Privacy Policy of the HERO WARS project (the "Project")

(Revised as of December 26, 2022)

Thank you for choosing NEXTERS GLOBAL LIMITED Project.

The confidentiality of your data is our main priority. We strive to make the use of NEXTERS projects as convenient and safe as possible. We have developed this Privacy Policy (hereinafter referred to as the "Policy") in such a way as to make its content as clear as possible. If you still have any questions or suggestions regarding the Policy, please read the most popular questions in the FAQ section or contact us through the "Help and Support" section in the Project.

We may update this Policy from time to time by publishing a notice in the Project before the amendments come into the effect.

This Policy describes:

  • What data we process;
  • Whom we may share your data with;
  • Purpose of data processing;
  • How long do we store data;
  • How we protect your data;
  • How you can manage the data.


The use of NEXTERS projects is governed by this Policy and Terms of Use.

The Controller for the purposes of the GDPR and other applicable data protection or data privacy laws of the EU Member States, as well as other data protection requirements in respect of the Project, is:


107 Faneromenis Avenue

6031, Larnaca, Cyprus


Data processing is carried out by us solely for the purposes defined by this Policy. Please note that you have the right to withdraw consent at any time, in the manner specified by this Policy.


We do not ask for your consent with this Policy. We shall process the data only in accordance with applicable law, including providing a valid legal basis for such processing, if necessary. For certain categories of data, we may request additional prior consent.

By accepting the Terms and this Policy, you acknowledge and confirm that you have reached the age required to enter into a binding agreement in the country of your residence of domicile. We do not collect data from persons who are obviously under the age of 18 and do not allow such persons to use our Services without the proper consent of a legal representative. If you have not reached the specified age, you are obliged to provide permission from one of your parents or legal guardians in the form and manner required by the local legislation of the country of your residence of domicile.

We recommend that you fully explore what the gameplay involves and how the children may use the Project. To familiarize yourself with what we do to ensure the safety of children, please read the Parent's Guide.

Please consider! If you have not reached the minimum age required to consent to the collection and processing of Data, and you do not have the proper consent of a legal representative, do not send us any information about yourself, including your name, address, phone number, email. If Nexters becomes aware of the use of the Project by users who have not reached the minimum set age, we will definitely ask you for confirmation of the consent of the legal representative. If such consent is not provided, we will terminate access to the Project and delete the data as soon as possible.


In general, by your Data we mean any information that relates that relates to you and usage of the Services. All information of your activity processed by us for providing access to the Project and (or) Services, is hereinafter referred to as the "Account".

For residents of the State of California and the State of Nevada, we have also prepared additional information in accordance with the California Consumer Privacy Protection Act of 2018 ("CCPA") and Nevada Law (NRS 603A.340). Please read the Additional Information for residents of the state of California and Nevada for more information.

We collect your personal data on the following lawful basis:

  • the data necessary to provide you with access to the Project or the provision of our Services on the basis of the Contract;
  • the data necessary for marketing or analytical purposes on the basis of your consent.

Methods of collecting information (categories of sources used in the collection).

1.1. Data you provide by yourself. We include the following information that you provide to this type of data:

  • date of creating an Account;
  • your use of social functions and channels for communicating with other people in the Project;
  • purchases or financial transactions, such as in-house purchases and (or) received prizes;
  • technical and support services.

WARNING! We are not responsible for the relevance, correctness, completeness or quality of the information you provide. When you place the data indicated independently, we proceed from the presumption of your good faith, accept the specified information as relevant, correct, complete and reliable. If you indicate inaccurate and (or) irrelevant information, access to a number of Services may be limited for you, and a technical support and support services regarding the processing of personal data is suspended until the confirmation of your ownership of the specified information. These measures are necessary to ensure the protection of your data.

1.2. Data we collect automatically

We may collect data related to your use of the Project and your in-game activity, to your use of our services and the nature of this use and to your devices. The collection of such information is necessary for the analysis of possible technical errors in the Project and their timely elimination. The processing of information about your in-game activity is related to the social nature of our Project, the results of your in-game actions are reflected throughout the in-game world and includes the following information:

  • Your use of the Services (such as timestamps, clicks, searches, referral/exit pages, and activity and interactions in our game clients, including chat logs);
  • Your device information (such as IP addresses, unique device IDs, processing capabilities, manufacturer and model, language and other regional settings, geographic location, and screen resolution and similar settings);
  • Your connection to the Services, including details about the network and software you're using (such operating system name and version, ISP, and your preference settings); and
  • Identification and elimination of errors or problems (such as loading errors and response times).

1.3. Information collected from external sources. We may receive information about you and your actions from third parties when you connect external accounts; from advertisers or service providers about your contacts and interactions with them.

Here You may familiarize yourself with the data processed in relation You.

Please note when you use Project we may display third party advertising and also promote our Services via third parties.
To enable us to show in-game ads we may send your advertising ID, IP-address, as well as other similar information to advertisers and / or ad networks to enable them to find appropriate ads to serve to you.
You can control our use of your advertising ID in your device and account settings. Also, you can limit the display of targeted ads at any time in your account settings. Nexters does not control which specific ads are shown in Project (this is controlled by ad networks) but we do blacklist certain categories of ads.


To provide the Services, we may provide the Data to suppliers or agents working on our behalf. We do not sell your personal data to third parties. We may disclose the Data to third parties that provide a service to us, ensuring that they are contractually obligated to keep your personal data confidential and will comply with the GDPR and other relevant data protection laws.

We may share your information with the following types of third parties:

  • a) technical and customer support providers who assist us in the provision of the Services,
  • b) third party software providers, including "software as a service" solution providers, where the provider hosts the relevant personal data on behalf of Nexters;
  • c) analytical services that help us develop and improve the Project;
  • d) providers that help us generate and collate reviews in relation to our offers and Services;
  • e) advertising and promotional agencies and those organizations or online platforms selected by us to carry out marketing campaigns on our behalf and to advertise their own products or services that may be of interest to you; and/or
  • f) professional advisers such as solicitors, accountants, tax advisors, auditors, and insurance brokers;
  • g) service providers that assist us in providing our services.

You can get a list of such companies here

We may share your personal data with our affiliates and partners in the EU / EEA and outside the EU / EEA. If the transfer of data outside the EU / EEA is not regulated by an EU Commission sufficiency decision, we base on the legal guarantees set out in Article 46 et al. Seqq. GDPR. This mainly includes EU Commission-approved Standard Contractual Clauses, which we have strengthened with additional security measures such as additional individual risk assessment, additional contractual guarantees, and technical guarantees, including additional encryption or pseudonymization, to enable international transfers with NEXTERS affiliates and partners outside the EU/EEA.

Learn more about the EU Commission's approved Standard Contractual Clauses.

We may share personal data with external providers or service providers or providers whom we engage to perform services or functions on our behalf and in accordance with our instructions.

If these providers are established within the EU, we ensure that they are contractually bound to comply with EU data protection regulations. We also guarantee in our contracts with these organizations that they only process personal data in accordance with our instructions and provide consistent services and protect the integrity and confidentiality of your personal data entrusted to them. We may also disclose personal information to our advisers, consultants, law enforcement and other government agencies (such as tax and social security authorities), police, prosecutors, and courts. All these recipients are themselves responsible for complying with EU data protection regulations.

Some of the suppliers we work with are located outside the European Economic Area. If the EU Commission has not recognized them as providing adequate protection of personal data, we rely on the legal guarantees described above.

The companies specified in the list may access and process your data in accordance with their own privacy policies, being an equivalent Data Controller. We encourage you to review their privacy policies to learn more about how they process data.

We may disclose your personal data as permitted by law to investigate, prevent, or act regarding illegal activities, suspected fraud, violation of our intellectual property rights, situations involving potential threats to the physical safety of any person, violation of our Policies and (or) Terms of Use or other agreements, or as required by law.

Please feel free to contact us for additional information on third country data transfers as well as our safeguards and supplementary security measures.


We process your Data only when necessary to provide access to the Project and (or) Services, while taking reasonable security measures to protect your Data from loss, misuse and unauthorized access, disclosure, modification or destruction.

With respect to the users covered by the General Data Protection Regulation (EU) 2016/679 (hereinafter - the "GDPR"), we use the Data collected through the Project and (or) Services for the purposes of our legitimate interests in accordance with Article 6(1)(f) of the GDPR as well as for the purposes stipulated in the Terms of Service and this Policy. E.g., we may use information we collect -

to provide our Services or information you request as well as to process and complete any transactions;

to respond to your submissions, questions, comments, requests and complaints as well as to provide customer service;

to monitor and analyze the Project's use and trends or to personalize and improve the Project or user experience on our web sites, such as providing ads, Content or features that match their profiles or interests as well as to increase the Project's functionality and user friendliness;

to provide gifts and rewards that you may have to win in the Project etc.;

to send you confirmations, updates, security alerts as well as support and administrative messages;

to facilitate your use of and our administration and operation of our web sites; and

Data is collected when you provide it within the Project and (or) Service upon your explicit consent while You can always manage your Data. Indirect collection shall be allowed only on anonymous basis.


We process and store Data during the Project period and within thirty (30) days from the confirmation of the request for deletion, except for the non-personal information that is necessary to fulfill the requirements of applicable law (for example, in the field of taxation and accounting) and anonymous information. The personal information collected shall be destroyed without any delay once the purpose of its use is achieved. We do not control the data published by you or copied by other users, as well as the data published in the chat of the Project (if applicable) or on thematic groups and forums. After deleting your data, your anonymized account can be saved in the Project if it is used in conjunction with other users.

Information contains personal data of users (if applicable), collected or created by providing of technical support to users, is stored during the period of the User Account that has applied for support in order to provide an optimal solution to issues and problems. Information that does not contain personal data can be stored for the entire duration of the Project.


NEXTERS GLOBAL LIMITED respects the confidentiality of your data and strives to ensure the highest level of protection. Despite the measures we are taking to protect your information, any measures that we apply will not have any effect if you neglect the data security.

The project implemented reliable means of protection to ensure the security of your data. We do everything possible for your safety when using the Project and are constantly improving our information protection methods. As some means of protecting information from unauthorized access, alteration, disclosure or destruction, we use the following methods:

  • data encryption during storage and transmission;
  • we carry out two-stage user authentication when requesting an action with the Data;
  • we improve the techniques and methods of collecting, storing and processing the Data;
  • access to the Data, in encrypted and impersonal form, have only authorized employees, consultants or interested groups of people who need access to this information to perform their duties;
  • all persons having access to the Data are briefed on working with data, their knowledge and skills are systematically being checked.

In spite of all measures taken by us, your careful attitude to the Account and access to it has a great importance in the safety of your Data. To prevent unauthorized access to your Data and Account, we bly recommend you not to share access to the account to any third parties and to comply with the rules of the project and use of the Services. In case of your violation of the Terms of Use of the Services, we will not be able to guarantee the security of your Data.

WARNING! The following actions are prohibited by this Policy and the Terms, and may also violate the confidentiality of your data:

  • transfer of information about the Account and (or) access rights to third parties. Please note that our official representative will never request access to your Account;
  • the use of unauthorized third-party programs, the use of robot programs and (or) programs that change the game process, including assistance in the game process. In addition to the fact that the use of such programs is expressly prohibited by the Terms, they may contain malicious software that could harm the security of your data;
  • the acquisition of in-game values from third parties. By acquiring in-game values bypassing the Terms of Use, you can become a victim of fraudsters.


You have all the technical capabilities to determine how the Data shall be used. We are constantly improving the data management methods available to you.

You can form a request within the Project by sending a request in the Help section or Account. You are entitled to obtain information from us on how we handle your personal data, to see copies of all personal data held by us and to request that your personal data is amended, corrected or deleted from our systems. You can also limit, restrict or object to the processing of your data.

For exercising your rights, you can:

  • at any time withdraw your consent for Data Processing;
  • access to your Data received by us. You are entitled to access the Data about you received by us which means you have the right to request the provision of information about Data storage, access to Data, as well as copies of the stored Data;
  • require limitation of Data processing for the time required to verify the reliability of the information provided;
  • change the Data. You may discretionary determine the Data, which shall be associated with your Account.
  • object to the processing of your Data. If you believe that we have no legitimate reason for processing your Data, please contact us using email: If we fail to satisfy your claim, you have the right to file a complaint with the local supervisory authority.
  • delete Data related to the Account.

The procedure for withdrawing consent to the processing and deletion of Data:

PLEASE NOTE that the Data is used by us solely for the purpose of providing you access to the Project and improving the quality of the Services. By deleting of Account Data, you will lose access to the Project and your Data will be permanently deleted.

The order of execution of the request:

  1. An initial request that meets the requirements of this Policy can be sent through the contact form in the Project in the section «Support» / «Privacy protection request».
  2. Confirmation of the request - carried out by you through the specified and verified email address.
  3. Execution of the request - usually carried out within 30 days from the date of confirmation of the request. This period is necessary for organizational and technical measures to fulfill your request and, if necessary, may require more time.

PAY ATTENTION, We reserve the right to refuse to fulfill the request if the ownership of the Data is not confirmed by the User and (or) the request affects the rights and freedoms of others.

If you have lost access to the Project and do not have the technical ability to perform actions to confirm ownership of the Data, you can send a letter to the address:

107 Faneromenis Avenue

6031, Larnaca, Cyprus


In the letter you must provide information by which we can uniquely identify you and the ownership of the Account Data.


NEXTERS GLOBAL User Data Protection Manager:

Personal Data Specialist

107 Faneromenis Avenue

6031, Larnaca, Cyprus


If your consent expires or is withdrawn or canceled, we will delete the data processed on the basis of your consent, unless there is any other basis for processing them in order to achieve other data processing objectives outlined in this Policy. Note that as a result of deleting your data associated with the Project, you will no longer have access to the Services.


We provide you with access to international Project and strive to comply with applicable local laws. Please note that our Services are provided "as is" and you should get to know with applicable laws. By continuing your use of the Project, you are warrant that your use of the Project is not contrary to the applicable law and Terms of Service.

Please note we do not sell users' Personal Data in California. Data transfer is carried out in order to provide the Services legally.


We reserve the right to modify this Policy at any time, so please review it on a periodic basis.

This Policy is made in English language. In case of any inconsistency or discrepancies between a non-English translation of this Policy and the English version, the English version shall prevail.



Earlier versions of this Privacy Policy