Tot Tiles Privacy Policy

  • Home
    • / Tot Tiles Privacy Policy

Last amended on 03d of October 2023

Data Controller’s Contact Information:
Company: FunFam LLC
Address: 600 N Broad Street  Middletown, DE 19709  United States
Email address: [email protected]



Personal data protection statement

 We prioritize the defense of the personal data we gather and process. In accordance with the law, we strictly adhere to all necessary technical and administrative strategies during data processing.

All our services and applications, whether used on mobile devices, personal computers, or other platforms including our website, adhere to this Privacy Policy with anything related to personal data protection and processing. Thus, by using any of our applications or services, you are agreeing to this Policy.

Unfortunately, if you disagree with our data collection and processing accordance with this Policy, you cannot use our services or applications.

Within the context of the EU General Data Protection Regulation (GDPR), the UK Data Protection Act 2018, and other European data protection laws, we act as the “data controller”, controlling the methods of data collection and the purposes for its use. Under Ukraine’s Personal Data Protection Law of June 1, 2010, we operate as the “personal data owner”. We may also function as the “data operator” as per the 1998 Children’s Online Privacy Protection Rule (COPPA).

We only process personal data when at least one of the following legitimate grounds for such processing exists:

Your agreement to your data processing;

Processing is required to carry out an agreement with you, including when you use our services or applications;

The law of the countries where we offer our services or applications necessitates such processing;

The Company, as the controller, or a third party has a legitimate interest in processing, unless the fundamental rights and freedoms of the data subject that require data protection outweigh these interests.

We do not ask for any special categories of personal data from our users or visitors.

Please be aware that our Privacy Policy might be updated, especially if the law requires it. We suggest periodically revisiting this Policy to check for any changes. If this Policy is updated, your continued use of our applications or services indicates your agreement to the update. If you disagree with the updates, you can opt not to use our applications or services, particularly by removing the apps from your devices.

Keep in mind that you can always delete or re-install an application on your mobile device to delete or update your personal data accordingly.

How we obtain personal data

The Company may collect your data from various sources and for various purposes, including but not limited to:

  • When you play our games or utilize our services in applications or on the website;
  • When you make purchases through our applications such as an upgraded or premium version of an application or specific in-game features;
  • During account creation on our website;
  • When you subscribe to our promotional mailings;
  • During your communication with our customer support center;
  • When you converse with other users of our applications via an in-app chat feature;
  • When you submit a job application by sending us your resume via any communication channel.

Information may also be gathered from your interactions and activities within our applications.

What personal data we collect and process

Our applications and/or services, including our website, can collect and process the following information about you:

  • Geographical location (including your country, state or region, and GPS location);
  • Information about your device such as the device name/model, the operating system it uses, along with the browser information, including its type and language settings;
  • Device ID (with your permission);
  • Your progress and activities within the game, like the language you’ve chosen or the level of difficulty you’re at during a particular stage;
  • Data that we gather using cookies and similar technologies 

Child User Data

Users or customers under 13 years old are considered children, unless different age restrictions apply in their country (in some countries these are for individuals under 16).

We do not knowingly collect and process personal data from children. 

However, we acknowledge that children might be part of our applications’ target audience, and that there may be parents among our users who are purchasing services for their children, such as buying an upgraded plan or characters in the application.

Parents or authorized representatives ordering such services for children must accept the terms of use for the relevant application and/or service and this Policy, taking responsibility for the accuracy of the submitted data and the provision of the service to the child.

Acceptance of the terms of use and this Policy, together with the continued use of our applications or services, signifies that parents or authorized representatives who order services for children have given consent to the collection and processing of the personal data specified in this Policy.

Anyone downloading an application or ordering a service for further use shoulders the responsibility for the child’s interactions with this service and/or application in the future, acting in the best interest of the child.

Children should not share their real name, location, phone number, email address, or any other personal data without prior consent from their parents or authorized representatives.

We do not incentivize children to partake in a game by offering rewards that would require disclosure of more personal data than necessary to use the application.

We do not directly share any child user’s personal data with third parties in our applications and other services.

Please refer to the relevant sections below in this Policy to understand which third parties may receive information about users and for what reasons.


Reasons for Processing Personal Data

The Company offers its applications and services on a near-global scale. The principal purpose of gathering user / customer information is to maintain high service quality. Specifically, our intent is to elevate your gaming experience and further develop the functionality and features of our applications. We may examine information related to application usage in order to tailor user tasks to align more closely with user needs.
We additionally utilize personal data for the following reasons:

  • To provide you with the full range of our services;
  • To ensure age restrictions are met as per the legislation of your country of residence;
  • To facilitate the purchase of an upgraded plan or specific game characters within applications;
  • To customize the user experience and provide personalized special features;
  • To personalize content;
  • To identify and rectify technical glitches;
  • To offer assistance and guidance to users;
  • For administrative, analytic and statistical purposes;
  • To facilitate and enhance communication amongst users;
  • To manage subscriptions and handle un-subscription processes;
  • To protect against malicious actions from users in line with the Company’s security considerations;
  • To safeguard the Company’s legitimate interests;
  • To adhere to other legislative requirements, such as responding to requests from data subjects and regulatory or law enforcement authorities in a timely manner.

In-app purchasing

Some of our applications include the function to make in-app purchases, such as an upgraded “Top” plan or specific game categories.

It’s important to note that these in-app purchases are handled by an independent payment processor that may collect its own set of information directly from you. Particularly, this payment processor may request details such as the payer’s address and banking or credit card information in accordance with their own private policy (we recommend reviewing this policy before submitting your data).

These external payment processors don’t share the information you provide, and we do not have access to your credit card particulars. However, we do receive an overview of all purchases, including the transaction amounts, which is necessary to grant you access to your purchases within the application.

Storage of personal data

We use cloud services of Google LLC (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4) to ensure the security of personal data.

Personal data is stored at data centres in Europe (Europe-West1, Rue de Ghlin 100, 7331 Saint-Ghislain, Belgium; Europe-West 4, Oostpolder 4, 9979 XT Eemshaven, Netherlands) and United States (US-Central-1, 1430 Veterans Memorial Hwy, Council Bluffs, IA 51501; US-Central-2, 4111 N E 1st St, Pryor, OK 74361)

Personal data disclosures


 To facilitate your usage of our applications and/or services, we may have to, and in some cases are obliged to, share personal data with third parties. We partner with other companies that have limited access to certain user information for tasks such as administration, optimization, customer support, sales, and payment processing.

The information we collect may also be shared with our partners, whose services we utilize to enhance the user experience and for the purposes mentioned above, depending on the specific vendor.

We work with the following service providers:

  • Google Firebase (Google LLC): analytical tools, consolidated bug and failure reports, push notification tool, remote configuration tool;
  • Unity (Unity Technologies): analytical tools, remote configuration tool.
  • Google Firebase (Google LLC): analytical tools, consolidated bug and failure reports, push notification tool, remote configuration tool,downloadable content;

Each of these service providers isn’t aimed at gathering information about the specific user via our application and follows its own privacy policy that is compliant with pertinent regulations, including the GDPR. If you wish to know more about how our partners process data, kindly refer to their individual privacy policies.

Simultaneously, we may disclose user data to third parties, including government agencies, if we believe it’s necessary for the following reasons:

  • Responding to a legitimate request or demand from a government agency (for instance, in legal proceedings);
  • Identifying, investigating and/or preventing fraudulent activities performed by users or third parties;
  • Protecting the rights, property, and/or safety of the Company, as far as the law allows.

Technical, administration and other data protection means


 To ensure the safe storage of your personal data, we have employed several technical and administrative measures. These measures protect personal data from any unauthorized or illegal processing and against unintentional data loss, destruction, or damage.

The Company adheres to the principle of data minimization. We only process information related to our users/customers/clients that is necessary to perform certain functions and for specific purposes, or any additional information that you voluntarily share with us.

We have designed all interfaces of our website and applications to deliver services in a manner that ensures optimal privacy.

When we share any data with our partners, we always use the safest and most secure data communication channels.

In accordance with the GDPR, the Company provides appropriate safeguards for data disclosures to countries outside the European Economic Area or Switzerland following standard terms and conditions approved by the European Commission, or any other applicable provisions mentioned in Article 46 of the GDPR.

However, we can’t guarantee the security of your data in case of any unauthorized access to your devices that are beyond our control, and, accordingly, the Company won’t be held responsible for this.

Duration of data processing / storage

We will retain your data only for the duration necessary to fulfill the purposes for which it was originally collected and processed, or to meet regulatory requirements.

To establish the appropriate retention period, we consider the type and category of personal data, the objectives of processing, and whether those objectives can be achieved in other ways.

Generally, the maximum processing duration of personal data by the Company is three (3) years from the date the data was collected, or as long as the user/customer continues to use our application or any other service.

However, the data storage period may vary due to additional requirements implemented by different countries. Specifically, if legislation in the user’s country of residence includes a statute of limitations outlining the timeframe within which you may lodge a complaint or claim against us, we may need to process your personal data during this statute of limitations period as evidence for our legal relationship with you.

We may also need to retain your personal data for periods where we need to fulfill our legal obligations to you or to supervisory authorities.

Over time, we may reduce the amount of your personal data that we utilize, or even anonymize your data such that it no longer identifies you personally. In such cases, we may use this information without further notification because it no longer contains any personal data.

Cookies and other tracking technologies

Cookies are compact text files that websites place on your device like a computer or mobile device. For a specific duration, the website will recall your actions and preferences, eliminating the need to reset them. Our cookies do not identify individual users, instead, they only recognize the device being utilized.

Cookies and other tracking technologies on our site and in our applications serve a variety of functions such as powering the website, tracking traffic, or for advertising purposes. Importantly, we employ cookies and other tracking technologies to enhance the effectiveness and quality of our services.

A detailed list of cookies and other tracking technologies used by the Company on its site can be found in a separate Cookie Policy.

For further information on cookies, how they operate, and how to manage or delete them, please visit www.allaboutcookies.org

Please be aware that certain browser settings allow you to block cookies and other tracking technologies. However, disabling certain cookies may result in a reduction in the functionality of our website or application. As a result, you may not be able to use all of their features, and some services might not operate correctly.

Rights of personal data subjects

Your rights regarding personal data protection and processing as per Ukrainian law includes:

  • The right to know the sources of collection and the location of your personal data, the intent of its processing, and the place of residence or location of the owner or manager of personal data.
  • The right to receive information about who has access to your personal data, including any third parties who obtain your personal data.
  • The right to access your personal data.
  • The right to receive a response within thirty days upon request about whether your personal data is being processed, and to obtain the contents of such data.
  • The right to submit an objection against personal data processing.
  • The right to submit a request to modify or delete your personal data if it is being illegally processed or is inaccurate.
  • The right to guard your personal data against unlawful processing and accidental loss, damage, or destruction.
  • The right to lodge complaints about your personal data processing to pertinent authorities or the courts.
  • The right to take legal action in the event of any breach of data protection regulations.
  • The right to revoke your consent for data processing.
  • The right to understand the mechanism of automated data processing.
  • The right to be protected from automated decision-making with legal implications.

Rights of personal data subjects under the GDPR

Please be aware that when you contact us and go through the identification procedure to submit your specific requirements, we will process your request and provide a response based on legitimate grounds. The data we must provide to you is defined in Article 13 and Article 14 of the GDPR.

Note that if we cannot verify your identity through messaging or your request to the support service, or if we have reasonable suspicions about your identity, we may request you to provide your ID. This is to ensure we do not disclose your personal data to an individual pretending to be you.

We aim to process requests as swiftly as possible, but providing a comprehensive and valid response regarding personal data can be complex and may take up to a month or even longer. If we require more time, we will inform you.

The GDPR guarantees the following additional rights of data subjects to protect their personal data.

Right to be Informed

We can provide data subjects with information about the personal data we process. If you want to know what personal data we process, you can request this information at any time, including by contacting the Company’s data protection officer.

Right to Rectification

If you discover that some of your personal data that we process is incorrect or outdated, please inform us, including via the Company’s data protection officer.

In certain cases, we cannot alter your personal data, such as when it has already been used in the offer and acceptance agreement and/or is contained in any written instrument submitted to any state agency or otherwise according to applicable law.

Right to Data Portability

In some instances, you may acquire or request us to provide your personal data to any third party in a structured, commonly used, and machine-readable format.

Right to Restrict Processing

You have the right to demand the restriction of your data processing; this implies requiring us to stop processing your data, except for storage under specific circumstances.

Revocation of Data Processing Consent and Right to Erasure

If we process your personal data based on consent (specifically for marketing emails), you can revoke your consent at any time to stop any future processing.

You can also exercise your right to erasure. In situations specified in Article 14 of the GDPR, the Company will delete the personal data being processed, except for data we are legally required to keep.

If your child under 13 (or any other age established by applicable law) has shared information with us without your consent, please alert us immediately and we will remove this information.

Rights Regarding Automated Decision Making and Profiling
subject to a decision that is based solely on automated processing, including profiling, which has legal or similarly significant effects on them.

We do not use personal information for marketing or creating online profiles.

Complaints

For our users residing in the EU, a complaint can be filed with the European Supervisory Authority for Data Protection.

Your requests related to data protection and processing

We have appointed a data protection officer (DPO) to serve as your main point of contact for any queries or concerns related to the protection and processing of your data. Reach out to the DPO at:
[email protected]