Privacy Policy
1. Who we are
personalized-birthday-games.com is operated by Stellaris Consulting Ltd (“we”, “us”), a company registered in England and Wales (Company No. 10336586), with registered office at 20-22 Wenlock Road, London, N1 7GU, United Kingdom. VAT number: GB258513785.
Contact for privacy: [email protected]
2. What this policy covers
This policy explains how we use personal information when you use our website to create a personalized birthday game for someone else. It applies to visitors and to anyone using the create form — for example a parent or relative or a teenager creating a game for a friend — subject to the age rules in our Terms.
3. Information we collect
When you personalize a game we may process:
- The recipient’s first name or the name you type for them, age band (8–14), difficulty choice, game title, and the text you provide for screens and messages.
- Technical data typical of websites: IP address and browser type in our hosting provider’s logs.
- If you email us: your email address and the content of your message.
If you use optional feedback (e.g. a review email), we process what you send us.
4. How we collect it
You provide information directly in the create form or by email. Log data is collected automatically when you use the site.
5. How and why we use it (lawful bases under UK GDPR)
We use this information to:
- Generate and host your personalized game (performance of our service / steps at your request).
- Keep short operational records where we use a database (legitimate interests in running a safe, reliable service; you can object as described below).
- Respond to support emails (legitimate interests / if relevant contract).
- Meet legal obligations (e.g. responding to lawful requests).
We do not sell your personal information and we do not use it for third-party advertising.
Do we read the text you enter?
Your text is processed automatically to build the game and is kept only as long as we keep that game (see How long we keep it below). We do not routinely read birthday messages or other fields for moderation. We only read that text if you contact us with a change request or to report a technical issue, so we can help.
Data security
We use appropriate technical and organisational measures designed to protect personal information. Access is limited to what is needed to run the service. If we become aware of a personal data breach that must be reported under UK law, we will notify the regulator or affected individuals when required.
6. Children and young people
We do not market the site to under-13s for independent, unsupervised use, and we do not knowingly collect personal data directly from children under 13 without appropriate involvement of a parent or guardian.
- Under 13: If you are under 13, you should not use the create flow on your own. A parent or guardian should complete or supervise personalization for you.
- Teenagers (13+): You may use the free Service if you meet the minimum age and rules in our Terms. You should only enter information about other people (including friends) where you have their agreement or it is reasonable for a birthday surprise and does not harm anyone’s rights.
- Recipients: Games are often personalized for a child (our in-game age band is 8–14). The person using the form decides what names and messages to enter; they are responsible for that content, as set out in our Terms.
If you are a parent or guardian and believe a child has used the site in a way that raises concerns, contact [email protected] and we will delete what we can reasonably identify and control (see Your rights below).
Similar UK gift sites often state that their service is not meant for children and require adults to place orders. We set clear rules for teen use of the free tool and will require 18+ to pay when checkout is available.
7. Where data is stored
We host the site and your personalized games with Railway (legal entity Railway Corporation, based in the United States). Our workloads run in Europe (Amsterdam, Netherlands) — Railway’s EU West region — so your content is primarily processed in the EEA. Region options: docs.railway.app/reference/regions
Some processing may also occur in other locations (including the United States) as part of Railway’s platform and approved subprocessors, as described in Railway’s privacy policy (railway.com/legal/privacy) and subprocessor list (trust.railway.com/item/subprocessors). Where UK law requires extra safeguards for international transfers, we use approved mechanisms such as standard contractual clauses in line with Railway’s data processing agreement (railway.com/legal/dpa). Stellaris Consulting Ltd signs (or has signed) that agreement with Railway as required for our use of the platform. Compliance overview: docs.railway.app/enterprise/compliance
8. How long we keep it
Our default retention period is 12 months, measured from the date the personalized game was created, unless we are required to keep information longer by law or for an ongoing dispute.
- Personalized game files (the hosted link you receive): we delete these after 12 months.
- Operational records about that game in our systems (for example a row in our database): we delete these on the same 12-month schedule, so they stay aligned with the game files.
- Support emails you send us: we delete these after 12 months from the date of our last message in that conversation (unless a legal claim or obligation requires longer).
- Technical and security logs on our hosting provider’s infrastructure may be held under their retention rules. We do not use those logs for advertising or profiling.
You can ask us to delete sooner where possible: contact [email protected]. We will delete what we can reasonably identify and control; some residual data may briefly remain in encrypted backups until those backups expire.
Existing game links: We are not changing how games are hosted or their URLs. A future automated purge will only remove bundles older than 12 months in line with this policy; we will not alter /output/… routing for active games.
9. Cookies and similar technologies
We do not use analytics or advertising cookies on this site. We may use strictly necessary technologies required for the site to function. If we add optional cookies or tracking in future, we will update this policy and, where required, ask for your consent before turning them on.
10. Your rights
Under UK data protection law you may have the right to access, correct, delete, or restrict use of your personal data, and to object to certain processing. You may also complain to the Information Commissioner’s Office (ico.org.uk). Contact us first at [email protected] and we will respond within one month in most cases.
11. Third-party sites
Our site may link elsewhere. We don’t control those sites; read their policies before you share personal data there.
12. Changes
We may update this policy from time to time. The “last updated” date will change; for material changes we may add a notice on the site.