Privacy Policy

1. Introduction

Welcome to ELGAME ("we," "our," or "us"). This Privacy Policy outlines how we collect, use, share, and protect your personal information. We are committed to safeguarding your privacy and handling your data responsibly in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR).

By accessing or using our application, website, or related services (collectively, the "Services"), you agree to the practices described in this Privacy Policy and our Terms and Conditions. If you do not agree, please discontinue your use of the Services.

2. Data Controller

The data controller responsible for processing your personal data is:

ELGAME
Email: elgameguess@gmail.com
Website: elgameguess.com

3. Information We Collect

a. Personal Information

We collect the following information that you provide directly to us:

• Email Address: Collected during user registration for account creation, authentication, and sending essential service notifications or game reminders (if consented).
• Username or Display Name: Used to identify you on leaderboards and other app features.

b. Usage Data

We automatically collect information about how you interact with the Services, including:

• Game Activity: Information about the games you play, including scores, attempts (guess history), and dates of play.
• Device and Connection Information: May include IP address, browser type, operating system, device type, and referring URLs. This helps enhance functionality, security, and troubleshoot issues.

c. Cookies, Analytics, and Tracking Technologies

Our Services use cookies (small text files stored on your device) and potentially similar technologies for functionality and analysis. Cookies help us provide a better experience by remembering preferences and understanding usage patterns.

We categorize cookies as follows:

• Essential Cookies: These are necessary for the website to function properly (e.g., managing your login session via Supabase Auth). They do not typically require explicit consent but are used based on contractual necessity.
• Analytics Cookies: These help us understand how visitors interact with ELGAME by collecting information anonymously (where possible) or based on your consent. This allows us to improve the game and user experience.

Google Analytics: We use Google Analytics 4 (GA4) to gather statistics about website traffic and usage patterns.

• GA4 sets first-party cookies (usually named starting with `_ga` or `_ga_`) to distinguish users and sessions.
• Data collected may include pages visited, time spent, interaction events, device/browser information, and general location. This data is processed by Google and subject to Google's Privacy Policy.
• We use this data in an aggregated form to analyze trends and improve our Services.
• You can learn more about cookies set by Google Analytics.

Your Consent Choices: We only use non-essential cookies, like those for Google Analytics, **with your explicit consent**. You provide this consent through the cookie consent banner presented when you first visit our site or when settings change. You have the right to withdraw your consent at any time.

Managing Cookies: You can manage or disable cookies through your web browser's settings. Please note that disabling essential cookies might impact the functionality of the Services (like staying logged in). Disabling analytics cookies will prevent us from collecting data about your visit via GA4. You can also opt-out of Google Analytics tracking across all websites by installing the Google Analytics Opt-out Browser Add-on.

4. How We Use Your Information

We use the information we collect for the following purposes:

• To provide, maintain, secure, and improve the Services.
• To authenticate users and manage accounts.
• To send essential service communications, and game reminders/notifications (based on your consent where applicable).
• To analyze usage trends and performance using tools like Google Analytics (based on your consent where applicable) to enhance user experience.
• To manage leaderboards and rankings.
• To respond to your inquiries via the contact form or email.
• To comply with legal obligations and enforce our Terms and Conditions.

5. Legal Basis for Processing

We process your personal data based on the following legal grounds under GDPR and similar laws:

• Contractual Necessity: To provide the core Services you have requested (account creation, gameplay).
• Legitimate Interests: For purposes like ensuring security, preventing fraud, basic site operation analysis (where privacy impact is minimal and consent not required), and improving core service functionality.
• Consent: For non-essential activities like sending reminder emails (if opt-in) and using analytics cookies (e.g., Google Analytics). You can withdraw your consent at any time as described in Section 9 and Section 3.c.
• Legal Compliance: To meet applicable legal obligations.

6. How We Share Your Information

We do not sell or rent your personal data. However, we may share your data with the following categories of third parties only when necessary:

• Service Providers: With trusted providers essential for delivering the Services, such as Supabase (authentication, database, storage), Vercel (hosting), and Resend (email delivery, if used). These providers only process data on our behalf based on our instructions.
• Analytics Providers: With Google (for Google Analytics) based on your consent, to help us analyze website usage. Google may process this data according to its own policies.
• Legal Requirements: To comply with legal obligations, court orders, or lawful requests from public authorities.
• Business Transfers: In connection with a potential or actual merger, acquisition, or sale of assets, subject to confidentiality agreements.

7. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required or permitted by law. General periods include:

• Active Accounts: While your account is active and potentially for a reasonable period after inactivity (e.g., up to 1 year) for reactivation or record-keeping.
• Game Data: May be retained as long as relevant for leaderboards or user history, subject to account deletion.
• Analytics Data: Retained according to Google Analytics settings (typically up to 14 months for user-level data in free tier) or until you withdraw consent.
• Legal Requirements: As required by applicable laws.

After these periods, your data will be securely deleted or anonymized.

8. Data Transfers

Your personal information may be stored and processed in countries outside of your jurisdiction, including those outside the European Economic Area (EEA), where our service providers (like Supabase, Vercel, Google, Resend) operate. We ensure appropriate safeguards (like Standard Contractual Clauses or adequacy decisions) are in place for such transfers where required by law.

9. Your Rights

Depending on your location (especially if you are in the EEA/UK), you have the following rights regarding your personal data:

• Right to Access: Request a copy of the data we hold about you.
• Right to Rectification: Correct inaccurate or incomplete data.
• Right to Erasure ('Right to be Forgotten'): Request deletion of your data under certain conditions.
• Right to Restrict Processing: Limit how we use your data under certain conditions.
• Right to Object: Object to data processing based on legitimate interests or for direct marketing (including email reminders).
• Right to Data Portability: Request transfer of your data to another service provider in a structured format, where applicable.
• Right to Withdraw Consent: Where processing is based on consent (like analytics cookies or optional emails), you can withdraw it at any time (e.g., via cookie settings or unsubscribe links) without affecting the lawfulness of processing based on consent before its withdrawal.

To exercise these rights, please contact us at elgameguess@gmail.com. We will respond in accordance with applicable data protection laws (e.g., typically within 30 days under GDPR). You also have the right to lodge a complaint with your local data protection authority.

10. Data Security

We implement reasonable technical and organizational measures designed to protect your personal data from unauthorized access, use, alteration, or destruction. These include secure authentication (Supabase Auth), encryption where appropriate, and access controls.

However, no internet transmission or electronic storage method is 100% secure. While we strive to use commercially acceptable means to protect your data, we cannot guarantee its absolute security. You are responsible for keeping your account password confidential.

11. Changes to This Privacy Policy

We may update this Privacy Policy periodically. We will notify you of significant changes by posting the new policy on this page and updating the "Effective Date" at the top. We encourage you to review this policy regularly. Your continued use of the Services after changes constitutes your acceptance of the revised policy.

12. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us:

• Email: elgameguess@gmail.com
• Website: elgameguess.com