Privacy Policy

Privacy Notice
***Effective Date: October 18, 2018***

— SECTION 1 – OVERVIEW —

Throughout this privacy policy, the terms “we”, “us”, “our”, “the service”, “the services”, “service”, “services” and “the company” refer to “gakumi.com” or “gakumi.com’s website”.

Gakumi.com is a web gaming portal that embedded HTML games from 3rd party vendors. Gakumi.com is a part of and is operated by fai.host.

This privacy notice applies solely to information collected by gakumi.com, except where stated otherwise. It will notify you of the following:

  1. Overview.
  2. Cookie policy.
  3. What personal information we collect and why we collect it.
  4. How long we store your data.
  5. What right you have over your data.
  6. Who do we share your data with.
  7. Where do we send your data.
  8. Response to legal process.
  9. External Resources.
  10. Survey & contests.
  11. Children.
  12. How we protect your data.
  13. What data breach procedure we have in place.
  14. What third party we receive data from.
  15. What automated decision making and/profileing we do with user data.
  16. Notification of changes.
  17. Severability.
  18. Privacy policy contact information.

— SECTION 2 – COOKIE POLICY —

2.a. Introduction

We use “cookies” on our websites. A cookie is a piece of data stored on a site visitor’s hard drive to help us improve your access to our sites and identify repeat visitors to our sites. For instance, when we use a cookie to identify you, you would not have to log in a password more than once, thereby saving time while on our sites. Cookies can also enable us to track and target the interests of our users to enhance their experience on our sites.

2.b. Essential Cookies

1. Comment cookie – if you leave a comment on our site you may opt-in to save your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

2. Cookie detector – if you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

3. Login cookie – When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

4. Publishing cookie – If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

5. Advertisement cookie – As a way of generating revenue to maintain the health of our website and to ensure of our legal right interest, we may from time to time display advertisement from 3rd parties. 3rd party advertisements vendors may set cookies on your browser with the purpose of serving you the advertisement that best suit your interest and to verify that the ads actually been viewed by a real person. We do not have any control over those cookies or how they are stored. However, when choosing advertisements for our website we ensure that we will only work with reputable 3rd parties.

6. Our website utilized Facebook commenting. If you use this feature from our website, Facebook may store and retrieve cookies from your browser. For more information on Facebook’s Privacy Policy please see Facebook’s data privacy policy at https://www.facebook.com/about/privacy/update.

7. We utilized Google’s ReCaptcha in helping us prevent comment spam or brute-force login. Google may set and retrieve cookies from your browser to determine whether if the visitor is a real person or a robot. For more information about Google’s Privacy Policy, please read Google’s Privacy Policy at https://policies.google.com/privacy

8. We utilize Google Analytics to track social shares made at our website. Google may set and retrieve cookies from your browser. For more information about Google’s Privacy Policy, please read Google’s Privacy Policy at https://policies.google.com/privacy.

— SECTION 3 – WHAT PERSONAL INFORMATION WE COLLECT AND WHY WE COLLECT IT —

3.a. Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

3.b. Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. You should be aware that, any visitors to this website can download and extract any location data from any images on the website.

3.c.Contact forms

When you contact us through the contact form we collect your name to know who we are communicating with. We also collect your e-mail address so that we can reply to you.

3.d. Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

Most of the games on our websites are embed content from 3rd party vendors. We do not have control over the information that they collect. We can’t limit the script that being execute by the embed content as this will break the purpose of our website. Before you play the games that embed on our website please check out the privacy policy of the vendors that we embed the games from.

We embed games from the following vendors:
1. Famobi’s Privacy Policy.
2. Zygomatic’s Privacy Policy.
3. Softgames’s Privacy Policy.

Websites that we embed content from may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content.

3.e. IPs

We, or the third parties who perform services on our behalf, collect IP address, log data, and other related Information about how users access and use our sites and services. This Information may be used for several reasons, including to provide our services to you, to process your requests or orders, to help diagnose problems with our server, to administer our website, to help identify you or your shopping cart, to gather broad demographic information, to investigate, prevent or take action against actual or suspected violations of this Privacy Policy or the Terms of Use, for other security purposes, and for other purposes as described in this Privacy Policy.

Whether whichever protocol you choose to utilize(FTP, HTTPS, HTTP, DNS, etc..), at the moment that you made a request to our server, our server will log the request that your browser/software made to us and also your IP. These logs of IPs help us identify any problem with our services if there are. These logs are also a crucial tool for us to maintain the security of our service or detecting a breach data.

IPs is somewhat similar to if you were walked into a store and the store has cameras to help monitor suspicious activity and enhancing customers’ experiences by capturing all traffic into the store. However, IPs are less identifiable than a real image. As an image of you taken by a security camera would clearly be able to identify who you are. Unless you provided us with others identifiable information, IPs are not as such capability as multiple users could share a same public IP address and information pertaining to an IP address is usually kept by the ISP(Internet Service Provider) and ISPs usually do not disclose IP information unless the matter pertains to laws.

We also use IPs as a tool to analyze the broad geographic trend of our visitor. We do not have an intention to link an actual person to an IP address but we use IPs as a tool of security and as a tool for analyzing traffic trends.

We may report or publicly disclose abusive IPs engaging in hacking attempts or other malicious behavior of which include: causing a DDoS to our services, attempted DDoS, any type of spam, hacking attempts, hacking, phishing, spoofing, SQL injection, attempted SQL injection, attempted to exploit a security vulnerability in a version of a software that we run even though we are not running that version, attempted to exploit a security vulnerability in a software on our server that we may or may not have the software installed, any attempt to exploits any security vulnerability on our server/software/web platform whether if the vulnerability existed or not.

3.f. Browser and other informations

When your browser makes a request to our server for our website, we collect your user agent header information. Your user agent header helps us identify the browser that you are using and the device that you are using. This information is to help us better understand the device that you are using so that our website can serve to you responsively based on the device that you used. We also use this information to help better understand the demographic trend of our traffic to help us further improve our service.

When the page is loaded, if Javascript is enabled we may also measure and collect your screen’s width and height information, whether in pixel size or in physical(inches/cm/etc…) size to determine which version of the website is better to serve to you based on your device screen’s size. We also use this information to help better understand the demographic trend of our traffic to help us further improve our service.

— SECTION 4 – HOW LONG WE STORE YOUR DATA —

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information that they provided in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information. Nonetheless, neither website administrators nor the users can see the plain text password that the users used for their account as the users’ passwords are stored in a hash format, of which is a one-way encryption method.

For IPs and requests that made to our server through whichever protocol that was used(FTP, HTTPS, HTTP, DNS, etc..), we may store these log files for up to 7 years from the date that they were created.

For IPs logs where it is reasonable to believe that there was/were attempted breach into our platform or server, we may keep those logs indefinitely. This is because our blacklist mechanism uses those log to prevent those IPs from being able to login into our platform.

When you contact us through e-mail, or from our contact form, our administrators, may store your e-mail address and any information you provided us for up to 7 years. When contacting us, we will not use your e-mail address to send you unsolicited messages.

— SECTION 5 – WHAT RIGHT YOU HAVE OVER YOUR DATA —

5.a. Data portability

If you have an account on this site or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. To request your personal information that we have, please send an e-mail from the e-mail address that associated with your information to admin@fai.host.

If the only information we have about you is your IP, whether if the information for the IP that you requested is in our database or not, we will not respond to your request as we will not be able to identify if you are the owner of the IP.

5.b. Data erasure

You can also request that we erase any personal data we hold about you. This does not include any data we are obligated to keep for administrative, legal, or security purposes.

We do not handle requests for removing IP address from our database, as the IP is a piece of vital information that gives us the ability to maintain the security and integrity of our system and also that we will not be able to identify whether if you are truly the owner of the IP.

If you request us to remove your personal data from a comment or post that you left on this website then we will remove your e-mail address and the IP address from the comment and from our database. For your name, we will shorten your first name to a single letter and also your last name to a single letter. If you did leave a web address on that comment/post then we will also remove your web address from the post/comment. But we may choose to keep the content of the comment/post that you left. This is to maintain the integrity of our website. If we choose not to keep the comment/post’s content that you left on our website then we will completely remove everything from our database.

5.c. Respond time and record keeping

We will respond to all privacy request within one month.

We will not respond to requests where we can’t identify who you are from the information you provided us whether if we have the information that you requested for exporting/erasing.

Once we processed a privacy request and audited the request, we will store a record of all information that pertains to the transaction in an encrypted file.

All privacy requests that made to us will be kept on record for up to 15 years from the date that we first received the request. This is for us to maintain our legal right in case a legal claim dispute arise.

We will only use privacy requests’ records where the law obligated us to. Besides that, we will not use, share, sale, nor trade information from privacy requests’ records.

— SECTION 6 – WHO DO WE SHARE YOUR DATA WITH —

6.a. Business Transfers

As our business grows, we may sell or sells assets or business offering. We may also merge with other entity or reorganize into a new entity. In other circumstances, we may file for bankruptcy. In those events that mentioned by this subsection, customers and visitors’ information typically is one of the transferring assets.

You acknowledge that those events that mentioned by this subsection may occur and that any acquirer of gakumi.com may continue to use your personal information as set forth in this privacy policy.

Furthermore, prior to any of the events that mentioned by this subsection, we may disclose analytic data to prospect acquirers. The information we disclose to prospect acquirers may include logs of IPs as proof for the amount of traffic that we had.

6.b. Affiliates

We may disclose information about you to our organization affiliates in order to help provide, understand, and improve our Services and our affiliates’ services, including the delivery of ads.

6.c. 3rd parties

1. We do not directly share any information that we collect with Facebook. However, because we embed the Facebook Comments plugin to allow you to leave comments on our website using your Facebook account. This plugin may collect your IP address, your web browser User Agent, store and retrieve cookies on your browser, embed additional tracking, and monitor your interaction with the commenting interface, including correlating your Facebook account with whatever action you take within the interface (such as “liking” someone’s comment, replying to other comments), if you are logged into Facebook. For more information about how this data may be used, please see Facebook’s data privacy policy: https://www.facebook.com/about/privacy/update.

2. We do not directly share any information that we collect with Google. However, because, we utilized a variety of tools from Google including Google ReCaptcha and Google Analytic on our website. Google may automatically collect and store certain information in their server logs which includes device event information such as crashes, system activity, hardware settings, browser type, browser language, the date and time of your request and referral URL, cookies that may uniquely identify your browser or your Google Account, in accordance with their data privacy policy: https://policies.google.com/privacy

6.d. Sharing of abusive and misconduct

We may share to others entity information pertain to IPs engaging in hacking attempts or other malicious behavior of which include: causing a DDoS to our services, attempted DDoS, any type of spam, hacking attempts, hacking, phishing, spoofing, SQL injection, attempted SQL injection, attempted to exploit a security vulnerability in a version of a software that we run even though we are not running that version, attempted to exploit a security vulnerability in a software on our server that we may or may not have the software installed, any attempt to exploits any security vulnerability on our server/software/web platform whether if the vulnerability existed or not. Those entity/entities that we share the information pertaining to IPs that involved in abusive or misconduct may publicly disclose or reshare that information with other entity/entities.

6.e. Final note

Unless those that we mentioned in this privacy policy and where it is required by law, we do not share, sale, nor trade any identifiable personal information that we collected.

— SECTION 7 – WHERE DO WE SEND YOUR DATA —

Our server is located at a data center in Kansas City, Missouri, United States. Through whichever mean, whenever you communicate with our server, your information is transmitting to the United States.

When we back up the data from our server, your information will be transmitted to a computer that located in Canada through the SSH protocol or the HTTPS protocol. Your data is encrypted during transmission by SSH/HTTPS.

When we work on our server(i.e modify the content, editing HTML code, editing pages, approving comments, managing the server, etc.), information will be transfer from our server in the United States to Canada through SSH protocol or the HTTPS protocol. The information is encrypted during transmission by SSH/HTTPS.

Visitor comments may be checked through an automated spam detection service.

— SECTION 8 – RESPONSE TO LEGAL PROCESS —

We may disclose any identifiable personal information or nonidentifiable personal information that we have, in order to comply with the law, a judicial proceeding, court order, or other legal processes.

— SECTION 9 – EXTERNAL RESOURCES —

Gakumi.com’s website contains links to other sites. Please be aware that we are not responsible for the content or privacy practices of such other sites. We encourage our users to be aware when they leave our sites and to read the privacy statements of any other site that collects personally identifiable information.

Our website also supports social sharing. When you click a social sharing button you will be directed to the appropriate platform(Facebook, Twitter, Linkedin, Pinterest, Reddit, Delicious, Mix, Whatsapp, Google+, Digg, etc…) of which the button you pressed represent. Please be aware that we are not responsible for the content or privacy practices of those platforms. We encourage you to read the privacy policy of those platforms if you choose to use them.

— SECTION 10 – SURVEYS & CONTESTS —

From time-to-time, our sites may request information via surveys or contests. Your participation in these surveys or contests is completely voluntary. You can choose not to participate in the surveys or contests offer. But if you choose to participate in the surveys or contests we offer, we may request personal information from you. The information we may request include but not limit to contact information (such as name, phone number, and e-mail address), and demographic information (such as shipping address, zip code, age). Contact information will be used to notify the winners and award prizes. Survey information will be used for purposes of monitoring or improving the use and satisfaction of our services.

— SECTION 11 – CHILDREN —

We do not knowingly collect or solicit Personally Identifiable Information from anyone under the age of 13 or knowingly allow such persons to register as Users.

We also do not allow anyone under the age of 13 to comment, add content to our website, or entering our survey. There is an exception to Facebook commenting. The policy for using the Facebook commenting interface is implemented by Facebook and we do not have control over Facebook’s policy. For any inquiry of removing a comment that you made using the Facebook’s comment interface, please contact Facebook through Facebook’s website at https://facebook.com.

If you are under 13, please do not send any information about yourself to us, including your name, address, telephone number, or email address. In the event that we learn that we have collected personal information from a child under age 13 without verification of parental consent, we will delete that information as quickly as possible. If you believe that we might have any information from or about a child under 13, please contact us at admin@fai.host

When it comes to IP addresses, it is impossible for us to know if we logged an IP address from someone that is under the age of 13. We also do not have a method of being able to link an actual person to an IP address if you don’t share with us any other personal information.

— SECTION 12 – HOW WE PROTECT YOUR DATA —

If you have accounts with us, your password will be stored in a hash format. A hash format is a one-way encryption method of which your password can’t be decrypted. If you log in to our site, the password you input is hash and then compare against the hashed version of your password in our database.

For information storage, our server is located in Kansas City, Missouri, United States with a trusted ISP. Access within the facility is controlled by biometric access controls. Once inside the perimeter, access to the data center floor is controlled by additional biometric access controls through mantraps and blast proof corridors. Our server is also password protected with different accounts for different purposes. Each privileged account to our server has a different set of passwords.

For our server, we have software in place to try to prevent and detect a data breach.

When your information is stored on our backup computer. They are stored into an encrypted partition on a passworded protected computer. We try our best to encrypted all confidential information when we store the data in our backup computer. Access to the encrypted partition is strictly enforced.

— SECTION 13 – WHAT DATA BREACH PROCEDURE WE HAVE IN PLACE —

We do have a data breach prevention plan in place. However, we are not perfect, and can’t guarantee that a data breach will never occur. Thus, if we are aware that a data breach has occurred, we will, within 72 hours from the time that we first aware of the breach, e-mail all user that have an account with us and notify that there was a breach.

If IPs logs were the only data that were compromised. We will, within 72 hours from the time that we first aware of the breach, notify you through our main webpage, gakumi.com, that a data breach had occurred.

— SECTION 14 – WHAT THIRD PARTIES WE RECEIVE DATA FROM —

As of current, we do not receive any personal data from any third party.

— SECTION 15 – WHAT AUTOMATED DECISION MAKING AND/OR PROFILING WE DO WITH USER DATA —

Our ads service platform depend on IP addresses to try to serve the correct ads base on geographic location(Country). To be able to obtain geographic location our software embed public and opensource IPs database such as Maxmind IP Database. The information from IP databases that we utilized is not always correct, thus, sometimes we may serve you the wrong ads from a different country.

— SECTION 16 – NOTIFICATION OF CHANGES —

We reserve the right to modify this privacy policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website. If we make material changes to this policy, we will notify you here that it has been updated, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we use and/or disclose it.

— SECTION 17 – SEVERABILITY —

You agree that in the event that if any part of this Privacy Policy is determined to be unlawful, void or unenforceable, such part shall be replaced by valid term(s) that matches the original intention of the invalid/unenforceable part where permitted by applicable law or be enforceable to the fullest extent permitted by applicable law, and the unenforceable portion shall be deemed to be severed from this Privacy Policy, such determination shall not affect the validity and enforceability of any other remaining portions of this Privacy Policy.

— SECTION 18 – PRIVACY POLICY CONTACT INFORMATION —

If you have any question in regard to this privacy policy. You can contact Khang H. Nguyen at admin@fai.host.