Oakridge Interactive LLC, doing business as Eazy6 (“Eazy6,” “we,” “our,” or “us”), respects your privacy and is committed to protecting it. This Privacy Policy (“Policy”) explains how we collect, use, disclose, and safeguard your personal information when you use the Eazy6 mobile application (the “App”) and visit our website at www.eazy6.com (the “Site,” collectively the “Services”). By using our Services, you agree to this Policy.
Privacy Principles
Transparency – clear disclosures about what we collect, why, and with whom we share it.
Fairness & Lawfulness – we process data for legitimate purposes and in accordance with applicable laws.
Security – administrative, technical, and physical safeguards proportionate to risk.
Data Minimization – we collect only what we need for the stated purposes.
Accountability – contracts and oversight of our service providers/processors.
Privacy by Design & Default – privacy embedded throughout our product lifecycle.
1. Scope of This Policy
Players and visitors who register for an account, enter skill-based contests (free-to-play; no entry fee required), or otherwise use the App or Site.
Individuals who contact us (e.g., customer support, feedback).
Business partners, vendors, and service providers to the extent we process their personnel’s data in operating the Services.
This Policy does not govern our HR/employment data except as noted in the GDPR/UK Appendix.
2. Notice at Collection (Summary for U.S. State Privacy Laws)
The table below summarizes the categories of personal information we collect, the purposes for which we use it, sources, whether it may be considered “sensitive,” whether it is “sold” or “shared” (as defined by certain state laws), typical recipients, and indicative retention periods.
Category | Examples | Purposes | Sources | Sensitive? | Sold/Shared? | Recipients | Retention |
Identifiers | Name, username, mobile number, email, IP address, device IDs. | Account creation; OTP login; communications; security; fraud/abuse prevention. | You; your devices; service providers. | No (but mobile number may be sensitive in some states). | Not sold. May be “shared” for cross-context behavioral advertising only if you opt in; otherwise limited to service providers. | Service providers (OTP/SMS, auth, fraud/abuse, security); analytics vendors. | Account life + legal and operational needs. |
Protected classifications / Age | Date of birth; age eligibility. | Age gating/eligibility (which may vary by state) and compliance. | You. | Yes (sensitive personal data in some states). | Not sold or shared. | Service providers supporting eligibility enforcement and security. | Account life + legal obligations. |
Geolocation Data | Precise device location (GPS/Wi‑Fi/IP) via geolocation and/or anti-fraud provider(s). | Determine eligibility to offer free-to-play contests based on where you are physically located (state law restrictions); detect VPN usage/spoofing or other circumvention; fraud/abuse prevention; compliance. | Your device; geolocation and security/fraud service provider(s). | Yes (precise geolocation). | Not sold or shared for advertising; disclosed to service providers only. | Geolocation and security/fraud service provider(s) (e.g., VPN/spoofing detection) and hosting providers, as needed to operate the Services. | As necessary for eligibility enforcement, security, and fraud prevention; then minimized and/or de-identified where feasible. |
Internet/Network Activity | App events, session logs, crash reports, performance metrics, referral URLs. | App functionality; security monitoring; analytics; improvement. | Your device; analytics SDKs. | No. | May be “shared” for cross‑context ads only if you opt in; otherwise service providers only. | Analytics providers; anti‑fraud tools. | Operational needs + analytics windows. |
Communications | Support emails/chats/call recordings; feedback and surveys. | Customer support; quality assurance; training; dispute resolution. | You; communications vendors. | May include sensitive content incidentally. | Not sold or shared for advertising. | Support tooling providers; dispute resolution services. | As needed for support, disputes, and legal holds. |
Public Profile/Leaderboards | Display name, entries, rank/standing, pick data visible to other users in the same contest. | Core gameplay features; community transparency. | You; game systems. | No. | Public to participants; not sold. | Other users in the same contest; moderation tools. | While the contest/feature is available + audit window. |
For additional disclosures required by California and other states (including rights to access, delete, correct, opt out of “sale” or “sharing,” and limit use of sensitive personal information), see Section 11.
3. Information We Collect and Process (Detailed)
A. Visitors, Registrants, Purchasers, and Users of Our Services
Examples of Data | Where Do We Get It? | Why We Process It | Legal Bases* | Who Receives It? |
Identity & contact (name, username, mobile, email, DOB); account security (OTP status, backup email/password); profile image (optional). | You directly via App or Site; device OS account frameworks. | Account creation; secure OTP login; communications; account recovery. | Contract; legitimate interests; legal obligations (age and location-based eligibility). | Auth/OTP providers; email service; fraud/abuse tools. |
Geolocation (precise device location); IP-based location. | Your device; geolocation and/or anti-fraud provider(s). | Eligibility/geofencing for free-to-play contests (state law restrictions) when you log in, enter a contest, and/or redeem a gift card; fraud prevention including detection of VPN usage/spoofing or other circumvention. | Legitimate interests; legal obligations. | Geolocation and security/fraud service provider(s) (e.g., Castle.io) and hosting providers. |
Promotional rewards redemption (digital gift cards): redemption selections and delivery email address. | You; reward-fulfillment provider(s) (e.g., Tango) and/or our customer support team (as needed). | Fulfill promotional rewards you choose (e.g., sending a digital gift card to your email); prevent fraud/abuse; customer support and dispute resolution. | Contract; legitimate interests (fraud prevention); legal obligations (as applicable). | Reward-fulfillment provider(s) (e.g., Tango); customer support tooling providers. |
Device & technical (IP; OS; device identifiers; app usage; crash logs). | Your device; analytics/crash SDKs. | Security monitoring; debugging; analytics and improvement. | Legitimate interests; consent where required for ads. | Analytics providers; anti‑fraud vendors. |
Public content (display name, standings, picks visible in leaderboards). | You; game systems. | Core gameplay; transparency; community features. | Contract; legitimate interests. | Other users in the contest; moderation tooling. |
* Legal bases language is provided for jurisdictions recognizing such concepts (e.g., GDPR/UK law); for U.S. processing, we rely on contract, consent where required, legal obligations, and legitimate interests.
B. Persons Who Communicate with Us
Examples of Data | Where Do We Get It? | Why We Process It | Legal Bases* | Who Receives It? |
Identity/contact; communications content; metadata; call recordings (where permitted). | You; comms providers; in-app support. | Respond to inquiries; QA/training; legal holds. | Legitimate interests; legal obligations (record retention). | Support platforms; transcription tools (where used). |
Technical data (IP, device, time, headers). | Your device; comms tooling. | Security and abuse prevention; rate limiting. | Legitimate interests. | Security tooling providers. |
* Legal bases language is provided for jurisdictions recognizing such concepts (e.g., GDPR/UK law); for U.S. processing, we rely on contract, consent where required, legal obligations, and legitimate interests.
C. Employment and Apprenticeship Candidates (if applicable)
Examples of Data | Where Do We Get It? | Why We Process It | Legal Bases* | Who Receives It? |
Identity/contact; CV/resume; education; work history; certifications; references. | You; recruiters; references; background check vendors (where permitted). | Evaluate candidacy; schedule interviews; onboarding. | Contract; legitimate interests; legal obligations. | HR platforms; background-screening vendors (if used). |
* Legal bases language is provided for jurisdictions recognizing such concepts (e.g., GDPR/UK law); for U.S. processing, we rely on contract, consent where required, legal obligations, and legitimate interests.
D. Business Partners and Their Personnel
Examples of Data | Where Do We Get It? | Why We Process It | Legal Bases* | Who Receives It? |
Identity/contact; role/title; company; correspondence. | You; your employer; conferences/intros. | Administer our relationship; compliance screening; payments. | Contract; legitimate interests; legal obligations. | Billing platforms; compliance screening vendors. |
* Legal bases language is provided for jurisdictions recognizing such concepts (e.g., GDPR/UK law); for U.S. processing, we rely on contract, consent where required, legal obligations, and legitimate interests.
4. Geolocation and Eligibility Controls
Geolocation & Geofencing. We collect and use precise device location signals to verify that users are physically located within jurisdictions where Eazy6 free-to-play contests are legally offered (which may vary by state). Location verification may occur when you log in, enter a contest, and/or redeem a promotional reward. This may include device-native location services (such as GPS), network-based location indicators, operating-system level device integrity and attestation checks, and supplemental fraud-prevention or network-risk signals to detect VPN usage, spoofing, or other attempts to circumvent geographic eligibility restrictions. If you disable required location or integrity checks, certain features may not be available. We do not use precise location information for unrelated advertising purposes.
Age Eligibility. We ask for your date of birth to help determine whether you meet applicable age requirements, which may vary by jurisdiction. In the free-to-play version of the Services, we do not require government ID verification.
5. Online Tracking, SDKs, and Marketing
We use SDKs and cookies on the Site/App for essential functions, analytics, crash reporting, performance, and—where permitted—advertising and measurement.
We do not currently run in-app advertising and do not currently prompt for Apple’s App Tracking Transparency (ATT) authorization. If we implement advertising or ad attribution in the future, we will update our practices and notices, and request any permissions required by law or platform policies.
We honor applicable opt‑out mechanisms (e.g., “Do Not Sell or Share,” GPC signals on web) where required by law.
Service emails (e.g., OTP codes, security alerts, transactional notices) are not marketing and will still be sent.
6. How We Share Personal Information
Service providers/processors (e.g., OTP/SMS, geolocation and eligibility enforcement, security and fraud/abuse prevention such as VPN/spoofing detection, analytics, support, hosting, and promotional reward fulfillment) under confidentiality and dataprotection agreements.
Affiliates and professional advisors (legal, auditors, insurers) for compliance and corporate governance.
Legal/regulatory and integrity monitoring—where required to comply with law, enforce terms, investigate fraud/cheating/abuse, or respond to lawful requests.
Business transfers—mergers, acquisitions, restructurings; personal information may be transferred as an asset as permitted by law.
With your consent or at your direction.
7. Security
We implement reasonable administrative, technical, and physical safeguards appropriate to the nature of the data and risk, including TLS encryption, secure OTP login, access controls, least‑privilege, monitoring, and regular testing. No method of transmission or storage is completely secure; you are responsible for maintaining the confidentiality of your account credentials.
8. Data Retention & Minimization
We retain personal information only for as long as needed for the purposes described in this Policy, including gameplay, promotional reward fulfillment, customer support, security/fraud prevention, and legal obligations.
When data is no longer needed, we will delete or de‑identify it, subject to legal holds or dispute resolution.
9. Children’s Data
Eazy6 is intended for U.S. users aged 18+ (or the legal age in their jurisdiction). We do not knowingly collect personal information from children under 13 (or under 16 where applicable). If we learn we have collected such information without appropriate consent, we will delete it.
10. International Data Transfers
If you access the Services from outside the United States, your personal information may be transferred to, stored, and processed in the United States or other countries with different data‑protection laws. Where required, we use appropriate safeguards (e.g., Standard Contractual Clauses) for such transfers.
11. U.S. State Privacy Rights
Depending on your state of residence, you may have rights to access, correct, delete, or obtain a portable copy of your personal information; to opt out of sale, sharing for cross‑context behavioral advertising, and certain profiling; to limit use/disclosure of sensitive personal information; and to be free from discrimination. You may exercise these rights by emailing privacy@eazy6.com. We will verify requests and respond as required by law. We honor Global Privacy Control signals on the web where applicable.
12. Do Not Track and Global Privacy Control
Some browsers include a Do Not Track (“DNT”) setting. Our Site does not respond to DNT signals at this time. We do, however, recognize and honor Global Privacy Control (“GPC”) signals where required by applicable law.
13. Changes to This Policy
We may revise this Policy from time to time. The “Last Updated” date indicates the effective date. Material changes may be announced via the App or email. Your continued use of the Services after changes means you accept the updated Policy.
14. Contact Us
Eazy6 Privacy Team
Oakridge Interactive LLC
101 Crawfords Corner Road, Ste. 4116
Holmdel, NJ 07733
Email: privacy@eazy6.com
15. Player Safety and Integrity Monitoring
We use a combination of internal systems and third party tools to help maintain a fair, balanced, and safe environment. This may include detecting multiaccounting, collusion, botting, tampering, VPN/spoofing, or other integrity and security risks; investigating suspected cheating or abuse; and temporarily restricting accounts to review anomalies.
Automated risk signals are used to support security, fraud prevention, eligibility enforcement, and player safety, and are not used to make decisions producing legal or similarly significant effects without human review where required by law.
16. Prohibited Users and Eligibility Controls
Users located in jurisdictions where our free-to-play contests are not legally offered (as determined via geolocation) may be restricted from accessing certain contest features.
Certain employees, contractors, vendors, and others with access to confidential or game‑integrity information are prohibited from competing where required by policy or law.
17. Combination of Data and Profiling
We may combine information collected across the App, the Site, and our service providers to improve accuracy, security, and your experience. We may also use automated decision‑making or profiling (e.g., risk scoring signals for fraud prevention or geolocation eligibility). Where required by law, we will provide meaningful information about the logic involved and the significance and potential consequences for you, as well as your rights related to such processing.
18. Notice of Financial Incentives (if applicable)
From time to time, we may provide referral bonuses, promotional credits, or loyalty rewards. Participation is voluntary. The material terms (including how to opt out) will be disclosed at the time of the offer. The value of your data is reasonably related to the value of the offer or the expenses associated with providing it. You may withdraw at any time by contacting us. We do not condition the provision of services on participation in such programs except where the incentive is integral to the promotion.
We do not currently offer programs that are “financial incentives” under some state laws. If that changes, we will update this section and provide the required notices.
19. Authorized Agents, Appeals, and Verification Process
You may designate an authorized agent to submit a privacy request on your behalf. We require a signed authorization and identity verification.
We verify requests by matching information you provide with our records. Certain requests may require stronger verification (e.g., government ID).
If we deny your request, you may appeal by replying to our decision notice with “Appeal” in the subject line. We will review and respond within the timeframe required by applicable law.
20. Sensitive Personal Information – Limitation
Where state law provides a right to limit use and disclosure of sensitive personal information (e.g., precise geolocation or government ID), we limit our use of such data to the purposes reasonably necessary to provide the Services, ensure security and integrity, prevent fraud, comply with laws, and other purposes permitted by those laws.
21. Authentication and Account Security
Primary sign‑in via mobile number + one‑time passcode (OTP).
Backup email strongly recommended for account recovery; email must be verified if provided.
Optional backup password available (recommended).
Security notifications (email/SMS) sent on username, password, or mobile changes.
Rate limits and cooldowns for OTP requests; short OTP expiration windows; limited attempts.
Recovery paths include mobile OTP, verified backup email (if set), and support-assisted recovery.
Appendix A – GDPR/UK Data Protection Addendum
If you are located in the EEA/UK, this Addendum applies in addition to the main Policy.
Category | Purpose of Processing | Legal Basis (GDPR Art. 6) |
Account & Contact (name, username, mobile, email, DOB) | Provide and manage account; OTP login; communications | Art. 6(1)(b) Contract; Art. 6(1)(f) Legitimate interests |
Geolocation | Eligibility/geofencing for free-to-play contests (state law restrictions); compliance; fraud prevention | Art. 6(1)(f) Legitimate interests; Art. 6(1)(c) Legal obligation |
Device/Usage/Analytics | Security; analytics; improvement | Art. 6(1)(f) Legitimate interests; Art. 6(1)(a) Consent (for ads where required) |
Marketing/Communications | Send offers and updates (where permitted) | Art. 6(1)(a) Consent; Art. 6(1)(f) Legitimate interests |
International transfers may occur to countries without an adequacy decision; we rely on appropriate safeguards (e.g., Standard Contractual Clauses). You have rights under GDPR (access, rectification, erasure, restriction, portability, objection) and may contact us to exercise them. You may lodge a complaint with your supervisory authority.
Appendix B – State Privacy Rights Summary (California and Other U.S. States)
Right to Know/Access, Correct, Delete, and Portability.
Right to Opt Out of Sale or Sharing and Targeted Advertising.
Right to Limit Use/Disclosure of Sensitive Personal Information (e.g., precise geolocation, government ID).
Non‑discrimination for exercising rights.
Authorized agent procedures; verification steps for requests.
Appendix C – Key Third‑Party Service Providers (Current)
Category | Provider(s) (Subject to Change) | Purpose / Notes |
Geolocation & Eligibility Controls | Device-native location services and third-party security/fraud and eligibility tools (subject to change) | Precise location verification and geofencing for free-to-play contest eligibility (state law restrictions); detection of VPN usage, spoofing, or circumvention of jurisdictional restrictions (e.g., via Castle.io or similar providers); eligibility enforcement. |
OTP / Authentication Messaging | SMS, email, or push notification providers | Delivery of one-time passcodes, security alerts, and key account notifications. |
Promotional Rewards Fulfillment | Tango (subject to change) | Fulfillment of promotional digital gift card rewards selected by users; delivery to email; support and dispute resolution; fraud prevention. |
Analytics / Performance / Crash Reporting | Analytics and diagnostics providers | App performance monitoring; crash reporting; usage analytics; service improvement. |
Customer Support & Communications | Helpdesk, CRM, and communications platforms | Customer support, communications, quality assurance, and dispute resolution. |
Security, Fraud & Integrity Monitoring | Fraud-prevention and security service providers | Detection of account takeover, botting, collusion, abuse, and other integrity or security risks. |
Appendix D – Definitions
“Personal Information” or “Personal Data” means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.
“Sensitive Personal Information” includes certain data such as precise geolocation, government IDs, and biometric information as defined by applicable law.
“Sale” or “Share” have the meanings given in applicable state privacy laws (e.g., CPRA).
“Processor/Service Provider” means a vendor that processes data on our behalf under contract.
Appendix E – California “Shine the Light” and Nevada Rights
California “Shine the Light” (Civ. Code § 1798.83): We do not disclose personal information to third parties for their direct marketing purposes without giving you a right to opt out.
Nevada residents: We do not “sell” covered information as defined by Nevada law. You may still submit a verified request directing us not to sell covered information by contacting privacy@eazy6.com.
Appendix F – Cookie and SDK Notice
We and our service providers use cookies and SDKs to operate the Site and App. You can control cookies via your browser and mobile OS settings. The categories below summarize typical technologies used.
Category | Examples | Purpose/Controls |
Essential | Authentication, session management, security tokens | Required to log in, route traffic, and keep your session secure; cannot be disabled. |
Functional | Preference cookies, in‑app settings | Remember choices (e.g., language, notification preferences). |
Analytics | SDKs such as Firebase/Google Analytics; crash reporters | Measure performance and usage; de‑identified or aggregated where possible; opt‑out via device settings where available. |
Advertising/Attribution (if implemented) | If implemented: advertising and attribution SDKs | If we implement advertising or ad attribution in the future, we may use device identifiers for measurement. Where required, we will provide choices and request any permissions required by law or platform policies (e.g., ATT). You can also control certain settings via your mobile OS. |
This section supplements the Policy for California residents and describes our practices required by the California Consumer Privacy Act, as amended by the California Privacy Rights Act (“CPRA”).
CPRA Category | Examples | Collected | Sold/Shared | Disclosed for Business Purpose (Recipients) | Sensitive? / Right to Limit |
Identifiers | Name, username, mobile, email, device IDs, IP | Yes | No sale; sharing only if you opt in; otherwise service providers only | Auth/OTP, analytics, security/fraud prevention, promotional reward fulfillment | Some identifiers may be sensitive under state law |
Customer Records | Account records; promotional reward redemption records | Yes | No | Service providers supporting account operations and promotional reward fulfillment (e.g., Tango); auditors/professional advisors as needed | May include sensitive information depending on content |
Protected Classifications | Age (18+), date of birth | Yes | No | Service providers supporting eligibility enforcement and security | Yes; right to limit applies to certain uses |
Geolocation | Precise device location | Yes | No sale/share for ads | Geolocation provider; compliance | Yes; right to limit applies |
Internet Activity | App events, usage, crash logs | Yes | Shared for cross‑context ads only if you opt in | Analytics/crash providers | No |
Inferences | Risk signals for fraud/abuse | Yes | No | Security/fraud tools | May be sensitive depending on context |
California Rights: access/know, delete, correct, portability, opt‑out of sale/share and certain profiling, limit use/disclosure of sensitive personal information, and non‑discrimination. To exercise rights, email privacy@eazy6.com. We verify requests and honor Global Privacy Control signals on the Site where required.