Privacy Policy

Home / Privacy Policy

Last Updated: June 1, 2026

1. Introduction

NovaStar Limited ("we," "us," or "our"), a company incorporated in Hong Kong (Company Registration Number: 80066171), operates the Crash+ mobile application (the "App" or "Service"). We are committed to protecting the privacy and security of our users' personal data.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the Crash+ application. Please read this Privacy Policy carefully. By accessing or using the App, you acknowledge that you have read, understood, and agree to be bound by the terms of this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access or use the App.

For the purposes of applicable data protection laws, NovaStar Limited is the data controller responsible for your personal data. Our registered address is RM 1503-09, 15/F, Causeway Bay Centre, 15-23 Sugar Street, Causeway Bay, Hong Kong.

2. Information We Collect

We collect information that you provide directly to us, information that is collected automatically when you use our Service, and information from third-party sources. The types of information we collect include:

2.1 Personal Information You Provide

  • Account Registration Data: When you create a Crash+ account, we collect your name, email address, phone number, date of birth, and username. You may also choose to provide a profile picture.
  • Login Credentials: Your password is stored in encrypted form. If you choose to register or log in using a third-party service (such as Google or Facebook), we may receive your name and email address from that service.
  • Profile Information: Any additional information you voluntarily add to your profile, such as a bio, avatar, or display name.
  • Communications: When you contact our customer support team, participate in surveys, or communicate with us in any way, we collect the content of those communications along with associated metadata.
  • Payment Information: If you make in-app purchases, your payment card details are processed directly by our third-party payment processors. We do not store your full payment card information on our servers. We may receive transaction confirmation details, including the last four digits of your card number, transaction amount, and date.

2.2 Information Collected Automatically

  • Usage Data: We collect information about how you interact with the App, including gameplay statistics, session duration, features used, in-app actions, game outcomes, scores, levels achieved, and time spent on various screens.
  • Device Information: We automatically collect device-specific information such as your device model, operating system and version, unique device identifiers (including advertising identifiers), hardware specifications, browser type, language preferences, and mobile network information.
  • Log Data: Our servers automatically record information when you access the App, including your IP address, access times, pages viewed, app crashes, and other system activity.
  • Location Data: We may collect approximate location information based on your IP address. We do not collect precise GPS location data without your explicit consent.

2.3 Transaction Data

  • Purchase history and transaction records for in-app purchases
  • Virtual currency balances and transaction history
  • Reward redemption records

2.4 Communications Data

  • Messages sent through in-app chat features
  • Customer support inquiries and correspondence
  • Feedback and reviews submitted through the App

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Provide and Maintain the Service: To operate the Crash+ platform, manage your account, facilitate gameplay, process transactions, and deliver the features and functionality of the App.
  • Create and Manage Your Account: To set up and maintain your user account, verify your identity, and manage your preferences and settings.
  • Process Transactions: To process in-app purchases, manage virtual currency balances, and send you transaction confirmations and receipts.
  • Improve and Optimize: To understand how users interact with the App, identify trends and usage patterns, and improve the overall user experience, game balance, and performance.
  • Personalize Your Experience: To customize game content, recommendations, and features based on your preferences, gameplay history, and interactions.
  • Communicate With You: To send you service-related notices, updates, security alerts, and support messages. With your consent, we may also send promotional communications about new features, events, and offers.
  • Ensure Safety and Security: To detect, investigate, and prevent fraudulent transactions, cheating, unauthorized access, and other illegal or suspicious activities that may threaten the integrity of the Service.
  • Provide Customer Support: To respond to your inquiries, troubleshoot problems, and provide technical assistance.
  • Comply with Legal Obligations: To comply with applicable laws, regulations, legal processes, and government requests.
  • Enforce Our Terms: To enforce our Terms of Service and other agreements, and to protect the rights, property, and safety of NovaStar Limited, our users, and the public.

4. Data Sharing and Disclosure

We do not sell your personal data to third parties. We may share your information in the following circumstances:

4.1 Third-Party Service Providers

We engage trusted third-party companies and individuals to perform services on our behalf, including:

  • Analytics Providers: To help us understand App usage and improve our Service (e.g., Google Analytics, Firebase Analytics).
  • Payment Processors: To process in-app purchases securely.
  • Cloud Hosting Providers: To host our servers and store data securely.
  • Customer Support Platforms: To manage and respond to user inquiries.
  • Push Notification Services: To deliver in-app and push notifications.

These service providers are contractually obligated to use your information only as necessary to provide services to us and are required to maintain the confidentiality and security of your data.

4.2 Legal Requirements

We may disclose your information if required to do so by law, or in the good faith belief that such action is necessary to:

  • Comply with a legal obligation, court order, or legal process
  • Respond to lawful requests from public authorities, including law enforcement or national security requirements
  • Protect and defend the rights or property of NovaStar Limited
  • Prevent or investigate possible wrongdoing in connection with the Service
  • Protect the personal safety of users of the Service or the public

4.3 Business Transfers

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of our assets, your personal data may be transferred as part of that transaction. We will notify you via email and/or a prominent notice within the App of any change in ownership or uses of your personal data, as well as any choices you may have regarding your personal data.

4.4 With Your Consent

We may share your information with third parties when you have given us your explicit consent to do so.

4.5 Aggregated or De-Identified Data

We may share aggregated or de-identified information that cannot reasonably be used to identify you, for purposes including industry analysis, research, marketing, and demographic profiling.

5. Data Security

We take the security of your personal data seriously and implement appropriate technical and organizational measures to protect it against unauthorized access, alteration, disclosure, or destruction. Our security measures include:

  • Encryption: We use industry-standard Transport Layer Security (TLS/SSL) encryption to protect data transmitted between your device and our servers. Sensitive data stored on our servers is encrypted at rest using AES-256 encryption.
  • Secure Infrastructure: Our servers are hosted in secure data centers with physical and environmental safeguards, including access controls, surveillance systems, and redundant power supplies.
  • Access Controls: We restrict access to personal data to authorized employees, contractors, and agents who need to know that information to operate, develop, or improve our Service. All personnel with access to personal data are bound by confidentiality obligations.
  • Regular Assessments: We conduct regular security assessments, vulnerability testing, and code reviews to identify and address potential security risks.
  • Incident Response: We maintain incident response procedures to promptly address any security breaches or data incidents. In the event of a data breach that poses a risk to your rights and freedoms, we will notify you and the relevant authorities as required by applicable law.

While we strive to use commercially acceptable means to protect your personal data, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security, and you acknowledge that you provide your personal data at your own risk.

6. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including to satisfy any legal, accounting, or reporting requirements. Our retention practices are as follows:

  • Active Account Data: We retain your account information and associated data for as long as your account remains active and in use.
  • Account Deletion: If you request deletion of your account, we will delete or anonymize your personal data within 30 days of your request, except where retention is required by law or for legitimate business purposes.
  • Transaction Records: Financial transaction records are retained for the period required by applicable financial regulations and tax laws, which may extend beyond the deletion of your account.
  • Legal and Compliance: We may retain certain information for longer periods as required by law, to resolve disputes, enforce our agreements, or for other legitimate purposes.
  • Anonymized Data: We may retain anonymized or aggregated data indefinitely for analytics, research, and service improvement purposes. This data cannot be used to identify you.

7. Your Rights

Depending on your location and applicable laws, you may have the following rights regarding your personal data:

  • Right of Access: You have the right to request a copy of the personal data we hold about you and to obtain information about how we process it.
  • Right to Rectification: You have the right to request that we correct any inaccurate or incomplete personal data we hold about you.
  • Right to Erasure: You have the right to request that we delete your account and personal data, subject to certain exceptions (such as data we are legally required to retain).
  • Right to Data Portability: You have the right to request that we provide your personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another controller where technically feasible.
  • Right to Withdraw Consent: Where we rely on your consent to process your personal data, you have the right to withdraw that consent at any time. This will not affect the lawfulness of processing based on consent before its withdrawal.
  • Right to Opt-Out: You have the right to opt out of receiving marketing and promotional communications from us at any time by following the unsubscribe instructions in those communications or by adjusting your notification settings within the App.
  • Right to Restrict Processing: In certain circumstances, you may have the right to request that we restrict the processing of your personal data.
  • Right to Object: You may have the right to object to certain types of processing of your personal data.

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within 30 days of receipt. We may require you to verify your identity before processing your request to protect the security of your data.

8. Children's Privacy

The Crash+ application is not directed at individuals under the age of 18. We do not knowingly collect personal data from children under 18 years of age. If you are under 18, please do not use the App or provide any personal data to us.

If we become aware that we have inadvertently collected personal data from a child under the age of 18, we will take prompt steps to delete such information from our records. If you are a parent or guardian and you believe that your child has provided us with personal data without your consent, please contact us at [email protected], and we will take steps to remove that information from our systems.

9. Cookies and Tracking Technologies

We and our third-party partners may use various tracking technologies to collect and store information about your interactions with our Service:

  • Essential Cookies and Local Storage: We use essential cookies and local storage mechanisms to maintain your session, remember your login status, and store game preferences. These are necessary for the basic functionality of the Service.
  • Analytics Technologies: We use analytics tools (such as Google Analytics and Firebase) to collect and analyze usage data. These tools use cookies and similar technologies to help us understand how users interact with the App, identify trends, and improve the Service.
  • Advertising Identifiers: With your consent, we may use advertising identifiers provided by your mobile device's operating system to deliver personalized advertisements and measure the effectiveness of advertising campaigns.
  • SDKs (Software Development Kits): Our App may integrate third-party SDKs that collect certain information automatically, including device information, usage data, and crash reports.

You can manage your cookie and tracking preferences through your device settings. Please note that disabling certain cookies or tracking technologies may affect the functionality of the App.

10. International Data Transfers

NovaStar Limited is headquartered in Hong Kong. Your personal data may be transferred to, processed, and stored in Hong Kong and other countries or regions where our service providers operate. These countries may have data protection laws that differ from the laws of your jurisdiction.

When we transfer your personal data to other jurisdictions, we ensure that appropriate safeguards are in place to protect your data, including:

  • Implementing standard contractual clauses approved by relevant data protection authorities
  • Ensuring that our service providers maintain adequate data protection standards
  • Complying with applicable cross-border data transfer regulations

By using the Crash+ application, you consent to the transfer of your information to Hong Kong and other locations as described in this Privacy Policy.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes to this Privacy Policy, we will:

  • Update the "Last Updated" date at the top of this policy
  • Notify you via in-app notification or email prior to the changes becoming effective
  • Where required by law, obtain your consent to material changes

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your data. Your continued use of the App after any changes to this Privacy Policy constitutes your acceptance of the updated policy.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

  • Company: NovaStar Limited (新星網絡科技有限公司)
  • Address: RM 1503-09, 15/F, Causeway Bay Centre, 15-23 Sugar Street, Causeway Bay, Hong Kong
  • Email: [email protected]
  • Phone: +852 21349790

We will endeavor to respond to all legitimate requests within 30 days. Occasionally, it may take us longer if your request is particularly complex or you have made a number of requests, in which case we will notify you and keep you updated.