ClickAndPlayGames (the “Platform”) is made available through the website at https://clickandplaygames.com (the “Website”). The Website and any related pages, games, features, content and functionalities that link to this Privacy Policy are referred to in this Privacy Policy as the “Services”. The Services are operated by the operator of the Website (the “Operator”, “we”, “us” or “our”).
We are committed to protecting personal information and ensuring that our collection, use, disclosure, retention and safeguarding practices comply with applicable Canadian privacy laws and authoritative guidance, including the Personal Information Protection and Electronic Documents Act (“PIPEDA”) and, where applicable, substantially similar provincial private-sector privacy statutes, including:
- Quebec’s Act respecting the protection of personal information in the private sector (as amended from time to time);
- Alberta’s Personal Information Protection Act; and
- British Columbia’s Personal Information Protection Act.
This Privacy Policy also reflects reasonable industry expectations for transparency and accountability in connection with analytics, security, fraud prevention, measurement and related technologies that may be used on or in connection with the Services.
This Privacy Policy explains how and why we collect, use, disclose and safeguard personal information when you:
- visit the Website or any other website or page we operate that links to this Privacy Policy;
- access and use our free-to-play, browser-based games and related entertainment content; or
- communicate with us in any manner, including enquiries, feedback submissions, complaints, rights requests, or formal legal correspondence.
THE SERVICES ARE PROVIDED FOR ENTERTAINMENT PURPOSES ONLY. NO ACCOUNT REGISTRATION OR LOGIN IS PROVIDED OR REQUIRED. NO PAYMENTS, SUBSCRIPTIONS OR PURCHASES ARE ACCEPTED OR PROCESSED.
We implement reasonable technical, administrative and physical safeguards designed to protect personal information and to ensure that our practices are lawful, appropriate and transparent. We seek to maintain high standards of privacy protection and data minimisation consistent with Canadian regulatory expectations and applicable guidance.
If you wish to contact us in connection with this Privacy Policy or any privacy matter, you must do so using the channels specified in Section 12 (CONTACT DETAILS AND DATA ENQUIRIES).
ADULT-ONLY SERVICES. The Services are intended solely for adult users. You must be at least eighteen (18) years of age to access or use the Services. In provinces or territories where the age of majority is higher, you must meet the applicable higher minimum age, including nineteen (19) years of age where required (including Ontario and any other province or territory with a 19+ age of majority). Persons who do not meet the applicable age-of-majority requirement are not permitted to access or use the Services.
By accessing or using the Services, you acknowledge that you have read and understood this Privacy Policy and our Terms of Service. Where we rely on consent (including for certain cookies and similar technologies), we will seek to obtain that consent through an appropriate notice and choice mechanism. Where we rely on other lawful bases recognised under applicable Canadian privacy laws, we will process personal information as described in this Privacy Policy and in accordance with applicable law.
We collect and process personal information that you provide to us voluntarily and information that is collected automatically when you access or interact with the Services. The categories of personal information we process are limited to what is reasonably necessary for the operation, security, functionality and lawful administration of the Services. We process personal information in a manner intended to be consistent with this Privacy Policy and applicable Canadian privacy laws. You are responsible for ensuring that any personal information you provide is accurate, complete and up to date.
We collect, use and disclose personal information only for specific, identified and appropriate purposes, and only where a lawful basis exists under applicable Canadian privacy laws. The purposes for which we may process personal information include the following:
- To provide and operate the Services:
We may process technical and usage information to deliver the games and entertainment content made available through the Services and to fulfil core operational functions (including delivering pages, serving content, maintaining functionality and ensuring technical compatibility).
- To respond to enquiries and provide support:
We may process personal information contained within enquiries, complaints, feedback, rights requests or other correspondence submitted through our contact channels in order to address your request, answer questions, manage user interactions and provide appropriate support.
- To send administrative communications:
Where reasonably necessary, we may process your personal information to send notices regarding updates to our terms, policies, operational notices, security notifications, compliance information or other service-related communications. If we offer optional communications such as a newsletter in the future, we will send such communications only where we have a lawful basis, including consent where required, and we will provide a straightforward means to opt out.
- To maintain the security and integrity of the Services:
We may process personal information as part of our efforts to safeguard the Services, prevent abuse, detect and mitigate fraud, protect against malicious activity, and maintain the stability and reliability of our systems. This may include the use of security logs, rate limiting, bot detection, and similar measures.
- To operate analytics, performance measurement and service optimisation:
Subject to your choices and any consent requirements that apply, we may process technical and usage data to analyse how the Services are accessed and used, to identify trends, improve user experience, optimise performance, troubleshoot issues and administer internal reporting. This may include the use of cookies and similar technologies described in Section 4.
- To comply with legal and regulatory obligations and to protect legal interests:
We may process personal information to comply with applicable Canadian laws, respond to lawful requests from courts, regulators or enforcement authorities, and to establish, exercise or defend legal rights.
- To manage quality, compliance and enforcement:
We may process personal information where reasonably necessary to review submissions, address reported issues, investigate misuse, enforce our Terms of Service, and maintain appropriate standards for the operation and governance of the Services.
We do not process personal information for user account creation, authentication, purchases, order fulfilment, payment processing or commercial transactions, as no such functions are offered by the Services.
Lawful bases
The lawful basis for our processing depends on the specific context and purpose and may include, as applicable under Canadian privacy laws:
- Consent (express or implied), including where consent is obtained through a notice and choice mechanism for certain cookies and similar technologies, and where you voluntarily provide information to contact us.
- Legitimate business interests or purposes that a reasonable person would consider appropriate in the circumstances (for example, operating, maintaining and improving the Services, ensuring security, preventing abuse and responding to enquiries), subject to applicable legal requirements and any required balancing or reasonableness assessments.
- Compliance with legal obligations and lawful authority, including responding to lawful demands or orders and meeting recordkeeping or reporting requirements.
- Contractual necessity, where applicable, including administering the terms governing use of the Services and responding to requests you make in connection with the Services.
All processing is subject to internal controls designed to support data minimisation, accuracy, storage limitation and purpose limitation. We will not use personal information for a purpose that is materially different from the purposes described in this Privacy Policy without providing additional notice and, where required by law, obtaining additional consent.
We may disclose personal information to third parties only where reasonably necessary for the lawful operation of the Services, compliance with applicable legal obligations, protection of our legitimate interests, or where you have instructed or authorised such disclosure. Personal information is not disclosed for purposes that are incompatible with the purposes for which it was collected.
Disclosure may occur to the following categories of recipients:
(a) Infrastructure, hosting and technical service providers
We may share personal information with service providers that support the operation of the Services, such as hosting providers, content delivery networks, security providers, data storage vendors, and technical contractors engaged to provide reliable and secure support for the Services.
(b) Analytics and measurement providers
Subject to your choices and any applicable consent requirements, we may disclose technical usage information to analytics and measurement providers for the purposes of performance measurement, aggregated analytics, service optimisation and diagnostics. Where reasonably practicable, we seek to use pseudonymised, aggregated or de-identified data for these purposes.
(c) Advertising and attribution partners
If the Services display advertising or use attribution measurement, we may disclose limited technical data for the purposes of measuring performance, aggregated reporting, and non-personalised attribution, subject to your choices and any applicable consent requirements. We do not disclose personal information for behavioural profiling for targeted advertising directed at individuals.
(d) Legal, regulatory and governmental authorities
We may disclose personal information where required or permitted to comply with applicable law, a lawful request, court order, warrant or statutory duty, including disclosures to law enforcement, regulatory bodies and governmental departments.
(e) Professional advisers
We may disclose personal information to professional advisers (including legal, compliance, audit and risk advisers) where reasonably necessary to obtain advice, manage risk, protect our rights, or resolve regulatory, legal or contractual matters.
(f) Business succession and transactions
We may disclose personal information to prospective or actual purchasers, investors, lenders or successors in connection with any proposed or actual merger, acquisition, restructuring, financing or transfer of all or part of the Services, to the extent that such disclosure is reasonably necessary to facilitate due diligence, complete the transaction, or ensure operational continuity. Any such disclosure will be subject to appropriate confidentiality and security measures.
Service provider requirements and controls
Where we disclose personal information to service providers, we take reasonable steps to require that such recipients:
- use personal information only for purposes consistent with the services they provide to us;
- protect personal information with appropriate safeguards; and
- notify us of security incidents as required by applicable contracts or law.
We do not sell personal information and we do not rent or trade personal information to third parties for direct marketing or behavioural targeted advertising.
Cross-border processing and transfers
Our service providers may process personal information outside Canada. Where personal information is processed outside Canada, it may be subject to the laws of the jurisdiction in which it is processed, and may be accessible to law enforcement or national security authorities in that jurisdiction in accordance with applicable laws.
We take reasonable steps to protect personal information processed by service providers outside Canada, including through contractual measures, due diligence, and safeguards appropriate to the sensitivity of the information and the context. Where required by applicable law, we will provide additional disclosures and, where applicable, seek consent in relation to cross-border processing
The Website may use cookies and similar technologies (for example, pixels, tags, local storage and SDKs) to support the operation, security and performance of the Services and, where enabled, to support measurement and analytics.
Cookies are small data files placed on your device that help a website recognise your browser, maintain functionality, store certain preferences and understand how the Website is used. Cookies may be classified, depending on purpose and configuration, as:
- strictly necessary, meaning required for core functionality, security, fraud prevention or delivery of the Services; or
- non-essential, meaning used for measurement, analytics, diagnostics, or optimisation purposes.
We may use:
- session cookies, which are stored temporarily and deleted automatically when your browser is closed; and
- persistent cookies, which remain on your device for a defined period and assist in recognising your browser on repeat visits, including for storing consent or preference settings where implemented.
Consent and choices
Under Canadian privacy laws, consent may be required depending on the nature of the information collected, the purposes of collection, and the reasonable expectations of users. Where we implement non-essential cookies or similar technologies that are not strictly necessary, we will endeavour to provide a notice and choice mechanism that allows you to accept, reject, or manage categories of such technologies, where practicable.
You may manage cookie preferences at any time by:
- using any consent or preference controls made available via the Website (if implemented);
- adjusting your browser settings to block, delete or restrict cookies; and
- using device-level controls where available.
Refusal of non-essential cookies does not restrict access to the Website, although certain analytics or optimisation features may be limited or unavailable.
Third-party technologies
We may permit authorised third-party service providers to use cookies and similar technologies for aggregated analytics, performance diagnostics, service optimisation, security and attribution measurement, subject to your choices and any applicable consent requirements. We do not use cookies or similar technologies to deliver behavioural profiling for targeted advertising directed at individuals.
For transparency, third-party technologies used on the Website may include, depending on configuration from time to time:
- tag management tools used to deploy and manage scripts across the Website;
- analytics tools used to generate aggregated statistics about Website usage and performance;
- session diagnostic tools used to identify interface issues and improve usability on an aggregated basis; and
- anti-abuse tools used to prevent spam, automated submissions and malicious activity.
Third parties may collect technical information (for example, IP address, device information, and interaction signals) through their tools. Your use of the Services and your choices may affect whether certain third-party tools are activated.
Browser impact
Your browser may be configured to refuse all or some cookies or to notify you when a website attempts to place cookies. Disabling cookies may affect certain features or the operation of parts of the Website, particularly where cookies are strictly necessary.
We retain personal information only for as long as is reasonably necessary to fulfil the purposes for which it was collected, or as long as required or permitted to comply with applicable laws, regulatory requirements, or applicable limitation periods. As the Services do not provide user accounts, payment services or transactional features, no retention period is linked to account duration or financial activity.
Retention periods are determined by reference to factors including:
(a) Operational necessity
Retention may be required to manage enquiries, provide responses, maintain accurate records of correspondence, ensure service continuity, resolve disputes, address misuse reports, or verify historical interactions.
(b) Legal and regulatory obligations
Certain information may be retained to comply with statutory duties, including obligations under privacy law, consumer protection requirements, and recordkeeping obligations.
(c) Limitation periods
We may retain personal information where reasonably necessary to establish, exercise or defend legal rights, taking into account applicable limitation periods that may apply to contractual, statutory or civil claims.
(d) Security, abuse prevention and system integrity
We may retain log data or technical security records for a limited period to detect, investigate and mitigate potential security incidents, abuse or unlawful activity.
(e) Consent records and compliance evidence
Where consent is relied upon (including where consent mechanisms are implemented for certain cookies or similar technologies), we may retain records of choices and consent signals to demonstrate compliance with applicable legal obligations and to administer user preferences.
When personal information is no longer required for the purposes for which it was collected, and no further legal obligation requires its retention, we will take reasonable steps to securely delete it, anonymise it, or otherwise render it non-identifying, subject to technical feasibility and applicable law.
Backup files may be retained in encrypted archival environments solely for disaster recovery, continuity and compliance purposes. Access to archived data is restricted and subject to safeguards appropriate to the risks.
We implement and maintain reasonable technical, administrative and physical measures designed to protect the confidentiality, integrity and availability of personal information processed through the Services. These measures are intended to provide a level of security appropriate to the risks associated with the processing.
Our security measures may include, where appropriate:
- encryption of data in transit using TLS;
- secure hosting environments with network controls and hardened configurations;
- access controls designed to limit access to authorised personnel and service providers;
- restricted administrative access based on least privilege principles;
- monitoring for anomalous activity, suspicious behaviour or unauthorised access attempts; and
- incident response procedures and logging designed to preserve system integrity and support investigations.
Although we apply commercially reasonable safeguards, no method of electronic transmission or storage is completely secure. We cannot guarantee absolute security and we do not warrant that unauthorised third parties will be unable to circumvent our safeguards. Transmission of personal information to or from the Services is undertaken at your own risk. You should access the Services only from secure networks and secure devices.
Security incident response
Where required under applicable Canadian privacy laws, we will take reasonable steps to assess, mitigate and respond to security incidents involving personal information and, where legally required, to provide notifications to affected individuals and regulators.
We do not knowingly collect personal information from, or direct the Services to, any individual who does not meet the applicable age-of-majority requirement described in this Privacy Policy and our Terms of Service.
The Services do not offer account registration, user profiles, messaging services or transactional features. We do not conduct age or identity verification checks as a standard feature of the Services. However, we treat any credible indication that a user may be under the applicable age of majority as a matter of concern and may apply appropriate remedial measures.
If we become aware that personal information has been provided to us by or in respect of an individual who does not meet the applicable age-of-majority requirement, we will take reasonable steps to:
(a) cease further processing of that personal information, except to the extent required to comply with legal obligations or to ensure the security and integrity of our systems;
(b) delete, anonymise, or de-identify such personal information without undue delay, insofar as technically feasible and consistent with applicable law; and
(c) consider whether notification to an appropriate privacy regulator is required under applicable law.
If you believe that an underage individual has accessed the Services in breach of our age restriction, or has provided personal information to us through any channel, you should notify us immediately at support@clickandplaygames.com so that we can investigate and take appropriate action.
Individuals whose personal information is processed by us may have rights and choices under applicable Canadian privacy laws. The availability and scope of rights may vary depending on the province or territory and the nature of the information and processing. We will respond to requests in accordance with applicable law, subject to verification of identity and applicable legal limitations and exemptions.
Certain web browsers and mobile applications allow users to send a “Do Not Track” (“DNT”) signal indicating a preference not to be tracked across websites.
At present, there is no universally adopted or legally mandated mechanism that requires online services to recognise or respond to DNT signals. As a result, the Website does not currently respond to DNT signals. Should a recognised technical standard or regulatory requirement emerge in the future, we will revise this Privacy Policy accordingly.
You may control certain tracking technologies through:
- any consent or preference controls made available on the Website (if implemented);
- modifying your browser settings to block, restrict or delete cookies and similar technologies; and
- using opt-out mechanisms offered by relevant technology providers, where available.
Refusing non-essential cookies will not prevent you from accessing the Website, although certain analytics or optimisation features may be unavailable or operate with reduced functionality.
We may amend or update this Privacy Policy from time to time to reflect changes in our practices, legal obligations, regulatory guidance or operational requirements. The most recent version of this Privacy Policy will be identified by the “Last updated” displayed at the beginning of the document.
Where a change materially affects the manner in which we process personal information, we may take reasonable steps to bring such changes to your attention, which may include posting a notice on the Website. Continued access to or use of the Services following the publication of an updated Privacy Policy constitutes your acknowledgement of the revised policy.
You are encouraged to review this Privacy Policy periodically to remain informed about how we collect, use and protect personal information.
You may request access to, correction of, or deletion or de-identification of personal information we hold about you, subject to applicable law. These rights are not absolute and may be subject to legal and operational limitations. We may, for example, be required or permitted to retain certain information to comply with legal obligations, to establish, exercise or defend legal claims, to demonstrate compliance with regulatory requirements, to protect our legitimate interests, or to ensure the security and integrity of the Services.
To submit a request to access, update, correct or delete personal information, or to exercise any other privacy right, you must contact us using the channels specified in Section 12 (CONTACT DETAILS AND DATA ENQUIRIES). We may require you to provide sufficient information to verify your identity before processing your request, in order to safeguard the security and integrity of personal information.
We will respond to valid requests within the timeframes required by applicable law, or within a reasonable time where no specific timeframe applies. If we are unable to comply with your request, we will explain, to the extent permitted by law, the reasons for our decision and describe any complaint mechanism available to you.
All enquiries, requests, complaints or correspondence relating to this Privacy Policy or any privacy matter must be submitted in writing using the contact details set out below.
Email Address: support@clickandplaygames.com
All written communications submitted under this Section must include:
- your full legal name and valid contact details;
- a clear and precise statement identifying the subject matter and purpose of the correspondence;
- a detailed description of the issue, request, complaint or matter raised; and
- any relevant supporting documentation or information reasonably required to assess and process the submission.
Where necessary, we reserve the right to request verification of identity or additional information in order to ensure that personal information and legally sensitive material are disclosed only to the correct individual and that the correspondence is handled securely and accurately.
Responses will be provided within the timeframes required by applicable law. Where no specific statutory timeframe applies, responses will be issued within a reasonable period, taking into account the nature, complexity and volume of the correspondence received.
This contact channel is reserved for privacy-related and formal correspondence. General enquiries, technical issues, gameplay questions or routine communications should be submitted through any standard support or contact mechanisms made available on the Website and are not treated as formal correspondence for the purposes of this Privacy Policy.
Play Responsibly
Enjoy the games, take breaks when needed, and keep things balanced for your wellbeing.
