Privacy Policy

Last Updated: January 1, 2025

Effective Date: January 1, 2025

Introduction

Welcome to Halloween Color by Numbers, operated by BrainArt Studio. We respect your privacy and commit to protecting your personal data. This privacy policy explains how we collect, use, store, and protect your information when you visit our website at gamenexusquest.com.

This policy applies to all users of our website and services. By using our website, you agree to the collection and use of information as described in this policy.

Data Controller

The data controller responsible for your personal data is:

BrainArt Studio
183 Lindenhof Street
Vienna, Austria
1010

Email: support@gamenexusquest.com

Information We Collect

Personal Information

We collect personal information that you provide directly to us, including:

• Name and email address when you contact us or subscribe to our newsletter
• Contact details you provide through our contact forms
• Communication preferences and subscription settings
• Any other information you choose to provide to us

Automatically Collected Information

When you visit our website, we automatically collect certain information about your device and browsing behavior:

• IP address and general location information
• Browser type and version
• Operating system and device information
• Pages visited and time spent on our website
• Referring website addresses
• Date and time of visits

Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience. Cookies are small text files stored on your device. We use the following types of cookies:

• Essential Cookies: Required for the website to function properly. These cannot be disabled.
• Analytics Cookies: Help us understand how visitors use our website. These are optional.
• Marketing Cookies: Used to deliver relevant advertisements. These are optional.

You can manage your cookie preferences through our cookie banner or your browser settings.

How We Use Your Information

We use your personal data for the following purposes:

• Providing and maintaining our website and services
• Responding to your inquiries and support requests
• Sending newsletters and promotional materials (with your consent)
• Analyzing website usage to improve our services
• Detecting and preventing fraud or security issues
• Complying with legal obligations and enforcing our terms
• Personalizing your experience on our website

Legal Basis for Processing

Under GDPR, we process your personal data based on the following legal grounds:

• Consent: You have given clear consent for us to process your data for specific purposes
• Contract: Processing is necessary to fulfill a contract with you
• Legal Obligation: Processing is necessary to comply with legal requirements
• Legitimate Interests: Processing is necessary for our legitimate business interests, provided these do not override your rights

Data Sharing and Disclosure

We do not sell your personal data. We may share your information with:

Service Providers

We work with trusted third-party service providers who assist us in operating our website and services. These providers have access to your personal data only to perform tasks on our behalf and are obligated to protect your information.

Legal Requirements

We may disclose your information if required by law or in response to valid requests by public authorities, including:

• Compliance with legal obligations
• Protection of our rights and property
• Prevention of fraud or security issues
• Protection of user safety

Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your personal data may be transferred. We will provide notice before your data is transferred and becomes subject to a different privacy policy.

Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this privacy policy. Retention periods vary based on:

• The nature of the data collected
• The purpose for which it was collected
• Legal or regulatory requirements

Specifically:

• Contact Form Data: Retained for 2 years after your last interaction
• Newsletter Subscriptions: Retained until you unsubscribe
• Analytics Data: Aggregated and anonymized after 26 months
• Cookie Data: Retained according to your cookie preferences, typically up to 12 months

Your Data Protection Rights

Under GDPR and applicable data protection laws, you have the following rights:

Right to Access

You can request copies of your personal data. We may charge a reasonable fee for additional copies.

Right to Rectification

You can request correction of inaccurate or incomplete personal data.

Right to Erasure

You can request deletion of your personal data under certain conditions.

Right to Restrict Processing

You can request that we limit the processing of your personal data under certain conditions.

Right to Data Portability

You can request transfer of your data to another organization or directly to you in a structured, commonly used format.

Right to Object

You can object to our processing of your personal data under certain conditions.

Right to Withdraw Consent

Where we rely on your consent to process your data, you can withdraw that consent at any time.

To exercise any of these rights, please contact us at support@gamenexusquest.com. We will respond to your request within one month.

Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit and at rest
• Regular security assessments and audits
• Access controls and authentication procedures
• Employee training on data protection
• Secure backup and recovery systems

However, no method of transmission over the internet is completely secure. While we strive to protect your data, we cannot guarantee absolute security.

International Data Transfers

Your information may be transferred to and maintained on computers located outside your country or jurisdiction where data protection laws may differ. We ensure appropriate safeguards are in place for such transfers, including:

• Standard contractual clauses approved by the European Commission
• Adequacy decisions confirming adequate protection levels
• Other legally recognized transfer mechanisms

Children's Privacy

Our website is designed for users aged 4 and above. We recommend parental guidance for children under 13. We do not knowingly collect personal data from children under 13 without parental consent. If you believe we have collected data from a child without proper consent, please contact us immediately.

Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. We encourage you to review the privacy policies of any third-party sites you visit.

Analytics and Advertising

We may use third-party analytics services to understand how our website is used. These services may collect information about your use of our website and other websites. We use this information to improve our services and user experience.

You can opt out of analytics tracking through our cookie settings or browser settings.

Changes to This Privacy Policy

We may update this privacy policy periodically to reflect changes in our practices or legal requirements. We will notify you of significant changes by:

• Posting the new policy on this page
• Updating the "Last Updated" date
• Sending an email notification for material changes (if you have subscribed)

We encourage you to review this policy regularly to stay informed about how we protect your data.

Contact Information

If you have questions, concerns, or requests regarding this privacy policy or our data practices, please contact us:

Email: support@gamenexusquest.com
Alternative Email: info@gamenexusquest.com

Postal Address:
BrainArt Studio
Krugerstraße 4
1010 Wien, Austria

Supervisory Authority

If you are located in the European Economic Area, you have the right to lodge a complaint with your local data protection supervisory authority if you believe we have not handled your personal data properly.

For Austria, the supervisory authority is:
Austrian Data Protection Authority (Datenschutzbehörde)
Barichgasse 40-42
1030 Vienna, Austria

Cookie Management

You can manage your cookie preferences at any time by:

• Adjusting your browser settings to refuse cookies
• Deleting cookies already stored on your device
• Using our cookie preference center (available through the cookie banner)

Please note that disabling certain cookies may affect website functionality.

Do Not Track Signals

Some browsers include a "Do Not Track" feature. Currently, there is no industry standard for responding to these signals. We do not currently respond to Do Not Track signals, but we respect your cookie preferences as set through our cookie banner.

Data Breach Notification

In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify you and the relevant supervisory authority within 72 hours of becoming aware of the breach, as required by GDPR.

Automated Decision Making

We do not use automated decision-making or profiling that produces legal effects or similarly significant effects on you.