Introduction

Welcome to Koko Kinder (www.kokokinder.com), an educational gaming platform owned by Floating Bubbles Pvt. Ltd. (“We”, “Us”, “Koko Kinder”). We are committed to creating a safe, engaging, and transparent environment for our users and their families. We understand the importance of privacy, especially when it involves children, and we are dedicated to ensuring that all personal information collected is handled responsibly and in compliance with applicable laws.

This Privacy Policy explains our practices regarding the collection, use, sharing, and protection of personal information in accordance with the Digital Personal Data Protection (DPDP) Act, 2023, other applicable Indian laws. By using our app or website, www.kokokinder.com, you agree to the terms outlined in this policy.

Our goal is to ensure transparency in our data practices so that users and their parents or guardians feel confident in using our services. If you do not agree with any part of this Privacy Policy, we recommend that you discontinue using our app or website.

Information We Collect

We are committed to collecting only the data necessary to provide and enhance our services. Here is a detailed breakdown of the types of information we may collect:

1. Personal Information

• User Information: Parent’s year of birth.

2. Usage Data

• App Interaction: Details of how users engage with the app, including gameplay statistics, time spent on activities, in-app preferences, and navigation patterns.
• Feature Usage: Data on the features accessed most frequently to help improve user experience.

3. Device Data

• Technical Information: Information about the device used to access our app, such as device model, operating system version, hardware specifications, and available storage.
• Unique Identifiers: Device and other mobile identifiers like Settings Secure Android ID, Device Token (Push ID), App Instance ID for analytics purpose.

4. Behavioural Data

• Anonymized Analytics: Aggregated and anonymized data collected through Firebase Analytics to analyse user trends, engagement, and app performance. This data is not personally identifiable and is used to improve the user experience without any profiling or behavioural advertising.
• Diagnostic Data:
  Crash Reports & Performance Diagnostics: Information collected through Firebase Crashlytics to identify and resolve app crashes and other performance issues. This data helps troubleshoot app stability and enhance functionality without collecting personal information.

Payment Information

We do not directly collect, process, or store any payment card information provided through our Services. All payment transactions are securely processed by third-party payment service provider, such as Google. This third-party processor handle all aspects of payment processing in accordance with their respective terms, policies, and security protocols. We disclaim any liability arising from their collection, use, or storage of payment information. Users are encouraged to review the privacy policies of the respective payment processor for further details.

How We Use Your Data

We use the collected information to:

1. Provide Services:

• Deliver core app functionality, and user support.
• Ensure the app operates as intended, delivering an engaging user experience tailored to children’s educational needs.

2. Analytics and Performance Monitoring:

• Conduct internal analytics to identify trends, diagnose performance issues, and assess the effectiveness of app features.
• Evaluate app performance metrics to improve stability, security, and overall user satisfaction.

3. Legal and Compliance Obligations:

• Comply with applicable legal requirements, respond to lawful requests from authorities, and protect user rights.
• Prevent misuse of our app, enforce our Terms of Service, and address security concerns.

Children’s Data Processing

We take the privacy of children seriously and adhere to all relevant laws and platform policies. Here’s how we handle children’s data:

1. We require explicit parental consent before collecting any personal information from children under 18.

2. We limit the collection of children’s data to only what is necessary for the app’s functionality. This includes identifiable information, such as Settings Secure Android ID, Device Token (Push ID), App Instance ID and non-identifiable information like gameplay statistics, collected through tools like Firebase and Crashlytics.

3. No sensitive personal data, such as photographs, biometric information, or precise location, is collected without explicit parental consent.

4. Parents can request access to, correction of, or deletion of their child’s data at any time by contacting our support team at support@kokokinder.com. We process these requests promptly, usually within 30 days.

5. All data collected is used strictly for educational and app improvement purposes, ensuring alignment with Google Play’s Families Policy and relevant data protection laws.

6. We implement proper security measures to protect children’s data, including encryption, regular audits, and restricted access to authorized personnel only.

How We Protect Your Data

We take your data security seriously and implement proper measures to safeguard your information. Our approach includes:

1. All personal data is encrypted both in transit and at rest using industry-standard encryption protocols to prevent unauthorized access.

2. Data is stored on secure servers protected by firewalls and access controls, ensuring it is safeguarded from cyber threats and breaches.

3. Access to personal data is restricted to authorized personnel only, who are trained in data privacy practices and bound by confidentiality agreements.

4. We conduct regular security audits and vulnerability assessments to identify and mitigate potential risks.

5. A dedicated team is in place to handle any data security incidents promptly, ensuring minimal impact on users.

6. Our practices align with global security standards.

By combining these measures, we aim to protect your data from unauthorized access, alteration, disclosure, or destruction.

Data Sharing

At Koko Kinder, we value your privacy and are committed to ensuring that your personal information is not shared with third parties except in the specific cases outlined below. We take all reasonable steps to ensure that any third parties we share data with are compliant with relevant data protection laws and maintain high standards of security.

1. Sharing with Service Providers

We may share personal data with trusted third-party service providers who assist us in delivering our services. These providers help us perform functions such as hosting, analytics, and app performance monitoring. All third-party service providers are bound by strict data protection agreements to ensure that they handle your data responsibly and in accordance with applicable data protection laws.

Examples of third-party service providers include:

• We may use third-party servers to host our app’s backend services and databases.
• We use services like Google Analytics for Firebase to analyse user interactions and improve app functionality. Please go through their Privacy Policy to learn more about their Personal Data processing practices.
• Services like Crashlytics help us identify and address app crashes or performance issues.

These providers are not authorized to use your personal data for any purpose other than providing services to Koko Kinder.

2. Sharing with Legal Authorities

We may be required to share your personal information if we receive a lawful request from legal authorities, including government agencies, law enforcement, or regulators. This may happen in cases such as:

• To comply with applicable laws and regulations, including responding to summons, court orders, or legal processes.
• If we believe that sharing data is necessary to protect the rights, property, or safety of Koko Kinder, our users, or others, including preventing fraud, addressing security risks, or investigating illegal activities.

3. With Your Consent

In certain cases, we may ask for your explicit consent before sharing your personal information with third parties. For example, if we plan to partner with another company or offer third-party services, we may ask for your consent before sharing data that could identify you.

4. No Sale of Personal Data

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

Advertising and Monetization

We do not display any advertisements within our app or services, nor do we sell advertising space or engage in ad-based revenue models. Additionally, we do not share user data with third parties for advertising or marketing purposes.

Third-Party Services Used

In order to provide you with a seamless and efficient user experience, Koko Kinder relies on a variety of third-party services. These services help us with various aspects of our operations, such as app performance monitoring, analytics, and ensuring compliance with industry standards. Below is a detailed overview of the third-party services we use, the purpose for which we use them, and how they may collect and process your data.

1. Google Analytics for Firebase

• Purpose: Google Analytics for Firebase is used to track user interactions within the app, analyse user engagement, and monitor app performance.
• Data Collected: Firebase collects anonymized data such as user activity (e.g., app usage, gameplay statistics), device information (e.g., device type, operating system version), and app interaction data (e.g., screen views, events triggered).
• How it Helps: This tool allows us to gain insights into how users engage with the app, helping us to improve features, enhance user experience, and fix performance issues.
• Data Retention: The data collected by Firebase is stored for as long as necessary to fulfil the purpose of improving app functionality but is anonymized so it cannot be traced back to individual users.

2. Crashlytics

• Purpose: Crashlytics is used to track app crashes and performance issues. It helps us monitor the stability of the app and identify any bugs or errors that users may encounter.
• Data Collected: Crashlytics collects data related to app crashes, such as device information (e.g., model, OS version), the specific app version at the time of the crash, and other diagnostic details necessary to help us resolve technical issues.
• How it Helps: By providing real-time reports on app crashes and issues, Crashlytics enables us to address bugs quickly and improve the overall stability of the app.
• Data Retention: Data is retained for as long as necessary to monitor and fix technical issues but is anonymized to prevent identifying individual users.

3. Firebase Cloud Messaging (FCM):

• Purpose: Koko Kinder uses Firebase Cloud Messaging (FCM) to send non-personalized push notifications, ensuring users remain informed about app updates, new features, and other important communications.
• Data Collected: FCM collects anonymized data, including:
• Device Token (Push ID): A unique identifier assigned to each device to facilitate notification delivery.
App Instance ID: Identifies a distinct instance of the application on a user’s device.
• Notification Interaction Data: Tracks whether notifications were received and whether users engaged with them.
• How it Helps: This data enables the efficient delivery of notifications, ensures users receive relevant updates, and allows for measuring the effectiveness of notifications, including user engagement and interaction rates.
• Data Retention: The data collected by Firebase is retained only for as long as necessary to fulfil its intended purpose of improving app functionality. All data remains anonymized, preventing it from being linked to individual users.

Third-Party Data Handling

Any third-party service providers we engage, as mentioned above, don’t sell, rent, or distribute user data for commercial gain. These providers process data solely for the purpose of delivering services as outlined in this Privacy Policy and in accordance with their respective privacy policies.

Data Retention

At Koko Kinder, we are committed to maintaining a balance between retaining necessary user data for service continuity and respecting user privacy. We only retain personal data for as long as necessary to fulfil the purposes for which it was collected, in compliance with applicable legal requirements, and as outlined in this Privacy Policy. The duration for which we retain your data depends on various factors, including the type of data, its intended use, and legal obligations.

General Principles of Data Retention

• We retain your personal data only as long as required to provide and improve our services, meet legal obligations, or fulfil contractual requirements.
• We strive to minimize the amount of personal data we retain and will delete or anonymize data whenever it is no longer necessary for the purposes it was collected.
• In some cases, we are required to retain certain types of data for legal, regulatory, or tax purposes. We will retain personal information in such cases for the duration specified by applicable laws or contractual agreements.
• If an account remains inactive for an extended period, we may reach out to the account holder to inquire about account status or to offer data deletion options. Accounts that remain inactive for long durations may be deleted in accordance with our data retention policy.

Specific Data Retention Guidelines

1.Personal Information

• Personal data is retained for as long as necessary to provide services and communicate with users.
• If a user or their parent or guardian requests data deletion, we will delete all personal information associated with the account within 30 days of the request, unless we are required by law to retain certain data for a longer period.

2.Usage and Behavioural Data

• App interaction data, such as gameplay statistics, time spent on activities, and feature usage, are typically retained for as long as necessary to analyse trends, improve user experience, and enhance app functionality.
• Aggregated and anonymized data may be retained for longer periods, as it does not identify individual users and is used for analytical purposes.

3.Device Data

• Technical and device-related data, such as device models, operating system versions, and identifiers, are retained to ensure compatibility, troubleshoot issues, and optimize app performance. This data is generally kept for a reasonable period and is anonymized when used for analytics.

4.Crash and Performance Data

• Diagnostic data collected through tools like Firebase and Crashlytics, such as crash reports and performance diagnostics, are retained for as long as needed to resolve technical issues, monitor app stability, and improve performance. This data is typically anonymized and retained for a period of 90 days to help address any recurring issues.

5.Data Retention for Legal Compliance

• In certain instances, we may retain data beyond its immediate purpose to comply with legal obligations. For example, if required by applicable law or in response to legal requests (e.g., Summons, government orders), we may retain specific data, including user communications or transaction details, to comply with these legal requirements.
• We may also retain records of data collection and processing activities for purposes of legal defence, audit, and compliance with applicable data protection laws.

6.Data Deletion

• Data Deletion Request Process: Users who wish to delete their data can send a request to our support team at support@kokokinder.com. We will process these requests promptly, and users will receive confirmation once their data has been permanently deleted.

Data Retention for Children

Since Koko Kinder is an educational platform designed for children, we take extra care to ensure that the data retention practices align with the relevant regulations.

• Parental Consent: We only collect personal data from children after obtaining explicit consent from their parents or guardians. If the parent/guardian withdraws consent, we will delete the child’s personal data within 30 days.
• Minimal Data Collection: We retain only the minimum amount of personal data necessary to provide the app’s educational services and to fulfil any legal or contractual obligations. This includes non-sensitive data like gameplay statistics and personal information like device identifiers.

Requesting Data Deletion

Users or parents/guardians who wish to request the deletion of their child’s data can do so by contacting our support team. Upon receiving such a request, we will delete the relevant data in accordance with our retention policy and applicable laws.

Security of Retained Data

Throughout the data retention period, we apply proper security measures to protect retained data from unauthorized access, disclosure, alteration, or destruction. We use encryption, access controls, and other safeguards to ensure that user data remains secure during its retention

User Rights

You have the right to:

1. Access, correct, or delete your personal information.
2. Withdraw consent for data collection and processing.
3. Be informed of data breaches that may impact your personal data.
4. Lodge complaints with relevant Data Protection Authorities if unsatisfied with our response.

To exercise these rights, contact our Privacy Team at support@kokokinder.com. We aim to process all verifiable requests within 45 days, with possible extensions for complex cases.

Parental Consent

Parents/guardians have access to platform enabling them to:

• Modify or delete their child’s data.
• Withdraw consent for data collection.

Updates to This Privacy Policy

We reserve the right to amend this policy as required. Significant changes will be communicated via the app, website, or email or any other appropriate channel. Continued use of our services after changes implies acceptance of the updated policy.

Grievance Officer

In compliance with the DPDP Act, 2023, and Google Play policies, you can contact our Grievance Officer for any concerns:

Rashmeet Walia

support@kokokinder.com

Contact Us

For any questions or concerns about our Privacy Policy, please contact us at:

Email: support@kokokinder.com, info@kokokinder.com

Website: www.kokokinder.com

This Privacy Policy was last updated on [February 21, 2025].