At LUNARBAY GROUP (HONGKONG) LIMITED ("Lunarbay Group," "we," "us," or "our"), we are committed to protecting the privacy and rights of individuals in the European Economic Area (EEA), the United Kingdom, and Switzerland in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the UK GDPR. This GDPR Compliance Statement explains how we comply with those laws when processing personal data of individuals in those regions.
Lunarbay Group acts as a data controller for the personal data we collect and process. As a data controller, we determine the purposes and means of processing personal data. Our contact details are:
LUNARBAY GROUP (HONGKONG) LIMITED
Room 602, 6/F, Kai Yu Commercial Building
2C Argyle Street, Mongkok, Kowloon, Hong Kong
Email: bd@lunarbaygroup.com
We adhere to the following principles when processing personal data:
We process personal data only when we have a legal basis to do so. The legal bases we rely on include:
We will inform you of the specific legal basis for processing at the time we collect your personal data or as soon as possible thereafter. In general, we rely on:
Some of our Services may include advertising SDKs, mediation platforms, attribution tools, analytics providers, and media partners. These partners may process device identifiers, IP address, approximate location, app events, ad impressions, clicks, installs, purchases, crash data, and consent signals to deliver ads, measure campaigns, detect fraud, and improve our Services.
For users in the EEA, UK, and Switzerland, we request consent before using advertising identifiers, cookies, SDK data transfers, or similar technologies for personalized advertising where consent is required. You can withdraw consent through any in-app privacy settings, consent management tool, device settings, or by contacting us at bd@lunarbaygroup.com. If you withdraw consent, we may still process limited data for security, fraud prevention, service delivery, legal compliance, contextual advertising, or aggregate measurement where permitted by law.
We may work with partners listed in our Privacy Policy, including AppLovin, TopOn, Meta, Google, Unity, ironSource, Mintegral, Pangle, Liftoff/Vungle, Moloco, and TikTok. Depending on the context, these partners may act as our processors, joint controllers, independent controllers, or business partners.
We may use limited automated processing to protect our Services, detect fraud or invalid traffic, recommend content, measure advertising performance, or show ads that may be more relevant to you. We do not make decisions based solely on automated processing that produce legal effects concerning you or similarly significant effects, unless permitted by law and with appropriate safeguards.
If you are in the EEA, you have the following rights regarding your personal data:
To exercise any of these rights, please contact us at bd@lunarbaygroup.com. We will respond to your request within one month. This period may be extended by two further months where necessary, taking into account the complexity and number of requests.
You have the right to access your personal data that we hold. To make a data subject access request, please contact us at bd@lunarbaygroup.com with the subject line "Data Subject Access Request." We may need to verify your identity before responding to your request.
We will provide you with a copy of your personal data in a structured, commonly used, and machine-readable format. We may charge a reasonable fee based on administrative costs if you request additional copies or if your request is manifestly unfounded or excessive.
In the event of a personal data breach that is likely to result in a high risk to your rights and freedoms, we will notify you without undue delay. We will also notify the relevant supervisory authority within 72 hours of becoming aware of the breach, where feasible.
The notification will include:
We conduct data protection impact assessments (DPIAs) when processing is likely to result in a high risk to the rights and freedoms of individuals. DPIAs help us identify and minimize data protection risks.
We implement appropriate technical and organizational measures to ensure that, by default, only personal data that is necessary for each specific purpose of the processing is processed. This includes:
We may transfer your personal data to countries outside the EEA. When we do so, we ensure that appropriate safeguards are in place to protect your personal data, such as:
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider:
Advertising identifiers and event-level advertising data are retained only for as long as needed for attribution, fraud prevention, reporting, billing, legal compliance, and dispute resolution, unless a longer retention period is required or permitted by law. Aggregated, anonymized, or de-identified data may be retained for longer because it no longer identifies you.
If we are required to appoint an EU or UK representative, we will make the representative's contact details available through this page or another appropriate notice. If you have any questions about our GDPR compliance or how we handle your personal data, please contact us at:
LUNARBAY GROUP (HONGKONG) LIMITED
Room 602, 6/F, Kai Yu Commercial Building
2C Argyle Street, Mongkok, Kowloon, Hong Kong
Email: bd@lunarbaygroup.com
You also have the right to lodge a complaint with a supervisory authority in the EEA, UK, or Switzerland if you believe that we have not complied with applicable data protection requirements.
Last Updated: May 22, 2026
Back to Home