ZiraPlay operates from Yliopistonkatu 31, 3rd Floor, 20100 Turku, Finland ("we", "us", "ZiraPlay"). This Privacy Policy explains how we collect, use, store, and protect personal data in connection with your use of the ZiraPlay social gaming platform at ziraplay.com. We process personal data in accordance with the EU General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679), the Finnish Data Protection Act (Tietosuojalaki 1050/2018), and other applicable Finnish and European Union data protection legislation.
ZiraPlay is a social gaming platform for entertainment only. No real money is involved. We collect only the minimum personal data necessary to operate the platform and respond to enquiries.
Who is responsible for your personal data?
ZiraPlay is the data controller for personal data processed through ziraplay.com. Our contact details for data protection matters are:
ZiraPlay
Yliopistonkatu 31, 3rd Floor
20100 Turku, Finland
Email: info@ziraplay.com
Phone: +358 26 361 001
If you have questions about how your personal data is handled, you may contact us at any time using the details above.
What personal data do we collect?
We collect personal data only when you actively provide it. This occurs in the following situations:
Contact form submissions: When you use the contact form on ziraplay.com, we collect your name, email address, phone number, and the content of your message.
Technical data: When you visit ziraplay.com, our web server and analytics tools may collect technical information including your IP address, browser type and version, operating system, referring URL, pages visited, and the date and time of your visit. This data is collected automatically and is used in aggregated, anonymised form to understand platform usage.
Cookie data: Depending on your cookie preferences, we may collect data through cookies. Please see our Cookie Policy for full details.
ZiraPlay does not collect payment information, financial data, or any sensitive personal data as defined under Article 9 of the GDPR. The platform has no payment processing infrastructure.
On what legal basis do we process your data?
We rely on the following legal bases under Article 6 of the GDPR:
Legitimate interests (Article 6(1)(f)): Processing technical usage data to maintain and improve the security and functionality of the platform is in our legitimate interest and does not override your rights and freedoms.
Consent (Article 6(1)(a)): Where you submit the contact form, you have explicitly consented to us using your contact details to respond to your enquiry. Where you have accepted analytics or preference cookies, processing is based on your freely given consent.
Compliance with legal obligations (Article 6(1)(c)): Where Finnish or EU law requires us to retain or process data, we do so on this basis.
How do we use the data we collect?
Contact form data is used solely to respond to your enquiry. We do not add contact form submissions to any marketing list or share them with third parties for commercial purposes.
Technical and analytics data is used to understand how the platform is being used so that we can improve its functionality, design, and content. This analysis is performed at an aggregated level where possible.
We do not use your personal data for automated decision-making or profiling as described in Article 22 of the GDPR.
Do we share your personal data with third parties?
We do not sell personal data. We do not share personal data with third parties for their own marketing purposes.
We may share data with trusted service providers who assist us in operating the platform, such as web hosting providers and analytics services. These providers act as data processors and are bound by data processing agreements that require them to handle data in accordance with GDPR.
We may disclose personal data if required to do so by Finnish law, court order, or other applicable legal obligation.
Any transfer of personal data outside the European Economic Area (EEA) is made only where appropriate safeguards are in place, such as standard contractual clauses approved by the European Commission.
How long do we keep your data?
Contact form submissions are retained for as long as necessary to respond to your enquiry and for a reasonable period thereafter in case of follow-up questions. In most cases this does not exceed 12 months from the date of initial contact.
Anonymised technical and analytics data may be retained for longer periods as it cannot be used to identify individuals.
When data is no longer needed for the purpose for which it was collected, it is securely deleted or anonymised.
What are your rights under GDPR?
As a data subject under the GDPR and the Finnish Data Protection Act, you have the following rights:
Right of access (Article 15): You may request confirmation of whether we process your personal data and, if so, a copy of that data.
Right to rectification (Article 16): You may request correction of inaccurate or incomplete personal data.
Right to erasure (Article 17): You may request deletion of your personal data where it is no longer necessary, where you withdraw consent, or where processing is unlawful.
Right to restriction of processing (Article 18): You may request that we limit the processing of your data in certain circumstances.
Right to data portability (Article 20): Where processing is based on consent or contract and carried out by automated means, you may request your data in a structured, machine-readable format.
Right to object (Article 21): You may object to processing based on legitimate interests.
Right to withdraw consent: Where processing is based on consent, you may withdraw that consent at any time without affecting the lawfulness of processing before withdrawal.
To exercise any of these rights, contact us at info@ziraplay.com. We will respond within one month as required by Article 12 of the GDPR.
How do we protect your personal data?
We implement appropriate technical and organisational measures to protect personal data against unauthorised access, disclosure, alteration, and destruction. The ziraplay.com website uses HTTPS encryption for all data transmitted between your browser and our servers.
Access to personal data within our organisation is limited to those who need it to perform their role. We review our security practices periodically.
How can you complain about our data practices?
If you believe we have not handled your personal data in accordance with applicable law, you have the right to lodge a complaint with the Finnish data protection supervisory authority:
Office of the Data Protection Ombudsman (Tietosuojavaltuutetun toimisto)
PO Box 800, FI-00531 Helsinki, Finland
Website: tietosuoja.fi
Email: tietosuoja@om.fi
We encourage you to contact us first at info@ziraplay.com so that we have the opportunity to address your concern directly.
Do we use cookies?
Yes. ZiraPlay uses cookies on ziraplay.com. Detailed information about the cookies we use, their purposes, and how to manage your preferences is available in our Cookie Policy.
Will this Privacy Policy change?
We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. The "Last Updated" date at the top of this page indicates when the most recent revision was made. We encourage you to review this page periodically. Continued use of ziraplay.com after any change constitutes acceptance of the updated policy.