Last Updated: 2026-02-16
This Privacy Policy explains how Happy Hour Media AB (“we”, “us”, or “our”) collects, uses, stores, and protects personal data when users access our website and free-to-play social gaming platform.
This policy complies with:
- EU General Data Protection Regulation (GDPR)
- German Federal Data Protection Act (Bundesdatenschutzgesetz – BDSG)
- German Telecommunications-Telemedia Data Protection Act (TTDSG)
- Applicable EU and German data protection legislation
If you are located in Germany or another EU/EEA country, this policy applies to you in full.
1. Data Controller
Happy Hour Media AB
Erik Dahlbergsgatan 20b
Sweden
Email: privacy@happy-hour.media
2. Personal Data We Collect
a) Data You Provide Voluntarily
- Email address (e.g., newsletter, waiting list, or contact form)
- Messages or inquiries submitted via the Website
- Consent status and communication preferences
b) Automatically Collected Data
When you access our website, certain technical data may be collected automatically:
- IP address
- Device and browser information
- Operating system
- Referring URLs
- Pages visited
- Interaction events (e.g., clicks, navigation patterns, form submissions)
This data is collected via cookies and similar technologies as described in Section 6 and our Cookie Policy.
3. Legal Bases for Processing (Article 6 GDPR)
We process personal data only where a lawful basis applies:
- Consent (Art. 6(1)(a) GDPR) – for analytics cookies, marketing cookies, advertising measurement, and optional communications
- Legitimate interest (Art. 6(1)(f) GDPR) – for operating, securing, and improving the website and platform
- Legal obligation (Art. 6(1)(c) GDPR) – where required under applicable law
- Contractual necessity (Art. 6(1)(b) GDPR) – where processing is necessary to respond to user requests
Where processing is based on legitimate interest, we conduct a balancing assessment to ensure that our interests do not override your fundamental rights and freedoms.
You may withdraw consent at any time without affecting prior lawful processing.
4. Purpose of Data Processing
We process personal data for clearly defined purposes:
- Operating and maintaining the website and platform
- Ensuring system security, fraud prevention, and platform integrity
- Responding to user inquiries
- Managing email subscriptions and launch updates
- Measuring website performance and usage (analytics – only with consent)
- Measuring advertising effectiveness (only with consent)
- Complying with legal obligations
The platform is a free-to-play social gaming service.
We do not offer real-money gambling, do not process gambling payments, and no prizes or items of monetary value can be won.
We do not engage in automated decision-making or profiling within the meaning of Article 22 GDPR.
We do not sell personal data.
Advertising technologies are used solely to promote the free-to-play social gaming platform and are not used to promote real-money gambling services, betting platforms, or monetary wagering.
5. Data Retention
We retain personal data only as long as necessary for the purposes described in this policy.
Typical retention periods:
- Email sign-ups / waiting list data: until you unsubscribe or up to 24 months after last interaction
- User inquiries: up to 24 months after resolution
- Server logs (including IP addresses): typically 30–90 days
- Analytics data (with consent): up to 14 months
- Advertising and conversion tracking data (with consent): up to 13 months
- Consent records: up to 3 years after withdrawal or last interaction
Where legal obligations require longer retention, data may be stored accordingly.
6. Cookies, Analytics, and Device Storage (Germany)
We use cookies and similar technologies in accordance with your choices in our cookie banner and Cookie Policy.
For users in Germany:
- The storage of or access to information on a user’s device is governed by §25 TTDSG.
- Strictly necessary cookies are used in accordance with §25(2) TTDSG. The related processing of personal data is based on Article 6(1)(f) GDPR (legitimate interest).
- Non-essential cookies (analytics and marketing) are set only after prior consent in accordance with §25(1) TTDSG and Article 6(1)(a) GDPR.
Cookie Categories
Strictly Necessary Cookies
Required for basic functionality and security. No consent required.
Analytics Cookies (Statistics)
Activated only after user consent. Used solely for statistical analysis and performance measurement.
Marketing Cookies (Advertising & Conversion Tracking)
Activated only after explicit user consent. Used solely to measure advertising effectiveness for the free-to-play platform.
If you consent to analytics but not marketing, marketing cookies will not be set.
7. Advertising and Conversion Tracking
If you consent to marketing cookies, we may use advertising technologies such as:
- Microsoft Advertising (UET tag)
- Google Ads conversion tracking
- Meta Pixel
Data processed may include:
- Event data (page views, form confirmations, button clicks)
- Device and browser information
- Cookie identifiers
- Approximate geographic information derived from IP address
Depending on configuration, certain providers (e.g., Google Ireland Ltd. or Meta Platforms Ireland Ltd.) may act as independent controllers or joint controllers under Article 26 GDPR for their own processing activities. Further details are available in their respective privacy policies.
Marketing technologies are activated only after explicit consent.
8. Consent Records and Accountability
When you provide or withdraw consent via our cookie banner, we store a record of:
- Consent status
- Categories accepted or rejected
- Date and time
- Consent identifier
These records are retained for up to three (3) years to demonstrate compliance with GDPR and TTDSG.
You may modify or withdraw consent at any time.
9. Third-Party Processors
We share limited personal data with trusted service providers, including:
- Hosting providers
- Analytics providers
- Advertising measurement providers
- Security and infrastructure providers
Where required, Data Processing Agreements (DPAs) are in place in accordance with GDPR.
10. International Data Transfers
Some service providers may process data outside the EU/EEA.
Where this occurs, we ensure appropriate safeguards, including:
- EU Standard Contractual Clauses (SCCs)
- Additional technical and organizational security measures
You may request further details regarding these safeguards.
11. Records of Processing Activities
We maintain internal records of processing activities in accordance with Article 30 GDPR.
12. Your Rights Under GDPR
If you are located in Germany or the EU/EEA, you have the right to:
- Access your personal data
- Rectify inaccurate data
- Request erasure
- Restrict processing
- Data portability
- Object to processing
- Withdraw consent at any time
To exercise your rights, contact:
We respond within GDPR deadlines (generally one month).
13. Right to Lodge a Complaint (Germany)
If you believe your data protection rights have been violated, you may lodge a complaint with a German data protection supervisory authority (Datenschutzaufsichtsbehörde) in your federal state.
A list of supervisory authorities is available at:
https://www.datenschutzkonferenz-online.de/datenschutzaufsichtsbehoerden.html
14. Data Security
We implement appropriate technical and organizational measures to protect personal data against unauthorized access, misuse, loss, or alteration.
Security measures are reviewed regularly.
15. Children’s Privacy
Age confirmation is based on user self-declaration. We do not intentionally collect personal data from individuals under 18.
16. Changes to This Privacy Policy
We may update this Privacy Policy to reflect legal, technical, or operational changes.
The latest version will always be available on this page.