Privacy Policy

This page explains how Candyland Copenhagen processes personal data when you use the website and click Begin Journey. By using this website, you can review this policy before taking action.

1. Controller

Controller: Candyland Copenhagen (website: candylandcph.com). Replace with full legal entity name, address, and contact email before public legal sign-off.

2. Data We Process

• Telemetry events (button interactions, theme changes, audio interactions).
• Journey acknowledgement records when users click Begin Journey.
• Authentication data if users sign in with Google (Firebase Auth user ID and profile fields made available by Google).

3. Purposes and Legal Bases

• Operate and secure the service.
• Measure engagement and improve user experience.
• Record legal notice acknowledgement for Begin Journey flow.

Legal bases should be mapped and finalized by legal counsel for your jurisdiction (for example, contract, legitimate interests, or consent where required).

4. Retention

Data is retained only as long as needed for the purposes listed above and for legal/operational obligations. Define exact retention windows before launch.

5. Data Subject Rights

Depending on your location, you may have rights to access, correction, deletion, restriction, objection, and data portability. Contact the controller at the legal contact address once published.

6. Contact

Replace with official privacy contact details and DPO details (if applicable) before final production rollout.