Privacy Policy

Half Played Games

Muendener Strasse 58

34385 Bad Karlshafen, Hesse, Germany

Contact: contact[at]halfplayed.games

We process only data needed to operate the service. Depending on your use, this can include:

• Account data (username, email, password hash, profile fields).
• Content data (comments, submissions, images, moderation metadata).
• Technical data (IP address, user-agent, request metadata, error logs).
• Security/session data (authentication cookies and related session checks).
• Operational data (notifications, follows, collections, drafts, moderation/audit actions).

• Service delivery and account features: processing is necessary for contract performance or pre-contractual steps (Art. 6(1)(b) GDPR).
• Security, abuse prevention, rate-limiting, moderation, logging: processing based on legitimate interests (Art. 6(1)(f) GDPR).
• Legal obligations: where required by law (Art. 6(1)(c) GDPR).
• Consent-based processing: where legally required (Art. 6(1)(a) GDPR), including device access/storage consent where applicable.

We use technically necessary cookies for login/session handling and security features. These are required to provide explicitly requested services.

If non-essential cookies/tracking are introduced later (for example marketing or analytics requiring consent), we will request consent before such storage/access on end-user devices.

A detailed storage register (cookie/localStorage/sessionStorage names, duration, purpose, provider, legal basis) is maintained in our Cookie Policy page.

Current analytics events (for example article click/share counters) are only processed when the user has enabled analytics consent.

We retain data only as long as necessary for the stated purpose or legal requirements.

• Account/profile data: until account deletion or valid legal retention requirement.
• Content (comments, submissions, moderation): for platform integrity and traceability.
• Security and API error logs: limited retention for diagnostics and abuse prevention.

We may share data with hosting/infrastructure providers and strictly necessary processors under data processing agreements.

For content enrichment, the service may call external APIs (for example game data providers). We do not sell personal data.

If personal data is transferred outside the EU/EEA, we apply GDPR-compliant safeguards (for example adequacy decisions or standard contractual clauses), where required.

You may request access, rectification, erasure, restriction, portability, and object to processing, subject to legal conditions (GDPR Arts. 15-21).

You can contact us at contact[at]halfplayed.games.

You also have the right to lodge a complaint with a supervisory authority, including your competent state data protection authority in Germany.

We implement technical and organizational measures including access controls, role-based authorization, input validation, rate limiting, and logging to protect data and service integrity.