Privacy page: Laws, Rules, cookies, and everything that you need to know about our privacy.

Pink Bunnies

Pink Bunnies

Pink Bunnies: Privacy & Data management

Information of general interest

This document has been designed for low-risk personal data processing from which it follows that it may not be used for personal data processing that includes personal data related to ethnic or racial origin, religious or philosophical political ideology, affiliation union, genetic and biometric data, health data, and sexual orientation data of people as well as any other data processing that involves high risk for the rights and freedoms of people.

Article 5.1.f of the General Data Protection Regulation (hereinafter, RGPD) determines the need to establish adequate security guarantees against unauthorized or illicit treatment, against the loss of personal data, destruction or accidental damage. This implies the establishment of technical and organizational measures aimed at ensuring the integrity and confidentiality of personal data and the possibility of demonstrating, as established in article 5.2, that these measures have been put into practice (proactive responsibility).

In addition, it must establish visible, accessible and simple mechanisms for the exercise of rights and have defined internal procedures to guarantee effective attention to the requests received.

To guarantee the data of our users we have contracted Intruder to verify that our systems, software, and code has no security breachs, you can download the report.

Contact and responsible for the file

Website: https://bunnies.pink - Pink Bunnies

Responsible for the file: Esteban M. Cruz Seoane.

C\ Concejal Castillo N9, 02004 Albacete, Albacete, Spain

Email: info.bunnies.pink@gmail.com

Phone: 671565627(Spain)


Purpose of the treatment: Safety of people, goods and facilities.

Interested: People who access or try to access the website.

Recipients: Bodies and Forces of Security (Spanish crime investigators, police).

Conservation period: until withdrawal by the user or cessation of activity of the company.

Attention to the exercise of rights

The person responsible for the treatment will inform all workers about the procedure to address the rights of the interested parties, clearly defining the mechanisms by which the rights can be exercised (electronic means, reference to the Data Protection Delegate, if any) , postal address, etc.) and taking into account the following:

Upon presentation of their national identity document or passport, the owners of the personal data (interested parties) may exercise their rights of access, rectification, deletion, opposition, portability and limitation of treatment. The exercise of rights is free.

The person responsible for the treatment must respond to the interested parties without undue delay and in a concise, transparent, intelligible manner, with clear and simple language and keep proof of compliance with the duty to respond to the requests for the exercise of rights made.

If the request is submitted by electronic means, the information will be provided by these means whenever possible, unless the interested party requests otherwise.

Requests must be answered within 1 month from their receipt, and may be extended for another two months taking into account the complexity or number of requests, but in this case the interested party must be informed of the extension within a month from receipt of the request, indicating the reasons for the delay.

RIGHT OF ACCESS: In the right of access, the interested parties will be provided with a copy of the personal data available along with the purpose for which they have been collected, the identity of the recipients of the data, the planned retention periods or the criteria used to determine it, the existence of the right to request the rectification or deletion of personal data as well as the limitation or opposition to its treatment, the right to file a claim with the Spanish Agency of Data Protection and if the data has not been obtained from the interested party, any available information about its origin. The right to obtain a copy of the data cannot negatively affect the rights and freedoms of other interested parties.

Form for exercising the right of access.

RIGHT OF RECTIFICATION: In the right of rectification, the data of the interested parties that were inaccurate or incomplete will be modified according to the purposes of the treatment. The interested party must indicate in the request to which data it refers and the correction that must be made, providing, when necessary, the supporting documentation of the inaccuracy or incompleteness of the data subject to treatment. If the data has been communicated by the person in charge to other managers, he must notify them of the rectification of these unless it is impossible or requires a disproportionate effort, providing the interested party with information about said recipients, if requested.

Form for the exercise of the right of rectification

RIGHT OF DELETION: In the right of deletion, the data of the interested parties will be deleted when they express their refusal to the treatment and there is no legal basis that prevents it, they are not necessary in relation to the purposes for which they were collected, withdraw the consent given and there is no other legal basis that legitimizes the treatment or it is illegal. If the suppression derives from the exercise of the right of opposition of the interested party to the processing of their data for marketing purposes, the identification data of the interested party may be kept in order to prevent future processing. If the data has been communicated by the controller to other controllers, you must notify them of the deletion of these unless it is impossible or requires a disproportionate effort, providing the interested party with information about said recipients, if requested.

Form for the exercise of the right of suppression.

RIGHT OF OPPOSITION: In the right of opposition, when the interested parties express their refusal to process their personal data before the person in charge, the person in charge will stop processing them as long as there is no legal obligation that prevents it. . When the treatment is based on a mission of public interest or on the legitimate interest of the person in charge, before a request to exercise the right of opposition, the person in charge will stop processing the data unless compelling reasons are proven that prevail over the interests, rights and freedoms of the interested party or are necessary for the formulation, exercise or defense of claims. If the interested party opposes the processing for direct marketing purposes, the personal data will no longer be processed for these purposes.

Form for the exercise of the right of opposition.

RIGHT OF PORTABILITY: In the right of portability, if the treatment is carried out by automated means and is based on consent or is carried out within the framework of a contract, the interested parties may request to receive a copy of your personal data in a structured, commonly used and machine-readable format. Likewise, they have the right to request that they be transmitted directly to a new person in charge, whose identity must be communicated, when technically possible.

Form for exercising data portability.

RIGHT OF LIMITATION TO TREATMENT: In the right of limitation of treatment, the interested parties may request the suspension of the processing of their data to challenge its accuracy while the person in charge carries out the necessary verifications or in the case that the treatment is carried out based on the legitimate interest of the person in charge or in compliance with a mission of public interest, while verifying whether these reasons prevail over the interests, rights and freedoms of the interested party. The interested party can also request the conservation of the data if he considers that the treatment is illegal and, instead of deleting it, requests the limitation of the treatment, or if the person in charge does not need them anymore for the purposes for which they were collected, the interested party you need them for the formulation, exercise or defense of claims. The circumstance that the processing of the interested party's data is limited must be clearly stated in the controller's systems. If the data has been communicated by the controller to other controllers, he must notify them of the limitation of their treatment unless it is impossible or requires a disproportionate effort, providing the interested party with information about said recipients, if requested.

Form for exercising the limitation of treatment.

If the request of the interested party is not processed, the person responsible for the treatment will inform him, without delay and at the latest after one month from receipt of the request, of the reasons for his non-action and of the possibility of filing a claim. before the Spanish Agency for Data Protection and to exercise legal actions.

Our duty of confidentiality and secrecy

-The access of unauthorized persons to personal data must be prevented. To this end, it will be avoided to leave personal data exposed to third parties (unattended electronic screens, paper documents in public access areas, supports with personal data, etc.). This consideration includes the screens used to display images from the video surveillance system. When you are absent from work, the screen will be locked or the session will be closed.

-Paper documents and electronic media will be stored in a safe place (closets or rooms with restricted access) 24 hours a day.

-Documents or electronic media (cd, pen drives, hard drives, etc.) with personal data will not be discarded without guaranteeing their effective destruction

-No personal data or any other information of a personal nature will be communicated to third parties, paying special attention not to disclose protected personal data during telephone consultations, emails, etc.

-In the event of personal data security violations, such as theft or improper access to personal data, the Spanish Data Protection Agency will be notified within 72 hours of said security violations. , including all the information necessary to clarify the facts that have given rise to improper access to personal data. The notification will be made by electronic means through the electronic headquarters of the Spanish Agency for Data Protection at the address https:/ /sedeagpd.gob.es/sede-electronica-web/.

Our duty to safeguard

According to the type of treatment that you have revealed when you have completed this form, the minimum security measures that you should take into account are the following:

UPDATE OF COMPUTERS AND DEVICES: The devices and computers used for the storage and processing of personal data must be kept up to date as much as possible.

MALWARE: In the computers and devices where the automated processing of personal data is carried out, there will be an antivirus system that guarantees, to the extent possible, the theft and destruction of personal information and data. The antivirus system must be updated periodically.

FIREWALL OR FIREWALL: To prevent improper remote access to personal data, care will be taken to ensure the existence of an activated and correctly configured firewall on those computers and devices in which data is stored and/or processed. personal data.

DATA ENCRYPTION: When it is necessary to extract personal data outside the premises where it is processed, either by physical or electronic means, the possibility of using an encryption method should be considered. to guarantee the confidentiality of personal data in case of improper access to information.

BACKUP COPY: Periodically, a backup copy will be made on a second medium other than the one used for daily work. The copy will be stored in a safe place, different from the one where the computer with the original files is located, in order to allow the recovery of personal data in case of loss of information.

Webpage rules

We can denny you the service if you breaks any of these rules, the time dennying you the service can be temporal or permanent.

Rules about hacking: when we can denny you the service automatic by a our firewall:

  • You have tried to login into the admin panel, wordpress admin page, or any other administrative.
  • You have tried to steal cookies or to use your own cookies, we have a very hard policy with cookies.
  • You have tried to send us wrong data via POST or GET.
  • You have tried to get down or webpage or security system, or tried to do an SQL inyection.
  • You have tried to login with wrong data too many times, to request too many password recovery codes or even tried to many wrong codes to recover your password.
  • You have tried to exploit the security by any other mean.
  • You have been detected as a bot, in this case we will whitelist at your request, but the software can kick you the first time.

Please to understand that this rules will be changing along the time, making them clear. This automatic rules are made to keep our customers accounts safe, they can show a false positive of attack, this is why we have created a system to remove the ban by yourself if it happens.

Inworld (game) rules

The first times when you're banned from the webpage, you can visit our domain and click on a lick that re-enables you to visit the web-page again, there's a limit of times; when you're over this number of times the ban is permanent, you will need to contact us via discord or email to request access again, we reserve the right to grant you access or to keep you without service on base of what happened before.

Rules of Behaviour: when we can denny you the service manually:

  • Poor "Out of Character" behaviour, nasty language, insults against the community or staff.
  • Ignoring a Game Master or Ignoring an Administrator.
  • Trying to steal an account.
  • Sharing content protected by copyright or any Author Right.
  • Sharing pornographic content of real people.
  • Sharing any photo about minors, this case is very severe and we won't doubt about reporting to the police.
  • Any violation of an European law.

This "Behaviour" rules rules can be punnished by different ways, warnings, soft temporal ban, or permanent ban depending on the severity.

Please to understand that this rules will be changing along the time, making them clear.

Cookies

What is a cookie? Cookies are fragments of information stored in your computer, this information helps the webpages to customize themselves to show you a supposed better experience, but they are used to control the ads. In our case we reject by default all the 3rd cookies and we don't store any personal data at the cookie that we use.

We only do use of a single Functional Cookie, it means that there's no 3rd party cookies.

What does our cookie do?

  • Allows the users to log-in into our webpage.
  • Works as fingerprint to identify you with a random unique string.
  • Allows you to use the interactive elements.
  • Improves the Webpage security.

What we don't do?

  • We don't use cookies from Google or Google analytics for tracking.
  • We don't use any 3rd cookie unless you accept it.
  • We don't store personal data at the cookie.

Third-Party Cookies

You can reject the third-party cookies by clicking the next button or by deleting them from your browser.

If you wish to keep an extra privacy, please to delete your history.