Privacy Policy
Last Updated: March 30, 2026
This Privacy Policy explains how REPOCKET PTE. LTD. ("Repocket," "we," "us," or "our") collects, uses, processes, discloses, and protects personal information in connection with the 2048 Game website, bandwidth sharing functionality, and related services (collectively, the "Services").
This Privacy Policy applies to the 2048 Game website at https://2048game.fun/ and the website operated under the 2048 Game brand. This Privacy Policy forms part of and should be read together with the 2048 Game Terms of Use ("Terms"). By accessing or using the Services, you acknowledge that your personal information will be processed as described in this Privacy Policy.
For the purposes of applicable data protection laws, REPOCKET PTE. LTD. (with address at 60 Paya Lebar Road, #11-03 Paya Lebar Square, Singapore 409051) is the data controller responsible for the processing of personal information described in this Privacy Policy. Our email is hello@2048game.fun.
We may update this Privacy Policy from time to time to reflect changes to the Services, our practices, legal requirements, or platform requirements. The "Last Updated" date at the top of this Privacy Policy indicates when it was most recently revised. If we make material changes, we will take reasonable steps to provide notice, such as by posting an updated version on our website or providing notice within the Services. Your continued use of the Services after an updated Privacy Policy becomes effective constitutes your acceptance of the updated Policy.
If you have questions about this Privacy Policy, wish to exercise your privacy rights, or have concerns about how your information is handled, you may contact us using the details above.
1. Information We Collect
1.1. Information we collect. We collect personal information and related technical data only to the extent necessary to provide, secure, and improve the Services. The categories of information we collect are described below.
| Category | What We Collect | Purpose |
|---|---|---|
| Information You Provide | Email address; hashed account password; support communications (including attachments); optional profile details (if provided) | Account creation and management; authentication; user support; service communications |
| Account and Consent Records | EULA acceptance records; Bandwidth Sharing acceptance records; timestamps of consent; IP address at time of consent; app version, device type, or platform at acceptance | Demonstrate contractual acceptance; maintain compliance records; legal defense; security auditing |
| Network Information | Incoming IP address; session timestamps and duration; device type; operating system and version; app version; ISP/ASN (if collected); crash logs and diagnostics | Operate the Services; maintain network integrity; troubleshoot issues; prevent abuse; improve performance |
| Bandwidth Sharing Data | External IP participation in proxy network; routing-related metadata; abuse prevention logs; network integrity monitoring data | Operate managed proxy network; allocate routing; monitor misuse; ensure compliance and security |
| Analytics and Website Data | Website analytics data (e.g., Google Analytics, PostHog); device identifiers for diagnostics; cookies (if applicable); SDK performance analytics | Understand usage patterns; improve functionality; maintain service reliability; diagnose technical issues |
1.2. Limitations. 2048 Game is designed to limit the collection of sensitive network activity data. Specifically:
- We do not perform deep packet inspection of traffic routed through the Services.
- We do not use traffic routed through the Services for advertising tracking purposes.
- We do not build behavioral advertising profiles based on your use of the Services.
Our data collection practices are limited to what is necessary to operate, secure, and improve the Services as described in this Privacy Policy.
1.3. Processing Overview. We process personal information only where necessary to provide the Services, maintain security, comply with legal obligations, and operate the bandwidth sharing model described in this Privacy Policy. The table below summarizes the categories of personal information we process, the purposes for which we process them, and the applicable legal bases.
| Category of Data | Purpose of Processing | Legal Basis (EEA/UK) |
|---|---|---|
| Account Information (email, credentials) | Create and manage user accounts; authenticate access; provide customer support | Performance of contract |
| Consent Records | Maintain evidence of acceptance of the Terms and Bandwidth Sharing participation | Legal obligation; Legitimate interests (compliance and legal defense) |
| Network and Session Information | Ensure service functionality; maintain application and website operation; support session integrity | Performance of contract |
| Bandwidth Sharing Data | Operate and manage proxy network participation; allocate routing; monitor integrity | Performance of contract; Legitimate interests (network operation and security) |
| Technical and Diagnostic Data | Troubleshoot errors; improve performance; detect misuse | Legitimate interests |
| Security and Abuse Logs | Prevent fraud, abuse, cyberattacks, and policy violations | Legitimate interests; Legal obligation (where applicable) |
| Analytics Data | Analyze usage patterns; improve features; optimize performance | Legitimate interests |
| Legal Request Data | Respond to lawful requests and regulatory requirements | Legal obligation |
1.4. Children data. We do not knowingly collect personal information from individuals who do not meet the applicable minimum age requirement of at least 16 years of age. If we become aware that personal information has been collected from a user who does not meet the required age threshold, we will take reasonable steps to delete such information and terminate the associated account, unless retention is required for legal purposes. Parents or legal guardians who believe that their child has submitted personal information to us without authorization may request that we delete such information by contacting us at hello@2048game.fun.
1.5. Sensitive personal information. We do not intentionally collect or process sensitive personal information as defined under applicable law, except where necessary to provide the Services.
2. Bandwidth Sharing Disclosure
2.1. Nature of Traffic. 2048 Game may include participation in bandwidth sharing, as further described in the Bandwidth Sharing Policy. Where bandwidth sharing is active, your device's external IP address may be used as part of a managed proxy network operated through Repocket infrastructure. In this context, your IP address may function as a routing endpoint for authorized third-party network requests. As a result, certain third-party internet traffic may egress from your external IP address. Third-party traffic routed through the proxy network:
- Is limited to controlled and monitored commercial use cases;
- Is subject to technical allocation and filtering controls;
- Does not provide third parties with access to your device, local files, accounts, or applications.
Bandwidth sharing does not allow remote control of your device.
2.2. Safeguards. We implement technical safeguards designed to reduce misuse of the proxy network, including:
- Automated detection systems;
- Maintained blocklists and destination restrictions;
- Traffic monitoring for abuse prevention;
- Response procedures for valid abuse reports.
We may block, suspend, or restrict traffic categories or destinations to comply with legal, security, or platform requirements. 2048 Game does not inject, alter, redirect, or manipulate traffic generated by third-party applications installed on your device for advertising or monetization purposes. Traffic routed through the Services is not used for behavioral advertising or cross-app tracking.
3. How We Share Information
3.1. Categories of Recipients. We may share personal information with the following categories of recipients where necessary to operate the Services:
- Cloud hosting providers, data center operators, and related infrastructure partners that enable operation of the Services, bandwidth sharing network, and associated systems.
- Service providers that assist us in understanding usage patterns, diagnosing technical issues, and improving performance (where analytics tools are enabled).
- Vendors that facilitate transactional emails, account communications, and customer support services.
- Service providers that assist with fraud detection, abuse prevention, security monitoring, and compliance management.
- Affiliated entities within the Repocket corporate group, where necessary for operational, security, or administrative purposes.
- Governmental authorities, courts, regulators, or law enforcement agencies where disclosure is required by applicable law or lawful process.
All third-party service providers are required to process personal information only for authorized purposes and in accordance with applicable data protection laws.
We may also share personal information in connection with a merger, acquisition, restructuring, financing transaction, or sale of assets, subject to appropriate confidentiality safeguards.
3.2. Explicit Disclosures. We do not sell or share personal information, including within the meaning of the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), for cross-context behavioral advertising purposes.
3.3. International Transfers. Personal information may be processed in Singapore and in other jurisdictions where our service providers or infrastructure partners are located. Where personal information is transferred across international borders, we implement appropriate safeguards consistent with applicable data protection laws. Such safeguards may include:
- Contractual data protection clauses (including standard contractual clauses, where applicable);
- Data processing agreements with service providers;
- Technical and organizational measures designed to protect personal information during transfer and processing.
4. Data Retention
We retain personal information only for as long as necessary to provide the Services, comply with legal obligations, resolve disputes, enforce our agreements, and maintain security. In general:
- Account information is retained while your account is active and for a reasonable period thereafter for administrative, legal, and security purposes.
- Consent records may be retained as necessary to demonstrate compliance with legal and contractual requirements.
- Security, abuse prevention, and technical logs are retained for limited periods appropriate to operational and security needs.
- Aggregated or anonymized information that does not identify you may be retained for longer periods for analytics and service improvement.
When personal information is no longer required for the purposes described in this Privacy Policy, we will delete it or anonymize it in accordance with applicable law.
5. Data Security
We implement reasonable technical and organizational measures designed to protect personal information against unauthorized access, disclosure, alteration, misuse, or destruction. These measures include encryption of data in transit where appropriate, role-based access controls, internal confidentiality obligations, system monitoring to detect abuse or unauthorized activity, and established incident response procedures. Access to personal information is limited to authorized personnel and service providers who require such access for legitimate operational purposes.
While we take appropriate steps to safeguard personal information, no method of transmission over the internet or electronic storage system can be guaranteed to be completely secure. If we become aware of a security incident affecting personal information, we will take appropriate action in accordance with applicable data protection laws.
6. Rights for EEA / UK Users
If you are located in the European Economic Area ("EEA") or the United Kingdom ("UK"), you may have certain rights under applicable data protection laws, including the General Data Protection Regulation ("GDPR") and the UK GDPR. These rights may include:
- Right of Access. You have the right to request confirmation as to whether we process personal information about you and, where we do, to request access to that information together with details about how it is used.
- Right to Rectification. You have the right to request correction of inaccurate personal information and to have incomplete personal information completed.
- Right to Erasure. You have the right to request deletion of your personal information in certain circumstances, including where the information is no longer necessary for the purposes for which it was collected, or where processing is based on consent and you withdraw that consent.
- Right to Restriction of Processing. You have the right to request that we restrict the processing of your personal information in certain situations, such as where you contest the accuracy of the data or object to processing.
- Right to Object. You have the right to object to processing based on our legitimate interests where your particular situation gives rise to such objection. You also have the right to object to processing for direct marketing purposes.
- Right to Data Portability. Where processing is based on contract or consent and carried out by automated means, you may have the right to receive certain personal information in a structured, commonly used, and machine-readable format.
- Right to Withdraw Consent. Where we rely on your consent as the legal basis for processing, you have the right to withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out before withdrawal.
- Right to Lodge a Complaint. You have the right to lodge a complaint with a supervisory authority in the EEA or the UK if you believe that our processing of your personal information violates applicable data protection laws.
To exercise any of these rights, you may contact us at hello@2048game.fun. We will respond to valid requests without undue delay and, in any event, within one month (30 days), unless a longer period is permitted by applicable law.
7. Additional Rights for California Residents
If you are a resident of California, you may have certain rights under the California Consumer Privacy Act ("CCPA"), as amended by the California Privacy Rights Act ("CPRA"), subject to applicable exceptions and limitations. These rights may include:
- Right to Know. You have the right to request that we disclose the categories of personal information we have collected about you, the categories of sources from which it was collected, the business or commercial purposes for collecting it, the categories of third parties with whom it is shared, and the specific pieces of personal information we hold about you.
- Right to Delete. You have the right to request deletion of personal information we have collected from you, subject to certain exceptions permitted by law.
- Right to Correct. You have the right to request correction of inaccurate personal information that we maintain about you.
- Right to Opt-Out of Sale or Sharing. You have the right to opt out of the sale or sharing of personal information, as those terms are defined under California law. 2048 Game does not sell personal information and does not share personal information for cross-context behavioral advertising purposes.
- Right to Limit Use of Sensitive Personal Information. To the extent we process sensitive personal information as defined under California law, you may have the right to request limitations on its use.
- Right to Non-Discrimination. You have the right not to receive discriminatory treatment for exercising your privacy rights under California law.
To exercise your California privacy rights, contact us at hello@2048game.fun. We will respond to verifiable consumer requests within forty-five (45) days, unless an extension is permitted by law.
8. Rights for Residents of Other U.S. States
Residents of certain U.S. states may have additional privacy rights under applicable state privacy laws, including but not limited to the Virginia Consumer Data Protection Act (VCDPA), Colorado Privacy Act (CPA), Connecticut Data Privacy Act (CTDPA), Utah Consumer Privacy Act (UCPA), and similar laws. Where applicable, these rights may include:
- Right to Access. You may have the right to confirm whether we are processing your personal information and to access such information.
- Right to Delete. You may have the right to request deletion of personal information that you have provided to us or that we have obtained about you, subject to statutory exceptions.
- Right to Correct. You may have the right to request correction of inaccuracies in your personal information, taking into account the nature of the information and the purposes of processing.
- Right to Data Portability. You may have the right to obtain a copy of certain personal information in a portable and, where technically feasible, readily usable format.
- Right to Opt Out of Certain Processing. Depending on your state of residence, you may have the right to opt out of targeted advertising, the sale of personal information, or profiling in furtherance of decisions that produce legal or similarly significant effects.
To exercise your rights under applicable state privacy laws, contact us at hello@2048game.fun. We will respond to valid requests within thirty (30) days unless a longer period is permitted by applicable law.
Contact
If you have any questions or concerns about this Privacy Policy or our data practices, please contact us:
- Email: hello@2048game.fun
- Mail: REPOCKET PTE. LTD., 60 Paya Lebar Road, #11-03 Paya Lebar Square, Singapore 409051