Privacy policy
What we collect
- Your Username
- Your Email
- Your Password (unreadable by us, using industry standard bcrypt hashing)
- IP Addresses used to access our services
- Hardware identifiers used to access our services
- Logs, metrics, and events generated by use of our services
- Browser user agents
How we use this data
We need to collect this information to operate this service.
- IP Addresses, hardware identifiers, and browser user agents are required to prevent malicious abuse of our systems.
- The password field is only used for making sure you're the one who is trying to log in.
- The email, username and password fields are required to log users in and provide account security mechanisms.
We may use third party services help us operate our services. Your data is never sold, but it may be transferred or transmitted via our Data Processors (as defined below).
Managing your data
We allow a user to request PII associated with their account to be deleted via the website account page. We may impose security and authentication checks during deletion to prevent unauthorized use of this feature and will not authorize account deletion via other means.
When you delete your account, you understand that your account and related information, including access to your toons and other in-game content, will be permanently lost.
Parental opt-out
If you are a parent or legal guardian, and would no longer like you or your child to be bound to this privacy policy, you may use the information above to delete your child's account. Since this information is required to operate the service, the account will be deleted. For security purposes, this can only be done manually by logging into the account and performing the deletion yourself.
third-party sign-in provider data
When you link your Corporate Clash account to a sign-in provider/use the "sign in with..." feature, we receive some of your data from the sign-in provider, such as your name, email, and a unique identifier. This data will only be used to associate the account you have with the sign-in provider to your Corporate Clash account in order to provide the account linking and "sign in with..." feature. We will never sell or export this information to anyone other than transmitting it via our data processors (detailed below) in order to store the data in a database, process it for business usage, or transfer it to your browser.
Your use of the feature is contengent on agreeing to the terms of service and privacy policy of the sign-in provider. You are not required to use this feature to access the main service unless you want to use features reliant on them.
signining in and linking with third-party websites
We partner with certain third-party websites to allow you to log in to them with your Corporate Clash account and provide information on your account to them - this might includes data such as your toon's look, name, progress, etc, as well as personal data, such as the username or email associated with your account. This can be initiated from the third-party's website.
Data Processors
- Cloudflare (Cloudflare DPA)
- DigitalOcean (Digitalocean DPA)
- Amazon Web Services/AWS (AWS DPA)
- OVHcloud (OVH DPA)
- Google Cloud Platform (GCP DPA)
- Microsoft Azure (Azure DPA)
- Elastic Cloud (Elastic DPA)
- Datadog (DD DPA)
Cookies
We use first-party cookies to contain a "session" that allows you to stay logged in between page loads. This session is associated with PII related to your account, but is not used to track you in places other than our websites.
We may use Cloudflare cookies to ensure our website is protected against malicious attacks. These cookies are used by Cloudflare to detect and stop bots from performing malicious actions against our services.
We also use cookies generated by Datadog to track your usage of our website in-between page loads. This is not used for cross-site tracking, and you may inspect the full scope of information collected here.
When we use Twitter or YouTube embeds to show content from their services, we ask them to use a "no cookie" or "no tracking" version of the embed. It is up to them to honor this.
Updates to this document
We retain the right to update this document without notice when we clarify existing policies. Users who continue to use our service after this document has been updated automatically agree to the new data processing terms defined in the updated document.