Privacy Policy

Privacy Policy

Updated: 25.5.2018

The confidentiality of personal data and the protection of customer privacy are important, basic values in all of our operations. We observe legislation, authority guidelines and good data processing practice when dealing with the data of our users, employees and partners.

At Fabbu, we maintain an extremely high level of data protection. We process your personal data only for appropriate purposes defined in advance, and only when it is necessary.

We protect our Service with technically appropriate measures and we train our personnel regularly in areas related to data processing.

In this privacy policy, we have compiled the most significant principles relating to data protection. We abide by these principles in order to ensure the confidentiality of data and communications inside our games. This privacy policy applies to all of our games and concerns the processing of all personal data inside our Services.

We regularly check that these pages are up to date and we update them when needed.

Confidentiality and Data Protection

We respect your privacy and we are committed to safeguarding the privacy of those persons ("user(s)" or "you") who access and use our games, apps, websites and related services, e.g. Habbo and Hotel Hideaway (the “Services”, the “Service”).

In all of our operations, we protect data at the highest levels and process it in a confidential manner. To ensure this confidentiality, we use appropriate technology and data security solutions in conjunction with specific administrative measures.

Your rights regarding the processing of your data

You have the right to influence the processing of your own data.

Right of access and Right to data portability

You can check your own data or receive the data you have provided yourself while using our Services in machine-readable form. Do this by accessing Settings or by contacting our customer service desk.

Right to rectification

If you notice incorrect or expired data in the personal data we process, we ask you to correct the data via our customer service desk. We need the correct personal information from you in order to provide the best possible service.

Right to erasure

You have the right to request the deletion of data that are no longer needed. We do our best to remove such data automatically, but if, for one reason or another, you detect unnecessary information in our system, you can contact our customer service desk.

Right to restriction of processing

You can ask us to restrict or object to data processing in certain situations. We have aimed to describe all of our data processing methods in an open and comprehensible manner in this privacy policy.

What data do we collect?

Why do we collect your personal data?

In order to provide our Services, we require sufficient personal information. We need your contact information in order to communicate with you, e.g. to allow you to reset your password if you forget it.

In addition, our Services require different kinds of data so that we can identify you individually and then tailor the service to you.

In some cases, such as where online purchases or payments are concerned, we have a legal obligation to collect sufficient data about you in order to provide the Service.

Due to the nature of our products, the processing of personal data is an essential and inseparable part of our Services, even though in the Service itself we do not process your name or any other information that directly identifies you as a person.

Personal data to be processed

We only process personal data where it is appropriate and necessary to do so. The type of data we collect and store varies depending on the game you are playing and your activity within it. Broadly, the data we collect about you relates to the type of device you are using, how you play the game (such as levels attempted and purchases made) and may include information you submit during registration (see below) or information which you allow us to access after you connect your social network accounts through our Services.

Examples of personal data processed in our Services:

  • Contact information, such as e-mail address and social media contact information.
  • Device information, such as device model and operating system version.
  • Payment transaction information.
  • Customer history. For example, if you contact us through our customer service desk we may keep a record of that correspondence.
  • Chat logs. We may keep chat log records for safety and moderation purposes.
  • Data generated from the use of the Services, such as the technical data generated when playing our games or visiting our websites.
  • Information about cookies and third-party cookies as well as corresponding web analytics data.
  • Advertising identifiers.
  • You may have the ability to register or login to the Service via third-party sign-in service or login (for example Facebook or Game Center on Apple devices). If this is the case, we collect the identifier number of the third-party service profile.

Data generated from using the Services

We collect data about your interactions with our Services and with other users inside the Service. For example, this could be chat logs, purchase and transaction information, usage behaviour, preference settings, access logs, and moderation actions. Some of this information is personal data, meaning that it may be connected with your account, and some may only be collected and used in aggregate form (as a statistical measure that wouldn’t identify you or your account). We may use this information for a number of things, generally related to enhancing, improving, protecting and developing the Service. We also use the information to help keep our users and community safe.

When you visit our website, the following data may be collected automatically: IP addresses, unique identifiers, operating system, access times, browser and device type and data, language and referring website addresses. We use this information to monitor, develop and analyse your use of the Service.

Cookies

Personal information may be collected through the use of cookies and similar technologies, such as pixels (tags, beacons or gifs), local shared objects and digital fingerprinting. For the purposes of this privacy policy, we refer to all such technologies as “cookies”.

We use cookies and similar technologies to collect information from registered users and to help us improve the Service. Most devices and web browsers automatically accept cookies, but you can usually modify your device or browser settings to refuse cookies. Please be aware that if you alter your device or browser settings to reject cookies, you may not be able to use some of the Service’s features and functionality.

Essential cookies: Some cookies are essential for us to use in order to provide you with the Service. These cookies will be used to manage the delivery of the Service, and if you do not accept these cookies you will not be able to access it. These cookies do not gather personal information that could be used for marketing purposes.

Remembering your preferences: We also use cookies to remember your preferences - this changes the way the Service behaves or looks.

Analytics cookies: These cookies collect information that is used in aggregate form to help us understand how the Service is being used and where users are originating from.

Local storage cookies: Local storage cookies are ‘persistent’. They remain on your device for a period of time (set individually for each cookie). We use these cookies to record how many times you use the Service, to confirm you are a registered user, to save your login details when accessing the Service and to collect statistics on the use of the Service.

How to refuse or opt out of cookies: You have the right to choose whether to accept or refuse cookies and similar technologies. If you choose to use the Service without blocking or disabling cookies, you will indicate your consent to our use of these cookies and other technologies. You also indicate your consent to our use (in accordance with this privacy policy) of any personal information that we collect using these technologies.

How and why are we using your data?

Grounds for data processing

The following personal data is processed based on performance of a contract:

  • Contact information for delivering the Services and for customer service.
  • Payment information for online and in-app purchases.
  • Online identifiers and customer profile information used for the smooth running of our Services.

The following personal data is processed based on our legitimate interest:

  • Contact and payment information for fraud prevention.
  • Customer profile information for content moderation and targeted in-game offers.
  • Device information for customer service, advertising and analytics.
  • Online identifiers for analytics.

We may process parts of your personal data based on the consent that you have provided. You can withdraw this consent at any time.

In addition, we process personal data in order to comply with a legal obligation, such as the prevention of crime or fraud, or to maintain records related to purchases.

Profiling

We want to customise and develop our Services so they are more relevant to you. We use anonymised in-game behavioural data to deliver content that is more relevant to you and at better prices. This data can also be used to guide and support content and feature production, allowing us to provide more interesting and relevant content in the future. Personal data is processed in a secure and confidential manner.

The retention period for personal data

We only retain your personal data for as long as it takes to fulfill the purpose for which it was collected, and for a reasonable time thereafter. We do this as it is required by law in order for us to be able to comply with our legal obligations, to resolve any potential disputes and to enforce our agreements. The retention period for your personal data varies depending on the service and the nature of the data.

When the retention period for the data has ended, we dispose of the personal data either by removing them or making them anonymous (i.e. anonymisation of the data in question). We process some of your personal data - such as contact information - for the entire duration of our relationship with you as the customer. Conversely, the retention period of data collected in connection to actually producing and running the Services (for example, server logs) may be relatively short.

Marketing

We may use personal information we collect to target you with marketing communications about our Services based on your interests. For example, we may send push notifications, email messages, serve ads inside our Services or place ads on third party websites and apps.

We may send you push notifications via our mobile app if you have given us permission to send them on our Service. You may at any time change the settings of your push notifications. We may send you marketing emails, but only if you opt-in to receive them. You may opt-out of receiving email marketing communications at any time by following the instructions contained in our promotional emails. If you opt-out, we may still send you non-promotional emails such as emails relating to your account.

Advertising

Our Services may include ads for third-party products and services. To show you relevant and interesting third-party ads, we and our advertising partners will use information about you. An example of this sort of information could be when you bought a product from a certain website or entered a specific term into a search engine. You can opt-out of interest-based ads, however this does not mean that you will no longer receive ads, only that the ads you receive will be less relevant to your interests.

Withdrawing your consent

If we process your data based exclusively on the consent you have given, you have the opportunity to withdraw it if you change your mind. This can be done easily within your user preferences in the Service. Please note, however, that this does not affect data processing that is carried out before the withdrawal of consent.

Disclosing personal data

When we provide services, we may also disclose your personal data to our subcontractors or partner operators who may need to use your data. This includes hosting providers such as Amazon Web Services and payment processors such as Adyen.


On our websites, we use tools such as cookies and web beacons. These are also used by our cooperation partners for analysis and marketing purposes. In connection with this, we may disclose personal data to the service provider, such as your IP address and cookie information. In these cases, we do not disclose personal data that directly identifies you.

Some parts of our Services (for example, payment processing) are implemented via cooperation partners like Adyen. In a situation like this, we may disclose some of your personal data to the service provider concerned. In some cases, using the Service requires that you approve the privacy policy or terms of the service provider beforehand.

Third parties that act as data controllers process your data in accordance with their own privacy policies. For example, payment processors may process your personal data as part of their own fraud prevention measures. Before disclosing personal data to any third parties, we ensure that the disclosure is in full compliance with the law.

Assisting authorities

Your personal data may be disclosed to third parties if required under any applicable law or regulation or order by competent authorities or in order to enforce the Terms of Service and to investigate possible infringing use of the Services, as well as to guarantee the safety of the Services.

Subcontractors and processing data outside EU/EEA

We use subcontractors such as Amazon Web Services to process and store your personal data outside the European Economic Area (EEA). When your personal data is processed outside the EEA, we will ensure that appropriate safeguards are in place. These safeguards include using Privacy Shield certified subcontractors and contractual means, such as EU Model Clauses and Data Protection Agreements.

Data security

We ensure data security when processing your personal data. We always use appropriate protective measures, such as access control based on passwords and other protective methods as well as technical encryption of the data. Our operating environment has been secured with firewalls and appropriate anti-virus software.

We primarily process your data in a form where an outsider cannot identify you as a person. We do not ask for or store your real name or identity and our systems use a numeric identifier to identify you both internally and across systems as opposed to something like your email address. With these measures, we protect the confidentiality of your communication and prevent irrelevant connections to your identity.

Everyone is responsible for looking after data security. In order to ensure the protection of your data, we ask you to pay attention to the data security of your own devices.

The coverage of our privacy policy, our contact information and other information

The coverage of our privacy policy

Privacy contact: [email protected]

Right to Appeal

Please contact us if you wish to make an appeal or present development suggestions about our processing of personal data. You can find the contact information on this page in the contact information section. You can make an appeal concerning privacy or processing of personal data to a supervising authority, such as the Finnish Communications Regulatory Authority in matters related to communication or to the Data Protection Officer in matters concerning other personal data.

Have more questions? Submit a request
Powered by Zendesk