Privacy Policy

Introduction

This Privacy Policy explains how Boggle Online ("we", "us", or "our") collects, uses, and shares information when you use our website at boggle-online.com. By using the site, you agree to the practices described here.

This policy covers our own data practices. Third-party services we use (listed below) have their own separate privacy policies that apply to data they collect independently.

Information We Collect

Account Information

If you create an account, we collect your chosen username, email address, and a hashed (bcrypt-encrypted) version of your password. We never store passwords in plain text.

Game Data

We store game scores, words found, session frequency, league rankings, and achievement progress to power the game features you use.

Technical Data

Like most websites, we automatically receive your IP address, browser type, device type, and the pages you visit. This data is used for security, analytics, and service improvement.

Cookies and Local Storage

We use cookies and browser local storage for the following purposes:

• Essential cookies: Keep you logged in and store game preferences. These cannot be disabled without breaking core functionality.
• Analytics cookies: Google Analytics uses cookies to measure site traffic and usage patterns (see Third-Party Vendors section).
• Advertising cookies: Google AdSense uses cookies to serve and measure ads. These may include cookies that track your activity across websites to show you personalised advertising (see Third-Party Vendors section).

You can control or disable non-essential cookies through your browser settings. Note that disabling advertising cookies does not remove ads — it removes personalisation from them.

How We Use Your Information

• To provide, operate, and improve the Boggle Online game and website
• To manage accounts, authenticate logins, and maintain leaderboards
• To respond to support requests and contact form submissions
• To analyse traffic and gameplay patterns to fix bugs and improve features
• To display advertisements via Google AdSense (see below)
• To detect and prevent fraud, abuse, or security incidents

We do not use your personal data for automated decision-making or profiling beyond what is described above.

Third-Party Vendors and Advertising

We use the following third-party services. Each collects data under its own privacy policy, which we link to below.

Google AdSense (Advertising)

We use Google AdSense to display advertisements on this site. Google, as a third-party vendor, uses cookies (including the DoubleClick cookie) to serve ads based on your prior visits to this website or other websites. These cookies allow Google and its partners to serve ads tailored to your interests.

• Opt out of personalised advertising at Google's Ad Settings.
• Opt out via the Network Advertising Initiative opt-out page.
• Google's privacy policy: policies.google.com/privacy.

Google Analytics (Traffic Measurement)

We use Google Analytics to understand how visitors use our site. Google Analytics sets cookies to collect anonymised data on page views, session duration, and traffic sources. We do not combine this data with personal account information.

• Opt out via the Google Analytics Opt-out Browser Add-on.
• Google's data processing terms: policies.google.com/privacy.

No Other Advertising Networks

We do not use any other advertising networks, retargeting services, or data brokers beyond those listed above.

Information Sharing

We do not sell, rent, or trade your personal data. We share data only in these limited circumstances:

• Public leaderboards: Your username and score may be publicly visible. You can opt out in your account settings.
• Service providers: Hosting, security, and infrastructure providers who process data on our behalf under confidentiality agreements.
• Third-party vendors: Google Analytics and Google AdSense as described above.
• Legal compliance: When required by a valid court order, subpoena, or applicable law.
• Business transfer: In the event of a merger or acquisition, users will be notified before any transfer of personal data.

Data Security

We use HTTPS for all data in transit, bcrypt hashing for passwords, and access controls to limit who can reach your data internally. No internet-based system is 100% secure. We cannot guarantee absolute security, but we take reasonable precautions consistent with industry standards.

Your Rights and Choices

All Users

• Access: Request a copy of the personal data we hold about you
• Correction: Update your username, email, or password at any time in account settings
• Deletion: Request deletion of your account and data by emailing [email protected]
• Guest play: Use the site without an account — only technical data and cookies apply
• Cookie control: Manage or disable cookies through your browser settings
• Ad personalisation: Opt out via Google's Ad Settings or the NAI opt-out tool

EU / EEA Users — GDPR

If you are in the European Union or EEA, you have additional rights under the General Data Protection Regulation (GDPR): the right to access, rectify, erase, restrict, or object to processing of your data, and the right to data portability. You may also lodge a complaint with your local data protection authority.

Our legal basis for processing: contract (to provide the game service), legitimate interest (analytics and security), and consent (advertising cookies, which you can withdraw at any time).

California Residents — CCPA

If you are a California resident, the California Consumer Privacy Act (CCPA) gives you the following rights:

• Right to Know: Request disclosure of the categories and specific pieces of personal information we have collected about you, the sources, the business purpose, and the third parties we share it with.
• Right to Delete: Request deletion of personal information we have collected, subject to certain legal exceptions.
• Right to Opt Out of Sale: We do not sell personal information. No action required.
• Right to Non-Discrimination: We will not discriminate against you for exercising any CCPA rights.

To exercise your CCPA rights, email [email protected]. We will respond within 45 days as required by law.

Children's Privacy

This site is not directed at children under 13. We do not knowingly collect personal information from children under 13. If we become aware that we have done so, we will delete it promptly. Parents or guardians should contact [email protected] immediately if they believe their child has submitted personal information.

International Users

Boggle Online is accessible globally. Our servers may process your data in various jurisdictions. By using the site, you acknowledge that your data may be processed outside your country of residence. We apply the same data protection standards regardless of where processing occurs, consistent with applicable law including GDPR for EU users.

Data Retention

• Active accounts: Retained while your account is active
• Inactive accounts: Accounts inactive for more than 2 years may be deleted with prior notice
• Game data: Retained indefinitely unless you request deletion
• Technical logs: Deleted automatically after 12 months
• Support emails: Retained for 3 years

Changes to This Policy

We may update this policy to reflect changes in our practices or applicable law. We will update the "Last Updated" date at the top of this page. For significant changes, we will post a notice on the site. Continued use after changes are posted constitutes acceptance of the updated policy.