Privacy Policy
Who we are. This Privacy Policy explains how Solitaren OOD (company ID 207519544), with registered address ul. Dorbila 5, Sofia, Bulgaria (“Solitaren”, “we”, “us”, “our”), collects, uses, shares, and protects information in connection with your use of solitairen.com and any related pages, features, or content (collectively, the “Services”).
For GDPR purposes, Solitaren OOD is the data controller.
If you have questions, contact us at contacts@solitairen.com or by mail at the address above.
1) Information We Collect
We collect information in three ways:
A. Information you provide directly
- Email address: When you create an account, sign in, or contact us.
- We do not require usernames, passwords, or other personal details to register. If we introduce passwords in the future, they will be stored using industry‑standard hashing.
B. Information collected automatically (cookies & similar tech)
- Device and usage data: IP address, browser type, operating system, pages viewed, links clicked, time spent, and referring URLs.
- Approximate location derived from your IP (city/region level).
- Cookies/local storage: Small files that help the site function, measure usage, and (with your consent, where required) personalize advertising.
C. Information from third parties
- Analytics and advertising partners (specifically: Google Analytics and Google Ad Manager) provide aggregated insights about site usage and ad performance.
We do not knowingly collect or store data from children (see “Children’s Privacy” below). We do not collect sensitive personal data.
2) How We Use Your Information
We use the information described above to:
- Provide and operate the Services (e.g., save your preferences, keep you signed in via email-based access).
- Measure and improve performance and user experience (analytics).
- Protect the Services, prevent fraud, and ensure security.
- Serve and measure advertising (through Google Ad Manager) where permitted by law and your choices.
- Communicate with you about your account or respond to your inquiries.
- Comply with legal obligations and enforce our terms.
GDPR legal bases:
- Consent (Art. 6(1)(a)) for non‑essential cookies/ads and certain analytics.
- Contract (Art. 6(1)(b)) to provide your account and requested Services.
- Legitimate interests (Art. 6(1)(f)) for essential analytics, security, and service improvement (balanced against your rights).
- Legal obligations (Art. 6(1)(c)) when required by law.
You can withdraw consent at any time via our cookie banner or by contacting us.
3) Cookies & Tracking Technologies
We use the following categories of cookies/identifiers:
- Strictly necessary (essential) – required for core site functionality and security.
- Analytics – help us understand how the site is used (e.g., Google Analytics).
- Advertising – enable ad delivery and measurement (e.g., Google Ad Manager).
- Functional – remember choices to enhance your experience.
Your choices:
- In the EEA/UK and other applicable regions, we request consent for non‑essential cookies via a cookie banner. You can change or withdraw your consent at any time through the “Cookie Preferences” link in our footer.
- You can also manage cookies through your browser settings.
- Where supported, we make reasonable efforts to honor Global Privacy Control (GPC) signals as an opt‑out of “sale/share” for CCPA/CPRA purposes.
4) Third‑Party Services We Use
We use well‑known providers to help run and improve our Services:
- Google Analytics (analytics): provides aggregated usage statistics (e.g., page views, session duration).
- Google Ad Manager (advertising): delivers ads and measures ad performance; may use cookie‑based identifiers and similar technologies.
These providers may process data on servers located outside your country (including the United States). Where required by GDPR, we rely on appropriate safeguards for international transfers (e.g., EU Standard Contractual Clauses as implemented by our providers).
You can adjust your advertising choices via our cookie banner and your browser settings. We do not combine your direct identifiers (like your email) with advertising profiles.
5) User Accounts & Registration
- You can create an account using only your email address.
- We store emails locally on our systems.
- If we introduce passwords or additional sign‑in methods in the future, we will update this Policy to describe how they are protected and used.
- You may delete your account or request deletion at any time (see “Your Rights” below).
6) Children’s Privacy
Our Services are not directed to children and we do not knowingly collect or store personal data from children.
- In the EEA/UK, you must generally be at least 16 (or the lower age allowed by your country’s law, but never under 13) to use our Services without verified parental consent.
- In the United States (including California), you must be at least 13. If you believe a child has provided us with personal data, contact us at contacts@solitairen.com and we will promptly delete it. We do not sell or share personal information of consumers we know are under 16.
7) How We Share Information
We share data only as necessary and in accordance with this Policy:
- Service providers/Processors: hosting, security, analytics, and advertising partners (e.g., Google) under appropriate contracts.
- Legal & safety: to comply with law, enforce our agreements, or protect rights, safety, and property.
- Business transfers: in connection with a merger, acquisition, or asset sale, subject to this Policy’s protections.
We do not sell your email address or other personal data for money. For CCPA/CPRA, certain advertising activities (e.g., cookies for cross‑context behavioral ads) may be considered “sharing” (see the CCPA Notice below), and you can opt out.
8) International Data Transfers
Your information may be processed in countries other than your own, including outside the EEA/UK. Where we transfer personal data internationally, we implement safeguards such as Standard Contractual Clauses and conduct transfer risk assessments as appropriate.
9) Data Retention
We retain personal data only for as long as necessary to fulfill the purposes described in this Policy or as required by law. In general:
- Account email: kept until you delete your account or request deletion, or after a period of inactivity defined in our internal policies.
- Analytics data: retained for a limited period configured in our analytics settings, after which it is deleted or aggregated.
- Ad event data: kept as long as needed for measurement and fraud prevention, then aggregated or deleted.
- Logs & security data: kept for a short operational period unless needed for investigations.
When we no longer need personal data, we delete or anonymize it.
10) Security
We use administrative, technical, and physical safeguards designed to protect personal data, including TLS encryption in transit, access controls, and least‑privilege administration. No system can be 100% secure; we continuously improve our safeguards and monitor for vulnerabilities.
11) Your Rights (GDPR/EEA & similar)
If you are in the EEA/UK (or a jurisdiction with similar rights), you have the right to:
- Access your personal data and obtain a copy.
- Rectify inaccurate or incomplete data.
- Erase your data (“right to be forgotten”).
- Restrict or object to certain processing (including processing based on legitimate interests).
- Data portability (receive your data in a machine‑readable format).
- Withdraw consent at any time (this does not affect prior lawful processing).
- Lodge a complaint with your local supervisory authority. In Bulgaria, that is the Commission for Personal Data Protection.
To exercise these rights, contact [CONTACT EMAIL].
12) California Privacy Notice (CCPA/CPRA)
This section applies to California residents and supplements the information above.
A. Notice at Collection – Categories of Personal Information
We have collected the following categories of personal information in the last 12 months:
Category (CCPA) | Examples | Collected? | Sources | Business/Commercial Purposes | Sold? | Shared for Cross‑Context Ads? |
---|---|---|---|---|---|---|
Identifiers | Email, IP address, cookie IDs | Yes | You; your device; service providers | Provide Services, account, security, analytics | No | Yes (ads cookies) |
Internet/Network Activity | Page views, clicks, referrers, device/browser info | Yes | Your device; analytics/ads partners | Analytics, improve Services, ad delivery/measurement | No | Yes |
Geolocation (approx.) | City/region from IP | Yes | Your device; analytics/ads partners | Content localization, analytics, ad relevance | No | Yes |
Inferences | Profiles derived from analytics/ads | No (we do not build user profiles ourselves) | — | — | No | No |
Sensitive PI | Government IDs, precise location, etc. | No | — | — | No | No |
We do not sell personal information for money. Some advertising cookies and similar technologies may constitute “sharing” under CPRA. You can opt out at any time (see “Your Choices” below).
B. Your CCPA/CPRA Rights
California residents have the right to:
- Know/Access the categories and specific pieces of personal information we collect, use, and disclose.
- Delete personal information (subject to legal exceptions).
- Correct inaccurate personal information.
- Opt out of sale or sharing of personal information for cross‑context behavioral advertising.
- Limit use and disclosure of Sensitive PI (not applicable; we do not collect Sensitive PI).
- Non‑discrimination for exercising privacy rights.
How to exercise your rights:
- Use our “Do Not Sell or Share My Personal Information” link (site footer) to opt out of sale/share for advertising.
- Submit access/correction/deletion requests via contacts@solitairen.com or our web form (footer link). We will verify your request, and you may use an authorized agent as permitted by law.
- We make reasonable efforts to honor Global Privacy Control (GPC) signals as an opt‑out of sale/share.
We do not sell or share personal information of consumers we know are under 16.
13) Your Choices
- Cookie preferences: Adjust consent at any time via the Cookie Preferences link/badge on our site.
- Browser/OS settings: Block or delete cookies; use built‑in tracking protection.
- Ads preferences: Use platform tools to limit interest‑based ads.
- Email communications: If we send service or product updates with your consent, you can unsubscribe at any time (instructions in the email).
14) Changes to This Policy
We may update this Privacy Policy from time to time. We will post the updated version with a new “Effective date” and, where required, notify you via the Services or by email. Continued use of the Services after an update constitutes acceptance of the revised Policy.
15) Contact Us
Controller: Solitaren OOD (ID 207519544) Address: ul. Dorbila 5, Sofia, Bulgaria Email: contacts@solitairen.com