Last updated: 15.12.2025

1. Controller (Data Controller)
Glaucus Games GmbH
Hardter Str. 27a
67700 Niederkirchen
Germany
Email: hi@glaucus.games
 

2. Privacy contact / Data Protection Officer
We have not appointed a Data Protection Officer (DPO). If you have any questions about data protection, please contact us at hi@glaucus.games.
 

3. Scope
This Privacy Policy explains how we process personal data when you visit our website, contact us via the contact form, or view embedded third-party content (e.g., YouTube videos).

“Personal data” means any information relating to an identified or identifiable natural person.
 

4. Legal bases (GDPR)
We process personal data on one or more of the following legal bases:
- Art. 6(1)(b) GDPR (performance of a contract / pre-contractual steps), e.g., when you request our services
- Art. 6(1)(f) GDPR (legitimate interests), e.g., website security and reliable website operation
- Art. 6(1)(a) GDPR (consent), where we ask for your consent (e.g., for non-essential cookies, certain third-party embeds)

Where consent is required for storing/accessing information on your device (cookies and similar technologies), we obtain consent in accordance with the applicable rules (in particular Sec. 25(1) TDDDG).
 

5. Website platform / hosting (Wix)
Our website is built and provided using services by Wix.com Ltd. (Wix). When you visit our website, Wix (as our processor) may process technical connection data (e.g., IP address, device and browser information, timestamps, requested pages) to deliver the website and ensure security and stability.

We have concluded a data processing agreement with Wix (Art. 28 GDPR).
 

6. Access data / server logs
When you access our website, technical data is processed to enable the connection and to ensure the security and stability of the website. This may include:
- IP address
- date and time of access
- requested URL / page
- referrer URL
- browser type/version, operating system
- transferred data volume / status codes

Purpose: operation of the website, security, abuse prevention, troubleshooting.
Legal basis: Art. 6(1)(f) GDPR (legitimate interests).

Log data is stored for a limited period and deleted or anonymized thereafter, unless longer retention is required to investigate security incidents.

7. Contact form
If you contact us via the contact form, we process the data you provide in the form (e.g., name, company, email address, message content, and any other information you submit) to respond to your inquiry.

Purposes:
- communication and handling your inquiry
- initiating and/or performing business relationships

Legal basis:
- Art. 6(1)(b) GDPR if your inquiry relates to (pre-)contractual steps
- otherwise Art. 6(1)(f) GDPR (legitimate interest in efficient communication)

Retention:
We store contact requests as long as necessary to process the inquiry. If the inquiry results in a business relationship, we may retain communication records in accordance with statutory retention obligations.
 

8. Spam protection / CAPTCHA (Wix Forms)
To protect our contact form from spam and misuse, Wix Forms may apply automated spam prevention mechanisms which can include Google reCAPTCHA (invisible reCAPTCHA) or comparable technologies.

Depending on your device and settings, this may involve transmitting technical data (including your IP address and device/browser data) to Google and may involve cookies or similar technologies.

Legal basis:
- Art. 6(1)(f) GDPR (legitimate interest in protecting the website and preventing spam)
- if consent is required for the use of cookies/similar technologies, we rely on Art. 6(1)(a) GDPR and Sec. 25(1) TDDDG.
 

9. Embedded YouTube videos
We embed videos from YouTube (Google). When you load a page with an embedded YouTube video, your browser may connect to YouTube’s servers. In that process, personal data (e.g., IP address, device information) may be transmitted to YouTube/Google. YouTube may also use cookies or similar technologies.

Where available, we aim to use YouTube’s “privacy-enhanced mode” (youtube-nocookie.com). Please note that even in privacy-enhanced mode, data may be processed when you interact with the video player and/or when the video is played.

Legal basis:
- If consent is required (e.g., for cookies/similar technologies), we rely on your consent (Art. 6(1)(a) GDPR; Sec. 25(1) TDDDG).
- Otherwise, our legitimate interest in presenting our portfolio and work samples (Art. 6(1)(f) GDPR).
 

10. Cookies and consent management
Our website may use cookies and similar technologies. Some are technically necessary (essential) to operate the site securely and reliably. Others (e.g., analytics or marketing cookies) are used only if you consent.

You can manage your preferences at any time via the cookie settings on our website (if available) and/or through your browser settings. You may also delete stored cookies in your browser.
 

11. Recipients / processors
Depending on the function used, your personal data may be processed by:
- Wix (website platform/hosting and form processing as a processor)
- Email/IT service providers that deliver our communications (as applicable)
- YouTube/Google when you view embedded videos (independent controller)
 

12. International data transfers
Some of the above providers may process data outside the EU/EEA. Where required, we implement appropriate safeguards (e.g., EU Standard Contractual Clauses) and assess the level of protection.
 

13. Security
We use HTTPS/TLS encryption (where supported by your browser) to protect data transmitted to and from our website.
 

14. Your rights
You have the following rights under the GDPR, subject to legal requirements:
- Right of access (Art. 15 GDPR)
- Right to rectification (Art. 16 GDPR)
- Right to erasure (Art. 17 GDPR)
- Right to restriction of processing (Art. 18 GDPR)
- Right to data portability (Art. 20 GDPR)
- Right to object (Art. 21 GDPR), especially where processing is based on Art. 6(1)(f) GDPR
- Right to withdraw consent at any time (Art. 7(3) GDPR), without affecting the lawfulness of processing before withdrawal
 

15. Right to lodge a complaint with a supervisory authority
You have the right to lodge a complaint with a data protection supervisory authority. For Rhineland-Palatinate (Germany), the competent authority is:
Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit Rheinland-Pfalz
Postfach 30 40, 55020 Mainz, Germany
(Visitor address: Hintere Bleiche 34, 55116 Mainz, Germany)
 

16. Changes to this Privacy Policy
We may update this Privacy Policy from time to time. The current version is published on this page.