GDPR Compliance Information

Last Updated: January 1, 2025

Effective Date: January 1, 2025

1. Introduction to GDPR

The General Data Protection Regulation (GDPR) is a comprehensive data protection law that applies to all organizations processing personal data of individuals in the European Union (EU) and European Economic Area (EEA).

At funepiclabyrinth.com, we are committed to protecting your privacy and ensuring full compliance with GDPR requirements. This page explains your rights under GDPR and how we protect your personal data.

GDPR gives you control over your personal data and ensures that organizations handle your information responsibly and transparently.

2. Data Controller Information

For the purposes of GDPR, the data controller is:

Company Name: funepiclabyrinth.com
Address: Upplandsgatan 6A, 111 23 Stockholm, Sweden
Email: support@funepiclabyrinth.com

The data controller is responsible for determining the purposes and means of processing your personal data. We take this responsibility seriously and have implemented appropriate measures to ensure your data is protected.

3. Legal Basis for Processing

We process your personal data only when we have a legal basis to do so. The legal bases we rely on include:

3.1 Consent

We process your data based on your explicit consent when you:

  • Create an account and accept our terms
  • Subscribe to our newsletter
  • Accept cookies through our consent banner
  • Participate in surveys or promotions

You have the right to withdraw your consent at any time without affecting the lawfulness of processing based on consent before withdrawal.

3.2 Contractual Necessity

We process your data when necessary to perform our contract with you, such as:

  • Providing access to our services
  • Processing payments and transactions
  • Delivering customer support
  • Managing your account

3.3 Legal Obligation

We process your data when required by law, such as:

  • Tax and accounting requirements
  • Responding to legal requests and court orders
  • Compliance with consumer protection laws
  • Child protection regulations

3.4 Legitimate Interests

We process your data based on our legitimate interests when:

  • Improving our services and user experience
  • Ensuring security and preventing fraud
  • Conducting analytics and research
  • Direct marketing to existing customers

We always balance our legitimate interests against your rights and freedoms. You have the right to object to processing based on legitimate interests.

4. Your GDPR Rights

Under GDPR, you have the following rights regarding your personal data:

4.1 Right to Access

You have the right to obtain confirmation as to whether we are processing your personal data and to access that data. You can request a copy of your personal data in a commonly used electronic format.

To exercise this right, contact us at support@funepiclabyrinth.com. We will respond to your request within 30 days.

4.2 Right to Rectification

You have the right to have inaccurate personal data corrected and incomplete data completed. You can update most of your information directly through your account settings.

If you need assistance correcting your data, contact us at support@funepiclabyrinth.com.

4.3 Right to Erasure (Right to be Forgotten)

You have the right to request deletion of your personal data in the following circumstances:

  • The data is no longer necessary for the purposes for which it was collected
  • You withdraw consent on which processing is based
  • You object to processing and there are no overriding legitimate grounds
  • The data has been unlawfully processed
  • The data must be erased to comply with a legal obligation

To request erasure, contact us at support@funepiclabyrinth.com. Please note that we may need to retain certain information to comply with legal obligations or for legitimate business purposes.

4.4 Right to Restriction of Processing

You have the right to request that we restrict processing of your personal data in the following situations:

  • You contest the accuracy of the data, during the period we verify accuracy
  • Processing is unlawful and you oppose erasure, requesting restriction instead
  • We no longer need the data but you need it for legal claims
  • You have objected to processing, pending verification of our legitimate grounds

When processing is restricted, we will store your data but not otherwise process it without your consent, except for legal claims or protection of another person's rights.

4.5 Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, and machine-readable format. You also have the right to request that we transmit your data directly to another controller where technically feasible.

This right applies when:

  • Processing is based on your consent or a contract
  • Processing is carried out by automated means

To request data portability, contact us at support@funepiclabyrinth.com.

4.6 Right to Object

You have the right to object to processing of your personal data in the following situations:

  • Processing based on legitimate interests or performance of a task in the public interest
  • Direct marketing, including profiling related to direct marketing
  • Processing for scientific, historical research, or statistical purposes

When you object to processing for direct marketing purposes, we will stop processing your data for that purpose immediately.

For other objections, we will stop processing unless we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms, or for legal claims.

4.7 Right to Withdraw Consent

Where we process your data based on consent, you have the right to withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing based on consent before withdrawal.

You can withdraw consent by:

  • Adjusting your cookie preferences through our cookie consent tool
  • Unsubscribing from marketing emails using the unsubscribe link
  • Contacting us at support@funepiclabyrinth.com
  • Modifying settings in your account dashboard

4.8 Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority if you believe we have violated your data protection rights. You can contact your local data protection authority or the Swedish Data Protection Authority:

Swedish Data Protection Authority (Datainspektionen)
Address: Box 8114, 104 20 Stockholm, Sweden
Phone: +46 8 657 61 00
Email: datainspektionen@datainspektionen.se
Website: www.datainspektionen.se

5. How to Exercise Your Rights

To exercise any of your GDPR rights, please contact us using the following methods:

5.1 Email Requests

Send your request to support@funepiclabyrinth.com with the subject line "GDPR Rights Request". Please include:

  • Your full name and email address associated with your account
  • The specific right you wish to exercise
  • Any relevant details or documentation
  • Proof of identity if requested

5.2 Account Settings

Many rights can be exercised directly through your account settings, including:

  • Updating your personal information
  • Managing communication preferences
  • Downloading your data
  • Deleting your account

5.3 Response Time

We will respond to your request within 30 days of receipt. In complex cases, we may extend this period by an additional 60 days, and we will inform you of the extension and the reasons for the delay.

5.4 Verification

To protect your privacy and security, we may need to verify your identity before processing your request. We may ask for additional information to confirm you are the person whose data we hold.

5.5 No Fee

We do not charge a fee for processing your GDPR rights requests. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive. We will inform you of any fees before processing such requests.

6. Data Protection Measures

We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

6.1 Technical Measures

  • Encryption of data in transit using SSL/TLS protocols
  • Encryption of sensitive data at rest
  • Regular security assessments and penetration testing
  • Firewall and intrusion detection systems
  • Secure backup and disaster recovery procedures
  • Access logging and monitoring
  • Regular software updates and security patches

6.2 Organizational Measures

  • Data protection policies and procedures
  • Employee training on data protection
  • Access controls and authentication procedures
  • Data processing agreements with third parties
  • Privacy by design and by default principles
  • Data breach response plan
  • Regular compliance audits

6.3 Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify you without undue delay. We will also notify the relevant supervisory authority within 72 hours of becoming aware of the breach, as required by GDPR.

7. International Data Transfers

When we transfer your personal data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place to protect your data. These safeguards may include:

  • Standard Contractual Clauses approved by the European Commission
  • Adequacy decisions by the European Commission
  • Binding Corporate Rules for transfers within corporate groups
  • Certification schemes such as Privacy Shield (where applicable)

For more information about our international data transfers and the safeguards we use, please contact us at support@funepiclabyrinth.com.

8. Automated Decision-Making and Profiling

We may use automated decision-making and profiling to enhance your experience and provide personalized content. However, you have the right not to be subject to decisions based solely on automated processing that produce legal effects or similarly significantly affect you.

Our automated processing includes:

  • Personalized content recommendations based on usage patterns
  • Age-appropriate content filtering
  • Fraud detection and prevention
  • Customer support chatbots for initial inquiries

You have the right to:

  • Obtain human intervention in automated decisions
  • Express your point of view regarding automated decisions
  • Contest automated decisions

To exercise these rights, contact us at support@funepiclabyrinth.com.

9. Children's Data Protection

We are committed to protecting children's privacy in accordance with GDPR requirements. For children under 16 years of age (or the age specified by member state law), we require parental consent before processing personal data.

Parents and guardians have the right to:

  • Access their child's personal data
  • Request correction or deletion of their child's data
  • Withdraw consent for processing their child's data
  • Object to certain types of processing

We take additional measures to protect children's data, including:

  • Age verification mechanisms
  • Parental consent procedures
  • Limited data collection from children
  • No behavioral advertising to children
  • Enhanced security for children's accounts

10. Cookie Management

We use cookies and similar tracking technologies on our website. You can manage your cookie preferences through our cookie consent tool, which appears when you first visit our website.

10.1 Types of Cookies

Essential Cookies: Necessary for the website to function. These cannot be disabled.

Analytics Cookies: Help us understand how visitors use our website. You can opt out of these cookies.

Marketing Cookies: Used to track visitors across websites for marketing purposes. You can opt out of these cookies.

10.2 Managing Cookies

You can manage your cookie preferences by:

  • Using our cookie consent tool on the website
  • Adjusting your browser settings to block or delete cookies
  • Using browser plugins or extensions for cookie management
  • Contacting us at support@funepiclabyrinth.com

10.3 Third-Party Cookies

Some cookies on our website are set by third-party services. We only use third parties that comply with GDPR requirements and have appropriate data processing agreements in place.

11. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements.

Specific retention periods include:

  • Account Data: Retained while your account is active and for up to 3 years after account closure
  • Transaction Records: Retained for 7 years to comply with tax and accounting regulations
  • Marketing Data: Retained until you unsubscribe or withdraw consent
  • Support Communications: Retained for 3 years after the last interaction
  • Website Analytics: Retained for up to 2 years
  • Security Logs: Retained for 1 year

When we no longer need your data, we securely delete or anonymize it in accordance with our data retention policy.

12. Updates to This GDPR Information

We may update this GDPR information from time to time to reflect changes in our practices or legal requirements. We will notify you of material changes by posting the updated information on our website and updating the "Last Updated" date.

We encourage you to review this page periodically to stay informed about how we protect your data and your GDPR rights.

13. Contact Information

If you have any questions about GDPR compliance or wish to exercise your rights, please contact us:

Data Protection Officer:
Email: support@funepiclabyrinth.com

General Inquiries:
Email: info@funepiclabyrinth.com

Business Contact:
Email: contact@funepiclabyrinth.com

Postal Address:
funepiclabyrinth.com
Upplandsgatan 6A
111 23 Stockholm
Sweden

We are committed to responding to your inquiries promptly and resolving any concerns you may have about your data protection rights.

14. Additional Resources

For more information about GDPR and your data protection rights, you may find the following resources helpful: