Play Now
Editorial Team · Updated July 2026 · 18+

Privacy Policy

This policy explains how towerrushplay.app collects, uses, retains, shares and protects information. We are an independent information site, not a casino, and we take no deposits or withdrawals. We do not need your UPI PIN, card CVV, passwords or one-time passwords.

Effective date: 16 July 2026. Last updated: 16 July 2026.

Scope of This Policy

This Privacy Policy explains how towerrushplay.app collects, uses, retains, shares and protects information when you use this independent, information-only website about the Galaxsys game Tower Rush. We are not a casino, do not take deposits or process withdrawals, and we do not need your UPI PIN, card CVV, passwords or one-time passwords. The table below shows what this policy does and does not cover.

Website interactionIs it covered?
Visiting a pageYes
Contact formYes
Cookie preferencesYes
Reply to an enquiryYes
Outbound link until you leaveYes
Data on a third-party site after you leaveNo
Data held by GalaxsysNo
Data held by a casino or payment serviceNo
A copycat siteNo

Data-Protection Framework in India

The Digital Personal Data Protection Act, 2023 (the DPDP Act) was enacted on 11 August 2023. A phased commencement notification dated 13 November 2025 began bringing its provisions into force, and the substantive obligations in Sections 3 to 17 are expected to commence around 18 months after that date. The Act establishes the Data Protection Board of India and is built on principles including transparency, purpose limitation, data minimisation, accuracy, security and deletion when data is no longer needed. We aim to reflect those principles in this policy, but this page is general information, not legal advice.

Information You Provide Voluntarily

When you use our contact form or email us, you may provide your name, email address, a subject, your message and sometimes a URL you are asking about. Please share only what is needed, and do not send passwords, one-time passwords, UPI PINs, card CVVs or full identity documents, because we do not need them and cannot secure them on your behalf. If we ever enable a newsletter, we collect your email address only when you choose to subscribe. Any feedback you send is used to respond to you and to improve the site.

Information Collected Automatically

Like most websites, our hosting and security systems automatically record technical information when you visit, including your IP address, the date and time, the URL requested, your browser type, your operating system and device, the referring page, and your language and time-zone settings, along with security events. This gives an approximate region at most; we do not collect precise GPS location. Usage and analytics information is collected only if you consent, and we may record outbound-link events to understand which references are useful.

Cookies and Similar Technologies

We use a small number of cookies and similar technologies, and you control the optional ones. The categories below are explained in full, with durations and controls, in our Cookie Policy.

CategoryTypical purposeConsent approach
Strictly necessarySecurity, delivery and preferenceApplied where necessary
FunctionalOptional display or languageConsent where required
AnalyticsAggregate usageDisabled until you consent
Outbound measurementLink performanceConsent where non-essential
AdvertisingPersonalised promotionNot used without a lawful basis and consent

How We Use Personal Information

We use the limited information we handle only for the purposes below. We do not use your information to place bets, set gambling limits on your behalf, predict game outcomes, or sell or rent data to casinos or gambling operators.

PurposeData commonly involved
Deliver pagesIP, time, browser
Maintain securityLogs, IP
Diagnose problemsURL, device, error
Respond to enquiriesName, email, message
Correct contentReport, source, URL
Remember privacy choicesConsent identifier
Measure performanceAnalytics events
Manage subscriptionsEmail, consent
Meet legal obligationsNecessary information
Establish or defend rightsCommunications, logs

Consent and Service or Security Necessity

We handle personal information on the lawful bases available to us. For core site delivery and security, we rely on what is necessary to provide the service you request and to keep the site safe from abuse. For optional activities such as analytics and any non-essential cookies, we rely on your consent, which you can withdraw at any time. Withdrawing consent does not affect processing that already took place while your consent was valid.

Google Analytics and Measurement Services

Where we use a measurement service such as Google Analytics, we do so only after you have given consent, and we do not send it the contents of the contact form. Google Analytics offers user and event data-retention windows of 2 or 14 months, and we configure retention at no more than 14 months. You can withdraw consent at any time to stop further collection, and you can also use the browser and cookie controls described in our Cookie Policy.

Sharing and Disclosure

We do not sell your personal information. We share limited information only with service providers who help us run the site, and only to the extent they need it, as summarised below.

Provider categoryTypical access
Website hostRequests, IPs, logs
CDN or security providerNetwork events, threat indicators
Email providerContact messages
Consent-management toolCookie choices
AnalyticsConsent-based usage
Backup providerEncrypted records
Professional adviserInformation for legal or security needs

We may also disclose information where the law requires it, to respond to a valid legal request, or to protect the safety, rights or property of visitors, the public or the site. If the site or its assets are ever transferred as part of a reorganisation, this policy will continue to apply to the information involved.

Third-Party Websites

When you follow an outbound link, you leave towerrushplay.app and the destination site handles your data under its own policies. Be especially careful with any site or message that makes the requests below, which are common signs of fraud.

RequestWhy it is concerning
UPI PIN or banking passwordNot required to try a demo
OTPEnables account takeover
Card CVVUnrelated to practice play
Remote device accessExposes your accounts
Unknown APKMay carry malware
Payment for a predictorA random result cannot be guaranteed
Full identity document in chatInsecure or unnecessary

Data Retention

We keep information only as long as we need it for the purpose it was collected, or as the law requires. The standard periods below are guidance and may vary where a specific legal or security need applies.

Data categoryStandard retention
Uncomplicated contact enquiryUp to 12 months after the last reply
Ongoing complaint or legal matterUntil resolution plus the limitation period
Privacy request recordUp to 3 years
Routine server logsUp to 90 days
Security-investigation logsUntil the investigation concludes
Cookie-consent recordConsent period plus up to 12 months
Google Analytics event dataUp to 14 months if enabled
Newsletter subscriptionUntil you unsubscribe
Suppression recordMinimum needed to honour your opt-out
Outbound-link measurementUp to 12 months
BackupsWithin about 90 days

Data Security

We use reasonable technical and organisational measures to protect information, including TLS encryption in transit, access controls, multi-factor authentication for administrative access, software updates and backups. No website can guarantee absolute security, so we cannot promise that a determined attack will never succeed. You can help protect yourself as well.

  • Never share a password, OTP, UPI PIN or card CVV with anyone, including anyone claiming to represent us.
  • Send us only the details needed to answer your question.
  • Use a strong, unique password and up-to-date antivirus software on your device.
  • Avoid installing unofficial APK files or predictor apps that request unusual permissions.
  • Report anything suspicious through our contact page so we can look into it.

Your Privacy Choices and Rights

Subject to applicable law, you may ask to access the information we hold about you, to correct or update it, to erase it, to withdraw consent for optional processing, to raise a grievance, and to nominate another person to exercise your rights in the event of death or incapacity. We aim to acknowledge a request within 7 business days and to respond within 30 calendar days, and we will tell you if more time is genuinely needed. To protect you, we may verify your identity using the information already linked to your request rather than asking for a full identity document.

How to Submit a Privacy Request

You can make a privacy request through our contact page using the subject line Privacy Request. To help us respond, please include your name, a reply email address, the type of request, the relevant date or page, and a short explanation of what you would like us to do. We do not charge a fee for a reasonable request.

Children's Privacy

This site is intended only for adults aged 18 years or older, and it is not directed at children. The DPDP Act defines a child as anyone under 18 years of age, and we do not knowingly collect their personal data. If you believe a child has provided information through the site, please tell us through our contact page so we can remove it.

International Processing

Some service providers we use may process information on servers located outside India. Where that happens, we take reasonable steps so that the information continues to be protected in line with this policy and applicable law, including the framework set by the DPDP Act. We do not transfer personal data to any jurisdiction that is restricted for such transfers under Indian law.

Do Not Track and Browser Signals

Some browsers can send Do Not Track or global privacy signals. There is no single agreed standard for how websites must respond to them, but where our consent tools recognise such a signal we aim to honour it. You can also manage optional cookies at any time through our cookie banner and your browser settings.

Automated Decisions and Profiling

We do not make decisions that produce legal or similarly significant effects about you through solely automated processing, and we do not carry out profiling of that kind. Any analytics we use is aggregate and is not used to evaluate or make judgements about individuals.

Data Breach or Suspicious Activity

If you believe your data has been exposed, or you notice suspicious activity connected to the site, please tell us through our contact page so that we can investigate. When you report an issue, please redact sensitive details such as full card numbers, passwords or OTPs. Where the law requires it, we will notify the Data Protection Board of India and the individuals affected by a reportable personal-data breach.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in the site, our practices or the law. The version on this page is the current one, and the effective date at the top shows when it was last revised. Your continued use of the site after an update means you accept the revised policy, so we recommend checking this page periodically.

Contact and Grievance Information

For any privacy question, request or grievance, please use our contact page, and we will route it to the person responsible for handling data matters. When you write to us, include only what is needed to understand your request. Never include a password, one-time password, UPI PIN, card CVV or full identity document in your message.

Responsible gambling

18+ only. Tower Rush is a game of chance, not income. India helpline KIRAN (24x7): 1800-599-0019. Set limits and never chase losses.

Tower RushDemo & real money · 18+Play Now →