Privacy policy


What we collect

  • Your Username
  • Your Email
  • Your Password (unreadable by us, using industry standard bcrypt hashing)
  • IP Addreses used to access our services
  • Hardware identifiers used to access our services
  • Browser user agents

How we use this data

We need to collect this information to operate this service.

  • IP Addresses, hardware identifiers, and browser user agents are required to prevent malicious abuse of our systems.
  • The password field is only used for making sure you're the one who is trying to log in.
  • The email, username and password fields are required to log users in and provide account security mechanisms.

We may use third party services help us operate our services. Your data is never sold, but it may be transferred or transmitted via our Data Processors (as defined below).

Managing your data

We allow a user to request PII associated with their account to be deleted via the website account page. We may impose security and authentication checks during deletion to prevent unauthorized use of this feature and will not authorize account deletion via other means.

When you delete your account, you understand that your account and related information, including access to your toons and other in-game content, will be permanently lost.

Parental opt-out

If you are a parent or legal guardian, and would no longer like you or your child to be bound to this privacy policy, you may use the information above to delete your child's account. Since this information is required to operate the service, the account will be deleted. For security purposes, this can only be done manually by logging into the account and performing the deletion yourself.

third-party sign-in provider data

When you link your Corporate Clash account to Google or another sign-in provider, or use the "sign in with..." feature, we receive some of your data from the sign-in provider, such as your name, email, and a unique identifier. This data will only be used to associate the account you have with the sign-in provider to your Corporate Clash account in order to provide the account linking and "sign in with..." feature. We will never sell or export this information to anyone other than transmitting it via our data processors (detailed below) in order to store the data in a database or transfer it to your browser.

Your use of the feature is contengent on accepting the terms of service and privacy policy of the sign-in provider. You are not required to use this feature to access the main service.

signining in and linking with third-party websites

We partner with certain third-party websites to allow you to log in to them with your Corporate Clash account and provide information on your account to them - this might includes data such as your toon's look, name, progress, etc, as well as personal data, such as the username or email associated with your account. This can be initiated from the third-party's website.

Data Processors

Cookies

We use first-party cookies to contain a "session" that allows you to stay logged in between page loads. This session is associated with PII related to your account, but is not used to track you in places other than our websites.

We may use some third-party cookies like the Cloudflare __cf_bm cookie to ensure our website is protected against malicious attacks. These cookies are used by Cloudflare to detect and stop bots from performing malicious actions, such as signing up for fake accounts.

When we use Twitter or YouTube embeds to show content from their services, we ask them to use a "no cookie" or "no tracking" version of the embed. It is up to them to honor this.

Updates to this document

We retain the right to update this document without notice when we clarify existing policies. Users who continue to use our service after this document has been updated automatically agree to the new data processing terms defined in the updated document.


View history of changes on GitHub.

Toon Mail