0 FS

Privacy Policy

Last Updated: November 2025

Effective Date: November 2025

FishMaster ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website. Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the site.

Data Controller: FishMaster, 32 Waterfront Avenue, London, SE16 7RD, United Kingdom

Email: [email protected]

Phone: +44 (0) 20 7735 8364

1. Information We Collect

1.1 Personal Information

We may collect personal information that you voluntarily provide to us when you:

  • Register for an account on our platform
  • Contact us via email or contact form
  • Participate in surveys or feedback
  • Interact with our website features

This information may include:

  • Username and email address
  • Name and contact details (if provided)
  • FS points scores and achievements
  • Game progress and preferences
  • Any other information you choose to provide

1.2 Automatically Collected Information

When you visit our website, we automatically collect certain information about your device and browsing patterns, including:

  • IP Address: Your Internet Protocol address, which may be used to determine your approximate location
  • Browser Information: Type, version, language settings
  • Operating System: Type and version of your operating system
  • Device Information: Device type (mobile, tablet, desktop), screen resolution
  • Browsing Data: Pages visited, time spent on pages, click patterns, navigation paths
  • Referrer Information: The website that referred you to our site (if applicable)
  • Session Data: Session identifiers and timestamps

1.3 Game and Interactive Features Data

When you use our games or interactive features, we may collect:

  • Game session data and progress
  • FS Points scores and achievements
  • Game preferences and settings
  • Time spent playing games
  • Interaction data with game elements

This data is primarily stored locally in your browser using LocalStorage technology.

1.4 Cookies and Tracking Technologies

We use cookies and similar tracking technologies to track activity on our website and store certain information. For more detailed information about our use of cookies, please refer to our Cookie Policy.

2. How We Use Your Information

We use the information we collect for the following purposes:

2.1 Service Provision

  • To provide, maintain, and improve our website and services
  • To respond to your inquiries and provide customer support
  • To personalize your experience on our website
  • To track and manage your FS points and game progress

2.2 Communication

  • To send you administrative information and updates
  • To respond to your comments, questions, and requests
  • To send you important notifications about our platform

2.3 Analytics and Improvement

  • To analyze usage patterns and trends
  • To monitor and analyze the effectiveness of our website
  • To conduct research and development
  • To improve user experience and website functionality

2.4 Legal Compliance

  • To comply with legal obligations under UK law
  • To protect our rights and interests
  • To prevent fraud and abuse
  • To enforce our Terms of Service

3. Legal Basis for Processing (UK GDPR)

Under UK GDPR, we process your personal data based on the following legal grounds:

  • Consent: Where you have given clear consent for us to process your personal data for specific purposes
  • Legitimate Interests: Where processing is necessary for our legitimate interests (e.g., website analytics, improving our services, security)
  • Legal Obligation: Where processing is necessary for compliance with a legal obligation under UK law
  • Contract Performance: Where processing is necessary to perform a contract with you (e.g., providing requested services)

4. Data Sharing and Disclosure

We may share your information in the following circumstances:

4.1 Service Providers

We may share your information with third-party service providers who perform services on our behalf, such as:

  • Website Hosting: Cloud hosting providers for website infrastructure
  • Analytics Services: Google Analytics for website usage analysis (see section 4.2)
  • Email Service Providers: For sending transactional emails
  • Content Delivery Networks (CDN): For fast content delivery worldwide

All service providers are contractually obligated to protect your data and use it only for the purposes specified in our agreements. They are not permitted to sell or use your data for their own marketing purposes.

4.2 Google Services

We use the following Google services, which may process your data:

  • Google Analytics: Tracks website usage and user behavior. Data is processed in accordance with Google's Privacy Policy. You can opt-out using Google Analytics Opt-out Browser Add-on.
  • Google Maps: Displays interactive maps on our contact page. May collect location and usage data as per Google's Privacy Policy.

For more information about how Google uses your data, see Google's Privacy Policy: https://policies.google.com/privacy

Google Analytics data retention: We use Google Analytics with data retention set to 26 months. You can learn more about Google Analytics data practices at: Google Analytics Data Practices

4.3 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities, including:

  • Court orders, subpoenas, or legal process
  • Government agencies and regulatory bodies in the UK
  • Law enforcement agencies in connection with investigations
  • To protect our rights, property, or safety, or that of our users

4.4 Business Transfers

If we are involved in a merger, acquisition, or asset sale, your information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our website of any change in ownership or use of your personal information.

4.5 Aggregated or Anonymized Data

We may share aggregated or anonymized data that does not identify you individually. This may include statistical information about website usage, demographics, or trends.

5. Data Retention

We will retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. When we no longer need your information, we will securely delete or anonymize it.

5.1 Specific Retention Periods

We retain different types of data for different periods:

  • Account Information: Retained for 3 years after your last interaction with us, or until you request deletion
  • Email Communications: Retained for 2 years from the date of communication
  • Website Analytics Data: Retained for 26 months in accordance with Google Analytics retention policies
  • Game Session Data (FS Points): Stored locally in your browser; retained until you clear browser data or request deletion
  • Legal Records: Retained for 7 years as required by UK law for business records
  • Marketing Preferences: Retained until you opt-out or withdraw consent

5.2 Deletion Process

When data is deleted, we use secure deletion methods that permanently remove data from our systems. For requests under the right to erasure, we will delete your data within 30 days of receiving your verified request.

6. Your Rights Under UK GDPR

As a data subject, you have the following rights regarding your personal data:

6.1 Right of Access (Article 15)

You have the right to obtain confirmation as to whether we process your personal data, and to receive a copy of your personal data. We will provide this information free of charge within one month (extendable by two months for complex requests).

6.2 Right to Rectification (Article 16)

You can request correction of inaccurate or incomplete personal data. This includes updating your email address, username, or any other information we hold about you.

6.3 Right to Erasure / "Right to be Forgotten" (Article 17)

You can request deletion of your personal data when:

  • The data is no longer necessary for the original purpose
  • You withdraw consent and there's no other legal basis for processing
  • You object to processing and there are no overriding legitimate interests
  • The data has been unlawfully processed
  • Deletion is required to comply with a legal obligation

6.4 Right to Restrict Processing (Article 18)

You can request that we limit how we use your data when you contest its accuracy, object to processing, or if processing is unlawful but you prefer restriction over deletion.

6.5 Right to Data Portability (Article 20)

You can request your data in a structured, machine-readable format (e.g., JSON or CSV) when processing is based on consent or contract, and carried out by automated means.

6.6 Right to Object (Article 21)

You can object to processing based on legitimate interests or for direct marketing purposes. We will stop processing unless we can demonstrate compelling legitimate grounds.

6.7 Right to Withdraw Consent

Where processing is based on consent, you can withdraw it at any time without affecting the lawfulness of processing before withdrawal.

6.8 Right to Lodge a Complaint

You have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you believe your data protection rights have been violated. Contact details: https://ico.org.uk

6.9 How to Exercise Your Rights

To exercise any of these rights, please contact us at [email protected] with:

  • Your full name and contact details
  • Clear description of the right you wish to exercise
  • Details of the personal data concerned
  • Proof of identity (to ensure we only release data to you)

We will respond within one month (this may be extended by two months for complex requests). If we cannot fulfill your request, we will explain why.

7. Data Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. However, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

7.1 Technical Security Measures

We employ the following security measures:

  • Encryption: All data transmitted between your browser and our servers is encrypted using TLS/SSL protocols
  • Secure Storage: Personal data is stored securely with restricted access
  • Access Controls: Only authorized personnel can access personal data
  • Regular Security Audits: We conduct regular security assessments

7.2 Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will:

  • Notify the ICO within 72 hours of becoming aware of the breach
  • Notify affected individuals without undue delay if the breach is likely to result in a high risk
  • Provide clear information about the nature of the breach and steps we are taking

8. International Data Transfers

Your information may be transferred to and processed in countries outside the United Kingdom. When we transfer personal data outside the UK, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or adequacy decisions, in accordance with UK GDPR requirements.

9. Children's Privacy

Our website is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately, and we will take steps to delete such information.

10. Third-Party Links

Our website may contain links to third-party websites, including Google Maps. We are not responsible for the privacy practices or content of these external sites. We encourage you to read the privacy policies of any third-party sites you visit.

11. LocalStorage and Browser Storage

We use LocalStorage technology to store your game progress and FS points locally in your browser. This data is stored on your device and is not transmitted to our servers unless you register an account. You can clear this data at any time through your browser settings.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. You are advised to review this Privacy Policy periodically for any changes.

13. Data Processing Purposes - Detailed Breakdown

13.1 Account Management

We process your account information to:

  • Create and manage your user account
  • Authenticate your identity when you log in
  • Maintain your account settings and preferences
  • Track your FS points balance and achievements
  • Provide personalized content recommendations
  • Send account-related notifications (password resets, security alerts)

13.2 Content Personalization

To enhance your experience, we analyze your usage patterns to:

  • Recommend articles and content based on your interests
  • Customize the website interface based on your preferences
  • Remember your reading progress and bookmarked content
  • Show relevant game challenges and achievements
  • Adapt content difficulty based on your skill level

13.3 Service Improvement

We analyze aggregated data to:

  • Identify popular content and features
  • Detect and fix technical issues
  • Optimize website performance and loading times
  • Plan new features and content
  • Understand user behavior patterns

14. Special Categories of Personal Data

We do not intentionally collect or process special categories of personal data (also known as "sensitive personal data") as defined under UK GDPR, such as:

  • Racial or ethnic origin
  • Political opinions
  • Religious or philosophical beliefs
  • Trade union membership
  • Genetic data
  • Biometric data
  • Health data
  • Sexual orientation

If we ever need to process such data, we will obtain your explicit consent and comply with all applicable legal requirements.

15. Automated Decision-Making and Profiling

We do not use automated decision-making or profiling that produces legal effects or similarly significantly affects you. However, we may use automated processing for:

  • Personalizing content recommendations (with your consent)
  • Calculating FS points scores
  • Detecting fraudulent activity or security threats

You have the right not to be subject to automated decision-making, including profiling. If you have concerns, please contact us.

16. Data Subject Access Requests (SAR)

Under UK GDPR, you have the right to request a copy of all personal data we hold about you. This is called a Data Subject Access Request (SAR).

16.1 How to Make a SAR

To make a SAR, please:

  • Email us at [email protected] with "Subject Access Request" in the subject line
  • Include your full name and email address associated with your account
  • Provide proof of identity (such as a copy of your ID or passport)
  • Specify what information you would like to access

16.2 Response Time

We will respond to your SAR within one month (30 calendar days) of receiving your request. In complex cases, we may extend this by up to two additional months, and we will notify you of the extension and the reasons for it.

16.3 Format of Response

We will provide your data in a commonly used, machine-readable format (such as JSON or CSV), unless you request a different format.

17. Data Breach Procedures

In the unlikely event of a data breach that may affect your personal information, we have established procedures to:

  • Contain: Immediately contain the breach to prevent further unauthorized access
  • Assess: Evaluate the severity and scope of the breach
  • Notify ICO: Report to the Information Commissioner's Office within 72 hours
  • Notify Users: Inform affected users without undue delay if the breach poses a high risk
  • Remediate: Take steps to prevent similar breaches in the future

If you receive a data breach notification from us, please follow the instructions provided to protect your information.

18. Processing Activities Record

As required by UK GDPR Article 30, we maintain records of our processing activities, including:

  • Purposes of processing
  • Categories of data subjects and personal data
  • Categories of recipients
  • Retention periods
  • Security measures in place

These records are available for inspection by the ICO upon request. We review and update these records regularly to ensure accuracy.

19. Data Protection Impact Assessments (DPIA)

Before implementing new processing activities that may pose a high risk to individuals' rights and freedoms, we conduct Data Protection Impact Assessments (DPIAs) in accordance with UK GDPR Article 35. This helps us identify and mitigate privacy risks before they occur.

20. Third-Party Data Sharing - Detailed Information

20.1 Service Provider Agreements

All third-party service providers with whom we share data are contractually obligated to:

  • Process data only for specified purposes
  • Implement appropriate security measures
  • Not use data for their own purposes
  • Notify us of any data breaches
  • Delete or return data upon termination of services
  • Comply with UK GDPR requirements

20.2 Sub-Processors

Some of our service providers may use sub-processors to provide services. We ensure that sub-processors are also bound by appropriate data protection obligations. A list of current sub-processors is available upon request.

20.3 Data Processing Agreements (DPA)

We have Data Processing Agreements in place with all third-party processors, as required by UK GDPR Article 28. These agreements specify the subject matter, duration, nature, and purpose of processing, as well as security measures and data subject rights.

21. User Controls and Preferences

You have control over your data through the following options:

21.1 Account Settings

  • Update your profile information
  • Change your email address
  • Modify notification preferences
  • Adjust privacy settings
  • Manage cookie preferences

21.2 Browser Controls

  • Clear LocalStorage data through browser settings
  • Manage cookie settings
  • Use private/incognito browsing mode
  • Install browser extensions to block tracking

21.3 Direct Communication

You can contact us at any time to request changes to your data, withdraw consent, or exercise any of your data protection rights.

22. Compliance and Audits

We regularly review our data protection practices to ensure compliance with UK GDPR and other applicable laws. This includes:

  • Internal audits of data processing activities
  • Security assessments and penetration testing
  • Staff training on data protection
  • Regular updates to policies and procedures
  • Compliance monitoring and reporting

23. Contact Information and Data Protection Officer

If you have questions about this Privacy Policy or our data practices, please contact us:

FishMaster

Data Controller: FishMaster

32 Waterfront Avenue
London, SE16 7RD
United Kingdom

Email: [email protected]

Phone: +44 (0) 20 7735 8364

Business Hours: Monday to Friday, 9:00 AM - 6:00 PM GMT

Data Protection Inquiries: [email protected]

23.1 Information Commissioner's Office (ICO)

If you are not satisfied with our response to your data protection concerns, you have the right to lodge a complaint with the UK's supervisory authority:

Information Commissioner's Office

Wycliffe House, Water Lane
Wilmslow, Cheshire SK9 5AF
United Kingdom

Website: https://ico.org.uk

Helpline: 0303 123 1113

This Privacy Policy complies with UK GDPR, the Data Protection Act 2018, and applicable UK data protection legislation. For more information about your data protection rights, visit the ICO website.

Document Version: 2.0
Last Reviewed: November 2025
Next Review Date: November 2026