Terms of Service and Privacy Policy

Terms of Service and Privacy Policy


User (You)

Data Subject is any living individual who is using our Service and is the subject of Personal Data.


Service is the https://www.tinghy.org website

Data Controller

Data Controller means the natural or legal person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal information are, or are to be, processed. For the purpose of this Privacy Policy, we are a Data Controller of the User's Personal Data.

Service Providers

Any natural or legal person who processes the data on behalf of the Data Controller. We may use the services of various Service Providers (for example, digitalocean.com) in order to process your data.

User Data

All data that the Data Controller generated and collects as a result of the interaction of the User with the Service. This includes Personal Data, Usage Data, Social Media Data, and Cookies.

Information collection and use

We collect several different types of information for various purposes to provide and improve our Service to the User.

Types of Data Collected

Personal Data

Personal Data means data about a living individual who can be identified from those data (or from those and other information either in our possession or likely to come into our possession). Personally identifiable information may include, but is not limited to your email address, first name and last name. While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you.

Usage data

Usage Data is data generated by the interaction with the User with the Service or the Service infrastructure (for example, the responses given by the User to the questionnaires in some of the Tinghy games or the duration of a page visit). We collect information on how the Service is accessed and used.

Tracking Cookies Data

Cookies are files with small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. We may use cookies to track the activity on our Service and hold certain information such as session identifiers. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.

Social Media Data

Parts of the Service require your personal social media data to function. Social Media Data includes data that the Data Controller collects and temporarily stores as a result of the User logging in through different social platforms including Facebook, Instagram, and Twitter. This may include the list of the User's followers on Twitter, links to the images on the User's Facebook timeline, and links to the images of the User's Instagram profile. This type of data is always collected with the User's consent. The first time a Social Media login is performed, the User is prompted with the exhaustive list of the types of information that is being shared with the Data Controller. Consent for sharing the data is explicitly asked to the User. The social media providers (for example Facebook) remain the main data controllers of the Social Media Data. However, the Social Media Data may be cached temporarily by this Service if necessary for the purposes set out in this Privacy Policy and periodically refreshed to reflect the changes that might occur in the social platform in which the data has being originally created.

Use of Data

The User Data is used for two main purposes:

Providing the Service to the User

To provide and maintain the Service, notify you about its changes, allow you to participate in interactive features when you choose to do so, and to prevent and address technical issues

To conduct academic research

This includes for example producing statistics of the responses that the Users give to the questionnaires on the Service. All the activity of research and analytics is performed on anonymized data. Aggregated statistics not including personally identifiable information might be reported in scientific publications.
The User Data will not be used for profit (for example, personalized advertising).

Retention of Data

The Data Controller will retain the data collected only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use the data to the extent necessary to comply with legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.

Transfer of Data

Exclusively for the purpose of providing a high-quality service to the User, all the data collected by the Data Controller may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction. Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.
We will not transfer the User Data to any other third party for the purpose of data analytics, or any for-profit activity (for example, advertisement).

Security of Data

The security of your data is important to us. The User Data is safely stored and securely sent over an encrypted channel (https). However, remember that no method of electronic transmission or storage is 100% secure. While we strive to use commercially acceptable means to protect your User Data, we cannot guarantee its absolute security.

Your Data Protection Rights Under General Data Protection Regulation (GDPR)

If you are a resident of the European Economic Area (EEA), you have certain data protection rights. The Data Controller aims takes reasonable steps to allow you to be in control of your User Data. In certain circumstances, you have the following data protection rights:

The right to access, update or to delete the information we have on you. You can access, update or request deletion of your User Data directly within your profile page. If you are unable to perform these actions yourself, please contact us at info@tinghy.org.

The right of rectification. You have the right to have your information rectified if that information is inaccurate or incomplete. You can do that by accessing your profile page and modifying your profile information or by contacting us at info@tinghy.org.

The right to data portability. You have the right to be provided with a copy of the information we have on you in a structured, machine-readable and commonly used format. You can do that anytime by accessing your profile page and clicking on “Download all my data”.

The right to object, restrict, and withdraw consent. You have the right to object, restrict, or withdraw your consent to our processing of your Personal Data. You can delete all your data from your profile page by clicking on “Unregister and delete all my data” or you can contact us at info@tinghy.org.

Please note that we may ask you to verify your identity before responding to such requests.