Genoma Games logoGenoma Games

Blood & Bytes: Kagura - Privacy Policy

1. Introduction

Genoma Games ("we," "us," or "our"), a game development studio based in Madrid, Spain, develops and operates Blood & Bytes: Kagura. This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you interact with our game, website, testing programs, or related services.

We are committed to protecting your privacy and complying with applicable data protection regulations, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and Spain's Ley Organica de Proteccion de Datos Personales (LOPDGDD).

Data Controller: Genoma Games Madrid, Spain Email: info@genomagames.com Physical address available upon request.

2. Applicable Regulations

Based on the global nature of our services, we comply with the following privacy regulations:

European Union - GDPR

As a Spanish company processing personal data of EU residents, we are directly subject to the General Data Protection Regulation (GDPR). This regulation requires lawful, fair, and transparent data processing with valid legal bases such as consent.

Spain - LOPDGDD

Spain's Fundamental Law on Data Protection (Ley Organica de Proteccion de Datos Personales y Garantia de los Derechos Digitales) implements and refines GDPR requirements for Spanish territory.

California - CCPA/CPRA

For California residents, we comply with the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), which grants specific privacy rights including the right to know, delete, correct, and opt-out.

United States - CAN-SPAM Act

All email communications comply with the CAN-SPAM Act, which establishes rules for commercial email including clear unsubscribe mechanisms.

Other US States

We monitor and comply with comprehensive privacy laws in other US states as applicable, including Colorado, Connecticut, Virginia, and others.

3. Personal Data We Collect

We collect the following categories of personal information:

3.1 Contact Information

DataPurposeLegal Basis (GDPR)
NameIdentification and communicationConsent
Email AddressPrimary communication channel, sending game keys and updatesConsent

3.2 Demographic Information

DataPurposeLegal Basis (GDPR)
CountryRegional segmentation and localizationConsent
Preferred LanguageCommunication and game localizationConsent
Year of BirthAge verification and demographic analysisConsent

3.3 Gaming Profile Information

DataPurposeLegal Basis (GDPR)
Gaming FrequencyPlayer segmentation and testing group assignmentConsent
Average Session DurationUnderstanding player habitsConsent
Gaming Platforms UsedTechnical compatibility assessmentConsent
Preferred PlatformPrimary testing focusConsent
Alpha/Beta ExperienceTester experience assessmentConsent
Feedback ExperienceIdentifying proactive testersConsent

3.4 Preference Information

DataPurposeLegal Basis (GDPR)
Liked Game GenresPlayer affinity analysisConsent
Disliked Game GenresUnderstanding player preferencesConsent
Games of InterestReference comparisonConsent
Gaming MotivationsPlayer type classificationConsent
Related InterestsBroader interest profilingConsent
DataPurposeLegal Basis (GDPR)
Opt-in for UpdatesPermission to send game news and announcementsConsent
Opt-in for SurveysPermission to send feedback requestsConsent

3.6 Game Access Data

DataPurposeLegal Basis (GDPR)
Game KeyLinking access to your contact recordContract performance
Registration DateProgram administrationLegitimate interest
Key Activation StatusTracking program participationLegitimate interest

4. How We Use Your Information

We use your personal data for the following purposes:

4.1 Service Delivery

  • Registering you as a player or tester
  • Assigning and distributing game keys
  • Tracking your participation status
  • Segmenting players into appropriate groups
  • Sending game updates and development news (if opted-in)
  • Sending feedback surveys and questionnaires (if opted-in)
  • Important announcements related to your game access

4.3 Product Improvement

  • Analyzing player demographics to understand our audience
  • Understanding gaming preferences to inform development decisions
  • Evaluating player feedback for quality assessment

5. Third-Party Services and Data Processors

We use the following third-party services to process your data:

5.1 Brevo (formerly Sendinblue)

Purpose: Email marketing and contact management Data Shared: Email address, name, game key assignment, consent preferences Location: European Union (with appropriate safeguards for any transfers) Role: Data Processor DPA: We maintain a Data Processing Agreement with Brevo in compliance with GDPR Article 28.

Brevo is used to:

  • Store and manage contact information
  • Send email communications (updates, surveys)
  • Track email delivery and engagement metrics
  • Link game keys to contact records

5.2 Notion

Purpose: Internal database for program management Data Shared: Registration form responses Location: United States (EU-US Data Privacy Framework participant) Role: Data Processor

5.3 Steam

Purpose: Game distribution platform Data Shared: No personal data shared directly; game keys are redeemed by users Note: When you redeem a game key on Steam, Steam's own privacy policy applies to that relationship.

6. International Data Transfers

As our players may be located worldwide, your data may be transferred outside your country of residence.

For EU Residents

Transfers outside the European Economic Area (EEA) are protected by:

  • EU-US Data Privacy Framework (for US recipients certified under this framework)
  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Adequacy decisions where applicable

Your Rights

You have the right to request information about the safeguards in place for any international transfers of your data.

7. Data Retention

We retain your personal data only as long as necessary for the purposes described in this policy:

Data CategoryRetention Period
Contact InformationWhile you use our services + 2 years
Demographic InformationWhile you use our services + 2 years
Gaming Profile & PreferencesWhile you use our services + 2 years
Consent RecordsDuration of consent + 3 years (legal compliance)
Game Key AssignmentWhile you use our services + 2 years
Transaction Records7 years (tax and financial compliance)

"While you use our services" means the period during which you actively interact with our game, website, or communications. We consider your relationship inactive after 24 months without any interaction (login, email open, or other engagement).

Why we retain data after inactivity: The additional 2-year retention period allows us to: (1) enable account reactivation if you return to our services, (2) respond to any disputes or support requests related to your previous participation, and (3) comply with potential legal obligations.

After the retention period, your data will be:

  • Deleted, or
  • Anonymized for aggregate statistical purposes

8. Your Rights

Depending on your location, you have the following rights regarding your personal data:

8.1 Rights Under GDPR (EU Residents)

  • Right of Access: Request a copy of all personal data we hold about you
  • Right to Rectification: Request correction of inaccurate or incomplete data
  • Right to Erasure: Request deletion of your data ("right to be forgotten")
  • Right to Restriction: Request limitation of how we process your data
  • Right to Data Portability: Receive your data in a machine-readable format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw your consent at any time
  • Right to Complain: Lodge a complaint with your local data protection authority

8.2 Rights Under CCPA/CPRA (California Residents)

  • Right to Know: Request disclosure of data collected and its purposes
  • Right to Delete: Request deletion of your personal information
  • Right to Correct: Request correction of inaccurate information
  • Right to Opt-Out: Opt-out of sale or sharing of personal information
  • Right to Non-Discrimination: Not be penalized for exercising your rights

Note: We do not sell your personal information.

8.3 How to Exercise Your Rights

To exercise any of these rights, including withdrawing your consent, contact us at:

Email: info@genomagames.com Subject Line: Privacy Request - [Your Right]

To withdraw consent: Send an email to info@genomagames.com with the subject "Withdraw Consent" specifying which consent(s) you wish to withdraw. You can also use the unsubscribe link in any marketing email to withdraw consent for that specific communication type.

We will respond to your request within the timeframes required by applicable law.

9. Email Marketing and Unsubscribe

9.1 Opt-In Communications

We only send marketing emails (updates, surveys) if you have explicitly opted-in. Each type of communication has a separate opt-in.

9.2 Unsubscribe

Every marketing email includes an unsubscribe link. You can:

  • Click the unsubscribe link in any email
  • Contact us at info@genomagames.com
  • Update your preferences through Brevo's preference center

9.3 Transactional Communications

Essential communications (game key delivery, critical updates) are not subject to marketing opt-in and will be sent to all active users.

10. Children's Privacy

Our game and services are not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16.

If we discover that we have collected personal data from a child under 16, we will delete that information promptly.

If you believe a child under 16 has provided us with personal information, please contact us at info@genomagames.com.

11. Data Security

We implement appropriate technical and organizational measures to protect your personal data:

  • Encryption: Data transmitted via HTTPS; data at rest protected by service provider encryption
  • Access Controls: Limited access to personal data on a need-to-know basis
  • Service Provider Security: We only use service providers with appropriate security certifications
  • Breach Response: Procedures in place to detect, investigate, and report data breaches

In the event of a data breach that poses a risk to your rights, we will notify the relevant authorities and affected individuals as required by applicable law.

12. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements.

Notification of Changes:

  • Material changes will be communicated via email to registered users
  • The "Last Updated" date at the top will be revised
  • Previous versions will be archived and available upon request

13. Contact Information

For any questions, concerns, or requests regarding this Privacy Policy or your personal data:

Genoma Games Madrid, Spain Physical address available upon request.

Email: info@genomagames.com

Website: https://genomagames.com


This Privacy Policy is provided in English. A Spanish version may be made available upon request.