Privacy Policy of the Binero Application

Last updated: October 3, 2025

Publisher: BoCode EI — SIRET: 928 631 647 00015 — 59 rue Salomon Reinach, 69007 Lyon, France — Email: dmsy.pro@gmail.com

1. Purpose of this policy

This privacy policy informs users of the mobile application Binero (hereinafter “the Application”), published by BoCode EI (hereinafter “the Publisher”), about the methods of collecting, processing and using their personal data in compliance with Regulation (EU) 2016/679 (GDPR) and the French Data Protection Act. By using the Application, the user acknowledges having read and accepted this policy.

2. Minimum legal age

The Application is strictly reserved for users aged at least 16 years old. Any registration or use by a person under 16 is prohibited. The Publisher reserves the right to delete any account not complying with this condition.

3. Data collected

3.1 Data provided directly by the user

• Google account identifiers: google_oauth_token, google_oauth_sub, google_oauth_name, google_oauthemail, google_oauthfirstname, google_oauthlastname
• Game settings and preferences: username, score, year_score, progression (pack_id, level_id), theme, notification_enabled, feedback (type, message)

3.2 Data collected automatically

• Technical identifiers: android_id, firebase_token, uuid, session_token, session_id
• Device data (security, stats, debugging): model, sdkInt, isRooted, buildType, osVersion, densityDpi, isEmulator, isDebuggable, manufacturer, screenWidthPx, screenHeightPx
• App/server logs: url, body, code, response, stacktrace, client_ip, user-agent
• Application events: page_view, button_click, ad_request, ad_fail, ad_impression, ad_click, level_complete
• System settings: locale, timezone, app_version
• Last used IP address (last_used_ip) for security

3.3 Inferred/generated data

• Approximate location from IP: country, country_code, city
• Session data: created_at, last_activity_at, last_heartbeat_at, variant
• Account type: account_type (“no-account”, “freemium”, “premium”)
• Uninstallation status: uninstalled (checked via FCM)

4. Purposes of processing

• Service provision: authentication, saving/syncing progress, leaderboards and rewards.
• Improvement & statistics: usage analytics, KPIs, bug tracking, app improvement.
• Security: fraud detection, anti-cheating, abuse prevention.
• Advertising: display of sponsored content via AdMob.
• Communication: push notifications (if enabled).

5. Legal bases

• Performance of contract for processing necessary to operate the Application.
• Legitimate interest of the Publisher for security, fraud prevention, service improvement.
• Consent where required (e.g. personalized ads, notifications).

6. Sharing and recipients

The Publisher does not sell or rent user data. Certain data may be processed by technical providers solely for service delivery:

• Google Firebase (authentication, database, hosting)
• Google Crashlytics (error tracking and analysis)
• Google Analytics (usage statistics)
• Google AdMob (advertising)

Other than these cases, collected, inferred or generated data remains exclusively with the Publisher.

7. Data retention

Data is kept as long as necessary for the purposes described above. No fixed maximum retention period is set to date; the Publisher commits to regular deletion or anonymization of inactive data.

Users may request deletion of their account and data at any time (see section 9).

8. Security

All communications between the Application and the API are encrypted (HTTPS/TLS). The Publisher uses Google’s secure services and applies regular updates. However, no system is infallible, and absolute security cannot be guaranteed.

9. User rights

Under the GDPR, users have the following rights: access, rectification, erasure (“right to be forgotten”), objection, restriction, portability. These rights may be exercised by contacting dmsy.pro@gmail.com. Proof of identity may be requested if necessary.

A “Delete my account” button may be added later in the Application; in the meantime, requests via email are sufficient.

10. Transfers outside the EU

Some providers (Google, Firebase, AdMob) may process data outside the EU. In such cases, appropriate safeguards, such as the European Commission’s Standard Contractual Clauses, are implemented to ensure adequate protection.

11. Liability

The Publisher complies with applicable data protection regulations. However, it cannot be held liable (i) for fraudulent use of user identifiers, (ii) for failures attributable to third-party providers, or (iii) for force majeure or any event beyond its reasonable control.

12. Changes

This policy may be updated at any time. In the event of significant changes, users will be notified when next using the Application.

13. Contact