Privacy Policy

1. Controller and Contact Details

Controller:

• Esports Media GmbH
• Tengstr. 9
• 80798 Munich
• Germany
• Email: privacy@earlygame.com

If you have any questions about this Privacy Policy or want to exercise your privacy rights, you can contact us using the details above.

2. Scope and Important Notes

This Privacy Policy applies to registered and non-registered users of our Services. Our Services are generally intended for individuals who are at least 16 years old or the higher minimum age required by local law. We do not knowingly collect personal data from children below that age.

Our Services may contain links to, or integrations with, third-party websites, apps, offerwalls, surveys, games, cashback, coupon or rewards providers. When you access such third-party content, you may leave our direct processing environment or interact in parallel with a third party acting as its own controller. In those cases, the third party's privacy policy and terms will also apply.

3. Categories of Personal Data We Process

Depending on how you use the Services, we may process the following categories of personal data:

• Identity data, such as name, username, date of birth, country of residence, age information or similar identifiers.
• Contact data, such as email address, phone number or postal address.
• Account data, such as login details, password hash, account status, settings and preferences.
• Transaction and rewards data, such as completed offers, survey participation, reward history, redemptions, payouts, reversals, chargebacks, disputes and status information.
• Payment and payout data, such as PayPal email, wallet identifiers, bank details, gift-card payout information or other payout-related details.
• Technical data, such as IP address, device identifiers, operating system, browser type, language settings, timestamps, network information, approximate location, referrer, cookie data and consent status.
• Usage data, such as page views, click paths, interactions with offers, offerwall impressions, conversion events, support interactions and fraud or risk signals.
• Communications data, such as the content of support requests, emails or other messages sent to us.
• Verification and compliance data where required, such as phone-verification data, identity documents, selfie or liveness data, verification notes, decision results, logs and tax or compliance data.
• Research and survey data to the extent you participate in surveys; in some cases, the survey content itself is collected directly by the relevant survey provider.
• Special categories of personal data only where these are exceptionally processed by survey, market-research or offer partners in the context of a survey that you voluntarily start, or where otherwise permitted by law. As a rule, we do not actively collect such data for our own core purposes, but partners may process them when you participate in specific third-party surveys.

4. How We Collect Personal Data

We collect personal data:

• directly from you, for example when you register, manage your account, participate in offers or surveys, contact support, request payouts or complete verification steps;
• automatically when you use the Services, for example through server logs, SDKs, APIs, cookies, similar technologies and event tracking;
• from our offerwall, survey, rewards, fraud, hosting, payment, support and analytics partners;
• from payment providers, identity-verification providers and fraud-prevention vendors;
• from public sources or authorities where necessary for compliance, law enforcement or fraud prevention.

5. Purposes and Legal Bases

We process personal data only where permitted by law. This includes the following purposes and legal bases:

Where we rely on legitimate interests, those interests include operating Lootday securely and efficiently, reducing abuse, correctly assigning rewards, cooperating with offer and survey partners, enforcing our terms and protecting our users, partners and systems.

6. Offerwalls, Surveys and Partner Offers

Lootday integrates third-party offers, including offerwalls, surveys, games, cashback, shopping, coupon and other rewards or advertising opportunities. In this context, we work in particular with partners such as BitLabs/Prodege, CPX Research and ayeT-Studios, as well as downstream advertising, research, measurement, fraud and payment partners.

When you interact with such offers, personal data may be transferred to those partners or collected directly by them to the extent necessary to:

• display relevant offers or surveys to you,
• ask qualification and screening questions,
• measure conversions, completions, clicks, installs, purchases or other reward-relevant actions,
• detect fraud, duplicate participation, prohibited incentivisation, bots, emulators, VPN or proxy usage,
• validate rewards and revenue share,
• handle complaints, reversals or audits.

For some surveys or market-research opportunities, your responses may be transmitted directly to the relevant research or survey provider. Those partners may act as independent controllers in that context. Their own privacy notices will then also apply.

7. Specific Transparency for BitLabs / Prodege, CPX Research and ayeT-Studios

BitLabs / Prodege

Where we integrate BitLabs or other Prodege functionality, we and/or the relevant partner may process data needed for offer delivery, screening, conversion tracking, compensation, fraud prevention and lawful use controls. This may include technical identifiers, device and browser data, IP address, user or sub IDs, offer and conversion data, screening information, reward values, fraud signals and other data necessary for surveys or rewarded activities. Partner requirements also require us to technically respect opt-outs and consent choices and to disclose material offer terms to users.

CPX Research

Where CPX Research is integrated, personal data such as email address, gender, date of birth or age, ZIP/postal code, technical identifiers and survey matching information may be processed where necessary for survey matching, participation, validation or fraud prevention. Additional categories may be processed where a specific survey or campaign requires them.

ayeT-Studios

Where ayeT-Studios is integrated, personal data may be processed for offerwall delivery, offer validation, rights handling, fraud prevention and communication with demand or market-research partners. According to ayeT's publicly available information, survey responses in certain market-research contexts may be transmitted directly to the relevant research company, and opt-out requests in that area are coordinated by ayeT.

8. Consent, Cookies, Tracking and Opt-Out

Where required by law, we use cookies, SDKs, pixels, local-storage-like technologies or other identifiers for advertising, analytics, offerwall delivery, conversion measurement or partner-related processing only after obtaining your consent.

You can change or withdraw your consent at any time with effect for the future through our consent manager or relevant device settings. If you do not give, or later withdraw, consent that is required for a specific feature, some offers, surveys, offerwalls or rewards functions may be unavailable in whole or in part.

Where applicable, users in certain jurisdictions may also have additional rights to opt out of the sale, sharing or certain forms of targeted advertising. We honour such signals and requests to the extent required by law and pass them on to relevant partners where necessary.

9. Identity Verification, Payouts and Sensitive Data

To prevent fraud, multi-accounting, abuse, money-laundering, sanctions violations or improper payouts, we may require additional verification before a payout or in relation to higher-risk accounts. Depending on the case, this may include:

• confirmation of your email address or phone number,
• verification of specific account information,
• submission of a government ID,
• selfie or liveness checks,
• matching against payout or payment details,
• review of suspicious technical or behavioural signals.

Where external verification providers are used, they will receive only the data necessary for the relevant verification step. Verification data is processed solely for security, compliance, abuse prevention and payout purposes.

As a rule, Lootday does not collect special categories of personal data for its own core purposes. However, some third-party surveys may involve partners processing sensitive data if you voluntarily choose to participate. You should review the relevant partner notices before taking part in such surveys.

10. Disclosures of Personal Data

We disclose personal data only where necessary and legally permitted, in particular to:

• hosting, cloud, infrastructure, analytics, communications, CRM, support and security providers;
• payment, payout, fraud-prevention, identity-verification and compliance providers;
• offerwall, survey, research, advertising, attribution, measurement and rewards partners, including BitLabs/Prodege, CPX Research and ayeT-Studios;
• professional advisers such as lawyers, tax advisers, auditors and insurers;
• authorities, courts or regulators where we are legally required to do so or where necessary to enforce legal rights;
• buyers, investors or group companies in connection with restructurings, financings, mergers or asset transactions.

Some recipients process data as processors under our instructions, while others act as independent controllers. This depends on the integration and the specific processing context.

11. International Transfers

We and our service providers or partners may transfer or process personal data within the European Union and in third countries, including the United States and other jurisdictions. Where a destination country is not covered by an adequacy decision, we use appropriate safeguards, including Standard Contractual Clauses, supplementary contractual safeguards or other legally recognised transfer mechanisms.

12. Data Security

We implement appropriate technical and organisational measures to protect personal data against loss, misuse, alteration, unauthorised access, unauthorised disclosure or destruction. These measures include role-based access controls, encryption in transit, logging, monitoring, need-to-know restrictions, vendor review and enhanced controls for higher-risk activities such as payouts and identity verification.

13. Retention

We retain personal data only for as long as necessary for the purposes for which it was collected, including to satisfy contractual, legal, regulatory, tax, accounting and evidentiary requirements.

In particular:

• account data is generally retained for the duration of the user relationship;
• rewards, transaction, payment and payout data are retained as needed for contract performance, fraud prevention, dispute handling and legal retention duties;
• consent and compliance records are retained as needed to demonstrate compliance;
• verification and KYC-related result data may be retained for a reasonable period for abuse prevention, legal defence and compliance; raw document images are kept for as short a period as possible and only where necessary, especially when third-party verification vendors are used;
• data used solely for analytics or statistics is anonymised or deleted once a personal reference is no longer required.

14. Your Rights

Depending on applicable law, you may have the right to:

• request access to your personal data,
• request correction of inaccurate data,
• request deletion of your data,
• request restriction of processing,
• request portability,
• object to certain processing,
• withdraw consent with future effect,
• lodge a complaint with a supervisory authority.

To exercise your rights, please contact us at privacy@earlygame.com. We may request additional information to verify your identity.

15. US State Privacy Notices

Where applicable, residents of certain US states may have additional privacy rights, such as rights relating to access, deletion, correction, portability or opting out of certain processing, including sale, sharing or targeted advertising. These rights can be exercised through the contact channels listed in this Privacy Policy.