Privacy Policy

1. Controller Identity

Confectionery Architecture Entertainment Ltd is the data controller responsible for your personal information when you visit Lollipop Cathedral. We are registered with the Information Commissioner's Office (ICO) in the United Kingdom. We are committed to protecting your privacy while you enjoy our free social casino experience.

2. Lawful Basis for Processing

Under the UK General Data Protection Regulation (UK GDPR), we process your data primarily on the basis of legitimate interests to ensure the smooth operation of games like The Rose Window and Pillar Ascension. Where required, such as for non-essential cookies, we rely on your explicit consent. We do not require accounts, which minimizes the personal data we need to collect.

3. Data We Collect

We collect technical data such as your IP address, browser type, and device information to deliver the Lollipop Cathedral experience securely. We also track virtual gameplay data, such as your balance of Sugar Shards, stored locally on your device to maintain your progress. We do not collect financial information as our site is strictly free-to-play.

4. Purpose of Processing

Your data is used to render the games, prevent fraudulent activity, and analyze website traffic. For instance, knowing how often Caramel Crypt Drop is played helps us improve the game mechanics. We also use technical data to ensure compliance with our 18+ age restriction policy in the UK.

5. Data Retention

We only retain your technical data for as long as necessary to fulfill the purposes outlined in this policy. Because we operate without user accounts, gameplay data related to your Sugar Shards is tied to your browser session and local storage. Analytics data is anonymised and kept for a maximum of 14 months.

6. Third-Party Sharing

Lollipop Cathedral does not sell your personal data. We may share anonymised technical data with trusted service providers who assist us in hosting the website and analyzing traffic. All third parties are strictly vetted for compliance with UK GDPR standards.

7. Your Data Subject Rights

Under UK law, you have the right to access, rectify, or request the erasure of your personal data. You also have the right to restrict processing and the right to data portability. Since we do not maintain persistent user accounts, fulfilling these requests may require you to provide specific technical identifiers.

8. Security Measures

We implement robust technical and organisational measures to secure the Lollipop Cathedral platform. This includes encryption in transit (HTTPS) and regular security audits to protect the integrity of our free gaming environment. We treat your digital safety as seriously as the structural integrity of our sweet architecture.

9. Complaints to the ICO

If you believe we have mishandled your data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues. However, we would appreciate the chance to deal with your concerns first, so please contact support@lollipopcathedral.com.

10. Updates to this Policy

We may update this Privacy Policy from time to time to reflect changes in UK law or our platform features. Any changes will be posted on this page. We encourage our visitors to review this policy periodically while collecting their daily Sugar Shards.