Privacy Policy

Starcash: Win star and Earn Privacy Policy

Last Updated: 2025.10.28

This Privacy Policy (“Policy”) explains how we collect, use, share, and protect your personal information when you use “Starcash: Win star and Earn” (the “Application” or “App”). We value user privacy and data security and will comply with applicable data protection laws and regulations (such as GDPR and CCPA, where applicable).

If you do not agree with any part of this Policy, please stop using the App immediately. We may update this Policy from time to time. The updated version will be published on this page and will take effect upon publication.

1. Data Controller and Contact Information

- Data Controller: Torrit Soft

- Registered Address: Dimitar Evtimov Ivanov 57 Bratya Miladinovi, Entrance 9, Floor 2, Apartment 7, Burgas 8000, Bulgaria Burgas - 8000 Bulgaria (BG)

- Privacy Contact: torritsoft@gmail.com

2. Scope and User Eligibility

- This Policy applies to the processing of your personal information when you download, register, and use the App and related features/activities (such as rewards or withdrawal functions).

- The App is not intended for use by minors. If you are under 18 years of age, please do not use the App. We do not knowingly collect personal information from minors. If you discover that we have inadvertently collected such information, please contact us using the details above so that we can delete it.

3. Information We Collect and How We Collect It

1. Information You Provide

- Account and Registration Information: Email, username, basic third-party login data, and payment account details.

- Customer Support and Communications: Content you provide when contacting us or submitting tickets.

- Identity Verification Information: To prevent cheating/fraud and ensure accurate reward disbursement, we may conduct additional verifications before withdrawals (e.g., selfie verification using the device camera, KYC information). If sensitive personal data such as facial images are involved, we will obtain your explicit consent and use them solely for anti-fraud and compliance verification, then delete them according to the retention terms in this Policy once the necessary purpose is fulfilled.

2. Information Collected Automatically

- Device and Log Information: Device model, operating system and version, unique device identifiers (e.g., Device ID), advertising identifiers (GAID/AAID/IDFA), IP address, time zone and language, carrier, network type and speed, screen size and orientation, system and battery/storage status, browser/user agent.

- Usage Data: App launches and sessions, click events, usage of pages or features, task/activity progress, ad interaction data (such as rewarded video views), crash logs and performance data.

- Location Data: Approximate location based on IP; if precise location is required, we will request permissions and consent separately.

3. Attribution and Statistics from Third Parties

- Advertising and attribution partners may provide installation attribution, ad interaction data, and campaign performance data for anti-fraud, billing reconciliation, and performance optimization.

4. Purposes and Legal Bases for Processing

We process your information for the following purposes (the specific legal bases depend on the laws applicable in your jurisdiction):

- Provide and maintain services: Account creation and management, feature provision, reward calculation and disbursement, customer support, troubleshooting, and performance optimization (contract performance or legitimate interests).

- Marketing and operational optimization: Sending notifications (e.g., reward progress, important updates), personalized content or activity recommendations, statistics and analysis, A/B testing (legitimate interests or consent, depending on local law and system permissions).

- Anti-fraud and security: Detect, investigate, and prevent fraud and abuse; enforce terms of service; protect account and payment security (legitimate interests and/or legal obligations).

- Compliance requirements: Comply with laws and regulations (e.g., tax, accounting, requests from law enforcement) (legal obligations).

- Processing of sensitive data (e.g., selfies/facial data): Only when necessary and with your explicit consent, solely for anti-fraud and withdrawal verification, and deleted after the purpose is achieved (consent).

5. Automated Decision-Making or Profiling

- We conduct operational analysis, risk assessments, and ad attribution based on usage data, but we will not make automated decisions that have legal or similarly significant effects on you without notifying you and obtaining necessary consent.

- If anti-fraud verification involves automated matching, we will ensure human review pathways and appeal channels are available.

6. Third-Party SDKs and Partners

To provide ad monetization, attribution, crash analysis, and other features, the App integrates third-party SDKs. These third parties may act independently as data controllers or processors and process your information under their respective privacy policies. We enter into appropriate data protection terms with them and take necessary security measures.

AppLovin MAX (AppLovin)

https://www.applovin.com/privacy/

Google AdMob (Google)

https://policies.google.com/privacy

Additional: Google Ads technologies and advertising

https://policies.google.com/technologies/ads

Adjoe

https://www.adjoe.io/privacy-policy/

Liftoff

https://liftoff.io/privacy-policy/

BIGO (BIGO Technology / Bigo Live)

https://www.bigo.sg/privacy-policy

These SDKs may collect data such as advertising identifiers (GAID/IDFA), device information, IP address, location information (approximate or precise depending on permissions and consent), app usage events, and ad interaction data. They use this data for ad delivery, anti-fraud, billing reconciliation, attribution, and product improvement. You can reset or limit the advertising identifier at the system level, or manage choices in the App’s consent pop-up/privacy settings (if available).

7. Cookies and Similar Technologies

- The App may use device local storage, SDK caches, mobile advertising identifiers, and similar technologies to enable login persistence, remember preferences, perform statistical analysis, and serve ads.

- You can manage ad tracking and notification permissions via your device system settings. Specific paths depend on your device and OS version.

8. Data Sharing and Disclosure

We may share or disclose your information under the following circumstances:

- Service providers and processors: Vendors providing hosting, data analytics, customer support, payments/withdrawals, advertising, and attribution services on our behalf, processing data only for contracted purposes.

- Legal and compliance: As required by laws, law enforcement, or regulatory authorities, or to protect our legitimate interests, enforce terms, and investigate fraud and security incidents.

- Business changes: In mergers, acquisitions, asset transfers, or bankruptcy-related transactions, your data may be transferred as part of the assets. We will ensure protection under this Policy and applicable laws.

- With your consent or instruction: Sharing necessary data with third parties to provide specific features upon your explicit consent.

9. International Data Transfers

We may process and store your information globally, and data may be transferred to countries or regions with different levels of data protection. We will implement appropriate safeguards (such as EU Standard Contractual Clauses, SCCs) to ensure an equivalent level of protection.

10. Data Retention

- We retain personal information only for as long as necessary to fulfill the purposes described in this Policy, after which we delete or anonymize it.

- Account data: Typically retained while your account remains active; when you deactivate or request deletion, we will process it within a reasonable timeframe.

- Anti-fraud and compliance records: Retained for a reasonable period to meet legal retention and compliance needs (e.g., tax, accounting, and dispute periods).

- Sensitive data collected with consent (e.g., selfies/facial data): Used only for verification; typically deleted within four weeks after withdrawal completion, unless extended retention is required for dispute handling, compliance, or legal requirements.

11. Your Rights

Subject to applicable data protection laws, you may have the following rights:

- Access: Request a copy of your personal information that we process.

- Rectification: Request correction of inaccurate or incomplete information.

- Erasure: Request deletion of personal information under legal conditions.

- Restriction and Objection: Request restriction of processing or object to processing based on legitimate interests in certain circumstances.

- Data Portability: Request your personal information in a structured, commonly used, machine-readable format and transfer it to a third party where legally applicable.

- Withdraw Consent: For processing based on consent, you may withdraw consent at any time without affecting the lawfulness of processing before withdrawal.

- Complaint: You may lodge a complaint with a competent supervisory authority in your jurisdiction.

To exercise these rights, please contact us using the details under “Contact Information.” For security, we may need to verify your identity.

12. Advertising Personalization and Choices

- You can limit ad personalization or reset the advertising identifier in your device settings (e.g., reset GAID on Android; manage tracking permissions on iOS via “Limit Ad Tracking/Allow Apps to Request to Track”).

- If the App provides a consent management tool (CMP) or privacy settings page, you can adjust preferences regarding advertising, analytics, and personalization there.

13. Notices and Communications

- We may send you service-related essential notices (e.g., account security, major updates, reward status). These are part of the service.

- For marketing communications (e.g., push notifications, emails), we will obtain consent or rely on legitimate interests where lawful and provide opt-out/disable options.

14. Security Measures

- We implement reasonable, industry-standard technical and organizational measures to protect your data, including encryption in transit and at rest, access controls, least-privilege authorization, and staff training.

- However, internet transmission and storage are not absolutely secure. In case of a security incident, we will take actions required by law and notify you and regulators where necessary.

15. Account Deactivation and Data Deletion

- You can request to deactivate your account and delete personal information via in-app settings or by contacting us. We will process your request within a reasonable timeframe. To comply with legal obligations or handle disputes, we may delay or retain some data within the necessary scope.

16. California Users (CCPA/CPRA) Notice (if applicable)

- We do not sell your personal information. Certain advertising-related sharing may be considered “sharing”; you can opt out in the App or by contacting us.

- You have rights to access, delete, and correct personal information, and to limit the use of sensitive information. Please see “Your Rights” for how to exercise these rights and identity verification steps.

17. Children’s Privacy

- The App is not directed to minors and we do not knowingly collect their data. If we inadvertently collect such data, we will delete it promptly.

18. Contact Us

If you have any questions, requests, or complaints regarding this Policy or privacy matters, please contact us at:

- Email: torritsoft@gmail.com

- Address: Dimitar Evtimov Ivanov 57 Bratya Miladinovi, Entrance 9, Floor 2, Apartment 7, Burgas 8000, Bulgaria Burgas - 8000 Bulgaria (BG)