Born to Rock

Privacy Policy

Last updated: July 7, 2026 · Applies to the Born to Rock app and borntorock.app

1. Introduction

This Privacy Policy explains how Adventure Holdings ("we", "us" or "our") collects, uses, stores, shares or otherwise processes the personal data of end users of our Services ("you" or "your"), and what rights you have if we are processing your personal data.

In this Privacy Policy, "Services" refers to our Games, Websites, and any related services or properties we control, in which:

The expression "your data" is used when referring to personal data that relates to you as an identified or identifiable individual.

This Privacy Policy applies to your download, access or use of our Services. It also applies to any other services we provide in connection with our Games or Websites, including customer support, social media, marketing, advertising, and other activities we may operate from time to time.

This notice applies to all our Services, unless a separate notice is supplied with a particular Game or other Service, in which case that notice applies instead. Our Services may link to or otherwise allow you to navigate to properties controlled by third parties (for example, a shared challenge link opened in your browser, or a partner's website). This notice does not apply to properties controlled by third parties, and the operators of those properties may collect and use your data following their own policies. We have no control over and assume no responsibility for the content, privacy policies or practices of any third-party sites or services.

Your privacy is important to us, and we take our responsibility to protect it seriously. Please read this Privacy Policy in its entirety before accessing or using the Services so that you are aware of how and why we may use data relating to you. By using our Games, you are considered to have agreed to the terms of this Privacy Policy and our Terms of Use. If you have concerns about providing your data to us or its use as described here, you should refrain from using our Games or other Services.

2. The Data We Collect

The categories of personal data we collect depend on the Services you use and the requirements of applicable law. We may collect and process the following data relating to you:

2.1 Data you provide us directly

We collect information that you give us directly, such as when you create an account, subscribe, contact support, answer optional onboarding questions, or create content in the game. This may include:

2.2 Data we collect automatically

When you use our Games and Websites, we collect data about your interactions. This data helps us personalize and improve your experience and prevent fraud. We automatically collect:

2.3 Data we collect from third-party sources

In some cases, we may get information about you from third-party sources, where permitted by law, including:

3. How We Collect Your Information

We and third parties use the technologies described below to collect information to deliver our Services.

3.1 Cookies and similar technologies

Cookies are small text files stored on your browser. We and our partners use cookies and similar tracking technologies to understand your activity, improve your experience, and enhance advertising effectiveness. We may use tracking pixels and Internet log files (such as IP address) to monitor traffic, detect fraud, and troubleshoot issues. For managing your cookie preferences, see Section 9.

3.2 Analytics technologies

We use internal and third-party analytics technologies to collect data on how you interact with our Services, your device, and system performance. This includes technical details such as IP address, device identifiers, operating system, network information, gameplay statistics, and engagement metrics. If you play offline, data is stored on your device and transmitted once you reconnect to the Internet. For online features, we may collect, store, use, and publicly display gameplay-related data, including scores, rankings, and shared content (for example, a challenge link showing your survival result). Third-party analytics tools, including SDKs and APIs, may combine data collected from our Services with their own data gathered over time and across platforms.

3.3 Ad serving technologies

Free play in Born to Rock is supported by advertising. We use advertising technologies, including SDKs, APIs, and similar technologies, to display advertisements within our Services. These technologies may synchronize or link your behavior across devices and platforms to personalize ads based on your interests, where you have permitted tracking. The information collected may include:

Third-party advertising companies may combine data collected from our Services with data they have independently collected over time or across multiple services. A list of our advertising and service partners and their privacy policies appears in Section 6. Opting out of personalized advertising does not remove ads entirely; the ads you see may simply be less relevant to your interests.

3.4 Anti-cheat and fraud prevention technologies

We use fraud-prevention and content-moderation measures to keep the game fair and safe. These may collect device data, monitor in-game activity, and use automated systems to detect cheating, abuse of reward systems, and fraudulent purchases. We may also review and moderate user-generated content (such as created songs and their titles) to prevent policy violations. If your access is blocked due to a system error, please contact us using the details below.

4. How Personal Data Is Used

We collect your data to provide and improve our Services, comply with legal obligations, and fulfill our contractual commitments. Your personal data may be used individually or in combination with other data for the following purposes:

4.1 To make the Service work

4.2 To make the Service more suitable to you

4.3 To show you personalized advertisements

To show you personalized advertisements in the Service, where permitted, we process data to:

For information on how to opt out of personalized advertisements, see Section 10.

4.4 To keep the Service safe and fair

4.5 For other purposes

In all of the above cases, we may analyze, profile and segment collected data. If we need to use your personal data for a reason not listed above, we will notify you. We may also anonymize your personal data such that you cannot reasonably be re-identified, and use that anonymized information for any purpose.

5. Legal Basis for Data Collection and Use

Our legal basis for processing your personal data depends on the type of data collected, the context in which it is collected, and your country of residence. We process your data based on:

If you reside in a territory where legitimate interest is not recognized as a lawful basis under applicable law, we will rely on another appropriate lawful basis, such as contractual necessity or your consent.

6. Sharing with Third Parties

We may share your data with third parties to achieve the purposes described in this Privacy Policy, including with the following types of recipients:

Current and planned partners and their privacy policies (due to continuous changes in operations, this list may not be complete and is subject to amendment from time to time):

Our partnersTheir privacy policy
Apple (App Store, in-app purchases, Sign in with Apple)apple.com/legal/privacy
RevenueCat (subscription management)revenuecat.com/privacy
Supabase (accounts & data hosting)supabase.com/privacy
Google (Firebase, Sign in with Google)policies.google.com/privacy
Google AdMobpolicies.google.com/privacy
AppLovinapplovin.com/privacy
OneSignal (push notifications)onesignal.com/privacy_policy
AI music generation providersProvided upon request via support@borntorock.app
Meta (advertising)facebook.com/privacy/policy
TikTok Adsads.tiktok.com privacy

Law enforcement, governmental agencies, regulators, and other third parties. We may disclose your personal data without notice if required by law or if we believe it is necessary to comply with legal obligations, protect our rights or property, or safeguard the rights or property of third parties, including our users and the public.

We do not sell your personal information for monetary consideration.

7. International Data Transfers

We operate globally, and your personal data may be transferred to service providers located in countries other than your own. While laws vary by country, we hold all employees and service providers to the same high standard of data protection, and we request that any party receiving your personal data uses it only for the purposes for which it was shared and adequately protects it.

When we transfer data internationally, we take precautions to comply with applicable law. Our protective measures may include standard contractual clauses for data transfers (for example, between EEA countries and non-EEA countries). For further information, or to obtain a description of our protective measures, contact us using the details below.

8. Data Retention and Security

8.1 Data retention

As a principle, we retain personal data only for as long as it is needed. How long your data is stored depends on what it is and how it is used:

If you ask us to remove your personal data, we will retain only what is necessary for our legitimate business interests, such as complying with legal obligations, resolving disputes, and enforcing agreements. When personal data is no longer necessary, we take appropriate steps to delete or anonymize it.

8.2 Data security

We work to protect your personal data from unauthorized access, alteration, disclosure or destruction, using administrative, technical and physical security measures, including HTTPS connections and TLS encryption in transit.

Unfortunately, no data transmission or storage method is entirely secure. While we implement measures to protect your information, we cannot guarantee that unauthorized access, hacking, data loss, or other breaches will never occur. You should take reasonable measures to protect your own information, including your account password. If we reasonably suspect a security breach or unauthorized access to your account, we may suspend it without prior notice. If you believe your account may no longer be secure, contact us using the details below.

8.3 Data storage

Your personal data may be stored and processed on servers within our cloud infrastructure. We take appropriate measures to ensure your data is protected in accordance with applicable data protection laws, including safeguards for international transfers where required.

9. Cookies and Tracking Technologies

9.1 How we use them

Like most online services, we and our partners use cookies and similar technologies to provide, personalize, and improve the Service, analyze usage, target advertisements, and prevent fraud. These technologies enable us and our partners to store preferences, track activity within the Service, and:

9.2 Your choices

9.3 Cookie retention periods

9.4 Types of cookies we use

(i) Functionality — used so that we recognize you and remember your previously selected preferences.

(ii) Advertising — used to collect information about your visit, the content you viewed, and information about your browser, device, and IP address, limited aspects of which may be shared with advertising partners.

10. Your Rights and Options

We provide meaningful choices regarding the collection and use of your personal information under laws including the GDPR in the European Union and state privacy laws in the United States. The rights described here are not intended to limit similar rights available elsewhere.

10.1 Your data protection rights

10.2 Verification of identity

To protect your account, we may require verification before processing a rights request — for example, confirming ownership of the email address associated with your account.

10.3 Exercising your rights

To exercise any of these rights, contact us at support@borntorock.app and follow the instructions in our response. We retain certain data as necessary for legal obligations, dispute resolution, and the establishment, exercise, or defense of legal claims.

11. Children's Privacy

Protecting children's privacy online is very important to us. Our Services are not directed at children under 13 (or the applicable age required by local law), and we do not knowingly collect personal data from children.

If we discover that we have collected personal data from a child without required parental consent, we will promptly delete it, unless required by law to retain it, and will terminate the child's account or limit its features as appropriate. If you are a parent or guardian and would like to review, modify, or delete personal data collected from your child, please contact us at support@borntorock.app.

12. Region-Specific Information

12.1 United States (state privacy laws)

Notice of collection. We may collect identifiers/contact information, payment-related information, commercial information, Internet or other electronic network activity information, coarse geolocation data, and inferences drawn from such information, for the purposes summarized in Section 4.

Privacy rights common across US state privacy laws:

We do not collect or use Sensitive Personal Information such as Social Security numbers, precise geolocation, or biometric data. We honor Do Not Track and GPC signals. To exercise rights, email support@borntorock.app; we will respond within 45 days and may extend by another 45 days where permitted, with notice. In case of a data breach that may impact your rights, we will notify affected users and relevant authorities as required by law.

California. In the last 12 months we may have collected: identifiers/contact information, demographic information you volunteer, payment-related information, commercial information, Internet activity information, coarse geolocation, and inferences. Sources: directly from you, automatically, or from third parties. We disclose categories to service providers and advertising partners as described in Section 6. We do not sell or share the personal information of known minors under 16. Under the "Shine the Light" law, note that we do not disclose personal information to third parties for their own direct marketing. California residents under 18 may request removal of publicly posted content by emailing us.

Colorado / Connecticut / Virginia. If we deny a rights request, you have the right to appeal, and we will provide instructions at that time. We use automated systems for personalized advertising, fraud detection, and security; if you object to automated decisions that significantly affect you, you may request human review by contacting us.

Nevada. We do not sell your covered information as defined under Chapter 603A of the Nevada Revised Statutes.

12.2 European Union / EEA / UK

If you are a resident of the EU, EEA, or UK, you have data protection rights under the GDPR and UK GDPR, subject to legal exceptions, including the rights to: know how your data is collected and used; request details and a copy of your data; correct inaccurate data; object to processing; restrict processing; data portability; withdraw consent at any time; and request deletion.

We use automated systems for personalized advertising, fraud detection, and security. You have the right not to be subject to decisions based solely on automated processing that produce legal or similarly significant effects; if you object, you may request human intervention by contacting us. You also have the right to lodge a complaint with a competent European supervisory authority.

12.3 Policy updates

We may update this Privacy Policy from time to time. We will notify you of changes by posting the new policy on this page and updating the "Last updated" date above; for material changes we may also notify you by email or a prominent notice in the app. Continued use of our Services after changes take effect constitutes acceptance. Prior versions are available on request.

13. Contact Information

Your personal information belongs to you, and we will make sure your rights are respected. You can contact us at any time to ask for a copy of your data, withdraw your consent, or obtain deletion of the information we keep about you.

Data Controller: Adventure Holdings

By email: support@borntorock.app