow Us to fulfil any purchases you make such as tokens and other information necessary for the payment. You should refer to those third party policies for any privacy-related concerns regarding your purchase with them.
  • (2) Other Service users:
    Other Service users may report each other and submit information about their in-Application activity and actions to help Us determine if the reported behaviour constituted a violation of rules and procedures that apply to user conduct, as well as any potential repercussions (such as temporary or permanent account suspensions or chat restrictions). We also record and store, and reserve the right (but have no obligation) to monitor chat and similar details about optional interactions in accordance with applicable law for a period we determine is appropriate to help Us, among other things, address disruptive behaviour, improve Our services, enforce Our rules and policies and Terms of Use, comply with Our legal obligations under online safety and digital services regulations, and foster a more positive environment in the Application for Our users.
  • (3) Third parties We work with:
    We may receive Personal Data about you from Our third party partners. If you use another service and you opt-in to receive information from Us, or if you link your Application account with an external account (e.g. your Google account), the relevant service provider may forward to Us your email address and other Personal Data so that We may contact you as requested or so we can authenticate you. We may also supplement the Personal Data We have collected from you directly with information from third parties such as (i) information that is publicly available on the Application’s official channel or account on a third-party platform such as Discord or X, or (ii) device identifiers such as cookies and other information needed to engage in targeted advertising, to enhance Our ability to serve you, to tailor Our content to you and to offer you opportunities to purchase products, contents or services that We believe may be of interest to you. We may combine the Personal Data We receive from these third parties with the Personal Data We have collected from you directly. In those cases, We will apply this Privacy Policy to any Personal Data received, unless We have disclosed otherwise.
  • (4) Social Media Applications:
    Functionality on the Service may permit interactions between the Service and third-party properties, such as Facebook and X. Such functionality enables you to “like” a product or online content, “share” content to other properties, and otherwise link the Service with another third-party property. If you choose to “like” or “share” content or to otherwise post information from or via the Service to a third-party property, that information may become public and the third-party property may have access to your Personal Data and information regarding your use of the Service. You may also choose to participate in a third-party application or feature (such as Apple, Google, X, Discord, LINE, Facebook applications or a similar application or feature on a third-party property, or otherwise linking the Service with another property) through which you allow Us to collect (or the third party to share) your Personal Data. When you choose to participate, you may be opting to link your activity on the Service with that third-party property, which may then collect information about your visits to the Service and may publish that activity as you request to your "profile" or similar feature with that third party (such as if you choose to share content you find on one of the Service with your "connections" on the third party's property). The Personal Data We collect is subject to this Privacy Policy. However, the Personal Data collected and stored by the third party remains subject to the third party's privacy practices, including whether the third party continues to share information with Us or with other third parties, the types of information shared, and your choices regarding what is visible to others on that third party's property. The third party may allow you to remove an application or feature, in which case We will no longer collect Personal Data about you through the application or feature, but We may retain the Personal Data previously collected in accordance with this Privacy Policy. In some circumstances we will be a joint controller with the third parties described in this paragraph. For more information see the “Joint control statement” above.
  
  
• 3. Processing Purposes
  We will use the Collected Data for the following purposes:
  a. Account Creation: We use your credential information to create your account that can be used to sign-in to the Service and to enable other related services such as (i) enabling users to transfer the user's Application Data to the user's other Device(s) and enable the user to get in-Application items as a benefit of linking their third-party social media such as Apple ID/Google account/X account/Facebook account to their Application account; (ii) buying in-Application currency through Our online site; and (iii) enabling you to engage with the Application community and participate in events, surveys, etc. conducted by Us or third parties in connection with the Application.
  b. Service Provision: We use the Collected Data to operate, maintain, enhance and provide features and functions of the Service, including processing your registration, your purchased orders and your payments, and providing functions for playing matches and cooperative plays in the Application.
  c. Moderation of Our social channels: We may monitor, collect and use the information you provide via your use of social channels to moderate the content to enforce Our Terms of Use, in accordance with applicable law.
  d. Communications: We use the Collected Data to communicate with you about the Service for administrative and informational purposes. Examples of said communications include responses to your inquiries or requests, customer support-related communications and changes to any of Our terms & conditions or policies, We also use the Collected Data to send you direct marketing communications.
  e. User Experience: We use the Collected Data to personalize your experience on the Service, and to advertise to you on the Service or on other services by providing you with tailored information of products, contents and services, as well as recommendations, advertisements, promotions, or offerings that may be of interest to you;
  f. Improvement and Development of Our services and ad campaigns: We use the Collected Data to optimize and improve Our services, including the Service, and to develop new products, contents, services, features and functions by analysing and understanding the usage trends and preferences of Our users, trends in bugs/errors on the Service, and how Our users interact with Our marketing activities;
  g. Compliance with Law: We use the Collected Data to ensure compliance with Our internal policies, agreements with Our stakeholders, applicable laws and regulations, court orders, government and law enforcement requests. We also use the Collected Data to enforce or defend Our legal rights or the terms and conditions of any Our service, or to retain and store your personal information to comply with specific legal retention requirements, regulatory audits, and other record keeping purposes (including to meet internal and external audit requirements).
  h. Fraud prevention and investigation: We will use the Collected Data to comply with monitoring, prevention, detection and investigation obligations, laws associated with the identification and reporting of illegal and illicit activity, including fraud and anti-money laundering, and financial reporting obligations.
  i. Security: We will use the Collected Data to maintain the integrity and security of Our websites, contents and services and preventing and detecting security threats, fraud or other criminal or malicious activity that might compromise your Devices.
  
  
• 4. Legal Justifications of the Processing of your Personal Data
  We rely on the following legal bases for processing the Collected Data:
  a. Performance of Contract, Art 6 (1)(b) GDPR: We use the Collected Data to provide you with the Service. For example, We use your account information to verify your identity, provide you with the access to the Service, communicate with you regarding your use of the Service or notify you of important changes to the Service. Such use is necessary for the performance of the contract between you and Us.
  b. Legitimate Interest, Art 6 (1)(f) GDPR: We, or a third party, have legitimate interest in using the Collected Data. In particular, and only where consent is not relied on and obtained , We have a legitimate interest in using the Collected Data to improve and develop Our products, contents and services, to effectively manage Our Service by sending you administrative communications, to personalize your experience on the Service and provide you with tailored information of products, contents and services, to provide you with customer support and security by ensuring the messages left on Our social channels don’t breach Our Terms of Use, and improve the safety, security, and performance of the Service. When We process the Collected Data for Our legitimate interests, We make sure to consider and balance any potential impact on you, and your interests, rights and freedom under any applicable laws. We will not use the Collected Data for any processing where Our interests are overridden by the impact on you, unless We have your consent for Our processing, or otherwise required by law. You have the right to object to processing that is based on Our legitimate interests, as indicated in Section 8 below. As regards cookies and similar technologies defined in the Section (Personal Data We collect by technical means): The placement and subsequent processing of strictly necessary cookies (i.e. cookies which are technically necessary for the functioning and management of the website, Service or Application) is based on Our legitimate interest in order to provide you with an expressly requested tele media service. Our legitimate interest is to provide you with a technically optimised, user-friendly and appropriate website, Service or Application.
  c. Legal Obligation, Art. 6 (1)(c) GDPR: We have a legal obligation under EU and/or Member State Law to use the Collected Data, such as the obligation to moderate the Service in accordance with online safety and digital services legislation, to monitor, prevent, detect and investigate illegal and illicit activity, including fraud and anti-money laundering, and the obligation to provide financial reporting.
  d. Consent, Art. 6 (1)(a) GDPR: If you have provided your prior consent, We may send you information by email or through other electronic communications on Our products, contents and services, or other promotions, etc. You can withdraw your consent to receiving this information in accordance with the instructions provided as part of Our communications or in Our marketing preference centre. As regards the use of cookies and similar technologies defined in the Section (Personal Data We collect by technical means), We use other cookies and similar technologies which are not strictly necessary only with your consent. If you download and use Our Application through the Play Store, you will be asked whether you consent to Our collection and use of the Android Advertising ID (AAID). Where Our processing is made based on your consent, you have the right to withdraw your consent at any time, as indicated in Section 8 below or you may also make use of Our cookie consent tool to amend your cookie choices, which can be found https://madoka-exedra.com/en/.
  
  The table below summarises the Personal Data processed for the respective purposes as well as the applicable legal basis.
  

  Processing Purposes	Collected Data involved	Legal justification
  Account Creation	registration information (user name, account ID, consent preferences)	Performance of Contract Consent preferences – Legal Compliance (Our obligations under applicable data protection laws)
  Service Provision	registration information (user name, account ID), IP address, other Device Identifiers	Performance of Contract
  Moderation of Our social channels	text chat, messages, registration information (user name, account ID), usage information (in-Application actions) Device Identifiers	Our legitimate interest in providing you with customer support and security by ensuring the messages left don’t breach Our Terms of Use To the extent Our moderation activities are conducted in order to comply with Our obligations under applicable online safety and digital services legislation – Legal Compliance
  Communications	User name, email, date of birth	Marketing communications – Consent Service communications – legitimate interest (Our interest in effectively managing Our Service) or Performance of Contract, as applicable
  User Experience	Usage Information, IP address, other Device Identifiers, cookie ID, Email	Consent, otherwise (where consent is not relied on and obtained) We have a legitimate interest in personalising your experience on the Service and providing you (or those with similar interests to you) with tailored information of products, contents and services
  Improvement and Development of Our services and ad campaigns	Usage Information, IP address, other Device Identifiers, cookie ID	Service improvement analytics – Consent, otherwise (where consent is not relied on and obtained) We have a legitimate interest in using the Collected Data to improve and develop Our products, content and services Ad-related campaign analytics – Consent
  Compliance with Law	Registration information, Usage Information, text chat, messages, IP address, other Device Identifiers	Legal Compliance
  Fraud prevention and investigation	registration information, Usage Information, text chat, messages, IP address, other Device Identifiers	BLegitimate Interest (Our interest in protecting users from fraud on Our services) Legal Compliance
  Security	registration information, Usage Information, IP address, other Device Identifiers	Legitimate Interest (Our interest in improving the safety, security, and performance of the Service) Anti-cheat - Performance of Contract

  
  
  
• 5. Data transfers and recipients and legal justification for such transfers
  When you use social features on the Service such as text chat, the information you share may be seen or heard by others, including users who can access public chats but who you may not be directly speaking to.
  
  In addition, We will make the Collected Data available to third parties as follows:
  
  a. (Third-Party) Service providers
  We may use service providers to process the Collected Data, some of which may be internal (i.e., part of Aniplex) or external (third party) service providers In any case, the service providers are engaged for the purposes of pursuing the activities outlined in this Privacy Policy. These include service providers engaged for providing support with customer service, traffic measurement, analytics, ad targeting; game management; content moderation; improvement and defect handling of games such as debugging; operation and effect measurement of in-game SDKs; implementation and effect measurement of targeted advertising; carrying out user surveys or questionnaires; management of game-related events; or sales of goods or tickets for events. Some of the service providers are acting on Our behalf as data processors pursuant to Art. 28 GDPR. However, We may also transfer to third party service providers acting as independent controllers such as lawyers, accountants, auditors, ad partners, influencers and other service providers engaged providing support with Our sale of goods or tickets for events; or management of Application-related events in accordance with applicable law pursuant to the GDPR.
  
  b. Business transfer
  In the event that We sell or transfer a portion or all of Our business, Collected Data may be transferred by Us to the purchasing or acquiring entity as part of the transaction. We will continue to ensure the confidentiality of the Collected Data before such transaction occurs, and after such transaction, We will delete the Collected Data as soon as reasonably practicable after such transaction.
  
  c. Compliance and enforcement
  We will retain, use and/or disclose any of Collected Data as required or permitted by law, regulation or order, including to the police or other appropriate authorities, to investigate complaints made by or against you, or to protect or defend ourselves, or others, against illegal, criminal or harmful activities.
  
  
• 6. International Transfer of the Collected Data
  Collected Data will be processed, stored and transferred for the purposes outlined in this Privacy Policy from your country/region of residence to various countries/regions outside your country/region of residence, including the United Kingdom, Japan and the US. Collected Data will be processed by staff operating outside your country/region of residence who work for Us or for one of Our service providers and may be disclosed to such staff in those countries/regions. We take appropriate measures to ensure that all transfers of the Collected Data from the European Union and European Economic Area (jointly the "EU") to countries/regions outside the EU meet the requirements of applicable EU data protection legislation and to ensure that appropriate technical and organisational security measures are in place to protect Personal Data against accidental or unlawful destruction, accidental loss or alteration, unauthorised disclosure or access, and against all other unlawful forms of processing. Where information is transferred outside the EU, and where this is to a stakeholder or vendor in a country/region that is not subject to an adequacy decision by the EU Commission (which currently exists for transfers to the United Kingdom, Japan and the US where the recipient has registered with the Data Privacy Framework) i.e., a country/region that does not provide the same level of data protection as your country/region of residence, data is adequately protected by EU Commission approved standard contractual clauses (accessible via the contact details provided at Section 12 below), or a vendor's Processor Binding Corporate Rules. Any onward transfer is subject to appropriate onward transfer requirements as required by applicable law. Nonetheless, this may impact your data subjects’ rights in your local jurisdiction and also in the applicable overseas jurisdiction(s). These overseas jurisdictions may also need to disclose your Personal Data to a third party, e.g., an overseas authority. If you have any questions or concerns about Our data transfer arrangements, please contact Us (see Section 12 below).
  
  
• 7. Retention periods for and deletion of Collected Data
  We will only retain the Collected Data until you withdraw your consent (where applicable), delete your account, you stop using your account for a long time or to otherwise comply with any applicable laws and regulations concerning the mandatory retention of certain types of information. Please note that We may be required to retain certain information by law. In principle, We will retain the Collected Data only as long as required or permitted by applicable law, in particular as long as the Collected Data may be needed to fulfil or defend against claims that are not yet time-barred. Where We no longer require the Collected Data, it will be destroyed or de-identified in line with Our policies.
  
  
• 8. Your statutory rights
  Under the conditions set out under applicable law (i.e., the GDPR), you have the following rights:
  a. Right of access: You have the right to obtain from Us confirmation as to whether or not Personal Data concerning you is being processed, and, where that is the case, to request access to a copy of the Personal Data. The access information includes – inter alia – the purposes of the processing, the categories of Personal Data concerned, and the recipients or categories of recipients to whom the Personal Data have been or will be disclosed. For additional copies requested by you, We may charge a reasonable fee based on administrative costs.
  b. Right to rectification: You have the right to obtain from Us the rectification of inaccurate Personal Data concerning you. Depending on the purposes of the processing, you have the right to have incomplete Personal Data completed, including by means of providing a supplementary statement.
  c. Right to erasure (right to be forgotten): You have the right to ask Us to erase your Personal Data.
  d. Right to restriction of processing: You have the right to request the restriction of processing your Personal Data. In this case, the respective data will be marked and may only be processed by Us for certain purposes.
  e. Right to data portability: You have the right to receive the Personal Data concerning you which you have provided to Us in a structured, commonly used and machine-readable format and you have the right to transmit those Personal Data to another entity without hindrance from Us.
  f. Right to object:
  You have the right to object, on grounds relating to your particular situation, at any time to the processing of your Personal Data by Us and We can be required to no longer process your Personal Data. If you have a right to object and you exercise this right, your Personal Data will no longer be processed for such purposes by Us. Exercising this right will not incur any costs. Such a right to object may not exist, in particular, if the processing of your Personal Data is necessary to take steps prior to entering into a contract or to perform a contract already concluded.
  g. Right to withdraw consent: Where Our processing is based on your consent, you can withdraw your consent at any time without giving reasons with effect for the future without affecting the lawfulness of processing based on consent before its withdrawal. We may however have other legal grounds for processing your data for other purposes.
  
  Please note that the aforementioned rights might be limited under the applicable national data protection law, for example if fulfilling your request would reveal personal data about another person, or if you ask Us to delete information which We are required by law or have compelling legitimate interests to keep. To process a request from you, We may need to confirm your identity to ensure We’re accessing the right data, this helps Us to protect the personal data belonging to our customers against fraudulent requests. Please refer any of your questions to support_en@madoka-exedra.com.
  
  In some jurisdictions, We may be able to send you direct marketing without your consent, where We rely on our legitimate interests. You have an absolute right to opt-out of direct marketing, or profiling We carry out for direct marketing, at any time. You can do this by following the instructions in the communication where this is an electronic message, or by contacting Us using the details set out below in Section 12.
  
  
• 9. How to Delete Your Account
  You may delete your account by taking the following steps:
  Please go to “Madoka Magica Magia Exedra”, tap “Menu”, tap “Options” and then tap “Delete Account”.
  
  Automated decision making
  We work with a third party anti-cheat software provider to detect cheating. We may process your Personal Data using automated decision-making methods in order to identify users who are cheating or who are suspected of cheating by observing and detecting cheating behaviours and users registering for multiple accounts.
  
  We conduct automated content moderation activities to keep users safe online. We may process your Personal Data using automated decision-making methods in order to identify users who are posting or otherwise disseminating content that breaches Our Terms of Use.
  
  We use automated tools for fraud prevention purposes, including payment tools to prevent double payments, missed payments, and fraudulent payments.
  
  If your account is determined to breach Our Terms of Use, We may restrict or ban your access to the Service. Please see Our Terms of Use. In addition Our fraud tools may prevent you from being able to make certain purchases in- Application. If this happens, you will be informed of the outcome of the decision and whether it is a decision pursuant to Art. 22 GDPR. If the latter is the case, you have the right to obtain human intervention to express your point of view and contest the decision by contacting Us at support_en@madoka-exedra.com.
  
  
• 10. Complaints
  In case of complaints, you also have the right to lodge a complaint with the competent supervisory authority, in particular in the Member State of your habitual residence or alleged infringement of the GDPR. For a list of EU national data protection authorities, please click here. For Swedish, Polish, Norwegian and Danish data protection authorities please refer to the contact details below:
  
  Denmark: Datatilsynet
  Carl Jacobsens Vej 35
  2500 Valby
  Tel. +45 33 1932 00
  Email: dt@datatilsynet.dk
  Website: http://www.datatilsynet.dk/
  
  Norway: Datatilsynet
  P.O. Box 458 Sentrum
  0150 Oslo
  Tel. +47 22 39 69 00
  Email: postkasse@datatilsynet.no
  Website: https://www.datatilsynet.no
  
  Sweden: Integritetsskyddsmyndigheten
  Fleminggatan 14,
  plan 7 - Box 8114
  104 20 Stockholm
  Tel. +46 8 657 6100
  Fax +46 8 652 8652
  Email: imy@imy.se
  Website: http://www.imy.se/
  
  Poland: Urząd Ochrony Danych Osobowych (Personal Data Protection Office)
  ul. Stawki 2
  00-193 Warsaw
  Tel. +48 22 531 03 00
  Email: kancelaria@uodo.gov.pl dwme@uodo.gov.pl
  Website: https://uodo.gov.pl/
  
  
  
• 11. Changes to this Privacy Policy
  We may amend this Privacy Policy at any time and, as such, We encourage you to periodically review this page for the latest information on Our privacy practices. If We make a material change to the way in which We collect, use, and/or share your Personal Data, We will send an email to users who have provided an email address or post a notice on the Service prior to the change becoming effective.
  
  
• 12. Questions about this Privacy Policy
  If you have questions or concerns regarding this Privacy Policy, you should first contact Aniplex. You can contact Us about this Privacy Policy by writing to Us at:
  Name: Aniplex Inc.
  Address: 4-5 Rokubancho, Chiyoda-ku, Tokyo, 102-8353 Japan
  Email: support_en@madoka-exedra.com
  
  If you are in the EU, please contact Our representative in the EU:
  Name: Sony Europe BV
  Address: Taurusavenue 16, 2132LS Hoofddorp, the Netherlands
  Email: privacyoffice.SEU@sony.com