In this privacy policy, we describe what kind of data we may collect from you regarding your use of our games, applications, websites, and related services and how we may use such data. Our policy follows Art. 12 and Art. 13 EU General Data Protection Regulation (GDPR).
Controller (Art. 4 GDPR):
Vanilla b.v.
Hurksestraat 19
5652 AH Eindhoven
The Netherlands
Company number: 76313271
Please direct any questions regarding data protection to us by email at [email protected].
General Information
We pay great attention to the protection and security of your personal data. This website stores and processes data in accordance with the applicable data protection laws. As a user of this website, you agree to the data processing in the sense of this declaration. In this privacy policy, we describe the kinds of data we collect and how we process them when you use our games, websites, and related services.
Below we call these collectively “Services”. By using our Services, you agree to the processing of your data in accordance with this privacy policy.
Types of Data Processing & the Legal Basis
The following data processing is carried out during the use of our services:
1. Data processing for our mobile games
As you engage with our mobile applications, we may gather certain types of data, such as device identifiers, usage patterns, your IP address, and device information. We assure you that this data collection is performed strictly to the principles of data minimization and anonymization to ensure the highest level of privacy protection.
This information is employed for specific, legitimate purposes. It enables us to streamline and enhance your in-app purchases, making them more secure and efficient. Further, by analyzing usage patterns, we generate valuable insights that assist us in improving the quality and functionality of our apps.
2. Data processing during email correspondence
If you contact us using our contact form (link) or via email and, in this way, voluntarily provide us with your personal data such as title, name, address, and email address, then this data will be processed by us in accordance with the applicable data protection laws and protected accordingly. We consider the voluntary submission of your data to us as consent to process them for the purpose of handling your request. Your data will be processed exclusively for the purpose of our services, and you can contact us at any time for information on data processing. We will delete your data after your questions have been answered.
Cookies and Digital Content Stored on External Servers
General information about cookies
Cookies are small text files that are stored on the end device (PC, tablet, phone) and saved by your browser. Cookies do not cause any damage to your terminal device and serve to enable more comfortable use of the website.
Cookies allow us, or a third-party website, to remember the visitor’s actions and preferences (e.g., login, language, font size, and other display preferences) over a period of time. Cookies often contain unique identifiers that web servers send to web browsers, which can then be sent back to the server each time the browser requests a page from the server. Web servers can use cookies to identify and track users as they navigate different pages of a website and to identify users who return to a website. You can also set your browser to notify you about cookies or choose to not allow them.
Technical and non-technical Cookies
We use cookies for the following purposes:
- to enable the use and functionality of the website (technical cookies).
- to analyze the visitors’ behavior on the website and improve the user experience (non-technical cookies).
Cookies that are not strictly necessary to provide you with the services on our website (non-technical cookies) will only be used after your consent. In some cases, these consent-based cookies are also operated by companies that process data in the USA (e.g. Google Ireland Ltd. through its commissioned data processor Google LLC). By giving your consent, you agree to the use of non-technical cookies, especially the analytics and marketing cookies in the course of your visit to our website. By agreeing to the use of cookies from these providers, you also expressly consent to the transfer of your data to the USA (Art 49 para 1 lit. a GDPR). Your consent to the use of non-technical cookies can be revoked at any time.
We use the following non-technical cookies after we have your consent for them. We ask for your consent through our cookie banner.
We use Google Analytics Cookies (non-technical cookies).
These are for online marketing and web analysis. Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, and its holding company Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, offer these cookies. You can find out more about them on this Google website: https://marketingplatform.google.com/intl/en_uk/about/analytics/. In addition, you can find Google’s privacy policy here: https://policies.google.com/privacy. You can opt-out at any time, please click here: https://tools.google.com/dlpage/gaoptout.
We use Google AdSense Cookies (non-technical cookies).
These are for online marketing. Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, and its holding company Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, offer these cookies. You can find out more about them on this Google website: https://adsense.google.com/intl/en_uk/start/. In addition, you can find Google’s privacy policy here: https://policies.google.com/privacy. You can opt-out at any time, please inform yourself here: https://support.google.com/adsense/answer/1348695?hl=en-GB.
We use Google Firebase Authentication Cookies (non-technical cookies).
Firebase Authentication essentially provides the means for users to log in to an account from multiple devices. By using information such as passwords and phone numbers, you can access your account from multiple devices and enjoy a seamless experience. Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, and its holding company Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, offer these cookies. You can find out more about them on this Google website: https://firebase.google.com/support/privacy?hl=en. In addition, you can find Google’s privacy policy here: https://policies.google.com/privacy?hl=en. You have the option to delete your account at any time.
Processing of Other Digital Content
We use Adobe Fonts on some of our websites.
On some of our websites, we use Adobe Fonts. This is a service that provides access to a font library for use in desktop applications and websites. As part of providing the Adobe Fonts service to websites, Adobe does not place or use cookies on websites. The digital content of Adobe Fonts is stored on external servers. See here for more information regarding Adobe Fonts and their data privacy: https://www.adobe.com/mena_en/privacy/policies/adobe-fonts.html.
We use Shopify to operate our webshop.
Shopify provides software that we use to operate our webshop. If you have visited or shopped at our webshop, then Shopify collects information to process your order. Shopify International Limited c/o Intertrust Ireland is located on 2nd Floor 1-2 Victoria Buildings, Haddington Road, Dublin 4, D04 XN32 Ireland. See here for more information about how Shopify handles your data: https://www.shopify.com/legal/privacy.
Links
If you are redirected to other sites via links on our site (e.g. Facebook or Instagram), we ask you to inform yourself about data protection on the respective other website. For example, you can read the data protection policy from Meta here: https://www.facebook.com/privacy/policy/.
Please note that the use of such third-party sites or content is subject to the privacy policies and usage terms of the third party instead of our own terms, and we do not have control or assume any liability regarding their data processing.
Data Sharing, Collection, and Storage of Personal Data
We do not share your personal data with third parties without your consent. However, there are cases where we are legally obliged to share personal data with authorities. This is the case, for example, in the course of criminal investigations.
The browser on your end device automatically sends information to the respective servers of our service providers when you visit our websites. The information is temporarily stored on these servers. The following data is affected by this and is stored until it is automatically deleted: IP address of the requesting computer, date/time of access, name/URL of the retrieved file, referrer URL, browser used, the used operating system/name of the access provider.
We have concluded Data Processing Agreements with our hosting providers to protect your data.
In accordance with Art. 6 para. 1 lit. f GDPR, this information may be used for purposes such as ensuring a seamless connection of the website, ensuring comfortable use of our website, evaluating system security and stability, as well as for other administrative purposes. We do not use this data for personal profiling or similar purposes under any circumstances. If we make evaluations, then these are made anonymously.
We may process your data outside the country where you live (for example, if you are an EU citizen living outside the EU) because some of our servers are located in the US and Asia. This can also happen if, for instance, the service provider of our analytical services is located outside your country. In such cases, we will take steps to ensure that your personal data is processed lawfully and in accordance with this privacy policy.
Data Security
We secure your data properly and use all necessary technical and organizational measures in this regard. Nevertheless, we must point out that complete protection of data against unlawful access by third parties is not possible, especially due to cyberattacks.
For all our websites and data transfers, we use SSL (Secure Socket Layer) encryption for security and to protect confidential content. You can recognize this encrypted connection by the fact that the address line of the browser changes from “http://” to “https://”, as well as by the lock symbol. SSL encryption prevents third parties from reading the data that is transmitted.
Data Subject Rights
You have extensive rights under data protection law as a data subject. These are your rights as a data subject: right to information about the processing of your personal data, right to rectification, right to deletion (also known as the right to be forgotten), right to restriction of processing, right to object to processing, and the right to withdraw consent. If you have any further questions in this regard, please contact us. We will explain your rights to you.
You also have the right to complain to the data protection authority in your country if you believe that your rights have been violated. Here is a list with all European Data Protection Authorities and their contact information: https://edpb.europa.eu/about-edpb/about-edpb/members_en. However, we would still appreciate it if you would contact us first before approaching any of the authorities. We will listen to you and your concerns and take care of them in all seriousness.
Last update: 23-07-2023