GDPR Rights and Data Protection

Effective Date: January 1, 2025

Last Updated: January 1, 2025

Your Rights Under GDPR

As a user of Dessert Factory Idle, you have specific rights regarding your personal data under the General Data Protection Regulation (GDPR). This page explains your rights and how to exercise them.

Data Controller Information

Data Controller: Absolute Entertainment Systems LLC

Contact Email: support@xlopestoe.com

Business Address: 3225 Tampa St, Houston, TX 77021-1141, United States

Right to Access (Article 15)

You have the right to request access to your personal data and receive information about:

  • What personal data we process
  • Why we process your data
  • Who we share your data with
  • How long we keep your data
  • Your rights regarding the data

How to request: Email us at support@xlopestoe.com with "Data Access Request" in the subject line.

Response time: We will respond within 30 days of receiving your request.

Right to Rectification (Article 16)

You have the right to request correction of inaccurate personal data and completion of incomplete data.

Examples:

  • Correcting your email address
  • Updating your contact information
  • Adding missing information to your profile

How to request: Contact us at support@xlopestoe.com with "Data Correction Request" in the subject line.

Right to Erasure (Article 17)

Also known as the "right to be forgotten," you can request deletion of your personal data when:

  • The data is no longer necessary for its original purpose
  • You withdraw consent and there's no other legal basis
  • Your data has been unlawfully processed
  • Deletion is required for legal compliance

Note: Some data may be retained for legal obligations or legitimate interests.

How to request: Email support@xlopestoe.com with "Data Deletion Request" in the subject line.

Right to Restriction of Processing (Article 18)

You can request that we limit how we use your data in certain circumstances:

  • You contest the accuracy of the data
  • Processing is unlawful but you prefer restriction over deletion
  • We no longer need the data but you need it for legal claims
  • You've objected to processing pending verification

How to request: Contact us at support@xlopestoe.com with "Processing Restriction Request" in the subject line.

Right to Data Portability (Article 20)

You have the right to receive your personal data in a structured, commonly used format and transmit it to another controller when:

  • Processing is based on consent or contract
  • Processing is carried out by automated means

Data formats available: JSON, CSV, or XML

How to request: Email us at support@xlopestoe.com with "Data Portability Request" in the subject line.

Right to Object (Article 21)

You can object to processing of your personal data based on:

  • Legitimate interests
  • Direct marketing purposes
  • Scientific or historical research
  • Statistical purposes

Marketing: You can opt out of marketing communications at any time by clicking unsubscribe links or contacting us.

How to object: Email support@xlopestoe.com with "Processing Objection" in the subject line.

Rights Related to Automated Decision-Making (Article 22)

You have rights regarding automated decision-making, including profiling. Currently, we do not engage in automated decision-making that significantly affects you. If this changes, we will inform you and provide appropriate safeguards.

Consent Management

Withdrawing Consent

Where processing is based on consent, you can withdraw it at any time. Withdrawal does not affect the lawfulness of processing before withdrawal.

Ways to withdraw consent:

  • Email us at support@xlopestoe.com
  • Use unsubscribe links in emails
  • Adjust cookie settings in your browser
  • Clear browser data and local storage

Cookie Consent Management

You can manage cookie preferences through:

  • Our cookie consent banner (when it appears)
  • Browser settings to block or delete cookies
  • Third-party cookie management tools

Data Processing Lawful Bases

We process your data based on the following legal grounds:

  • Consent: When you explicitly agree to data processing
  • Contract: To provide our gaming services
  • Legal Obligation: To comply with applicable laws
  • Legitimate Interest: For service improvement and security

Data Transfers Outside EU/EEA

We may transfer your data to countries outside the European Economic Area. When we do, we ensure appropriate safeguards through:

  • Adequacy decisions by the European Commission
  • Standard Contractual Clauses
  • Binding Corporate Rules
  • Certification schemes

Response Times and Fees

Response time: We respond to GDPR requests within 30 days. In complex cases, we may extend this by two months with explanation.

Fees: Requests are generally free. We may charge a reasonable fee for excessive or repetitive requests.

Identity verification: We may request additional information to verify your identity before processing requests.

Complaints and Supervisory Authority

If you believe we have not handled your personal data correctly, you can:

  • Contact us directly at support@xlopestoe.com
  • File a complaint with your local data protection authority
  • Seek judicial remedy through courts

Children's Data Rights

For users under 16, we require parental consent for data processing. Parents and guardians can exercise GDPR rights on behalf of their children by contacting us with appropriate verification.

Data Breach Notifications

In case of a data breach that poses high risk to your rights and freedoms, we will notify you within 72 hours of becoming aware of the breach, including:

  • Nature of the breach
  • Likely consequences
  • Measures taken to address the breach
  • Recommended actions for you

Regular Updates

We regularly review and update our data protection practices. Changes to this page will be communicated through:

  • Website notifications
  • Email updates to registered users
  • Updated effective dates

Contact Information for GDPR Matters

Primary Contact: support@xlopestoe.com

General Inquiries: info@xlopestoe.com

Business Contact: contact@xlopestoe.com

Response Commitment: We respond to all GDPR-related inquiries within one business day for acknowledgment and within 30 days for complete responses.

Technical and Organizational Measures

We implement appropriate technical and organizational measures to ensure data security:

  • Encryption of data in transit and at rest
  • Regular security assessments and audits
  • Access controls and employee training
  • Incident response procedures
  • Data minimization practices
  • Regular backup and recovery testing