Privacy Policy

Last Updated: 4.8.2025

TikPlay ("we," "our," or "us") operates the TikPlay gaming platform that integrates with TikTok livestreams. This Privacy Policy explains how we collect, use, and protect your information when you use our interactive gaming services.

Data Controller

TikPlay – Cakir Emre Yunus & Güngörmüs Atakan Aytac GbR
represented by: Cakir Emre Yunus & Güngörmüs Atakan Aytac
Moltkestraße 32
95028 Hof
Germany
Email: tikplay218@gmail.com

1. Information We Collect

Account Information

When you create a TikPlay account, we collect your username, email address, and profile information.

TikTok Integration Data

When you connect your TikTok account, we collect:

  • TikTok username and profile information
  • Livestream interaction data (gifts, likes, comments)
  • Viewer engagement metrics
  • Stream analytics for game performance

Gaming Data

We collect game interaction data including:

  • Game performance and scores
  • Player progression and achievements
  • Game configuration and mappings
  • Session duration and frequency

Technical Information

We automatically collect device information, IP addresses, browser type, and usage analytics to improve our services.

2. How We Use Your Information

We use your information to:

  • Provide and operate the TikPlay gaming platform
  • Connect your games with TikTok livestream interactions
  • Process TikTok gifts and convert them to in-game actions
  • Provide analytics and performance insights
  • Improve our games and platform features
  • Send important service updates and notifications
  • Ensure platform security and prevent abuse

2.1 Legal Basis for Processing (GDPR)

We process your personal data based on the following legal grounds:

Contract Performance (Art. 6(1)(b) GDPR)

  • Account creation and management
  • Game functionality and TikTok integration
  • Subscription processing and billing

Legitimate Interest (Art. 6(1)(f) GDPR)

  • Platform security and fraud prevention
  • Analytics for service improvement
  • Technical infrastructure maintenance

Consent (Art. 6(1)(a) GDPR)

  • Marketing communications (where opted-in)
  • Non-essential cookies and tracking
  • Optional features like advanced analytics

You can withdraw consent at any time without affecting the lawfulness of processing based on consent before withdrawal.

3. Information Sharing

We do not sell your personal information. We may share information in these situations:

  • TikTok Integration: Necessary data sharing with TikTok's API for livestream functionality
  • Service Providers: Third-party services that help us operate the platform
  • Legal Requirements: When required by law or to protect our rights
  • Business Transfers: In connection with mergers or acquisitions

4. Data Security

We implement industry-standard security measures including:

  • Encryption of data in transit and at rest
  • Regular security audits and updates
  • Access controls and authentication systems
  • Secure cloud infrastructure (Google Cloud/Firebase)

5. Your Rights (GDPR)

If you're in the EU/EEA, you have comprehensive rights:

  • Right of Access (Art. 15): Request copies of your personal data
  • Right to Rectification (Art. 16): Correct inaccurate data
  • Right to Erasure (Art. 17): Delete your data ("right to be forgotten")
  • Right to Restrict Processing (Art. 18): Limit how we use your data
  • Right to Data Portability (Art. 20): Receive your data in machine-readable format
  • Right to Object (Art. 21): Object to processing based on legitimate interest
  • Right to Withdraw Consent (Art. 7(3)): For consent-based processing

To exercise these rights:

  • Email: tikplay218@gmail.com with subject "Data Protection Request"
  • Response time: Within 30 days (may be extended to 60 days for complex requests)
  • Free of charge (except for manifestly unfounded or excessive requests)

You also have the right to lodge a complaint with your local data protection authority.

6. Cookies and Tracking

We use different categories of cookies:

Strictly Necessary Cookies

  • User authentication and security
  • Basic platform functionality
  • Session management

Legal basis: Legitimate interest (Art. 6(1)(f) GDPR)

Performance/Analytics Cookies

  • Google Analytics for usage statistics
  • Game performance monitoring

Legal basis: Consent (Art. 6(1)(a) GDPR) - requires opt-in

Marketing Cookies

Currently none - Future marketing features will require explicit consent

Cookie Consent Management

When you first visit TikPlay, you'll see our cookie banner requesting your consent for non-essential cookies. You can customize your preferences at any time through the banner or browser settings. Withdrawing consent for non-essential cookies may limit some features.

7. Third-Party Services

Our platform integrates with:

  • TikTok: For livestream integration and gift processing
  • Stripe: For payment processing and subscription management
  • Google Analytics: For platform usage analytics
  • Firebase: For backend services and authentication
  • Unity: For game rendering and interactions

Each service has its own privacy policy governing their data practices.

7.1 International Data Transfers

Some of our service providers are located outside the European Economic Area (EEA):

United States

TikTok, Stripe, Google/Firebase

  • Protected by EU-US Data Privacy Framework (Adequacy Decision 2023)
  • Additional safeguards: Standard Contractual Clauses

Other Countries

Currently none - Any future transfers will use appropriate safeguards (SCCs, adequacy decisions)

You have the right to request information about safeguards for international transfers.

8. Data Retention

We retain your data for specific periods based on the type of information:

  • Account Information: Until account deletion or 3 years after last login
  • Game Performance Data: 2 years after last gaming session
  • TikTok Integration Data: 1 year after disconnection of TikTok account
  • Payment/Subscription Data: 7 years (German tax law requirements)
  • Analytics Data: 26 months (Google Analytics standard)
  • Support Communications: 3 years after case closure
  • Security Logs: 6 months after incident

After these periods, data is automatically deleted or anonymized.

9. Children's Privacy

TikPlay is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe we have collected such information, please contact us immediately.

10. Data Protection Officer

Based on our current processing activities and company size, we are not required to appoint a Data Protection Officer under Art. 37 GDPR.

For data protection inquiries, contact us directly at tikplay218@gmail.com.

We will reassess this requirement as our business grows and will appoint a DPO if legally required.

11. Contact Us

For privacy-related questions or concerns, contact us at:

Email: tikplay218@gmail.com

Website: https://tikplay.games

Operator: TikPlay – Cakir Emre Yunus & Güngörmüs Atakan Aytac GbR

TikPlay – Privacy Policy