GDPR Information

Your Data Protection Rights in Ireland & the EU

What is GDPR?

The General Data Protection Regulation (GDPR) is a comprehensive data protection law that came into effect on May 25, 2018, across the European Union, including Ireland. It gives you greater control over your personal data and how organizations use it.

At Waffle Game Ireland, we are fully committed to GDPR compliance and protecting your privacy rights.

Your GDPR Rights

1. Right to Access

You have the right to request copies of your personal data. We will provide this information free of charge within one month of your request.

2. Right to Rectification

You have the right to request correction of any inaccurate personal data we hold about you.

3. Right to Erasure ("Right to be Forgotten")

You have the right to request deletion of your personal data in certain circumstances, such as when the data is no longer necessary or you withdraw consent.

4. Right to Restrict Processing

You have the right to request that we limit how we use your personal data in certain situations.

5. Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, and machine-readable format and transfer it to another service provider.

6. Right to Object

You have the right to object to processing of your personal data based on legitimate interests or for direct marketing purposes.

7. Right to Withdraw Consent

Where we rely on consent to process your data, you have the right to withdraw that consent at any time.

8. Rights Related to Automated Decision-Making

You have the right not to be subject to decisions based solely on automated processing that significantly affects you.

How We Protect Your Data

We implement appropriate technical and organizational measures to ensure data security:

  • Encryption: All data transmitted is encrypted using HTTPS/SSL
  • Local Storage: Game data is stored locally on your device, not on our servers
  • Data Minimization: We only collect data necessary for the service
  • Access Controls: Limited access to any collected data
  • Regular Audits: Periodic security assessments and updates
  • Anonymization: Analytics data is anonymized where possible

What Data We Collect

Minimal Data Collection

Waffle Game Ireland is designed with privacy in mind. Most of your data stays on your device:

  • Stored Locally (Your Device): Game progress, statistics, preferences
  • Analytics (Anonymized): Usage patterns, page views, device type
  • Optional: Email address (only if you subscribe to updates)

We do NOT collect: Names, addresses, phone numbers, payment information, or precise location data.

Legal Basis for Processing

Under GDPR, we must have a legal basis to process your data. We rely on:

  • Legitimate Interest: To provide and improve the game service
  • Consent: For cookies and marketing communications (where applicable)
  • Legal Obligation: To comply with Irish and EU laws

How to Exercise Your Rights

Contact Us

To exercise any of your GDPR rights, please contact us at:

Email: privacy@wordwaffle.org

Subject Line: "GDPR Request - [Your Right]"

We will respond to your request within one month. In complex cases, we may extend this by two additional months and will inform you of the extension.

You will NOT be charged for exercising your rights unless your request is clearly unfounded or excessive.

Data Retention

We retain your data only as long as necessary:

  • Game Data (Local): Until you clear your browser data
  • Analytics: 26 months (Google Analytics default)
  • Support Requests: 3 years after resolution
  • Legal Requirements: As required by Irish/EU law

International Data Transfers

Your data is primarily processed within the EU/EEA. If we transfer data outside the EU, we ensure:

  • The country has an adequacy decision from the EU Commission, OR
  • We use Standard Contractual Clauses (SCCs) approved by the EU, OR
  • Other appropriate safeguards are in place

Children's Privacy

Our service is suitable for all ages. For users under 16, we require parental consent before processing personal data, in accordance with GDPR Article 8.

Data Breach Notification

In the unlikely event of a data breach that poses a risk to your rights and freedoms, we will notify you and the Data Protection Commission within 72 hours, as required by GDPR.

Lodge a Complaint

Data Protection Commission (Ireland)

If you believe we have not handled your data properly, you have the right to lodge a complaint with the Irish Data Protection Commission:

Website: www.dataprotection.ie

Email: info@dataprotection.ie

Phone: +353 (0)761 104 800

Address: 21 Fitzwilliam Square South, Dublin 2, D02 RD28, Ireland

Updates to GDPR Compliance

We continuously review and update our practices to ensure ongoing GDPR compliance. This page will be updated to reflect any changes in our data protection measures.

Additional Resources

← Back to Game