Privacy policy

[TODO — fill in the controller's details after legal review.] The controller of your data is the entity that runs the Buzzin platform (domain `playbuzzin.com`). The full legal name, business form and registered address will be added here after legal review.

Buzzin is a live party-game platform. By design we collect as little data as possible. For any data-related matter, email hello@playbuzzin.com.

• Email — only if you sign up via the form (affirmative opt-in). Players play with no account — we don't need your email to play.
• Analytics events — pseudonymous or aggregated information about how you use the site (e.g. which pages you visit).
• Cookies and click identifiers (click-ids) — small identifiers stored by the browser and parameters in ad links; we handle these only with your consent.
• Technical data — e.g. approximate location from your IP address, device and browser type; for basic analytics and security.

On this marketing site we don't collect gameplay data — the game runs without accounts.

We process your data for the following purposes:

• Email sign-ups — to keep you posted about news and updates. Basis: your consent (Art. 6(1)(a) GDPR). You can withdraw it at any time.
• Cookieless analytics — to understand site traffic without tracking individuals. Basis: our legitimate interest (Art. 6(1)(f) GDPR); the tool stores no cookies and identifies no individuals.
• Product analytics and ad pixels — to measure performance and reach interested people. Basis: your consent given in the consent banner.

Withdrawing consent does not affect the lawfulness of processing carried out before the withdrawal.

On the site we use:

• Essential cookies — necessary for the site to work and to remember your consent choices. No consent required.
• Cookieless analytics — an optional tool that stores no cookies and identifies no individuals; it works without your consent because it does not access your device within the meaning of the ePrivacy rules.
• Analytics and marketing cookies and ad pixels (Meta, Google, TikTok, Reddit) — we load these only with your explicit consent in the banner. Until you consent, we don't load those scripts.

You can change or withdraw consent at any time in the site's consent settings. We follow GDPR and electronic-communications privacy rules (ePrivacy / the Polish Electronic Communications Law).

We use trusted providers that process data on our behalf:

• PostHog (self-hosted, EU) — product analytics we host ourselves on infrastructure in the European Union. The data stays in the EU.
• Cookieless analytics (e.g. Plausible) — lightweight, privacy-friendly traffic analytics, with no cookies and no personal data.
• Email delivery provider — handles our emails if you leave your address. We use it solely for that correspondence.
• Ad platforms (Meta, Google, TikTok, Reddit) — only if you consent to the pixels. These platforms may profile you for advertising and process data outside the EU/EEA, including in the US, relying on transfer mechanisms provided for under the GDPR. Without your consent we don't share data with them.

We don't sell your data. We may disclose it where required by law.

We keep data only as long as needed:

• Email — until you withdraw consent or unsubscribe; then we delete or anonymize it.
• Analytics data — for a limited time needed to analyze traffic; cookieless data is aggregated.
• Consent records — we store the fact and scope of your consent so we can demonstrate it.

Exact periods may still change — we'll update them here. We don't quote made-up timeframes.

You have the right to:

• access your data and a copy of it,
• rectification of inaccurate data,
• erasure (the “right to be forgotten”),
• restriction of processing,
• portability of your data,
• object to processing based on legitimate interest,
• withdraw consent at any time (without affecting prior lawful processing).

To exercise these rights, email hello@playbuzzin.com. You also have the right to lodge a complaint with the supervisory authority — the President of the Personal Data Protection Office (UODO) in Poland, `uodo.gov.pl`.

We use reasonable technical and organizational measures to protect data (including limited access and encrypted connections). No method of transmission over the internet is 100% secure, though — we do our best to keep the risk low.

We may update this policy as Buzzin evolves. We'll flag material changes on the site, and you'll find the last-updated date at the top of this document.

Questions about privacy and data? Email hello@playbuzzin.com — we'll reply as soon as we can.

[TODO — add the controller's details and any Data Protection Officer (DPO) after legal review.]