Privacy Policy

1. Introduction

Rabbid Studio ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you use our mobile applications and visit our website, in compliance with the General Data Protection Regulation (GDPR) and other applicable European Union data protection laws.

The data controller responsible for your personal data is Rabbid Studio. You can contact us at hi@rabbid.co.

2. Personal Data We Collect

We may collect the following categories of personal data:

• Account information: Name, email address, and other details you provide when creating an account or contacting us.
• Device information: Device type, operating system version, unique device identifiers (where permitted by platform policies), and app version.
• Usage data: Information about how you interact with our apps, including features used and crash reports.
• Contact form data: When you use our contact form, we collect your name, email address, and message content.

We do not collect more data than is necessary for the purposes described in this policy. We minimise data collection and implement privacy by design principles.

3. Legal Basis and Purposes of Processing

Under GDPR, we process your personal data on the following legal bases:

• Contract performance: To provide our apps and services, respond to your requests, and fulfil our contractual obligations.
• Consent: Where you have given explicit consent for specific processing activities (e.g., marketing communications, optional analytics). You may withdraw consent at any time.
• Legitimate interests: For essential app functionality, security, fraud prevention, and improving our services, where our interests do not override your rights.
• Legal obligation: Where we are required to retain or disclose data to comply with applicable laws.

4. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements. Contact form submissions are typically retained for up to 24 months. Usage and analytics data may be retained in anonymised form. You may request erasure of your data at any time (see Section 8).

5. Data Sharing and Third Parties

We may share your personal data with:

• Service providers: Third parties that assist us in operating our apps and website (e.g., email delivery, hosting, analytics). We ensure such processors provide adequate guarantees and are bound by data processing agreements.
• Legal authorities: Where required by law or to protect our rights, safety, or property.

We do not sell your personal data to third parties. We do not use your data for advertising purposes without your explicit consent.

6. International Transfers

If we transfer your personal data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission, or transfers to countries recognised as providing adequate protection. You may request details of these safeguards by contacting us.

7. Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These include encryption, access controls, and regular security assessments. However, no method of transmission over the internet is completely secure.

8. Your Rights Under GDPR

If you are in the European Economic Area, you have the following rights:

• Right of access: Request a copy of the personal data we hold about you.
• Right to rectification: Request correction of inaccurate or incomplete data.
• Right to erasure: Request deletion of your personal data in certain circumstances.
• Right to restrict processing: Request that we limit how we use your data.
• Right to data portability: Receive your data in a structured, commonly used format.
• Right to object: Object to processing based on legitimate interests or for direct marketing.
• Right to withdraw consent: Withdraw consent at any time where processing is based on consent.
• Right to lodge a complaint: Lodge a complaint with your local data protection supervisory authority.

To exercise any of these rights, please contact us at hi@rabbid.co. We will respond within one month. You have the right to lodge a complaint with the supervisory authority in your country of residence.

9. Children's Privacy

Our apps and services are not directed to children under 16. We do not knowingly collect personal data from children under 16. If you become aware that a child has provided us with personal data, please contact us and we will take steps to delete such information.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the updated policy on this page and updating the "Last updated" date. For significant changes, we may provide additional notice through our apps or by email. We encourage you to review this policy periodically.